Solved Trojan.Generic & Trojan.Sirefef

M

Mirela

Posts: 48   +0
Hi! As a lot of people I too have problems with trojan sirefef. I have Bitdefender 2011 and it detects it every couple of minutes after I finish scanning and deleting them.

First it detected: Troja.Sirefef.GA in C:\Windows\Installer\{6d068584-5c55-d3b8-a239-f5f4a8ecedd4}\U\80000064.@

Then it prompted me with: Trojan.Sirefef.FY in C:\Windows\assembly\GAC_64\Desktop.ini

Lots of similar notification from the files Installer and assembly.

Now, as I was logging in to write you, another notification... Trojan.Generic. 7 5 5 2 3 8 6 located in C:\Windows\assembly\GAC_32\Desktop.ini

I don't know what else to do beside scanning. I would very much appreciate your help.

And another thing, I just can't get my laptop to connect to the internet, and I think is because of this trojans. I'm currently at another PC, and I will follow the instruction from here, applying them on my laptop.
What do I do now?

Thanks in advanced for your help.
 
Thank you for your reply. I'll have to wait then, for now, there isn't much that I can do... Hope it will get fixed soon, cause I have my dissertation in 2 and half weeks, and I really need my laptop up and running, networking and stuff...

P.S. I hate them too! :)
 
Welcome aboard
yahooo.gif


Please, complete all steps listed here: https://www.techspot.com/community/...lware-removal-preliminary-instructions.58138/
Make sure, you PASTE all logs. If some log exceeds 50,000 characters post limit, split it between couple of replies.
Attached logs won't be reviewed.

Please, observe following rules:
  • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
  • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
  • Please refrain from running tools or applying updates other than those I suggest.
  • Never run more than one scan at a time.
  • Keep updating me regarding your computer behavior, good, or bad.
  • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
  • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
  • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.
 
Hi! Since I do not have an internet connection on my laptop, probably because of the trojans, I cannot update Malwarebytes Anti_Malware. And it says the database is outdated by 63 days. Do I continue anyway?
 
I've updated it from safe mode with networking. I've scanned my laptop with Malewarebytes Anti-Malware twice, and on the second scan it found the path with problems that the antivirus found too.
GMER didn't find any modifications, though it had checkmark only the followings: Service, Registry, Files (C, I didn't check teh others, since the problems were in C) and ADS. The other options weren't checkable.
DDS couldn't be run.
Here are the logs of the Malewarebytes Anti-Malware scan:

Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Database version: v2012.06.07.03

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Miry :: MIRY-PC [administrator]

07/06/2012 14:26:19
mbam-log-2012-06-07 (14-26-19).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 236385
Time elapsed: 7 minute(s), 5 second(s)

Memory Processes Detected: 1
C:\Windows\KMService.exe (RiskWare.Tool.CK) -> 2252 -> Delete on reboot.

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Windows\KMService.exe (RiskWare.Tool.CK) -> Delete on reboot.

(end)




Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Database version: v2012.06.07.03

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Miry :: MIRY-PC [administrator]

07/06/2012 17:44:40
mbam-log-2012-06-07 (17-44-40).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 236587
Time elapsed: 6 minute(s), 9 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 2
C:\Windows\Installer\{6d068584-5c55-d3b8-a239-f5f4a8ecedd4}\L\00000008.@ (Trojan.BitMiner) -> Delete on reboot.
C:\Windows\Installer\{6d068584-5c55-d3b8-a239-f5f4a8ecedd4}\U\00000008.@ (Trojan.Dropper.BCMiner) -> Quarantined and deleted successfully.

(end)



and the DDS says:

MZ   ÿÿ ¸ @ Ø º ´Í!¸LÍ!This program cannot be run in DOS mode.$ 1¸„:uÙêiuÙêiuÙêI¶ÖµiwÙêiuÙëIîÙêI¶Ö·idÙêI!úÚIÙêI²ßìitÙêiRichuÙêI PE L ÆãK à   P   0ó °  @        í €      `    ` UPX0    € àUPX1 P ° F  @ à.rsrc    J @ À ----->and lots of more signs like this

Other updates: After the second scan with Malewarebytes Anti-Malware the internet connection works, but my antivirus still detects the trojans, or whatever they are.
 
Download Bootkit Remover to your desktop.

  • Unzip downloaded file to your Desktop.
  • Double-click on boot_cleaner.exe to run the program (Vista/7 users,right click on boot_cleaner.exe and click Run As Administrator).
  • It will show a Black screen with some data on it.
  • Right click on the screen and click Select All.
  • Press CTRL+C
  • Open a Notepad and press CTRL+V
  • Post the output back here.

=======================================================

Download aswMBR to your desktop.
Double click the aswMBR.exe to run it.
If you see this question: Would you like to download latest Avast! virus definitions?" say "Yes".
Click the "Scan" button to start scan.
On completion of the scan click "Save log", save it to your desktop and post in your next reply.

NOTE. aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.
 
The internet wasn't working because the firewall was enabled. Disabling it got my internet connection working.
Here are the logs of bootkit remover and aswMBR:

Bootkit Remover
(c) 2009 Esage Lab
www.esagelab.com

Program version: 1.2.0.1
OS Version: Microsoft Windows 7 Home Premium Edition Service Pack 1 (build 7601)
, 64-bit

System volume is \\.\C:
\\.\C: -> \\.\PhysicalDrive0 at offset 0x00000003`c6500000

Size Device Name MBR Status
--------------------------------------------
465 GB \\.\PhysicalDrive0 Controlled by rootkit!

Boot code on some of your physical disks is hidden by a rootkit.
To disinfect the master boot sector, use the following command:
remover.exe fix <device_name>
To inspect the boot code manually, dump the master boot sector:
remover.exe dump <device_name> [output_file]


Done;
Press any key to quit...


=======================================================


aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-06-07 18:49:56
-----------------------------
18:49:56.418 OS Version: Windows x64 6.1.7601 Service Pack 1
18:49:56.418 Number of processors: 4 586 0x2A07
18:49:56.418 ComputerName: MIRY-PC UserName: Miry
18:49:56.901 Initialize success
18:50:03.485 AVAST engine defs: 12060700
18:50:06.823 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
18:50:06.839 Disk 0 Vendor: WDC_WD50 01.0 Size: 476940MB BusType: 3
18:50:06.854 Disk 0 MBR read successfully
18:50:06.854 Disk 0 MBR scan
18:50:06.979 Disk 0 Windows 7 default MBR code
18:50:06.995 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 15360 MB offset 2048
18:50:07.026 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 31459328
18:50:07.041 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 71688 MB offset 31664128
18:50:07.041 Disk 0 Partition - 00 0F Extended LBA 389788 MB offset 178482150
18:50:07.073 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 182731 MB offset 178482213
18:50:07.073 Disk 0 Partition - 00 05 Extended 207056 MB offset 552716329
18:50:07.119 Disk 0 Partition 5 00 07 HPFS/NTFS NTFS 207056 MB offset 552716392
18:50:07.151 Disk 0 scanning C:\Windows\system32\drivers
18:50:21.378 Service scanning
18:50:46.681 Modules scanning
18:50:46.681 Disk 0 trace - called modules:
18:50:46.712 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
18:50:46.712 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8006c57060]
18:50:46.712 3 CLASSPNP.SYS[fffff8800181743f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004df6050]
18:50:47.523 AVAST engine scan C:\Windows
18:50:51.205 AVAST engine scan C:\Windows\system32
18:52:30.000 File: C:\Windows\assembly\GAC_32\Desktop.ini **INFECTED** Win32:Sirefef-PL [Rtk]
18:52:31.669 File: C:\Windows\assembly\GAC_64\Desktop.ini **INFECTED** Win32:Sirefef-PL [Rtk]
18:53:40.730 AVAST engine scan C:\Windows\system32\drivers
18:53:52.103 AVAST engine scan C:\Users\Miry
19:00:44.864 AVAST engine scan C:\ProgramData
19:03:04.203 Scan finished successfully
19:10:14.062 Disk 0 MBR has been saved successfully to "C:\Users\Miry\Desktop\MBR.dat"
19:10:14.078 The log file has been saved successfully to "C:\Users\Miry\Desktop\aswMBR.txt"
 
The internet wasn't working because the firewall was enabled. Disabling it got my internet connection working.
Click to expand...
Disabling a firewall is not a good idea.
Are you behind a router?

Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
 
Yes, I am using a router, but I have tried with a direct connection into my laptop (I've plugged the cable from the router into my laptop) and it didn't work, it couldn't connect to the internet

Here are the TDSSKiller results:

