Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Removed virus, now internet only works in safe mode


  • Please log in to reply
20 replies to this topic

#1 chasethecarrot

chasethecarrot

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:11:57 AM

Posted 24 November 2012 - 07:39 PM

I've had a nasty virus for months; I got rid of most of it but still had remnants like Google redirecting and hidden start menu options. Yesterday I ran Eset, TDSSkiller, HitmanPro, MBAM, Unhide.exe, and finally CCleaner and everything was restored and my computer worked perfectly, faster than it had been in months, etc. It was grand. Then this morning it started working really slowly on YouTube. I realized I had never restarted the computer after running the series of programs which finally got it working again (or so it seemed). I ran them again and restarted it. Ever since, the internet has not worked in normal boot mode and it's driving me crazy!! It works fine in Safe Mode w/networking; what have I done??? Please help!!

Edited by chasethecarrot, 24 November 2012 - 07:41 PM.


BC AdBot (Login to Remove)

 


#2 TwinHeadedEagle

TwinHeadedEagle

  • Security Colleague
  • 352 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Serbia
  • Local time:08:57 PM

Posted 25 November 2012 - 03:12 AM

Try this program, and see if it helps --> http://majorgeeks.com/Complete_Internet_Repair_d7183.html

Do you know what was the name of that nasty virus?

#3 chasethecarrot

chasethecarrot
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:11:57 AM

Posted 25 November 2012 - 03:00 PM

Honestly, and I know this sucks, but I don't remember.. I had two computers that caught infections at the same time- one is dead dead now and this one is now all I have so I MUST save it!!! But because they both happened at the same time I can't remember which things happened to which computer. I remember a Windows Security Essentials or Suite or something like that fake virus and I remember immediately running TDSS and MBAM on both. My other computer died after a friend borrowed it and took my AV down and it caught yet another virus and that was the end for the poor thing. This computer, though, has been okay except the remnants Of the virus which I mentioned in my initial post. I'll try your suggestion and see what happens, wish me luck!!!

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:57 PM

Posted 25 November 2012 - 03:14 PM

If it works in safemode with networking first option is to uninstall your antivirus and see if internet works

#5 chasethecarrot

chasethecarrot
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:11:57 AM

Posted 25 November 2012 - 03:41 PM

Ok I downloaded the program, but I'm not sure which parts to run... It says to only run something in it if you know you need it... Idk what to do!

#6 chasethecarrot

chasethecarrot
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:11:57 AM

Posted 25 November 2012 - 03:42 PM

I did that. I have Windows Defender but nothing else running on my computer right now.

#7 chasethecarrot

chasethecarrot
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:11:57 AM

Posted 25 November 2012 - 07:21 PM

I'm about to throw my computer through a window. :( I don't know what to do anymore, someone please help!

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:57 PM

Posted 25 November 2012 - 09:40 PM

Boot into safemode with networking

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply


Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

#9 chasethecarrot

chasethecarrot
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:11:57 AM

Posted 25 November 2012 - 10:27 PM

TDSS results:

