Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Backdoor.Win32.ZAccess.oun/ Backdoor Generic 15.AXLA

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Backdoor.Win32.ZAccess.oun/ Backdoor Generic 15.AXLA

Unread postby bobby8685 » May 19th, 2012, 6:31 am

Hi,

It looks like I may be infected with the following virus:Backdoor.Win32.ZAccess.oun/ Backdoor Generic 15.AXLA. I believe it may be the reason why I cannot access any Https site, especially Gmail.com. Google and other search engines force a redirect upon clicking any links. Any help is appreciated, thanks.

DDS:

DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_31
Run by Robert at 6:24:24 on 2012-05-19
Microsoft Windows 7 Home Premium

6.1.7601.1.1252.1.1033.18.6135.3345 [GMT -4:00]
.
AV: Spyware Doctor with AntiVirus *Disabled/Updated* {2F668A56-D5E0-

2DF1-A0AE-CB1284F42AB2}
AV: AVG Anti-Virus *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-

ADB11639C5F0}
SP: AVG Anti-Virus *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-

96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-

DA132C1ACF46}
SP: Spyware Doctor *Disabled/Updated* {94076BB2-F3DA-227F-9A1E-

F060FF73600F}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Program Files (x86)\AVG\AVG9\avgchsva.exe
C:\Program Files (x86)\AVG\AVG9\avgrsa.exe
C:\Program Files (x86)\AVG\AVG9\avgcsrva.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support

\AppleMobileDeviceService.exe
C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe
C:\Windows\system32\crypserv.exe
C:\Windows\SysWOW64\nlssrv32.exe
C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k regsvc
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\StkCSrv.exe
C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live

\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live

\WLIDSvcM.exe
C:\Program Files (x86)\AVG\AVG9\avgemc.exe
C:\Program Files (x86)\AVG\AVG9\avgcsrvx.exe
C:\Program Files (x86)\AVG\AVG9\avgam.exe
C:\Program Files (x86)\AVG\AVG9\avgnsa.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\AVG\AVG9\avgcsrva.exe
C:\Windows\system32\taskhost.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
C:\Program Files (x86)\AVG\AVG9\avgtray.exe
C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
c:\Program Files\Zune\ZuneNss.exe
C:\Program Files\Common Files\Microsoft Shared\Ink

\InputPersonalization.exe
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\PC Tools\PC Tools Registry Mechanic\update.exe
C:\Program Files (x86)\Spyware Doctor\BDT\BDTUpdateService.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Windows\system32\taskhost.exe
C:\Users\Robert\AppData\Local\Google\Update

\1.3.21.111\GoogleCrashHandler.exe
C:\Users\Robert\AppData\Local\Google\Update

\1.3.21.111\GoogleCrashHandler64.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\SysWOW64\Macromed\Flash

\FlashUtil32_11_2_202_233_ActiveX.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\SysWOW64\ping.exe
C:\Windows\system32\conhost.exe
C:\Users\Robert\AppData\Local\Google\Google Talk Plugin

\googletalkplugin.exe
C:\Windows\sysWOW64\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\system32\notepad.exe
C:\Windows\system32\wbem\WmiApSrv.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\SysWOW64\ping.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\ping.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\DllHost.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/ig
mStart Page = hxxp://www.google.com/ig
mWinlogon: Userinit=userinit.exe,
BHO: IE7Pro BHO: {00011268-e188-40df-a514-835fcd78b1bf} - C:\Program

Files (x86)\IEPro\iepro.dll
BHO: ContributeBHO Class: {074c1dc5-9320-4a9a-947d-c042949c6216} -

C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin

\contributeieplugin.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} -

C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX

\AcroIEHelperShim.dll
BHO: PC Tools Browser Guard BHO: {2a0f3d1b-0909-4ff4-b272-

609cce6054e7} - C:\Program Files (x86)\Spyware Doctor\BDT

\PCTBrowserDefender.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer:

{3049c3e9-b461-4bc5-8870-4c09146192ca} - C:\ProgramData\Real

\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-

1449a49795f4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie

\DivXHTML5\DivXHTML5.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:

\Program Files (x86)\AVG\AVG9\avgssie.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-

d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-

5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared

\Windows Live\WindowsLiveLogin.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-

0445ee161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat

\ActiveX\AcroIEFavClient.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-

9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - C:

\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX

\AcroIEFavClient.dll
TB: Contribute Toolbar: {517bdde4-e3a7-4570-b21e-2b52b6139fc7} - C:

\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin

\contributeieplugin.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - C:\Program

Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: Grab Pro: {c55bbcd6-41ad-48ad-9953-3609c48eacc7} - C:\Program

Files (x86)\IEPro\IEProRecorder.dll
TB: PC Tools Browser Guard: {472734ea-242a-422b-adf8-83d1e48cc825} -

C:\Program Files (x86)\Spyware Doctor\BDT\PCTBrowserDefender.dll
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
uRun: [AdobeBridge]
uRun: [2B390E20C3C24B14098C7DEC978DB109F0CAB431._service_run] "C:

\Users\Robert\AppData\Local\Google\Chrome\Application\chrome.exe" --

type=service
mRun: [AVG9_TRAY] C:\PROGRA~2\AVG\AVG9\avgtray.exe
mRun: [<NO NAME>]
mRun: [Malwarebytes' Anti-Malware] "C:\Program Files

(x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRunOnce: [GrpConv] grpconv -o
StartupFolder: C:\Users\Robert\AppData\Roaming\MICROS~1\Windows

\STARTM~1\Programs\Startup\_UNINS~1.LNK - C:\Users\Robert\AppData

\Local\Temp\_uninst_57465452.bat
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Append Link Target to Existing PDF - C:\Program Files

(x86)\Common Files\Adobe\Acrobat\ActiveX

\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - C:\Program Files (x86)\Common Files

\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common

Files\Adobe\Acrobat\ActiveX

\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe

\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - C:

\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {000002a3-84fe-43f1-b958-f2c3ca804f1a} - {CD275D4E-791A-4993-

9D4D-6A071EDD2709} - C:\Program Files (x86)\IEPro\iepro.dll
IE: {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - {B119EB0C-C021-46CF-

85B0-34A760E0D5FE} - C:\Program Files (x86)\IEPro\iepro.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-

914C-F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-

BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
LSP: mswsock.dll
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: live.com\login
Trusted Zone: soe.com
Trusted Zone: sony.com
Trusted Zone: xbox.com\live
DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} -

hxxp://www.nvidia.com/content/DriverDow ... l_bin/sysr

eqlab_nvd.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} -

hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} -

hxxp://support.dell.com/systemprofiler/ ... emLite.CAB
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} -

hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} -

hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} -

hxxp://content.systemrequirementslab.co ... lobal/bin/

srldetect_intel_4.4.15.0.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} -

hxxp://fpdownload2.macromedia.com/get/s ... swflash.ca

b
DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} -

hxxp://content.systemrequirementslab.co ... lobal/bin/

srldetect_cyri_4.4.13.0.cab
TCP: Interfaces\{80E4F753-79B0-4371-8001-1B1210C94CD7} : NameServer =

208.59.247.45,208.59.247.46
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:

\Program Files (x86)\AVG\AVG9\avgpp.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program

Files (x86)\Windows Live\Photo Gallery

\AlbumDownloadProtocolHandler.dll
BHO-X64: IE7Pro BHO: {00011268-E188-40DF-A514-835FCD78B1BF} - C:

\Program Files (x86)\IEPro\iepro.dll
BHO-X64: IE7Pro - No File
BHO-X64: ContributeBHO Class: {074C1DC5-9320-4A9A-947D-C042949C6216}

- C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin

\contributeieplugin.dll
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-

FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat

\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: PC Tools Browser Guard BHO: {2A0F3D1B-0909-4FF4-B272-

609CCE6054E7} - C:\Program Files (x86)\Spyware Doctor\BDT

\PCTBrowserDefender.dll
BHO-X64: Browser Defender BHO - No File
BHO-X64: RealPlayer Download and Record Plugin for Internet Explorer:

{3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real

\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
BHO-X64: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-

9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web

Player\ie\DivXHTML5\DivXHTML5.dll
BHO-X64: Increase performance and video formats for your HTML5

<video> - No File
BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -

C:\Program Files (x86)\AVG\AVG9\avgssie.dll
BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File
BHO-X64: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-

D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-

5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared

\Windows Live\WindowsLiveLogin.dll
BHO-X64: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-

8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe

\Acrobat\ActiveX\AcroIEFavClient.dll
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-

9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO-X64: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} -

C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX

\AcroIEFavClient.dll
BHO-X64: SmartSelect - No File
TB-X64: Contribute Toolbar: {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} -

C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin

\contributeieplugin.dll
TB-X64: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:

\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX

\AcroIEFavClient.dll
TB-X64: Grab Pro: {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program

Files (x86)\IEPro\IEProRecorder.dll
TB-X64: PC Tools Browser Guard: {472734EA-242A-422B-ADF8-

83D1E48CC825} - C:\Program Files (x86)\Spyware Doctor\BDT

\PCTBrowserDefender.dll
TB-X64: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
mRun-x64: [AVG9_TRAY] C:\PROGRA~2\AVG\AVG9\avgtray.exe
mRun-x64: [(Default)]
mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files

(x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRunOnce-x64: [GrpConv] grpconv -o
Hosts: 0.0.0.0 localhost
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Robert\AppData\Roaming\Mozilla\Firefox

\Profiles\v6b6yo8x.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ig?

hl=en&source=iglk
FF - prefs.js: keyword.URL - hxxp://websearch.search-

results.com/redirect?client=ff&src=kw&tb=GET-

SRS&o=16705&locale=en_US&apn_uid=BC0166FB-FA88-43E0-A157-

C5103FAB4F75&apn_ptnrs=2R&apn_sauid=EAA064AE-52B5-4D21-B0FD-

F22481B464A2&apn_dtid=get001YYUS&q=
FF - prefs.js: network.proxy.type - 0
FF - plugin: C:\Program Files (x86)\Amazon\MP3 Downloader

\npAmazonMP3DownloaderPlugin.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper

\npovshelper.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player

\npdivx32.dll
FF - plugin: C:\Program Files (x86)\Google\Update

\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update

\1.3.21.69\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update

\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update

\1.3.21.99\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin

\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin

\plugin2\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight

\4.1.10111.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins

\npContribute.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins

\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins

\npdnupdater2.dll
FF - plugin: C:\Program Files (x86)\TabletPlugins\npwacom.dll
FF - plugin: C:\Program Files (x86)\Veetle\Player\npvlc.dll
FF - plugin: C:\Program Files (x86)\Veetle\plugins\npVeetle.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery

\NPWLPG.dll
FF - plugin: C:\ProgramData\hanbitsoft\nphlauncher.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin

\MozillaPlugins\nprpchromebrowserrecordext.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin

\MozillaPlugins\nprphtml5videoshim.dll
FF - plugin: C:\Users\Robert\AppData\Local\Google\Update

\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: C:\Users\Robert\AppData\Roaming\Mozilla\plugins

\npgoogletalk.dll
FF - plugin: C:\Users\Robert\AppData\Roaming\Mozilla\plugins

\npgtpo3dautoplugin.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash

\NPSWF32_11_2_202_183.dll
.
---- FIREFOX POLICIES ----
FF - user.js: network.protocol-handler.warn-external.dnupdate -

false);user_pref(network.protocol-handler.warn-external.dnupdate,

false
============= SERVICES / DRIVERS ===============
.
R0 23019978;23019978;C:\Windows\system32\DRIVERS\23019978.sys --> C:

\Windows\system32\DRIVERS\23019978.sys [?]
R0 AvgRkx64;avgrkx64.sys;C:\Windows\system32\Drivers\avgrkx64.sys -->

C:\Windows\system32\Drivers\avgrkx64.sys [?]
R0 PCTCore;PCTools KDS;C:\Windows\system32\drivers\PCTCore64.sys -->

C:\Windows\system32\drivers\PCTCore64.sys [?]
R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:

\Windows\system32\Drivers\PxHlpa64.sys [?]
R1 AvgLdx64;AVG AVI Loader Driver x64;C:\Windows\system32\Drivers

\avgldx64.sys --> C:\Windows\system32\Drivers\avgldx64.sys [?]
R1 AvgMfx64;AVG On-access Scanner Minifilter Driver x64;C:\Windows

\system32\Drivers\avgmfx64.sys --> C:\Windows\system32\Drivers

\avgmfx64.sys [?]
R1 AvgTdiA;AVG Network Redirector x64;C:\Windows\system32\Drivers

\avgtdia.sys --> C:\Windows\system32\Drivers\avgtdia.sys [?]
R2 avg9emc;AVG E-mail Scanner;C:\Program Files (x86)\AVG