19:24:37.0463 6860TDSS rootkit removing tool 2.7.36.0 May 21 2012 16:40:16
19:24:39.0482 6860============================================================
19:24:39.0482 6860Current date / time: 2012/06/07 19:24:39.0482
19:24:39.0482 6860SystemInfo:
19:24:39.0482 6860
19:24:39.0482 6860OS Version: 6.1.7601 ServicePack: 1.0
19:24:39.0482 6860Product type: Workstation
19:24:39.0482 6860ComputerName: MIRY-PC
19:24:39.0482 6860UserName: Miry
19:24:39.0482 6860Windows directory: C:\Windows
19:24:39.0482 6860System windows directory: C:\Windows
19:24:39.0483 6860Running under WOW64
19:24:39.0483 6860Processor architecture: Intel x64
19:24:39.0483 6860Number of processors: 4
19:24:39.0483 6860Page size: 0x1000
19:24:39.0483 6860Boot type: Normal boot
19:24:39.0483 6860============================================================
19:24:40.0037 6860Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:24:40.0041 6860============================================================
19:24:40.0041 6860\Device\Harddisk0\DR0:
19:24:40.0080 6860MBR partitions:
19:24:40.0080 6860\Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1E00800, BlocksNum 0x32000
19:24:40.0080 6860\Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1E32800, BlocksNum 0x8C043E6
19:24:40.0096 6860\Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xAA36C25, BlocksNum 0x164E5C00
19:24:40.0115 6860\Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x20F1C868, BlocksNum 0x194683D9
19:24:40.0115 6860============================================================
19:24:40.0146 6860C: <-> \Device\Harddisk0\DR0\Partition1
19:24:40.0156 6860D: <-> \Device\Harddisk0\DR0\Partition2
19:24:40.0177 6860E: <-> \Device\Harddisk0\DR0\Partition3
19:24:40.0177 6860============================================================
19:24:40.0177 6860Initialize success
19:24:40.0177 6860============================================================
19:25:11.0488 1936============================================================
19:25:11.0488 1936Scan started
19:25:11.0488 1936Mode: Manual;
19:25:11.0488 1936============================================================
19:25:12.0094 19361394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
19:25:12.0101 19361394ohci - ok
19:25:12.0153 1936ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
19:25:12.0157 1936ACPI - ok
19:25:12.0191 1936AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
19:25:12.0192 1936AcpiPmi - ok
19:25:12.0281 1936adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
19:25:12.0301 1936adp94xx - ok
19:25:12.0373 1936adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
19:25:12.0398 1936adpahci - ok
19:25:12.0417 1936adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
19:25:12.0420 1936adpu320 - ok
19:25:12.0468 1936AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
19:25:12.0470 1936AeLookupSvc - ok
19:25:12.0550 1936AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
19:25:12.0586 1936AFD - ok
19:25:12.0623 1936agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
19:25:12.0625 1936agp440 - ok
19:25:12.0657 1936ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
19:25:12.0660 1936ALG - ok
19:25:12.0690 1936aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
19:25:12.0691 1936aliide - ok
19:25:12.0708 1936amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
19:25:12.0710 1936amdide - ok
19:25:12.0760 1936AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
19:25:12.0790 1936AmdK8 - ok
19:25:12.0800 1936AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
19:25:12.0802 1936AmdPPM - ok
19:25:12.0864 1936amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
19:25:12.0866 1936amdsata - ok
19:25:12.0901 1936amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
19:25:12.0910 1936amdsbs - ok
19:25:12.0959 1936amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
19:25:12.0961 1936amdxata - ok
19:25:13.0001 1936AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
19:25:13.0003 1936AppID - ok
19:25:13.0040 1936AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
19:25:13.0041 1936AppIDSvc - ok
19:25:13.0061 1936Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
19:25:13.0063 1936Appinfo - ok
19:25:13.0090 1936arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
19:25:13.0092 1936arc - ok
19:25:13.0120 1936arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
19:25:13.0122 1936arcsas - ok
19:25:13.0155 1936AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
19:25:13.0157 1936AsyncMac - ok
19:25:13.0176 1936atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
19:25:13.0177 1936atapi - ok
19:25:13.0249 1936AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
19:25:13.0266 1936AudioEndpointBuilder - ok
19:25:13.0276 1936AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
19:25:13.0281 1936AudioSrv - ok
19:25:13.0434 1936Autodesk Licensing Service (32a5defddc3562bf89d73586f5915b34) C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe
19:25:13.0436 1936Autodesk Licensing Service - ok
19:25:13.0536 1936avc3 (d6ad5a019a914616c7a702c00149283a) C:\Windows\system32\DRIVERS\avc3.sys
19:25:13.0554 1936avc3 - ok
19:25:13.0672 1936avckf (4598404e09f7bc80c53100c560b8c67e) C:\Windows\system32\DRIVERS\avckf.sys
19:25:13.0690 1936avckf - ok
19:25:13.0744 1936AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
19:25:13.0746 1936AxInstSV - ok
19:25:13.0806 1936b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
19:25:13.0823 1936b06bdrv - ok
19:25:13.0884 1936b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
19:25:13.0900 1936b57nd60a - ok
19:25:13.0941 1936b57xdbd (a424cb46a145e5aabf15621550976df2) C:\Windows\system32\drivers\b57xdbd.sys
19:25:13.0943 1936b57xdbd - ok
19:25:13.0961 1936b57xdmp (be4e6fd5a898812b85d5817ad9754a9f) C:\Windows\system32\drivers\b57xdmp.sys
19:25:13.0962 1936b57xdmp - ok
19:25:14.0260 1936BCM43XX (85111026f1c5a1c4cce3697f0da7bc1a) C:\Windows\system32\DRIVERS\bcmwl664.sys
19:25:14.0361 1936BCM43XX - ok
19:25:14.0490 1936BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
19:25:14.0492 1936BDESVC - ok
19:25:14.0543 1936BDFM (57a812537b752e2b0409576120183e4f) C:\Windows\system32\DRIVERS\bdfm.sys
19:25:14.0544 1936BDFM - ok
19:25:14.0655 1936Bdfndisf (7afb43894a9bcea183ebca27d2baa48c) c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys
19:25:14.0656 1936Bdfndisf - ok
19:25:14.0731 1936bdfsfltr (66116e0a4da8407ff7f2aaace52b8b54) C:\Windows\system32\DRIVERS\bdfsfltr.sys
19:25:14.0735 1936bdfsfltr - ok
19:25:14.0761 1936bdfwfpf (37e7491ca07ab737e68d655d658e1e94) C:\Program Files\Common Files\BitDefender\BitDefender Firewall\bdfwfpf.sys
19:25:14.0762 1936bdfwfpf - ok
19:25:14.0800 1936Bdvedisk (b89deff4817b4cc6fc2bcd8f83b4e75d) C:\Windows\system32\DRIVERS\bdvedisk.sys
19:25:14.0802 1936Bdvedisk - ok
19:25:14.0842 1936Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
19:25:14.0843 1936Beep - ok
19:25:14.0909 1936BITCOMET_HELPER_SERVICE - ok
19:25:14.0997 1936BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
19:25:15.0036 1936BITS - ok
19:25:15.0068 1936blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
19:25:15.0070 1936blbdrive - ok
19:25:15.0101 1936bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
19:25:15.0103 1936bowser - ok
19:25:15.0122 1936BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
19:25:15.0123 1936BrFiltLo - ok
19:25:15.0139 1936BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
19:25:15.0140 1936BrFiltUp - ok
19:25:15.0172 1936Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
19:25:15.0176 1936Browser - ok
19:25:15.0214 1936Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
19:25:15.0240 1936Brserid - ok
19:25:15.0280 1936BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
19:25:15.0281 1936BrSerWdm - ok
19:25:15.0303 1936BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
19:25:15.0304 1936BrUsbMdm - ok
19:25:15.0320 1936BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
19:25:15.0321 1936BrUsbSer - ok
19:25:15.0367 1936bScsiMSa (520408cfdb56de8cdb44b2f11b9c5b5c) C:\Windows\system32\drivers\bScsiMSa.sys
19:25:15.0368 1936bScsiMSa - ok
19:25:15.0396 1936bScsiSDa (9f880f03f4a72215c8b77fd51322c297) C:\Windows\system32\DRIVERS\bScsiSDa.sys
19:25:15.0398 1936bScsiSDa - ok
19:25:15.0419 1936BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
19:25:15.0421 1936BTHMODEM - ok
19:25:15.0462 1936bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
19:25:15.0464 1936bthserv - ok
19:25:15.0487 1936cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
19:25:15.0489 1936cdfs - ok
19:25:15.0530 1936cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
19:25:15.0533 1936cdrom - ok
19:25:15.0559 1936CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
19:25:15.0561 1936CertPropSvc - ok
19:25:15.0603 1936circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
19:25:15.0605 1936circlass - ok
19:25:15.0650 1936CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
19:25:15.0673 1936CLFS - ok
19:25:15.0743 1936clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:25:15.0745 1936clr_optimization_v2.0.50727_32 - ok
19:25:15.0794 1936clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:25:15.0796 1936clr_optimization_v2.0.50727_64 - ok
19:25:15.0870 1936clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:25:15.0895 1936clr_optimization_v4.0.30319_32 - ok
19:25:15.0941 1936clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:25:15.0944 1936clr_optimization_v4.0.30319_64 - ok
19:25:15.0972 1936CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
19:25:15.0974 1936CmBatt - ok
19:25:15.0996 1936cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
19:25:15.0997 1936cmdide - ok
19:25:16.0063 1936CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
19:25:16.0111 1936CNG - ok
19:25:16.0135 1936Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
19:25:16.0136 1936Compbatt - ok
19:25:16.0167 1936CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
19:25:16.0169 1936CompositeBus - ok
19:25:16.0180 1936COMSysApp - ok
19:25:16.0200 1936crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
19:25:16.0201 1936crcdisk - ok
19:25:16.0261 1936CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
19:25:16.0270 1936CryptSvc - ok
19:25:16.0334 1936dc3d (1ca90212a99db6975c344826d11055c9) C:\Windows\system32\DRIVERS\dc3d.sys
19:25:16.0335 1936dc3d - ok
19:25:16.0453 1936DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
19:25:16.0462 1936DcomLaunch - ok
19:25:16.0505 1936defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
19:25:16.0520 1936defragsvc - ok
19:25:16.0547 1936DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
19:25:16.0549 1936DfsC - ok
19:25:16.0615 1936Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
19:25:16.0629 1936Dhcp - ok
19:25:16.0659 1936discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
19:25:16.0660 1936discache - ok
19:25:16.0713 1936Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
19:25:16.0714 1936Disk - ok
19:25:16.0745 1936Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
19:25:16.0755 1936Dnscache - ok
19:25:16.0789 1936dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
19:25:16.0796 1936dot3svc - ok
19:25:16.0810 1936DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
19:25:16.0813 1936DPS - ok
19:25:16.0844 1936drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
19:25:16.0845 1936drmkaud - ok
19:25:16.0976 1936DsiWMIService (4ab2a58816cc6be771f1d8c768b804c5) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
19:25:16.0989 1936DsiWMIService - ok
19:25:17.0048 1936dtsoftbus01 (d3d64cf7b2bceaa34a270f45a3fffb36) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
19:25:17.0063 1936dtsoftbus01 - ok
19:25:17.0135 1936DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
19:25:17.0150 1936DXGKrnl - ok
19:25:17.0188 1936EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
19:25:17.0191 1936EapHost - ok
19:25:17.0372 1936ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
19:25:17.0450 1936ebdrv - ok
19:25:17.0586 1936EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
19:25:17.0588 1936EFS - ok
19:25:17.0717 1936ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
19:25:17.0749 1936ehRecvr - ok
19:25:17.0772 1936ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
19:25:17.0774 1936ehSched - ok
19:25:17.0858 1936elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
19:25:17.0873 1936elxstor - ok
19:25:17.0918 1936epmntdrv (9eafb3b3b60b8ad958985152a9309aca) C:\Windows\system32\epmntdrv.sys
19:25:17.0921 1936epmntdrv - ok
19:25:18.0047 1936ePowerSvc (ac5c64f828c0a6a1350971501ac2a0c7) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
19:25:18.0066 1936ePowerSvc - ok
19:25:18.0146 1936ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
19:25:18.0147 1936ErrDev - ok
19:25:18.0173 1936EuGdiDrv (fb949ed2c93c878a189039f3d7730942) C:\Windows\system32\EuGdiDrv.sys
19:25:18.0175 1936EuGdiDrv - ok
19:25:18.0235 1936EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
19:25:18.0245 1936EventSystem - ok
19:25:18.0274 1936exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
19:25:18.0284 1936exfat - ok
19:25:18.0329 1936fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
19:25:18.0338 1936fastfat - ok
19:25:18.0422 1936Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
19:25:18.0434 1936Fax - ok
19:25:18.0451 1936fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
19:25:18.0452 1936fdc - ok
19:25:18.0481 1936fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
19:25:18.0483 1936fdPHost - ok
19:25:18.0503 1936FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
19:25:18.0505 1936FDResPub - ok
19:25:18.0521 1936FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
19:25:18.0523 1936FileInfo - ok
19:25:18.0536 1936Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
19:25:18.0538 1936Filetrace - ok
19:25:18.0705 1936FLEXnet Licensing Service (bb0667b0171b632b97ea759515476f07) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
19:25:18.0721 1936FLEXnet Licensing Service - ok
19:25:18.0737 1936flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
19:25:18.0738 1936flpydisk - ok
19:25:18.0780 1936FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
19:25:18.0797 1936FltMgr - ok
19:25:18.0903 1936FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
19:25:18.0937 1936FontCache - ok
19:25:18.0995 1936FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:25:18.0997 1936FontCache3.0.0.0 - ok
19:25:19.0042 1936FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
19:25:19.0043 1936FsDepends - ok
19:25:19.0077 1936Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
19:25:19.0078 1936Fs_Rec - ok
19:25:19.0104 1936fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
19:25:19.0107 1936fvevol - ok
19:25:19.0184 1936gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
19:25:19.0186 1936gagp30kx - ok
19:25:19.0270 1936gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
19:25:19.0291 1936gpsvc - ok
19:25:19.0364 1936GREGService (84e58fea8b1a7537696a20c59cb9b0c9) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
19:25:19.0365 1936GREGService - ok
19:25:19.0508 1936gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:25:19.0509 1936gupdate - ok
19:25:19.0526 1936gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:25:19.0527 1936gupdatem - ok
19:25:19.0580 1936gusvc (c1b577b2169900f4cf7190c39f085794) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
19:25:19.0593 1936gusvc - ok
19:25:19.0619 1936hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
19:25:19.0621 1936hcw85cir - ok
19:25:19.0669 1936HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
19:25:19.0704 1936HdAudAddService - ok
19:25:19.0746 1936HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
19:25:19.0748 1936HDAudBus - ok
19:25:19.0763 1936HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
19:25:19.0764 1936HidBatt - ok
19:25:19.0785 1936HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
19:25:19.0787 1936HidBth - ok
19:25:19.0802 1936HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
19:25:19.0804 1936HidIr - ok
19:25:19.0835 1936hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
19:25:19.0837 1936hidserv - ok
19:25:19.0863 1936HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
19:25:19.0864 1936HidUsb - ok
19:25:19.0892 1936hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
19:25:19.0895 1936hkmsvc - ok
19:25:19.0927 1936HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
19:25:19.0945 1936HomeGroupListener - ok
19:25:19.0990 1936HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
19:25:19.0996 1936HomeGroupProvider - ok
19:25:20.0033 1936HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
19:25:20.0035 1936HpSAMD - ok
19:25:20.0416 1936HPSLPSVC (f37882f128efacefe353e0bae2766909) C:\Users\Miry\AppData\Local\Temp\7zS6693\hpslpsvc64.dll
19:25:20.0439 1936HPSLPSVC - ok
19:25:20.0598 1936HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
19:25:20.0612 1936HTTP - ok
19:25:20.0666 1936hwdatacard (4b5c07db91a0099272faae732e1152bd) C:\Windows\system32\DRIVERS\ewusbmdm.sys
19:25:20.0668 1936hwdatacard - ok
19:25:20.0686 1936hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
19:25:20.0687 1936hwpolicy - ok
19:25:20.0730 1936hwusbfake (1f24cf1f7db6d4461ac65a86db8e4bc2) C:\Windows\system32\DRIVERS\ewusbfake.sys
19:25:20.0732 1936hwusbfake - ok
19:25:20.0762 1936i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
19:25:20.0764 1936i8042prt - ok
19:25:20.0827 1936iaStor (f7ce9be72edac499b713eca6dae5d26f) C:\Windows\system32\drivers\iaStor.sys
19:25:20.0830 1936iaStor - ok
19:25:20.0938 1936IAStorDataMgrSvc (b25f192ea1f84a316eb7c19efcccf33d) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
19:25:20.0939 1936IAStorDataMgrSvc - ok
19:25:21.0016 1936iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
19:25:21.0026 1936iaStorV - ok
19:25:21.0119 1936idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:25:21.0140 1936idsvc - ok
19:25:21.0825 1936igfx (6383899c5f964d71b0f96b81fbe59bb8) C:\Windows\system32\DRIVERS\igdkmd64.sys
19:25:22.0079 1936igfx - ok
19:25:22.0165 1936iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
19:25:22.0166 1936iirsp - ok
19:25:22.0272 1936IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
19:25:22.0293 1936IKEEXT - ok
19:25:22.0476 1936IntcAzAudAddService (b60accd29f8fafc4a6344cd2bd5ca3a5) C:\Windows\system32\drivers\RTKVHD64.sys
19:25:22.0538 1936IntcAzAudAddService - ok
19:25:22.0719 1936IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys
19:25:22.0734 1936IntcDAud - ok
19:25:22.0765 1936intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
19:25:22.0766 1936intelide - ok