32.0156 1084 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
19:18:32.0546 1084 ============================================================
19:18:32.0546 1084 Current date / time: 2012/11/25 19:18:32.0546
19:18:32.0546 1084 SystemInfo:
19:18:32.0546 1084
19:18:32.0546 1084 OS Version: 6.1.7601 ServicePack: 1.0
19:18:32.0546 1084 Product type: Workstation
19:18:32.0546 1084 ComputerName: JORDANA-PC
19:18:32.0546 1084 UserName: Jordana
19:18:32.0546 1084 Windows directory: C:\Windows
19:18:32.0546 1084 System windows directory: C:\Windows
19:18:32.0546 1084 Running under WOW64
19:18:32.0546 1084 Processor architecture: Intel x64
19:18:32.0546 1084 Number of processors: 4
19:18:32.0546 1084 Page size: 0x1000
19:18:32.0546 1084 Boot type: Safe boot with network
19:18:32.0546 1084 ============================================================
19:18:33.0435 1084 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:18:33.0435 1084 ============================================================
19:18:33.0435 1084 \Device\Harddisk0\DR0:
19:18:33.0435 1084 MBR partitions:
19:18:33.0435 1084 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2400800, BlocksNum 0x32000
19:18:33.0435 1084 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2432800, BlocksNum 0x37F53000
19:18:33.0435 1084 ============================================================
19:18:33.0467 1084 C: <-> \Device\Harddisk0\DR0\Partition2
19:18:33.0467 1084 ============================================================
19:18:33.0467 1084 Initialize success
19:18:33.0467 1084 ============================================================
19:19:20.0953 0972 ============================================================
19:19:20.0953 0972 Scan started
19:19:20.0953 0972 Mode: Manual; TDLFS;
19:19:20.0953 0972 ============================================================
19:19:21.0624 0972 ================ Scan system memory ========================
19:19:21.0624 0972 System memory - ok
19:19:21.0624 0972 ================ Scan services =============================
19:19:21.0749 0972 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
19:19:21.0749 0972 1394ohci - ok
19:19:21.0780 0972 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
19:19:21.0780 0972 ACPI - ok
19:19:21.0811 0972 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
19:19:21.0811 0972 AcpiPmi - ok
19:19:21.0936 0972 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:19:21.0936 0972 AdobeFlashPlayerUpdateSvc - ok
19:19:21.0983 0972 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
19:19:21.0983 0972 adp94xx - ok
19:19:22.0014 0972 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
19:19:22.0029 0972 adpahci - ok
19:19:22.0029 0972 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
19:19:22.0061 0972 adpu320 - ok
19:19:22.0092 0972 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
19:19:22.0092 0972 AeLookupSvc - ok
19:19:22.0139 0972 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
19:19:22.0139 0972 AFD - ok
19:19:22.0185 0972 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
19:19:22.0185 0972 agp440 - ok
19:19:22.0201 0972 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
19:19:22.0201 0972 ALG - ok
19:19:22.0217 0972 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
19:19:22.0217 0972 aliide - ok
19:19:22.0217 0972 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
19:19:22.0217 0972 amdide - ok
19:19:22.0248 0972 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
19:19:22.0248 0972 AmdK8 - ok
19:19:22.0263 0972 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
19:19:22.0263 0972 AmdPPM - ok
19:19:22.0279 0972 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
19:19:22.0279 0972 amdsata - ok
19:19:22.0310 0972 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
19:19:22.0310 0972 amdsbs - ok
19:19:22.0341 0972 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
19:19:22.0341 0972 amdxata - ok
19:19:22.0373 0972 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
19:19:22.0373 0972 AppID - ok
19:19:22.0373 0972 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
19:19:22.0373 0972 AppIDSvc - ok
19:19:22.0388 0972 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
19:19:22.0388 0972 Appinfo - ok
19:19:22.0419 0972 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
19:19:22.0419 0972 arc - ok
19:19:22.0435 0972 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
19:19:22.0435 0972 arcsas - ok
19:19:22.0451 0972 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
19:19:22.0451 0972 AsyncMac - ok
19:19:22.0482 0972 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
19:19:22.0482 0972 atapi - ok
19:19:22.0544 0972 [ E642491F64E58CD5BC8FB8B347DCF65F ] athr C:\Windows\system32\DRIVERS\athrx.sys
19:19:22.0622 0972 athr - ok
19:19:22.0669 0972 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:19:22.0685 0972 AudioEndpointBuilder - ok
19:19:22.0685 0972 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
19:19:22.0685 0972 AudioSrv - ok
19:19:22.0747 0972 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
19:19:22.0747 0972 AxInstSV - ok
19:19:22.0794 0972 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
19:19:22.0794 0972 b06bdrv - ok
19:19:22.0841 0972 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
19:19:22.0841 0972 b57nd60a - ok
19:19:22.0934 0972 [ 87F3BCF82A63E900AF896CD930BF7E05 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
19:19:22.0950 0972 BBSvc - ok
19:19:22.0965 0972 [ 78779EE07231C658B483B1F38B5088DF ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
19:19:22.0981 0972 BBUpdate - ok
19:19:22.0997 0972 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
19:19:23.0012 0972 BDESVC - ok
19:19:23.0043 0972 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
19:19:23.0043 0972 Beep - ok
19:19:23.0090 0972 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
19:19:23.0121 0972 BFE - ok
19:19:23.0153 0972 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
19:19:23.0184 0972 BITS - ok
19:19:23.0215 0972 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
19:19:23.0215 0972 blbdrive - ok
19:19:23.0231 0972 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
19:19:23.0231 0972 bowser - ok
19:19:23.0262 0972 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
19:19:23.0262 0972 BrFiltLo - ok
19:19:23.0262 0972 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
19:19:23.0262 0972 BrFiltUp - ok
19:19:23.0309 0972 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
19:19:23.0309 0972 Browser - ok
19:19:23.0324 0972 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
19:19:23.0324 0972 Brserid - ok
19:19:23.0340 0972 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
19:19:23.0340 0972 BrSerWdm - ok
19:19:23.0340 0972 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
19:19:23.0340 0972 BrUsbMdm - ok
19:19:23.0340 0972 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
19:19:23.0340 0972 BrUsbSer - ok
19:19:23.0402 0972 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
19:19:23.0402 0972 BthEnum - ok
19:19:23.0418 0972 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
19:19:23.0418 0972 BTHMODEM - ok
19:19:23.0433 0972 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
19:19:23.0449 0972 BthPan - ok
19:19:23.0465 0972 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
19:19:23.0480 0972 BTHPORT - ok
19:19:23.0511 0972 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
19:19:23.0527 0972 bthserv - ok
19:19:23.0543 0972 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
19:19:23.0543 0972 BTHUSB - ok
19:19:23.0605 0972 [ 9DE56FA4533E485AE5409D3C11747143 ] BTWAMPFL C:\Windows\system32\DRIVERS\btwampfl.sys
19:19:23.0605 0972 BTWAMPFL - ok
19:19:23.0652 0972 [ F6135859A582A7294BA7A3336E08BAA1 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
19:19:23.0652 0972 btwaudio - ok
19:19:23.0683 0972 [ 3DEF2370E414B4E299673558BA171A51 ] btwavdt C:\Windows\system32\DRIVERS\btwavdt.sys
19:19:23.0683 0972 btwavdt - ok
19:19:23.0761 0972 [ 5B6B009D4F4449E77264AFD6DAD185E0 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
19:19:23.0777 0972 btwdins - ok
19:19:23.0808 0972 [ E8D2BCD080EA91E74775B9F5EA051F97 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
19:19:23.0808 0972 btwl2cap - ok
19:19:23.0823 0972 [ 9937E0E4DFC0030560A6DFE9D3A94B39 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
19:19:23.0839 0972 btwrchid - ok
19:19:23.0855 0972 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
19:19:23.0855 0972 cdfs - ok
19:19:23.0901 0972 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
19:19:23.0901 0972 cdrom - ok
19:19:23.0933 0972 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
19:19:23.0948 0972 CertPropSvc - ok
19:19:23.0948 0972 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
19:19:23.0948 0972 circlass - ok
19:19:23.0964 0972 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
19:19:23.0979 0972 CLFS - ok
19:19:24.0042 0972 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:19:24.0042 0972 clr_optimization_v2.0.50727_32 - ok
19:19:24.0057 0972 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:19:24.0073 0972 clr_optimization_v2.0.50727_64 - ok
19:19:24.0151 0972 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:19:24.0213 0972 clr_optimization_v4.0.30319_32 - ok
19:19:24.0260 0972 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:19:24.0260 0972 clr_optimization_v4.0.30319_64 - ok
19:19:24.0291 0972 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
19:19:24.0307 0972 CmBatt - ok
19:19:24.0307 0972 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
19:19:24.0307 0972 cmdide - ok
19:19:24.0354 0972 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
19:19:24.0354 0972 CNG - ok
19:19:24.0432 0972 [ 87FF942B1954F31AD09028BCCC9DCCA2 ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT64.sys
19:19:24.0463 0972 CnxtHdAudService - ok
19:19:24.0494 0972 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
19:19:24.0494 0972 Compbatt - ok
19:19:24.0525 0972 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
19:19:24.0525 0972 CompositeBus - ok
19:19:24.0541 0972 COMSysApp - ok
19:19:24.0557 0972 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
19:19:24.0557 0972 crcdisk - ok
19:19:24.0603 0972 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
19:19:24.0603 0972 CryptSvc - ok
19:19:24.0713 0972 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
19:19:24.0728 0972 cvhsvc - ok
19:19:24.0759 0972 [ 9D0D050170D47E778B624A28C90F23DE ] CxAudMsg C:\Windows\system32\CxAudMsg64.exe
19:19:24.0759 0972 CxAudMsg - ok
19:19:24.0791 0972 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
19:19:24.0806 0972 DcomLaunch - ok
19:19:24.0837 0972 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
19:19:24.0837 0972 defragsvc - ok
19:19:24.0884 0972 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
19:19:24.0884 0972 DfsC - ok
19:19:24.0900 0972 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
19:19:24.0900 0972 Dhcp - ok
19:19:24.0915 0972 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
19:19:24.0915 0972 discache - ok
19:19:24.0947 0972 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
19:19:24.0947 0972 Disk - ok
19:19:24.0962 0972 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
19:19:24.0962 0972 Dnscache - ok
19:19:25.0009 0972 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
19:19:25.0009 0972 dot3svc - ok
19:19:25.0025 0972 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
19:19:25.0025 0972 DPS - ok
19:19:25.0071 0972 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
19:19:25.0071 0972 drmkaud - ok
19:19:25.0118 0972 [ 9DD3A22F804697606C2B7FF9E912FF6B ] DsiWMIService C:\Program Files (x86)\Launch Manager\dsiwmis.exe
19:19:25.0118 0972 DsiWMIService - ok
19:19:25.0165 0972 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
19:19:25.0165 0972 DXGKrnl - ok
19:19:25.0212 0972 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
19:19:25.0212 0972 EapHost - ok
19:19:25.0290 0972 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
19:19:25.0399 0972 ebdrv - ok
19:19:25.0430 0972 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
19:19:25.0430 0972 EFS - ok
19:19:25.0461 0972 [ 5332EC2BA1C112BD4BB1F38127848FEF ] EgisTec Ticket Service C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
19:19:25.0461 0972 EgisTec Ticket Service - ok
19:19:25.0539 0972 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
19:19:25.0555 0972 ehRecvr - ok
19:19:25.0586 0972 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
19:19:25.0586 0972 ehSched - ok
19:19:25.0633 0972 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
19:19:25.0633 0972 elxstor - ok
19:19:25.0680 0972 [ EB1C213A8550F066B2CCC29C9F41E2AE ] ePowerSvc C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
19:19:25.0711 0972 ePowerSvc - ok
19:19:25.0711 0972 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
19:19:25.0711 0972 ErrDev - ok
19:19:25.0742 0972 [ DBAA0C650C9549DC5C599D1E81DEDAAD ] ETD C:\Windows\system32\DRIVERS\ETD.sys
19:19:25.0742 0972 ETD - ok
19:19:25.0773 0972 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
19:19:25.0789 0972 EventSystem - ok
19:19:25.0883 0972 [ 54FC81B0162478A72A93DBBEAFB35671 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
19:19:25.0914 0972 EvtEng - ok
19:19:25.0929 0972 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
19:19:25.0929 0972 exfat - ok
19:19:25.0976 0972 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
19:19:25.0992 0972 fastfat - ok
19:19:26.0023 0972 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
19:19:26.0054 0972 Fax - ok
19:19:26.0070 0972 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
19:19:26.0070 0972 fdc - ok
19:19:26.0085 0972 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
19:19:26.0085 0972 fdPHost - ok
19:19:26.0085 0972 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
19:19:26.0085 0972 FDResPub - ok
19:19:26.0101 0972 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
19:19:26.0117 0972 FileInfo - ok
19:19:26.0117 0972 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
19:19:26.0117 0972 Filetrace - ok
19:19:26.0148 0972 [ BB0667B0171B632B97EA759515476F07 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
19:19:26.0179 0972 FLEXnet Licensing Service - ok
19:19:26.0195 0972 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
19:19:26.0210 0972 flpydisk - ok
19:19:26.0226 0972 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
19:19:26.0226 0972 FltMgr - ok
19:19:26.0273 0972 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
19:19:26.0304 0972 FontCache - ok
19:19:26.0351 0972 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:19:26.0366 0972 FontCache3.0.0.0 - ok
19:19:26.0366 0972 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
19:19:26.0366 0972 FsDepends - ok
19:19:26.0397 0972 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
19:19:26.0397 0972 Fs_Rec - ok
19:19:26.0444 0972 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
19:19:26.0460 0972 fvevol - ok
19:19:26.0475 0972 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
19:19:26.0475 0972 gagp30kx - ok
19:19:26.0538 0972 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
19:19:26.0553 0972 GamesAppService - ok
19:19:26.0585 0972 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
19:19:26.0600 0972 gpsvc - ok
19:19:26.0647 0972 [ C9B2D1D3F86FD3673EF847DEF73B6F9E ] GREGService C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
19:19:26.0647 0972 GREGService - ok
19:19:26.0741 0972 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:19:26.0741 0972 gupdate - ok
19:19:26.0741 0972 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:19:26.0741 0972 gupdatem - ok
19:19:26.0787 0972 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
19:19:26.0787 0972 gusvc - ok
19:19:26.0803 0972 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
19:19:26.0803 0972 hcw85cir - ok
19:19:26.0834 0972 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:19:26.0834 0972 HdAudAddService - ok
19:19:26.0865 0972 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
19:19:26.0865 0972 HDAudBus - ok
19:19:26.0865 0972 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
19:19:26.0865 0972 HidBatt - ok
19:19:26.0881 0972 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
19:19:26.0881 0972 HidBth - ok
19:19:26.0897 0972 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
19:19:26.0897 0972 HidIr - ok
19:19:26.0928 0972 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
19:19:26.0928 0972 hidserv - ok
19:19:26.0943 0972 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
19:19:26.0943 0972 HidUsb - ok
19:19:26.0959 0972 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
19:19:26.0959 0972 hkmsvc - ok
19:19:26.0975 0972 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:19:26.0975 0972 HomeGroupListener - ok
19:19:27.0006 0972 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:19:27.0006 0972 HomeGroupProvider - ok
19:19:27.0021 0972 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
19:19:27.0021 0972 HpSAMD - ok
19:19:27.0053 0972 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
19:19:27.0068 0972 HTTP - ok
19:19:27.0084 0972 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
19:19:27.0084 0972 hwpolicy - ok
19:19:27.0115 0972 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
19:19:27.0115 0972 i8042prt - ok