\AVG9\avgemc.exe [2010-9-8 921952]
R2 avg9wd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe

[2010-9-8 308136]
R2 BrcmMgmtAgent;Broadcom Management Agent;C:\Program Files\Broadcom

\MgmtAgent\BrcmMgmtAgent.exe [2009-4-17 147456]
R2 Browser Defender Update Service;Browser Defender Update

Service;C:\Program Files (x86)\Spyware Doctor\BDT

\BDTUpdateService.exe [2012-5-18 112592]
R2 cpuz134;cpuz134;\??\C:\Windows\system32\drivers\cpuz134_x64.sys

--> C:\Windows\system32\drivers\cpuz134_x64.sys [?]
R2 cpuz135;cpuz135;\??\C:\Windows\system32\drivers\cpuz135_x64.sys

--> C:\Windows\system32\drivers\cpuz135_x64.sys [?]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes'

Anti-Malware\mbamservice.exe [2012-3-4 652360]
R2 nlsX86cc;Nalpeiron Licensing Service;C:\Windows

\SysWOW64\nlssrv32.exe [2010-12-23 66560]
R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor

service;C:\Program Files (x86)\Common Files\PC Tools\sMonitor

\StartManSvc.exe [2011-12-17 793048]
R2 Sentinel64;Sentinel64;C:\Windows\system32\Drivers\Sentinel64.sys

--> C:\Windows\system32\Drivers\Sentinel64.sys [?]
R2 StkSSrv;Syntek AVStream USB2.0 ATV Service;C:\Windows

\System32\StkCSrv.exe --> C:\Windows\System32\StkCSrv.exe [?]
R2 TabletServiceWacom;TabletServiceWacom;C:\Program Files\Tablet

\Wacom\Wacom_Tablet.exe [2010-11-28 5716848]
R3 hcwhdpvr;Hauppauge HD PVR Capture Device;C:\Windows

\system32\DRIVERS\hcwhdpvr.sys --> C:\Windows\system32\DRIVERS

\hcwhdpvr.sys [?]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;C:

\Windows\system32\DRIVERS\k57nd60a.sys --> C:\Windows

\system32\DRIVERS\k57nd60a.sys [?]
R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers

\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows

\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers

\nvhda64v.sys [?]
R3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\system32\DRIVERS

\wdcsam64.sys --> C:\Windows\system32\DRIVERS\wdcsam64.sys [?]
RUnknown 7546750drv;7546750drv; [x]
RUnknown 77883618;77883618; [x]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN

v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework

\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN

v4.0.30319_X64;C:\Windows\Microsoft.NET

\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files

(x86)\Google\Update\GoogleUpdate.exe [2010-12-11 136176]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:

\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-

1-29 253088]
S3 BroadCamService;BroadCam Video Streaming Server;C:\Program Files

(x86)\NCH Software\BroadCam\broadcam.exe [2010-11-22 1175556]
S3 BrYNSvc;BrYNSvc;C:\Program Files (x86)\Browny02\BrYNSvc.exe [2011

-9-1 245760]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files

(x86)\Google\Update\GoogleUpdate.exe [2010-12-11 136176]
S3 sdAuxService;PC Tools Auxiliary Service;C:\Program Files

(x86)\Spyware Doctor\pctsAuxs.exe [2012-5-18 366840]
S3 sdCoreService;PC Tools Security Service;C:\Program Files

(x86)\Spyware Doctor\pctsSvc.exe [2012-5-18 1142224]
S3 StkCMini;Syntek AVStream USB2.0 ATV;C:\Windows\system32\Drivers

\StkCMini.sys --> C:\Windows\system32\Drivers\StkCMini.sys [?]
S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files

\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:

\Windows\system32\drivers\tsusbflt.sys [?]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers

\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 wacmoumonitor;Wacom Mode Helper;C:\Windows\system32\DRIVERS

\wacmoumonitor.sys --> C:\Windows\system32\DRIVERS\wacmoumonitor.sys

[?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows

\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat

\WatAdminSvc.exe [?]
S3 WMZuneComm;Zune Windows Mobile Connectivity Service;C:\Program

Files\Zune\WMZuneComm.exe [2010-9-24 306416]
.
=============== Created Last 30 ================
.
2012-05-19 02:21:28 8955792 ------w- C:\ProgramData

\Microsoft\Windows Defender\Definition Updates\Updates\mpengine.dll
2012-05-18 23:13:21 767952 ----a-w- C:\Windows

\BDTSupport.dll
2012-05-18 23:13:21 165840 ----a-w- C:\Windows

\PCTBDRes.dll
2012-05-18 23:13:21 1652688 ----a-w- C:\Windows

\PCTBDCore.dll
2012-05-18 23:13:21 149456 ----a-w- C:\Windows

\SGDetectionTool.dll
2012-05-18 23:12:47 306648 ----a-w- C:\Windows

\System32\drivers\pctgntdi64.sys
2012-05-18 23:12:47 133072 ----a-w- C:\Windows

\System32\drivers\pctwfpfilter64.sys
2012-05-18 23:12:43 233488 ----a-w- C:\Windows

\System32\drivers\PCTCore64.sys
2012-05-18 23:12:40 92896 ----a-w- C:\Windows

\System32\drivers\pctplsg64.sys
2012-05-18 23:12:36 -------- d-----w- C:\Users

\Robert\AppData\Roaming\PC Tools
2012-05-18 23:12:36 -------- d-----w- C:\Program

Files (x86)\Spyware Doctor
2012-05-18 16:28:18 -------- d-----w- C:

\ProgramData\Kaspersky Lab
2012-05-18 16:27:25 460888 ----a-w- C:\Windows

\System32\drivers\23019978.sys
2012-05-18 06:46:33 -------- d-sh--w- C:\Windows

\SysWow64\%APPDATA%
2012-05-15 22:15:02 -------- d-----w- C:\Program

Files (x86)\Sonic The Hedgehog 4 - Episode 2
2012-05-15 20:25:31 -------- d-----w- C:\Program

Files (x86)\Diablo III
2012-05-12 21:07:14 -------- d-----w- C:

\ProgramData\3DMGAME
2012-05-12 19:27:15 -------- d-----w- C:\Program

Files (x86)\Sid Meier's Civilization V
2012-05-12 00:13:17 -------- d-----w- C:

\ProgramData\RELOADED
2012-05-10 23:08:21 1544704 ----a-w- C:\Windows

\System32\DWrite.dll
2012-05-10 23:08:21 1077248 ----a-w- C:\Windows

\SysWow64\DWrite.dll
2012-05-10 23:08:18 5559664 ----a-w- C:\Windows

\System32\ntoskrnl.exe
2012-05-10 23:08:17 3146240 ----a-w- C:\Windows

\System32\win32k.sys
2012-05-10 23:08:16 3968368 ----a-w- C:\Windows

\SysWow64\ntkrnlpa.exe
2012-05-10 23:08:15 3913072 ----a-w- C:\Windows

\SysWow64\ntoskrnl.exe
2012-05-10 23:08:02 75120 ----a-w- C:\Windows

\System32\drivers\partmgr.sys
2012-05-10 23:07:58 1918320 ----a-w- C:\Windows

\System32\drivers\tcpip.sys
2012-05-10 23:07:56 936960 ----a-w- C:\Program Files

(x86)\Common Files\Microsoft Shared\ink\journal.dll
2012-05-10 23:07:56 1732096 ----a-w- C:\Program Files

\Windows Journal\NBDoc.DLL
2012-05-10 23:07:56 1402880 ----a-w- C:\Program Files

\Windows Journal\JNWDRV.dll
2012-05-10 23:07:56 1393664 ----a-w- C:\Program Files

\Windows Journal\JNTFiltr.dll
2012-05-10 23:07:56 1367552 ----a-w- C:\Program Files

\Common Files\Microsoft Shared\ink\journal.dll
2012-05-03 16:34:51 -------- d-----w- C:\Program

Files (x86)\The Walking Dead
2012-05-02 04:00:38 -------- d-----w- C:

\ProgramData\CrypKey
2012-05-02 03:56:23 -------- d-----w- C:\Log
2012-05-02 03:54:57 28664 ----a-w- C:\Windows

\System32\Ckldrv.sys
2012-05-02 03:54:57 27648 ----a-r- C:\Windows

\Setup_ck.exe
2012-05-02 03:54:57 18432 ----a-w- C:\Windows

\Setup_ck.dll
2012-05-02 03:54:57 165888 ----a-w- C:\Windows

\Ckconfig.exe
2012-05-02 03:54:57 122880 ----a-w- C:\Windows

\System32\Crypserv.exe
2012-05-02 03:54:57 11776 ----a-w- C:\Windows

\Ckrfresh.exe
2012-05-02 03:54:51 -------- d-----w- C:\Program

Files (x86)\Stellar Phoenix NTFS Data Recovery
2012-05-02 03:40:17 -------- d-----w- C:\Users

\Robert\AppData\Local\APN
2012-05-01 20:38:51 -------- d-----w- C:

\ProgramData\Cached Installations
2012-04-29 18:01:05 -------- d-----w- C:\Users

\Robert\AppData\Local\Risen2
2012-04-29 11:41:35 -------- d-----w- C:\Users

\Robert\AppData\Local\DDMSettings
2012-04-29 10:55:36 -------- d-----w- C:\Program

Files (x86)\Deep Silver
2012-04-20 19:11:54 626688 ----a-w- C:\Program Files

(x86)\Mozilla Firefox\msvcr80.dll
2012-04-20 19:11:54 592824 ----a-w- C:\Program Files

(x86)\Mozilla Firefox\gkmedias.dll
2012-04-20 19:11:54 548864 ----a-w- C:\Program Files

(x86)\Mozilla Firefox\msvcp80.dll
2012-04-20 19:11:54 479232 ----a-w- C:\Program Files

(x86)\Mozilla Firefox\msvcm80.dll
2012-04-20 19:11:54 44472 ----a-w- C:\Program Files

(x86)\Mozilla Firefox\mozglue.dll
2012-04-19 22:33:41 393216 ----a-w- C:\Windows

\SysWow64\MSLUP60.dll
2012-04-19 22:33:40 256768 ----a-w- C:\Windows

\SysWow64\MSLURT.dll
2012-04-19 22:33:40 245408 ----a-w- C:\Windows

\SysWow64\unicows.dll
2012-04-19 22:31:56 189952 ----a-w- C:\Windows

\System32\drivers\hcwhdpvr.sys
.
==================== Find3M ====================
.
2012-04-18 23:40:05 70304 ----a-w- C:\Windows

\SysWow64\FlashPlayerCPLApp.cpl
2012-04-18 23:40:05 418464 ----a-w- C:\Windows

\SysWow64\FlashPlayerApp.exe
2012-04-12 05:18:27 269712 ----a-w- C:\Windows

\SysWow64\PnkBstrB.xtr
2012-04-12 05:18:27 269712 ----a-w- C:\Windows

\SysWow64\PnkBstrB.exe
2012-04-06 00:24:21 269712 ----a-w- C:\Windows

\SysWow64\PnkBstrB.ex0
2012-03-16 23:43:51 499712 ----a-w- C:\Windows

\SysWow64\msvcp71.dll
2012-03-08 03:20:06 472808 ----a-w- C:\Windows

\SysWow64\deployJava1.dll
2012-03-08 01:42:37 384 ----a-w- C:\Windows

\SysWow64\checkOS.bat
2012-03-01 06:46:16 23408 ----a-w- C:\Windows

\System32\drivers\fs_rec.sys
2012-03-01 06:38:27 220672 ----a-w- C:\Windows

\System32\wintrust.dll
2012-03-01 06:33:50 81408 ----a-w- C:\Windows

\System32\imagehlp.dll
2012-03-01 06:28:47 5120 ----a-w- C:\Windows

\System32\wmi.dll
2012-03-01 05:37:41 172544 ----a-w- C:\Windows

\SysWow64\wintrust.dll
2012-03-01 05:33:23 159232 ----a-w- C:\Windows

\SysWow64\imagehlp.dll
2012-03-01 05:29:16 5120 ----a-w- C:\Windows

\SysWow64\wmi.dll
2012-03-01 03:41:04 76888 ----a-w- C:\Windows

\SysWow64\PnkBstrA.exe
2012-02-29 13:38:00 3130440 ----a-w- C:\Windows

\SysWow64\pbsvc_blr (1).exe
2012-02-28 06:56:48 2311168 ----a-w- C:\Windows

\System32\jscript9.dll
2012-02-28 06:49:56 1390080 ----a-w- C:\Windows

\System32\wininet.dll
2012-02-28 06:48:57 1493504 ----a-w- C:\Windows

\System32\inetcpl.cpl
2012-02-28 06:42:55 2382848 ----a-w- C:\Windows

\System32\mshtml.tlb
2012-02-28 01:18:55 1799168 ----a-w- C:\Windows

\SysWow64\jscript9.dll
2012-02-28 01:11:21 1427456 ----a-w- C:\Windows

\SysWow64\inetcpl.cpl
2012-02-28 01:11:07 1127424 ----a-w- C:\Windows

\SysWow64\wininet.dll
2012-02-28 01:03:16 2382848 ----a-w- C:\Windows

\SysWow64\mshtml.tlb
2012-02-23 14:18:36 279656 ------w- C:\Windows

\System32\MpSigStub.exe
.
============= FINISH: 6:25:42.20 ===============


Attach
You do not have the required permissions to view the files attached to this post.
bobby8685
Active Member
 
Posts: 3
Joined: May 18th, 2012, 7:45 pm
Advertisement
Register to Remove

Re: Backdoor.Win32.ZAccess.oun/ Backdoor Generic 15.AXLA

Unread postby askey127 » May 19th, 2012, 8:56 am

Hi bobby8685,
You have too many Antivirus programs running. This will reduce your protection.
Choose to keep AVG or Spyware Doctor and Uninstall the other.
-----------------------------------------------
Please Note Our Policy on the Use of P2P (Person to Person / Peer to Peer) file sharing programs
It is posted here: http://malwareremoval.com/forum/viewtopic.php?p=491394#p491394
As a condition of receiving our help, I have included the P2P program µTorrent in the removal instructions below, so we are not wasting our time.
If you have used this, and your computer is infected, you can be fairly confident this is a principal reason.