19:25:22.0803 1936intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
19:25:22.0805 1936intelppm - ok
19:25:22.0843 1936IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
19:25:22.0847 1936IPBusEnum - ok
19:25:22.0882 1936IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:25:22.0885 1936IpFilterDriver - ok
19:25:22.0913 1936IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
19:25:22.0914 1936IPMIDRV - ok
19:25:22.0945 1936IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
19:25:22.0948 1936IPNAT - ok
19:25:22.0981 1936IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
19:25:22.0983 1936IRENUM - ok
19:25:22.0988 1936isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
19:25:22.0990 1936isapnp - ok
19:25:23.0027 1936iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
19:25:23.0043 1936iScsiPrt - ok
19:25:23.0119 1936k57nd60a (0469bff65bbdee9e46d0c45ee32a08bd) C:\Windows\system32\DRIVERS\k57nd60a.sys
19:25:23.0128 1936k57nd60a - ok
19:25:23.0153 1936kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
19:25:23.0155 1936kbdclass - ok
19:25:23.0180 1936kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
19:25:23.0181 1936kbdhid - ok
19:25:23.0219 1936KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:25:23.0221 1936KeyIso - ok
19:25:23.0266 1936KMService - ok
19:25:23.0288 1936KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
19:25:23.0290 1936KSecDD - ok
19:25:23.0322 1936KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
19:25:23.0324 1936KSecPkg - ok
19:25:23.0346 1936ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
19:25:23.0347 1936ksthunk - ok
19:25:23.0423 1936KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
19:25:23.0434 1936KtmRm - ok
19:25:23.0502 1936LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
19:25:23.0506 1936LanmanServer - ok
19:25:23.0556 1936LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
19:25:23.0560 1936LanmanWorkstation - ok
19:25:23.0635 1936Live Updater Service (6bcee9c766815bfff89de7d81af34ce1) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
19:25:23.0642 1936Live Updater Service - ok
19:25:23.0691 1936lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
19:25:23.0693 1936lltdio - ok
19:25:23.0750 1936lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
19:25:23.0787 1936lltdsvc - ok
19:25:23.0804 1936lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
19:25:23.0806 1936lmhosts - ok
19:25:23.0929 1936LMS (50c7ce53ef461870410355f1f2e7d515) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
19:25:23.0943 1936LMS - ok
19:25:23.0988 1936LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
19:25:23.0990 1936LSI_FC - ok
19:25:24.0011 1936LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
19:25:24.0013 1936LSI_SAS - ok
19:25:24.0076 1936LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
19:25:24.0080 1936LSI_SAS2 - ok
19:25:24.0123 1936LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
19:25:24.0126 1936LSI_SCSI - ok
19:25:24.0144 1936luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
19:25:24.0146 1936luafv - ok
19:25:24.0216 1936massfilter (23488767cb18fc3ff39e3af1db3fb02c) C:\Windows\system32\drivers\massfilter.sys
19:25:24.0217 1936massfilter - ok
19:25:24.0250 1936Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
19:25:24.0253 1936Mcx2Svc - ok
19:25:24.0267 1936megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
19:25:24.0268 1936megasas - ok
19:25:24.0321 1936MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
19:25:24.0338 1936MegaSR - ok
19:25:24.0374 1936MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys
19:25:24.0376 1936MEIx64 - ok
19:25:24.0471 1936Microsoft SharePoint Workspace Audit Service - ok
19:25:24.0495 1936MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
19:25:24.0497 1936MMCSS - ok
19:25:24.0522 1936Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
19:25:24.0524 1936Modem - ok
19:25:24.0573 1936monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
19:25:24.0574 1936monitor - ok
19:25:24.0610 1936mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
19:25:24.0612 1936mouclass - ok
19:25:24.0637 1936mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
19:25:24.0638 1936mouhid - ok
19:25:24.0675 1936mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
19:25:24.0677 1936mountmgr - ok
19:25:24.0707 1936mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
19:25:24.0710 1936mpio - ok
19:25:24.0734 1936mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
19:25:24.0736 1936mpsdrv - ok
19:25:24.0765 1936MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
19:25:24.0768 1936MRxDAV - ok
19:25:24.0811 1936mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
19:25:24.0822 1936mrxsmb - ok
19:25:24.0870 1936mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:25:24.0896 1936mrxsmb10 - ok
19:25:24.0921 1936mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:25:24.0923 1936mrxsmb20 - ok
19:25:24.0938 1936msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
19:25:24.0939 1936msahci - ok
19:25:24.0961 1936msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
19:25:24.0964 1936msdsm - ok
19:25:25.0005 1936MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
19:25:25.0016 1936MSDTC - ok
19:25:25.0046 1936Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
19:25:25.0048 1936Msfs - ok
19:25:25.0072 1936mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
19:25:25.0073 1936mshidkmdf - ok
19:25:25.0087 1936msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
19:25:25.0088 1936msisadrv - ok
19:25:25.0133 1936MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
19:25:25.0137 1936MSiSCSI - ok
19:25:25.0141 1936msiserver - ok
19:25:25.0182 1936MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
19:25:25.0183 1936MSKSSRV - ok
19:25:25.0215 1936MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
19:25:25.0216 1936MSPCLOCK - ok
19:25:25.0224 1936MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
19:25:25.0225 1936MSPQM - ok
19:25:25.0266 1936MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
19:25:25.0322 1936MsRPC - ok
19:25:25.0357 1936mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
19:25:25.0359 1936mssmbios - ok
19:25:25.0371 1936MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
19:25:25.0372 1936MSTEE - ok
19:25:25.0387 1936MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
19:25:25.0388 1936MTConfig - ok
19:25:25.0414 1936Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
19:25:25.0415 1936Mup - ok
19:25:25.0496 1936napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
19:25:25.0521 1936napagent - ok
19:25:25.0577 1936NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
19:25:25.0591 1936NativeWifiP - ok
19:25:25.0791 1936NBService (b498a14133bd09ad0817590ace4470ad) C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
19:25:25.0821 1936NBService - ok
19:25:25.0914 1936NDIS (c38b8ae57f78915905064a9a24dc1586) C:\Windows\system32\drivers\ndis.sys
19:25:25.0925 1936NDIS - ok
19:25:25.0942 1936NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
19:25:25.0944 1936NdisCap - ok
19:25:25.0969 1936NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
19:25:25.0971 1936NdisTapi - ok
19:25:26.0011 1936Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
19:25:26.0013 1936Ndisuio - ok
19:25:26.0036 1936NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
19:25:26.0047 1936NdisWan - ok
19:25:26.0077 1936NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
19:25:26.0079 1936NDProxy - ok
19:25:26.0090 1936NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
19:25:26.0091 1936NetBIOS - ok
19:25:26.0131 1936NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
19:25:26.0137 1936NetBT - ok
19:25:26.0174 1936Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:25:26.0176 1936Netlogon - ok
19:25:26.0241 1936Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
19:25:26.0253 1936Netman - ok
19:25:26.0292 1936netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
19:25:26.0310 1936netprofm - ok
19:25:26.0384 1936NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:25:26.0386 1936NetTcpPortSharing - ok
19:25:26.0423 1936nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
19:25:26.0425 1936nfrd960 - ok
19:25:26.0479 1936NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
19:25:26.0494 1936NlaSvc - ok
19:25:26.0657 1936NMIndexingService (a328a46d87bb92ce4d8a4528e9d84787) C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
19:25:26.0673 1936NMIndexingService - ok
19:25:26.0857 1936NOBU (5839a8027d6d324a7cd494051a96628c) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
19:25:26.0935 1936NOBU - ok
19:25:27.0054 1936Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
19:25:27.0056 1936Npfs - ok
19:25:27.0085 1936nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
19:25:27.0087 1936nsi - ok
19:25:27.0095 1936nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
19:25:27.0097 1936nsiproxy - ok
19:25:27.0231 1936Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
19:25:27.0272 1936Ntfs - ok
19:25:27.0408 1936NTI IScheduleSvc (6cc09d2f0ba4a09babc3c41b8fd888f7) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
19:25:27.0424 1936NTI IScheduleSvc - ok
19:25:27.0518 1936NTIDrvr (ee3ba1024594d5d09e314f206b94069e) C:\Windows\system32\drivers\NTIDrvr.sys
19:25:27.0519 1936NTIDrvr - ok
19:25:27.0530 1936Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
19:25:27.0530 1936Null - ok
19:25:28.0226 1936nvlddmkm (9c1996dd3c0469bc8933321f15709f5a) C:\Windows\system32\DRIVERS\nvlddmkm.sys
19:25:28.0499 1936nvlddmkm - ok
19:25:28.0636 1936nvpciflt (6856261c915dd080dbadae9d6b788d85) C:\Windows\system32\DRIVERS\nvpciflt.sys
19:25:28.0638 1936nvpciflt - ok
19:25:28.0688 1936nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
19:25:28.0691 1936nvraid - ok
19:25:28.0723 1936nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
19:25:28.0733 1936nvstor - ok
19:25:28.0894 1936nvsvc (34e5498528bb3d5a951f889f8756ad26) C:\Windows\system32\nvvsvc.exe
19:25:28.0915 1936nvsvc - ok
19:25:29.0155 1936nvUpdatusService (cd0bfaa6872cfe38c908d313ae17c350) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
19:25:29.0207 1936nvUpdatusService - ok
19:25:29.0297 1936nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
19:25:29.0299 1936nv_agp - ok
19:25:29.0316 1936ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
19:25:29.0318 1936ohci1394 - ok
19:25:29.0479 1936ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:25:29.0482 1936ose - ok
19:25:29.0822 1936osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
19:25:29.0928 1936osppsvc - ok
19:25:30.0026 1936p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
19:25:30.0032 1936p2pimsvc - ok
19:25:30.0093 1936p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
19:25:30.0102 1936p2psvc - ok
19:25:30.0135 1936Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
19:25:30.0137 1936Parport - ok
19:25:30.0177 1936partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
19:25:30.0179 1936partmgr - ok
19:25:30.0216 1936PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
19:25:30.0220 1936PcaSvc - ok
19:25:30.0264 1936pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
19:25:30.0274 1936pci - ok
19:25:30.0279 1936pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
19:25:30.0280 1936pciide - ok
19:25:30.0307 1936pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
19:25:30.0332 1936pcmcia - ok
19:25:30.0357 1936pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
19:25:30.0359 1936pcw - ok
19:25:30.0431 1936PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
19:25:30.0439 1936PEAUTH - ok
19:25:30.0601 1936PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
19:25:30.0604 1936PerfHost - ok
19:25:30.0801 1936pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
19:25:30.0840 1936pla - ok
19:25:30.0909 1936PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
19:25:30.0915 1936PlugPlay - ok
19:25:30.0932 1936PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
19:25:30.0936 1936PNRPAutoReg - ok
19:25:30.0971 1936PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
19:25:30.0975 1936PNRPsvc - ok
19:25:31.0037 1936Point64 (4f0878fd62d5f7444c5f1c4c66d9d293) C:\Windows\system32\DRIVERS\point64.sys
19:25:31.0038 1936Point64 - ok
19:25:31.0093 1936PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
19:25:31.0109 1936PolicyAgent - ok
19:25:31.0148 1936Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
19:25:31.0152 1936Power - ok
19:25:31.0194 1936PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
19:25:31.0196 1936PptpMiniport - ok
19:25:31.0221 1936Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
19:25:31.0222 1936Processor - ok
19:25:31.0271 1936ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
19:25:31.0280 1936ProfSvc - ok
19:25:31.0308 1936ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:25:31.0310 1936ProtectedStorage - ok
19:25:31.0351 1936Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
19:25:31.0354 1936Psched - ok
19:25:31.0468 1936ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
19:25:31.0506 1936ql2300 - ok
19:25:31.0651 1936ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
19:25:31.0716 1936ql40xx - ok
19:25:31.0747 1936QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
19:25:31.0753 1936QWAVE - ok
19:25:31.0775 1936QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
19:25:31.0777 1936QWAVEdrv - ok
19:25:31.0787 1936RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
19:25:31.0790 1936RasAcd - ok
19:25:31.0831 1936RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
19:25:31.0833 1936RasAgileVpn - ok
19:25:31.0864 1936RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
19:25:31.0867 1936RasAuto - ok
19:25:31.0898 1936Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
19:25:31.0901 1936Rasl2tp - ok
19:25:31.0948 1936RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
19:25:31.0961 1936RasMan - ok
19:25:31.0978 1936RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
19:25:31.0981 1936RasPppoe - ok
19:25:31.0999 1936RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
19:25:32.0001 1936RasSstp - ok
19:25:32.0038 1936rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
19:25:32.0053 1936rdbss - ok
19:25:32.0070 1936rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
19:25:32.0071 1936rdpbus - ok
19:25:32.0090 1936RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
19:25:32.0091 1936RDPCDD - ok
19:25:32.0117 1936RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
19:25:32.0118 1936RDPENCDD - ok
19:25:32.0135 1936RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
19:25:32.0136 1936RDPREFMP - ok
19:25:32.0185 1936RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
19:25:32.0193 1936RDPWD - ok
19:25:32.0210 1936rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
19:25:32.0213 1936rdyboost - ok
19:25:32.0252 1936RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
19:25:32.0255 1936RemoteAccess - ok
19:25:32.0291 1936RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
19:25:32.0302 1936RemoteRegistry - ok
19:25:32.0328 1936RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
19:25:32.0331 1936RpcEptMapper - ok
19:25:32.0350 1936RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
19:25:32.0352 1936RpcLocator - ok
19:25:32.0403 1936RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
19:25:32.0408 1936RpcSs - ok
19:25:32.0431 1936rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
19:25:32.0433 1936rspndr - ok
19:25:32.0464 1936SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:25:32.0465 1936SamSs - ok
19:25:32.0490 1936sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
19:25:32.0493 1936sbp2port - ok
19:25:32.0521 1936SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
19:25:32.0530 1936SCardSvr - ok
19:25:32.0553 1936scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
19:25:32.0554 1936scfilter - ok
19:25:32.0690 1936Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
19:25:32.0724 1936Schedule - ok
19:25:32.0759 1936SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
19:25:32.0760 1936SCPolicySvc - ok
19:25:32.0784 1936sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\DRIVERS\sdbus.sys
19:25:32.0787 1936sdbus - ok
19:25:32.0817 1936SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
19:25:32.0828 1936SDRSVC - ok
19:25:32.0855 1936secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
19:25:32.0856 1936secdrv - ok
19:25:32.0881 1936seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
19:25:32.0883 1936seclogon - ok
19:25:32.0904 1936SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
19:25:32.0906 1936SENS - ok
19:25:32.0964 1936SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
19:25:32.0967 1936SensrSvc - ok
19:25:32.0994 1936Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
19:25:32.0995 1936Serenum - ok
19:25:33.0020 1936Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
19:25:33.0022 1936Serial - ok
19:25:33.0027 1936sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
19:25:33.0029 1936sermouse - ok
19:25:33.0058 1936SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
19:25:33.0061 1936SessionEnv - ok
19:25:33.0067 1936sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
19:25:33.0068 1936sffdisk - ok
19:25:33.0074 1936sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
19:25:33.0075 1936sffp_mmc - ok
19:25:33.0080 1936sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
19:25:33.0082 1936sffp_sd - ok
19:25:33.0087 1936sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
19:25:33.0088 1936sfloppy - ok
19:25:33.0134 1936ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
19:25:33.0139 1936ShellHWDetection - ok
19:25:33.0175 1936SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
19:25:33.0177 1936SiSRaid2 - ok
19:25:33.0196 1936SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
19:25:33.0198 1936SiSRaid4 - ok
19:25:33.0289 1936SkypeUpdate (17eab7852ff9f15fbaab4e95efc0b812) C:\Program Files (x86)\Skype\Updater\Updater.exe
19:25:33.0292 1936SkypeUpdate - ok
19:25:33.0303 1936Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
19:25:33.0305 1936Smb - ok
19:25:33.0334 1936SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
19:25:33.0337 1936SNMPTRAP - ok
19:25:33.0352 1936spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
19:25:33.0353 1936spldr - ok
19:25:33.0411 1936Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
19:25:33.0429 1936Spooler - ok
19:25:33.0689 1936sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
19:25:33.0774 1936sppsvc - ok
19:25:33.0933 1936sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
 