19:19:27.0131 0972 [ D469B77687E12FE43E344806740B624D ] iaStor C:\Windows\system32\drivers\iaStor.sys
19:19:27.0131 0972 iaStor - ok
19:19:27.0193 0972 [ 983FC69644DDF0486C8DFEA262948D1A ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
19:19:27.0193 0972 IAStorDataMgrSvc - ok
19:19:27.0224 0972 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
19:19:27.0240 0972 iaStorV - ok
19:19:27.0333 0972 [ E4693409D06785477A49FB34AFAE1B92 ] IconMan_R C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
19:19:27.0380 0972 IconMan_R - ok
19:19:27.0427 0972 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:19:27.0443 0972 idsvc - ok
19:19:27.0692 0972 [ A47D902F5C0C43DCF5EE2CAE02BF39A8 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
19:19:27.0926 0972 igfx - ok
19:19:27.0957 0972 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
19:19:27.0973 0972 iirsp - ok
19:19:28.0004 0972 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
19:19:28.0035 0972 IKEEXT - ok
19:19:28.0067 0972 [ CADDF0927DAC63EDAE48F5C35A61D87D ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
19:19:28.0067 0972 intaud_WaveExtensible - ok
19:19:28.0113 0972 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
19:19:28.0113 0972 IntcDAud - ok
19:19:28.0129 0972 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
19:19:28.0129 0972 intelide - ok
19:19:28.0160 0972 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
19:19:28.0160 0972 intelppm - ok
19:19:28.0191 0972 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
19:19:28.0191 0972 IPBusEnum - ok
19:19:28.0207 0972 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:19:28.0207 0972 IpFilterDriver - ok
19:19:28.0254 0972 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
19:19:28.0254 0972 iphlpsvc - ok
19:19:28.0269 0972 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
19:19:28.0269 0972 IPMIDRV - ok
19:19:28.0285 0972 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
19:19:28.0285 0972 IPNAT - ok
19:19:28.0316 0972 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
19:19:28.0316 0972 IRENUM - ok
19:19:28.0332 0972 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
19:19:28.0332 0972 isapnp - ok
19:19:28.0347 0972 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
19:19:28.0347 0972 iScsiPrt - ok
19:19:28.0394 0972 [ 716F66336F10885D935B08174DC54242 ] iwdbus C:\Windows\system32\DRIVERS\iwdbus.sys
19:19:28.0394 0972 iwdbus - ok
19:19:28.0425 0972 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
19:19:28.0425 0972 kbdclass - ok
19:19:28.0457 0972 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
19:19:28.0457 0972 kbdhid - ok
19:19:28.0457 0972 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
19:19:28.0457 0972 KeyIso - ok
19:19:28.0488 0972 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
19:19:28.0503 0972 KSecDD - ok
19:19:28.0519 0972 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
19:19:28.0519 0972 KSecPkg - ok
19:19:28.0535 0972 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
19:19:28.0535 0972 ksthunk - ok
19:19:28.0566 0972 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
19:19:28.0566 0972 KtmRm - ok
19:19:28.0613 0972 [ EBED8B3FF4A823C1A6EEBEED7B29353F ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys
19:19:28.0613 0972 L1C - ok
19:19:28.0644 0972 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
19:19:28.0644 0972 LanmanServer - ok
19:19:28.0675 0972 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:19:28.0691 0972 LanmanWorkstation - ok
19:19:28.0737 0972 [ B705C7097F9A0EC941D02DCE7C7D426C ] Live Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
19:19:28.0737 0972 Live Updater Service - ok
19:19:28.0769 0972 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
19:19:28.0769 0972 lltdio - ok
19:19:28.0800 0972 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
19:19:28.0800 0972 lltdsvc - ok
19:19:28.0815 0972 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
19:19:28.0815 0972 lmhosts - ok
19:19:28.0878 0972 [ D75C4B4A8FE6D7FD74A7EECDBAEC729F ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
19:19:28.0878 0972 LMS - ok
19:19:28.0925 0972 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
19:19:28.0925 0972 LSI_FC - ok
19:19:28.0925 0972 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
19:19:28.0940 0972 LSI_SAS - ok
19:19:28.0971 0972 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
19:19:28.0987 0972 LSI_SAS2 - ok
19:19:28.0987 0972 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
19:19:29.0003 0972 LSI_SCSI - ok
19:19:29.0018 0972 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
19:19:29.0018 0972 luafv - ok
19:19:29.0081 0972 [ A8FE8F2783B2929B56F5370A89356CE9 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
19:19:29.0081 0972 MBAMProtector - ok
19:19:29.0143 0972 [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
19:19:29.0143 0972 MBAMScheduler - ok
19:19:29.0190 0972 [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
19:19:29.0205 0972 MBAMService - ok
19:19:29.0221 0972 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
19:19:29.0221 0972 Mcx2Svc - ok
19:19:29.0237 0972 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
19:19:29.0237 0972 megasas - ok
19:19:29.0283 0972 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
19:19:29.0283 0972 MegaSR - ok
19:19:29.0315 0972 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\drivers\HECIx64.sys
19:19:29.0315 0972 MEIx64 - ok
19:19:29.0346 0972 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
19:19:29.0346 0972 MMCSS - ok
19:19:29.0361 0972 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
19:19:29.0361 0972 Modem - ok
19:19:29.0393 0972 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
19:19:29.0393 0972 monitor - ok
19:19:29.0486 0972 [ 290750346F5937B02F62594B8EB03215 ] MotoHelper C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe
19:19:29.0486 0972 MotoHelper - ok
19:19:29.0502 0972 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\drivers\mouclass.sys
19:19:29.0502 0972 mouclass - ok
19:19:29.0533 0972 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\drivers\mouhid.sys
19:19:29.0533 0972 mouhid - ok
19:19:29.0549 0972 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
19:19:29.0549 0972 mountmgr - ok
19:19:29.0580 0972 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
19:19:29.0580 0972 mpio - ok
19:19:29.0595 0972 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
19:19:29.0595 0972 mpsdrv - ok
19:19:29.0642 0972 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
19:19:29.0658 0972 MpsSvc - ok
19:19:29.0673 0972 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
19:19:29.0673 0972 MRxDAV - ok
19:19:29.0689 0972 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
19:19:29.0689 0972 mrxsmb - ok
19:19:29.0720 0972 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:19:29.0720 0972 mrxsmb10 - ok
19:19:29.0736 0972 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:19:29.0736 0972 mrxsmb20 - ok
19:19:29.0751 0972 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
19:19:29.0751 0972 msahci - ok
19:19:29.0751 0972 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
19:19:29.0767 0972 msdsm - ok
19:19:29.0783 0972 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
19:19:29.0798 0972 MSDTC - ok
19:19:29.0798 0972 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
19:19:29.0798 0972 Msfs - ok
19:19:29.0814 0972 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
19:19:29.0829 0972 mshidkmdf - ok
19:19:29.0829 0972 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
19:19:29.0829 0972 msisadrv - ok
19:19:29.0876 0972 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
19:19:29.0876 0972 MSiSCSI - ok
19:19:29.0892 0972 msiserver - ok
19:19:29.0923 0972 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
19:19:29.0923 0972 MSKSSRV - ok
19:19:29.0954 0972 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
19:19:29.0954 0972 MSPCLOCK - ok
19:19:29.0985 0972 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
19:19:29.0985 0972 MSPQM - ok
19:19:30.0001 0972 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
19:19:30.0001 0972 MsRPC - ok
19:19:30.0017 0972 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
19:19:30.0017 0972 mssmbios - ok
19:19:30.0017 0972 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
19:19:30.0017 0972 MSTEE - ok
19:19:30.0032 0972 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
19:19:30.0032 0972 MTConfig - ok
19:19:30.0048 0972 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
19:19:30.0048 0972 Mup - ok
19:19:30.0063 0972 [ C009123B206C56854F4E88596035231D ] mwlPSDFilter C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
19:19:30.0063 0972 mwlPSDFilter - ok
19:19:30.0079 0972 [ BF3739EEB9F008B1DEBAC115089A53F8 ] mwlPSDNServ C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
19:19:30.0079 0972 mwlPSDNServ - ok
19:19:30.0095 0972 [ 38DD143D95E7A01B86F219DDA9C28779 ] mwlPSDVDisk C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
19:19:30.0095 0972 mwlPSDVDisk - ok
19:19:30.0141 0972 [ 4BBB9D9C4DF259FAE2D172C5BB25DDD0 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
19:19:30.0141 0972 MyWiFiDHCPDNS - ok
19:19:30.0173 0972 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
19:19:30.0188 0972 napagent - ok
19:19:30.0251 0972 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
19:19:30.0251 0972 NativeWifiP - ok
19:19:30.0297 0972 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
19:19:30.0313 0972 NDIS - ok
19:19:30.0329 0972 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
19:19:30.0329 0972 NdisCap - ok
19:19:30.0360 0972 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
19:19:30.0360 0972 NdisTapi - ok
19:19:30.0375 0972 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
19:19:30.0375 0972 Ndisuio - ok
19:19:30.0391 0972 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
19:19:30.0391 0972 NdisWan - ok
19:19:30.0391 0972 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
19:19:30.0407 0972 NDProxy - ok
19:19:30.0438 0972 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
19:19:30.0438 0972 NetBIOS - ok
19:19:30.0453 0972 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
19:19:30.0453 0972 NetBT - ok
19:19:30.0469 0972 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
19:19:30.0469 0972 Netlogon - ok
19:19:30.0500 0972 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
19:19:30.0500 0972 Netman - ok
19:19:30.0516 0972 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
19:19:30.0531 0972 netprofm - ok
19:19:30.0563 0972 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:19:30.0563 0972 NetTcpPortSharing - ok
19:19:30.0734 0972 [ AC69618DE5BCCE8747C9AB0AAE1003C1 ] NETwNs64 C:\Windows\system32\DRIVERS\NETwNs64.sys
19:19:30.0906 0972 NETwNs64 - ok
19:19:30.0937 0972 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
19:19:30.0937 0972 nfrd960 - ok
19:19:30.0968 0972 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
19:19:30.0984 0972 NlaSvc - ok
19:19:31.0077 0972 [ 5839A8027D6D324A7CD494051A96628C ] NOBU C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
19:19:31.0140 0972 NOBU - ok
19:19:31.0155 0972 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
19:19:31.0155 0972 Npfs - ok
19:19:31.0171 0972 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
19:19:31.0171 0972 nsi - ok
19:19:31.0202 0972 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
19:19:31.0202 0972 nsiproxy - ok
19:19:31.0265 0972 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
19:19:31.0296 0972 Ntfs - ok
19:19:31.0343 0972 [ 1873214666F6F0A883742DF91FBC48C9 ] NTI IScheduleSvc C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
19:19:31.0358 0972 NTI IScheduleSvc - ok
19:19:31.0374 0972 [ EE3BA1024594D5D09E314F206B94069E ] NTIDrvr C:\Windows\system32\drivers\NTIDrvr.sys
19:19:31.0374 0972 NTIDrvr - ok
19:19:31.0389 0972 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
19:19:31.0389 0972 Null - ok
19:19:31.0421 0972 [ 0EBC9D13CD96C15B1B18D8678A609E4B ] nusb3hub C:\Windows\system32\drivers\nusb3hub.sys
19:19:31.0421 0972 nusb3hub - ok
19:19:31.0436 0972 [ 7BDEC000D56D485021D9C1E63C2F81CA ] nusb3xhc C:\Windows\system32\drivers\nusb3xhc.sys
19:19:31.0436 0972 nusb3xhc - ok
19:19:31.0452 0972 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
19:19:31.0467 0972 nvraid - ok
19:19:31.0483 0972 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
19:19:31.0499 0972 nvstor - ok
19:19:31.0514 0972 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
19:19:31.0514 0972 nv_agp - ok
19:19:31.0530 0972 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
19:19:31.0530 0972 ohci1394 - ok
19:19:31.0577 0972 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:19:31.0577 0972 ose - ok
19:19:31.0686 0972 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
19:19:31.0795 0972 osppsvc - ok
19:19:31.0826 0972 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
19:19:31.0826 0972 p2pimsvc - ok
19:19:31.0857 0972 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
19:19:31.0857 0972 p2psvc - ok
19:19:31.0889 0972 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
19:19:31.0889 0972 Parport - ok
19:19:31.0904 0972 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
19:19:31.0904 0972 partmgr - ok
19:19:31.0920 0972 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
19:19:31.0920 0972 PcaSvc - ok
19:19:31.0935 0972 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
19:19:31.0935 0972 pci - ok
19:19:31.0951 0972 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
19:19:31.0951 0972 pciide - ok
19:19:31.0967 0972 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
19:19:31.0982 0972 pcmcia - ok
19:19:31.0982 0972 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
19:19:31.0982 0972 pcw - ok
19:19:32.0013 0972 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
19:19:32.0013 0972 PEAUTH - ok
19:19:32.0091 0972 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
19:19:32.0091 0972 PerfHost - ok
19:19:32.0154 0972 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
19:19:32.0185 0972 pla - ok
19:19:32.0232 0972 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
19:19:32.0232 0972 PlugPlay - ok
19:19:32.0247 0972 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
19:19:32.0263 0972 PNRPAutoReg - ok
19:19:32.0263 0972 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
19:19:32.0263 0972 PNRPsvc - ok
19:19:32.0310 0972 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
19:19:32.0310 0972 PolicyAgent - ok
19:19:32.0357 0972 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
19:19:32.0357 0972 Power - ok
19:19:32.0388 0972 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
19:19:32.0388 0972 PptpMiniport - ok
19:19:32.0403 0972 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
19:19:32.0403 0972 Processor - ok
19:19:32.0450 0972 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
19:19:32.0450 0972 ProfSvc - ok
19:19:32.0466 0972 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
19:19:32.0466 0972 ProtectedStorage - ok
19:19:32.0497 0972 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
19:19:32.0497 0972 Psched - ok
19:19:32.0528 0972 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
19:19:32.0575 0972 ql2300 - ok
19:19:32.0575 0972 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
19:19:32.0575 0972 ql40xx - ok
19:19:32.0622 0972 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
19:19:32.0622 0972 QWAVE - ok
19:19:32.0637 0972 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
19:19:32.0637 0972 QWAVEdrv - ok
19:19:32.0637 0972 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
19:19:32.0637 0972 RasAcd - ok
19:19:32.0669 0972 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
19:19:32.0669 0972 RasAgileVpn - ok
19:19:32.0684 0972 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
19:19:32.0684 0972 RasAuto - ok
19:19:32.0700 0972 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
19:19:32.0700 0972 Rasl2tp - ok
19:19:32.0715 0972 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
19:19:32.0715 0972 RasMan - ok
19:19:32.0731 0972 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
19:19:32.0731 0972 RasPppoe - ok
19:19:32.0762 0972 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
19:19:32.0762 0972 RasSstp - ok
19:19:32.0793 0972 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
19:19:32.0793 0972 rdbss - ok
19:19:32.0809 0972 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
19:19:32.0809 0972 rdpbus - ok
19:19:32.0825 0972 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
19:19:32.0825 0972 RDPCDD - ok
19:19:32.0840 0972 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
19:19:32.0840 0972 RDPENCDD - ok
19:19:32.0856 0972 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
19:19:32.0856 0972 RDPREFMP - ok
19:19:32.0887 0972 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
19:19:32.0887 0972 RDPWD - ok
19:19:32.0918 0972 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
19:19:32.0918 0972 rdyboost - ok
19:19:32.0981 0972 [ A436F5E7D80BBDBB0826D0F176D5BEA8 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
19:19:33.0012 0972 RegSrvc - ok
19:19:33.0027 0972 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
19:19:33.0027 0972 RemoteAccess - ok
19:19:33.0059 0972 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
19:19:33.0059 0972 RemoteRegistry - ok