It's really important, if you value your PC at all, to stay away from P2P file sharing programs, like µTorrent, Bittorrent, Azureus, Frostwire, Vuze, Shareaza, Bitlord.
Criminals have "planted" thousands upon thousands of infections in the "free" shared files.
Virtually all of these recent infections will compromise your Security, and some can turn your machine into a useless "doorstop".
------------------------------------------------
Remove Programs Using Control Panel
From Start, Control Panel, click on Programs and Features
Click each Entry, as follows, one by one, if it exists, choose Uninstall, and give permission to Continue:

µTorrent
PC Tools Registry Mechanic 11.0

Uninstall either AVG 9.0 or Spyware Doctor 7.0
(Not both)
Take extra care in answering questions posed by any Uninstaller.
------------------------------------------------
Open Notepad, click Format, and make sure Word Wrap is NOT checked.
If Word Wrap is checked, click it, and click Format again to make sure Word Wrap is now UNchecked.
Leave Notepad in this mode for all replies to this forum.
The logs are more difficult to analyze with Word Wrap ON.
-----------------------------------------------------------
REBOOT (RESTART) Your Machine
------------------------------------------------
Run CKScanner
Download CKScanner from HERE
Important - Save it to your desktop.
Right-Click CKScanner.exe, choose Run as administrator and click Search For Files.
After a couple minutes or less, when the cursor hourglass disappears, click Save List To File.
A message box will verify the file saved. Please run the program just once.
Double-click the CKFiles.txt icon on your desktop, give permission if asked, and copy/paste the contents in your next reply.
--------------------------------------------
TDSSKiller - Rootkit Removal Tool
Please download the TDSSKiller.exe by Kaspersky... save it to your Desktop. <-Important!!!
  1. Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
    (Vista - W7 users: Right-click and select "Run As Administrator")
    If TDSSKiller does not run... rename it. Right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. ektfhtw.com).
    If you don't see file extensions, please see: How to change the file extension.
    If you try to change the filename and extension, you may get a warning message from Windows because of the change of file extension. OK the change.
  2. Click the Start Scan button. Do not use the computer during the scan!
  3. If the scan completes with nothing found, click Close to exit.
  4. If malicious objects are found, they will show in the "Scan results - Select action for found objects" and offer 3 options.
    • Ensure Cure (default) is selected... then click Continue > Reboot now to finish the cleaning process.
    • If Cure is not offered as an option, choose Skip.
  5. A log file named TDSSKiller_version_dd.mm.yyyy_hh.mm.ss_log.txt will be created and saved to the main directory of C:
    (the dd.mm.yyyy_hh.mm.ss numbers in the filename represent the time/date stamp)
  6. Copy and paste the contents of that file in your next reply.
If, for some reason,you can't locate the text file to paste into your reply, just tell me, but DO NOT run the program a second time.

So we are looking for the CKScanner results, and contents of the TDSSKiller log.

askey127
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 14025
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: Backdoor.Win32.ZAccess.oun/ Backdoor Generic 15.AXLA