19:25:34.0031 1936 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
19:25:34.0056 1936 srv - ok
19:25:34.0122 1936 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
19:25:34.0162 1936 srv2 - ok
19:25:34.0186 1936 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
19:25:34.0188 1936 srvnet - ok
19:25:34.0259 1936 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
19:25:34.0268 1936 SSDPSRV - ok
19:25:34.0305 1936 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
19:25:34.0307 1936 SstpSvc - ok
19:25:34.0331 1936 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
19:25:34.0333 1936 stexstor - ok
19:25:34.0415 1936 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
19:25:34.0425 1936 stisvc - ok
19:25:34.0438 1936 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
19:25:34.0439 1936 swenum - ok
19:25:34.0491 1936 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
19:25:34.0507 1936 swprv - ok
19:25:34.0666 1936 SynTP (ef51b22706db03f0857fade127c804ec) C:\Windows\system32\DRIVERS\SynTP.sys
19:25:34.0703 1936 SynTP - ok
19:25:34.0948 1936 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
19:25:35.0002 1936 SysMain - ok
19:25:35.0082 1936 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
19:25:35.0085 1936 TabletInputService - ok
19:25:35.0139 1936 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
19:25:35.0179 1936 TapiSrv - ok
19:25:35.0207 1936 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
19:25:35.0210 1936 TBS - ok
19:25:35.0375 1936 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
19:25:35.0426 1936 Tcpip - ok
19:25:35.0656 1936 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
19:25:35.0669 1936 TCPIP6 - ok
19:25:35.0741 1936 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
19:25:35.0743 1936 tcpipreg - ok
19:25:35.0765 1936 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
19:25:35.0766 1936 TDPIPE - ok
19:25:35.0798 1936 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
19:25:35.0800 1936 TDTCP - ok
19:25:35.0830 1936 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
19:25:35.0832 1936 tdx - ok
19:25:35.0852 1936 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
19:25:35.0854 1936 TermDD - ok
19:25:35.0928 1936 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
19:25:35.0946 1936 TermService - ok
19:25:35.0963 1936 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
19:25:35.0966 1936 Themes - ok
19:25:35.0995 1936 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
19:25:35.0997 1936 THREADORDER - ok
19:25:36.0022 1936 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
19:25:36.0027 1936 TrkWks - ok
19:25:36.0109 1936 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
19:25:36.0112 1936 TrustedInstaller - ok
19:25:36.0142 1936 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
19:25:36.0144 1936 tssecsrv - ok
19:25:36.0174 1936 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
19:25:36.0177 1936 TsUsbFlt - ok
19:25:36.0193 1936 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
19:25:36.0195 1936 TsUsbGD - ok
19:25:36.0238 1936 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
19:25:36.0241 1936 tunnel - ok
19:25:36.0262 1936 TurboB (48743b69ea47c020a792d8649f753f44) C:\Windows\system32\DRIVERS\TurboB.sys
19:25:36.0264 1936 TurboB - ok
19:25:36.0357 1936 TurboBoost (759f59e3ea3802ff23f93dcdb6fe9171) C:\Program Files\Intel\TurboBoost\TurboBoost.exe
19:25:36.0359 1936 TurboBoost - ok
19:25:36.0367 1936 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
19:25:36.0369 1936 uagp35 - ok
19:25:36.0382 1936 UBHelper (a17d5e1a6df4eab0a480f2c490de4c9d) C:\Windows\system32\drivers\UBHelper.sys
19:25:36.0383 1936 UBHelper - ok
19:25:36.0420 1936 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
19:25:36.0433 1936 udfs - ok
19:25:36.0556 1936 UI Assistant Service (528610a96539cd6ad6b68b199e2f3c73) C:\Program Files (x86)\ZTE Join Air\AssistantServices.exe
19:25:36.0563 1936 UI Assistant Service - ok
19:25:36.0588 1936 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
19:25:36.0590 1936 UI0Detect - ok
19:25:36.0625 1936 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
19:25:36.0626 1936 uliagpkx - ok
19:25:36.0650 1936 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
19:25:36.0651 1936 umbus - ok
19:25:36.0656 1936 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
19:25:36.0657 1936 UmPass - ok
19:25:36.0881 1936 UNS (374ebda379a8f38e0cfc2211611e7167) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
19:25:36.0939 1936 UNS - ok
19:25:37.0049 1936 Update Server (6796a8ee849de9efb76188c34b9999e2) C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe
19:25:37.0052 1936 Update Server - ok
19:25:37.0124 1936 Updatesrv (4e3696d404b2d4d0c370d1faba2123ed) C:\Program Files\BitDefender\BitDefender 2011\updatesrv.exe
19:25:37.0125 1936 Updatesrv - ok
19:25:37.0275 1936 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
19:25:37.0289 1936 upnphost - ok
19:25:37.0328 1936 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
19:25:37.0330 1936 usbccgp - ok
19:25:37.0374 1936 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
19:25:37.0377 1936 usbcir - ok
19:25:37.0403 1936 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
19:25:37.0404 1936 usbehci - ok
19:25:37.0506 1936 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
19:25:37.0521 1936 usbhub - ok
19:25:37.0541 1936 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
19:25:37.0542 1936 usbohci - ok
19:25:37.0622 1936 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
19:25:37.0654 1936 usbprint - ok
19:25:37.0684 1936 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:25:37.0686 1936 USBSTOR - ok
19:25:37.0705 1936 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
19:25:37.0706 1936 usbuhci - ok
19:25:37.0741 1936 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
19:25:37.0751 1936 usbvideo - ok
19:25:37.0783 1936 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
19:25:37.0786 1936 UxSms - ok
19:25:37.0819 1936 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:25:37.0821 1936 VaultSvc - ok
19:25:37.0837 1936 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
19:25:37.0839 1936 vdrvroot - ok
19:25:37.0897 1936 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
19:25:37.0940 1936 vds - ok
19:25:37.0966 1936 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
19:25:37.0967 1936 vga - ok
19:25:37.0984 1936 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
19:25:37.0986 1936 VgaSave - ok
19:25:38.0003 1936 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
19:25:38.0006 1936 vhdmp - ok
19:25:38.0012 1936 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
19:25:38.0013 1936 viaide - ok
19:25:38.0121 1936 VMCService (b3bfbb9c45bdaf3ecb4d1456f9017f95) C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
19:25:38.0122 1936 VMCService - ok
19:25:38.0144 1936 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
19:25:38.0145 1936 volmgr - ok
19:25:38.0183 1936 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
19:25:38.0188 1936 volmgrx - ok
19:25:38.0210 1936 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
19:25:38.0213 1936 volsnap - ok
19:25:38.0253 1936 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
19:25:38.0265 1936 vsmraid - ok
19:25:38.0390 1936 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
19:25:38.0421 1936 VSS - ok
19:25:38.0507 1936 VSSERV - ok
19:25:38.0660 1936 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
19:25:38.0662 1936 vwifibus - ok
19:25:38.0698 1936 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
19:25:38.0699 1936 vwififlt - ok
19:25:38.0753 1936 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
19:25:38.0763 1936 W32Time - ok
19:25:38.0779 1936 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
19:25:38.0781 1936 WacomPen - ok
19:25:38.0819 1936 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
19:25:38.0820 1936 WANARP - ok
19:25:38.0824 1936 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
19:25:38.0826 1936 Wanarpv6 - ok
19:25:38.0963 1936 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
19:25:38.0993 1936 WatAdminSvc - ok
19:25:39.0125 1936 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
19:25:39.0166 1936 wbengine - ok
19:25:39.0298 1936 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
19:25:39.0307 1936 WbioSrvc - ok
19:25:39.0350 1936 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
19:25:39.0361 1936 wcncsvc - ok
19:25:39.0379 1936 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
19:25:39.0382 1936 WcsPlugInService - ok
19:25:39.0415 1936 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
19:25:39.0417 1936 Wd - ok
19:25:39.0477 1936 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
19:25:39.0487 1936 Wdf01000 - ok
19:25:39.0506 1936 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
19:25:39.0509 1936 WdiServiceHost - ok
19:25:39.0513 1936 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
19:25:39.0516 1936 WdiSystemHost - ok
19:25:39.0555 1936 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
19:25:39.0573 1936 WebClient - ok
19:25:39.0601 1936 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
19:25:39.0619 1936 Wecsvc - ok
19:25:39.0656 1936 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
19:25:39.0659 1936 wercplsupport - ok
19:25:39.0696 1936 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
19:25:39.0699 1936 WerSvc - ok
19:25:39.0763 1936 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
19:25:39.0764 1936 WfpLwf - ok
19:25:39.0781 1936 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
19:25:39.0782 1936 WIMMount - ok
19:25:39.0788 1936 WinHttpAutoProxySvc - ok
19:25:39.0875 1936 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
19:25:39.0893 1936 Winmgmt - ok
19:25:40.0100 1936 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
19:25:40.0138 1936 WinRM - ok
19:25:40.0317 1936 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
19:25:40.0320 1936 WinUsb - ok
19:25:40.0392 1936 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
19:25:40.0411 1936 Wlansvc - ok
19:25:40.0499 1936 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
19:25:40.0501 1936 wlcrasvc - ok
19:25:40.0662 1936 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:25:40.0717 1936 wlidsvc - ok
19:25:40.0854 1936 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
19:25:40.0855 1936 WmiAcpi - ok
19:25:40.0926 1936 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
19:25:40.0935 1936 wmiApSrv - ok
19:25:40.0976 1936 WMPNetworkSvc - ok
19:25:41.0012 1936 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
19:25:41.0015 1936 WPCSvc - ok
19:25:41.0046 1936 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
19:25:41.0050 1936 WPDBusEnum - ok
19:25:41.0069 1936 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
19:25:41.0070 1936 ws2ifsl - ok
19:25:41.0074 1936 WSearch - ok
19:25:41.0244 1936 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
19:25:41.0305 1936 wuauserv - ok
19:25:41.0406 1936 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
19:25:41.0408 1936 WudfPf - ok
19:25:41.0452 1936 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
19:25:41.0462 1936 WUDFRd - ok
19:25:41.0496 1936 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
19:25:41.0499 1936 wudfsvc - ok
19:25:41.0533 1936 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
19:25:41.0540 1936 WwanSvc - ok
19:25:41.0704 1936 YahooAUService (dd0042f0c3b606a6a8b92d49afb18ad6) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
19:25:41.0727 1936 YahooAUService - ok
19:25:41.0791 1936 ZTEusbmdm6k (f98415e5b83742c901d0a336972509a0) C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys
19:25:41.0793 1936 ZTEusbmdm6k - ok
19:25:41.0842 1936 ZTEusbnmea (f98415e5b83742c901d0a336972509a0) C:\Windows\system32\DRIVERS\ZTEusbnmea.sys
19:25:41.0844 1936 ZTEusbnmea - ok
19:25:41.0885 1936 ZTEusbser6k (f98415e5b83742c901d0a336972509a0) C:\Windows\system32\DRIVERS\ZTEusbser6k.sys
19:25:41.0887 1936 ZTEusbser6k - ok
19:25:41.0912 1936 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
19:25:42.0177 1936 \Device\Harddisk0\DR0 - ok
19:25:42.0180 1936 Boot (0x1200) (f7eb95504d62af3f5b02a0c565bd5888) \Device\Harddisk0\DR0\Partition0
19:25:42.0182 1936 \Device\Harddisk0\DR0\Partition0 - ok
19:25:42.0197 1936 Boot (0x1200) (8ce2ec83f9a6174aab10af840c3ac270) \Device\Harddisk0\DR0\Partition1
19:25:42.0200 1936 \Device\Harddisk0\DR0\Partition1 - ok
19:25:42.0216 1936 Boot (0x1200) (4d52e0231c355bcd08b556546ae55437) \Device\Harddisk0\DR0\Partition2
19:25:42.0218 1936 \Device\Harddisk0\DR0\Partition2 - ok
19:25:42.0246 1936 Boot (0x1200) (bcac51f6fa73b4b51d8a2579991eb9e7) \Device\Harddisk0\DR0\Partition3
19:25:42.0248 1936 \Device\Harddisk0\DR0\Partition3 - ok
19:25:42.0249 1936 ============================================================
19:25:42.0249 1936 Scan finished
19:25:42.0249 1936 ============================================================
19:25:42.0262 5812 Detected object count: 0
19:25:42.0262 5812 Actual detected object count: 0
19:26:29.0249 0936 ============================================================
19:26:29.0249 0936 Scan started
19:26:29.0249 0936 Mode: Manual; SigCheck; TDLFS;
19:26:29.0249 0936 ============================================================
19:26:29.0492 0936 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
19:26:29.0619 0936 1394ohci - ok
19:26:29.0661 0936 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
19:26:29.0684 0936 ACPI - ok
19:26:29.0722 0936 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
19:26:29.0805 0936 AcpiPmi - ok
19:26:29.0896 0936 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
19:26:29.0921 0936 adp94xx - ok
19:26:29.0981 0936 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
19:26:30.0003 0936 adpahci - ok
19:26:30.0027 0936 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
19:26:30.0046 0936 adpu320 - ok
19:26:30.0088 0936 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
19:26:30.0228 0936 AeLookupSvc - ok
19:26:30.0301 0936 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
19:26:30.0345 0936 AFD - ok
19:26:30.0365 0936 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
19:26:30.0381 0936 agp440 - ok
19:26:30.0411 0936 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
19:26:30.0455 0936 ALG - ok
19:26:30.0477 0936 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
19:26:30.0492 0936 aliide - ok
19:26:30.0517 0936 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
19:26:30.0533 0936 amdide - ok
19:26:30.0559 0936 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
19:26:30.0599 0936 AmdK8 - ok
19:26:30.0612 0936 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
19:26:30.0652 0936 AmdPPM - ok
19:26:30.0695 0936 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
19:26:30.0711 0936 amdsata - ok
19:26:30.0756 0936 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
19:26:30.0775 0936 amdsbs - ok
19:26:30.0801 0936 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
19:26:30.0819 0936 amdxata - ok
19:26:30.0843 0936 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
19:26:31.0034 0936 AppID - ok
19:26:31.0081 0936 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
19:26:31.0142 0936 AppIDSvc - ok
19:26:31.0169 0936 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
19:26:31.0228 0936 Appinfo - ok
19:26:31.0255 0936 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
19:26:31.0272 0936 arc - ok
19:26:31.0294 0936 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
19:26:31.0311 0936 arcsas - ok
19:26:31.0329 0936 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
19:26:31.0403 0936 AsyncMac - ok
19:26:31.0428 0936 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
19:26:31.0448 0936 atapi - ok
19:26:31.0513 0936 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
19:26:31.0573 0936 AudioEndpointBuilder - ok
19:26:31.0584 0936 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
19:26:31.0645 0936 AudioSrv - ok
19:26:31.0775 0936 Autodesk Licensing Service (32a5defddc3562bf89d73586f5915b34) C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe
19:26:31.0804 0936 Autodesk Licensing Service - ok
19:26:31.0877 0936 avc3 (d6ad5a019a914616c7a702c00149283a) C:\Windows\system32\DRIVERS\avc3.sys
19:26:31.0947 0936 avc3 - ok
19:26:32.0034 0936 avckf (4598404e09f7bc80c53100c560b8c67e) C:\Windows\system32\DRIVERS\avckf.sys
19:26:32.0067 0936 avckf - ok