19:19:33.0090 0972 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
19:19:33.0090 0972 RFCOMM - ok
19:19:33.0105 0972 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
19:19:33.0105 0972 RpcEptMapper - ok
19:19:33.0121 0972 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
19:19:33.0121 0972 RpcLocator - ok
19:19:33.0152 0972 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
19:19:33.0152 0972 RpcSs - ok
19:19:33.0199 0972 [ D5C3E1629A3F7F0857D27949252B94CE ] RSPCIESTOR C:\Windows\system32\DRIVERS\RtsPStor.sys
19:19:33.0199 0972 RSPCIESTOR - ok
19:19:33.0246 0972 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
19:19:33.0246 0972 rspndr - ok
19:19:33.0293 0972 [ 7CB9F0FDD730F4A4ECF6CDE15EA12E8A ] RS_Service C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
19:19:33.0308 0972 RS_Service - ok
19:19:33.0308 0972 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
19:19:33.0308 0972 SamSs - ok
19:19:33.0339 0972 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
19:19:33.0339 0972 sbp2port - ok
19:19:33.0371 0972 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
19:19:33.0371 0972 SCardSvr - ok
19:19:33.0386 0972 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
19:19:33.0386 0972 scfilter - ok
19:19:33.0417 0972 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
19:19:33.0433 0972 Schedule - ok
19:19:33.0464 0972 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
19:19:33.0464 0972 SCPolicySvc - ok
19:19:33.0511 0972 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
19:19:33.0511 0972 sdbus - ok
19:19:33.0542 0972 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
19:19:33.0542 0972 SDRSVC - ok
19:19:33.0573 0972 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
19:19:33.0573 0972 secdrv - ok
19:19:33.0573 0972 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
19:19:33.0589 0972 seclogon - ok
19:19:33.0605 0972 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
19:19:33.0605 0972 SENS - ok
19:19:33.0620 0972 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
19:19:33.0620 0972 SensrSvc - ok
19:19:33.0636 0972 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
19:19:33.0636 0972 Serenum - ok
19:19:33.0667 0972 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
19:19:33.0667 0972 Serial - ok
19:19:33.0667 0972 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
19:19:33.0667 0972 sermouse - ok
19:19:33.0683 0972 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
19:19:33.0683 0972 SessionEnv - ok
19:19:33.0698 0972 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
19:19:33.0698 0972 sffdisk - ok
19:19:33.0698 0972 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
19:19:33.0714 0972 sffp_mmc - ok
19:19:33.0714 0972 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
19:19:33.0714 0972 sffp_sd - ok
19:19:33.0714 0972 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
19:19:33.0729 0972 sfloppy - ok
19:19:33.0761 0972 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
19:19:33.0776 0972 Sftfs - ok
19:19:33.0839 0972 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
19:19:33.0854 0972 sftlist - ok
19:19:33.0885 0972 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
19:19:33.0901 0972 Sftplay - ok
19:19:33.0917 0972 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
19:19:33.0917 0972 Sftredir - ok
19:19:33.0932 0972 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
19:19:33.0932 0972 Sftvol - ok
19:19:33.0963 0972 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
19:19:33.0963 0972 sftvsa - ok
19:19:33.0995 0972 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
19:19:34.0010 0972 SharedAccess - ok
19:19:34.0026 0972 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:19:34.0041 0972 ShellHWDetection - ok
19:19:34.0057 0972 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
19:19:34.0057 0972 SiSRaid2 - ok
19:19:34.0088 0972 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
19:19:34.0088 0972 SiSRaid4 - ok
19:19:34.0135 0972 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
19:19:34.0135 0972 SkypeUpdate - ok
19:19:34.0166 0972 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
19:19:34.0166 0972 Smb - ok
19:19:34.0197 0972 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
19:19:34.0197 0972 SNMPTRAP - ok
19:19:34.0229 0972 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
19:19:34.0229 0972 spldr - ok
19:19:34.0275 0972 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
19:19:34.0291 0972 Spooler - ok
19:19:34.0353 0972 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
19:19:34.0431 0972 sppsvc - ok
19:19:34.0447 0972 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
19:19:34.0447 0972 sppuinotify - ok
19:19:34.0478 0972 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
19:19:34.0478 0972 srv - ok
19:19:34.0494 0972 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
19:19:34.0494 0972 srv2 - ok
19:19:34.0509 0972 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
19:19:34.0509 0972 srvnet - ok
19:19:34.0556 0972 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
19:19:34.0556 0972 SSDPSRV - ok
19:19:34.0572 0972 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
19:19:34.0572 0972 SstpSvc - ok
19:19:34.0587 0972 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
19:19:34.0603 0972 stexstor - ok
19:19:34.0634 0972 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
19:19:34.0634 0972 stisvc - ok
19:19:34.0665 0972 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
19:19:34.0665 0972 swenum - ok
19:19:34.0681 0972 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
19:19:34.0697 0972 swprv - ok
19:19:34.0728 0972 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
19:19:34.0775 0972 SysMain - ok
19:19:34.0790 0972 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:19:34.0790 0972 TabletInputService - ok
19:19:34.0806 0972 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
19:19:34.0806 0972 TapiSrv - ok
19:19:34.0821 0972 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
19:19:34.0821 0972 TBS - ok
19:19:34.0884 0972 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
19:19:34.0931 0972 Tcpip - ok
19:19:34.0977 0972 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
19:19:34.0993 0972 TCPIP6 - ok
19:19:35.0040 0972 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
19:19:35.0040 0972 tcpipreg - ok
19:19:35.0055 0972 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
19:19:35.0055 0972 TDPIPE - ok
19:19:35.0087 0972 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
19:19:35.0087 0972 TDTCP - ok
19:19:35.0118 0972 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
19:19:35.0118 0972 tdx - ok
19:19:35.0133 0972 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
19:19:35.0133 0972 TermDD - ok
19:19:35.0165 0972 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
19:19:35.0180 0972 TermService - ok
19:19:35.0196 0972 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
19:19:35.0196 0972 Themes - ok
19:19:35.0196 0972 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
19:19:35.0196 0972 THREADORDER - ok
19:19:35.0227 0972 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
19:19:35.0227 0972 TrkWks - ok
19:19:35.0274 0972 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:19:35.0274 0972 TrustedInstaller - ok
19:19:35.0289 0972 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
19:19:35.0305 0972 tssecsrv - ok
19:19:35.0321 0972 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
19:19:35.0321 0972 TsUsbFlt - ok
19:19:35.0352 0972 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
19:19:35.0367 0972 TsUsbGD - ok
19:19:35.0383 0972 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
19:19:35.0383 0972 tunnel - ok
19:19:35.0414 0972 [ FD24F98D2898BE093FE926604BE7DB99 ] TurboB C:\Windows\system32\DRIVERS\TurboB.sys
19:19:35.0414 0972 TurboB - ok
19:19:35.0445 0972 [ 600B406A04D90F577FEA8A88D7379F08 ] TurboBoost C:\Program Files\Intel\TurboBoost\TurboBoost.exe
19:19:35.0445 0972 TurboBoost - ok
19:19:35.0477 0972 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
19:19:35.0492 0972 uagp35 - ok
19:19:35.0492 0972 [ A17D5E1A6DF4EAB0A480F2C490DE4C9D ] UBHelper C:\Windows\system32\drivers\UBHelper.sys
19:19:35.0492 0972 UBHelper - ok
19:19:35.0508 0972 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
19:19:35.0508 0972 udfs - ok
19:19:35.0555 0972 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
19:19:35.0555 0972 UI0Detect - ok
19:19:35.0586 0972 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
19:19:35.0586 0972 uliagpkx - ok
19:19:35.0601 0972 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
19:19:35.0601 0972 umbus - ok
19:19:35.0633 0972 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
19:19:35.0633 0972 UmPass - ok
19:19:35.0726 0972 [ 758C2CE427C343F780A205E28555C98D ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
19:19:35.0804 0972 UNS - ok
19:19:35.0835 0972 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
19:19:35.0835 0972 upnphost - ok
19:19:35.0867 0972 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
19:19:35.0867 0972 usbccgp - ok
19:19:35.0882 0972 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
19:19:35.0882 0972 usbcir - ok
19:19:35.0898 0972 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
19:19:35.0898 0972 usbehci - ok
19:19:35.0929 0972 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\drivers\usbhub.sys
19:19:35.0929 0972 usbhub - ok
19:19:35.0945 0972 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
19:19:35.0945 0972 usbohci - ok
19:19:35.0960 0972 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
19:19:35.0960 0972 usbprint - ok
19:19:35.0991 0972 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
19:19:35.0991 0972 usbscan - ok
19:19:36.0007 0972 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:19:36.0007 0972 USBSTOR - ok
19:19:36.0023 0972 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
19:19:36.0023 0972 usbuhci - ok
19:19:36.0038 0972 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
19:19:36.0038 0972 usbvideo - ok
19:19:36.0085 0972 [ 70D05EE263568A742D14E1876DF80532 ] usb_rndisx C:\Windows\system32\drivers\usb8023x.sys
19:19:36.0085 0972 usb_rndisx - ok
19:19:36.0101 0972 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
19:19:36.0101 0972 UxSms - ok
19:19:36.0116 0972 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
19:19:36.0116 0972 VaultSvc - ok
19:19:36.0147 0972 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
19:19:36.0147 0972 vdrvroot - ok
19:19:36.0179 0972 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
19:19:36.0194 0972 vds - ok
19:19:36.0225 0972 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
19:19:36.0225 0972 vga - ok
19:19:36.0241 0972 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
19:19:36.0241 0972 VgaSave - ok
19:19:36.0257 0972 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
19:19:36.0272 0972 vhdmp - ok
19:19:36.0272 0972 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
19:19:36.0272 0972 viaide - ok
19:19:36.0288 0972 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
19:19:36.0288 0972 volmgr - ok
19:19:36.0319 0972 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
19:19:36.0319 0972 volmgrx - ok
19:19:36.0335 0972 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
19:19:36.0350 0972 volsnap - ok
19:19:36.0381 0972 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
19:19:36.0381 0972 vsmraid - ok
19:19:36.0428 0972 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
19:19:36.0475 0972 VSS - ok
19:19:36.0475 0972 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
19:19:36.0475 0972 vwifibus - ok
19:19:36.0506 0972 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
19:19:36.0506 0972 vwififlt - ok
19:19:36.0537 0972 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
19:19:36.0537 0972 vwifimp - ok
19:19:36.0537 0972 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
19:19:36.0553 0972 W32Time - ok
19:19:36.0569 0972 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
19:19:36.0569 0972 WacomPen - ok
19:19:36.0600 0972 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
19:19:36.0600 0972 WANARP - ok
19:19:36.0600 0972 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
19:19:36.0600 0972 Wanarpv6 - ok
19:19:36.0662 0972 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
19:19:36.0693 0972 WatAdminSvc - ok
19:19:36.0740 0972 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
19:19:36.0771 0972 wbengine - ok
19:19:36.0787 0972 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
19:19:36.0803 0972 WbioSrvc - ok
19:19:36.0834 0972 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
19:19:36.0834 0972 wcncsvc - ok
19:19:36.0849 0972 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:19:36.0849 0972 WcsPlugInService - ok
19:19:36.0881 0972 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
19:19:36.0881 0972 Wd - ok
19:19:36.0912 0972 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
19:19:36.0943 0972 Wdf01000 - ok
19:19:36.0959 0972 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
19:19:36.0959 0972 WdiServiceHost - ok
19:19:36.0959 0972 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
19:19:36.0959 0972 WdiSystemHost - ok
19:19:37.0005 0972 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
19:19:37.0005 0972 WebClient - ok
19:19:37.0021 0972 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
19:19:37.0021 0972 Wecsvc - ok
19:19:37.0037 0972 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
19:19:37.0037 0972 wercplsupport - ok
19:19:37.0068 0972 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
19:19:37.0068 0972 WerSvc - ok
19:19:37.0099 0972 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
19:19:37.0099 0972 WfpLwf - ok
19:19:37.0115 0972 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
19:19:37.0115 0972 WIMMount - ok
19:19:37.0115 0972 WinHttpAutoProxySvc - ok
19:19:37.0177 0972 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
19:19:37.0177 0972 Winmgmt - ok
19:19:37.0239 0972 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
19:19:37.0286 0972 WinRM - ok
19:19:37.0333 0972 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
19:19:37.0333 0972 WinUsb - ok
19:19:37.0364 0972 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
19:19:37.0395 0972 Wlansvc - ok
19:19:37.0427 0972 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
19:19:37.0427 0972 wlcrasvc - ok
19:19:37.0505 0972 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:19:37.0567 0972 wlidsvc - ok
19:19:37.0598 0972 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
19:19:37.0598 0972 WmiAcpi - ok
19:19:37.0629 0972 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
19:19:37.0629 0972 wmiApSrv - ok
19:19:37.0645 0972 WMPNetworkSvc - ok
19:19:37.0676 0972 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
19:19:37.0676 0972 WPCSvc - ok
19:19:37.0692 0972 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
19:19:37.0692 0972 WPDBusEnum - ok
19:19:37.0723 0972 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
19:19:37.0723 0972 ws2ifsl - ok
19:19:37.0723 0972 WSearch - ok
19:19:37.0801 0972 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
19:19:37.0863 0972 wuauserv - ok
19:19:37.0895 0972 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
19:19:37.0895 0972 WudfPf - ok
19:19:37.0941 0972 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
19:19:37.0957 0972 WUDFRd - ok
19:19:37.0988 0972 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
19:19:37.0988 0972 wudfsvc - ok
19:19:38.0004 0972 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
19:19:38.0019 0972 WwanSvc - ok
19:19:38.0097 0972 [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
19:19:38.0097 0972 YahooAUService - ok
19:19:38.0129 0972 ================ Scan global ===============================
19:19:38.0144 0972 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
19:19:38.0175 0972 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
19:19:38.0191 0972 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
19:19:38.0207 0972 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
19:19:38.0222 0972 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
19:19:38.0222 0972 [Global] - ok
19:19:38.0222 0972 ================ Scan MBR ==================================
19:19:38.0238 0972 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
19:19:38.0706 0972 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
19:19:38.0706 0972 \Device\Harddisk0\DR0 - detected TDSS File System (1)
19:19:38.0706 0972 ================ Scan VBR ==================================
19:19:38.0721 0972 [ 606CA7157DFD9A9A3707218E4AA3E8E4 ] \Device\Harddisk0\DR0\Partition1
19:19:38.0721 0972 \Device\Harddisk0\DR0\Partition1 - ok
19:19:38.0737 0972 [ 11CF5C4190ED8B3E3EEE6B01F03D0C8A ] \Device\Harddisk0\DR0\Partition2
19:19:38.0737 0972 \Device\Harddisk0\DR0\Partition2 - ok
19:19:38.0737 0972 ============================================================
19:19:38.0737 0972 Scan finished
19:19:38.0737 0972 ============================================================
19:19:38.0753 0960 Detected object count: 1
19:19:38.0753 0960 Actual detected object count: 1
19:20:33.0930 0960 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
19:20:33.0930 0960 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip








I ran this in safe mode with networking immediately after I downloaded it from your link. I'm going to download the other programs now and attempt to run them in normal mode, as per your instructions, and then I will post results... I hope running this one in safe mode was okay...



THANK YOU!!!!!! I can't tell you how much I appreciate your help!!!!

#10 chasethecarrot

chasethecarrot
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:11:57 AM

Posted 26 November 2012 - 12:30 AM

Here is my aswMBR log, also I didn't click "FixMBR" because your instructions didn't say to... should I run it again and fix this time?

aswMBR log:
aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-10-16 15:24:55
-----------------------------
15:24:55.582 OS Version: Windows x64 6.1.7601 Service Pack 1
15:24:55.582 Number of processors: 4 586 0x2A07
15:24:55.582 ComputerName: JORDANA-PC UserName: Jordana
15:24:56.708 Initialize success
15:39:54.244 AVAST engine defs: 12101601
15:40:16.602 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
15:40:16.602 Disk 0 Vendor: ST950032 0001 Size: 476940MB BusType: 3
15:40:16.617 Disk 0 MBR read successfully
15:40:16.617 Disk 0 MBR scan
15:40:16.633 Disk 0 Windows 7 default MBR code
15:40:16.633 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 18432 MB offset 2048
15:40:16.648 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 37750784
15:40:16.664 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 458406 MB offset 37955584
15:40:16.680 Disk 0 scanning C:\Windows\system32\drivers
15:40:26.640 Service scanning
15:40:50.784 Modules scanning
15:40:50.799 Disk 0 trace - called modules:
15:40:50.862 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
15:40:51.376 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80068ec060]
15:40:51.376 3 CLASSPNP.SYS[fffff8800120143f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0xfffffa8004a7f050]
15:40:52.297 AVAST engine scan C:\Windows
15:40:54.606 AVAST engine scan C:\Windows\system32
15:43:12.449 AVAST engine scan C:\Windows\system32\drivers
15:43:24.606 AVAST engine scan C:\Users\Jordana
15:45:22.534 File: C:\Users\Jordana\AppData\Local\Temp\C80F.tmp **INFECTED** Win32:Malware-gen
15:46:01.823 File: C:\Users\Jordana\AppData\Local\Temp\Realtek_High_Definition_Audio_Codec.exe **INFECTED** Win32:Malware-gen
15:47:35.010 AVAST engine scan C:\ProgramData
15:48:03.487 File: C:\ProgramData\Microsoft\Windows\DRM\3248.tmp **INFECTED** Win32:Malware-gen
15:48:03.534 File: C:\ProgramData\Microsoft\Windows\DRM\3249.tmp **INFECTED** Win32:Malware-gen
15:48:16.671 Scan finished successfully
15:49:59.945 Disk 0 MBR has been saved successfully to "C:\Users\Jordana\Documents\MBR.dat"
15:49:59.945 The log file has been saved successfully to "C:\Users\Jordana\Documents\aswMBR.txt"


aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2012-11-25 19:45:34
-----------------------------
19:45:34.711 OS Version: Windows x64 6.1.7601 Service Pack 1
19:45:34.711 Number of processors: 4 586 0x2A07
19:45:34.711 ComputerName: JORDANA-PC UserName: Jordana
19:45:36.084 Initialize success
19:50:30.418 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
19:50:30.418 Disk 0 Vendor: ST950032 0001 Size: 476940MB BusType: 3
19:50:30.434 Disk 0 MBR read successfully
19:50:30.434 Disk 0 MBR scan
19:50:30.449 Disk 0 Windows 7 default MBR code
19:50:30.449 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 18432 MB offset 2048
19:50:30.465 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 37750784
19:50:30.465 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 458406 MB offset 37955584
19:50:30.480 Disk 0 scanning C:\Windows\system32\drivers
19:50:39.185 Service scanning
19:51:00.074 Modules scanning
19:51:00.074 Disk 0 trace - called modules:
19:51:00.105 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
19:51:00.105 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80068eb060]
19:51:00.120 3 CLASSPNP.SYS[fffff8800181743f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0xfffffa8004a98050]
19:51:00.120 Scan finished successfully
19:51:29.308 Disk 0 MBR has been saved successfully to "C:\Users\Jordana\Documents\MBR.dat"
19:51:29.308 The log file has been saved successfully to "C:\Users\Jordana\Documents\aswMBR.txt"




I ran the ESET scanner but it didn't find anything, so nothing to post from that.


Here is the minitoolbox log:
MiniToolBox by Farbar Version: 25-11-2012
Ran by Jordana (administrator) on 25-11-2012 at 21:17:52
Running from "C:\Users\Jordana\Downloads"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================
127.0.0.1 localhost
127.0.0.1 localhost

========================= IP Configuration: ================================

Intel® Centrino® Advanced-N 6205 = Wireless Network Connection (Connected)
Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.20) = Local Area Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 3 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Jordana-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection 3:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter #2
Physical Address. . . . . . . . . : A0-88-B4-AC-1F-ED
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : A0-88-B4-AC-1F-ED
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel® Centrino® Advanced-N 6205
Physical Address. . . . . . . . . : A0-88-B4-AC-1F-EC
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::f1d0:3959:7ee5:ff00%14(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.126(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Sunday, November 25, 2012 7:43:45 PM
Lease Expires . . . . . . . . . . : Monday, November 26, 2012 7:43:44 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 463505588
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-50-D2-75-B8-70-F4-E3-EB-15
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.20)
Physical Address. . . . . . . . . : B8-70-F4-E3-EB-15
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{F89BDDF0-C5B4-4FA1-A3C0-4F2F7F609884}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:9d38:953c:4b2:3165:3f57:fe81(Preferred)
Link-local IPv6 Address . . . . . : fe80::4b2:3165:3f57:fe81%18(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: UnKnown
Address: 192.168.1.1

Name: google.com
Addresses: 2001:4860:4007:801::1007
74.125.224.164
74.125.224.165
74.125.224.166
74.125.224.167
74.125.224.168
74.125.224.169
74.125.224.174
74.125.224.160
74.125.224.161
74.125.224.162
74.125.224.163


Pinging google.com [74.125.239.3] with 32 bytes of data:
Reply from 74.125.239.3: bytes=32 time=615ms TTL=53
Reply from 74.125.239.3: bytes=32 time=617ms TTL=53

Ping statistics for 74.125.239.3:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 615ms, Maximum = 617ms, Average = 616ms
Server: UnKnown
Address: 192.168.1.1

Name: yahoo.com
Addresses: 72.30.38.140
98.138.253.109
98.139.183.24


Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=844ms TTL=47
Reply from 98.138.253.109: bytes=32 time=483ms TTL=47

Ping statistics for 98.138.253.109:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 483ms, Maximum = 844ms, Average = 663ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
16...a0 88 b4 ac 1f ed ......Microsoft Virtual WiFi Miniport Adapter #2
15...a0 88 b4 ac 1f ed ......Microsoft Virtual WiFi Miniport Adapter
14...a0 88 b4 ac 1f ec ......Intel® Centrino® Advanced-N 6205
11...b8 70 f4 e3 eb 15 ......Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.20)
1...........................Software Loopback Interface 1
21...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
18...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.126 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.126 281
192.168.1.126 255.255.255.255 On-link 192.168.1.126 281
192.168.1.255 255.255.255.255 On-link 192.168.1.126 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.126 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.126 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
18 58 ::/0 On-link
1 306 ::1/128 On-link
18 58 2001::/32 On-link
18 306 2001:0:9d38:953c:4b2:3165:3f57:fe81/128
On-link
14 281 fe80::/64 On-link
18 306 fe80::/64 On-link
18 306 fe80::4b2:3165:3f57:fe81/128
On-link
14 281 fe80::f1d0:3959:7ee5:ff00/128
On-link
1 306 ff00::/8 On-link
18 306 ff00::/8 On-link
14 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 09 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (11/25/2012 07:53:47 PM) (Source: CVHSVC) (User: )
Description: Information only.
(Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: A connection with the server could not be established

Error: (11/25/2012 07:53:31 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/25/2012 07:52:58 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/25/2012 07:52:58 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/25/2012 07:52:57 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/25/2012 07:44:51 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/25/2012 07:43:59 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/25/2012 07:43:43 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/25/2012 07:17:30 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/25/2012 07:16:01 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.