Unread postby bobby8685 » May 19th, 2012, 2:59 pm

CKScanner results:
CKScanner - Additional Security Risks - These are not necessarily bad
c:\program files\adobe\adobe premiere pro cs5\plug-ins\en_us\vstplugins\decrackler1.dll
c:\program files\adobe\adobe premiere pro cs5\plug-ins\en_us\vstplugins\decrackler2.dll
c:\program files\adobe\adobe premiere pro cs5\plug-ins\en_us\vstplugins\decrackler6.dll
c:\program files (x86)\adobe\adobe flash catalyst cs5\plugins\com.adobe.thermo.core_1.0.0.273393\com\adobe\thermo\undo\thermoundosystem$undoabledocumentchangecracker.class
c:\program files (x86)\adobe\adobe photoshop cs5\presets\brushes\rons_cracks.abr
c:\program files (x86)\adobe\adobe photoshop cs5\presets\brushes\rons_cracks_ii.abr
c:\program files (x86)\adobe\adobe photoshop cs5\presets\brushes\room122_sidewalk_cracks.abr
c:\program files (x86)\common files\adobe\adobe contribute cs5\app\configuration\browsers\mozilla run time libraries\dist\idl\nsikeygenthread.idl
c:\program files (x86)\common files\adobe\adobe contribute cs5\app\configuration\browsers\mozilla run time libraries\dist\include\nsikeygenthread.h
c:\program files (x86)\jdownloader\jd\plugins\hoster\crackedcom.class
c:\program files (x86)\steam\steamapps\common\dear esther\dearesther\materials\esther\decals\cracks_001.vmt
c:\program files (x86)\steam\steamapps\common\dear esther\dearesther\materials\esther\decals\cracks_001.vtf
c:\program files (x86)\steam\steamapps\common\dear esther\dearesther\materials\esther\decals\cracks_002.vmt
c:\program files (x86)\steam\steamapps\common\dear esther\dearesther\materials\esther\decals\cracks_002.vtf
c:\program files (x86)\steam\steamapps\common\dear esther\dearesther\materials\esther\decals\cracks_003.vmt
c:\program files (x86)\steam\steamapps\common\dear esther\dearesther\materials\esther\decals\cracks_003.vtf
c:\program files (x86)\steam\steamapps\common\dear esther\dearesther\materials\models\esther\donnely\cracks_001.vmt
c:\program files (x86)\steam\steamapps\common\dear esther\dearesther\materials\models\esther\donnely\cracks_002.vmt
c:\program files (x86)\steam\steamapps\common\dear esther\dearesther\materials\models\esther\donnely\cracks_003.vmt
c:\program files (x86)\steam\steamapps\common\magicka\content\levels\textures\surface\nature\ground\dirt01_cracked_0.xnb
c:\program files (x86)\steam\steamapps\common\magicka\content\levels\textures\surface\nature\ground\dirt01_cracked_nrm_0.xnb
c:\program files (x86)\steam\steamapps\common\magicka\content\levels\textures\surface\structure\stone\pillar_cracked00_0.xnb
c:\program files (x86)\steam\steamapps\common\magicka\content\levels\textures\surface\structure\stone\pillar_cracked00_nrm02_0.xnb
c:\program files (x86)\steam\steamapps\common\magicka\content\levels\textures\surface\structure\stone\wall_cracked00_0.xnb
c:\program files (x86)\steam\steamapps\common\magicka\content\levels\textures\surface\structure\stone\wall_cracked01_0.xnb
c:\program files (x86)\steam\steamapps\common\magicka\content\levels\textures\surface\structure\stone\wall_cracked_nrm_0.xnb
c:\program files (x86)\steam\steamapps\common\nation red\textures\fx\craters\crack.tga
c:\program files (x86)\steam\steamapps\common\nation red\textures\fx\craters\crackburn.tga
c:\program files (x86)\steam\steamapps\common\nation red\textures\fx\craters\crack_nrm.tga
c:\program files (x86)\superantispyware\keygen.exe
c:\program files (x86)\the elder scrolls v skyrim\data\textures\architecture\windhelm\wholdcrackedbrick.dds
c:\program files (x86)\the elder scrolls v skyrim\data\textures\architecture\windhelm\wholdcrackedbrick2.dds
c:\users\robert\documents\battlefield play4free\mods\main\cache\{d7b71e3e-4960-11cf-6664-96261cc2c535}_218075_4\rashaderstmbasedetailcrack.cfx
c:\users\robert\documents\battlefield play4free\mods\main\cache\{d7b71e3e-4960-11cf-6664-96261cc2c535}_218075_4\rashaderstmbasedetailcrackalphatest.cfx
c:\users\robert\documents\battlefield play4free\mods\main\cache\{d7b71e3e-4960-11cf-6664-96261cc2c535}_218075_4\rashaderstmbasedetailcrackalphatestlightmap.cfx
c:\users\robert\documents\battlefield play4free\mods\main\cache\{d7b71e3e-4960-11cf-6664-96261cc2c535}_218075_4\rashaderstmbasedetailcrackalphatestlightmapshadow.cfx
c:\users\robert\documents\battlefield play4free\mods\main\cache\{d7b71e3e-4960-11cf-6664-96261cc2c535}_218075_4\rashaderstmbasedetailcrackalphatestpointlight.cfx
c:\users\robert\documents\battlefield play4free\mods\main\cache\{d7b71e3e-4960-11cf-6664-96261cc2c535}_218075_4\rashaderstmbasedetailcrackalphatestshadow.cfx
c:\users\robert\documents\battlefield play4free\mods\main\cache\{d7b71e3e-4960-11cf-6664-96261cc2c535}_218075_4\rashaderstmbasedetailcrackenvmap.cfx
c:\users\robert\documents\battlefield play4free\mods\main\cache\{d7b71e3e-4960-11cf-6664-96261cc2c535}_218075_4\rashaderstmbasedetailcrackenvmapalphatest.cfx
c:\users\robert\documents\battlefield play4free\mods\main\cache\{d7b71e3e-4960-11cf-6664-96261cc2c535}_218075_4\rashaderstmbasedetailcrackenvmapalphatestlightmap.cfx
c:\users\robert\documents\battlefield play4free\mods\main\cache\{d7b71e3e-4960-11cf-6664-96261cc2c535}_218075_4\rashaderstmbasedetailcrackenvmapalphatestlightmapshadow.cfx
c:\users\robert\documents\battlefield play4free\mods\main\cache\{d7b71e3e-4960-11cf-6664-96261cc2c535}_218075_4\rashaderstmbasedetailcrackenvmapalphatestpointlight.cfx
c:\users\robert\documents\battlefield play4free\mods\main\cache\{d7b71e3e-4960-11cf-6664-96261cc2c535}_218075_4\rashaderstmbasedetailcrackenvmapalphatestshadow.cfx
c:\users\robert\documents\battlefield play4free\mods\main\cache\{d7b71e3e-4960-11cf-6664-96261cc2c535}_218075_4\rashaderstmbasedetailcrackenvmaplightmap.cfx
c:\users\robert\documents\battlefield play4free\mods\main\cache\{d7b71e3e-4960-11cf-6664-96261cc2c535}_218075_4\rashaderstmbasedetailcrackenvmaplightmapshadow.cfx
c:\users\robert\documents\battlefield play4free\mods\main\cache\{d7b71e3e-4960-11cf-6664-96261cc2c535}_218075_4\rashaderstmbasedetailcrackenvmappointlight.cfx
c:\users\robert\documents\battlefield play4free\mods\main\cache\{d7b71e3e-4960-11cf-6664-96261cc2c535}_218075_4\rashaderstmbasedetailcrackenvmapshadow.cfx
c:\users\robert\documents\battlefield play4free\mods\main\cache\{d7b71e3e-4960-11cf-6664-96261cc2c535}_218075_4\rashaderstmbasedetailcracklightmap.cfx
c:\users\robert\documents\battlefield play4free\mods\main\cache\{d7b71e3e-4960-11cf-6664-96261cc2c535}_218075_4\rashaderstmbasedetailcracklightmapshadow.cfx
c:\users\robert\documents\battlefield play4free\mods\main\cache\{d7b71e3e-4960-11cf-6664-96261cc2c535}_218075_4\rashaderstmbasedetailcrackndetailncrack.cfx
c:\users\robert\documents\battlefield play4free\mods\main\cache\{d7b71e3e-4960-11cf-6664-96261cc2c535}_218075_4\rashaderstmbasedetailcrackndetailncrackalphatest.cfx
c:\users\robert\documents\battlefield play4free\mods\main\cache\{d7b71e3e-4960-11cf-6664-96261cc2c535}_218075_4\rashaderstmbasedetailcrackndetailncrackalphatestlightmap.cfx
c:\users\robert\documents\battlefield play4free\mods\main\cache\{d7b71e3e-4960-11cf-6664-96261cc2c535}_218075_4\rashaderstmbasedetailcrackndetailncrackalphatestlightmapshadow.cfx
c:\users\robert\documents\battlefield play4free\mods\main\cache\{d7b71e3e-4960-11cf-6664-96261cc2c535}_218075_4\rashaderstmbasedetailcrackndetailncrackalphatestpointlight.cfx
c:\users\robert\documents\battlefield play4free\mods\main\cache\{d7b71e3e-4960-11cf-6664-96261cc2c535}_218075_4\rashaderstmbasedetailcrackndetailncrackalphatestshadow.cfx
c:\users\robert\documents\battlefield play4free\mods\main\cache\{d7b71e3e-4960-11cf-6664-96261cc2c535}_218075_4\rashaderstmbasedetailcrackndetailncrackenvmap.cfx
c:\users\robert\documents\battlefield play4free\mods\main\cache\{d7b71e3e-4960-11cf-6664-96261cc2c535}_218075_4\rashaderstmbasedetailcrackndetailncrackenvmapalphatest.cfx
c:\users\robert\documents\battlefield play4free\mods\main\cache\{d7b71e3e-4960-11cf-6664-96261cc2c535}_218075_4\rashaderstmbasedetailcrackndetailncrackenvmapalphatestlightmap.cfx
c:\users\robert\documents\battlefield play4free\mods\main\cache\{d7b71e3e-4960-11cf-6664-96261cc2c535}_218075_4\rashaderstmbasedetailcrackndetailncrackenvmapalphatestlightmapshadow.cfx
c:\users\robert\documents\battlefield play4free\mods\main\cache\{d7b71e3e-4960-11cf-6664-96261cc2c535}_218075_4\rashaderstmbasedetailcrackndetailncrackenvmapalphatestpointlight.cfx
c:\users\robert\documents\battlefield play4free\mods\main\cache\{d7b71e3e-4960-11cf-6664-96261cc2c535}_218075_4\rashaderstmbasedetailcrackndetailncrackenvmapalphatestshadow.cfx
c:\users\robert\documents\battlefield play4free\mods\main\cache\{d7b71e3e-4960-11cf-6664-96261cc2c535}_218075_4\rashaderstmbasedetailcrackndetailncrackenvmaplightmap.cfx
c:\users\robert\documents\battlefield play4free\mods\main\cache\{d7b71e3e-4960-11cf-6664-96261cc2c535}_218075_4\rashaderstmbasedetailcrackndetailncrackenvmaplightmapshadow.cfx
c:\users\robert\documents\battlefield play4free\mods\main\cache\{d7b71e3e-4960-11cf-6664-96261cc2c535}_218075_4\rashaderstmbasedetailcrackndetailncrackenvmappointlight.cfx
c:\users\robert\documents\battlefield play4free\mods\main\cache\{d7b71e3e-4960-11cf-6664-96261cc2c535}_218075_4\rashaderstmbasedetailcrackndetailncrackenvmapshadow.cfx
c:\users\robert\documents\battlefield play4free\mods\main\cache\{d7b71e3e-4960-11cf-6664-96261cc2c535}_218075_4\rashaderstmbasedetailcrackndetailncracklightmap.cfx
c:\users\robert\documents\battlefield play4free\mods\main\cache\{d7b71e3e-4960-11cf-6664-96261cc2c535}_218075_4\rashaderstmbasedetailcrackndetailncracklightmapshadow.cfx
c:\users\robert\documents\battlefield play4free\mods\main\cache\{d7b71e3e-4960-11cf-6664-96261cc2c535}_218075_4\rashaderstmbasedetailcrackndetailncrackparallaxdetail.cfx