19:26:32.0096 0936 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
19:26:32.0186 0936 AxInstSV - ok
19:26:32.0250 0936 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
19:26:32.0295 0936 b06bdrv - ok
19:26:32.0336 0936 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
19:26:32.0379 0936 b57nd60a - ok
19:26:32.0415 0936 b57xdbd (a424cb46a145e5aabf15621550976df2) C:\Windows\system32\drivers\b57xdbd.sys
19:26:32.0430 0936 b57xdbd - ok
19:26:32.0446 0936 b57xdmp (be4e6fd5a898812b85d5817ad9754a9f) C:\Windows\system32\drivers\b57xdmp.sys
19:26:32.0459 0936 b57xdmp - ok
19:26:32.0766 0936 BCM43XX (85111026f1c5a1c4cce3697f0da7bc1a) C:\Windows\system32\DRIVERS\bcmwl664.sys
19:26:32.0885 0936 BCM43XX - ok
19:26:33.0030 0936 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
19:26:33.0072 0936 BDESVC - ok
19:26:33.0117 0936 BDFM (57a812537b752e2b0409576120183e4f) C:\Windows\system32\DRIVERS\bdfm.sys
19:26:33.0133 0936 BDFM - ok
19:26:33.0230 0936 Bdfndisf (7afb43894a9bcea183ebca27d2baa48c) c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys
19:26:33.0243 0936 Bdfndisf - ok
19:26:33.0308 0936 bdfsfltr (66116e0a4da8407ff7f2aaace52b8b54) C:\Windows\system32\DRIVERS\bdfsfltr.sys
19:26:33.0330 0936 bdfsfltr - ok
19:26:33.0357 0936 bdfwfpf (37e7491ca07ab737e68d655d658e1e94) C:\Program Files\Common Files\BitDefender\BitDefender Firewall\bdfwfpf.sys
19:26:33.0371 0936 bdfwfpf - ok
19:26:33.0408 0936 Bdvedisk (b89deff4817b4cc6fc2bcd8f83b4e75d) C:\Windows\system32\DRIVERS\bdvedisk.sys
19:26:33.0424 0936 Bdvedisk - ok
19:26:33.0450 0936 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
19:26:33.0522 0936 Beep - ok
19:26:33.0575 0936 BITCOMET_HELPER_SERVICE - ok
19:26:33.0667 0936 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
19:26:33.0744 0936 BITS - ok
19:26:33.0765 0936 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
19:26:33.0794 0936 blbdrive - ok
19:26:33.0820 0936 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
19:26:33.0851 0936 bowser - ok
19:26:33.0874 0936 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
19:26:33.0912 0936 BrFiltLo - ok
19:26:33.0935 0936 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
19:26:33.0956 0936 BrFiltUp - ok
19:26:33.0991 0936 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
19:26:34.0076 0936 Browser - ok
19:26:34.0121 0936 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
19:26:34.0167 0936 Brserid - ok
19:26:34.0187 0936 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
19:26:34.0223 0936 BrSerWdm - ok
19:26:34.0244 0936 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
19:26:34.0281 0936 BrUsbMdm - ok
19:26:34.0305 0936 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
19:26:34.0337 0936 BrUsbSer - ok
19:26:34.0374 0936 bScsiMSa (520408cfdb56de8cdb44b2f11b9c5b5c) C:\Windows\system32\drivers\bScsiMSa.sys
19:26:34.0388 0936 bScsiMSa - ok
19:26:34.0415 0936 bScsiSDa (9f880f03f4a72215c8b77fd51322c297) C:\Windows\system32\DRIVERS\bScsiSDa.sys
19:26:34.0429 0936 bScsiSDa - ok
19:26:34.0460 0936 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
19:26:34.0492 0936 BTHMODEM - ok
19:26:34.0540 0936 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
19:26:34.0605 0936 bthserv - ok
19:26:34.0640 0936 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
19:26:34.0693 0936 cdfs - ok
19:26:34.0727 0936 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
19:26:34.0753 0936 cdrom - ok
19:26:34.0778 0936 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
19:26:34.0844 0936 CertPropSvc - ok
19:26:34.0866 0936 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
19:26:34.0888 0936 circlass - ok
19:26:34.0936 0936 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
19:26:34.0958 0936 CLFS - ok
19:26:35.0029 0936 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:26:35.0044 0936 clr_optimization_v2.0.50727_32 - ok
19:26:35.0101 0936 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:26:35.0116 0936 clr_optimization_v2.0.50727_64 - ok
19:26:35.0188 0936 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:26:35.0204 0936 clr_optimization_v4.0.30319_32 - ok
19:26:35.0253 0936 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:26:35.0268 0936 clr_optimization_v4.0.30319_64 - ok
19:26:35.0302 0936 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
19:26:35.0327 0936 CmBatt - ok
19:26:35.0348 0936 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
19:26:35.0363 0936 cmdide - ok
19:26:35.0423 0936 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
19:26:35.0511 0936 CNG - ok
19:26:35.0532 0936 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
19:26:35.0551 0936 Compbatt - ok
19:26:35.0575 0936 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
19:26:35.0605 0936 CompositeBus - ok
19:26:35.0614 0936 COMSysApp - ok
19:26:35.0674 0936 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
19:26:35.0689 0936 crcdisk - ok
19:26:35.0746 0936 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
19:26:35.0813 0936 CryptSvc - ok
19:26:35.0853 0936 dc3d (1ca90212a99db6975c344826d11055c9) C:\Windows\system32\DRIVERS\dc3d.sys
19:26:35.0867 0936 dc3d - ok
19:26:35.0934 0936 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
19:26:36.0018 0936 DcomLaunch - ok
19:26:36.0059 0936 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
19:26:36.0125 0936 defragsvc - ok
19:26:36.0154 0936 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
19:26:36.0223 0936 DfsC - ok
19:26:36.0267 0936 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
19:26:36.0335 0936 Dhcp - ok
19:26:36.0366 0936 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
19:26:36.0446 0936 discache - ok
19:26:36.0477 0936 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
19:26:36.0493 0936 Disk - ok
19:26:36.0531 0936 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
19:26:36.0592 0936 Dnscache - ok
19:26:36.0631 0936 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
19:26:36.0704 0936 dot3svc - ok
19:26:36.0724 0936 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
19:26:36.0782 0936 DPS - ok
19:26:36.0818 0936 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
19:26:36.0847 0936 drmkaud - ok
19:26:36.0939 0936 DsiWMIService (4ab2a58816cc6be771f1d8c768b804c5) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
19:26:36.0959 0936 DsiWMIService - ok
19:26:37.0010 0936 dtsoftbus01 (d3d64cf7b2bceaa34a270f45a3fffb36) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
19:26:37.0029 0936 dtsoftbus01 - ok
19:26:37.0109 0936 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
19:26:37.0144 0936 DXGKrnl - ok
19:26:37.0174 0936 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
19:26:37.0241 0936 EapHost - ok
19:26:37.0424 0936 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
19:26:37.0485 0936 ebdrv - ok
19:26:37.0627 0936 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
19:26:37.0682 0936 EFS - ok
19:26:37.0783 0936 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
19:26:37.0839 0936 ehRecvr - ok
19:26:37.0869 0936 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
19:26:37.0888 0936 ehSched - ok
19:26:37.0955 0936 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
19:26:37.0980 0936 elxstor - ok
19:26:38.0015 0936 epmntdrv (9eafb3b3b60b8ad958985152a9309aca) C:\Windows\system32\epmntdrv.sys
19:26:38.0049 0936 epmntdrv ( UnsignedFile.Multi.Generic ) - warning
19:26:38.0049 0936 epmntdrv - detected UnsignedFile.Multi.Generic (1)
19:26:38.0187 0936 ePowerSvc (ac5c64f828c0a6a1350971501ac2a0c7) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
19:26:38.0218 0936 ePowerSvc - ok
19:26:38.0276 0936 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
19:26:38.0307 0936 ErrDev - ok
19:26:38.0347 0936 EuGdiDrv (fb949ed2c93c878a189039f3d7730942) C:\Windows\system32\EuGdiDrv.sys
19:26:38.0364 0936 EuGdiDrv ( UnsignedFile.Multi.Generic ) - warning
19:26:38.0364 0936 EuGdiDrv - detected UnsignedFile.Multi.Generic (1)
19:26:38.0432 0936 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
19:26:38.0504 0936 EventSystem - ok
19:26:38.0537 0936 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
19:26:38.0594 0936 exfat - ok
19:26:38.0626 0936 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
19:26:38.0687 0936 fastfat - ok
19:26:38.0757 0936 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
19:26:38.0802 0936 Fax - ok
19:26:38.0825 0936 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
19:26:38.0855 0936 fdc - ok
19:26:38.0877 0936 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
19:26:38.0931 0936 fdPHost - ok
19:26:38.0956 0936 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
19:26:39.0015 0936 FDResPub - ok
19:26:39.0040 0936 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
19:26:39.0057 0936 FileInfo - ok
19:26:39.0077 0936 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
19:26:39.0158 0936 Filetrace - ok
19:26:39.0287 0936 FLEXnet Licensing Service (bb0667b0171b632b97ea759515476f07) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
19:26:39.0314 0936 FLEXnet Licensing Service - ok
19:26:39.0344 0936 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
19:26:39.0363 0936 flpydisk - ok
19:26:39.0399 0936 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
19:26:39.0420 0936 FltMgr - ok
19:26:39.0510 0936 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
19:26:39.0568 0936 FontCache - ok
19:26:39.0625 0936 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:26:39.0638 0936 FontCache3.0.0.0 - ok
19:26:39.0671 0936 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
19:26:39.0687 0936 FsDepends - ok
19:26:39.0729 0936 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
19:26:39.0744 0936 Fs_Rec - ok
19:26:39.0781 0936 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
19:26:39.0805 0936 fvevol - ok
19:26:39.0836 0936 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
19:26:39.0852 0936 gagp30kx - ok
19:26:39.0929 0936 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
19:26:39.0991 0936 gpsvc - ok
19:26:40.0064 0936 GREGService (84e58fea8b1a7537696a20c59cb9b0c9) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
19:26:40.0084 0936 GREGService ( UnsignedFile.Multi.Generic ) - warning
19:26:40.0084 0936 GREGService - detected UnsignedFile.Multi.Generic (1)
19:26:40.0182 0936 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:26:40.0197 0936 gupdate - ok
19:26:40.0206 0936 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:26:40.0221 0936 gupdatem - ok
19:26:40.0265 0936 gusvc (c1b577b2169900f4cf7190c39f085794) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
19:26:40.0281 0936 gusvc - ok
19:26:40.0305 0936 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
19:26:40.0358 0936 hcw85cir - ok
19:26:40.0399 0936 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
19:26:40.0430 0936 HdAudAddService - ok
19:26:40.0466 0936 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
19:26:40.0489 0936 HDAudBus - ok
19:26:40.0516 0936 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
19:26:40.0544 0936 HidBatt - ok
19:26:40.0573 0936 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
19:26:40.0610 0936 HidBth - ok
19:26:40.0633 0936 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
19:26:40.0655 0936 HidIr - ok
19:26:40.0688 0936 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
19:26:40.0757 0936 hidserv - ok
19:26:40.0782 0936 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
19:26:40.0800 0936 HidUsb - ok
19:26:40.0834 0936 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
19:26:40.0909 0936 hkmsvc - ok
19:26:40.0947 0936 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
19:26:40.0977 0936 HomeGroupListener - ok
19:26:41.0020 0936 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
19:26:41.0053 0936 HomeGroupProvider - ok
19:26:41.0086 0936 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
19:26:41.0103 0936 HpSAMD - ok
19:26:41.0380 0936 HPSLPSVC (f37882f128efacefe353e0bae2766909) C:\Users\Miry\AppData\Local\Temp\7zS6693\hpslpsvc64.dll
19:26:41.0410 0936 HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning
19:26:41.0410 0936 HPSLPSVC - detected UnsignedFile.Multi.Generic (1)
19:26:41.0575 0936 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
19:26:41.0646 0936 HTTP - ok
19:26:41.0697 0936 hwdatacard (4b5c07db91a0099272faae732e1152bd) C:\Windows\system32\DRIVERS\ewusbmdm.sys
19:26:41.0737 0936 hwdatacard - ok
19:26:41.0761 0936 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
19:26:41.0776 0936 hwpolicy - ok
19:26:41.0827 0936 hwusbfake (1f24cf1f7db6d4461ac65a86db8e4bc2) C:\Windows\system32\DRIVERS\ewusbfake.sys
19:26:41.0857 0936 hwusbfake - ok
19:26:41.0892 0936 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
19:26:41.0910 0936 i8042prt - ok
19:26:41.0979 0936 iaStor (f7ce9be72edac499b713eca6dae5d26f) C:\Windows\system32\drivers\iaStor.sys
19:26:42.0001 0936 iaStor - ok
19:26:42.0113 0936 IAStorDataMgrSvc (b25f192ea1f84a316eb7c19efcccf33d) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
19:26:42.0126 0936 IAStorDataMgrSvc - ok
19:26:42.0191 0936 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
19:26:42.0214 0936 iaStorV - ok
19:26:42.0320 0936 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:26:42.0351 0936 idsvc - ok
19:26:42.0921 0936 igfx (6383899c5f964d71b0f96b81fbe59bb8) C:\Windows\system32\DRIVERS\igdkmd64.sys
19:26:43.0111 0936 igfx - ok
19:26:43.0207 0936 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
19:26:43.0222 0936 iirsp - ok
19:26:43.0303 0936 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
19:26:43.0380 0936 IKEEXT - ok
19:26:43.0559 0936 IntcAzAudAddService (b60accd29f8fafc4a6344cd2bd5ca3a5) C:\Windows\system32\drivers\RTKVHD64.sys
19:26:43.0633 0936 IntcAzAudAddService - ok
19:26:43.0727 0936 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys
19:26:43.0764 0936 IntcDAud - ok
19:26:43.0796 0936 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
19:26:43.0815 0936 intelide - ok
19:26:43.0845 0936 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
19:26:43.0879 0936 intelppm - ok
19:26:43.0917 0936 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
19:26:43.0985 0936 IPBusEnum - ok
19:26:44.0013 0936 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:26:44.0068 0936 IpFilterDriver - ok
19:26:44.0099 0936 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
19:26:44.0126 0936 IPMIDRV - ok
19:26:44.0153 0936 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
19:26:44.0226 0936 IPNAT - ok
19:26:44.0245 0936 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
19:26:44.0269 0936 IRENUM - ok
19:26:44.0280 0936 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
19:26:44.0296 0936 isapnp - ok
19:26:44.0336 0936 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
19:26:44.0357 0936 iScsiPrt - ok
19:26:44.0415 0936 k57nd60a (0469bff65bbdee9e46d0c45ee32a08bd) C:\Windows\system32\DRIVERS\k57nd60a.sys
19:26:44.0436 0936 k57nd60a - ok
19:26:44.0462 0936 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
19:26:44.0478 0936 kbdclass - ok
19:26:44.0499 0936 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
19:26:44.0528 0936 kbdhid - ok
19:26:44.0561 0936 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:26:44.0579 0936 KeyIso - ok
19:26:44.0586 0936 KMService - ok
19:26:44.0607 0936 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
19:26:44.0624 0936 KSecDD - ok
19:26:44.0651 0936 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
19:26:44.0670 0936 KSecPkg - ok
19:26:44.0687 0936 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
19:26:44.0757 0936 ksthunk - ok
19:26:44.0823 0936 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
19:26:44.0899 0936 KtmRm - ok
19:26:44.0954 0936 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
19:26:45.0020 0936 LanmanServer - ok
19:26:45.0067 0936 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
19:26:45.0131 0936 LanmanWorkstation - ok
19:26:45.0221 0936 Live Updater Service (6bcee9c766815bfff89de7d81af34ce1) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
19:26:45.0237 0936 Live Updater Service - ok
19:26:45.0266 0936 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
19:26:45.0339 0936 lltdio - ok
19:26:45.0392 0936 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
19:26:45.0466 0936 lltdsvc - ok
19:26:45.0491 0936 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
19:26:45.0546 0936 lmhosts - ok
19:26:45.0671 0936 LMS (50c7ce53ef461870410355f1f2e7d515) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
 