System errors:
=============
Error: (11/25/2012 07:16:10 PM) (Source: DCOM) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}

Error: (11/25/2012 07:16:10 PM) (Source: DCOM) (User: )
Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (11/25/2012 07:16:05 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.

Module Path: C:\Windows\System32\IWMSSvc.dll
Error Code: 21

Error: (11/25/2012 07:16:01 PM) (Source: DCOM) (User: )
Description: 1084EventSystem{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (11/25/2012 07:15:54 PM) (Source: DCOM) (User: )
Description: 1084ShellHWDetection{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (11/25/2012 07:15:50 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
discache
mwlPSDFilter
mwlPSDNServ
mwlPSDVDisk
spldr
Wanarpv6

Error: (11/25/2012 07:15:49 PM) (Source: Service Control Manager) (User: )
Description: The Client Virtualization Handler service depends on the Application Virtualization Client service which failed to start because of the following error:
%%1068

Error: (11/25/2012 07:15:46 PM) (Source: Service Control Manager) (User: )
Description: The Conexant Audio Message Service service depends on the Windows Audio service which failed to start because of the following error:
%%1068

Error: (11/25/2012 04:24:29 PM) (Source: DCOM) (User: )
Description: {73C9DFA0-750D-11E1-B0C4-0800200C9A66}

Error: (11/25/2012 04:12:33 PM) (Source: DCOM) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}


Microsoft Office Sessions:
=========================
Error: (11/25/2012 07:53:47 PM) (Source: CVHSVC)(User: )
Description: (Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: A connection with the server could not be established

Error: (11/25/2012 07:53:31 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Jordana\Downloads\esetsmartinstaller_enu.exe

Error: (11/25/2012 07:52:58 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Jordana\Downloads\esetsmartinstaller_enu.exe

Error: (11/25/2012 07:52:58 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Jordana\Downloads\esetsmartinstaller_enu.exe

Error: (11/25/2012 07:52:57 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Jordana\Downloads\esetsmartinstaller_enu.exe

Error: (11/25/2012 07:44:51 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Jordana\Downloads\esetsmartinstaller_enu.exe

Error: (11/25/2012 07:43:59 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Jordana\Desktop\esetsmartinstaller_enu.exe

Error: (11/25/2012 07:43:43 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/25/2012 07:17:30 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/25/2012 07:16:01 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Jordana\Desktop\esetsmartinstaller_enu.exe


=========================== Installed Programs ============================

7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
Acer Backup Manager (Version: 3.0.0.99)
Acer Crystal Eye Webcam (Version: 1.0.1904)
Acer ePower Management (Version: 6.00.3006)
Acer eRecovery Management (Version: 5.00.3502)
Acer Games (Version: 1.0.3.0)
Acer Registration (Version: 1.04.3503)
Acer ScreenSaver (Version: 1.1.0621.2011)
Acer Updater (Version: 1.02.3500)
Acer USB Charge Manager (Version: 1.00.3001)
Acer VCM (Version: 4.05.3501)
Adobe AIR (Version: 2.7.0.19480)
Adobe Flash Player 11 ActiveX (Version: 11.4.402.287)
Adobe Reader X MUI (Version: 10.0.0)
Agatha Christie - Dead Man's Folly (Version: 2.2.0.95)
Agatha Christie - Death on the Nile (Version: 2.2.0.98)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (Version: 1.0.0.36)
Backup Manager V3 (Version: 3.0.0.99)
Bejeweled 2 Deluxe (Version: 2.2.0.95)
Bing Bar (Version: 7.0.765.0)
Build-a-lot 4 - Power Source (Version: 2.2.0.97)
Canon MX410 series MP Drivers
CCleaner (Version: 3.23)
Chronicles of Albian (Version: 2.2.0.95)
Chuzzle Deluxe (Version: 2.2.0.95)
clear.fi (Version: 1.0.1517_36458)
clear.fi (Version: 1.0.1720.00)
clear.fi (Version: 9.0.7709)
clear.fi Client (Version: 1.00.3500)
Conexant HD Audio (Version: 8.54.8.50)
Coupon Printer for Windows (Version: 5.0.0.1)
Cradle of Rome 2 (Version: 2.2.0.95)
D3DX10 (Version: 15.4.2368.0902)
DivX Setup (Version: 2.6.1.9)
Dora's World Adventure (Version: 2.2.0.95)
Dracula: Love Kills (Version: 2.2.0.110)
eBay Worldwide (Version: 2.2.0409)
ESET Online Scanner v3
ETDWare PS/2-X64 8.0.6.3_WHQL (Version: 8.0.6.3)
Facebook Video Calling 1.2.0.287 (Version: 1.2.287)
FATE: The Cursed King (Version: 2.2.0.97)
Final Drive: Nitro (Version: 2.2.0.95)
Galerie de photos Windows Live (Version: 15.4.3502.0922)
Google Talk Plugin (Version: 3.10.2.10212)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.4.3230.2052)
Google Update Helper (Version: 1.3.21.123)
Governor of Poker 2 Premium Edition (Version: 2.2.0.95)
Halloween: Trick or Treat (Version: 3.0.2.32)
Identity Card (Version: 1.00.3501)
Intel PROSet Wireless
Intel® Control Center (Version: 1.2.1.1007)
Intel® Management Engine Components (Version: 7.0.0.1144)
Intel® Processor Graphics (Version: 8.15.10.2345)
Intel® PROSet/Wireless WiFi Software (Version: 14.01.1000)
Intel® Rapid Storage Technology (Version: 10.1.2.1004)
Intel® Turbo Boost Technology Monitor 2.0 (Version: 2.1.23.0)
Intel® WiDi (Version: 2.1.41.0)
Intel® Wireless Display
Java Auto Updater (Version: 2.1.6.0)
Java™ 7 Update 3 (Version: 7.0.30)
JavaFX 2.0.3 (Version: 2.0.3)
Jewel Match 3 (Version: 2.2.0.97)
Junk Mail filter update (Version: 15.4.3502.0922)
Launch Manager (Version: 5.1.7)
Malwarebytes Anti-Malware version 1.65.1.1000 (Version: 1.65.1.1000)
Mesh Runtime (Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000)
Microsoft Office Starter 2010 - English (Version: 14.0.5131.5000)
Microsoft PowerPoint Viewer (Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
MotoHelper 2.1.40 Driver 5.5.0 (Version: 2.1.40)
MotoHelper MergeModules (Version: 1.2.0)
Motorola MMCP Drivers Installation 1.0.2 (Version: 1.0.2)
Motorola Mobile Drivers Installation 5.5.0 (Version: 5.5.0)
Motorola Software Update (Version: 01.16.34)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Mystery Agency: Visions In Time (Version: 3.0.2.32)
Mystery of Mortlake Mansion (Version: 2.2.0.98)
Mysteryville (Version: 2.2.0.98)
MyWinLocker (Version: 4.0.14.27)
MyWinLocker 4 (Version: 4.0.14.27)
MyWinLocker Suite (Version: 4.0.14.18)
Nancy Drew: Treasure in the Royal Tower (Version: 2.2.0.98)
newsXpresso (Version: 1.0.0.40)
NOOK for PC (Version: 2.5.4.7070)
Norton Online Backup (Version: 2.1.17869)
NTI Media Maker 9 (Version: 9.0.2.8942)
OpenOffice.org 3.3 (Version: 3.3.9567)
Penguins! (Version: 2.2.0.95)
Plants vs. Zombies - Game of the Year (Version: 2.2.0.95)
Polar Bowler (Version: 2.2.0.97)
Polar Golfer (Version: 2.2.0.95)
Realtek PCIE Card Reader (Version: 6.1.7600.74)
Renesas Electronics USB 3.0 Host Controller Driver (Version: 2.0.34.0)
Secret of the Past The Mother's Diary (Version: 3.0.2.32)
Shredder (Version: 2.0.8.9)
Skype™ 5.10 (Version: 5.10.116)
Spotify (Version: 0.8.5.1333.g822e0de8)
Times Reader (Version: 2.055)
Torchlight (Version: 2.2.0.97)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update Installer for WildTangent Games App
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
Virtual Villagers 5 - New Believers (Version: 2.2.0.97)
Welcome Center (Version: 1.02.3503)
WIDCOMM Bluetooth Software (Version: 6.3.0.7300)
WildTangent Games (Version: 1.0.4.0)
WildTangent Games App (Version: 4.0.10.2)
Windows Live (Version: 15.4.3502.0922)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3538.0513)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3538.0513)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Women's Murder Club - A Darker Shade of Grey (Version: 2.2.0.97)
Yahoo! BrowserPlus 2.9.8
Yahoo! Messenger
Yahoo! Software Update
Yahoo! Toolbar
Zuma's Revenge (Version: 2.2.0.97)

========================= Memory info: ===================================

Percentage of memory in use: 35%
Total physical RAM: 3947.86 MB
Available physical RAM: 2537.82 MB
Total Pagefile: 7893.91 MB
Available Pagefile: 6582.44 MB
Total Virtual: 4095.88 MB
Available Virtual: 3973.75 MB

========================= Partitions: =====================================

1 Drive c: (Acer) (Fixed) (Total:447.65 GB) (Free:396.05 GB) NTFS

========================= Users: ========================================

User accounts for \\JORDANA-PC

Administrator Guest Jordana

========================= Restore Points ==================================

17-10-2012 12:13:57 Scheduled Checkpoint
02-11-2012 23:50:50 Scheduled Checkpoint
10-11-2012 09:05:36 Scheduled Checkpoint
15-11-2012 11:00:17 Windows Update
24-11-2012 05:12:25 Scheduled Checkpoint
24-11-2012 06:59:21 Installed 7-Zip 9.20 (x64 edition)

**** End of log ****







Internet is still only working in safe mode, so I'm very eagerly awaiting your reply!! Thanks again!

#11 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:57 PM

Posted 26 November 2012 - 05:47 AM

I ran the ESET scanner but it didn't find anything, so nothing to post from that.


When did you run ESET? now or before?

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

#12 chasethecarrot

chasethecarrot
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:11:57 AM

Posted 26 November 2012 - 06:30 AM

The ESET scan I spoke of was today, not from earlier.

Booting into safe mode so I can download programs per your instructions, will post results very soon, thank you so much!

#13 chasethecarrot

chasethecarrot
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:11:57 AM

Posted 26 November 2012 - 06:32 AM

Also, was I supposed to click "fixMBR" after running the aswMBR program? Should I run the program again and click "FixMBR" this time?