c:\users\robert\documents\battlefield play4free\mods\main\cache\{d7b71e3e-4960-11cf-6664-96261cc2c535}_218075_4\rashaderstmbasedetailcrackndetailncrackparallaxdetailalphatest.cfx
c:\users\robert\documents\battlefield play4free\mods\main\cache\{d7b71e3e-4960-11cf-6664-96261cc2c535}_218075_4\rashaderstmbasedetailcrackndetailncrackparallaxdetailalphatestlightmap.cfx
c:\users\robert\documents\battlefield play4free\mods\main\cache\{d7b71e3e-4960-11cf-6664-96261cc2c535}_218075_4\rashaderstmbasedetailcrackndetailncrackparallaxdetailalphatestlightmapshadow.cfx
c:\users\robert\documents\battlefield play4free\mods\main\cache\{d7b71e3e-4960-11cf-6664-96261cc2c535}_218075_4\rashaderstmbasedetailcrackndetailncrackparallaxdetailalphatestpointlight.cfx
c:\users\robert\documents\battlefield play4free\mods\main\cache\{d7b71e3e-4960-11cf-6664-96261cc2c535}_218075_4\rashaderstmbasedetailcrackndetailncrackparallaxdetailalphatestshadow.cfx
c:\users\robert\documents\battlefield play4free\mods\main\cache\{d7b71e3e-4960-11cf-6664-96261cc2c535}_218075_4\rashaderstmbasedetailcrackndetailncrackparallaxdetaillightmap.cfx
c:\users\robert\documents\battlefield play4free\mods\main\cache\{d7b71e3e-4960-11cf-6664-96261cc2c535}_218075_4\rashaderstmbasedetailcrackndetailncrackparallaxdetaillightmapshadow.cfx
c:\users\robert\documents\battlefield play4free\mods\main\cache\{d7b71e3e-4960-11cf-6664-96261cc2c535}_218075_4\rashaderstmbasedetailcrackndetailncrackparallaxdetailpointlight.cfx
c:\users\robert\documents\battlefield play4free\mods\main\cache\{d7b71e3e-4960-11cf-6664-96261cc2c535}_218075_4\rashaderstmbasedetailcrackndetailncrackparallaxdetailshadow.cfx
c:\users\robert\documents\battlefield play4free\mods\main\cache\{d7b71e3e-4960-11cf-6664-96261cc2c535}_218075_4\rashaderstmbasedetailcrackndetailncrackpointlight.cfx
c:\users\robert\documents\battlefield play4free\mods\main\cache\{d7b71e3e-4960-11cf-6664-96261cc2c535}_218075_4\rashaderstmbasedetailcrackndetailncrackshadow.cfx
c:\users\robert\documents\battlefield play4free\mods\main\cache\{d7b71e3e-4960-11cf-6664-96261cc2c535}_218075_4\rashaderstmbasedetailcrackpointlight.cfx
c:\users\robert\documents\battlefield play4free\mods\main\cache\{d7b71e3e-4960-11cf-6664-96261cc2c535}_218075_4\rashaderstmbasedetailcrackshadow.cfx
c:\users\robert\documents\battlefield play4free\mods\main\cache\{d7b71e3e-4960-11cf-6664-96261cc2c535}_218075_4\rashaderstmbasedetaildirtcrack.cfx
c:\users\robert\documents\battlefield play4free\mods\main\cache\{d7b71e3e-4960-11cf-6664-96261cc2c535}_218075_4\rashaderstmbasedetaildirtcrackalphatest.cfx
c:\users\robert\documents\battlefield play4free\mods\main\cache\{d7b71e3e-4960-11cf-6664-96261cc2c535}_218075_4\rashaderstmbasedetaildirtcrackalphatestlightmap.cfx
c:\users\robert\documents\battlefield play4free\mods\main\cache\{d7b71e3e-4960-11cf-6664-96261cc2c535}_218075_4\rashaderstmbasedetaildirtcrackalphatestlightmapshadow.cfx
c:\users\robert\documents\battlefield play4free\mods\main\cache\{d7b71e3e-4960-11cf-6664-96261cc2c535}_218075_4\rashaderstmbasedetaildirtcrackalphatestpointlight.cfx
c:\users\robert\documents\battlefield play4free\mods\main\cache\{d7b71e3e-4960-11cf-6664-96261cc2c535}_218075_4\rashaderstmbasedetaildirtcrackalphatestshadow.cfx
c:\users\robert\documents\battlefield play4free\mods\main\cache\{d7b71e3e-4960-11cf-6664-96261cc2c535}_218075_4\rashaderstmbasedetaildirtcracklightmap.cfx
c:\users\robert\documents\battlefield play4free\mods\main\cache\{d7b71e3e-4960-11cf-6664-96261cc2c535}_218075_4\rashaderstmbasedetaildirtcracklightmapshadow.cfx
c:\users\robert\documents\battlefield play4free\mods\main\cache\{d7b71e3e-4960-11cf-6664-96261cc2c535}_218075_4\rashaderstmbasedetaildirtcrackndetailncrack.cfx
c:\users\robert\documents\battlefield play4free\mods\main\cache\{d7b71e3e-4960-11cf-6664-96261cc2c535}_218075_4\rashaderstmbasedetaildirtcrackndetailncrackalphatest.cfx
c:\users\robert\documents\battlefield play4free\mods\main\cache\{d7b71e3e-4960-11cf-6664-96261cc2c535}_218075_4\rashaderstmbasedetaildirtcrackndetailncrackalphatestlightmap.cfx
c:\users\robert\documents\battlefield play4free\mods\main\cache\{d7b71e3e-4960-11cf-6664-96261cc2c535}_218075_4\rashaderstmbasedetaildirtcrackndetailncrackalphatestlightmapshadow.cfx
c:\users\robert\documents\battlefield play4free\mods\main\cache\{d7b71e3e-4960-11cf-6664-96261cc2c535}_218075_4\rashaderstmbasedetaildirtcrackndetailncrackalphatestpointlight.cfx
c:\users\robert\documents\battlefield play4free\mods\main\cache\{d7b71e3e-4960-11cf-6664-96261cc2c535}_218075_4\rashaderstmbasedetaildirtcrackndetailncrackalphatestshadow.cfx
c:\users\robert\documents\battlefield play4free\mods\main\cache\{d7b71e3e-4960-11cf-6664-96261cc2c535}_218075_4\rashaderstmbasedetaildirtcrackndetailncracklightmap.cfx
c:\users\robert\documents\battlefield play4free\mods\main\cache\{d7b71e3e-4960-11cf-6664-96261cc2c535}_218075_4\rashaderstmbasedetaildirtcrackndetailncracklightmapshadow.cfx
c:\users\robert\documents\battlefield play4free\mods\main\cache\{d7b71e3e-4960-11cf-6664-96261cc2c535}_218075_4\rashaderstmbasedetaildirtcrackndetailncrackparallaxdetail.cfx
c:\users\robert\documents\battlefield play4free\mods\main\cache\{d7b71e3e-4960-11cf-6664-96261cc2c535}_218075_4\rashaderstmbasedetaildirtcrackndetailncrackparallaxdetailalphatest.cfx
c:\users\robert\documents\battlefield play4free\mods\main\cache\{d7b71e3e-4960-11cf-6664-96261cc2c535}_218075_4\rashaderstmbasedetaildirtcrackndetailncrackparallaxdetailalphatestlightmap.cfx
c:\users\robert\documents\battlefield play4free\mods\main\cache\{d7b71e3e-4960-11cf-6664-96261cc2c535}_218075_4\rashaderstmbasedetaildirtcrackndetailncrackparallaxdetailalphatestlightmapshadow.cfx
c:\users\robert\documents\battlefield play4free\mods\main\cache\{d7b71e3e-4960-11cf-6664-96261cc2c535}_218075_4\rashaderstmbasedetaildirtcrackndetailncrackparallaxdetailalphatestpointlight.cfx
c:\users\robert\documents\battlefield play4free\mods\main\cache\{d7b71e3e-4960-11cf-6664-96261cc2c535}_218075_4\rashaderstmbasedetaildirtcrackndetailncrackparallaxdetailalphatestshadow.cfx
c:\users\robert\documents\battlefield play4free\mods\main\cache\{d7b71e3e-4960-11cf-6664-96261cc2c535}_218075_4\rashaderstmbasedetaildirtcrackndetailncrackparallaxdetaillightmap.cfx
c:\users\robert\documents\battlefield play4free\mods\main\cache\{d7b71e3e-4960-11cf-6664-96261cc2c535}_218075_4\rashaderstmbasedetaildirtcrackndetailncrackparallaxdetaillightmapshadow.cfx
c:\users\robert\documents\battlefield play4free\mods\main\cache\{d7b71e3e-4960-11cf-6664-96261cc2c535}_218075_4\rashaderstmbasedetaildirtcrackndetailncrackparallaxdetailpointlight.cfx
c:\users\robert\documents\battlefield play4free\mods\main\cache\{d7b71e3e-4960-11cf-6664-96261cc2c535}_218075_4\rashaderstmbasedetaildirtcrackndetailncrackparallaxdetailshadow.cfx
c:\users\robert\documents\battlefield play4free\mods\main\cache\{d7b71e3e-4960-11cf-6664-96261cc2c535}_218075_4\rashaderstmbasedetaildirtcrackndetailncrackpointlight.cfx
c:\users\robert\documents\battlefield play4free\mods\main\cache\{d7b71e3e-4960-11cf-6664-96261cc2c535}_218075_4\rashaderstmbasedetaildirtcrackndetailncrackshadow.cfx
c:\users\robert\documents\battlefield play4free\mods\main\cache\{d7b71e3e-4960-11cf-6664-96261cc2c535}_218075_4\rashaderstmbasedetaildirtcrackpointlight.cfx
c:\users\robert\documents\battlefield play4free\mods\main\cache\{d7b71e3e-4960-11cf-6664-96261cc2c535}_218075_4\rashaderstmbasedetaildirtcrackshadow.cfx
c:\users\robert\downloads\adobe premier pro 2.0\adobe premier pro 2.0\premiere\crack\keygen.exe
c:\users\robert\downloads\adobe premier pro 2.0\adobe premier pro 2.0\premiere\crack\magnitude.nfo
c:\users\robert\downloads\pc tools registry mechanic v11.0.1.716 + keygen\pc tools registry mechanic v11.0.1.716 + keygen.rar
c:\users\robert\downloads\sony vegas pro 10.0c\sony vegas pro 10.0c 32bit 64bit with cracks\sony vegas pro 10 install.txt
c:\users\robert\downloads\sony vegas pro 10.0c\sony vegas pro 10.0c 32bit 64bit with cracks\vegaspro100c_32bit.exe
c:\users\robert\downloads\sony vegas pro 10.0c\sony vegas pro 10.0c 32bit 64bit with cracks\vegaspro100c_64bit.exe
c:\users\robert\downloads\sony vegas pro 10.0c\sony vegas pro 10.0c 32bit 64bit with cracks\keygen_for_64bit_only\sound forge 10 bugfix.reg
c:\users\robert\downloads\sony vegas pro 10.0c\sony vegas pro 10.0c 32bit 64bit with cracks\patch_for_32bit_only\sound forge 10 bugfix.reg
c:\users\robert\downloads\stellar phoenix ntfs data recovery 4.1 with crack\stellarphoenixntfsdatarecovery.exe
c:\users\robert\downloads\stellar phoenix ntfs data recovery 4.1 with crack\crack\spn.exe
c:\users\robert\downloads\stellar phoenix ntfs data recovery 4.1 with crack\other\torrent downloaded from ahashare.com.txt
c:\users\robert\downloads\stellar phoenix ntfs data recovery 4.1 with crack\other\torrent downloaded from demonoid.me.txt
c:\users\robert\downloads\stellar phoenix ntfs data recovery 4.1 with crack\other\torrent downloaded from digtorrent.org.txt
c:\users\robert\downloads\stellar phoenix ntfs data recovery 4.1 with crack\other\torrent downloaded from extratorrent.com.txt
hosts 127.0.0.1 activate.adobe.com
hosts 127.0.0.1 practivate.adobe.com
hosts 127.0.0.1 activate.adobe.com
hosts 127.0.0.1 practivate.adobe.com
hosts 127.0.0.1 ereg.adobe.com
hosts 127.0.0.1 activate.wip3.adobe.com
hosts 127.0.0.1 wip3.adobe.com
hosts 127.0.0.1 3dns-3.adobe.com
hosts 127.0.0.1 3dns-2.adobe.com
hosts 127.0.0.1 adobe-dns.adobe.com
hosts 127.0.0.1 adobe-dns-2.adobe.com
hosts 127.0.0.1 adobe-dns-3.adobe.com
hosts 127.0.0.1 ereg.wip3.adobe.com
hosts 127.0.0.1 activate-sea.adobe.com
hosts 127.0.0.1 wwis-dubc1-vip60.adobe.com
hosts 127.0.0.1 activate-sjc0.adobe.com
scanner sequence 3.ZZ.11.FWAPXO
----- EOF -----