19:26:45.0690 0936 LMS - ok
19:26:45.0730 0936 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
19:26:45.0748 0936 LSI_FC - ok
19:26:45.0775 0936 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
19:26:45.0792 0936 LSI_SAS - ok
19:26:45.0820 0936 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
19:26:45.0837 0936 LSI_SAS2 - ok
19:26:45.0870 0936 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
19:26:45.0888 0936 LSI_SCSI - ok
19:26:45.0920 0936 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
19:26:45.0987 0936 luafv - ok
19:26:46.0025 0936 massfilter (23488767cb18fc3ff39e3af1db3fb02c) C:\Windows\system32\drivers\massfilter.sys
19:26:46.0066 0936 massfilter - ok
19:26:46.0114 0936 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
19:26:46.0133 0936 Mcx2Svc - ok
19:26:46.0153 0936 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
19:26:46.0169 0936 megasas - ok
19:26:46.0208 0936 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
19:26:46.0228 0936 MegaSR - ok
19:26:46.0261 0936 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys
19:26:46.0274 0936 MEIx64 - ok
19:26:46.0371 0936 Microsoft SharePoint Workspace Audit Service - ok
19:26:46.0392 0936 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
19:26:46.0464 0936 MMCSS - ok
19:26:46.0497 0936 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
19:26:46.0571 0936 Modem - ok
19:26:46.0592 0936 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
19:26:46.0625 0936 monitor - ok
19:26:46.0652 0936 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
19:26:46.0668 0936 mouclass - ok
19:26:46.0690 0936 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
19:26:46.0724 0936 mouhid - ok
19:26:46.0750 0936 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
19:26:46.0768 0936 mountmgr - ok
19:26:46.0802 0936 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
19:26:46.0820 0936 mpio - ok
19:26:46.0853 0936 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
19:26:46.0906 0936 mpsdrv - ok
19:26:46.0939 0936 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
19:26:46.0974 0936 MRxDAV - ok
19:26:47.0018 0936 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
19:26:47.0068 0936 mrxsmb - ok
19:26:47.0111 0936 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:26:47.0137 0936 mrxsmb10 - ok
19:26:47.0173 0936 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:26:47.0192 0936 mrxsmb20 - ok
19:26:47.0213 0936 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
19:26:47.0228 0936 msahci - ok
19:26:47.0258 0936 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
19:26:47.0276 0936 msdsm - ok
19:26:47.0325 0936 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
19:26:47.0353 0936 MSDTC - ok
19:26:47.0388 0936 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
19:26:47.0441 0936 Msfs - ok
19:26:47.0458 0936 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
19:26:47.0518 0936 mshidkmdf - ok
19:26:47.0539 0936 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
19:26:47.0555 0936 msisadrv - ok
19:26:47.0608 0936 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
19:26:47.0679 0936 MSiSCSI - ok
19:26:47.0690 0936 msiserver - ok
19:26:47.0713 0936 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
19:26:47.0779 0936 MSKSSRV - ok
19:26:47.0801 0936 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
19:26:47.0866 0936 MSPCLOCK - ok
19:26:47.0888 0936 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
19:26:47.0949 0936 MSPQM - ok
19:26:47.0996 0936 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
19:26:48.0018 0936 MsRPC - ok
19:26:48.0043 0936 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
19:26:48.0059 0936 mssmbios - ok
19:26:48.0073 0936 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
19:26:48.0135 0936 MSTEE - ok
19:26:48.0162 0936 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
19:26:48.0187 0936 MTConfig - ok
19:26:48.0211 0936 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
19:26:48.0227 0936 Mup - ok
19:26:48.0301 0936 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
19:26:48.0377 0936 napagent - ok
19:26:48.0418 0936 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
19:26:48.0460 0936 NativeWifiP - ok
19:26:48.0628 0936 NBService (b498a14133bd09ad0817590ace4470ad) C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
19:26:48.0657 0936 NBService - ok
19:26:48.0737 0936 NDIS (c38b8ae57f78915905064a9a24dc1586) C:\Windows\system32\drivers\ndis.sys
19:26:48.0771 0936 NDIS - ok
19:26:48.0795 0936 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
19:26:48.0851 0936 NdisCap - ok
19:26:48.0877 0936 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
19:26:48.0930 0936 NdisTapi - ok
19:26:48.0950 0936 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
19:26:49.0012 0936 Ndisuio - ok
19:26:49.0044 0936 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
19:26:49.0111 0936 NdisWan - ok
19:26:49.0140 0936 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
19:26:49.0192 0936 NDProxy - ok
19:26:49.0209 0936 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
19:26:49.0270 0936 NetBIOS - ok
19:26:49.0320 0936 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
19:26:49.0374 0936 NetBT - ok
19:26:49.0405 0936 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:26:49.0422 0936 Netlogon - ok
19:26:49.0482 0936 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
19:26:49.0551 0936 Netman - ok
19:26:49.0631 0936 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
19:26:49.0702 0936 netprofm - ok
19:26:49.0781 0936 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:26:49.0797 0936 NetTcpPortSharing - ok
19:26:49.0820 0936 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
19:26:49.0837 0936 nfrd960 - ok
19:26:49.0876 0936 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
19:26:49.0944 0936 NlaSvc - ok
19:26:50.0099 0936 NMIndexingService (a328a46d87bb92ce4d8a4528e9d84787) C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
19:26:50.0116 0936 NMIndexingService - ok
19:26:50.0308 0936 NOBU (5839a8027d6d324a7cd494051a96628c) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
19:26:50.0379 0936 NOBU - ok
19:26:50.0507 0936 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
19:26:50.0560 0936 Npfs - ok
19:26:50.0604 0936 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
19:26:50.0665 0936 nsi - ok
19:26:50.0692 0936 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
19:26:50.0757 0936 nsiproxy - ok
19:26:50.0893 0936 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
19:26:50.0947 0936 Ntfs - ok
19:26:51.0084 0936 NTI IScheduleSvc (6cc09d2f0ba4a09babc3c41b8fd888f7) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
19:26:51.0101 0936 NTI IScheduleSvc - ok
19:26:51.0192 0936 NTIDrvr (ee3ba1024594d5d09e314f206b94069e) C:\Windows\system32\drivers\NTIDrvr.sys
19:26:51.0206 0936 NTIDrvr - ok
19:26:51.0227 0936 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
19:26:51.0279 0936 Null - ok
19:26:52.0046 0936 nvlddmkm (9c1996dd3c0469bc8933321f15709f5a) C:\Windows\system32\DRIVERS\nvlddmkm.sys
19:26:52.0352 0936 nvlddmkm - ok
19:26:52.0422 0936 nvpciflt (6856261c915dd080dbadae9d6b788d85) C:\Windows\system32\DRIVERS\nvpciflt.sys
19:26:52.0436 0936 nvpciflt - ok
19:26:52.0485 0936 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
19:26:52.0503 0936 nvraid - ok
19:26:52.0541 0936 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
19:26:52.0559 0936 nvstor - ok
19:26:52.0662 0936 nvsvc (34e5498528bb3d5a951f889f8756ad26) C:\Windows\system32\nvvsvc.exe
19:26:52.0696 0936 nvsvc - ok
19:26:52.0907 0936 nvUpdatusService (cd0bfaa6872cfe38c908d313ae17c350) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
19:26:52.0970 0936 nvUpdatusService - ok
19:26:53.0105 0936 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
19:26:53.0122 0936 nv_agp - ok
19:26:53.0147 0936 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
19:26:53.0181 0936 ohci1394 - ok
19:26:53.0277 0936 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:26:53.0292 0936 ose - ok
19:26:53.0596 0936 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
19:26:53.0716 0936 osppsvc - ok
19:26:53.0836 0936 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
19:26:53.0872 0936 p2pimsvc - ok
19:26:53.0924 0936 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
19:26:53.0947 0936 p2psvc - ok
19:26:53.0999 0936 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
19:26:54.0017 0936 Parport - ok
19:26:54.0062 0936 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
19:26:54.0082 0936 partmgr - ok
19:26:54.0103 0936 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
19:26:54.0143 0936 PcaSvc - ok
19:26:54.0183 0936 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
19:26:54.0202 0936 pci - ok
19:26:54.0213 0936 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
19:26:54.0229 0936 pciide - ok
19:26:54.0268 0936 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
19:26:54.0288 0936 pcmcia - ok
19:26:54.0309 0936 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
19:26:54.0327 0936 pcw - ok
19:26:54.0373 0936 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
19:26:54.0447 0936 PEAUTH - ok
19:26:54.0553 0936 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
19:26:54.0586 0936 PerfHost - ok
19:26:54.0786 0936 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
19:26:54.0860 0936 pla - ok
19:26:54.0915 0936 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
19:26:54.0966 0936 PlugPlay - ok
19:26:54.0995 0936 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
19:26:55.0026 0936 PNRPAutoReg - ok
19:26:55.0071 0936 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
19:26:55.0092 0936 PNRPsvc - ok
19:26:55.0144 0936 Point64 (4f0878fd62d5f7444c5f1c4c66d9d293) C:\Windows\system32\DRIVERS\point64.sys
19:26:55.0159 0936 Point64 - ok
19:26:55.0233 0936 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
19:26:55.0307 0936 PolicyAgent - ok
19:26:55.0366 0936 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
19:26:55.0432 0936 Power - ok
19:26:55.0479 0936 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
19:26:55.0541 0936 PptpMiniport - ok
19:26:55.0588 0936 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
19:26:55.0611 0936 Processor - ok
19:26:55.0667 0936 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
19:26:55.0740 0936 ProfSvc - ok
19:26:55.0804 0936 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:26:55.0825 0936 ProtectedStorage - ok
19:26:55.0880 0936 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
19:26:55.0933 0936 Psched - ok
19:26:56.0052 0936 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
19:26:56.0105 0936 ql2300 - ok
19:26:56.0230 0936 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
19:26:56.0248 0936 ql40xx - ok
19:26:56.0287 0936 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
19:26:56.0320 0936 QWAVE - ok
19:26:56.0349 0936 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
19:26:56.0387 0936 QWAVEdrv - ok
19:26:56.0405 0936 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
19:26:56.0462 0936 RasAcd - ok
19:26:56.0505 0936 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
19:26:56.0559 0936 RasAgileVpn - ok
19:26:56.0593 0936 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
19:26:56.0659 0936 RasAuto - ok
19:26:56.0683 0936 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
19:26:56.0744 0936 Rasl2tp - ok
19:26:56.0788 0936 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
19:26:56.0848 0936 RasMan - ok
19:26:56.0874 0936 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
19:26:56.0936 0936 RasPppoe - ok
19:26:56.0962 0936 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
19:26:57.0032 0936 RasSstp - ok
19:26:57.0081 0936 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
19:26:57.0150 0936 rdbss - ok
19:26:57.0166 0936 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
19:26:57.0196 0936 rdpbus - ok
19:26:57.0219 0936 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
19:26:57.0272 0936 RDPCDD - ok
19:26:57.0290 0936 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
19:26:57.0366 0936 RDPENCDD - ok
19:26:57.0387 0936 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
19:26:57.0439 0936 RDPREFMP - ok
19:26:57.0491 0936 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
19:26:57.0536 0936 RDPWD - ok
19:26:57.0571 0936 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
19:26:57.0590 0936 rdyboost - ok
19:26:57.0659 0936 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
19:26:57.0728 0936 RemoteAccess - ok
19:26:57.0775 0936 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
19:26:57.0848 0936 RemoteRegistry - ok
19:26:57.0879 0936 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
19:26:57.0951 0936 RpcEptMapper - ok
19:26:57.0992 0936 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
19:26:58.0010 0936 RpcLocator - ok
19:26:58.0067 0936 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
19:26:58.0127 0936 RpcSs - ok
19:26:58.0150 0936 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
19:26:58.0203 0936 rspndr - ok
19:26:58.0238 0936 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:26:58.0262 0936 SamSs - ok
19:26:58.0287 0936 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
19:26:58.0304 0936 sbp2port - ok
19:26:58.0339 0936 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
19:26:58.0396 0936 SCardSvr - ok
19:26:58.0416 0936 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
19:26:58.0488 0936 scfilter - ok
19:26:58.0587 0936 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
19:26:58.0662 0936 Schedule - ok
19:26:58.0700 0936 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
19:26:58.0752 0936 SCPolicySvc - ok
19:26:58.0781 0936 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\DRIVERS\sdbus.sys
19:26:58.0819 0936 sdbus - ok
19:26:58.0858 0936 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
19:26:58.0892 0936 SDRSVC - ok
19:26:58.0918 0936 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
19:26:58.0981 0936 secdrv - ok
19:26:59.0011 0936 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
19:26:59.0064 0936 seclogon - ok
19:26:59.0089 0936 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
19:26:59.0156 0936 SENS - ok
19:26:59.0183 0936 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
19:26:59.0227 0936 SensrSvc - ok
19:26:59.0257 0936 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
19:26:59.0285 0936 Serenum - ok
19:26:59.0301 0936 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
19:26:59.0325 0936 Serial - ok
19:26:59.0336 0936 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
19:26:59.0359 0936 sermouse - ok
19:26:59.0410 0936 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
19:26:59.0477 0936 SessionEnv - ok
19:26:59.0489 0936 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
19:26:59.0518 0936 sffdisk - ok
19:26:59.0527 0936 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
19:26:59.0558 0936 sffp_mmc - ok
19:26:59.0569 0936 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
19:26:59.0595 0936 sffp_sd - ok