#14 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:57 PM

Posted 26 November 2012 - 06:36 AM

Do not click on FIXMBR.Run all the scans from safemode with networking

#15 chasethecarrot

chasethecarrot
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:11:57 AM

Posted 26 November 2012 - 07:43 AM

Malwarebytes log:

Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Database version: v2012.11.26.03

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Jordana :: JORDANA-PC [administrator]

11/26/2012 3:43:59 AM
mbam-log-2012-11-26 (03-43-59).txt

Scan type: Full scan (C:\|Q:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 342663
Time elapsed: 44 minute(s), 24 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)




Rkill log:


Rkill 2.4.5 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 11/26/2012 04:31:59 AM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* WinDefend [Missing Service]
* wscsvc [Missing Service]

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* HOSTS file entries found:

127.0.0.1 localhost

Program finished at: 11/26/2012 04:32:23 AM
Execution time: 0 hours(s), 0 minute(s), and 24 seconds(s)




Autoruns log:


"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms" "" "" ""
+ "rdpclip" "" "" "File not found: rdpclip"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "DivXUpdate" "DivX Update" "" "c:\program files (x86)\divx\divx update\divxupdate.exe"
+ "mumservice" "" "" "File not found: C:\Program Files\Motorola\Software Update\mumservice.exe"
+ "SunJavaUpdateSched" "Java™ Update Scheduler" "Sun Microsystems, Inc." "c:\program files (x86)\common files\java\java update\jusched.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce" "" "" ""
+ "Malwarebytes Anti-Malware" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamgui.exe"
"C:\Users\Jordana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "OpenOffice.org 3.3.lnk" "" "" "c:\program files (x86)\openoffice.org 3\program\quickstart.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files (x86)\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Facebook Update" "Facebook Installer" "Facebook Inc." "c:\users\jordana\appdata\local\facebook\update\facebookupdate.exe"
+ "Google Update" "Google Installer" "Google Inc." "c:\users\jordana\appdata\local\google\update\googleupdate.exe"
+ "Messenger (Yahoo!)" "Yahoo! Messenger" "Yahoo! Inc." "c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe"
+ "Spotify" "Spotify" "Spotify Ltd" "c:\users\jordana\appdata\roaming\spotify\spotify.exe"
+ "Spotify Web Helper" "SpotifyWebHelper" "Spotify Ltd" "c:\users\jordana\appdata\roaming\spotify\data\spotifywebhelper.exe"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "7-Zip" "7-Zip Shell Extension" "Igor Pavlov" "c:\program files\7-zip\7-zip.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
+ "MWLIVShellExt" "Shell Dynamic Link Library" "Egis Technology Inc. " "c:\program files (x86)\egistec mywinlocker\x64\mwlivshellext.dll"
+ "ShredderContextMenu" "ShredderContextMenu" "Egis Technology Inc." "c:\program files (x86)\egistec shredder\x64\shreddercontextmenu.dll"
"HKLM\Software\Wow6432Node\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MWLIVShellExt" "Shell Dynamic Link Library" "Egis Technology Inc. " "c:\program files (x86)\egistec mywinlocker\mwlivshellext.dll"
+ "ShredderContextMenu" "ShredderContextMenu" "Egis Technology Inc." "c:\program files (x86)\egistec shredder\x86\shreddercontextmenu.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "7-Zip" "7-Zip Shell Extension" "Igor Pavlov" "c:\program files\7-zip\7-zip.dll"
"HKLM\Software\Classes\Directory\Shellex\DragDropHandlers" "" "" ""
+ "7-Zip" "7-Zip Shell Extension" "Igor Pavlov" "c:\program files\7-zip\7-zip.dll"
"HKLM\Software\Classes\Directory\Shellex\CopyHookHandlers" "" "" ""
+ "Monitor" "BTNCopy Module" "Broadcom Corporation." "c:\program files\widcomm\bluetooth software\btncopy.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll"
+ "igfxcui" "igfxpph Module" "Intel Corporation" "c:\windows\system32\igfxpph.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files (x86)\windows sidebar\sbdrop.dll"
"HKLM\Software\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" "" "OpenOffice.org" "c:\program files (x86)\openoffice.org 3\basis\program\shlxthdl\shlxthdl_x64.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll"
+ "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" "" "OpenOffice.org" "c:\program files (x86)\openoffice.org 3\basis\program\shlxthdl\shlxthdl.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Google Toolbar Helper" "Google Toolbar" "Google Inc." "c:\program files (x86)\google\google toolbar\googletoolbar_64.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "&Yahoo! Toolbar Helper" "Yahoo! Toolbar" "Yahoo! Inc." "c:\program files (x86)\yahoo!\companion\installs\cpn0\yt.dll"
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "Bing Bar Helper" "Bing Client Extensions" "Microsoft Corporation." "c:\program files (x86)\microsoft\bingbar\bingext.dll"
+ "DivX Plus Web Player HTML5 <video>" "DivX Plus Web Player HTML5 <video> version 2.1.2.145" "DivX, LLC" "c:\program files (x86)\divx\divx plus web player\ie\divxhtml5\divxhtml5.dll"
+ "Google Toolbar Helper" "Google Toolbar" "Google Inc." "c:\program files (x86)\google\google toolbar\googletoolbar_32.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files (x86)\oracle\javafx 2.0 runtime\bin\jp2ssv.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "Google Toolbar" "Google Toolbar" "Google Inc." "c:\program files (x86)\google\google toolbar\googletoolbar_64.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "Bing" "Bing Client Extensions" "Microsoft Corporation." "c:\program files (x86)\microsoft\bingbar\bingext.dll"
+ "Google Toolbar" "Google Toolbar" "Google Inc." "c:\program files (x86)\google\google toolbar\googletoolbar_32.dll"
+ "Yahoo! Toolbar" "Yahoo! Toolbar" "Yahoo! Inc." "c:\program files (x86)\yahoo!\companion\installs\cpn0\yt.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "Send to &Bluetooth Device..." "" "" "c:\program files\widcomm\bluetooth software\btsendto_ie.htm"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "&Blog This in Windows Live Writer" "Windows Live Writer Blog This Extension" "Microsoft Corporation" "c:\program files (x86)\windows live\writer\writerbrowserextension.dll"
+ "Send to &Bluetooth Device..." "" "" "c:\program files\widcomm\bluetooth software\btsendto_ie.htm"
"Task Scheduler" "" "" ""
+ "\CCleanerSkipUAC" "CCleaner" "Piriform Ltd" "c:\program files\ccleaner\ccleaner.exe"
+ "\clear.fi" "clear.fi" "Acer Incorporated" "c:\program files (x86)\acer\clear.fi\mvp\clear.fi.exe"
+ "\clear.fiAgent" "clear.fi Resident Program" "CyberLink Corp." "c:\program files (x86)\acer\clear.fi\mvp\clear.fiagent.exe"
+ "\DMREngine" "DMREngine" "CyberLink" "c:\program files (x86)\acer\clear.fi\mvp\.\kernel\dmr\dmrengine.exe"
+ "\EgisUpdate" "EgisUpdate Release Application" "Egis Technology Inc." "c:\program files\egistec ips\egisupdate.exe"
+ "\FacebookUpdateTaskUserS-1-5-21-3329607660-1330557632-2999263677-1000Core" "Facebook Installer" "Facebook Inc." "c:\users\jordana\appdata\local\facebook\update\facebookupdate.exe"
+ "\FacebookUpdateTaskUserS-1-5-21-3329607660-1330557632-2999263677-1000UA" "Facebook Installer" "Facebook Inc." "c:\users\jordana\appdata\local\facebook\update\facebookupdate.exe"
+ "\GoogleUpdateTaskUserS-1-5-21-3329607660-1330557632-2999263677-1000Core" "Google Installer" "Google Inc." "c:\users\jordana\appdata\local\google\update\googleupdate.exe"
+ "\GoogleUpdateTaskUserS-1-5-21-3329607660-1330557632-2999263677-1000UA" "Google Installer" "Google Inc." "c:\users\jordana\appdata\local\google\update\googleupdate.exe"
+ "\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task" "Windows Live Social Object Extractor Engine" "Microsoft Corporation" "c:\program files (x86)\windows live\soxe\wlsoxe.dll"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe"
+ "\PMMUpdate" "PMM Update Application" "Egis Technology Inc." "c:\program files\egistec ips\pmmupdate.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "AdobeFlashPlayerUpdateSvc" "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes." "Adobe Systems Incorporated" "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe"
+ "BBSvc" "Keeps Bing Bar up-to-date. Disabling this service might prevent updates and expose your computer to security vulnerabilities or functional flaws in Bing Bar." "Microsoft Corporation." "c:\program files (x86)\microsoft\bingbar\bbsvc.exe"
+ "BBUpdate" "Enables the detection, download and installation of up-to-date configuration files for Bing Bar. Also provides server communication for the customer experience improvement program. Stopping or disabling this service may prevent you from getting the latest updates for Bing Bar, which may expose your computer to security vulnerabilities or functional flaws in the Bing Bar." "Microsoft Corporation" "c:\program files (x86)\microsoft\bingbar\seaport.exe"
+ "btwdins" "Handles installation and removal of Bluetooth devices." "Broadcom Corporation." "c:\program files\widcomm\bluetooth software\btwdins.exe"
+ "cvhsvc" "Client Virtualization Handler Service (unlocalized description)" "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\virtualization handler\cvhsvc.exe"
+ "CxAudMsg" "Monitors audio device events and forward them to subscribing application. If this service is stop. the aduio effects will not function properly." "Conexant Systems Inc." "c:\windows\system32\cxaudmsg64.exe"
+ "DsiWMIService" "Launch Manager WMI service program" "Dritek System Inc." "c:\program files (x86)\launch manager\dsiwmis.exe"
+ "EgisTec Ticket Service" "Egis Ticket Service" "Egis Technology Inc. " "c:\program files (x86)\common files\egistec\services\egisticketservice.exe"
+ "ePowerSvc" "Acer ePower Service" "Acer Incorporated" "c:\program files\acer\acer epower management\epowersvc.exe"
+ "EvtEng" "Manages the event trace messages for all the Intel® PROSet/Wireless Software components." "Intel® Corporation" "c:\program files\intel\wifi\bin\evteng.exe"
+ "FLEXnet Licensing Service" "This service performs licensing functions on behalf of FLEXnet enabled products." "Acresso Software Inc." "c:\program files (x86)\common files\macrovision shared\flexnet publisher\fnplicensingservice.exe"
+ "GamesAppService" "WT Games App Services" "WildTangent, Inc." "c:\program files (x86)\wildtangent games\app\gamesappservice.exe"
+ "GREGService" "Global Registration Service" "Acer Incorporated" "c:\program files (x86)\acer\registration\gregsvc.exe"
+ "gupdate" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "gupdatem" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "gusvc" "Google Updater keeps your Google software up to date. If Google Updater Service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work." "Google" "c:\program files (x86)\google\common\google updater\googleupdaterservice.exe"
+ "IAStorDataMgrSvc" "Provides storage event notification and manages communication between the storage driver and user space applications." "Intel Corporation" "c:\program files (x86)\intel\intel® rapid storage technology\iastordatamgrsvc.exe"
+ "IconMan_R" "Realtek Card Reader Icon Tool." "Realsil Microelectronics Inc." "c:\program files (x86)\realtek\realtek pcie card reader\riconman.exe"
+ "Live Updater Service" "Updater Service" "Acer Incorporated" "c:\program files\acer\acer updater\updaterservice.exe"
+ "LMS" "Allows applications to access the local Intel® Management and Security Application using its locally-available selected network interfaces." "Intel Corporation" "c:\program files (x86)\intel\intel® management engine components\lms\lms.exe"
+ "MBAMScheduler" "Malwarebytes Anti-Malware scheduler" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamscheduler.exe"
+ "MBAMService" "Malwarebytes Anti-Malware service" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamservice.exe"