TDSSKiller log
14:56:45.0929 5984 TDSS rootkit removing tool 2.7.35.0 May 16 2012 07:37:57
14:56:46.0184 5984 ============================================================
14:56:46.0184 5984 Current date / time: 2012/05/19 14:56:46.0184
14:56:46.0184 5984 SystemInfo:
14:56:46.0184 5984
14:56:46.0184 5984 OS Version: 6.1.7601 ServicePack: 1.0
14:56:46.0184 5984 Product type: Workstation
14:56:46.0184 5984 ComputerName: ROBERT-PC
14:56:46.0184 5984 UserName: Robert
14:56:46.0184 5984 Windows directory: C:\Windows
14:56:46.0184 5984 System windows directory: C:\Windows
14:56:46.0184 5984 Running under WOW64
14:56:46.0184 5984 Processor architecture: Intel x64
14:56:46.0184 5984 Number of processors: 8
14:56:46.0184 5984 Page size: 0x1000
14:56:46.0184 5984 Boot type: Normal boot
14:56:46.0184 5984 ============================================================
14:56:47.0089 5984 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:56:47.0099 5984 Drive \Device\Harddisk5\DR5 - Size: 0x746EC00000 (465.73 Gb), SectorSize: 0x200, Cylinders: 0xED7D, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
14:56:47.0204 5984 ============================================================
14:56:47.0204 5984 \Device\Harddisk0\DR0:
14:56:47.0204 5984 MBR partitions:
14:56:47.0204 5984 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1D4C000
14:56:47.0204 5984 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1D60000, BlocksNum 0x48AF7AB0
14:56:47.0204 5984 \Device\Harddisk5\DR5:
14:56:47.0204 5984 MBR partitions:
14:56:47.0204 5984 \Device\Harddisk5\DR5\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A375800
14:56:47.0204 5984 ============================================================
14:56:47.0234 5984 C: <-> \Device\Harddisk0\DR0\Partition1
14:56:47.0264 5984 K: <-> \Device\Harddisk0\DR0\Partition0
14:56:47.0284 5984 L: <-> \Device\Harddisk5\DR5\Partition0
14:56:47.0284 5984 ============================================================
14:56:47.0284 5984 Initialize success
14:56:47.0284 5984 ============================================================
14:57:10.0454 6108 ============================================================
14:57:10.0454 6108 Scan started
14:57:10.0454 6108 Mode: Manual;
14:57:10.0454 6108 ============================================================
14:57:11.0589 6108 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
14:57:11.0589 6108 1394ohci - ok
14:57:11.0654 6108 ACDaemon - ok
14:57:11.0724 6108 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
14:57:11.0724 6108 ACPI - ok
14:57:11.0764 6108 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
14:57:11.0769 6108 AcpiPmi - ok
14:57:11.0829 6108 Adobe LM Service (8b46d5a1d3ef08232c04d0eafb871fb2) C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
14:57:11.0829 6108 Adobe LM Service - ok
14:57:11.0954 6108 AdobeFlashPlayerUpdateSvc (459ac130c6ab892b1cd5d7544626efc5) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
14:57:11.0959 6108 AdobeFlashPlayerUpdateSvc - ok
14:57:12.0019 6108 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
14:57:12.0024 6108 adp94xx - ok
14:57:12.0059 6108 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
14:57:12.0064 6108 adpahci - ok
14:57:12.0079 6108 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
14:57:12.0084 6108 adpu320 - ok
14:57:12.0124 6108 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
14:57:12.0124 6108 AeLookupSvc - ok
14:57:12.0254 6108 Afc (0d0e5281784c2c526ba43c2ecd374288) C:\Windows\syswow64\drivers\Afc.sys
14:57:12.0254 6108 Afc - ok
14:57:12.0314 6108 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
14:57:12.0319 6108 AFD - ok
14:57:12.0359 6108 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
14:57:12.0359 6108 agp440 - ok
14:57:12.0394 6108 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
14:57:12.0394 6108 ALG - ok
14:57:12.0434 6108 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
14:57:12.0434 6108 aliide - ok
14:57:12.0439 6108 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
14:57:12.0439 6108 amdide - ok
14:57:12.0484 6108 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
14:57:12.0484 6108 AmdK8 - ok
14:57:12.0499 6108 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
14:57:12.0499 6108 AmdPPM - ok
14:57:12.0514 6108 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
14:57:12.0514 6108 amdsata - ok
14:57:12.0524 6108 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
14:57:12.0524 6108 amdsbs - ok
14:57:12.0534 6108 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
14:57:12.0534 6108 amdxata - ok
14:57:12.0589 6108 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
14:57:12.0589 6108 AppID - ok
14:57:12.0634 6108 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
14:57:12.0634 6108 AppIDSvc - ok
14:57:12.0669 6108 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
14:57:12.0669 6108 Appinfo - ok
14:57:12.0769 6108 Apple Mobile Device (5aa788d5a2c6737bb9c45933985bc1b8) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
14:57:12.0769 6108 Apple Mobile Device - ok
14:57:12.0809 6108 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
14:57:12.0814 6108 arc - ok
14:57:12.0824 6108 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
14:57:12.0824 6108 arcsas - ok
14:57:12.0964 6108 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
14:57:12.0964 6108 aspnet_state - ok
14:57:12.0979 6108 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
14:57:12.0979 6108 AsyncMac - ok
14:57:13.0024 6108 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
14:57:13.0024 6108 atapi - ok
14:57:13.0084 6108 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
14:57:13.0089 6108 AudioEndpointBuilder - ok
14:57:13.0094 6108 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
14:57:13.0099 6108 AudioSrv - ok
14:57:13.0169 6108 avg9emc (aa054cd537357f03d5ba6aba7562b35f) C:\Program Files (x86)\AVG\AVG9\avgemc.exe
14:57:13.0179 6108 avg9emc - ok
14:57:13.0209 6108 avg9wd (c4d15594db5be042d3346ea58df87d89) C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe
14:57:13.0209 6108 avg9wd - ok
14:57:13.0354 6108 AvgLdx64 (b447db072bf939db9e07bef2adf4ecbd) C:\Windows\System32\Drivers\avgldx64.sys
14:57:13.0359 6108 AvgLdx64 - ok
14:57:13.0399 6108 AvgMfx64 (0db5a749acd8e66091736f88c40207bd) C:\Windows\System32\Drivers\avgmfx64.sys
14:57:13.0404 6108 AvgMfx64 - ok
14:57:13.0419 6108 AvgRkx64 (5e7f0f9cbe0f7823371a4d51df29f7ff) C:\Windows\system32\Drivers\avgrkx64.sys
14:57:13.0419 6108 AvgRkx64 - ok
14:57:13.0469 6108 AvgTdiA (8aa68c0ba2b84fd7eb3e1f10bbfc825b) C:\Windows\System32\Drivers\avgtdia.sys
14:57:13.0474 6108 AvgTdiA - ok
14:57:13.0514 6108 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
14:57:13.0514 6108 AxInstSV - ok
14:57:13.0569 6108 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
14:57:13.0574 6108 b06bdrv - ok
14:57:13.0604 6108 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
14:57:13.0604 6108 b57nd60a - ok
14:57:13.0684 6108 BASFND (830dfc7958adbddd40e0b61b461432b0) C:\Program Files\Broadcom\MgmtAgent\BASFND.sys
14:57:13.0684 6108 BASFND - ok
14:57:13.0749 6108 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
14:57:13.0749 6108 BDESVC - ok
14:57:13.0784 6108 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
14:57:13.0784 6108 Beep - ok
14:57:13.0849 6108 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
14:57:13.0854 6108 BFE - ok
14:57:13.0914 6108 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
14:57:13.0919 6108 BITS - ok
14:57:13.0964 6108 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
14:57:13.0969 6108 blbdrive - ok
14:57:14.0109 6108 Bonjour Service (f832f1505ad8b83474bd9a5b1b985e01) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
14:57:14.0114 6108 Bonjour Service - ok
14:57:14.0159 6108 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
14:57:14.0164 6108 bowser - ok
14:57:14.0229 6108 BrcmMgmtAgent (1c1412a4f068f25204550c92ee2d7364) C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe
14:57:14.0229 6108 BrcmMgmtAgent - ok
14:57:14.0264 6108 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
14:57:14.0269 6108 BrFiltLo - ok
14:57:14.0279 6108 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
14:57:14.0279 6108 BrFiltUp - ok
14:57:14.0294 6108 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
14:57:14.0294 6108 BridgeMP - ok
14:57:14.0409 6108 BroadCamService (38dd20ef8455ef871651665f9b3fd9b7) C:\Program Files (x86)\NCH Software\BroadCam\broadcam.exe
14:57:14.0419 6108 BroadCamService - ok
14:57:14.0554 6108 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
14:57:14.0554 6108 Browser - ok
14:57:14.0639 6108 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
14:57:14.0639 6108 Brserid - ok
14:57:14.0649 6108 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
14:57:14.0654 6108 BrSerWdm - ok
14:57:14.0669 6108 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
14:57:14.0669 6108 BrUsbMdm - ok
14:57:14.0674 6108 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
14:57:14.0674 6108 BrUsbSer - ok
14:57:14.0819 6108 BrYNSvc (ea7e57f87d6fee5fd6c5f813c04e8cd2) C:\Program Files (x86)\Browny02\BrYNSvc.exe
14:57:14.0819 6108 BrYNSvc - ok
14:57:14.0844 6108 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
14:57:14.0844 6108 BTHMODEM - ok
14:57:14.0894 6108 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
14:57:14.0894 6108 bthserv - ok
14:57:14.0979 6108 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
14:57:14.0984 6108 cdfs - ok
14:57:15.0109 6108 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
14:57:15.0114 6108 cdrom - ok
14:57:15.0154 6108 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
14:57:15.0154 6108 CertPropSvc - ok
14:57:15.0204 6108 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
14:57:15.0204 6108 circlass - ok
14:57:15.0249 6108 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
14:57:15.0254 6108 CLFS - ok
14:57:15.0339 6108 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:57:15.0339 6108 clr_optimization_v2.0.50727_32 - ok
14:57:15.0394 6108 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:57:15.0399 6108 clr_optimization_v2.0.50727_64 - ok
14:57:15.0449 6108 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:57:15.0454 6108 clr_optimization_v4.0.30319_32 - ok
14:57:15.0469 6108 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:57:15.0469 6108 clr_optimization_v4.0.30319_64 - ok
14:57:15.0509 6108 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
14:57:15.0509 6108 CmBatt - ok
14:57:15.0559 6108 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
14:57:15.0559 6108 cmdide - ok
14:57:15.0604 6108 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
14:57:15.0609 6108 CNG - ok
14:57:15.0624 6108 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
14:57:15.0624 6108 Compbatt - ok
14:57:15.0684 6108 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
14:57:15.0684 6108 CompositeBus - ok
14:57:15.0694 6108 COMSysApp - ok
14:57:15.0744 6108 cpuz134 (17719a7f571d4cd08223f0b30f71b8b8) C:\Windows\system32\drivers\cpuz134_x64.sys
14:57:15.0744 6108 cpuz134 - ok
14:57:15.0789 6108 cpuz135 (262969a3fab32b9e17e63e2d17a57744) C:\Windows\system32\drivers\cpuz135_x64.sys
14:57:15.0789 6108 cpuz135 - ok
14:57:15.0829 6108 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
14:57:15.0829 6108 crcdisk - ok
14:57:15.0854 6108 Crypkey License - ok
14:57:15.0904 6108 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
14:57:15.0904 6108 CryptSvc - ok
14:57:15.0964 6108 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
14:57:15.0969 6108 DcomLaunch - ok
14:57:16.0024 6108 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
14:57:16.0029 6108 defragsvc - ok
14:57:16.0074 6108 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
14:57:16.0074 6108 DfsC - ok
14:57:16.0094 6108 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
14:57:16.0094 6108 Dhcp - ok
14:57:16.0149 6108 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
14:57:16.0149 6108 discache - ok
14:57:16.0164 6108 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
14:57:16.0164 6108 Disk - ok
14:57:16.0204 6108 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
14:57:16.0204 6108 Dnscache - ok
14:57:16.0249 6108 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
14:57:16.0249 6108 dot3svc - ok
14:57:16.0294 6108 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
14:57:16.0299 6108 DPS - ok
14:57:16.0339 6108 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
14:57:16.0339 6108 drmkaud - ok
14:57:16.0414 6108 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
14:57:16.0419 6108 DXGKrnl - ok
14:57:16.0604 6108 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
14:57:16.0624 6108 EapHost - ok
14:57:16.0799 6108 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
14:57:16.0824 6108 ebdrv - ok
14:57:16.0959 6108 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
14:57:16.0959 6108 EFS - ok
14:57:17.0054 6108 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
14:57:17.0059 6108 ehRecvr - ok
14:57:17.0099 6108 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
14:57:17.0104 6108 ehSched - ok
14:57:17.0189 6108 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
14:57:17.0194 6108 elxstor - ok
14:57:17.0274 6108 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
14:57:17.0284 6108 ErrDev - ok
14:57:17.0379 6108 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
14:57:17.0379 6108 EventSystem - ok
14:57:17.0434 6108 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
14:57:17.0439 6108 exfat - ok
14:57:17.0454 6108 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
14:57:17.0454 6108 fastfat - ok
14:57:17.0519 6108 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
14:57:17.0524 6108 Fax - ok
14:57:17.0559 6108 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
14:57:17.0564 6108 fdc - ok
14:57:17.0569 6108 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
14:57:17.0569 6108 fdPHost - ok
14:57:17.0579 6108 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
14:57:17.0584 6108 FDResPub - ok
14:57:17.0594 6108 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
14:57:17.0594 6108 FileInfo - ok
14:57:17.0599 6108 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
14:57:17.0599 6108 Filetrace - ok
14:57:17.0604 6108 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
14:57:17.0609 6108 flpydisk - ok
14:57:17.0634 6108 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
14:57:17.0634 6108 FltMgr - ok
14:57:17.0709 6108 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
14:57:17.0719 6108 FontCache - ok
14:57:17.0859 6108 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:57:17.0859 6108 FontCache3.0.0.0 - ok
14:57:17.0924 6108 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
14:57:17.0924 6108 FsDepends - ok
14:57:17.0964 6108 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
14:57:17.0964 6108 Fs_Rec - ok
14:57:18.0009 6108 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
14:57:18.0014 6108 fvevol - ok
14:57:18.0019 6108 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
14:57:18.0024 6108 gagp30kx - ok
14:57:18.0064 6108 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
14:57:18.0064 6108 GEARAspiWDM - ok
14:57:18.0124 6108 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
14:57:18.0129 6108 gpsvc - ok
14:57:18.0254 6108 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:57:18.0254 6108 gupdate - ok
14:57:18.0269 6108 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:57:18.0269 6108 gupdatem - ok
14:57:18.0309 6108 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
14:57:18.0314 6108 hcw85cir - ok
14:57:18.0344 6108 hcwhdpvr (8d7f985ce023640b8d24eac045d7babe) C:\Windows\system32\DRIVERS\hcwhdpvr.sys
14:57:18.0354 6108 hcwhdpvr - ok
14:57:18.0414 6108 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
14:57:18.0419 6108 HdAudAddService - ok
14:57:18.0464 6108 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
14:57:18.0464 6108 HDAudBus - ok
14:57:18.0474 6108 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
14:57:18.0479 6108 HidBatt - ok
14:57:18.0489 6108 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
14:57:18.0509 6108 HidBth - ok
14:57:18.0529 6108 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
14:57:18.0534 6108 HidIr - ok
14:57:18.0564 6108 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll
14:57:18.0564 6108 hidserv - ok
14:57:18.0614 6108 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
14:57:18.0614 6108 HidUsb - ok
14:57:18.0659 6108 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
14:57:18.0659 6108 hkmsvc - ok
14:57:18.0704 6108 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
14:57:18.0704 6108 HomeGroupListener - ok
14:57:18.0744 6108 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