19:26:59.0606 0936 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
19:26:59.0631 0936 sfloppy - ok
19:26:59.0685 0936 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
19:26:59.0743 0936 ShellHWDetection - ok
19:26:59.0772 0936 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
19:26:59.0789 0936 SiSRaid2 - ok
19:26:59.0812 0936 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
19:26:59.0829 0936 SiSRaid4 - ok
19:26:59.0908 0936 SkypeUpdate (17eab7852ff9f15fbaab4e95efc0b812) C:\Program Files (x86)\Skype\Updater\Updater.exe
19:26:59.0924 0936 SkypeUpdate - ok
19:26:59.0939 0936 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
19:27:00.0007 0936 Smb - ok
19:27:00.0028 0936 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
19:27:00.0056 0936 SNMPTRAP - ok
19:27:00.0082 0936 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
19:27:00.0097 0936 spldr - ok
19:27:00.0163 0936 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
19:27:00.0222 0936 Spooler - ok
19:27:00.0424 0936 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
19:27:00.0534 0936 sppsvc - ok
19:27:00.0664 0936 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
19:27:00.0718 0936 sppuinotify - ok
19:27:00.0779 0936 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
19:27:00.0826 0936 srv - ok
19:27:00.0883 0936 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
19:27:00.0921 0936 srv2 - ok
19:27:00.0941 0936 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
19:27:00.0960 0936 srvnet - ok
19:27:01.0000 0936 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
19:27:01.0070 0936 SSDPSRV - ok
19:27:01.0101 0936 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
19:27:01.0156 0936 SstpSvc - ok
19:27:01.0195 0936 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
19:27:01.0211 0936 stexstor - ok
19:27:01.0278 0936 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
19:27:01.0312 0936 stisvc - ok
19:27:01.0334 0936 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
19:27:01.0350 0936 swenum - ok
19:27:01.0410 0936 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
19:27:01.0478 0936 swprv - ok
19:27:01.0596 0936 SynTP (ef51b22706db03f0857fade127c804ec) C:\Windows\system32\DRIVERS\SynTP.sys
19:27:01.0638 0936 SynTP - ok
19:27:01.0889 0936 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
19:27:01.0956 0936 SysMain - ok
19:27:02.0034 0936 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
19:27:02.0061 0936 TabletInputService - ok
19:27:02.0093 0936 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
19:27:02.0165 0936 TapiSrv - ok
19:27:02.0203 0936 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
19:27:02.0258 0936 TBS - ok
19:27:02.0416 0936 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
19:27:02.0472 0936 Tcpip - ok
19:27:02.0681 0936 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
19:27:02.0735 0936 TCPIP6 - ok
19:27:02.0905 0936 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
19:27:02.0971 0936 tcpipreg - ok
19:27:02.0995 0936 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
19:27:03.0026 0936 TDPIPE - ok
19:27:03.0062 0936 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
19:27:03.0086 0936 TDTCP - ok
19:27:03.0116 0936 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
19:27:03.0169 0936 tdx - ok
19:27:03.0193 0936 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
19:27:03.0210 0936 TermDD - ok
19:27:03.0279 0936 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
19:27:03.0353 0936 TermService - ok
19:27:03.0382 0936 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
19:27:03.0409 0936 Themes - ok
19:27:03.0447 0936 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
19:27:03.0501 0936 THREADORDER - ok
19:27:03.0529 0936 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
19:27:03.0601 0936 TrkWks - ok
19:27:03.0683 0936 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
19:27:03.0744 0936 TrustedInstaller - ok
19:27:03.0783 0936 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
19:27:03.0852 0936 tssecsrv - ok
19:27:03.0871 0936 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
19:27:03.0897 0936 TsUsbFlt - ok
19:27:03.0923 0936 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
19:27:03.0940 0936 TsUsbGD - ok
19:27:03.0967 0936 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
19:27:04.0028 0936 tunnel - ok
19:27:04.0070 0936 TurboB (48743b69ea47c020a792d8649f753f44) C:\Windows\system32\DRIVERS\TurboB.sys
19:27:04.0089 0936 TurboB - ok
19:27:04.0174 0936 TurboBoost (759f59e3ea3802ff23f93dcdb6fe9171) C:\Program Files\Intel\TurboBoost\TurboBoost.exe
19:27:04.0190 0936 TurboBoost - ok
19:27:04.0210 0936 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
19:27:04.0228 0936 uagp35 - ok
19:27:04.0256 0936 UBHelper (a17d5e1a6df4eab0a480f2c490de4c9d) C:\Windows\system32\drivers\UBHelper.sys
19:27:04.0270 0936 UBHelper - ok
19:27:04.0316 0936 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
19:27:04.0390 0936 udfs - ok
19:27:04.0498 0936 UI Assistant Service (528610a96539cd6ad6b68b199e2f3c73) C:\Program Files (x86)\ZTE Join Air\AssistantServices.exe
19:27:04.0515 0936 UI Assistant Service - ok
19:27:04.0551 0936 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
19:27:04.0571 0936 UI0Detect - ok
19:27:04.0588 0936 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
19:27:04.0605 0936 uliagpkx - ok
19:27:04.0635 0936 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
19:27:04.0662 0936 umbus - ok
19:27:04.0673 0936 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
19:27:04.0699 0936 UmPass - ok
19:27:04.0922 0936 UNS (374ebda379a8f38e0cfc2211611e7167) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
19:27:04.0991 0936 UNS - ok
19:27:05.0111 0936 Update Server (6796a8ee849de9efb76188c34b9999e2) C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe
19:27:05.0133 0936 Update Server - ok
19:27:05.0187 0936 Updatesrv (4e3696d404b2d4d0c370d1faba2123ed) C:\Program Files\BitDefender\BitDefender 2011\updatesrv.exe
19:27:05.0201 0936 Updatesrv - ok
19:27:05.0350 0936 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
19:27:05.0419 0936 upnphost - ok
19:27:05.0470 0936 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
19:27:05.0498 0936 usbccgp - ok
19:27:05.0538 0936 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
19:27:05.0561 0936 usbcir - ok
19:27:05.0587 0936 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
19:27:05.0614 0936 usbehci - ok
19:27:05.0660 0936 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
19:27:05.0696 0936 usbhub - ok
19:27:05.0726 0936 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
19:27:05.0754 0936 usbohci - ok
19:27:05.0775 0936 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
19:27:05.0810 0936 usbprint - ok
19:27:05.0858 0936 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:27:05.0888 0936 USBSTOR - ok
19:27:05.0913 0936 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
19:27:05.0948 0936 usbuhci - ok
19:27:05.0982 0936 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
19:27:06.0007 0936 usbvideo - ok
19:27:06.0046 0936 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
19:27:06.0119 0936 UxSms - ok
19:27:06.0160 0936 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:27:06.0177 0936 VaultSvc - ok
19:27:06.0200 0936 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
19:27:06.0216 0936 vdrvroot - ok
19:27:06.0277 0936 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
19:27:06.0357 0936 vds - ok
19:27:06.0373 0936 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
19:27:06.0395 0936 vga - ok
19:27:06.0425 0936 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
19:27:06.0491 0936 VgaSave - ok
19:27:06.0513 0936 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
19:27:06.0533 0936 vhdmp - ok
19:27:06.0545 0936 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
19:27:06.0561 0936 viaide - ok
19:27:06.0662 0936 VMCService (b3bfbb9c45bdaf3ecb4d1456f9017f95) C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
19:27:06.0668 0936 VMCService ( UnsignedFile.Multi.Generic ) - warning
19:27:06.0668 0936 VMCService - detected UnsignedFile.Multi.Generic (1)
19:27:06.0696 0936 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
19:27:06.0713 0936 volmgr - ok
19:27:06.0758 0936 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
19:27:06.0781 0936 volmgrx - ok
19:27:06.0808 0936 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
19:27:06.0830 0936 volsnap - ok
19:27:06.0893 0936 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
19:27:06.0912 0936 vsmraid - ok
19:27:07.0030 0936 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
19:27:07.0121 0936 VSS - ok
19:27:07.0204 0936 VSSERV - ok
19:27:07.0335 0936 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
19:27:07.0366 0936 vwifibus - ok
19:27:07.0395 0936 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
19:27:07.0436 0936 vwififlt - ok
19:27:07.0504 0936 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
19:27:07.0563 0936 W32Time - ok
19:27:07.0597 0936 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
19:27:07.0625 0936 WacomPen - ok
19:27:07.0649 0936 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
19:27:07.0713 0936 WANARP - ok
19:27:07.0723 0936 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
19:27:07.0775 0936 Wanarpv6 - ok
19:27:07.0902 0936 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
19:27:07.0944 0936 WatAdminSvc - ok
19:27:08.0064 0936 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
19:27:08.0127 0936 wbengine - ok
19:27:08.0272 0936 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
19:27:08.0301 0936 WbioSrvc - ok
19:27:08.0348 0936 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
19:27:08.0391 0936 wcncsvc - ok
19:27:08.0420 0936 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
19:27:08.0450 0936 WcsPlugInService - ok
19:27:08.0489 0936 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
19:27:08.0505 0936 Wd - ok
19:27:08.0574 0936 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
19:27:08.0604 0936 Wdf01000 - ok
19:27:08.0636 0936 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
19:27:08.0721 0936 WdiServiceHost - ok
19:27:08.0731 0936 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
19:27:08.0759 0936 WdiSystemHost - ok
19:27:08.0808 0936 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
19:27:08.0854 0936 WebClient - ok
19:27:08.0897 0936 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
19:27:08.0962 0936 Wecsvc - ok
19:27:08.0997 0936 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
19:27:09.0052 0936 wercplsupport - ok
19:27:09.0083 0936 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
19:27:09.0145 0936 WerSvc - ok
19:27:09.0226 0936 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
19:27:09.0279 0936 WfpLwf - ok
19:27:09.0299 0936 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
19:27:09.0319 0936 WIMMount - ok
19:27:09.0337 0936 WinHttpAutoProxySvc - ok
19:27:09.0404 0936 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
19:27:09.0474 0936 Winmgmt - ok
19:27:09.0613 0936 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
19:27:09.0694 0936 WinRM - ok
19:27:09.0847 0936 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
19:27:09.0870 0936 WinUsb - ok
19:27:09.0944 0936 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
19:27:09.0996 0936 Wlansvc - ok
19:27:10.0085 0936 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
19:27:10.0099 0936 wlcrasvc - ok
19:27:10.0259 0936 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:27:10.0320 0936 wlidsvc - ok
19:27:10.0450 0936 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
19:27:10.0476 0936 WmiAcpi - ok
19:27:10.0545 0936 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
19:27:10.0579 0936 wmiApSrv - ok
19:27:10.0620 0936 WMPNetworkSvc - ok
19:27:10.0653 0936 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
19:27:10.0689 0936 WPCSvc - ok
19:27:10.0720 0936 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
19:27:10.0755 0936 WPDBusEnum - ok
19:27:10.0788 0936 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
19:27:10.0850 0936 ws2ifsl - ok
19:27:10.0861 0936 WSearch - ok
19:27:11.0017 0936 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
19:27:11.0122 0936 wuauserv - ok
19:27:11.0246 0936 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
19:27:11.0313 0936 WudfPf - ok
19:27:11.0348 0936 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
19:27:11.0401 0936 WUDFRd - ok
19:27:11.0425 0936 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
19:27:11.0479 0936 wudfsvc - ok
19:27:11.0518 0936 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
19:27:11.0558 0936 WwanSvc - ok
19:27:11.0730 0936 YahooAUService (dd0042f0c3b606a6a8b92d49afb18ad6) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
19:27:11.0753 0936 YahooAUService - ok
19:27:11.0809 0936 ZTEusbmdm6k (f98415e5b83742c901d0a336972509a0) C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys
19:27:11.0840 0936 ZTEusbmdm6k - ok
19:27:11.0872 0936 ZTEusbnmea (f98415e5b83742c901d0a336972509a0) C:\Windows\system32\DRIVERS\ZTEusbnmea.sys
19:27:11.0889 0936 ZTEusbnmea - ok
19:27:11.0937 0936 ZTEusbser6k (f98415e5b83742c901d0a336972509a0) C:\Windows\system32\DRIVERS\ZTEusbser6k.sys
19:27:11.0953 0936 ZTEusbser6k - ok
19:27:11.0975 0936 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
19:27:12.0379 0936 \Device\Harddisk0\DR0 - ok
19:27:12.0386 0936 Boot (0x1200) (f7eb95504d62af3f5b02a0c565bd5888) \Device\Harddisk0\DR0\Partition0
19:27:12.0387 0936 \Device\Harddisk0\DR0\Partition0 - ok
19:27:12.0405 0936 Boot (0x1200) (8ce2ec83f9a6174aab10af840c3ac270) \Device\Harddisk0\DR0\Partition1
19:27:12.0407 0936 \Device\Harddisk0\DR0\Partition1 - ok
19:27:12.0414 0936 Boot (0x1200) (4d52e0231c355bcd08b556546ae55437) \Device\Harddisk0\DR0\Partition2
19:27:12.0416 0936 \Device\Harddisk0\DR0\Partition2 - ok
19:27:12.0442 0936 Boot (0x1200) (bcac51f6fa73b4b51d8a2579991eb9e7) \Device\Harddisk0\DR0\Partition3
19:27:12.0445 0936 \Device\Harddisk0\DR0\Partition3 - ok
19:27:12.0448 0936 ============================================================
19:27:12.0448 0936 Scan finished
19:27:12.0448 0936 ============================================================
19:27:12.0457 6472 Detected object count: 5
19:27:12.0458 6472 Actual detected object count: 5
19:27:45.0906 6472 epmntdrv ( UnsignedFile.Multi.Generic ) - skipped by user
19:27:45.0907 6472 epmntdrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:27:45.0908 6472 EuGdiDrv ( UnsignedFile.Multi.Generic ) - skipped by user
19:27:45.0908 6472 EuGdiDrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:27:45.0910 6472 GREGService ( UnsignedFile.Multi.Generic ) - skipped by user
19:27:45.0910 6472 GREGService ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:27:45.0911 6472 HPSLPSVC ( UnsignedFile.Multi.Generic ) - skipped by user
19:27:45.0911 6472 HPSLPSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:27:45.0913 6472 VMCService ( UnsignedFile.Multi.Generic ) - skipped by user
19:27:45.0913 6472 VMCService ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:28:00.0864 2592 Deinitialize success
 
As long as you're behind a router you can keep firewall off (for now).

Download the FixTDSS.exe

Save the file to your Windows desktop.
Close all running programs.
If you are running Windows XP, turn off System Restore. How to turn off or turn on Windows XP System Restore
Double-click the FixTDSS.exe file to start the removal tool.
Click Start to begin the process, and then allow the tool to run.
OK any security prompts.
Restart the computer when prompted by the tool.
After the computer has started, the tool will inform you of the state of infection (make sure to let me know what it said)
If you are running Windows XP, re-enable System Restore.
 
My antivirus keeps notifying me about the infected files I wrote in the first post, not exactly the same path, but very similar.

The FixTDSS.exe said after the reboot: No infections were found
 
Please download ComboFix from Here or Here to your Desktop.

**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**
  • Never rename Combofix unless instructed.
  • Close any open browsers.
  • Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
  • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
  • Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
  • Close any open browsers.
  • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
  • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
  • If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
  • Double click on combofix.exe & follow the prompts.

  • NOTE1. If Combofix asks you to install Recovery Console, please allow it.
    NOTE 2. If Combofix asks you to update the program, always do so.
  • When finished, it will produce a report for you.
  • Please post the "C:\ComboFix.txt"
**Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall
**Note 2 for AVG and CA Internet Security (Total Defense Internet Security) users: ComboFix will not run until AVG/CA Internet Security is uninstalled as a protective measure against the anti-virus. This is because AVG/CA Internet Security "falsely" detects ComboFix (or its embedded files) as a threat and may remove them resulting in the tool not working correctly which in turn can cause "unpredictable results". Since AVG/CA Internet Security cannot be effectively disabled before running ComboFix, the author recommends you to uninstall AVG/CA Internet Security first.
Use AppRemover to uninstall it: https://www.techspot.com/downloads/5514-appremover.html
We can reinstall it when we're done with CF.
**Note 3: If you receive an error "Illegal operation attempted on a registery key that has been marked for deletion", restart computer to fix the issue.
**Note 4: Some infections may take some significant time to be cured. As long as your computer clock is running Combofix is still working. Be patient.


Make sure, you re-enable your security programs, when you're done with Combofix.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

NOTE.
If, for some reason, Combofix refuses to run, try one of the following:

1. Run Combofix from Safe Mode.

2. Delete Combofix file, download fresh one, but rename combofix.exe to your_name.exe BEFORE saving it to your desktop.
Do NOT run it yet.
Please download and run the below tool named Rkill (courtesy of BleepingComputer.com) which may help allow other programs to run.
There are 4 different versions. If one of them won't run then download and try to run the other one.
Vista and Win7 users need to right click Rkill and choose Run as Administrator
You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

* Rkill.com
* Rkill.scr
* Rkill.exe
  • Double-click on the Rkill icon to run the tool.
  • If using Vista or Windows 7 right-click on it and choose Run As Administrator.
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the one provided in Link 2.
  • If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
  • Do not reboot until instructed.
  • If the tool does not run from any of the links provided, please let me know.
Once you've gotten one of them to run, immediately run your_name.exe by double clicking on it.

If normal mode still doesn't work, run BOTH tools from safe mode.

In case #2, please post BOTH logs, rKill and Combofix.

DO NOT make any other changes to your computer (like installing programs, using other cleaning tools, etc.), until it's officially declared clean!!!
 
Well ComboFix didn't work, or I'm doing something wrong.

1. I've disabled everything from my antivirus, closed everything. I've opened combofix, a black windows appears, with green writing, after a few seconds it closes. Then nothing else happens. I've notice the appearance of my task bar changing, it's not transparent any more, even the appearance of the windows change, they look similar to Win 98, or safe mode appearance. but nothing else happens. The internet it's not disconnected. And I can't access the link to see the list of programs that should be disabled.

2.I've tried running combofix in safe mode. Did't work. It said that my antivirus was still working. I couldn't disable it, so I didn't run combofix "at my own risk".

3. I've tried the solution with Rkill.com. A black DOS box did briefly flash... twice. Then the third time it didn't flash, it just stayed on my desktop. Again ComboFix didn't work....after the black window with green writing disappears, the appearance of my task bar and windows changed for a few moments. Now are back to normal...Almost...
 
2.I've tried running combofix in safe mode. Did't work. It said that my antivirus was still working. I couldn't disable it, so I didn't run combofix "at my own risk".
Click to expand...
Disregard that warning and proceed.
 
Now is doing the same thing in safe mode as in normal mode. I've even tried after that with Rkill in safe mode, but after I open combofix, the black window appears with green writing, it closes a few seconds after, and that is it. No warning that combofix might do something wrong since my antivirus is still enabled like it did the firs time in safe mode.
 
Download Kaspersky Rescue Disk 10
Burn downloaded .iso file to CD. How to: http://www.petri.co.il/how_to_write_iso_files_to_cd.htm

Boot from Kaspersky Rescue Disk 10. How to boot from CD: http://www.hiren.info/pages/bios-boot-cdrom

A loading wizard will start (you will see the menu to select the required language). See screenshots here: http://support.kaspersky.com/viruses/rescuedisk/main?qid=208286086
If you do not press any key in 10 seconds, the computer boots from hard drive automatically.
Select the required interface language using the arrow-keys on your keyboard.
Press the Enter key on the keyboard.
In the start up wizard window that opens, select the Kaspersky Rescue Disk. Graphic Mode
Click Enter.
Click 'A' to accept the agreement.
Select operating system from dropdown menu.
In Objects Scan tab checkmark:
  • Disk boot sectors
  • Hidden startup objects
  • C:
Click My Update Center tab and update if any available
Go back to other tab and click Start Object Scan.
NOTE. Be patient. It will take a while.

When scan has completed save a report:
  • On the upper part of the Kaspersky Rescue Disk window, click on the Report link.
  • On the bottom right hand corner of the Protection status - Kaspersky Rescue Disk window, click on the Detailed Report button.
  • On the upper right hand corner of the Detailed report window, click on the Save button.
  • After clicking Detailed Report and 'SAVE', a browse window opens.
  • Double-click on the \
  • Click 'Disks'.
  • All your drives will be shown and you can easily double-click C and save the report to C:\KasperskyRescueDisk10.txt.
  • Click on the Save button.
  • The report has been saved to the file.
Remove the disk from the drive (or disconnect USB) and reboot normally.

Post the content of the file for my review.
 
The scan took all the night, and I've seen a new location that has problems... When I started Windows normaly after the scan my antivirus was still finding the trojans..I don't know if it has anything to do with anything, but I can't open the cd-rom. I can't eject the Kaspersky Disk. I've tried pressing the button, or from My computer right click-eject. When I right-click it says: An error occurred while ejecting 'DVD RW Drive (F): KRD10'

Here is the report:

Objects Scan: completed 4 minutes ago (events: 272, objects: 1521866, time: 04:56:41)
6/8/12 5:10 AMTask completed
6/8/12 5:10 AMDeleted: Backdoor.Win32.ZAccess.ounC:/Windows/assembly/GAC_32/Desktop.ini
6/8/12 5:10 AMDetected: Backdoor.Win32.ZAccess.ounC:/Windows/assembly/GAC_32/Desktop.ini
6/8/12 5:10 AMDeleted: HEUR:Backdoor.Win64.GenericC:/Windows/Installer/{6d068584-5c55-d3b8-a239-f5f4a8ecedd4}/U/80000000.@
6/8/12 5:09 AMDetected: HEUR:Backdoor.Win64.GenericC:/Windows/Installer/{6d068584-5c55-d3b8-a239-f5f4a8ecedd4}/U/80000000.@
6/8/12 5:09 AMDeleted: Backdoor.Win32.Shiz.efil/mnt/MountedDevices/PD-DF0D06CA-00000003C6500000/Users/Miry/Downloads/Doclib 38/doclib38.rar
6/8/12 5:07 AMDetected: Backdoor.Win32.Shiz.efil/mnt/MountedDevices/PD-DF0D06CA-00000003C6500000/Users/Miry/Downloads/Doclib 38/doclib38.rar/reunums.exe
6/8/12 5:07 AMUntreated: Backdoor.Win32.Shiz.efax/mnt/MountedDevices/PD-DF0D06CA-00000003C6500000/Users/Miry/Downloads/Doclib 38/doclib38.rar/ldechiv.exeWrite not supported
6/8/12 4:51 AMDetected: Backdoor.Win32.Shiz.efax/mnt/MountedDevices/PD-DF0D06CA-00000003C6500000/Users/Miry/Downloads/Doclib 38/doclib38.rar/ldechiv.exe
6/8/12 4:28 AMUntreated: HEUR:Backdoor.Win64.GenericC:/Windows/Installer/{6d068584-5c55-d3b8-a239-f5f4a8ecedd4}/U/80000000.@Postponed
6/8/12 4:28 AMDetected: HEUR:Backdoor.Win64.GenericC:/Windows/Installer/{6d068584-5c55-d3b8-a239-f5f4a8ecedd4}/U/80000000.@
6/8/12 4:24 AMUntreated: Backdoor.Win32.ZAccess.ounC:/Windows/assembly/GAC_32/Desktop.iniPostponed
6/8/12 4:24 AMDetected: Backdoor.Win32.ZAccess.ounC:/Windows/assembly/GAC_32/Desktop.ini
6/8/12 4:16 AMUntreated: Backdoor.Win32.Shiz.efilC:/Users/Miry/Downloads/Doclib 38/doclib38.rar/reunums.exePostponed
6/8/12 4:16 AMDetected: Backdoor.Win32.Shiz.efilC:/Users/Miry/Downloads/Doclib 38/doclib38.rar/reunums.exe
6/8/12 4:16 AMUntreated: Backdoor.Win32.Shiz.efaxC:/Users/Miry/Downloads/Doclib 38/doclib38.rar/ldechiv.exePostponed
6/8/12 4:16 AMDetected: Backdoor.Win32.Shiz.efaxC:/Users/Miry/Downloads/Doclib 38/doclib38.rar/ldechiv.exe
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 1:06 AMProcessing errorC:/ProgramData/Temp:Read error
6/8/12 12:29 AMUntreated: Backdoor.Win32.Shiz.efil/mnt/MountedDevices/PD-DF0D06CA-00000003C6500000/Users/Miry/Downloads/Doclib 38/doclib38.rar/reunums.exePostponed
6/8/12 12:29 AMDetected: Backdoor.Win32.Shiz.efil/mnt/MountedDevices/PD-DF0D06CA-00000003C6500000/Users/Miry/Downloads/Doclib 38/doclib38.rar/reunums.exe
6/8/12 12:28 AMUntreated: Backdoor.Win32.Shiz.efax/mnt/MountedDevices/PD-DF0D06CA-00000003C6500000/Users/Miry/Downloads/Doclib 38/doclib38.rar/ldechiv.exePostponed
6/8/12 12:28 AMDetected: Backdoor.Win32.Shiz.efax/mnt/MountedDevices/PD-DF0D06CA-00000003C6500000/Users/Miry/Downloads/Doclib 38/doclib38.rar/ldechiv.exe
6/8/12 12:13 AMTask started
 
Very well.
Delete your Combofix file, download new one and try to run it from Safe Mode.
 
It didn't work. Delete combofix- download new one - restart - safe mode- open combofix - black window with green writing- then nothing, it just stops and nothing else happens.
 
Disconnect physically from the internet (pull ethernet cable) <---- IMPORTANT!

Please Boot to the System Recovery Options
If you have Windows 7 installation disc, just insert a DVD to the drive, restart computer and it should load automatically (option two presented in the article).
It's possible also that your computer has a pre-installed recovery partition instead - in such a case use a method one (by pressing F8 before Windows starts loading)...
NOTE. If none of the above apply you can create System Repair Disc (link in "Option two") and boot from it.

On the System Recovery Options menu you will get the following options:

  • Startup Repair
  • System Restore
  • Windows Complete PC Restore
  • Windows Memory Diagnostic Tool
  • Command Prompt

Choose Command Prompt
You should see X:\SOURCES>...

Execute the following commands in bold.
Press Enter after every one of them.

bootrec /fixmbr (<--- there is a "space" after "bootrec")

bootrec /fixboot (<--- there is a "space" after "bootrec")

exit

Restart computer to Safe Mode <--- IMPORTANT!

See if Combofix will run.

If you have another computer you can post from and USB flash drive it'd be preferable to keep our computer off the net for now and post Combofix log from another computer.
 
You must log in or register to reply here.

Similar threads

M
Ashampoo Burning Studio 21 Update not working
Replies
1
Views
1K
Mondriaan
M
ravisunny2
Solved Need help with possible infection
Replies
11
Views
3K
Broni
Broni
C
Solved Malware \ProductData + possibly more, on two devices
Replies
4
Views
7K
Broni
Broni

Latest posts

Back