+ "MotoHelper" "MotoHelper Service" "" "c:\program files (x86)\motorola\motohelper\motohelperservice.exe"
+ "MyWiFiDHCPDNS" "Wireless PAN DHCP and DNS Server" "" "c:\program files\intel\wifi\bin\pandhcpdns.exe"
+ "NTI IScheduleSvc" "NTI IShadow Manage backup/Sync jobs and etc..." "NTI Corporation" "c:\program files (x86)\nti\acer backup manager\ischedulesvc.exe"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\source engine\ose.exe"
+ "osppsvc" "Office Software Protection Platform Service (unlocalized description)" "Microsoft Corporation" "c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe"
+ "RegSrvc" "Provides registry access to all Intel® PROSet/Wireless Software components" "Intel® Corporation" "c:\program files\common files\intel\wirelesscommon\regsrvc.exe"
+ "RS_Service" "Acer VCM Raw Socket Service" "Acer Incorporated" "c:\program files (x86)\acer\acer vcm\rs_service.exe"
+ "sftlist" "Streams and manages applications." "Microsoft Corporation" "c:\program files (x86)\microsoft application virtualization client\sftlist.exe"
+ "sftvsa" "Monitors global service events and launches virtual services." "Microsoft Corporation" "c:\program files (x86)\microsoft application virtualization client\sftvsa.exe"
+ "SkypeUpdate" "Enables the detection, download and installation of updates for Skype." "Skype Technologies" "c:\program files (x86)\skype\updater\updater.exe"
+ "TurboBoost" "Intel® Turbo Boost Technology Monitor 2.0" "Intel® Corporation" "c:\program files\intel\turboboost\turboboost.exe"
+ "UNS" "Intel® Management and Security Application User Notification Service - Updates the Windows Event Log with notifications of pre defined events received from the local Intel® Management and Security Application Device." "Intel Corporation" "c:\program files (x86)\intel\intel® management engine components\uns\uns.exe"
+ "wlidsvc" "Enables Windows Live ID authentication." "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidsvc.exe"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
+ "YahooAUService" "Keeps your favorite Yahoo! software up-to-date with the latest features, tools, and enhancements." "Yahoo! Inc." "c:\program files (x86)\yahoo!\softwareupdate\yahooauservice.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver (X64)" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "athr" "Atheros Extensible Wireless LAN device driver" "Atheros Communications, Inc." "c:\windows\system32\drivers\athrx.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbda.sys"
+ "b57nd60a" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60a.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "BTWAMPFL" "btwampfl Bluetooth filter driver" "Broadcom Corporation." "c:\windows\system32\drivers\btwampfl.sys"
+ "btwaudio" "Bluetooth Audio Device" "Broadcom Corporation." "c:\windows\system32\drivers\btwaudio.sys"
+ "btwavdt" "Broadcom Bluetooth AVDT Service" "Broadcom Corporation." "c:\windows\system32\drivers\btwavdt.sys"
+ "btwl2cap" "Broadcom Bluetooth L2CAP Service" "Broadcom Corporation." "c:\windows\system32\drivers\btwl2cap.sys"
+ "btwrchid" "Bluetooth Remote Control HID Minidriver" "Broadcom Corporation." "c:\windows\system32\drivers\btwrchid.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "CnxtHdAudService" "64-bit High Definition Audio Function Driver" "Conexant Systems Inc." "c:\windows\system32\drivers\chdrt64.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbda.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
+ "ETD" "ETD Kernel Center" "ELAN Microelectronics Corp." "c:\windows\system32\drivers\etd.sys"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys"
+ "iaStor" "Intel Rapid Storage Technology driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastor.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "igfx" "Intel Graphics Kernel Mode Driver" "Intel Corporation" "c:\windows\system32\drivers\igdkmd64.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "intaud_WaveExtensible" "Intel® WiDi Solution" "Intel Corporation" "c:\windows\system32\drivers\intelaud.sys"
+ "IntcDAud" "Intel® Display Audio Driver" "Intel® Corporation" "c:\windows\system32\drivers\intcdaud.sys"
+ "iwdbus" "Intel® WiDi Solution" "Intel Corporation" "c:\windows\system32\drivers\iwdbus.sys"
+ "L1C" "Atheros L1c PCI-E Gigabit Ethernet Controller" "Atheros Communications, Inc." "c:\windows\system32\drivers\l1c62x64.sys"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys"
+ "MBAMProtector" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\windows\system32\drivers\mbam.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
+ "MEIx64" "Intel® Management Engine Interface" "Intel Corporation" "c:\windows\system32\drivers\hecix64.sys"
+ "mwlPSDFilter" "mwlPSDFilter Filter Driver" "Egis Technology Inc." "c:\windows\system32\drivers\mwlpsdfilter.sys"
+ "mwlPSDNServ" "mwlPSDNServ Driver" "Egis Technology Inc." "c:\windows\system32\drivers\mwlpsdnserv.sys"
+ "mwlPSDVDisk" "mwlPSDVdisk Driver" "Egis Technology Inc." "c:\windows\system32\drivers\mwlpsdvdisk.sys"
+ "NETwNs64" "Intel® Wireless WiFi Link Driver" "Intel Corporation" "c:\windows\system32\drivers\netwns64.sys"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "NTIDrvr" "NTI CD-ROM Filter Driver" "NTI Corporation" "c:\windows\system32\drivers\ntidrvr.sys"
+ "nusb3hub" "USB 3.0 Hub Driver" "Renesas Electronics Corporation" "c:\windows\system32\drivers\nusb3hub.sys"
+ "nusb3xhc" "USB 3.0 Host Controller Driver" "Renesas Electronics Corporation" "c:\windows\system32\drivers\nusb3xhc.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
+ "RSPCIESTOR" "Realtek Pcie CardReader Driver for 2K/XP/Vista/Win7" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtspstor.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
+ "stexstor" "Promise SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys"
+ "TurboB" "Turbo Boost UI Monitor driver" "Intel® Corporation" "c:\windows\system32\drivers\turbob.sys"
+ "UBHelper" "NTI CD-ROM Filter Driver" "NTI Corporation" "c:\windows\system32\drivers\ubhelper.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Audio Layer-3 Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codecp.acm"
+ "msacm.l3codecp" "MPEG Audio Layer-3 Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codecp.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\syswow64\iccvid.dll"
+ "vidc.DIVX" "DivX" "DivX, Inc." "c:\windows\syswow64\divx.dll"
+ "vidc.yv12" "DivX" "DivX, Inc." "c:\windows\syswow64\divx.dll"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "Acer Screen Capture Filter" "Acer Screen Capture Filter" "Acer Incoporated" "c:\program files (x86)\acer\acer vcm\acerscreencap.dll"
+ "Acer Siren Decoding Filter" "Acer Siren Audio Decoding Filter" "Acer Incoporated" "c:\program files (x86)\acer\acer vcm\acersirendec.dll"
+ "Acer SirenEncoding Filter" "Acer Siren Audio Encoding Filter" "Acer Incoporated" "c:\program files (x86)\acer\acer vcm\acersirenenc.dll"
+ "Acer WMV9 Video Encoding Filter" "Acer WMV9 Video Encoding Filter" "Acer Incoporated" "c:\program files (x86)\acer\acer vcm\acerwmv9enc.dll"
+ "Capture File Writer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "CyberLink Audio Decoder (PCMMovie)" "CyberLink Audio Decoder Filter" "CyberLink Corp." "c:\program files (x86)\acer\clear.fi\movie\audiofilter\claud.ax"
+ "CyberLink Audio Effect (PCMMovie)" "CyberLink Audio Effect Filter" "CyberLink Corporation" "c:\program files (x86)\acer\clear.fi\movie\audiofilter\claudfx.ax"
+ "CyberLink Audio Spectrum Analyzer (PCMMovie)" "CLAudSpa.ax" "CyberLink Corp." "c:\program files (x86)\acer\clear.fi\movie\audiofilter\claudspa.ax"
+ "CyberLink Audio Wizard (PCMMovie)" "CyberLink Audio Wizard Filter" "CyberLink Corp." "c:\program files (x86)\acer\clear.fi\movie\audiofilter\claudwizard.ax"
+ "CyberLink DVD Navigator" "CyberLink DVD Navigation Filter" "CyberLink Corp." "c:\program files (x86)\acer\clear.fi\movie\navfilter\clnavx.ax"
+ "CyberLink Line21 Decoder (PCMMovie)" "CyberLink Line21 Decoder Filter" "CyberLink Corp." "c:\program files (x86)\acer\clear.fi\movie\videofilter\clline21.ax"
+ "CyberLink TimeStretch Filter (PCMMovie)" "CLAuTS.ax" "CyberLink Corp." "c:\program files (x86)\acer\clear.fi\movie\audiofilter\clauts.ax"
+ "CyberLink Tzan Filter (PCMMovie)" "Cyberlink Tzan Filter" "CyberLink Corp." "c:\program files (x86)\acer\clear.fi\movie\videofilter\cltzan.ax"
+ "CyberLink Video/SP Decoder (PCMMovie)" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files (x86)\acer\clear.fi\movie\videofilter\clvsd.ax"
+ "DivX AAC Decoder" "AAC audio decoder filter" "DivX, Inc." "c:\program files (x86)\divx\divx plus directshow filters\daac.ax"
+ "DivX Decoder Filter" "DivX Decoder Filter" "DivX, Inc." "c:\program files (x86)\divx\divx codec\divxdec.ax"
+ "DivX Demux Filter" "DivX Plus DMF Navigator Filter" "DivX, Inc." "c:\program files (x86)\divx\divx plus directshow filters\directshowdemuxfilter.dll"
+ "DivX Demux Filter (Unrestricted Edition)" "DivX Plus DMF Navigator Filter" "DivX, Inc." "c:\program files (x86)\divx\divx plus directshow filters\directshowdemuxfilter.dll"
+ "DivX H.264 Decoder" "DivX H.264 Decoder Filter" "DivX, Inc." "c:\program files (x86)\divx\divx plus directshow filters\divxdech264.ax"
+ "DS Video Buffer Filter" "WiDiAgent.dll COM object." "Intel Corporation" "c:\program files (x86)\common files\intel corporation\widiagent\dsbuffer_video.ax"
+ "Intel® Mux Renderer" "Intel® TS Mux / Network Renderer" "Intel Corporation" "c:\program files (x86)\common files\intel corporation\widiagent\intelmux.dll"
+ "Intel®WiDi H264 encoder" "" "" "c:\program files (x86)\common files\intel corporation\widiagent\h264_enc_filter.dll"
+ "MainConcept AAC Encoder" "AAC audio encoder filter" "MainConcept GmbH" "c:\program files (x86)\common files\intel corporation\mainconcept filters\mc_enc_aac_ds.ax"
+ "Record Queue" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "SlideShow" "" "" "c:\program files (x86)\nti\nti media maker 9\media maker\slideshow.ax"
+ "WD Audio Filter" "WiDi Audio Source Filter." "Intel Corporation" "c:\program files (x86)\common files\intel corporation\widiagent\wdaudiofilter.dll"
+ "WD Secure Source Filter" "Intel® WiDi Secure Video Source Filter." "Intel Corporation" "c:\program files (x86)\common files\intel corporation\widiagent\wdsecuresourcefilter.dll"
+ "WDSource Filter" "WiDi Video Source Filter." "Intel Corporation" "c:\program files (x86)\common files\intel corporation\widiagent\wdsourcefilter.dll"
+ "WM VIH2 Fix" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT DV Extract Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Sample Info Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Switch Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Renderer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Source" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMV9 Screen Encoding Filter" "Acer WMV9 Screen Encoding Filter" "Acer Incoporated" "c:\program files (x86)\acer\acer vcm\acerwmv9screenenc.dll"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers" "" "" ""
+ "BtwCredentialProvider" "BtwCP DLL" "Broadcom Corporation." "c:\program files\widcomm\bluetooth software\btwcp.dll"
+ "WLIDCredentialProvider" "Microsoft® Windows Live ID Credential Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidcredprov.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" "" "" ""
+ "igfxcui" "igfxdev Module" "Intel Corporation" "c:\windows\system32\igfxdev.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64" "" "" ""
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "Canon BJ FAX Language Monitor MX410 series" "Canon Inkjet Fax Driver" "CANON INC." "c:\windows\system32\cncalal.dll"
+ "Canon BJ Language Monitor MX410 series" "IJ Language Monitor" "CANON INC." "c:\windows\system32\cnmlmal.dll"




Again eagerly awaiting your advice. Thanks so much. :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users