14:57:18.0744 6108 HomeGroupProvider - ok
14:57:18.0794 6108 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
14:57:18.0794 6108 HpSAMD - ok
14:57:18.0854 6108 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
14:57:18.0864 6108 HTTP - ok
14:57:18.0899 6108 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
14:57:18.0899 6108 hwpolicy - ok
14:57:18.0949 6108 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
14:57:18.0954 6108 i8042prt - ok
14:57:18.0969 6108 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
14:57:18.0974 6108 iaStorV - ok
14:57:19.0134 6108 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:57:19.0139 6108 idsvc - ok
14:57:19.0174 6108 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
14:57:19.0174 6108 iirsp - ok
14:57:19.0239 6108 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
14:57:19.0244 6108 IKEEXT - ok
14:57:19.0284 6108 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
14:57:19.0284 6108 intelide - ok
14:57:19.0304 6108 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
14:57:19.0304 6108 intelppm - ok
14:57:19.0344 6108 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
14:57:19.0349 6108 IPBusEnum - ok
14:57:19.0389 6108 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:57:19.0394 6108 IpFilterDriver - ok
14:57:19.0444 6108 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
14:57:19.0449 6108 iphlpsvc - ok
14:57:19.0489 6108 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
14:57:19.0489 6108 IPMIDRV - ok
14:57:19.0529 6108 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
14:57:19.0529 6108 IPNAT - ok
14:57:19.0634 6108 iPod Service (3d62fe4fefe9c67dafec52b534dfa1fb) C:\Program Files\iPod\bin\iPodService.exe
14:57:19.0639 6108 iPod Service - ok
14:57:19.0654 6108 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
14:57:19.0659 6108 IRENUM - ok
14:57:19.0694 6108 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
14:57:19.0694 6108 isapnp - ok
14:57:19.0714 6108 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
14:57:19.0714 6108 iScsiPrt - ok
14:57:19.0779 6108 k57nd60a (d85f3f18e44f7447b5f1ba5c85baeb7c) C:\Windows\system32\DRIVERS\k57nd60a.sys
14:57:19.0779 6108 k57nd60a - ok
14:57:19.0799 6108 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
14:57:19.0799 6108 kbdclass - ok
14:57:19.0839 6108 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
14:57:19.0839 6108 kbdhid - ok
14:57:19.0874 6108 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
14:57:19.0874 6108 KeyIso - ok
14:57:19.0884 6108 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
14:57:19.0884 6108 KSecDD - ok
14:57:19.0899 6108 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
14:57:19.0899 6108 KSecPkg - ok
14:57:19.0934 6108 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
14:57:19.0939 6108 ksthunk - ok
14:57:19.0984 6108 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
14:57:19.0989 6108 KtmRm - ok
14:57:20.0034 6108 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\System32\srvsvc.dll
14:57:20.0039 6108 LanmanServer - ok
14:57:20.0074 6108 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
14:57:20.0074 6108 LanmanWorkstation - ok
14:57:20.0099 6108 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
14:57:20.0099 6108 lltdio - ok
14:57:20.0119 6108 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
14:57:20.0124 6108 lltdsvc - ok
14:57:20.0139 6108 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
14:57:20.0139 6108 lmhosts - ok
14:57:20.0154 6108 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
14:57:20.0154 6108 LSI_FC - ok
14:57:20.0194 6108 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
14:57:20.0194 6108 LSI_SAS - ok
14:57:20.0204 6108 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
14:57:20.0204 6108 LSI_SAS2 - ok
14:57:20.0214 6108 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
14:57:20.0214 6108 LSI_SCSI - ok
14:57:20.0234 6108 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
14:57:20.0234 6108 luafv - ok
14:57:20.0304 6108 MBAMProtector (79da94b35371b9e7104460c7693dcb2c) C:\Windows\system32\drivers\mbam.sys
14:57:20.0304 6108 MBAMProtector - ok
14:57:20.0434 6108 MBAMService (056b19651bd7b7ce5f89a3ac46dbdc08) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
14:57:20.0439 6108 MBAMService - ok
14:57:20.0479 6108 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
14:57:20.0479 6108 Mcx2Svc - ok
14:57:20.0514 6108 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
14:57:20.0514 6108 megasas - ok
14:57:20.0529 6108 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
14:57:20.0534 6108 MegaSR - ok
14:57:20.0579 6108 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
14:57:20.0579 6108 MMCSS - ok
14:57:20.0589 6108 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
14:57:20.0594 6108 Modem - ok
14:57:20.0614 6108 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
14:57:20.0614 6108 monitor - ok
14:57:20.0664 6108 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
14:57:20.0664 6108 mouclass - ok
14:57:20.0709 6108 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
14:57:20.0709 6108 mouhid - ok
14:57:20.0744 6108 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
14:57:20.0744 6108 mountmgr - ok
14:57:20.0784 6108 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
14:57:20.0784 6108 mpio - ok
14:57:20.0824 6108 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
14:57:20.0824 6108 mpsdrv - ok
14:57:20.0864 6108 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
14:57:20.0864 6108 MRxDAV - ok
14:57:20.0889 6108 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
14:57:20.0894 6108 mrxsmb - ok
14:57:20.0929 6108 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:57:20.0929 6108 mrxsmb10 - ok
14:57:20.0944 6108 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:57:20.0949 6108 mrxsmb20 - ok
14:57:20.0969 6108 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
14:57:20.0969 6108 msahci - ok
14:57:20.0974 6108 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
14:57:20.0979 6108 msdsm - ok
14:57:21.0004 6108 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
14:57:21.0004 6108 MSDTC - ok
14:57:21.0019 6108 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
14:57:21.0019 6108 Msfs - ok
14:57:21.0029 6108 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
14:57:21.0029 6108 mshidkmdf - ok
14:57:21.0069 6108 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
14:57:21.0069 6108 msisadrv - ok
14:57:21.0119 6108 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
14:57:21.0124 6108 MSiSCSI - ok
14:57:21.0124 6108 msiserver - ok
14:57:21.0179 6108 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
14:57:21.0179 6108 MSKSSRV - ok
14:57:21.0189 6108 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
14:57:21.0194 6108 MSPCLOCK - ok
14:57:21.0194 6108 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
14:57:21.0194 6108 MSPQM - ok
14:57:21.0239 6108 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
14:57:21.0244 6108 MsRPC - ok
14:57:21.0254 6108 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
14:57:21.0259 6108 mssmbios - ok
14:57:21.0269 6108 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
14:57:21.0269 6108 MSTEE - ok
14:57:21.0279 6108 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
14:57:21.0279 6108 MTConfig - ok
14:57:21.0304 6108 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
14:57:21.0304 6108 Mup - ok
14:57:21.0359 6108 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
14:57:21.0359 6108 napagent - ok
14:57:21.0419 6108 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
14:57:21.0424 6108 NativeWifiP - ok
14:57:21.0494 6108 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
14:57:21.0504 6108 NDIS - ok
14:57:21.0519 6108 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
14:57:21.0524 6108 NdisCap - ok
14:57:21.0534 6108 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
14:57:21.0539 6108 NdisTapi - ok
14:57:21.0579 6108 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
14:57:21.0579 6108 Ndisuio - ok
14:57:21.0624 6108 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
14:57:21.0624 6108 NdisWan - ok
14:57:21.0664 6108 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
14:57:21.0664 6108 NDProxy - ok
14:57:21.0749 6108 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
14:57:21.0749 6108 NetBIOS - ok
14:57:21.0764 6108 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
14:57:21.0769 6108 NetBT - ok
14:57:21.0799 6108 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
14:57:21.0799 6108 Netlogon - ok
14:57:21.0859 6108 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
14:57:21.0864 6108 Netman - ok
14:57:21.0979 6108 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:57:21.0979 6108 NetMsmqActivator - ok
14:57:21.0994 6108 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:57:21.0994 6108 NetPipeActivator - ok
14:57:22.0009 6108 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
14:57:22.0014 6108 netprofm - ok
14:57:22.0024 6108 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:57:22.0024 6108 NetTcpActivator - ok
14:57:22.0029 6108 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:57:22.0029 6108 NetTcpPortSharing - ok
14:57:22.0089 6108 NetworkX (2263727032e9b19231a706046b8c82d3) C:\Windows\system32\ckldrv.sys
14:57:22.0089 6108 NetworkX - ok
14:57:22.0164 6108 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
14:57:22.0164 6108 nfrd960 - ok
14:57:22.0219 6108 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
14:57:22.0224 6108 NlaSvc - ok
14:57:22.0339 6108 nlsX86cc (b1ef4686961986dffb7fe8f18e6fcb5b) C:\Windows\SysWOW64\nlssrv32.exe
14:57:22.0344 6108 nlsX86cc - ok
14:57:22.0349 6108 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
14:57:22.0349 6108 Npfs - ok
14:57:22.0394 6108 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
14:57:22.0394 6108 nsi - ok
14:57:22.0409 6108 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
14:57:22.0414 6108 nsiproxy - ok
14:57:22.0494 6108 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
14:57:22.0509 6108 Ntfs - ok
14:57:22.0674 6108 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
14:57:22.0674 6108 Null - ok
14:57:22.0729 6108 NVHDA (10204955027011e08a9dc27737a48a54) C:\Windows\system32\drivers\nvhda64v.sys
14:57:22.0734 6108 NVHDA - ok
14:57:23.0229 6108 nvlddmkm (9c1996dd3c0469bc8933321f15709f5a) C:\Windows\system32\DRIVERS\nvlddmkm.sys
14:57:23.0284 6108 nvlddmkm - ok
14:57:23.0469 6108 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
14:57:23.0469 6108 nvraid - ok
14:57:23.0474 6108 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
14:57:23.0479 6108 nvstor - ok
14:57:23.0549 6108 nvsvc (34e5498528bb3d5a951f889f8756ad26) C:\Windows\system32\nvvsvc.exe
14:57:23.0559 6108 nvsvc - ok
14:57:23.0574 6108 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
14:57:23.0574 6108 nv_agp - ok
14:57:23.0714 6108 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
14:57:23.0719 6108 odserv - ok
14:57:23.0754 6108 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
14:57:23.0759 6108 ohci1394 - ok
14:57:23.0814 6108 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:57:23.0814 6108 ose - ok
14:57:23.0859 6108 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
14:57:23.0864 6108 p2pimsvc - ok
14:57:23.0884 6108 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
14:57:23.0889 6108 p2psvc - ok
14:57:23.0934 6108 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
14:57:23.0934 6108 Parport - ok
14:57:23.0969 6108 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
14:57:23.0969 6108 partmgr - ok
14:57:23.0984 6108 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
14:57:23.0984 6108 PcaSvc - ok
14:57:24.0034 6108 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
14:57:24.0034 6108 pci - ok
14:57:24.0074 6108 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
14:57:24.0074 6108 pciide - ok
14:57:24.0089 6108 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
14:57:24.0089 6108 pcmcia - ok
14:57:24.0104 6108 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
14:57:24.0104 6108 pcw - ok
14:57:24.0134 6108 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
14:57:24.0139 6108 PEAUTH - ok
14:57:24.0229 6108 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
14:57:24.0229 6108 PerfHost - ok
14:57:24.0349 6108 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
14:57:24.0359 6108 pla - ok
14:57:24.0404 6108 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
14:57:24.0409 6108 PlugPlay - ok
14:57:24.0434 6108 PnkBstrA - ok
14:57:24.0469 6108 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
14:57:24.0474 6108 PNRPAutoReg - ok
14:57:24.0484 6108 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
14:57:24.0489 6108 PNRPsvc - ok
14:57:24.0534 6108 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
14:57:24.0539 6108 PolicyAgent - ok
14:57:24.0574 6108 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
14:57:24.0579 6108 Power - ok
14:57:24.0664 6108 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
14:57:24.0664 6108 PptpMiniport - ok
14:57:24.0704 6108 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
14:57:24.0704 6108 Processor - ok
14:57:24.0719 6108 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
14:57:24.0719 6108 ProfSvc - ok
14:57:24.0759 6108 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
14:57:24.0759 6108 ProtectedStorage - ok
14:57:24.0799 6108 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
14:57:24.0799 6108 Psched - ok
14:57:24.0844 6108 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys
14:57:24.0849 6108 PxHlpa64 - ok
14:57:24.0899 6108 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
14:57:24.0909 6108 ql2300 - ok
14:57:25.0084 6108 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
14:57:25.0089 6108 ql40xx - ok
14:57:25.0129 6108 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
14:57:25.0134 6108 QWAVE - ok
14:57:25.0174 6108 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
14:57:25.0174 6108 QWAVEdrv - ok
14:57:25.0179 6108 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
14:57:25.0179 6108 RasAcd - ok
14:57:25.0224 6108 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
14:57:25.0224 6108 RasAgileVpn - ok
14:57:25.0234 6108 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
14:57:25.0234 6108 RasAuto - ok
14:57:25.0274 6108 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
14:57:25.0279 6108 Rasl2tp - ok
14:57:25.0324 6108 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
14:57:25.0329 6108 RasMan - ok
14:57:25.0424 6108 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
14:57:25.0424 6108 RasPppoe - ok
14:57:25.0454 6108 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
14:57:25.0454 6108 RasSstp - ok
14:57:25.0499 6108 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
14:57:25.0504 6108 rdbss - ok
14:57:25.0534 6108 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
14:57:25.0539 6108 rdpbus - ok
14:57:25.0549 6108 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
14:57:25.0549 6108 RDPCDD - ok
14:57:25.0569 6108 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
14:57:25.0574 6108 RDPENCDD - ok
14:57:25.0579 6108 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
14:57:25.0579 6108 RDPREFMP - ok
14:57:25.0619 6108 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
14:57:25.0619 6108 RDPWD - ok
14:57:25.0669 6108 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
14:57:25.0674 6108 rdyboost - ok
14:57:25.0714 6108 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
14:57:25.0719 6108 RemoteAccess - ok
14:57:25.0759 6108 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
14:57:25.0759 6108 RemoteRegistry - ok
14:57:25.0799 6108 RimUsb (7b04c9843921ab1f695fb395422c5360) C:\Windows\system32\Drivers\RimUsb_AMD64.sys
14:57:25.0804 6108 RimUsb - ok
14:57:25.0814 6108 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
14:57:25.0814 6108 RpcEptMapper - ok
14:57:25.0824 6108 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
14:57:25.0824 6108 RpcLocator - ok
14:57:25.0869 6108 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
14:57:25.0874 6108 RpcSs - ok
14:57:25.0909 6108 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
14:57:25.0914 6108 rspndr - ok
14:57:25.0949 6108 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
14:57:25.0949 6108 SamSs - ok
14:57:26.0024 6108 SASKUTIL - ok
14:57:26.0069 6108 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
14:57:26.0069 6108 sbp2port - ok
14:57:26.0114 6108 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
14:57:26.0119 6108 SCardSvr - ok
14:57:26.0154 6108 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
14:57:26.0154 6108 scfilter - ok
14:57:26.0219 6108 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
14:57:26.0229 6108 Schedule - ok
14:57:26.0259 6108 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
14:57:26.0259 6108 SCPolicySvc - ok
14:57:26.0304 6108 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
14:57:26.0304 6108 SDRSVC - ok
14:57:26.0399 6108 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
14:57:26.0399 6108 secdrv - ok
14:57:26.0434 6108 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
14:57:26.0434 6108 seclogon - ok
14:57:26.0474 6108 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
14:57:26.0474 6108 SENS - ok
14:57:26.0494 6108 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
14:57:26.0494 6108 SensrSvc - ok
14:57:26.0549 6108 Sentinel64 (84ac127242dd3ccde02f9a4673214b1f) C:\Windows\System32\Drivers\Sentinel64.sys
14:57:26.0549 6108 Sentinel64 - ok
14:57:26.0559 6108 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
14:57:26.0559 6108 Serenum - ok
14:57:26.0564 6108 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
14:57:26.0569 6108 Serial - ok
14:57:26.0599 6108 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
14:57:26.0599 6108 sermouse - ok
14:57:26.0644 6108 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
14:57:26.0644 6108 SessionEnv - ok
14:57:26.0679 6108 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
14:57:26.0679 6108 sffdisk - ok
14:57:26.0689 6108 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
14:57:26.0689 6108 sffp_mmc - ok
14:57:26.0699 6108 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
14:57:26.0699 6108 sffp_sd - ok
14:57:26.0734 6108 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
14:57:26.0734 6108 sfloppy - ok
14:57:26.0839 6108 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
14:57:26.0844 6108 ShellHWDetection - ok
14:57:26.0854 6108 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
14:57:26.0854 6108 SiSRaid2 - ok
14:57:26.0874 6108 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
14:57:26.0874 6108 SiSRaid4 - ok
14:57:26.0889 6108 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
14:57:26.0889 6108 Smb - ok
14:57:26.0934 6108 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
14:57:26.0934 6108 SNMPTRAP - ok
14:57:26.0974 6108 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
14:57:26.0994 6108 spldr - ok
14:57:27.0044 6108 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
14:57:27.0049 6108 Spooler - ok
14:57:27.0219 6108 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
14:57:27.0249 6108 sppsvc - ok
14:57:27.0399 6108 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
14:57:27.0399 6108 sppuinotify - ok
14:57:27.0509 6108 sptd (602884696850c86434530790b110e8eb) C:\Windows\system32\Drivers\sptd.sys
14:57:27.0509 6108 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 602884696850c86434530790b110e8eb
14:57:27.0509 6108 sptd ( LockedFile.Multi.Generic ) - warning
14:57:27.0509 6108 sptd - detected LockedFile.Multi.Generic (1)
14:57:27.0554 6108 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
14:57:27.0559 6108 srv - ok
14:57:27.0579 6108 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
14:57:27.0584 6108 srv2 - ok
14:57:27.0594 6108 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
14:57:27.0594 6108 srvnet - ok
14:57:27.0644 6108 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
14:57:27.0644 6108 SSDPSRV - ok
14:57:27.0659 6108 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
14:57:27.0659 6108 SstpSvc - ok
14:57:27.0724 6108 Steam Client Service - ok
14:57:27.0759 6108 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
14:57:27.0759 6108 stexstor - ok
14:57:27.0819 6108 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
14:57:27.0824 6108 stisvc - ok
14:57:27.0874 6108 StkCMini (d2fbe517d8fe03552e9c6cf91c1540d2) C:\Windows\system32\Drivers\StkCMini.sys
14:57:27.0884 6108 StkCMini - ok
14:57:27.0894 6108 StkSSrv (0e447ef3cc90b32ba478093b998c48fd) C:\Windows\System32\StkCSrv.exe
14:57:27.0894 6108 StkSSrv - ok
14:57:27.0934 6108 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
14:57:27.0939 6108 swenum - ok
14:57:28.0039 6108 SwitchBoard (f577910a133a592234ebaad3f3afa258) C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
14:57:28.0044 6108 SwitchBoard - ok
14:57:28.0094 6108 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
14:57:28.0099 6108 swprv - ok
14:57:28.0179 6108 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
14:57:28.0194 6108 SysMain - ok
14:57:28.0339 6108 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
14:57:28.0339 6108 TabletInputService - ok
14:57:28.0599 6108 TabletServiceWacom (191394b308bd7fedb4ebb4f7f04c1339) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
14:57:28.0644 6108 TabletServiceWacom - ok
14:57:28.0794 6108 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
14:57:28.0794 6108 TapiSrv - ok
14:57:28.0834 6108 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
14:57:28.0834 6108 TBS - ok
14:57:29.0019 6108 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
14:57:29.0034 6108 Tcpip - ok
14:57:29.0159 6108 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
14:57:29.0169 6108 TCPIP6 - ok
14:57:29.0219 6108 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
14:57:29.0219 6108 tcpipreg - ok
14:57:29.0259 6108 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
14:57:29.0259 6108 TDPIPE - ok
14:57:29.0299 6108 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
14:57:29.0304 6108 TDTCP - ok
14:57:29.0344 6108 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
14:57:29.0349 6108 tdx - ok
14:57:29.0379 6108 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
14:57:29.0384 6108 TermDD - ok
14:57:29.0444 6108 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
14:57:29.0449 6108 TermService - ok
14:57:29.0484 6108 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
14:57:29.0489 6108 Themes - ok
14:57:29.0529 6108 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
14:57:29.0529 6108 THREADORDER - ok
14:57:29.0574 6108 Tpkd (ff12358b7070a62319280a9192a24aa2) C:\Windows\system32\drivers\Tpkd.sys
14:57:29.0574 6108 Tpkd - ok
14:57:29.0584 6108 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
14:57:29.0589 6108 TrkWks - ok
14:57:29.0669 6108 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
14:57:29.0669 6108 TrustedInstaller - ok
14:57:29.0709 6108 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
14:57:29.0709 6108 tssecsrv - ok
14:57:29.0759 6108 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
14:57:29.0764 6108 TsUsbFlt - ok
14:57:29.0804 6108 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
14:57:29.0809 6108 tunnel - ok
14:57:29.0844 6108 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
14:57:29.0844 6108 uagp35 - ok
14:57:29.0884 6108 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
14:57:29.0889 6108 udfs - ok
14:57:29.0939 6108 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
14:57:29.0944 6108 UI0Detect - ok
14:57:29.0984 6108 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
14:57:29.0989 6108 uliagpkx - ok
14:57:30.0004 6108 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
14:57:30.0004 6108 umbus - ok
14:57:30.0014 6108 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
14:57:30.0014 6108 UmPass - ok
14:57:30.0029 6108 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
14:57:30.0034 6108 upnphost - ok
14:57:30.0079 6108 USBAAPL64 (f724b03c3dfaacf08d17d38bf3333583) C:\Windows\system32\Drivers\usbaapl64.sys
14:57:30.0084 6108 USBAAPL64 - ok
14:57:30.0139 6108 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
14:57:30.0139 6108 usbaudio - ok
14:57:30.0149 6108 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
14:57:30.0154 6108 usbccgp - ok
14:57:30.0204 6108 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
14:57:30.0204 6108 usbcir - ok
14:57:30.0244 6108 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
14:57:30.0244 6108 usbehci - ok
14:57:30.0264 6108 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
14:57:30.0269 6108 usbhub - ok
14:57:30.0279 6108 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
14:57:30.0279 6108 usbohci - ok
14:57:30.0304 6108 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
14:57:30.0304 6108 usbprint - ok
14:57:30.0364 6108 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
14:57:30.0364 6108 usbscan - ok
14:57:30.0379 6108 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:57:30.0379 6108 USBSTOR - ok
14:57:30.0389 6108 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
14:57:30.0394 6108 usbuhci - ok
14:57:30.0434 6108 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
14:57:30.0434 6108 UxSms - ok
14:57:30.0474 6108 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
14:57:30.0474 6108 VaultSvc - ok
14:57:30.0529 6108 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
14:57:30.0529 6108 vdrvroot - ok
14:57:30.0579 6108 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
14:57:30.0584 6108 vds - ok
14:57:30.0639 6108 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
14:57:30.0639 6108 vga - ok
14:57:30.0644 6108 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
14:57:30.0644 6108 VgaSave - ok
14:57:30.0689 6108 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
14:57:30.0689 6108 vhdmp - ok
14:57:30.0729 6108 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
14:57:30.0729 6108 viaide - ok
14:57:30.0744 6108 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
14:57:30.0749 6108 volmgr - ok
14:57:30.0794 6108 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
14:57:30.0794 6108 volmgrx - ok
14:57:30.0834 6108 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
14:57:30.0839 6108 volsnap - ok
14:57:30.0849 6108 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
14:57:30.0849 6108 vsmraid - ok
14:57:30.0934 6108 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
14:57:30.0944 6108 VSS - ok
14:57:31.0184 6108 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
14:57:31.0184 6108 vwifibus - ok
14:57:31.0244 6108 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
14:57:31.0249 6108 W32Time - ok
14:57:31.0324 6108 wacmoumonitor (fe75777289278a4941fe6139e82b3bd9) C:\Windows\system32\DRIVERS\wacmoumonitor.sys
14:57:31.0324 6108 wacmoumonitor - ok
14:57:31.0334 6108 wacommousefilter (e04d43c7d1641e95d35cae6086c7e350) C:\Windows\system32\DRIVERS\wacommousefilter.sys
14:57:31.0339 6108 wacommousefilter - ok
14:57:31.0349 6108 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
14:57:31.0349 6108 WacomPen - ok
14:57:31.0389 6108 wacomvhid (ec1ceb237e365330c1fcfc4876aa0ac0) C:\Windows\system32\DRIVERS\wacomvhid.sys
14:57:31.0389 6108 wacomvhid - ok
14:57:31.0439 6108 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
14:57:31.0439 6108 WANARP - ok
14:57:31.0439 6108 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
14:57:31.0439 6108 Wanarpv6 - ok
14:57:31.0514 6108 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
14:57:31.0524 6108 WatAdminSvc - ok
14:57:31.0619 6108 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
14:57:31.0634 6108 wbengine - ok
14:57:31.0779 6108 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
14:57:31.0779 6108 WbioSrvc - ok
14:57:31.0824 6108 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
14:57:31.0829 6108 wcncsvc - ok
14:57:31.0884 6108 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
14:57:31.0884 6108 WcsPlugInService - ok
14:57:31.0924 6108 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
14:57:31.0924 6108 Wd - ok
14:57:31.0959 6108 WDC_SAM (a3d04ebf5227886029b4532f20d026f7) C:\Windows\system32\DRIVERS\wdcsam64.sys
14:57:31.0959 6108 WDC_SAM - ok
14:57:31.0994 6108 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
14:57:31.0999 6108 Wdf01000 - ok
14:57:32.0009 6108 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
14:57:32.0014 6108 WdiServiceHost - ok
14:57:32.0014 6108 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
14:57:32.0014 6108 WdiSystemHost - ok
14:57:32.0054 6108 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
14:57:32.0054 6108 WebClient - ok
14:57:32.0094 6108 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
14:57:32.0099 6108 Wecsvc - ok
14:57:32.0109 6108 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
14:57:32.0114 6108 wercplsupport - ok
14:57:32.0129 6108 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
14:57:32.0134 6108 WerSvc - ok
14:57:32.0209 6108 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
14:57:32.0209 6108 WfpLwf - ok
14:57:32.0224 6108 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
14:57:32.0224 6108 WIMMount - ok
14:57:32.0294 6108 WinDefend - ok
14:57:32.0299 6108 WinHttpAutoProxySvc - ok
14:57:32.0374 6108 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
14:57:32.0374 6108 Winmgmt - ok
14:57:32.0474 6108 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
14:57:32.0494 6108 WinRM - ok
14:57:32.0694 6108 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
14:57:32.0699 6108 WinUsb - ok
14:57:32.0754 6108 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
14:57:32.0764 6108 Wlansvc - ok
14:57:32.0924 6108 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
14:57:32.0939 6108 wlidsvc - ok
14:57:33.0104 6108 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
14:57:33.0104 6108 WmiAcpi - ok
14:57:33.0184 6108 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
14:57:33.0184 6108 wmiApSrv - ok
14:57:33.0259 6108 WMPNetworkSvc - ok
14:57:33.0344 6108 WMZuneComm (45de51db0950a4b8595520ef0bafcff1) c:\Program Files\Zune\WMZuneComm.exe
14:57:33.0344 6108 WMZuneComm - ok
14:57:33.0394 6108 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
14:57:33.0394 6108 WPCSvc - ok
14:57:33.0504 6108 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
14:57:33.0504 6108 WPDBusEnum - ok
14:57:33.0549 6108 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
14:57:33.0549 6108 ws2ifsl - ok
14:57:33.0554 6108 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\system32\wscsvc.dll
14:57:33.0559 6108 wscsvc - ok
14:57:33.0559 6108 WSearch - ok
14:57:33.0659 6108 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
14:57:33.0684 6108 wuauserv - ok
14:57:33.0854 6108 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
14:57:33.0854 6108 WudfPf - ok
14:57:33.0874 6108 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
14:57:33.0874 6108 WUDFRd - ok
14:57:33.0919 6108 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
14:57:33.0924 6108 wudfsvc - ok
14:57:33.0969 6108 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
14:57:33.0969 6108 WwanSvc - ok
14:57:34.0119 6108 X6va005 - ok
14:57:34.0174 6108 xusb21 (2ee48cfce7ca8e0db4c44c7476c0943b) C:\Windows\system32\DRIVERS\xusb21.sys
14:57:34.0174 6108 xusb21 - ok
14:57:34.0504 6108 ZuneNetworkSvc (b79c2ce5340a5eca38ca1f74aa445d2b) c:\Program Files\Zune\ZuneNss.exe
14:57:34.0534 6108 ZuneNetworkSvc - ok
14:57:34.0694 6108 ZuneWlanCfgSvc (e2859aea054422fe40517179ae867c2d) c:\Windows\system32\ZuneWlanCfgSvc.exe
14:57:34.0699 6108 ZuneWlanCfgSvc - ok
14:57:34.0719 6108 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
14:57:34.0859 6108 \Device\Harddisk0\DR0 - ok
14:57:35.0164 6108 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk5\DR5
14:57:35.0169 6108 \Device\Harddisk5\DR5 - ok
14:57:35.0169 6108 Boot (0x1200) (a243e17233d0a39d0f6393ebd7648e97) \Device\Harddisk0\DR0\Partition0
14:57:35.0169 6108 \Device\Harddisk0\DR0\Partition0 - ok
14:57:35.0184 6108 Boot (0x1200) (eab34adea5e753807786589167bdf598) \Device\Harddisk0\DR0\Partition1
14:57:35.0184 6108 \Device\Harddisk0\DR0\Partition1 - ok
14:57:35.0184 6108 Boot (0x1200) (e164ab8671c941be3d308aa6e0e547d4) \Device\Harddisk5\DR5\Partition0
14:57:35.0189 6108 \Device\Harddisk5\DR5\Partition0 - ok
14:57:35.0189 6108 ============================================================
14:57:35.0189 6108 Scan finished
14:57:35.0189 6108 ============================================================
14:57:35.0194 3340 Detected object count: 1
14:57:35.0194 3340 Actual detected object count: 1
bobby8685
Active Member
 
Posts: 3
Joined: May 18th, 2012, 7:45 pm

Re: Backdoor.Win32.ZAccess.oun/ Backdoor Generic 15.AXLA

Unread postby askey127 » May 19th, 2012, 5:10 pm

Your machine shows evidence of cracked or otherwise illegal software, so in accordance with our policy, we will not provide any further help.
http://malwareremoval.com/forum/viewtop ... 95#p491395
This thread will be closed.
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 14025
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA
Advertisement
Register to Remove


Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 122 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware