Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

RunDSLL, Java and Trendmicro Errors


  • Please log in to reply
15 replies to this topic

#1 Oneeyedsophie

Oneeyedsophie

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:10:46 AM

Posted 30 November 2012 - 03:55 AM

Hi.
I'm probably going to sound like a stupid caveperson thats never seen a computer before but here goes nothing.
I've been searching forums for a few hours now and I resorted to joining this one to post my question cause I am confused and I don't know what I'm doing.
I get random user/appdata dsll errors on startup (they change each time). Last one was itsfr.dll and shevcf.dll
So I googled that and I found something that told me to remove Java.
I have had Java installed since forever and didn't know it lead to infections so I tried to remove in add/remove program but it came up with error 1723.
A while ago I tried to get updated antivirus so I tried to remove Trend Micro. But; my Trend Micro is constantly running and won't open. It won't remove from programs and when I remove it in Task Manager it comes back straight away.
I have heaps of processes running that are weirdly named and I put them into google and they tell me that they are important for windows running but sometimes are a virus if they aren't in C:/Windows/System32/ and I can't tell how to find that out.
I went into the registry editor and removed one of the start up RunDSLL files and it got rid of it but the internet tells me it doesn't remove the problem.
I have an Rkill thing which said Alert: Symptoms of Rootkill ZeroAccess. But nothing regarding this was detected by MBAM or AVG.
I would like to clean my computer but I can't actually tell if there is an infection or if the problems are the result of previous infection removals (I had a trojan infection a few months ago that told me to run MBAM and Rkill and it got rid of it). In short; nothing is being detected on my system but its not working properly anyway.
Also, I've noticed that my file icons have been changed to little internet windows and itunes symbols. Itunes always has songs that disappear as well and come up with an exclaimation mark next to them even if I've paid for them. I would do screen shots and pictures but I don't know how to post in forums at all. Are these things related?

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:46 PM

Posted 30 November 2012 - 09:56 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 Oneeyedsophie

Oneeyedsophie
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:10:46 AM

Posted 01 December 2012 - 09:33 AM

14:11:58.0544 3944 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
14:11:59.0465 3944 ============================================================
14:11:59.0465 3944 Current date / time: 2012/12/01 14:11:59.0465
14:11:59.0465 3944 SystemInfo:
14:11:59.0465 3944
14:11:59.0465 3944 OS Version: 6.1.7601 ServicePack: 1.0
14:11:59.0465 3944 Product type: Workstation
14:11:59.0465 3944 ComputerName: SUSAN-PC
14:11:59.0465 3944 UserName: susan
14:11:59.0465 3944 Windows directory: C:\Windows
14:11:59.0465 3944 System windows directory: C:\Windows
14:11:59.0465 3944 Running under WOW64
14:11:59.0465 3944 Processor architecture: Intel x64
14:11:59.0465 3944 Number of processors: 2
14:11:59.0465 3944 Page size: 0x1000
14:11:59.0465 3944 Boot type: Normal boot
14:11:59.0465 3944 ============================================================
14:12:00.0697 3944 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:12:00.0713 3944 ============================================================
14:12:00.0713 3944 \Device\Harddisk0\DR0:
14:12:00.0713 3944 MBR partitions:
14:12:00.0713 3944 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2300800, BlocksNum 0x32000
14:12:00.0713 3944 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2332800, BlocksNum 0x1187D800
14:12:00.0713 3944 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x13BB0000, BlocksNum 0x1187E2B0
14:12:00.0713 3944 ============================================================
14:12:00.0744 3944 C: <-> \Device\Harddisk0\DR0\Partition2
14:12:00.0822 3944 D: <-> \Device\Harddisk0\DR0\Partition3
14:12:00.0853 3944 ============================================================
14:12:00.0853 3944 Initialize success
14:12:00.0853 3944 ============================================================
14:12:24.0753 2808 ============================================================
14:12:24.0753 2808 Scan started
14:12:24.0753 2808 Mode: Manual; TDLFS;
14:12:24.0753 2808 ============================================================
14:12:26.0188 2808 ================ Scan system memory ========================
14:12:26.0188 2808 System memory - ok
14:12:26.0188 2808 ================ Scan services =============================
14:12:26.0500 2808 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
14:12:26.0516 2808 1394ohci - ok
14:12:26.0578 2808 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
14:12:26.0594 2808 ACPI - ok
14:12:26.0703 2808 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
14:12:26.0719 2808 AcpiPmi - ok
14:12:26.0875 2808 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
14:12:26.0875 2808 AdobeARMservice - ok
14:12:26.0953 2808 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
14:12:26.0968 2808 adp94xx - ok
14:12:27.0062 2808 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
14:12:27.0062 2808 adpahci - ok
14:12:27.0093 2808 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
14:12:27.0109 2808 adpu320 - ok
14:12:27.0171 2808 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
14:12:27.0171 2808 AeLookupSvc - ok
14:12:27.0249 2808 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
14:12:27.0280 2808 AFD - ok
14:12:27.0343 2808 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
14:12:27.0343 2808 agp440 - ok
14:12:27.0390 2808 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
14:12:27.0390 2808 ALG - ok
14:12:27.0499 2808 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
14:12:27.0499 2808 aliide - ok
14:12:27.0530 2808 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
14:12:27.0530 2808 amdide - ok
14:12:27.0624 2808 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
14:12:27.0624 2808 AmdK8 - ok
14:12:27.0655 2808 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
14:12:27.0655 2808 AmdPPM - ok
14:12:27.0764 2808 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
14:12:27.0764 2808 amdsata - ok
14:12:27.0826 2808 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
14:12:27.0826 2808 amdsbs - ok
14:12:27.0873 2808 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
14:12:27.0873 2808 amdxata - ok
14:12:28.0045 2808 [ 18F64623E76FF58009D6F9CB9DEA5D0A ] Amsp C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
14:12:28.0060 2808 Amsp - ok
14:12:28.0107 2808 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
14:12:28.0123 2808 AppID - ok
14:12:28.0154 2808 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
14:12:28.0154 2808 AppIDSvc - ok
14:12:28.0216 2808 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
14:12:28.0216 2808 Appinfo - ok
14:12:28.0294 2808 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
14:12:28.0310 2808 Apple Mobile Device - ok
14:12:28.0372 2808 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
14:12:28.0372 2808 arc - ok
14:12:28.0419 2808 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
14:12:28.0419 2808 arcsas - ok
14:12:28.0466 2808 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
14:12:28.0466 2808 AsyncMac - ok
14:12:28.0544 2808 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
14:12:28.0544 2808 atapi - ok
14:12:28.0684 2808 [ 0ACC06FCF46F64ED4F11E57EE461C1F4 ] athr C:\Windows\system32\DRIVERS\athrx.sys
14:12:28.0762 2808 athr - ok
14:12:28.0825 2808 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:12:28.0840 2808 AudioEndpointBuilder - ok
14:12:28.0872 2808 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
14:12:28.0872 2808 AudioSrv - ok
14:12:29.0152 2808 [ 56C73C5BC1656656CAC38A23B4310466 ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
14:12:29.0308 2808 AVGIDSAgent - ok
14:12:29.0402 2808 [ 388056EBD5FE6718FE669078DBE37897 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdrivera.sys
14:12:29.0433 2808 AVGIDSDriver - ok
14:12:29.0480 2808 [ 550E981747D6A6C55078C77346FFC2C6 ] AVGIDSHA C:\Windows\system32\DRIVERS\avgidsha.sys
14:12:29.0480 2808 AVGIDSHA - ok
14:12:29.0574 2808 [ 5989592A91A17587799792A81E1541D4 ] Avgldx64 C:\Windows\system32\DRIVERS\avgldx64.sys
14:12:29.0574 2808 Avgldx64 - ok
14:12:29.0683 2808 [ 3FC43AA02545FCDDC22817829114DEC8 ] Avgloga C:\Windows\system32\DRIVERS\avgloga.sys
14:12:29.0698 2808 Avgloga - ok
14:12:29.0730 2808 [ 767B4A485FB22AA0FC0BF5EEF00572B9 ] Avgmfx64 C:\Windows\system32\DRIVERS\avgmfx64.sys
14:12:29.0745 2808 Avgmfx64 - ok
14:12:29.0808 2808 [ FE4F444DBE4BBBDFD8FECF49398DEFC7 ] Avgrkx64 C:\Windows\system32\DRIVERS\avgrkx64.sys
14:12:29.0808 2808 Avgrkx64 - ok
14:12:29.0917 2808 [ 6E634525613D48A1D1657FB21F21F3B2 ] Avgtdia C:\Windows\system32\DRIVERS\avgtdia.sys
14:12:29.0917 2808 Avgtdia - ok
14:12:30.0026 2808 [ 371428CF0F71934CB0F2344823ADFA32 ] avgtp C:\Windows\system32\drivers\avgtpx64.sys
14:12:30.0042 2808 avgtp - ok
14:12:30.0057 2808 [ 6B72E1E329C4E98C6B6FDD2D265E3BA3 ] avgwd C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
14:12:30.0073 2808 avgwd - ok
14:12:30.0198 2808 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
14:12:30.0213 2808 AxInstSV - ok
14:12:30.0260 2808 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
14:12:30.0276 2808 b06bdrv - ok
14:12:30.0385 2808 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
14:12:30.0400 2808 b57nd60a - ok
14:12:30.0541 2808 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
14:12:30.0556 2808 BDESVC - ok
14:12:30.0603 2808 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
14:12:30.0603 2808 Beep - ok
14:12:30.0744 2808 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
14:12:30.0759 2808 BFE - ok
14:12:30.0790 2808 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
14:12:30.0806 2808 blbdrive - ok
14:12:30.0931 2808 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
14:12:30.0946 2808 Bonjour Service - ok
14:12:31.0071 2808 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
14:12:31.0071 2808 bowser - ok
14:12:31.0118 2808 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
14:12:31.0149 2808 BrFiltLo - ok
14:12:31.0196 2808 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
14:12:31.0196 2808 BrFiltUp - ok
14:12:31.0258 2808 [ 8EF0D5C41EC907751B8429162B1239ED ] Browser C:\Windows\System32\browser.dll
14:12:31.0274 2808 Browser - ok
14:12:31.0321 2808 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
14:12:31.0321 2808 Brserid - ok
14:12:31.0352 2808 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
14:12:31.0368 2808 BrSerWdm - ok
14:12:31.0430 2808 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
14:12:31.0430 2808 BrUsbMdm - ok
14:12:31.0461 2808 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
14:12:31.0477 2808 BrUsbSer - ok
14:12:31.0570 2808 [ EA7E57F87D6FEE5FD6C5F813C04E8CD2 ] BrYNSvc C:\Program Files (x86)\Browny02\BrYNSvc.exe
14:12:31.0633 2808 BrYNSvc - ok
14:12:31.0664 2808 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
14:12:31.0664 2808 BTHMODEM - ok
14:12:31.0726 2808 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
14:12:31.0726 2808 bthserv - ok
14:12:31.0773 2808 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
14:12:31.0773 2808 cdfs - ok
14:12:31.0851 2808 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
14:12:31.0882 2808 cdrom - ok
14:12:31.0976 2808 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
14:12:31.0976 2808 CertPropSvc - ok
14:12:32.0038 2808 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
14:12:32.0038 2808 circlass - ok
14:12:32.0101 2808 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
14:12:32.0101 2808 CLFS - ok
14:12:32.0210 2808 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:12:32.0226 2808 clr_optimization_v2.0.50727_32 - ok
14:12:32.0288 2808 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:12:32.0304 2808 clr_optimization_v2.0.50727_64 - ok
14:12:32.0444 2808 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:12:32.0460 2808 clr_optimization_v4.0.30319_32 - ok
14:12:32.0584 2808 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:12:32.0584 2808 clr_optimization_v4.0.30319_64 - ok
14:12:32.0631 2808 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
14:12:32.0631 2808 CmBatt - ok
14:12:32.0662 2808 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
14:12:32.0662 2808 cmdide - ok
14:12:32.0725 2808 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
14:12:32.0740 2808 CNG - ok
14:12:32.0818 2808 [ 20F3F8674D7DEE5D90A352B775D5D5BA ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT64.sys
14:12:32.0850 2808 CnxtHdAudService - ok
14:12:32.0912 2808 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
14:12:32.0928 2808 Compbatt - ok
14:12:32.0990 2808 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
14:12:32.0990 2808 CompositeBus - ok
14:12:33.0006 2808 COMSysApp - ok
14:12:33.0052 2808 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
14:12:33.0052 2808 crcdisk - ok
14:12:33.0115 2808 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
14:12:33.0115 2808 CryptSvc - ok
14:12:33.0177 2808 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
14:12:33.0208 2808 DcomLaunch - ok
14:12:33.0255 2808 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
14:12:33.0271 2808 defragsvc - ok
14:12:33.0302 2808 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
14:12:33.0318 2808 DfsC - ok
14:12:33.0364 2808 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
14:12:33.0380 2808 Dhcp - ok
14:12:33.0427 2808 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
14:12:33.0427 2808 discache - ok
14:12:33.0442 2808 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
14:12:33.0458 2808 Disk - ok
14:12:33.0552 2808 [ D5BCB77BE83CF99F508943945D46343D ] DKbFltr C:\Windows\syswow64\Drivers\DKbFltr.sys
14:12:33.0567 2808 DKbFltr - ok
14:12:33.0598 2808 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
14:12:33.0614 2808 Dnscache - ok
14:12:33.0661 2808 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
14:12:33.0661 2808 dot3svc - ok
14:12:33.0708 2808 [ B42ED0320C6E41102FDE0005154849BB ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
14:12:33.0708 2808 Dot4 - ok
14:12:33.0801 2808 [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print C:\Windows\system32\drivers\Dot4Prt.sys
14:12:33.0801 2808 Dot4Print - ok
14:12:34.0893 2808 [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
14:12:34.0893 2808 dot4usb - ok
14:12:34.0987 2808 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
14:12:34.0987 2808 DPS - ok
14:12:35.0018 2808 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
14:12:35.0018 2808 drmkaud - ok
14:12:35.0127 2808 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
14:12:35.0158 2808 DXGKrnl - ok
14:12:35.0190 2808 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
14:12:35.0190 2808 EapHost - ok
14:12:35.0361 2808 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
14:12:35.0455 2808 ebdrv - ok
14:12:35.0564 2808 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
14:12:35.0564 2808 EFS - ok
14:12:35.0720 2808 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
14:12:35.0736 2808 ehRecvr - ok
14:12:35.0798 2808 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
14:12:35.0798 2808 ehSched - ok
14:12:35.0845 2808 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
14:12:35.0860 2808 elxstor - ok
14:12:35.0985 2808 [ 7C35C6865957289D9EFE6CC73F4AB2E1 ] ePowerSvc C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
14:12:36.0032 2808 ePowerSvc - ok
14:12:36.0048 2808 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
14:12:36.0048 2808 ErrDev - ok
14:12:36.0126 2808 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
14:12:36.0126 2808 EventSystem - ok
14:12:36.0172 2808 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
14:12:36.0188 2808 exfat - ok
14:12:36.0204 2808 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
14:12:36.0219 2808 fastfat - ok
14:12:36.0297 2808 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
14:12:36.0360 2808 Fax - ok
14:12:36.0422 2808 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
14:12:36.0422 2808 fdc - ok
14:12:36.0484 2808 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
14:12:36.0500 2808 fdPHost - ok
14:12:36.0547 2808 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
14:12:36.0547 2808 FDResPub - ok
14:12:36.0578 2808 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
14:12:36.0578 2808 FileInfo - ok
14:12:36.0625 2808 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
14:12:36.0625 2808 Filetrace - ok
14:12:36.0672 2808 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
14:12:36.0672 2808 flpydisk - ok
14:12:36.0765 2808 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
14:12:36.0781 2808 FltMgr - ok
14:12:36.0843 2808 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
14:12:36.0906 2808 FontCache - ok
14:12:36.0952 2808 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:12:36.0952 2808 FontCache3.0.0.0 - ok
14:12:36.0999 2808 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
14:12:37.0015 2808 FsDepends - ok
14:12:37.0124 2808 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
14:12:37.0124 2808 Fs_Rec - ok
14:12:37.0233 2808 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
14:12:37.0233 2808 fvevol - ok
14:12:37.0264 2808 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
14:12:37.0264 2808 gagp30kx - ok
14:12:37.0296 2808 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
14:12:37.0311 2808 GEARAspiWDM - ok
14:12:37.0405 2808 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
14:12:37.0452 2808 gpsvc - ok
14:12:37.0623 2808 [ 816FD5A6F3C2F3D600900096632FC60E ] Greg_Service C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
14:12:37.0670 2808 Greg_Service - ok
14:12:37.0701 2808 gupdate - ok
14:12:37.0732 2808 gupdatem - ok
14:12:37.0748 2808 gusvc - ok
14:12:37.0826 2808 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
14:12:37.0826 2808 hcw85cir - ok
14:12:37.0935 2808 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:12:37.0951 2808 HdAudAddService - ok
14:12:38.0029 2808 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
14:12:38.0044 2808 HDAudBus - ok
14:12:38.0076 2808 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
14:12:38.0076 2808 HidBatt - ok
14:12:38.0107 2808 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
14:12:38.0122 2808 HidBth - ok
14:12:38.0138 2808 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
14:12:38.0138 2808 HidIr - ok
14:12:38.0200 2808 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
14:12:38.0200 2808 hidserv - ok
14:12:38.0278 2808 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
14:12:38.0294 2808 HidUsb - ok
14:12:38.0341 2808 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
14:12:38.0356 2808 hkmsvc - ok
14:12:38.0450 2808 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
14:12:38.0450 2808 HomeGroupListener - ok
14:12:38.0512 2808 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
14:12:38.0528 2808 HomeGroupProvider - ok
14:12:38.0668 2808 [ 0A3C6AA4A9FC38C20BA4EAC2C3351C05 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
14:12:38.0668 2808 hpqcxs08 - ok
14:12:38.0731 2808 [ F3F72A2A86C22610BCA5439FA789DD52 ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
14:12:38.0746 2808 hpqddsvc - ok
14:12:38.0824 2808 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
14:12:38.0840 2808 HpSAMD - ok
14:12:38.0903 2808 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
14:12:38.0935 2808 HTTP - ok
14:12:39.0075 2808 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
14:12:39.0075 2808 hwpolicy - ok
14:12:39.0293 2808 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
14:12:39.0293 2808 i8042prt - ok
14:12:39.0356 2808 [ 7548066DF68A8A1A56B043359F915F37 ] IAANTMON C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
14:12:39.0371 2808 IAANTMON - ok
14:12:39.0403 2808 [ 1D004CB1DA6323B1F55CAEF7F94B61D9 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
14:12:39.0403 2808 iaStor - ok
14:12:39.0449 2808 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
14:12:39.0481 2808 iaStorV - ok
14:12:39.0590 2808 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:12:39.0621 2808 idsvc - ok
14:12:39.0886 2808 [ DFEAF0A1D98D397035012C8E28D1520F ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
14:12:40.0106 2808 igfx - ok
14:12:40.0137 2808 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
14:12:40.0137 2808 iirsp - ok
14:12:40.0262 2808 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
14:12:40.0308 2808 IKEEXT - ok
14:12:40.0355 2808 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
14:12:40.0355 2808 intelide - ok
14:12:40.0402 2808 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
14:12:40.0402 2808 intelppm - ok
14:12:40.0480 2808 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
14:12:40.0480 2808 IPBusEnum - ok
14:12:40.0589 2808 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:12:40.0589 2808 IpFilterDriver - ok
14:12:40.0683 2808 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
14:12:40.0730 2808 iphlpsvc - ok
14:12:40.0776 2808 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
14:12:40.0776 2808 IPMIDRV - ok
14:12:40.0823 2808 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
14:12:40.0823 2808 IPNAT - ok
14:12:40.0917 2808 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
14:12:40.0965 2808 iPod Service - ok
14:12:41.0043 2808 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
14:12:41.0058 2808 IRENUM - ok
14:12:41.0105 2808 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
14:12:41.0105 2808 isapnp - ok
14:12:41.0167 2808 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
14:12:41.0167 2808 iScsiPrt - ok
14:12:41.0261 2808 [ 213822072085B5BBAD9AF30AB577D817 ] IviRegMgr C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
14:12:41.0261 2808 IviRegMgr - ok
14:12:41.0277 2808 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
14:12:41.0277 2808 kbdclass - ok
14:12:41.0370 2808 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
14:12:41.0386 2808 kbdhid - ok
14:12:41.0417 2808 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
14:12:41.0433 2808 KeyIso - ok
14:12:41.0495 2808 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
14:12:41.0495 2808 KSecDD - ok
14:12:41.0542 2808 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
14:12:41.0542 2808 KSecPkg - ok
14:12:41.0589 2808 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
14:12:41.0589 2808 ksthunk - ok
14:12:41.0667 2808 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
14:12:41.0667 2808 KtmRm - ok
14:12:41.0729 2808 [ 2377EC4CC3E356655B996F39B43486B6 ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys
14:12:41.0729 2808 L1C - ok
14:12:41.0791 2808 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
14:12:41.0791 2808 LanmanServer - ok
14:12:41.0885 2808 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:12:41.0885 2808 LanmanWorkstation - ok
14:12:41.0948 2808 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
14:12:41.0948 2808 lltdio - ok
14:12:42.0026 2808 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
14:12:42.0026 2808 lltdsvc - ok
14:12:42.0058 2808 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
14:12:42.0058 2808 lmhosts - ok
14:12:42.0151 2808 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
14:12:42.0167 2808 LSI_FC - ok
14:12:42.0182 2808 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
14:12:42.0198 2808 LSI_SAS - ok
14:12:42.0229 2808 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
14:12:42.0229 2808 LSI_SAS2 - ok
14:12:42.0276 2808 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
14:12:42.0276 2808 LSI_SCSI - ok
14:12:42.0338 2808 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
14:12:42.0338 2808 luafv - ok
14:12:42.0432 2808 [ 9DB17B1DD76CF0FD0BB3DA5F1DA078C2 ] LxrSII1d C:\Windows\System32\Drivers\LxrSII1d.sys
14:12:42.0432 2808 LxrSII1d - ok
14:12:42.0448 2808 LxrSII1s - ok
14:12:42.0510 2808 [ F093EF8279734393B0A134FB55C5657D ] massfilter C:\Windows\system32\drivers\massfilter.sys
14:12:42.0557 2808 massfilter - ok
14:12:42.0604 2808 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
14:12:42.0604 2808 Mcx2Svc - ok
14:12:42.0635 2808 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
14:12:42.0650 2808 megasas - ok
14:12:42.0682 2808 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
14:12:42.0682 2808 MegaSR - ok
14:12:42.0744 2808 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
14:12:42.0744 2808 MMCSS - ok
14:12:42.0775 2808 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
14:12:42.0775 2808 Modem - ok
14:12:42.0853 2808 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
14:12:42.0853 2808 monitor - ok
14:12:42.0884 2808 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\drivers\mouclass.sys
14:12:42.0884 2808 mouclass - ok
14:12:42.0931 2808 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
14:12:42.0931 2808 mouhid - ok
14:12:43.0010 2808 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
14:12:43.0026 2808 mountmgr - ok
14:12:43.0119 2808 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
14:12:43.0119 2808 mpio - ok
14:12:43.0151 2808 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
14:12:43.0166 2808 mpsdrv - ok
14:12:43.0260 2808 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
14:12:43.0307 2808 MpsSvc - ok
14:12:43.0338 2808 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
14:12:43.0338 2808 MRxDAV - ok
14:12:43.0400 2808 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
14:12:43.0400 2808 mrxsmb - ok
14:12:43.0509 2808 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:12:43.0541 2808 mrxsmb10 - ok
14:12:43.0572 2808 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:12:43.0587 2808 mrxsmb20 - ok
14:12:43.0665 2808 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
14:12:43.0665 2808 msahci - ok
14:12:43.0697 2808 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
14:12:43.0697 2808 msdsm - ok
14:12:43.0728 2808 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
14:12:43.0728 2808 MSDTC - ok
14:12:43.0759 2808 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
14:12:43.0775 2808 Msfs - ok
14:12:43.0853 2808 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
14:12:43.0853 2808 mshidkmdf - ok
14:12:43.0946 2808 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
14:12:43.0946 2808 msisadrv - ok
14:12:44.0025 2808 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
14:12:44.0025 2808 MSiSCSI - ok
14:12:44.0041 2808 msiserver - ok
14:12:44.0072 2808 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
14:12:44.0072 2808 MSKSSRV - ok
14:12:44.0103 2808 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
14:12:44.0103 2808 MSPCLOCK - ok
14:12:44.0134 2808 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
14:12:44.0134 2808 MSPQM - ok
14:12:44.0228 2808 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
14:12:44.0228 2808 MsRPC - ok
14:12:44.0290 2808 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
14:12:44.0306 2808 mssmbios - ok
14:12:44.0322 2808 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
14:12:44.0322 2808 MSTEE - ok
14:12:44.0337 2808 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
14:12:44.0353 2808 MTConfig - ok
14:12:44.0384 2808 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
14:12:44.0384 2808 Mup - ok
14:12:44.0446 2808 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
14:12:44.0478 2808 napagent - ok
14:12:44.0618 2808 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
14:12:44.0665 2808 NativeWifiP - ok
14:12:44.0743 2808 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys
14:12:44.0790 2808 NDIS - ok
14:12:44.0836 2808 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
14:12:44.0852 2808 NdisCap - ok
14:12:44.0914 2808 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
14:12:44.0914 2808 NdisTapi - ok
14:12:45.0039 2808 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
14:12:45.0039 2808 Ndisuio - ok
14:12:45.0102 2808 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
14:12:45.0102 2808 NdisWan - ok
14:12:45.0180 2808 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
14:12:45.0180 2808 NDProxy - ok
14:12:45.0258 2808 [ D5AC41AE382738483FAFFBD7E373D49A ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
14:12:45.0258 2808 Net Driver HPZ12 - ok
14:12:45.0336 2808 [ 6F4607E2333FE21E9E3FF8133A88B35B ] Netaapl C:\Windows\system32\DRIVERS\netaapl64.sys
14:12:45.0351 2808 Netaapl - ok
14:12:45.0429 2808 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
14:12:45.0429 2808 NetBIOS - ok
14:12:45.0523 2808 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
14:12:45.0538 2808 NetBT - ok
14:12:45.0570 2808 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
14:12:45.0570 2808 Netlogon - ok
14:12:45.0648 2808 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
14:12:45.0710 2808 Netman - ok
14:12:45.0757 2808 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
14:12:45.0772 2808 netprofm - ok
14:12:45.0819 2808 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:12:45.0819 2808 NetTcpPortSharing - ok
14:12:46.0069 2808 [ 705283C02177809CA9FA7CC58A4F1E77 ] netw5v64 C:\Windows\system32\DRIVERS\netw5v64.sys
14:12:46.0256 2808 netw5v64 - ok
14:12:46.0287 2808 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
14:12:46.0287 2808 nfrd960 - ok
14:12:46.0365 2808 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
14:12:46.0381 2808 NlaSvc - ok
14:12:46.0396 2808 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
14:12:46.0396 2808 Npfs - ok
14:12:46.0443 2808 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
14:12:46.0459 2808 nsi - ok
14:12:46.0506 2808 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
14:12:46.0506 2808 nsiproxy - ok
14:12:46.0677 2808 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
14:12:46.0755 2808 Ntfs - ok
14:12:46.0786 2808 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
14:12:46.0786 2808 Null - ok
14:12:46.0864 2808 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
14:12:46.0880 2808 nvraid - ok
14:12:46.0942 2808 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
14:12:46.0974 2808 nvstor - ok
14:12:47.0052 2808 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
14:12:47.0052 2808 nv_agp - ok
14:12:47.0130 2808 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
14:12:47.0145 2808 odserv - ok
14:12:47.0223 2808 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
14:12:47.0239 2808 ohci1394 - ok
14:12:47.0301 2808 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:12:47.0317 2808 ose - ok
14:12:47.0426 2808 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
14:12:47.0473 2808 p2pimsvc - ok
14:12:47.0535 2808 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
14:12:47.0535 2808 p2psvc - ok
14:12:47.0566 2808 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
14:12:47.0566 2808 Parport - ok
14:12:47.0613 2808 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
14:12:47.0676 2808 partmgr - ok
14:12:47.0738 2808 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
14:12:47.0754 2808 PcaSvc - ok
14:12:47.0800 2808 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
14:12:47.0800 2808 pci - ok
14:12:47.0832 2808 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
14:12:47.0832 2808 pciide - ok
14:12:47.0847 2808 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
14:12:47.0863 2808 pcmcia - ok
14:12:47.0910 2808 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
14:12:47.0910 2808 pcw - ok
14:12:47.0956 2808 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
14:12:47.0988 2808 PEAUTH - ok
14:12:48.0112 2808 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
14:12:48.0112 2808 PerfHost - ok
14:12:48.0300 2808 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
14:12:48.0362 2808 pla - ok
14:12:48.0440 2808 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
14:12:48.0456 2808 PlugPlay - ok
14:12:48.0580 2808 [ 37F6046CDC630442D7DC087501FF6FC6 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
14:12:48.0580 2808 Pml Driver HPZ12 - ok
14:12:48.0627 2808 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
14:12:48.0627 2808 PNRPAutoReg - ok
14:12:48.0690 2808 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
14:12:48.0690 2808 PNRPsvc - ok
14:12:48.0768 2808 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
14:12:48.0768 2808 PolicyAgent - ok
14:12:48.0814 2808 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
14:12:48.0814 2808 Power - ok
14:12:48.0892 2808 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
14:12:48.0892 2808 PptpMiniport - ok
14:12:48.0924 2808 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
14:12:48.0924 2808 Processor - ok
14:12:49.0017 2808 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
14:12:49.0017 2808 ProfSvc - ok
14:12:49.0064 2808 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
14:12:49.0064 2808 ProtectedStorage - ok
14:12:49.0189 2808 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
14:12:49.0204 2808 Psched - ok
14:12:49.0282 2808 [ A6A7AD767BF5141665F5C675F671B3E1 ] PSI_SVC_2 C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
14:12:49.0298 2808 PSI_SVC_2 - ok
14:12:49.0392 2808 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
14:12:49.0470 2808 ql2300 - ok
14:12:49.0516 2808 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
14:12:49.0516 2808 ql40xx - ok
14:12:49.0563 2808 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
14:12:49.0563 2808 QWAVE - ok
14:12:49.0610 2808 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
14:12:49.0610 2808 QWAVEdrv - ok
14:12:49.0626 2808 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
14:12:49.0626 2808 RasAcd - ok
14:12:49.0672 2808 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
14:12:49.0672 2808 RasAgileVpn - ok
14:12:49.0704 2808 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
14:12:49.0704 2808 RasAuto - ok
14:12:49.0750 2808 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
14:12:49.0766 2808 Rasl2tp - ok
14:12:49.0860 2808 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
14:12:49.0875 2808 RasMan - ok
14:12:49.0906 2808 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
14:12:49.0906 2808 RasPppoe - ok
14:12:49.0969 2808 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
14:12:49.0969 2808 RasSstp - ok
14:12:50.0078 2808 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
14:12:50.0078 2808 rdbss - ok
14:12:50.0109 2808 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
14:12:50.0109 2808 rdpbus - ok
14:12:50.0140 2808 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
14:12:50.0156 2808 RDPCDD - ok
14:12:50.0187 2808 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
14:12:50.0187 2808 RDPENCDD - ok
14:12:50.0218 2808 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
14:12:50.0218 2808 RDPREFMP - ok
14:12:50.0312 2808 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
14:12:50.0312 2808 RDPWD - ok
14:12:50.0437 2808 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
14:12:50.0452 2808 rdyboost - ok
14:12:50.0499 2808 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
14:12:50.0499 2808 RemoteAccess - ok
14:12:50.0577 2808 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
14:12:50.0577 2808 RemoteRegistry - ok
14:12:50.0593 2808 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
14:12:50.0593 2808 RpcEptMapper - ok
14:12:50.0624 2808 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
14:12:50.0624 2808 RpcLocator - ok
14:12:50.0686 2808 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
14:12:50.0686 2808 RpcSs - ok
14:12:50.0749 2808 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
14:12:50.0749 2808 rspndr - ok
14:12:50.0874 2808 [ A5DF2F732A6C95554E548FCB6932BD31 ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
14:12:50.0874 2808 RSUSBSTOR - ok
14:12:50.0967 2808 [ B5A4B7D779CF4070DF408DE18BD33B02 ] RS_Service C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
14:12:50.0983 2808 RS_Service - ok
14:12:51.0045 2808 [ F70A9384917659A4C5EF30F0F4EC484D ] RTL8187B C:\Windows\system32\DRIVERS\RTL8187B.sys
14:12:51.0076 2808 RTL8187B - ok
14:12:51.0108 2808 RtsUIR - ok
14:12:51.0139 2808 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
14:12:51.0139 2808 SamSs - ok
14:12:51.0264 2808 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
14:12:51.0264 2808 sbp2port - ok
14:12:51.0326 2808 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
14:12:51.0326 2808 SCardSvr - ok
14:12:51.0420 2808 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
14:12:51.0420 2808 scfilter - ok
14:12:51.0544 2808 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
14:12:51.0591 2808 Schedule - ok
14:12:51.0669 2808 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
14:12:51.0685 2808 SCPolicySvc - ok
14:12:51.0685 2808 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
14:12:51.0700 2808 SDRSVC - ok
14:12:51.0794 2808 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
14:12:51.0794 2808 secdrv - ok
14:12:51.0856 2808 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
14:12:51.0856 2808 seclogon - ok
14:12:51.0966 2808 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
14:12:51.0966 2808 SENS - ok
14:12:51.0997 2808 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
14:12:51.0997 2808 SensrSvc - ok
14:12:52.0075 2808 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
14:12:52.0075 2808 Serenum - ok
14:12:52.0137 2808 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
14:12:52.0137 2808 Serial - ok
14:12:52.0184 2808 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
14:12:52.0184 2808 sermouse - ok
14:12:52.0262 2808 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
14:12:52.0262 2808 SessionEnv - ok
14:12:52.0324 2808 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
14:12:52.0324 2808 sffdisk - ok
14:12:52.0402 2808 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
14:12:52.0402 2808 sffp_mmc - ok
14:12:52.0465 2808 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
14:12:52.0465 2808 sffp_sd - ok
14:12:52.0512 2808 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
14:12:52.0512 2808 sfloppy - ok
14:12:52.0652 2808 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
14:12:52.0652 2808 SharedAccess - ok
14:12:52.0699 2808 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:12:52.0746 2808 ShellHWDetection - ok
14:12:52.0777 2808 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
14:12:52.0777 2808 SiSRaid2 - ok
14:12:52.0808 2808 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
14:12:52.0808 2808 SiSRaid4 - ok
14:12:52.0839 2808 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
14:12:52.0855 2808 Smb - ok
14:12:52.0964 2808 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
14:12:52.0980 2808 SNMPTRAP - ok
14:12:53.0011 2808 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
14:12:53.0011 2808 spldr - ok
14:12:53.0104 2808 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\Windows\System32\spoolsv.exe
14:12:53.0120 2808 Spooler - ok
14:12:53.0260 2808 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
14:12:53.0370 2808 sppsvc - ok
14:12:53.0432 2808 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
14:12:53.0432 2808 sppuinotify - ok
14:12:53.0479 2808 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
14:12:53.0494 2808 srv - ok
14:12:53.0557 2808 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
14:12:53.0572 2808 srv2 - ok
14:12:53.0604 2808 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
14:12:53.0604 2808 srvnet - ok
14:12:53.0682 2808 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
14:12:53.0697 2808 SSDPSRV - ok
14:12:53.0728 2808 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
14:12:53.0728 2808 SstpSvc - ok
14:12:53.0775 2808 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
14:12:53.0775 2808 stexstor - ok
14:12:53.0853 2808 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
14:12:53.0900 2808 stisvc - ok
14:12:53.0978 2808 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
14:12:53.0994 2808 swenum - ok
14:12:54.0072 2808 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
14:12:54.0087 2808 swprv - ok
14:12:54.0134 2808 [ 929C9FA0B18AD2EBC8340591C4BF00FF ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
14:12:54.0134 2808 SynTP - ok
14:12:54.0243 2808 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
14:12:54.0321 2808 SysMain - ok
14:12:54.0384 2808 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:12:54.0415 2808 TabletInputService - ok
14:12:54.0462 2808 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
14:12:54.0462 2808 TapiSrv - ok
14:12:54.0540 2808 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
14:12:54.0555 2808 TBS - ok
14:12:54.0696 2808 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
14:12:54.0758 2808 Tcpip - ok
14:12:54.0820 2808 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
14:12:54.0836 2808 TCPIP6 - ok
14:12:54.0898 2808 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
14:12:54.0898 2808 tcpipreg - ok
14:12:54.0961 2808 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
14:12:54.0961 2808 TDPIPE - ok
14:12:55.0008 2808 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
14:12:55.0008 2808 TDTCP - ok
14:12:55.0070 2808 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
14:12:55.0070 2808 tdx - ok
14:12:55.0132 2808 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
14:12:55.0132 2808 TermDD - ok
14:12:55.0226 2808 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
14:12:55.0288 2808 TermService - ok
14:12:55.0351 2808 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
14:12:55.0351 2808 Themes - ok
14:12:55.0413 2808 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
14:12:55.0413 2808 THREADORDER - ok
14:12:55.0522 2808 [ 73AAFFDD2AC3C8814B26C440E5DD9DD4 ] tmactmon C:\Windows\system32\DRIVERS\tmactmon.sys
14:12:55.0538 2808 tmactmon - ok
14:12:55.0616 2808 [ 360E61217D4E1E333583D0C721057F70 ] tmcomm C:\Windows\system32\DRIVERS\tmcomm.sys
14:12:55.0616 2808 tmcomm - ok
14:12:55.0710 2808 [ 699D34EB7C670139CA23A65372BD5743 ] tmevtmgr C:\Windows\system32\DRIVERS\tmevtmgr.sys
14:12:55.0710 2808 tmevtmgr - ok
14:12:55.0803 2808 [ 5922B1F5741BBDBAF7F7B4CBD2B7C4A5 ] tmlwf C:\Windows\system32\DRIVERS\tmlwf.sys
14:12:55.0803 2808 tmlwf - ok
14:12:55.0897 2808 [ 262198EFB734012BFCD17E7479AE4A09 ] tmtdi C:\Windows\system32\DRIVERS\tmtdi.sys
14:12:55.0897 2808 tmtdi - ok
14:12:56.0053 2808 [ 0A2E3899CC72AD4CC85EA3D50A5331CC ] tmwfp C:\Windows\system32\DRIVERS\tmwfp.sys
14:12:56.0068 2808 tmwfp - ok
14:12:56.0115 2808 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
14:12:56.0115 2808 TrkWks - ok
14:12:56.0193 2808 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:12:56.0193 2808 TrustedInstaller - ok
14:12:56.0256 2808 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
14:12:56.0256 2808 tssecsrv - ok
14:12:56.0302 2808 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
14:12:56.0302 2808 TsUsbFlt - ok
14:12:56.0396 2808 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
14:12:56.0396 2808 tunnel - ok
14:12:56.0427 2808 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
14:12:56.0427 2808 uagp35 - ok
14:12:56.0490 2808 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
14:12:56.0505 2808 udfs - ok
14:12:56.0599 2808 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
14:12:56.0599 2808 UI0Detect - ok
14:12:56.0646 2808 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
14:12:56.0646 2808 uliagpkx - ok
14:12:56.0755 2808 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
14:12:56.0755 2808 umbus - ok
14:12:56.0817 2808 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
14:12:56.0817 2808 UmPass - ok
14:12:56.0911 2808 [ 70DDE3A86DBEB1D6C3C30AD687B1877A ] Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
14:12:56.0926 2808 Updater Service - ok
14:12:56.0973 2808 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
14:12:56.0989 2808 upnphost - ok
14:12:57.0036 2808 [ AF1B9474D67897D0C2CFF58E0ACEACCC ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
14:12:57.0036 2808 USBAAPL64 - ok
14:12:57.0114 2808 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
14:12:57.0114 2808 usbccgp - ok
14:12:57.0160 2808 USBCCID - ok
14:12:57.0270 2808 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
14:12:57.0270 2808 usbcir - ok
14:12:57.0348 2808 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
14:12:57.0348 2808 usbehci - ok
14:12:57.0441 2808 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
14:12:57.0457 2808 usbhub - ok
14:12:57.0504 2808 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
14:12:57.0504 2808 usbohci - ok
14:12:57.0550 2808 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
14:12:57.0566 2808 usbprint - ok
14:12:57.0597 2808 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
14:12:57.0613 2808 usbscan - ok
14:12:57.0628 2808 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:12:57.0644 2808 USBSTOR - ok
14:12:57.0706 2808 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
14:12:57.0706 2808 usbuhci - ok
14:12:57.0816 2808 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
14:12:57.0831 2808 usbvideo - ok
14:12:57.0847 2808 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
14:12:57.0862 2808 UxSms - ok
14:12:57.0894 2808 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
14:12:57.0894 2808 VaultSvc - ok
14:12:57.0956 2808 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
14:12:57.0972 2808 vdrvroot - ok
14:12:58.0034 2808 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
14:12:58.0050 2808 vds - ok
14:12:58.0096 2808 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
14:12:58.0096 2808 vga - ok
14:12:58.0128 2808 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
14:12:58.0128 2808 VgaSave - ok
14:12:58.0206 2808 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
14:12:58.0221 2808 vhdmp - ok
14:12:58.0299 2808 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
14:12:58.0299 2808 viaide - ok
14:12:58.0330 2808 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
14:12:58.0330 2808 volmgr - ok
14:12:58.0393 2808 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
14:12:58.0408 2808 volmgrx - ok
14:12:58.0486 2808 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
14:12:58.0502 2808 volsnap - ok
14:12:58.0533 2808 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
14:12:58.0533 2808 vsmraid - ok
14:12:58.0627 2808 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
14:12:58.0689 2808 VSS - ok
14:12:58.0892 2808 [ 7D110D645030C05A06C3CD08D1E47D0A ] vToolbarUpdater13.2.0 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe
14:12:58.0939 2808 vToolbarUpdater13.2.0 - ok
14:12:58.0954 2808 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
14:12:58.0954 2808 vwifibus - ok
14:12:59.0032 2808 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
14:12:59.0032 2808 vwififlt - ok
14:12:59.0079 2808 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
14:12:59.0079 2808 vwifimp - ok
14:12:59.0142 2808 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
14:12:59.0157 2808 W32Time - ok
14:12:59.0188 2808 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
14:12:59.0188 2808 WacomPen - ok
14:12:59.0266 2808 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
14:12:59.0266 2808 WANARP - ok
14:12:59.0313 2808 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
14:12:59.0313 2808 Wanarpv6 - ok
14:12:59.0422 2808 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
14:12:59.0469 2808 WatAdminSvc - ok
14:12:59.0594 2808 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
14:12:59.0656 2808 wbengine - ok
14:12:59.0703 2808 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
14:12:59.0703 2808 WbioSrvc - ok
14:12:59.0750 2808 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
14:12:59.0766 2808 wcncsvc - ok
14:12:59.0797 2808 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:12:59.0797 2808 WcsPlugInService - ok
14:12:59.0844 2808 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
14:12:59.0844 2808 Wd - ok
14:12:59.0922 2808 [ A3D04EBF5227886029B4532F20D026F7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam64.sys
14:12:59.0937 2808 WDC_SAM - ok
14:13:00.0015 2808 [ 334E5ED94D3FAFF3C44F4D36B1FE1C90 ] WDDMService C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
14:13:00.0015 2808 WDDMService - ok
14:13:00.0093 2808 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
14:13:00.0109 2808 Wdf01000 - ok
14:13:00.0156 2808 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
14:13:00.0156 2808 WdiServiceHost - ok
14:13:00.0171 2808 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
14:13:00.0171 2808 WdiSystemHost - ok
14:13:00.0312 2808 [ 138AB06ADBBF300AA804D7974A5AEC82 ] WDSmartWareBackgroundService C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
14:13:00.0312 2808 WDSmartWareBackgroundService - ok
14:13:00.0390 2808 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
14:13:00.0405 2808 WebClient - ok
14:13:00.0452 2808 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
14:13:00.0452 2808 Wecsvc - ok
14:13:00.0499 2808 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
14:13:00.0499 2808 wercplsupport - ok
14:13:00.0530 2808 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
14:13:00.0530 2808 WerSvc - ok
14:13:00.0592 2808 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
14:13:00.0592 2808 WfpLwf - ok
14:13:00.0624 2808 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
14:13:00.0624 2808 WIMMount - ok
14:13:00.0686 2808 WinDefend - ok
14:13:00.0686 2808 WinHttpAutoProxySvc - ok
14:13:00.0780 2808 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
14:13:00.0795 2808 Winmgmt - ok
14:13:00.0904 2808 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
14:13:00.0967 2808 WinRM - ok
14:13:01.0060 2808 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
14:13:01.0060 2808 WinUsb - ok
14:13:01.0138 2808 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
14:13:01.0138 2808 Wlansvc - ok
14:13:01.0232 2808 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
14:13:01.0232 2808 WmiAcpi - ok
14:13:01.0294 2808 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
14:13:01.0294 2808 wmiApSrv - ok
14:13:01.0326 2808 WMPNetworkSvc - ok
14:13:01.0326 2808 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
14:13:01.0341 2808 WPCSvc - ok
14:13:01.0404 2808 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
14:13:01.0419 2808 WPDBusEnum - ok
14:13:01.0450 2808 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
14:13:01.0450 2808 ws2ifsl - ok
14:13:01.0497 2808 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
14:13:01.0497 2808 wscsvc - ok
14:13:01.0497 2808 WSearch - ok
14:13:01.0544 2808 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
14:13:01.0560 2808 WudfPf - ok
14:13:01.0638 2808 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
14:13:01.0653 2808 WUDFRd - ok
14:13:01.0716 2808 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
14:13:01.0716 2808 wudfsvc - ok
14:13:01.0762 2808 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
14:13:01.0762 2808 WwanSvc - ok
14:13:01.0872 2808 [ FF5A03A65B68DB7E02A12880399D40D4 ] ZTEusbmdm6k C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys
14:13:01.0965 2808 ZTEusbmdm6k - ok
14:13:02.0012 2808 [ A11DC648D2164FCDEB36ACBF52808E30 ] ZTEusbnet C:\Windows\system32\DRIVERS\ZTEusbnet.sys
14:13:02.0012 2808 ZTEusbnet - ok
14:13:02.0074 2808 [ FF5A03A65B68DB7E02A12880399D40D4 ] ZTEusbnmea C:\Windows\system32\DRIVERS\ZTEusbnmea.sys
14:13:02.0074 2808 ZTEusbnmea - ok
14:13:02.0137 2808 [ FF5A03A65B68DB7E02A12880399D40D4 ] ZTEusbser6k C:\Windows\system32\DRIVERS\ZTEusbser6k.sys
14:13:02.0137 2808 ZTEusbser6k - ok
14:13:02.0277 2808 ================ Scan global ===============================
14:13:02.0308 2808 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
14:13:02.0355 2808 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
14:13:02.0433 2808 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
14:13:02.0464 2808 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
14:13:02.0542 2808 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
14:13:02.0558 2808 [Global] - ok
14:13:02.0558 2808 ================ Scan MBR ==================================
14:13:02.0589 2808 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
14:13:03.0026 2808 \Device\Harddisk0\DR0 - ok
14:13:03.0042 2808 ================ Scan VBR ==================================
14:13:03.0057 2808 [ 14BF1A22AF75EC90C23452AAB6AEF90D ] \Device\Harddisk0\DR0\Partition1
14:13:03.0057 2808 \Device\Harddisk0\DR0\Partition1 - ok
14:13:03.0073 2808 [ 8F6EB5C5B7185CAF580361E8D57ECACE ] \Device\Harddisk0\DR0\Partition2
14:13:03.0073 2808 \Device\Harddisk0\DR0\Partition2 - ok
14:13:03.0120 2808 [ 0372A2EE727215B89C481E476E50A706 ] \Device\Harddisk0\DR0\Partition3
14:13:03.0120 2808 \Device\Harddisk0\DR0\Partition3 - ok
14:13:03.0120 2808 ============================================================
14:13:03.0120 2808 Scan finished
14:13:03.0120 2808 ============================================================
14:13:03.0135 5584 Detected object count: 0
14:13:03.0135 5584 Actual detected object count: 0
14:24:01.0992 3168 ============================================================
14:24:01.0992 3168 Scan started
14:24:01.0992 3168 Mode: Manual; TDLFS;
14:24:01.0992 3168 ============================================================
14:24:02.0803 3168 ================ Scan system memory ========================
14:24:02.0803 3168 System memory - ok
14:24:02.0803 3168 ================ Scan services =============================
14:24:03.0006 3168 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
14:24:03.0006 3168 1394ohci - ok
14:24:03.0053 3168 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
14:24:03.0068 3168 ACPI - ok
14:24:03.0099 3168 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
14:24:03.0099 3168 AcpiPmi - ok
14:24:03.0209 3168 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
14:24:03.0209 3168 AdobeARMservice - ok
14:24:03.0255 3168 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
14:24:03.0255 3168 adp94xx - ok
14:24:03.0318 3168 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
14:24:03.0318 3168 adpahci - ok
14:24:03.0349 3168 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
14:24:03.0349 3168 adpu320 - ok
14:24:03.0443 3168 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
14:24:03.0443 3168 AeLookupSvc - ok
14:24:03.0505 3168 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
14:24:03.0505 3168 AFD - ok
14:24:03.0567 3168 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
14:24:03.0567 3168 agp440 - ok
14:24:03.0583 3168 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
14:24:03.0599 3168 ALG - ok
14:24:03.0614 3168 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
14:24:03.0614 3168 aliide - ok
14:24:03.0630 3168 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
14:24:03.0630 3168 amdide - ok
14:24:03.0661 3168 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
14:24:03.0661 3168 AmdK8 - ok
14:24:03.0677 3168 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
14:24:03.0677 3168 AmdPPM - ok
14:24:03.0723 3168 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
14:24:03.0739 3168 amdsata - ok
14:24:03.0770 3168 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
14:24:03.0770 3168 amdsbs - ok
14:24:03.0801 3168 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
14:24:03.0801 3168 amdxata - ok
14:24:03.0895 3168 [ 18F64623E76FF58009D6F9CB9DEA5D0A ] Amsp C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
14:24:03.0895 3168 Amsp - ok
14:24:03.0942 3168 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
14:24:03.0942 3168 AppID - ok
14:24:03.0973 3168 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
14:24:03.0973 3168 AppIDSvc - ok
14:24:04.0004 3168 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
14:24:04.0004 3168 Appinfo - ok
14:24:04.0082 3168 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
14:24:04.0082 3168 Apple Mobile Device - ok
14:24:04.0129 3168 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
14:24:04.0129 3168 arc - ok
14:24:04.0145 3168 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
14:24:04.0145 3168 arcsas - ok
14:24:04.0160 3168 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
14:24:04.0160 3168 AsyncMac - ok
14:24:04.0207 3168 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
14:24:04.0207 3168 atapi - ok
14:24:04.0285 3168 [ 0ACC06FCF46F64ED4F11E57EE461C1F4 ] athr C:\Windows\system32\DRIVERS\athrx.sys
14:24:04.0301 3168 athr - ok
14:24:04.0347 3168 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:24:04.0363 3168 AudioEndpointBuilder - ok
14:24:04.0379 3168 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
14:24:04.0394 3168 AudioSrv - ok
14:24:04.0628 3168 [ 56C73C5BC1656656CAC38A23B4310466 ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
14:24:04.0706 3168 AVGIDSAgent - ok
14:24:04.0753 3168 [ 388056EBD5FE6718FE669078DBE37897 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdrivera.sys
14:24:04.0753 3168 AVGIDSDriver - ok
14:24:04.0784 3168 [ 550E981747D6A6C55078C77346FFC2C6 ] AVGIDSHA C:\Windows\system32\DRIVERS\avgidsha.sys
14:24:04.0784 3168 AVGIDSHA - ok
14:24:04.0800 3168 [ 5989592A91A17587799792A81E1541D4 ] Avgldx64 C:\Windows\system32\DRIVERS\avgldx64.sys
14:24:04.0800 3168 Avgldx64 - ok
14:24:04.0847 3168 [ 3FC43AA02545FCDDC22817829114DEC8 ] Avgloga C:\Windows\system32\DRIVERS\avgloga.sys
14:24:04.0847 3168 Avgloga - ok
14:24:04.0893 3168 [ 767B4A485FB22AA0FC0BF5EEF00572B9 ] Avgmfx64 C:\Windows\system32\DRIVERS\avgmfx64.sys
14:24:04.0893 3168 Avgmfx64 - ok
14:24:04.0909 3168 [ FE4F444DBE4BBBDFD8FECF49398DEFC7 ] Avgrkx64 C:\Windows\system32\DRIVERS\avgrkx64.sys
14:24:04.0909 3168 Avgrkx64 - ok
14:24:04.0940 3168 [ 6E634525613D48A1D1657FB21F21F3B2 ] Avgtdia C:\Windows\system32\DRIVERS\avgtdia.sys
14:24:04.0940 3168 Avgtdia - ok
14:24:04.0987 3168 [ 371428CF0F71934CB0F2344823ADFA32 ] avgtp C:\Windows\system32\drivers\avgtpx64.sys
14:24:04.0987 3168 avgtp - ok
14:24:05.0018 3168 [ 6B72E1E329C4E98C6B6FDD2D265E3BA3 ] avgwd C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
14:24:05.0018 3168 avgwd - ok
14:24:05.0065 3168 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
14:24:05.0065 3168 AxInstSV - ok
14:24:05.0127 3168 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
14:24:05.0127 3168 b06bdrv - ok
14:24:05.0159 3168 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
14:24:05.0159 3168 b57nd60a - ok
14:24:05.0205 3168 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
14:24:05.0205 3168 BDESVC - ok
14:24:05.0268 3168 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
14:24:05.0268 3168 Beep - ok
14:24:05.0486 3168 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
14:24:05.0502 3168 BFE - ok
14:24:05.0517 3168 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
14:24:05.0517 3168 blbdrive - ok
14:24:05.0580 3168 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
14:24:05.0580 3168 Bonjour Service - ok
14:24:05.0627 3168 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
14:24:05.0627 3168 bowser - ok
14:24:05.0658 3168 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
14:24:05.0658 3168 BrFiltLo - ok
14:24:05.0689 3168 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
14:24:05.0689 3168 BrFiltUp - ok
14:24:05.0736 3168 [ 8EF0D5C41EC907751B8429162B1239ED ] Browser C:\Windows\System32\browser.dll
14:24:05.0736 3168 Browser - ok
14:24:05.0767 3168 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
14:24:05.0767 3168 Brserid - ok
14:24:05.0783 3168 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
14:24:05.0783 3168 BrSerWdm - ok
14:24:05.0798 3168 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
14:24:05.0798 3168 BrUsbMdm - ok
14:24:05.0829 3168 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
14:24:05.0829 3168 BrUsbSer - ok
14:24:05.0876 3168 [ EA7E57F87D6FEE5FD6C5F813C04E8CD2 ] BrYNSvc C:\Program Files (x86)\Browny02\BrYNSvc.exe
14:24:05.0876 3168 BrYNSvc - ok
14:24:05.0907 3168 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
14:24:05.0907 3168 BTHMODEM - ok
14:24:05.0954 3168 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
14:24:05.0954 3168 bthserv - ok
14:24:05.0970 3168 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
14:24:05.0970 3168 cdfs - ok
14:24:06.0017 3168 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
14:24:06.0017 3168 cdrom - ok
14:24:06.0048 3168 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
14:24:06.0048 3168 CertPropSvc - ok
14:24:06.0079 3168 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
14:24:06.0079 3168 circlass - ok
14:24:06.0095 3168 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
14:24:06.0110 3168 CLFS - ok
14:24:06.0173 3168 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:24:06.0188 3168 clr_optimization_v2.0.50727_32 - ok
14:24:06.0235 3168 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:24:06.0235 3168 clr_optimization_v2.0.50727_64 - ok
14:24:06.0297 3168 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:24:06.0313 3168 clr_optimization_v4.0.30319_32 - ok
14:24:06.0375 3168 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:24:06.0375 3168 clr_optimization_v4.0.30319_64 - ok
14:24:06.0407 3168 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
14:24:06.0407 3168 CmBatt - ok
14:24:06.0438 3168 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
14:24:06.0438 3168 cmdide - ok
14:24:06.0485 3168 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
14:24:06.0500 3168 CNG - ok
14:24:06.0547 3168 [ 20F3F8674D7DEE5D90A352B775D5D5BA ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT64.sys
14:24:06.0563 3168 CnxtHdAudService - ok
14:24:06.0578 3168 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
14:24:06.0578 3168 Compbatt - ok
14:24:06.0703 3168 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
14:24:06.0703 3168 CompositeBus - ok
14:24:06.0703 3168 COMSysApp - ok
14:24:06.0734 3168 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
14:24:06.0734 3168 crcdisk - ok
14:24:06.0781 3168 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
14:24:06.0781 3168 CryptSvc - ok
14:24:06.0843 3168 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
14:24:06.0859 3168 DcomLaunch - ok
14:24:06.0890 3168 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
14:24:06.0890 3168 defragsvc - ok
14:24:06.0937 3168 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
14:24:06.0937 3168 DfsC - ok
14:24:06.0999 3168 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
14:24:06.0999 3168 Dhcp - ok
14:24:07.0015 3168 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
14:24:07.0015 3168 discache - ok
14:24:07.0031 3168 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
14:24:07.0031 3168 Disk - ok
14:24:07.0109 3168 [ D5BCB77BE83CF99F508943945D46343D ] DKbFltr C:\Windows\syswow64\Drivers\DKbFltr.sys
14:24:07.0109 3168 DKbFltr - ok
14:24:07.0155 3168 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
14:24:07.0155 3168 Dnscache - ok
14:24:07.0202 3168 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
14:24:07.0202 3168 dot3svc - ok
14:24:07.0265 3168 [ B42ED0320C6E41102FDE0005154849BB ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
14:24:07.0280 3168 Dot4 - ok
14:24:07.0327 3168 [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print C:\Windows\system32\drivers\Dot4Prt.sys
14:24:07.0327 3168 Dot4Print - ok
14:24:07.0374 3168 [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
14:24:07.0374 3168 dot4usb - ok
14:24:07.0514 3168 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
14:24:07.0514 3168 DPS - ok
14:24:07.0561 3168 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
14:24:07.0561 3168 drmkaud - ok
14:24:07.0655 3168 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
14:24:07.0670 3168 DXGKrnl - ok
14:24:07.0701 3168 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
14:24:07.0717 3168 EapHost - ok
14:24:07.0826 3168 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
14:24:07.0857 3168 ebdrv - ok
14:24:07.0889 3168 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
14:24:07.0889 3168 EFS - ok
14:24:07.0935 3168 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
14:24:07.0951 3168 ehRecvr - ok
14:24:07.0982 3168 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
14:24:07.0998 3168 ehSched - ok
14:24:08.0029 3168 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
14:24:08.0045 3168 elxstor - ok
14:24:08.0107 3168 [ 7C35C6865957289D9EFE6CC73F4AB2E1 ] ePowerSvc C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
14:24:08.0154 3168 ePowerSvc - ok
14:24:08.0169 3168 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
14:24:08.0169 3168 ErrDev - ok
14:24:08.0216 3168 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
14:24:08.0232 3168 EventSystem - ok
14:24:08.0247 3168 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
14:24:08.0247 3168 exfat - ok
14:24:08.0279 3168 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
14:24:08.0279 3168 fastfat - ok
14:24:08.0341 3168 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
14:24:08.0372 3168 Fax - ok
14:24:08.0388 3168 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
14:24:08.0403 3168 fdc - ok
14:24:08.0419 3168 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
14:24:08.0419 3168 fdPHost - ok
14:24:08.0435 3168 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
14:24:08.0450 3168 FDResPub - ok
14:24:08.0466 3168 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
14:24:08.0466 3168 FileInfo - ok
14:24:08.0481 3168 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
14:24:08.0481 3168 Filetrace - ok
14:24:08.0497 3168 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
14:24:08.0497 3168 flpydisk - ok
14:24:08.0559 3168 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
14:24:08.0559 3168 FltMgr - ok
14:24:08.0637 3168 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
14:24:08.0669 3168 FontCache - ok
14:24:08.0715 3168 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:24:08.0715 3168 FontCache3.0.0.0 - ok
14:24:08.0731 3168 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
14:24:08.0731 3168 FsDepends - ok
14:24:08.0778 3168 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
14:24:08.0778 3168 Fs_Rec - ok
14:24:08.0825 3168 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
14:24:08.0825 3168 fvevol - ok
14:24:08.0856 3168 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
14:24:08.0856 3168 gagp30kx - ok
14:24:08.0887 3168 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
14:24:08.0903 3168 GEARAspiWDM - ok
14:24:08.0981 3168 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
14:24:09.0012 3168 gpsvc - ok
14:24:09.0105 3168 [ 816FD5A6F3C2F3D600900096632FC60E ] Greg_Service C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
14:24:09.0152 3168 Greg_Service - ok
14:24:09.0152 3168 gupdate - ok
14:24:09.0168 3168 gupdatem - ok
14:24:09.0183 3168 gusvc - ok
14:24:09.0215 3168 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
14:24:09.0215 3168 hcw85cir - ok
14:24:09.0261 3168 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:24:09.0277 3168 HdAudAddService - ok
14:24:09.0339 3168 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
14:24:09.0339 3168 HDAudBus - ok
14:24:09.0371 3168 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
14:24:09.0371 3168 HidBatt - ok
14:24:09.0402 3168 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
14:24:09.0402 3168 HidBth - ok
14:24:09.0433 3168 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
14:24:09.0433 3168 HidIr - ok
14:24:09.0480 3168 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
14:24:09.0480 3168 hidserv - ok
14:24:09.0511 3168 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
14:24:09.0511 3168 HidUsb - ok
14:24:09.0558 3168 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
14:24:09.0558 3168 hkmsvc - ok
14:24:09.0620 3168 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
14:24:09.0620 3168 HomeGroupListener - ok
14:24:09.0651 3168 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
14:24:09.0667 3168 HomeGroupProvider - ok
14:24:09.0745 3168 [ 0A3C6AA4A9FC38C20BA4EAC2C3351C05 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
14:24:09.0745 3168 hpqcxs08 - ok
14:24:09.0792 3168 [ F3F72A2A86C22610BCA5439FA789DD52 ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
14:24:09.0792 3168 hpqddsvc - ok
14:24:09.0839 3168 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
14:24:09.0839 3168 HpSAMD - ok
14:24:09.0901 3168 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
14:24:09.0917 3168 HTTP - ok
14:24:09.0948 3168 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
14:24:09.0948 3168 hwpolicy - ok
14:24:09.0995 3168 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
14:24:09.0995 3168 i8042prt - ok
14:24:10.0057 3168 [ 7548066DF68A8A1A56B043359F915F37 ] IAANTMON C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
14:24:10.0057 3168 IAANTMON - ok
14:24:10.0088 3168 [ 1D004CB1DA6323B1F55CAEF7F94B61D9 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
14:24:10.0104 3168 iaStor - ok
14:24:10.0166 3168 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
14:24:10.0182 3168 iaStorV - ok
14:24:10.0244 3168 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:24:10.0291 3168 idsvc - ok
14:24:10.0509 3168 [ DFEAF0A1D98D397035012C8E28D1520F ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
14:24:10.0712 3168 igfx - ok
14:24:10.0759 3168 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
14:24:10.0759 3168 iirsp - ok
14:24:10.0821 3168 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
14:24:10.0868 3168 IKEEXT - ok
14:24:10.0931 3168 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
14:24:10.0931 3168 intelide - ok
14:24:10.0946 3168 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
14:24:10.0946 3168 intelppm - ok
14:24:10.0993 3168 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
14:24:10.0993 3168 IPBusEnum - ok
14:24:11.0040 3168 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:24:11.0040 3168 IpFilterDriver - ok
14:24:11.0102 3168 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
14:24:11.0118 3168 iphlpsvc - ok
14:24:11.0165 3168 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
14:24:11.0180 3168 IPMIDRV - ok
14:24:11.0196 3168 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
14:24:11.0211 3168 IPNAT - ok
14:24:11.0289 3168 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
14:24:11.0321 3168 iPod Service - ok
14:24:11.0336 3168 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
14:24:11.0336 3168 IRENUM - ok
14:24:11.0383 3168 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
14:24:11.0383 3168 isapnp - ok
14:24:11.0430 3168 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
14:24:11.0430 3168 iScsiPrt - ok
14:24:11.0508 3168 [ 213822072085B5BBAD9AF30AB577D817 ] IviRegMgr C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
14:24:11.0508 3168 IviRegMgr - ok
14:24:11.0523 3168 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
14:24:11.0539 3168 kbdclass - ok
14:24:11.0555 3168 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
14:24:11.0555 3168 kbdhid - ok
14:24:11.0570 3168 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
14:24:11.0586 3168 KeyIso - ok
14:24:11.0617 3168 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
14:24:11.0617 3168 KSecDD - ok
14:24:11.0679 3168 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
14:24:11.0679 3168 KSecPkg - ok
14:24:11.0711 3168 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
14:24:11.0711 3168 ksthunk - ok
14:24:11.0757 3168 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
14:24:11.0773 3168 KtmRm - ok
14:24:11.0804 3168 [ 2377EC4CC3E356655B996F39B43486B6 ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys
14:24:11.0804 3168 L1C - ok
14:24:11.0851 3168 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
14:24:11.0867 3168 LanmanServer - ok
14:24:11.0913 3168 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:24:11.0913 3168 LanmanWorkstation - ok
14:24:11.0945 3168 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
14:24:11.0945 3168 lltdio - ok
14:24:11.0976 3168 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
14:24:11.0976 3168 lltdsvc - ok
14:24:12.0007 3168 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
14:24:12.0007 3168 lmhosts - ok
14:24:12.0038 3168 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
14:24:12.0038 3168 LSI_FC - ok
14:24:12.0069 3168 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
14:24:12.0085 3168 LSI_SAS - ok
14:24:12.0101 3168 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
14:24:12.0116 3168 LSI_SAS2 - ok
14:24:12.0132 3168 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
14:24:12.0132 3168 LSI_SCSI - ok
14:24:12.0163 3168 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
14:24:12.0163 3168 luafv - ok
14:24:12.0225 3168 [ 9DB17B1DD76CF0FD0BB3DA5F1DA078C2 ] LxrSII1d C:\Windows\System32\Drivers\LxrSII1d.sys
14:24:12.0225 3168 LxrSII1d - ok
14:24:12.0225 3168 LxrSII1s - ok
14:24:12.0272 3168 [ F093EF8279734393B0A134FB55C5657D ] massfilter C:\Windows\system32\drivers\massfilter.sys
14:24:12.0272 3168 massfilter - ok
14:24:12.0303 3168 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
14:24:12.0319 3168 Mcx2Svc - ok
14:24:12.0335 3168 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
14:24:12.0335 3168 megasas - ok
14:24:12.0350 3168 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
14:24:12.0366 3168 MegaSR - ok
14:24:12.0397 3168 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
14:24:12.0397 3168 MMCSS - ok
14:24:12.0428 3168 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
14:24:12.0428 3168 Modem - ok
14:24:12.0444 3168 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
14:24:12.0444 3168 monitor - ok
14:24:12.0475 3168 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\drivers\mouclass.sys
14:24:12.0475 3168 mouclass - ok
14:24:12.0491 3168 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
14:24:12.0506 3168 mouhid - ok
14:24:12.0553 3168 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
14:24:12.0553 3168 mountmgr - ok
14:24:12.0600 3168 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
14:24:12.0600 3168 mpio - ok
14:24:12.0631 3168 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
14:24:12.0631 3168 mpsdrv - ok
14:24:12.0693 3168 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
14:24:12.0740 3168 MpsSvc - ok
14:24:12.0787 3168 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
14:24:12.0787 3168 MRxDAV - ok
14:24:12.0818 3168 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
14:24:12.0818 3168 mrxsmb - ok
14:24:12.0881 3168 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:24:12.0881 3168 mrxsmb10 - ok
14:24:12.0912 3168 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:24:12.0912 3168 mrxsmb20 - ok
14:24:12.0959 3168 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
14:24:12.0959 3168 msahci - ok
14:24:12.0990 3168 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
14:24:12.0990 3168 msdsm - ok
14:24:13.0021 3168 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
14:24:13.0021 3168 MSDTC - ok
14:24:13.0068 3168 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
14:24:13.0068 3168 Msfs - ok
14:24:13.0083 3168 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
14:24:13.0083 3168 mshidkmdf - ok
14:24:13.0115 3168 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
14:24:13.0115 3168 msisadrv - ok
14:24:13.0146 3168 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
14:24:13.0161 3168 MSiSCSI - ok
14:24:13.0161 3168 msiserver - ok
14:24:13.0193 3168 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
14:24:13.0193 3168 MSKSSRV - ok
14:24:13.0224 3168 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
14:24:13.0224 3168 MSPCLOCK - ok
14:24:13.0255 3168 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
14:24:13.0255 3168 MSPQM - ok
14:24:13.0302 3168 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
14:24:13.0302 3168 MsRPC - ok
14:24:13.0333 3168 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
14:24:13.0333 3168 mssmbios - ok
14:24:13.0333 3168 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
14:24:13.0349 3168 MSTEE - ok
14:24:13.0364 3168 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
14:24:13.0364 3168 MTConfig - ok
14:24:13.0395 3168 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
14:24:13.0395 3168 Mup - ok
14:24:13.0458 3168 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
14:24:13.0473 3168 napagent - ok
14:24:13.0489 3168 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
14:24:13.0505 3168 NativeWifiP - ok
14:24:13.0567 3168 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys
14:24:13.0598 3168 NDIS - ok
14:24:13.0614 3168 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
14:24:13.0614 3168 NdisCap - ok
14:24:13.0645 3168 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
14:24:13.0645 3168 NdisTapi - ok
14:24:13.0692 3168 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
14:24:13.0692 3168 Ndisuio - ok
14:24:13.0739 3168 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
14:24:13.0739 3168 NdisWan - ok
14:24:13.0770 3168 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
14:24:13.0785 3168 NDProxy - ok
14:24:13.0817 3168 [ D5AC41AE382738483FAFFBD7E373D49A ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
14:24:13.0817 3168 Net Driver HPZ12 - ok
14:24:13.0848 3168 [ 6F4607E2333FE21E9E3FF8133A88B35B ] Netaapl C:\Windows\system32\DRIVERS\netaapl64.sys
14:24:13.0848 3168 Netaapl - ok
14:24:14.0097 3168 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
14:24:14.0113 3168 NetBIOS - ok
14:24:14.0160 3168 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
14:24:14.0160 3168 NetBT - ok
14:24:14.0207 3168 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
14:24:14.0207 3168 Netlogon - ok
14:24:14.0238 3168 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
14:24:14.0253 3168 Netman - ok
14:24:14.0285 3168 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
14:24:14.0300 3168 netprofm - ok
14:24:14.0347 3168 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:24:14.0347 3168 NetTcpPortSharing - ok
14:24:14.0534 3168 [ 705283C02177809CA9FA7CC58A4F1E77 ] netw5v64 C:\Windows\system32\DRIVERS\netw5v64.sys
14:24:14.0659 3168 netw5v64 - ok
14:24:14.0706 3168 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
14:24:14.0706 3168 nfrd960 - ok
14:24:14.0753 3168 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
14:24:14.0768 3168 NlaSvc - ok
14:24:14.0784 3168 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
14:24:14.0784 3168 Npfs - ok
14:24:14.0815 3168 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
14:24:14.0815 3168 nsi - ok
14:24:14.0831 3168 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
14:24:14.0831 3168 nsiproxy - ok
14:24:14.0924 3168 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
14:24:14.0987 3168 Ntfs - ok
14:24:15.0002 3168 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
14:24:15.0002 3168 Null - ok
14:24:15.0049 3168 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
14:24:15.0065 3168 nvraid - ok
14:24:15.0096 3168 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
14:24:15.0111 3168 nvstor - ok
14:24:15.0143 3168 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
14:24:15.0143 3168 nv_agp - ok
14:24:15.0236 3168 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
14:24:15.0236 3168 odserv - ok
14:24:15.0299 3168 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
14:24:15.0299 3168 ohci1394 - ok
14:24:15.0330 3168 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:24:15.0345 3168 ose - ok
14:24:15.0377 3168 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
14:24:15.0408 3168 p2pimsvc - ok
14:24:15.0439 3168 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
14:24:15.0455 3168 p2psvc - ok
14:24:15.0486 3168 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
14:24:15.0501 3168 Parport - ok
14:24:15.0533 3168 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
14:24:15.0548 3168 partmgr - ok
14:24:15.0548 3168 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
14:24:15.0564 3168 PcaSvc - ok
14:24:15.0611 3168 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
14:24:15.0626 3168 pci - ok
14:24:15.0642 3168 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
14:24:15.0642 3168 pciide - ok
14:24:15.0673 3168 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
14:24:15.0673 3168 pcmcia - ok
14:24:15.0704 3168 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
14:24:15.0704 3168 pcw - ok
14:24:15.0735 3168 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
14:24:15.0751 3168 PEAUTH - ok
14:24:15.0845 3168 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
14:24:15.0845 3168 PerfHost - ok
14:24:15.0954 3168 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
14:24:16.0001 3168 pla - ok
14:24:16.0047 3168 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
14:24:16.0063 3168 PlugPlay - ok
14:24:16.0063 3168 [ 37F6046CDC630442D7DC087501FF6FC6 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
14:24:16.0079 3168 Pml Driver HPZ12 - ok
14:24:16.0094 3168 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
14:24:16.0110 3168 PNRPAutoReg - ok
14:24:16.0141 3168 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
14:24:16.0141 3168 PNRPsvc - ok
14:24:16.0172 3168 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
14:24:16.0188 3168 PolicyAgent - ok
14:24:16.0235 3168 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
14:24:16.0250 3168 Power - ok
14:24:16.0281 3168 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
14:24:16.0281 3168 PptpMiniport - ok
14:24:16.0313 3168 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
14:24:16.0313 3168 Processor - ok
14:24:16.0359 3168 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
14:24:16.0359 3168 ProfSvc - ok
14:24:16.0375 3168 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
14:24:16.0375 3168 ProtectedStorage - ok
14:24:16.0422 3168 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
14:24:16.0437 3168 Psched - ok
14:24:16.0484 3168 [ A6A7AD767BF5141665F5C675F671B3E1 ] PSI_SVC_2 C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
14:24:16.0484 3168 PSI_SVC_2 - ok
14:24:16.0547 3168 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
14:24:16.0593 3168 ql2300 - ok
14:24:16.0640 3168 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
14:24:16.0640 3168 ql40xx - ok
14:24:16.0671 3168 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
14:24:16.0687 3168 QWAVE - ok
14:24:16.0703 3168 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
14:24:16.0718 3168 QWAVEdrv - ok
14:24:16.0718 3168 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
14:24:16.0734 3168 RasAcd - ok
14:24:16.0765 3168 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
14:24:16.0765 3168 RasAgileVpn - ok
14:24:16.0796 3168 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
14:24:16.0796 3168 RasAuto - ok
14:24:16.0859 3168 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
14:24:16.0859 3168 Rasl2tp - ok
14:24:16.0905 3168 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
14:24:16.0921 3168 RasMan - ok
14:24:16.0968 3168 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
14:24:16.0968 3168 RasPppoe - ok
14:24:16.0983 3168 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
14:24:16.0999 3168 RasSstp - ok
14:24:17.0046 3168 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
14:24:17.0046 3168 rdbss - ok
14:24:17.0077 3168 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
14:24:17.0077 3168 rdpbus - ok
14:24:17.0093 3168 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
14:24:17.0093 3168 RDPCDD - ok
14:24:17.0124 3168 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
14:24:17.0124 3168 RDPENCDD - ok
14:24:17.0139 3168 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
14:24:17.0139 3168 RDPREFMP - ok
14:24:17.0202 3168 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
14:24:17.0202 3168 RDPWD - ok
14:24:17.0280 3168 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
14:24:17.0280 3168 rdyboost - ok
14:24:17.0311 3168 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
14:24:17.0327 3168 RemoteAccess - ok
14:24:17.0358 3168 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
14:24:17.0358 3168 RemoteRegistry - ok
14:24:17.0373 3168 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
14:24:17.0373 3168 RpcEptMapper - ok
14:24:17.0405 3168 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
14:24:17.0405 3168 RpcLocator - ok
14:24:17.0467 3168 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
14:24:17.0467 3168 RpcSs - ok
14:24:17.0498 3168 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
14:24:17.0514 3168 rspndr - ok
14:24:17.0545 3168 [ A5DF2F732A6C95554E548FCB6932BD31 ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
14:24:17.0545 3168 RSUSBSTOR - ok
14:24:17.0592 3168 [ B5A4B7D779CF4070DF408DE18BD33B02 ] RS_Service C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
14:24:17.0607 3168 RS_Service - ok
14:24:17.0639 3168 [ F70A9384917659A4C5EF30F0F4EC484D ] RTL8187B C:\Windows\system32\DRIVERS\RTL8187B.sys
14:24:17.0670 3168 RTL8187B - ok
14:24:17.0670 3168 RtsUIR - ok
14:24:17.0701 3168 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
14:24:17.0701 3168 SamSs - ok
14:24:17.0748 3168 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
14:24:17.0748 3168 sbp2port - ok
14:24:17.0795 3168 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
14:24:17.0795 3168 SCardSvr - ok
14:24:17.0841 3168 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
14:24:17.0841 3168 scfilter - ok
14:24:17.0904 3168 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
14:24:17.0935 3168 Schedule - ok
14:24:17.0966 3168 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
14:24:17.0966 3168 SCPolicySvc - ok
14:24:18.0013 3168 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
14:24:18.0013 3168 SDRSVC - ok
14:24:18.0044 3168 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
14:24:18.0060 3168 secdrv - ok
14:24:18.0091 3168 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
14:24:18.0107 3168 seclogon - ok
14:24:18.0138 3168 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
14:24:18.0138 3168 SENS - ok
14:24:18.0153 3168 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
14:24:18.0153 3168 SensrSvc - ok
14:24:18.0185 3168 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
14:24:18.0185 3168 Serenum - ok
14:24:18.0200 3168 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
14:24:18.0216 3168 Serial - ok
14:24:18.0231 3168 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
14:24:18.0231 3168 sermouse - ok
14:24:18.0278 3168 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
14:24:18.0278 3168 SessionEnv - ok
14:24:18.0325 3168 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
14:24:18.0341 3168 sffdisk - ok
14:24:18.0372 3168 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
14:24:18.0372 3168 sffp_mmc - ok
14:24:18.0419 3168 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
14:24:18.0419 3168 sffp_sd - ok
14:24:18.0434 3168 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
14:24:18.0434 3168 sfloppy - ok
14:24:18.0481 3168 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
14:24:18.0497 3168 SharedAccess - ok
14:24:18.0543 3168 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:24:18.0559 3168 ShellHWDetection - ok
14:24:18.0575 3168 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
14:24:18.0575 3168 SiSRaid2 - ok
14:24:18.0606 3168 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
14:24:18.0606 3168 SiSRaid4 - ok
14:24:18.0621 3168 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
14:24:18.0637 3168 Smb - ok
14:24:18.0668 3168 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
14:24:18.0668 3168 SNMPTRAP - ok
14:24:18.0684 3168 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
14:24:18.0684 3168 spldr - ok
14:24:18.0746 3168 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\Windows\System32\spoolsv.exe
14:24:18.0777 3168 Spooler - ok
14:24:18.0887 3168 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
14:24:18.0933 3168 sppsvc - ok
14:24:18.0949 3168 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
14:24:18.0949 3168 sppuinotify - ok
14:24:19.0011 3168 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
14:24:19.0027 3168 srv - ok
14:24:19.0058 3168 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
14:24:19.0058 3168 srv2 - ok
14:24:19.0074 3168 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
14:24:19.0089 3168 srvnet - ok
14:24:19.0105 3168 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
14:24:19.0105 3168 SSDPSRV - ok
14:24:19.0121 3168 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
14:24:19.0136 3168 SstpSvc - ok
14:24:19.0183 3168 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
14:24:19.0183 3168 stexstor - ok
14:24:19.0230 3168 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
14:24:19.0245 3168 stisvc - ok
14:24:19.0308 3168 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
14:24:19.0308 3168 swenum - ok
14:24:19.0339 3168 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
14:24:19.0370 3168 swprv - ok
14:24:19.0401 3168 [ 929C9FA0B18AD2EBC8340591C4BF00FF ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
14:24:19.0417 3168 SynTP - ok
14:24:19.0495 3168 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
14:24:19.0557 3168 SysMain - ok
14:24:19.0604 3168 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:24:19.0620 3168 TabletInputService - ok
14:24:19.0667 3168 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
14:24:19.0667 3168 TapiSrv - ok
14:24:19.0713 3168 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
14:24:19.0713 3168 TBS - ok
14:24:19.0791 3168 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
14:24:19.0854 3168 Tcpip - ok
14:24:19.0901 3168 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
14:24:19.0916 3168 TCPIP6 - ok
14:24:19.0963 3168 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
14:24:19.0963 3168 tcpipreg - ok
14:24:20.0010 3168 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
14:24:20.0010 3168 TDPIPE - ok
14:24:20.0041 3168 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
14:24:20.0041 3168 TDTCP - ok
14:24:20.0088 3168 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
14:24:20.0088 3168 tdx - ok
14:24:20.0135 3168 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
14:24:20.0135 3168 TermDD - ok
14:24:20.0197 3168 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
14:24:20.0228 3168 TermService - ok
14:24:20.0259 3168 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
14:24:20.0259 3168 Themes - ok
14:24:20.0275 3168 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
14:24:20.0275 3168 THREADORDER - ok
14:24:20.0322 3168 [ 73AAFFDD2AC3C8814B26C440E5DD9DD4 ] tmactmon C:\Windows\system32\DRIVERS\tmactmon.sys
14:24:20.0322 3168 tmactmon - ok
14:24:20.0353 3168 [ 360E61217D4E1E333583D0C721057F70 ] tmcomm C:\Windows\system32\DRIVERS\tmcomm.sys
14:24:20.0353 3168 tmcomm - ok
14:24:20.0400 3168 [ 699D34EB7C670139CA23A65372BD5743 ] tmevtmgr C:\Windows\system32\DRIVERS\tmevtmgr.sys
14:24:20.0400 3168 tmevtmgr - ok
14:24:20.0447 3168 [ 5922B1F5741BBDBAF7F7B4CBD2B7C4A5 ] tmlwf C:\Windows\system32\DRIVERS\tmlwf.sys
14:24:20.0447 3168 tmlwf - ok
14:24:20.0478 3168 [ 262198EFB734012BFCD17E7479AE4A09 ] tmtdi C:\Windows\system32\DRIVERS\tmtdi.sys
14:24:20.0478 3168 tmtdi - ok
14:24:20.0509 3168 [ 0A2E3899CC72AD4CC85EA3D50A5331CC ] tmwfp C:\Windows\system32\DRIVERS\tmwfp.sys
14:24:20.0525 3168 tmwfp - ok
14:24:20.0540 3168 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
14:24:20.0540 3168 TrkWks - ok
14:24:20.0603 3168 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:24:20.0618 3168 TrustedInstaller - ok
14:24:20.0665 3168 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
14:24:20.0665 3168 tssecsrv - ok
14:24:20.0696 3168 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
14:24:20.0696 3168 TsUsbFlt - ok
14:24:20.0743 3168 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
14:24:20.0743 3168 tunnel - ok
14:24:20.0774 3168 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
14:24:20.0790 3168 uagp35 - ok
14:24:20.0837 3168 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
14:24:20.0837 3168 udfs - ok
14:24:20.0868 3168 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
14:24:20.0868 3168 UI0Detect - ok
14:24:20.0883 3168 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
14:24:20.0899 3168 uliagpkx - ok
14:24:20.0946 3168 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
14:24:20.0946 3168 umbus - ok
14:24:20.0961 3168 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
14:24:20.0961 3168 UmPass - ok
14:24:21.0008 3168 [ 70DDE3A86DBEB1D6C3C30AD687B1877A ] Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
14:24:21.0024 3168 Updater Service - ok
14:24:21.0039 3168 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
14:24:21.0055 3168 upnphost - ok
14:24:21.0071 3168 [ AF1B9474D67897D0C2CFF58E0ACEACCC ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
14:24:21.0071 3168 USBAAPL64 - ok
14:24:21.0102 3168 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
14:24:21.0117 3168 usbccgp - ok
14:24:21.0117 3168 USBCCID - ok
14:24:21.0149 3168 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
14:24:21.0164 3168 usbcir - ok
14:24:21.0195 3168 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
14:24:21.0195 3168 usbehci - ok
14:24:21.0258 3168 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
14:24:21.0258 3168 usbhub - ok
14:24:21.0289 3168 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
14:24:21.0305 3168 usbohci - ok
14:24:21.0320 3168 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
14:24:21.0336 3168 usbprint - ok
14:24:21.0351 3168 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
14:24:21.0351 3168 usbscan - ok
14:24:21.0367 3168 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:24:21.0383 3168 USBSTOR - ok
14:24:21.0414 3168 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
14:24:21.0414 3168 usbuhci - ok
14:24:21.0461 3168 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
14:24:21.0461 3168 usbvideo - ok
14:24:21.0492 3168 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
14:24:21.0492 3168 UxSms - ok
14:24:21.0507 3168 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
14:24:21.0523 3168 VaultSvc - ok
14:24:21.0539 3168 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
14:24:21.0539 3168 vdrvroot - ok
14:24:21.0585 3168 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
14:24:21.0617 3168 vds - ok
14:24:21.0648 3168 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
14:24:21.0648 3168 vga - ok
14:24:21.0663 3168 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
14:24:21.0679 3168 VgaSave - ok
14:24:21.0710 3168 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
14:24:21.0710 3168 vhdmp - ok
14:24:21.0757 3168 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
14:24:21.0773 3168 viaide - ok
14:24:21.0788 3168 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
14:24:21.0804 3168 volmgr - ok
14:24:21.0851 3168 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
14:24:21.0851 3168 volmgrx - ok
14:24:21.0882 3168 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
14:24:21.0882 3168 volsnap - ok
14:24:21.0913 3168 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
14:24:21.0913 3168 vsmraid - ok
14:24:22.0007 3168 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
14:24:22.0022 3168 VSS - ok
14:24:22.0100 3168 [ 7D110D645030C05A06C3CD08D1E47D0A ] vToolbarUpdater13.2.0 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe
14:24:22.0131 3168 vToolbarUpdater13.2.0 - ok
14:24:22.0131 3168 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
14:24:22.0147 3168 vwifibus - ok
14:24:22.0163 3168 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
14:24:22.0163 3168 vwififlt - ok
14:24:22.0194 3168 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
14:24:22.0194 3168 vwifimp - ok
14:24:22.0225 3168 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
14:24:22.0241 3168 W32Time - ok
14:24:22.0272 3168 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
14:24:22.0272 3168 WacomPen - ok
14:24:22.0319 3168 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
14:24:22.0319 3168 WANARP - ok
14:24:22.0334 3168 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
14:24:22.0334 3168 Wanarpv6 - ok
14:24:22.0412 3168 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
14:24:22.0459 3168 WatAdminSvc - ok
14:24:22.0537 3168 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
14:24:22.0584 3168 wbengine - ok
14:24:22.0631 3168 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
14:24:22.0631 3168 WbioSrvc - ok
14:24:22.0677 3168 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
14:24:22.0693 3168 wcncsvc - ok
14:24:22.0709 3168 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:24:22.0709 3168 WcsPlugInService - ok
14:24:22.0740 3168 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
14:24:22.0740 3168 Wd - ok
14:24:22.0787 3168 [ A3D04EBF5227886029B4532F20D026F7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam64.sys
14:24:22.0787 3168 WDC_SAM - ok
14:24:22.0833 3168 [ 334E5ED94D3FAFF3C44F4D36B1FE1C90 ] WDDMService C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
14:24:22.0849 3168 WDDMService - ok
14:24:22.0880 3168 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
14:24:22.0896 3168 Wdf01000 - ok
14:24:22.0927 3168 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
14:24:22.0927 3168 WdiServiceHost - ok
14:24:22.0943 3168 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
14:24:22.0943 3168 WdiSystemHost - ok
14:24:22.0989 3168 [ 138AB06ADBBF300AA804D7974A5AEC82 ] WDSmartWareBackgroundService C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
14:24:22.0989 3168 WDSmartWareBackgroundService - ok
14:24:23.0036 3168 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
14:24:23.0036 3168 WebClient - ok
14:24:23.0067 3168 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
14:24:23.0067 3168 Wecsvc - ok
14:24:23.0083 3168 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
14:24:23.0083 3168 wercplsupport - ok
14:24:23.0114 3168 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
14:24:23.0114 3168 WerSvc - ok
14:24:23.0145 3168 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
14:24:23.0145 3168 WfpLwf - ok
14:24:23.0161 3168 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
14:24:23.0177 3168 WIMMount - ok
14:24:23.0192 3168 WinDefend - ok
14:24:23.0208 3168 WinHttpAutoProxySvc - ok
14:24:23.0286 3168 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
14:24:23.0286 3168 Winmgmt - ok
14:24:23.0395 3168 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
14:24:23.0457 3168 WinRM - ok
14:24:23.0504 3168 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
14:24:23.0520 3168 WinUsb - ok
14:24:23.0567 3168 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
14:24:23.0598 3168 Wlansvc - ok
14:24:23.0629 3168 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
14:24:23.0629 3168 WmiAcpi - ok
14:24:23.0676 3168 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
14:24:23.0676 3168 wmiApSrv - ok
14:24:23.0707 3168 WMPNetworkSvc - ok
14:24:23.0707 3168 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
14:24:23.0723 3168 WPCSvc - ok
14:24:23.0769 3168 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
14:24:23.0769 3168 WPDBusEnum - ok
14:24:23.0801 3168 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
14:24:23.0801 3168 ws2ifsl - ok
14:24:23.0816 3168 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
14:24:23.0816 3168 wscsvc - ok
14:24:23.0832 3168 WSearch - ok
14:24:23.0847 3168 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
14:24:23.0863 3168 WudfPf - ok
14:24:23.0910 3168 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
14:24:23.0910 3168 WUDFRd - ok
14:24:23.0957 3168 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
14:24:23.0957 3168 wudfsvc - ok
14:24:23.0988 3168 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
14:24:23.0988 3168 WwanSvc - ok
14:24:24.0035 3168 [ FF5A03A65B68DB7E02A12880399D40D4 ] ZTEusbmdm6k C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys
14:24:24.0035 3168 ZTEusbmdm6k - ok
14:24:24.0066 3168 [ A11DC648D2164FCDEB36ACBF52808E30 ] ZTEusbnet C:\Windows\system32\DRIVERS\ZTEusbnet.sys
14:24:24.0066 3168 ZTEusbnet - ok
14:24:24.0097 3168 [ FF5A03A65B68DB7E02A12880399D40D4 ] ZTEusbnmea C:\Windows\system32\DRIVERS\ZTEusbnmea.sys
14:24:24.0097 3168 ZTEusbnmea - ok
14:24:24.0128 3168 [ FF5A03A65B68DB7E02A12880399D40D4 ] ZTEusbser6k C:\Windows\system32\DRIVERS\ZTEusbser6k.sys
14:24:24.0128 3168 ZTEusbser6k - ok
14:24:24.0222 3168 ================ Scan global ===============================
14:24:24.0237 3168 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
14:24:24.0284 3168 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
14:24:24.0315 3168 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
14:24:24.0331 3168 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
14:24:24.0378 3168 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
14:24:24.0378 3168 [Global] - ok
14:24:24.0378 3168 ================ Scan MBR ==================================
14:24:24.0393 3168 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
14:24:24.0752 3168 \Device\Harddisk0\DR0 - ok
14:24:24.0752 3168 ================ Scan VBR ==================================
14:24:24.0768 3168 [ 14BF1A22AF75EC90C23452AAB6AEF90D ] \Device\Harddisk0\DR0\Partition1
14:24:24.0768 3168 \Device\Harddisk0\DR0\Partition1 - ok
14:24:24.0783 3168 [ 8F6EB5C5B7185CAF580361E8D57ECACE ] \Device\Harddisk0\DR0\Partition2
14:24:24.0783 3168 \Device\Harddisk0\DR0\Partition2 - ok
14:24:24.0815 3168 [ 0372A2EE727215B89C481E476E50A706 ] \Device\Harddisk0\DR0\Partition3
14:24:24.0815 3168 \Device\Harddisk0\DR0\Partition3 - ok
14:24:24.0815 3168 ============================================================
14:24:24.0815 3168 Scan finished
14:24:24.0815 3168 ============================================================
14:24:24.0830 3656 Detected object count: 0
14:24:24.0830 3656 Actual detected object count: 0
14:24:50.0041 2272 Deinitialize success


aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2012-12-01 14:55:44
-----------------------------
14:55:44.049 OS Version: Windows x64 6.1.7601 Service Pack 1
14:55:44.049 Number of processors: 2 586 0x170A
14:55:44.080 ComputerName: SUSAN-PC UserName: susan
14:55:44.517 Initialze error C0000061 - driver not loaded
14:55:55.250 AVAST engine defs: 12113001
14:56:51.925 Service scanning
14:57:11.924 Modules scanning
14:57:11.924 Disk 0 trace - called modules:
14:57:11.924
14:57:13.110 AVAST engine scan C:\Windows
14:57:15.434 AVAST engine scan C:\Windows\system32
15:00:16.223 AVAST engine scan C:\Windows\system32\drivers
15:00:30.060 AVAST engine scan C:\Users\susan
15:11:23.592 The log file has been saved successfully to "C:\Users\susan\Desktop\aswMBR.txt"

The ESET Scan didn't give me a log I could find but at the end it said No Threats Found.

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:46 PM

Posted 01 December 2012 - 10:08 AM

ASWMBR log is incomplete

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.

#5 Oneeyedsophie

Oneeyedsophie
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:10:46 AM

Posted 01 December 2012 - 12:05 PM

Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Database version: v2012.12.01.07

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
[administrator]

12/2/2012 2:28:21 AM
mbam-log-2012-12-02 (02-28-21).txt

Scan type: Full scan (C:\|D:\|E:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 418315
Time elapsed: 1 hour(s), 15 minute(s), 26 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

MiniToolBox by Farbar Version: 25-11-2012
Ran by susan (administrator) on 02-12-2012 at 02:29:45
Running from "C:\Users\susan\Downloads"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================



========================= IP Configuration: ================================

Atheros AR5B91 Wireless Network Adapter = Wireless Network Connection (Connected)
Atheros AR8131 PCI-E Gigabit Ethernet Controller (NDIS 6.20) = Local Area Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global defaultcurhoplimit=64 icmpredirects=enabled
add address name="Wireless Network Connection 2" address=192.168.137.1 mask=255.255.255.0


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : susan-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : BigPond

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : 06-26-5E-68-BB-15
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : BigPond
Description . . . . . . . . . . . : Atheros AR5B91 Wireless Network Adapter
Physical Address. . . . . . . . . : 00-26-5E-68-BB-15
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::c4e8:3f25:2153:d28b%11(Preferred)
IPv4 Address. . . . . . . . . . . : 10.0.0.9(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Sunday, December 02, 2012 1:37:29 AM
Lease Expires . . . . . . . . . . : Monday, December 03, 2012 1:37:29 AM
Default Gateway . . . . . . . . . : 10.0.0.138
DHCP Server . . . . . . . . . . . : 10.0.0.138
DHCPv6 IAID . . . . . . . . . . . : 301999710
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-12-A7-4E-BB-00-26-9E-16-94-02
DNS Servers . . . . . . . . . . . : 10.0.0.138
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Atheros AR8131 PCI-E Gigabit Ethernet Controller (NDIS 6.20)
Physical Address. . . . . . . . . : 00-26-9E-16-94-02
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:1c5d:227f:f5ff:fff6(Preferred)
Link-local IPv6 Address . . . . . : fe80::1c5d:227f:f5ff:fff6%27(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.BigPond:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : BigPond
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #5
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: BigPond.BigPond
Address: 10.0.0.138

Name: google.com
Addresses: 2404:6800:4006:800::1004
74.125.237.3
74.125.237.14
74.125.237.6
74.125.237.5
74.125.237.4
74.125.237.0
74.125.237.1
74.125.237.9
74.125.237.8
74.125.237.2
74.125.237.7


Pinging google.com [74.125.237.4] with 32 bytes of data:
Reply from 74.125.237.4: bytes=32 time=22ms TTL=55
Reply from 74.125.237.4: bytes=32 time=21ms TTL=55

Ping statistics for 74.125.237.4:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 21ms, Maximum = 22ms, Average = 21ms
Server: BigPond.BigPond
Address: 10.0.0.138

Name: yahoo.com
Addresses: 98.138.253.109
98.139.183.24
72.30.38.140


Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=316ms TTL=44
Reply from 98.138.253.109: bytes=32 time=220ms TTL=45

Ping statistics for 98.138.253.109:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 220ms, Maximum = 316ms, Average = 268ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=64
Reply from 127.0.0.1: bytes=32 time<1ms TTL=64

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
13...06 26 5e 68 bb 15 ......Microsoft Virtual WiFi Miniport Adapter
11...00 26 5e 68 bb 15 ......Atheros AR5B91 Wireless Network Adapter
10...00 26 9e 16 94 02 ......Atheros AR8131 PCI-E Gigabit Ethernet Controller (NDIS 6.20)
1...........................Software Loopback Interface 1
27...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
29...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #5
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 10.0.0.138 10.0.0.9 25
10.0.0.0 255.255.255.0 On-link 10.0.0.9 281
10.0.0.9 255.255.255.255 On-link 10.0.0.9 281
10.0.0.255 255.255.255.255 On-link 10.0.0.9 281
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 10.0.0.9 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 10.0.0.9 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
27 58 ::/0 On-link
1 306 ::1/128 On-link
27 58 2001::/32 On-link
27 306 2001:0:4137:9e76:1c5d:227f:f5ff:fff6/128
On-link
11 281 fe80::/64 On-link
27 306 fe80::/64 On-link
27 306 fe80::1c5d:227f:f5ff:fff6/128
On-link
11 281 fe80::c4e8:3f25:2153:d28b/128
On-link
1 306 ff00::/8 On-link
27 306 ff00::/8 On-link
11 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (12/02/2012 02:03:25 AM) (Source: Application Hang) (User: )
Description: The program mmc.exe version 6.1.7600.16385 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 164c

Start Time: 01cdcfd4e6bb3017

Termination Time: 47

Application Path: C:\Windows\system32\mmc.exe

Report Id: 34ff1534-3bc8-11e2-a4cc-00269e169402

Error: (12/02/2012 01:42:59 AM) (Source: MsiInstaller) (User: susan-PC)
Description: Product: Java™ 6 Update 20 -- Error 1723.There is a problem with this Windows Installer package. A DLL required for this install to complete could not be run. Contact your support personnel or package vendor. Action UninstallJRE, entry: MSIUninstallJRE, library: C:\Program Files (x86)\Java\jre6\bin\regutils.dll

Error: (12/01/2012 11:44:22 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (12/01/2012 11:44:16 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (12/01/2012 03:47:09 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (12/01/2012 03:47:05 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (12/01/2012 02:00:12 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 57291149

Error: (12/01/2012 02:00:12 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 57291149

Error: (12/01/2012 02:00:12 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (11/30/2012 06:50:13 PM) (Source: MsiInstaller) (User: susan-PC)
Description: Product: Java™ 6 Update 20 -- Error 1723.There is a problem with this Windows Installer package. A DLL required for this install to complete could not be run. Contact your support personnel or package vendor. Action UninstallJRE, entry: MSIUninstallJRE, library: C:\Program Files (x86)\Java\jre6\bin\regutils.dll


System errors:
=============
Error: (12/02/2012 01:40:01 AM) (Source: Service Control Manager) (User: )
Description: The Google Update Service (gupdate) service failed to start due to the following error:
%%2

Error: (12/02/2012 01:37:33 AM) (Source: Service Control Manager) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error:
%%5

Error: (12/02/2012 01:37:27 AM) (Source: Service Control Manager) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error:
%%5

Error: (12/01/2012 11:41:59 PM) (Source: DCOM) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}

Error: (12/01/2012 11:41:59 PM) (Source: DCOM) (User: )
Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (12/01/2012 11:41:55 PM) (Source: DCOM) (User: )
Description: 1084EventSystem{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (12/01/2012 11:41:47 PM) (Source: DCOM) (User: )
Description: 1084ShellHWDetection{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (12/01/2012 11:41:34 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
AVGIDSDriver
Avgldx64
discache
spldr
tmtdi
Wanarpv6

Error: (12/01/2012 11:41:32 PM) (Source: Service Control Manager) (User: )
Description: The AVGIDSAgent service depends on the AVGIDSDriver service which failed to start because of the following error:
%%31

Error: (12/01/2012 11:40:14 PM) (Source: Service Control Manager) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error:
%%5


Microsoft Office Sessions:
=========================
Error: (05/05/2011 10:25:49 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6555.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 3 seconds with 0 seconds of active time. This session ended with a crash.

Error: (08/03/2010 02:49:49 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6535.5002, Microsoft Office Version: 12.0.6425.1000. This session lasted 762651 seconds with 120 seconds of active time. This session ended with a crash.


=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
2007 Microsoft Office system (Version: 12.0.6612.1000)
64 Bit HP CIO Components Installer (Version: 6.2.1)
Acer Crystal Eye Webcam (Version: 5.2.7.1)
Acer ePower Management (Version: 4.05.3002)
Acer eRecovery Management (Version: 4.05.3003)
Acer GameZone Console (Version: 5.1.0.2)
Acer GridVista (Version: 3.01.0730)
Acer Registration (Version: 1.02.3004)
Acer ScreenSaver (Version: 1.01.0805)
Acer Updater (Version: 1.01.3014)
Acer VCM (Version: 4.05.3000)
Acrobat.com (Version: 1.6.65)
Adobe AIR (Version: 1.5.0.7220)
Adobe Digital Editions
Adobe Flash Player 10 ActiveX (Version: 10.3.181.34)
Adobe Reader X (10.1.4) (Version: 10.1.4)
Adobe Shockwave Player 11.6 (Version: 11.6.4.634)
Agatha Christie Death on the Nile FREE
Alice Greenfingers
Amazonia
Apple Application Support (Version: 2.2.2)
Apple Mobile Device Support (Version: 6.0.0.59)
Apple Software Update (Version: 2.1.3.127)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (Version: 1.0.0.10)
AVG 2013 (Version: 13.0.2634)
AVG 2013 (Version: 13.0.2793)
AVG 2013 (Version: 2013.0.2793)
AVG Security Toolbar
BigPond Wireless Broadband (Version: 2.16.4)
Bonjour (Version: 3.0.0.10)
BufferChm (Version: 130.0.331.000)
Chicken Invaders 2
Conexant HD Audio (Version: 4.98.9.0)
Copy (Version: 130.0.366.000)
Dairy Dash
Destinations (Version: 140.0.77.000)
DeviceDiscovery (Version: 130.0.372.000)
DJ_AIO_06_F2400_SW_Min (Version: 130.0.373.000)
Dream Day First Home
eBay Worldwide (Version: 2.1.0703)
ESET Online Scanner v3
eSobi v2 (Version: 2.0.4.000274)
F2400 (Version: 130.0.373.000)
Farm Frenzy 2
Google Chrome (Version: 21.0.1180.89)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.4.3203.136)
Google Update Helper (Version: 1.3.21.115)
GPBaseService2 (Version: 130.0.371.000)
Granny In Paradise
Heroes of Hellas
HL-2130 (Version: 1.0.7.0)
HP Customer Participation Program 13.0 (Version: 13.0)
HP Deskjet 3050 J610 series Basic Device Software (Version: 22.0.334.0)
HP Deskjet 3050 J610 series Help (Version: 140.0.63.63)
HP Deskjet F2400 All-In-One Driver Software 13.0 Rel .6 (Version: 13.0)
HP Imaging Device Functions 13.0 (Version: 13.0)
HP Photo Creations (Version: 1.0.0.${CAB_VERSION})
HP Print Projects 1.0 (Version: 1.0)
HP Smart Web Printing 4.60 (Version: 4.60)
HP Solution Center 13.0 (Version: 13.0)
HP Update (Version: 5.002.006.003)
HPPhotoGadget (Version: 130.0.282.000)
hpPrintProjects (Version: 130.0.303.000)
HPProductAssistant (Version: 130.0.371.000)
HPSSupply (Version: 130.0.371.000)
hpWLPGInstaller (Version: 130.0.303.000)
iCloud (Version: 2.0.2.187)
Identity Card (Version: 1.00.3001)
Intel® Graphics Media Accelerator Driver
Intel® Matrix Storage Manager
InterVideo WinDVD 8 (Version: 8.5.10.36)
iTunes (Version: 10.7.0.21)
Java Auto Updater (Version: 2.0.2.4)
Java™ 6 Update 26 (Version: 6.0.260)
Launch Manager (Version: 3.0.02)
Malwarebytes Anti-Malware version 1.65.1.1000 (Version: 1.65.1.1000)
MarketResearch (Version: 130.0.374.000)
Merriam Websters Spell Jam
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000)
Microsoft Office Live Add-in 1.3 (Version: 2.0.2313.0)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Professional Hybrid 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Suite Activation Assistant (Version: 2.9)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
MobileMe Control Panel (Version: 3.1.8.0)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
NETGEAR WG111v3 wireless USB 2.0 adapter (Version: 1.01.10)
Norton Security Scan (Version: 3.7.1.4)
QuickTime (Version: 7.72.80.56)
Realtek USB 2.0 Card Reader (Version: 6.1.7100.30094)
ResearchSoft Direct Export Helper
SanctionedMedia (Version: 4.5.0.0)
Scan (Version: 140.0.80.000)
Shop for HP Supplies (Version: 13.0)
SmartWebPrinting (Version: 140.0.186.000)
SolutionCenter (Version: 130.0.373.000)
Star Defender 4
Status (Version: 130.0.373.000)
swMSM (Version: 12.0.0.1)
Synaptics Pointing Device Driver (Version: 13.2.4.12)
Toolbox (Version: 130.0.648.000)
TrayApp (Version: 130.0.376.000)
Trend Micro Titanium Maximum Security (Version: 3.1.1109)
Trend Micro™ Titanium™ Maximum Security (Version: 3.00)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687310) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Visual Studio 2010 x64 Redistributables (Version: 13.0.0.1)
WD SmartWare (Version: 1.2.0.8)
WebReg (Version: 130.0.132.017)
Welcome Center (Version: 1.00.3005)
Windows Live Call (Version: 14.0.8117.0416)
Windows Live Communications Platform (Version: 14.0.8117.416)
Windows Live Essentials (Version: 14.0.8117.0416)
Windows Live Essentials (Version: 14.0.8117.416)
Windows Live Messenger (Version: 14.0.8117.0416)
Windows Live Photo Gallery (Version: 14.0.8117.416)
Windows Live Sign-in Assistant (Version: 5.000.818.5)
Windows Live Sync (Version: 14.0.8117.416)
Windows Live Upload Tool (Version: 14.0.8014.1029)
WiseConvert Toolbar (Version: 6.8.9.0)
Yahoo! Toolbar

========================= Memory info: ===================================

Percentage of memory in use: 50%
Total physical RAM: 3996.93 MB
Available physical RAM: 1995.24 MB
Total Pagefile: 7992.05 MB
Available Pagefile: 5827.09 MB
Total Virtual: 4095.88 MB
Available Virtual: 3969.33 MB

========================= Partitions: =====================================

1 Drive c: (Acer) (Fixed) (Total:140.25 GB) (Free:20.06 GB) NTFS
2 Drive d: (DATA) (Fixed) (Total:140.25 GB) (Free:115.23 GB) NTFS

========================= Users: ========================================

User accounts for \\SUSAN-PC

Administrator Guest susan

========================= Restore Points ==================================

14-11-2012 06:53:32 Scheduled Checkpoint
28-11-2012 08:50:08 Scheduled Checkpoint
30-11-2012 05:23:09 Removed Java™ 6 Update 26
30-11-2012 07:47:25 Removed Java™ 6 Update 26
01-12-2012 14:41:33 Removed Java™ 6 Update 26

**** End of log ****


Farbar Service Scanner Version: 01-12-2012 01
Ran by susan (administrator) on 02-12-2012 at 02:32:55
Running from "C:\Users\susan\Downloads"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============
wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is set to Disabled. The default start type is Auto.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.

BITS Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Disabled. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

# AdwCleaner v2.010 - Logfile created 12/02/2012 at 03:45:45
# Updated 29/11/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : susan - SUSAN-PC
# Boot Mode : Normal
# Running from : C:\Users\susan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KY9U2M0L\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Deleted on reboot : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Deleted : C:\Program Files (x86)\AVG Secure Search
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\ProgramData\boost_interprocess
Folder Deleted : C:\ProgramData\Partner
Folder Deleted : C:\Users\susan\AppData\Local\AVG Secure Search
Folder Deleted : C:\Users\susan\AppData\Local\Conduit
Folder Deleted : C:\Users\susan\AppData\Local\SanctionedMedia
Folder Deleted : C:\Users\susan\AppData\LocalLow\AVG Secure Search
Folder Deleted : C:\Users\susan\AppData\LocalLow\Conduit

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Software\WiseConvert
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EBD898F8-FCF6-4694-BC3B-EABC7271EEB1}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{71B1DF81-18D9-4E5B-9493-CAB02B6E9D8F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EBD898F8-FCF6-4694-BC3B-EABC7271EEB1}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Smad
Key Deleted : HKCU\Software\SanctionedMedia
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\Software\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Key Deleted : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\S
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3196716
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{71B1DF81-18D9-4E5B-9493-CAB02B6E9D8F}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\Software\WiseConvert
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{71B1DF81-18D9-4E5B-9493-CAB02B6E9D8F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EBD898F8-FCF6-4694-BC3B-EABC7271EEB1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{52A4F385-AA0C-41EA-936E-80E2FB32368E}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6E0D752A-FC63-44D8-BA4E-69494C733F04}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EBD898F8-FCF6-4694-BC3B-EABC7271EEB1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WiseConvert Toolbar
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EBD898F8-FCF6-4694-BC3B-EABC7271EEB1}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{EBD898F8-FCF6-4694-BC3B-EABC7271EEB1}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{EBD898F8-FCF6-4694-BC3B-EABC7271EEB1}]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{EBD898F8-FCF6-4694-BC3B-EABC7271EEB1}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Google Chrome v [Unable to get version]

File : C:\Users\susan\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S2].txt - [8377 octets] - [02/12/2012 03:45:45]

########## EOF - C:\AdwCleaner[S2].txt - [8437 octets] ##########

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 3.7.0 (11.30.2012:3)
OS: Windows 7 Home Premium x64
Ran by susan on Sun 12/02/2012 at 3:54:22.79
Blog: http://thisisudax.blogspot.com
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully deleted: [Registry Value] hkey_local_machine\software\microsoft\windows\currentversion\run\\vProt
Successfully deleted: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\toolbar\\{ef99bd32-c1fb-11d2-892f-0090271d4f88}
Successfully deleted: [Registry Value] hkey_current_user\software\microsoft\internet explorer\urlsearchhooks\\{ef99bd32-c1fb-11d2-892f-0090271d4f88}



~~~ Registry Keys

Successfully deleted: [Registry Key] hkey_classes_root\clsid\{ef99bd32-c1fb-11d2-892f-0090271d4f88}



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sun 12/02/2012 at 4:02:57.02
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:46 PM

Posted 01 December 2012 - 12:20 PM

Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

#7 Oneeyedsophie

Oneeyedsophie
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:10:46 AM

Posted 01 December 2012 - 12:38 PM

Rkill 2.4.5 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 12/02/2012 04:31:18 AM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* C:\Windows\SysWOW64\LxrSII1s.exe (PID: 2148) [WD-HEUR]
* C:\Windows\PLFSetI.exe (PID: 3448) [WD-HEUR]

2 proccesses terminated!

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
* HKLM\Software\Classes\exefile\shell\open\command\\IsolatedCommand was changed. It was reset to "%1" %*!

* HKLM\Software\Classes\exefile\shell\runas\command\\IsolatedCommand was changed. It was reset to "%1" %*!


Performing miscellaneous checks:

* ALERT: ZEROACCESS rootkit symptoms found!

* HKEY_CLASSES_ROOT\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InprocServer32 [ZA Reg Hijack]
* C:\Users\susan\AppData\Local\{21ccea86-4227-5f42-e371-d948a8e1e965}\ [ZA Dir]
* C:\Users\susan\AppData\Local\{21ccea86-4227-5f42-e371-d948a8e1e965}\@ [ZA File]
* C:\Users\susan\AppData\Local\{21ccea86-4227-5f42-e371-d948a8e1e965}\L\ [ZA Dir]
* C:\Users\susan\AppData\Local\{21ccea86-4227-5f42-e371-d948a8e1e965}\U\ [ZA Dir]

Checking Windows Service Integrity:

* Windows Defender (WinDefend) is not Running.
Startup Type set to: Disabled

* Security Center (wscsvc) is not Running.
Startup Type set to: Disabled

* BITS [Missing Service]
* wuauserv [Missing Service]

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* No issues found.

Program finished at: 12/02/2012 04:31:37 AM
Execution time: 0 hours(s), 0 minute(s), and 19 seconds(s)

"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms" "" "" ""
+ "rdpclip" "" "" "File not found: rdpclip"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Acer ePower Management" "ePowerTray" "Acer Incorporated" "c:\program files\acer\acer epower management\epowertray.exe"
+ "cAudioFilterAgent" "Conexant High Definition Audio Filter Agent" "Conexant Systems, Inc." "c:\program files\conexant\caudiofilteragent\caudiofilteragent64.exe"
+ "HotKeysCmds" "hkcmd Module" "Intel Corporation" "c:\windows\system32\hkcmd.exe"
+ "IAAnotif" "Event Monitor User Notification Tool" "Intel Corporation" "c:\program files (x86)\intel\intel matrix storage manager\iaanotif.exe"
+ "iftsr" "" "" "File not found: C:\Users\susan\AppData\Roaming\iftsr.dll"
+ "IgfxTray" "igfxTray Module" "Intel Corporation" "c:\windows\system32\igfxtray.exe"
+ "Persistence" "persistence Module" "Intel Corporation" "c:\windows\system32\igfxpers.exe"
+ "PLFSetI" "DefaultSettingEXE MFC Application" "" "c:\windows\plfseti.exe"
+ "SynTPEnh" "Synaptics TouchPad Enhancements" "Synaptics Incorporated" "c:\program files\synaptics\syntp\syntpenh.exe"
+ "Trend Micro Client Framework" "Trend Micro Client Session Agent Monitor" "Trend Micro Inc." "c:\program files\trend micro\uniclient\uifrmwrk\uiwatchdog.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Adobe ARM" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe"
+ "AppleSyncNotifier" "AppleSyncNotifier" "Apple Inc." "c:\program files (x86)\common files\apple\mobile device support\applesyncnotifier.exe"
+ "APSDaemon" "Apple Push" "Apple Inc." "c:\program files (x86)\common files\apple\apple application support\apsdaemon.exe"
+ "AVG_UI" "AVG User Interface" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2013\avgui.exe"
+ "BigPondWirelessBroadbandCM" "Connection Manager" "Telstra" "c:\program files (x86)\telstra\bigpond wireless broadband\bigpond_cm.exe"
+ "BrStsMon00" "Brother Status Monitor Application" "Brother Industries, Ltd." "c:\program files (x86)\browny02\brother\brstmonw.exe"
+ "HP Software Update" "hpwuSchd Application" "Hewlett-Packard" "c:\program files (x86)\hp\hp software update\hpwuschd2.exe"
+ "iTunesHelper" "iTunesHelper" "Apple Inc." "c:\program files (x86)\itunes\ituneshelper.exe"
+ "LManager" "Launch Manager" "Dritek System Inc." "c:\program files (x86)\launch manager\lmanager.exe"
+ "QuickTime Task" "QuickTime Task" "Apple Inc." "c:\program files (x86)\quicktime\qttask.exe"
+ "ROC_ROC_NT" "" "" "File not found: C:\Program Files (x86)\AVG Secure Search\ROC_ROC_NT.exe"
+ "ROC_roc_ssl_v12" "" "" "File not found: C:\Program Files (x86)\AVG Secure Search\ROC_roc_ssl_v12.exe"
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "Acer VCM.lnk" "Acer VCM" "Acer Incorporated" "c:\program files (x86)\acer\acer vcm\acervcm.exe"
+ "HP Digital Imaging Monitor.lnk" "HP Digital Imaging Monitor" "Hewlett-Packard Co." "c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe"
+ "NETGEAR WG111v3 Smart Wizard.lnk" "" "" "File not found: C:\Program Files (x86)\NETGEAR\WG111v3\WG111v3.exe"
+ "WDDMStatus.lnk" "WD Drive Manager" "WDC" "c:\program files\western digital\wd smartware\wd drive manager\wddmstatus.exe"
+ "WDSmartWare.lnk" "WD SmartWare" "Western Digital" "c:\program files (x86)\western digital\wd smartware\front parlor\wdsmartware.exe"
"C:\Users\susan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "OneNote 2007 Screen Clipper and Launcher.lnk" "Microsoft Office OneNote Quick Launcher" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office12\onenotem.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files (x86)\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Global Registration" "Global Registration" "Acer Incorporated" "c:\program files (x86)\acer\registration\greg.exe"
+ "MobileDocuments" "" "" "File not found: C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe"
+ "msnmsgr" "Windows Live Messenger" "Microsoft Corporation" "c:\program files (x86)\windows live\messenger\msnmsgr.exe"
+ "NortonOnlineBackupReminder" "" "" "File not found: C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe"
+ "OE" "" "" "File not found: C:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe"
+ "Sidebar" "Windows Desktop Gadgets" "Microsoft Corporation" "c:\program files\windows sidebar\sidebar.exe"
+ "swg" "" "" "File not found: C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "text/xml" "Microsoft Office XML MIME Filter" "Microsoft Corporation" "c:\program files\common files\microsoft shared\office12\msoxmlmf.dll"
"HKLM\SOFTWARE\Classes\Protocols\Handler" "" "" ""
+ "tmbp" "Trend Micro Browser Plug-In (IE)" "Trend Micro Inc." "c:\program files\trend micro\amsp\module\20002\6.6.1010\6.6.1010\tmbpie64.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "AVG Shell Extension" "AVG Shell Extension" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2013\avgsea.dll"
+ "PhotoStreamsExt" "" "" "c:\program files\common files\apple\internet services\shellstreams64.dll"
+ "TmdshellExt Class" "Trend Micro Client Shell Extension" "Trend Micro Inc." "c:\program files\trend micro\uniclient\uifrmwrk\tmdshell.dll"
"HKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "AVG Shell Extension" "AVG Shell Extension" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2013\avgse.dll"
+ "PhotoStreamsExt" "ShellStreams.dll" "Apple Inc." "c:\program files (x86)\common files\apple\internet services\shellstreams.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll"
+ "igfxcui" "igfxpph Module" "Intel Corporation" "c:\windows\system32\igfxpph.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files (x86)\windows sidebar\sbdrop.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "AVG Shell Extension" "AVG Shell Extension" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2013\avgsea.dll"
+ "TmdshellExt Class" "Trend Micro Client Shell Extension" "Trend Micro Inc." "c:\program files\trend micro\uniclient\uifrmwrk\tmdshell.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "AVG Shell Extension" "AVG Shell Extension" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2013\avgse.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Google Toolbar Helper" "" "" "File not found: C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll"
+ "TmBpIeBHO Class" "Trend Micro Browser Plug-In (IE)" "Trend Micro Inc." "c:\program files\trend micro\amsp\module\20002\6.6.1010\6.6.1010\tmbpie64.dll"
+ "TmIEPlugInBHO Class" "Trend Micro NSC IE Plug-In" "Trend Micro Inc." "c:\program files\trend micro\amsp\module\20004\1.5.1505\6.6.1088\tmieplg.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "&Yahoo! Toolbar Helper" "" "" "File not found: C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll"
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "Google Toolbar Helper" "" "" "File not found: C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll"
+ "HP Print Enhancer" "HP Smart Web Printing add-on for Internet Explorer" "Hewlett-Packard Co." "c:\program files (x86)\hp\digital imaging\smart web printing\hpswp_printenhancer.dll"
+ "HP Smart BHO Class" "HP Smart Web Printing add-on for Internet Explorer" "Hewlett-Packard Co." "c:\program files (x86)\hp\digital imaging\smart web printing\hpswp_bho.dll"
+ "Java™ Plug-In 2 SSV Helper" "" "" "File not found: C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll"
+ "SingleInstance Class" "" "" "File not found: C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll"
+ "TmBpIeBHO Class" "Trend Micro Browser Plug-In (IE)" "Trend Micro Inc." "c:\program files\trend micro\amsp\module\20002\6.6.1010\6.6.1010\tmbpie32.dll"
+ "TmIEPlugInBHO Class" "Trend Micro NSC IE Plug-In" "Trend Micro Inc." "c:\program files\trend micro\amsp\module\20004\1.5.1505\6.6.1088\tmieplg32.dll"
+ "TSToolbarBHO" "Trend Micro TrendSecure" "Trend Micro Inc." "c:\program files\trend micro\titanium\uiframework\toolbarie.dll"
+ "Windows Live Sign-in Helper" "WindowsLiveLogin.dll" "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "Google Toolbar" "" "" "File not found: C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "Google Toolbar" "" "" "File not found: C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll"
+ "Trend Micro Toolbar" "Trend Micro TrendSecure" "Trend Micro Inc." "c:\program files\trend micro\titanium\uiframework\toolbarie.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "S&end to OneNote" "Microsoft Office OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office12\onbttnie.dll"
+ "Show or hide HP Smart Web Printing" "HP Smart Web Printing add-on for Internet Explorer" "Hewlett-Packard Co." "c:\program files (x86)\hp\digital imaging\smart web printing\hpswp_bho.dll"
"Task Scheduler" "" "" ""
+ "\Apple\AppleSoftwareUpdate" "Apple Software Update" "Apple Inc." "c:\program files (x86)\apple software update\softwareupdate.exe"
+ "\HP Photo Creations Communicator" "" "" "c:\programdata\hp photo creations\messagecheck.exe"
+ "\HpWebReg.exe" "WebRegistrationApp" "Hewlett-Packard Co." "c:\program files\hp\hp deskjet 3050 j610 series\bin\hpwebreg.exe"
+ "\Microsoft\Windows Defender\MP Scheduled Scan" "Microsoft Malware Protection Command Line Utility" "Microsoft Corporation" "c:\program files\windows defender\mpcmdrun.exe"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe"
+ "\Norton Security Scan for susan" "" "" "File not found: C:\PROGRA~2\NORTON~2\Engine\371~1.4\Nss.exe"
+ "\SidebarExecute" "Windows Desktop Gadgets" "Microsoft Corporation" "c:\program files\windows sidebar\sidebar.exe"
+ "\{A8C79323-BB89-4B5B-B2C7-74FC3CFB33AF}" "Trend Micro Client Main Console" "Trend Micro Inc." "c:\program files\trend micro\titanium\uiframework\uiwinmgr.exe"
+ "\{E4BC9FC4-68D0-4A51-8C88-6B7BE8821BDA}" "Trend Micro Client Main Console" "Trend Micro Inc." "c:\program files\trend micro\titanium\uiframework\uiwinmgr.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "AdobeARMservice" "Adobe Acrobat Updater keeps your Adobe software up to date." "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe"
+ "Amsp" "Manages Trend Micro security modules" "Trend Micro Inc." "c:\program files\trend micro\amsp\coreserviceshell.exe"
+ "Apple Mobile Device" "Provides the interface to Apple mobile devices." "Apple Inc." "c:\program files (x86)\common files\apple\mobile device support\applemobiledeviceservice.exe"
+ "AVGIDSAgent" "Provides Identity Protection Against Cyber Crime." "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2013\avgidsagent.exe"
+ "avgwd" "AVG Watchdog Service" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2013\avgwdsvc.exe"
+ "Bonjour Service" "Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence." "Apple Inc." "c:\program files\bonjour\mdnsresponder.exe"
+ "BrYNSvc" "BrYNCSvc" "Brother Industries, Ltd." "c:\program files (x86)\browny02\brynsvc.exe"
+ "ePowerSvc" "Acer ePower Service" "Acer Incorporated" "c:\program files\acer\acer epower management\epowersvc.exe"
+ "Greg_Service" "Global Registration Service" "Acer Incorporated" "c:\program files (x86)\acer\registration\greghsrw.exe"
+ "gupdate" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "" "File not found: C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc"
+ "gupdatem" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "" "File not found: C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc"
+ "gusvc" "Google Updater keeps your Google software up to date. If Google Updater Service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work." "" "File not found: C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe"
+ "hpqcxs08" "HP CUE Context Manager Objects" "Hewlett-Packard Co." "c:\program files (x86)\hp\digital imaging\bin\hpqcxs08.dll"
+ "hpqddsvc" "This service detects and monitors CUE devices on the system." "Hewlett-Packard Co." "c:\program files (x86)\hp\digital imaging\bin\hpqddsvc.dll"
+ "IAANTMON" "RAID Monitor" "Intel Corporation" "c:\program files (x86)\intel\intel matrix storage manager\iaantmon.exe"
+ "iPod Service" "iPod hardware management services" "Apple Inc." "c:\program files\ipod\bin\ipodservice.exe"
+ "IviRegMgr" "InterVideo Register Manager" "InterVideo" "c:\program files (x86)\common files\intervideo\regmgr\iviregmgr.exe"
+ "LxrSII1s" "Secure II Service" "Lexar Media, Inc." "c:\windows\syswow64\lxrsii1s.exe"
+ "Net Driver HPZ12" "Dot4Net Module" "Hewlett-Packard" "c:\windows\system32\hpzinw12.dll"
+ "odserv" "Run portions of Microsoft Office Diagnostics." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\office12\odserv.exe"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\source engine\ose.exe"
+ "Pml Driver HPZ12" "PmlDrv Module" "Hewlett-Packard" "c:\windows\system32\hpzipm12.dll"
+ "PSI_SVC_2" "This service provides Protexis licensing functionalty." "Protexis Inc." "c:\program files (x86)\common files\protexis\license service\psiservice_2.exe"
+ "RS_Service" "Acer VCM Raw Socket Service" "Acer Incorporated" "c:\program files (x86)\acer\acer vcm\rs_service.exe"
+ "Updater Service" "Acer Update Service" "Acer" "c:\program files\acer\acer updater\updaterservice.exe"
+ "vToolbarUpdater13.2.0" "ToolbarU Application" "" "c:\program files (x86)\common files\avg secure search\vtoolbarupdater\13.2.0\toolbarupdater.exe"
+ "WDDMService" "Provides functionality for Western Digital disk drives." "WDC" "c:\program files\western digital\wd smartware\wd drive manager\wddmservice.exe"
+ "WDSmartWareBackgroundService" "Manages background tasks for WDSmartWare Applications" "Memeo" "c:\program files (x86)\western digital\wd smartware\front parlor\wdsmartwarebackgroundservice.exe"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver (X64)" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "athr" "Atheros Extensible Wireless LAN device driver" "Atheros Communications, Inc." "c:\windows\system32\drivers\athrx.sys"
+ "AVGIDSDriver" "AVG Technologies IDS Application Activity Monitor Driver" "AVG Technologies CZ, s.r.o. " "c:\windows\system32\drivers\avgidsdrivera.sys"
+ "AVGIDSHA" "AVG Technologies IDS Application Activity Monitor Helper Driver" "AVG Technologies CZ, s.r.o. " "c:\windows\system32\drivers\avgidsha.sys"
+ "Avgldx64" "AVG AVI Loader Driver" "AVG Technologies CZ, s.r.o." "c:\windows\system32\drivers\avgldx64.sys"
+ "Avgloga" "AVG Logging Driver" "AVG Technologies CZ, s.r.o." "c:\windows\system32\drivers\avgloga.sys"
+ "Avgmfx64" "AVG Resident Shield Minifilter Driver" "AVG Technologies CZ, s.r.o." "c:\windows\system32\drivers\avgmfx64.sys"
+ "Avgrkx64" "AVG Anti-Rootkit Driver" "AVG Technologies CZ, s.r.o." "c:\windows\system32\drivers\avgrkx64.sys"
+ "Avgtdia" "AVG Network connection watcher" "AVG Technologies CZ, s.r.o." "c:\windows\system32\drivers\avgtdia.sys"
+ "avgtp" "" "AVG Technologies" "c:\windows\system32\drivers\avgtpx64.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbda.sys"
+ "b57nd60a" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60a.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "CnxtHdAudService" "64-bit High Definition Audio Function Driver" "Conexant Systems Inc." "c:\windows\system32\drivers\chdrt64.sys"
+ "DKbFltr" "Dritek 64-bit PS/2 Keyboard Filter Driver" "Dritek System Inc." "c:\windows\syswow64\drivers\dkbfltr.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbda.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
+ "GEARAspiWDM" "CD DVD Filter" "GEAR Software Inc." "c:\windows\system32\drivers\gearaspiwdm.sys"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys"
+ "iaStor" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastor.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "igfx" "Intel Graphics Kernel Mode Driver" "Intel Corporation" "c:\windows\system32\drivers\igdkmd64.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "L1C" "Atheros L1c PCI-E Gigabit Ethernet Controller" "Atheros Communications, Inc." "c:\windows\system32\drivers\l1c62x64.sys"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys"
+ "LxrSII1d" "Secure II Driver" "Lexar Media, Inc." "c:\windows\system32\drivers\lxrsii1d.sys"
+ "massfilter" "ZTE CDROM Filter" "ZTE Incorporated" "c:\windows\system32\drivers\massfilter.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
+ "Netaapl" "Apple Mobile Device Ethernet" "Apple Inc." "c:\windows\system32\drivers\netaapl64.sys"
+ "netw5v64" "Intel® Wireless WiFi Link Driver" "Intel Corporation" "c:\windows\system32\drivers\netw5v64.sys"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
+ "RSUSBSTOR" "Realtek USB Mass Storage Driver for 2K/XP/Vista/Win7" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtsustor.sys"
+ "RTL8187B" "Realtek RTL8187B NDIS Driver" "Realtek Semiconductor Corporation " "c:\windows\system32\drivers\rtl8187b.sys"
+ "RtsUIR" "" "" "File not found: system32\DRIVERS\Rts516xIR.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
+ "stexstor" "Promise SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys"
+ "SynTP" "Synaptics Touchpad Driver" "Synaptics Incorporated" "c:\windows\system32\drivers\syntp.sys"
+ "tmactmon" "Trend Micro Activity Monitor Driver" "Trend Micro Inc." "c:\windows\system32\drivers\tmactmon.sys"
+ "tmcomm" "Trend Micro Common Engine Driver" "Trend Micro Inc." "c:\windows\system32\drivers\tmcomm.sys"
+ "tmevtmgr" "Trend Micro Event Manager Driver" "Trend Micro Inc." "c:\windows\system32\drivers\tmevtmgr.sys"
+ "tmlwf" "Trend Micro NDIS 6.0 Filter Driver" "Trend Micro Inc." "c:\windows\system32\drivers\tmlwf.sys"
+ "tmtdi" "Trend Micro TDI Driver (amd64-fre)" "Trend Micro Inc." "c:\windows\system32\drivers\tmtdi.sys"
+ "tmwfp" "Trend Micro WFP Callout Driver" "Trend Micro Inc." "c:\windows\system32\drivers\tmwfp.sys"
+ "USBAAPL64" "Apple Mobile Device USB Driver" "Apple, Inc." "c:\windows\system32\drivers\usbaapl64.sys"
+ "USBCCID" "" "" "File not found: system32\DRIVERS\RtsUCcid.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
+ "WDC_SAM" "Manages WD external storage products." "Western Digital Technologies" "c:\windows\system32\drivers\wdcsam64.sys"
+ "ZTEusbmdm6k" "USB Modem/Serial Device Driver" "ZTE Incorporated" "c:\windows\system32\drivers\zteusbmdm6k.sys"
+ "ZTEusbnet" "USB NDIS Miniport Driver" "ZTE Corporation" "c:\windows\system32\drivers\zteusbnet.sys"
+ "ZTEusbnmea" "USB Modem/Serial Device Driver" "ZTE Incorporated" "c:\windows\system32\drivers\zteusbnmea.sys"
+ "ZTEusbser6k" "USB Modem/Serial Device Driver" "ZTE Incorporated" "c:\windows\system32\drivers\zteusbser6k.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codeca.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\syswow64\iccvid.dll"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "Acer Screen Capture Filter" "Acer Screen Capture Filter" "Acer Incoporated" "c:\program files (x86)\acer\acer vcm\acerscreencap.dll"
+ "Acer Siren Decoding Filter" "Acer Siren Audio Decoding Filter" "Acer Incoporated" "c:\program files (x86)\acer\acer vcm\acersirendec.dll"
+ "Acer SirenEncoding Filter" "Acer Siren Audio Encoding Filter" "Acer Incoporated" "c:\program files (x86)\acer\acer vcm\acersirenenc.dll"
+ "Acer WMV9 Video Encoding Filter" "Acer WMV9 Video Encoding Filter" "Acer Incoporated" "c:\program files (x86)\acer\acer vcm\acerwmv9enc.dll"
+ "Capture File Writer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "InterVideo Audio Decoder" "IVIAUDIO LOGID.85053" "InterVideo Inc." "c:\program files (x86)\intervideo\common\bin\iviaudio.ax"
+ "InterVideo Video Decoder" "IVIVIDEO LOGID.85053" " InterVideo Inc." "c:\program files (x86)\intervideo\common\bin\ivivideo.ax"
+ "Record Queue" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "SlideShow" "" "" "File not found: C:\Program Files (x86)\NewTech Infosystems\NTI Media Maker 8\Photo Maker\SlideShow.ax"
+ "WM VIH2 Fix" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT DV Extract Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Sample Info Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Switch Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Renderer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Source" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMV9 Screen Encoding Filter" "Acer WMV9 Screen Encoding Filter" "Acer Incoporated" "c:\program files (x86)\acer\acer vcm\acerwmv9screenenc.dll"
"HKLM\System\CurrentControlSet\Control\Session Manager\BootExecute" "" "" ""
+ "C:\PROGRA~2\AVG\AVG2013\avgrsa.exe /sync /restart" "AVG Resident Shield Service" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2013\avgrsa.exe"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" "" "" ""
+ "igfxcui" "igfxdev Module" "Intel Corporation" "c:\windows\system32\igfxdev.dll"
"HKCU\Control Panel\Desktop\Scrnsave.exe" "" "" ""
+ "C:\Windows\System32\Acer.scr" "Screen Saver" "" "c:\windows\system32\acer.scr"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files (x86)\bonjour\mdnsnsp.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files\bonjour\mdnsnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "HP 9311 Status Monitor" "Print Status Language Monitor" "Hewlett-Packard Co." "c:\windows\system32\hpinksts9311lm.dll"
+ "HP Discovery Port Monitor (HP Deskjet 3050 J610 series)" "HP Discovery Port Monitor" "Hewlett-Packard Co." "c:\windows\system32\hpdiscopm9311.dll"
+ "hpf3l70v.dll" "LanguageMonitor" "Hewlett-Packard Company" "c:\windows\system32\hpf3l70v.dll"
+ "LIDIL hpzllw71" "LanguageMonitor" "Hewlett-Packard Corporation" "c:\windows\system32\hpzllw71.dll"
+ "PCL hpz3lwn7" "LanguageMonitor" "Hewlett-Packard Company" "c:\windows\system32\hpz3lwn7.dll"
"C:\Users\susan\AppData\Local\Microsoft\Windows Sidebar\Settings.ini" "" "" ""
+ "HP Photo Print" "Drag and drop photos to print." "Hewlett-Packard Corp" "C:\Users\susan\AppData\Local\Microsoft\Windows Sidebar\Gadgets\HPPhoto.gadget\Gadget.xml"

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:46 PM

Posted 01 December 2012 - 12:50 PM

Now run RKILL given in previous instructions and post the new log

Edited by narenxp, 01 December 2012 - 01:20 PM.


#9 Oneeyedsophie

Oneeyedsophie
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:10:46 AM

Posted 01 December 2012 - 01:09 PM

Rkill 2.4.5 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 12/02/2012 05:08:07 AM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* Windows Defender (WinDefend) is not Running.
Startup Type set to: Disabled

* Security Center (wscsvc) is not Running.
Startup Type set to: Disabled

* BITS [Missing Service]
* wuauserv [Missing Service]

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* No issues found.

Program finished at: 12/02/2012 05:08:18 AM
Execution time: 0 hours(s), 0 minute(s), and 11 seconds(s)

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:46 PM

Posted 01 December 2012 - 01:22 PM

Launch Autoruns and uncheck this entry

"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "iftsr" "" "" "File not found: C:\Users\susan\AppData\Roaming\iftsr.dll"

Run the services repair tool

http://kb.eset.com/library/ESET/KB%20Team%20Only/Malware/ServicesRepair.exe

Run Farbar service scanner again and post the new log

#11 Oneeyedsophie

Oneeyedsophie
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:10:46 AM

Posted 01 December 2012 - 01:52 PM

I cannot find that entry in autoruns.

"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms" "" "" ""
+ "rdpclip" "" "" "File not found: rdpclip"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Acer ePower Management" "ePowerTray" "Acer Incorporated" "c:\program files\acer\acer epower management\epowertray.exe"
+ "cAudioFilterAgent" "Conexant High Definition Audio Filter Agent" "Conexant Systems, Inc." "c:\program files\conexant\caudiofilteragent\caudiofilteragent64.exe"
+ "HotKeysCmds" "hkcmd Module" "Intel Corporation" "c:\windows\system32\hkcmd.exe"
+ "IAAnotif" "Event Monitor User Notification Tool" "Intel Corporation" "c:\program files (x86)\intel\intel matrix storage manager\iaanotif.exe"
+ "IgfxTray" "igfxTray Module" "Intel Corporation" "c:\windows\system32\igfxtray.exe"
+ "Persistence" "persistence Module" "Intel Corporation" "c:\windows\system32\igfxpers.exe"
+ "SynTPEnh" "Synaptics TouchPad Enhancements" "Synaptics Incorporated" "c:\program files\synaptics\syntp\syntpenh.exe"
+ "Trend Micro Client Framework" "Trend Micro Client Session Agent Monitor" "Trend Micro Inc." "c:\program files\trend micro\uniclient\uifrmwrk\uiwatchdog.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Adobe ARM" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe"
+ "AppleSyncNotifier" "AppleSyncNotifier" "Apple Inc." "c:\program files (x86)\common files\apple\mobile device support\applesyncnotifier.exe"
+ "APSDaemon" "Apple Push" "Apple Inc." "c:\program files (x86)\common files\apple\apple application support\apsdaemon.exe"
+ "AVG_UI" "AVG User Interface" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2013\avgui.exe"
+ "BigPondWirelessBroadbandCM" "Connection Manager" "Telstra" "c:\program files (x86)\telstra\bigpond wireless broadband\bigpond_cm.exe"
+ "BrStsMon00" "Brother Status Monitor Application" "Brother Industries, Ltd." "c:\program files (x86)\browny02\brother\brstmonw.exe"
+ "HP Software Update" "hpwuSchd Application" "Hewlett-Packard" "c:\program files (x86)\hp\hp software update\hpwuschd2.exe"
+ "iTunesHelper" "iTunesHelper" "Apple Inc." "c:\program files (x86)\itunes\ituneshelper.exe"
+ "LManager" "Launch Manager" "Dritek System Inc." "c:\program files (x86)\launch manager\lmanager.exe"
+ "QuickTime Task" "QuickTime Task" "Apple Inc." "c:\program files (x86)\quicktime\qttask.exe"
+ "ROC_ROC_NT" "" "" "File not found: C:\Program Files (x86)\AVG Secure Search\ROC_ROC_NT.exe"
+ "ROC_roc_ssl_v12" "" "" "File not found: C:\Program Files (x86)\AVG Secure Search\ROC_roc_ssl_v12.exe"
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "Acer VCM.lnk" "Acer VCM" "Acer Incorporated" "c:\program files (x86)\acer\acer vcm\acervcm.exe"
+ "HP Digital Imaging Monitor.lnk" "HP Digital Imaging Monitor" "Hewlett-Packard Co." "c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe"
+ "NETGEAR WG111v3 Smart Wizard.lnk" "" "" "File not found: C:\Program Files (x86)\NETGEAR\WG111v3\WG111v3.exe"
+ "WDDMStatus.lnk" "WD Drive Manager" "WDC" "c:\program files\western digital\wd smartware\wd drive manager\wddmstatus.exe"
+ "WDSmartWare.lnk" "WD SmartWare" "Western Digital" "c:\program files (x86)\western digital\wd smartware\front parlor\wdsmartware.exe"
"C:\Users\susan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "OneNote 2007 Screen Clipper and Launcher.lnk" "Microsoft Office OneNote Quick Launcher" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office12\onenotem.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files (x86)\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Global Registration" "Global Registration" "Acer Incorporated" "c:\program files (x86)\acer\registration\greg.exe"
+ "MobileDocuments" "" "" "File not found: C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe"
+ "msnmsgr" "Windows Live Messenger" "Microsoft Corporation" "c:\program files (x86)\windows live\messenger\msnmsgr.exe"
+ "NortonOnlineBackupReminder" "" "" "File not found: C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe"
+ "OE" "" "" "File not found: C:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe"
+ "Sidebar" "Windows Desktop Gadgets" "Microsoft Corporation" "c:\program files\windows sidebar\sidebar.exe"
+ "swg" "" "" "File not found: C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "text/xml" "Microsoft Office XML MIME Filter" "Microsoft Corporation" "c:\program files\common files\microsoft shared\office12\msoxmlmf.dll"
"HKLM\SOFTWARE\Classes\Protocols\Handler" "" "" ""
+ "tmbp" "Trend Micro Browser Plug-In (IE)" "Trend Micro Inc." "c:\program files\trend micro\amsp\module\20002\6.6.1010\6.6.1010\tmbpie64.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "AVG Shell Extension" "AVG Shell Extension" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2013\avgsea.dll"
+ "PhotoStreamsExt" "" "" "c:\program files\common files\apple\internet services\shellstreams64.dll"
+ "TmdshellExt Class" "Trend Micro Client Shell Extension" "Trend Micro Inc." "c:\program files\trend micro\uniclient\uifrmwrk\tmdshell.dll"
"HKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "AVG Shell Extension" "AVG Shell Extension" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2013\avgse.dll"
+ "PhotoStreamsExt" "ShellStreams.dll" "Apple Inc." "c:\program files (x86)\common files\apple\internet services\shellstreams.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll"
+ "igfxcui" "igfxpph Module" "Intel Corporation" "c:\windows\system32\igfxpph.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files (x86)\windows sidebar\sbdrop.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "AVG Shell Extension" "AVG Shell Extension" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2013\avgsea.dll"
+ "TmdshellExt Class" "Trend Micro Client Shell Extension" "Trend Micro Inc." "c:\program files\trend micro\uniclient\uifrmwrk\tmdshell.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "AVG Shell Extension" "AVG Shell Extension" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2013\avgse.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Google Toolbar Helper" "" "" "File not found: C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll"
+ "TmBpIeBHO Class" "Trend Micro Browser Plug-In (IE)" "Trend Micro Inc." "c:\program files\trend micro\amsp\module\20002\6.6.1010\6.6.1010\tmbpie64.dll"
+ "TmIEPlugInBHO Class" "Trend Micro NSC IE Plug-In" "Trend Micro Inc." "c:\program files\trend micro\amsp\module\20004\1.5.1505\6.6.1088\tmieplg.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "&Yahoo! Toolbar Helper" "" "" "File not found: C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll"
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "Google Toolbar Helper" "" "" "File not found: C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll"
+ "HP Print Enhancer" "HP Smart Web Printing add-on for Internet Explorer" "Hewlett-Packard Co." "c:\program files (x86)\hp\digital imaging\smart web printing\hpswp_printenhancer.dll"
+ "HP Smart BHO Class" "HP Smart Web Printing add-on for Internet Explorer" "Hewlett-Packard Co." "c:\program files (x86)\hp\digital imaging\smart web printing\hpswp_bho.dll"
+ "Java™ Plug-In 2 SSV Helper" "" "" "File not found: C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll"
+ "SingleInstance Class" "" "" "File not found: C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll"
+ "TmBpIeBHO Class" "Trend Micro Browser Plug-In (IE)" "Trend Micro Inc." "c:\program files\trend micro\amsp\module\20002\6.6.1010\6.6.1010\tmbpie32.dll"
+ "TmIEPlugInBHO Class" "Trend Micro NSC IE Plug-In" "Trend Micro Inc." "c:\program files\trend micro\amsp\module\20004\1.5.1505\6.6.1088\tmieplg32.dll"
+ "TSToolbarBHO" "Trend Micro TrendSecure" "Trend Micro Inc." "c:\program files\trend micro\titanium\uiframework\toolbarie.dll"
+ "Windows Live Sign-in Helper" "WindowsLiveLogin.dll" "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "Google Toolbar" "" "" "File not found: C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "Google Toolbar" "" "" "File not found: C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll"
+ "Trend Micro Toolbar" "Trend Micro TrendSecure" "Trend Micro Inc." "c:\program files\trend micro\titanium\uiframework\toolbarie.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "S&end to OneNote" "Microsoft Office OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office12\onbttnie.dll"
+ "Show or hide HP Smart Web Printing" "HP Smart Web Printing add-on for Internet Explorer" "Hewlett-Packard Co." "c:\program files (x86)\hp\digital imaging\smart web printing\hpswp_bho.dll"
"Task Scheduler" "" "" ""
+ "\Apple\AppleSoftwareUpdate" "Apple Software Update" "Apple Inc." "c:\program files (x86)\apple software update\softwareupdate.exe"
+ "\HP Photo Creations Communicator" "" "" "c:\programdata\hp photo creations\messagecheck.exe"
+ "\Microsoft\Windows Defender\MP Scheduled Scan" "Microsoft Malware Protection Command Line Utility" "Microsoft Corporation" "c:\program files\windows defender\mpcmdrun.exe"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe"
+ "\Norton Security Scan for susan" "" "" "File not found: C:\PROGRA~2\NORTON~2\Engine\371~1.4\Nss.exe"
+ "\SidebarExecute" "Windows Desktop Gadgets" "Microsoft Corporation" "c:\program files\windows sidebar\sidebar.exe"
+ "\{A8C79323-BB89-4B5B-B2C7-74FC3CFB33AF}" "Trend Micro Client Main Console" "Trend Micro Inc." "c:\program files\trend micro\titanium\uiframework\uiwinmgr.exe"
+ "\{E4BC9FC4-68D0-4A51-8C88-6B7BE8821BDA}" "Trend Micro Client Main Console" "Trend Micro Inc." "c:\program files\trend micro\titanium\uiframework\uiwinmgr.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "AdobeARMservice" "Adobe Acrobat Updater keeps your Adobe software up to date." "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe"
+ "Amsp" "Manages Trend Micro security modules" "Trend Micro Inc." "c:\program files\trend micro\amsp\coreserviceshell.exe"
+ "Apple Mobile Device" "Provides the interface to Apple mobile devices." "Apple Inc." "c:\program files (x86)\common files\apple\mobile device support\applemobiledeviceservice.exe"
+ "AVGIDSAgent" "Provides Identity Protection Against Cyber Crime." "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2013\avgidsagent.exe"
+ "avgwd" "AVG Watchdog Service" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2013\avgwdsvc.exe"
+ "Bonjour Service" "Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence." "Apple Inc." "c:\program files\bonjour\mdnsresponder.exe"
+ "BrYNSvc" "BrYNCSvc" "Brother Industries, Ltd." "c:\program files (x86)\browny02\brynsvc.exe"
+ "ePowerSvc" "Acer ePower Service" "Acer Incorporated" "c:\program files\acer\acer epower management\epowersvc.exe"
+ "Greg_Service" "Global Registration Service" "Acer Incorporated" "c:\program files (x86)\acer\registration\greghsrw.exe"
+ "gupdate" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "" "File not found: C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc"
+ "gupdatem" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "" "File not found: C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc"
+ "gusvc" "Google Updater keeps your Google software up to date. If Google Updater Service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work." "" "File not found: C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe"
+ "hpqcxs08" "HP CUE Context Manager Objects" "Hewlett-Packard Co." "c:\program files (x86)\hp\digital imaging\bin\hpqcxs08.dll"
+ "hpqddsvc" "This service detects and monitors CUE devices on the system." "Hewlett-Packard Co." "c:\program files (x86)\hp\digital imaging\bin\hpqddsvc.dll"
+ "IAANTMON" "RAID Monitor" "Intel Corporation" "c:\program files (x86)\intel\intel matrix storage manager\iaantmon.exe"
+ "iPod Service" "iPod hardware management services" "Apple Inc." "c:\program files\ipod\bin\ipodservice.exe"
+ "IviRegMgr" "InterVideo Register Manager" "InterVideo" "c:\program files (x86)\common files\intervideo\regmgr\iviregmgr.exe"
+ "LxrSII1s" "Secure II Service" "Lexar Media, Inc." "c:\windows\syswow64\lxrsii1s.exe"
+ "Net Driver HPZ12" "Dot4Net Module" "Hewlett-Packard" "c:\windows\system32\hpzinw12.dll"
+ "odserv" "Run portions of Microsoft Office Diagnostics." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\office12\odserv.exe"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\source engine\ose.exe"
+ "Pml Driver HPZ12" "PmlDrv Module" "Hewlett-Packard" "c:\windows\system32\hpzipm12.dll"
+ "PSI_SVC_2" "This service provides Protexis licensing functionalty." "Protexis Inc." "c:\program files (x86)\common files\protexis\license service\psiservice_2.exe"
+ "RS_Service" "Acer VCM Raw Socket Service" "Acer Incorporated" "c:\program files (x86)\acer\acer vcm\rs_service.exe"
+ "Updater Service" "Acer Update Service" "Acer" "c:\program files\acer\acer updater\updaterservice.exe"
+ "vToolbarUpdater13.2.0" "ToolbarU Application" "" "c:\program files (x86)\common files\avg secure search\vtoolbarupdater\13.2.0\toolbarupdater.exe"
+ "WDDMService" "Provides functionality for Western Digital disk drives." "WDC" "c:\program files\western digital\wd smartware\wd drive manager\wddmservice.exe"
+ "WDSmartWareBackgroundService" "Manages background tasks for WDSmartWare Applications" "Memeo" "c:\program files (x86)\western digital\wd smartware\front parlor\wdsmartwarebackgroundservice.exe"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver (X64)" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "athr" "Atheros Extensible Wireless LAN device driver" "Atheros Communications, Inc." "c:\windows\system32\drivers\athrx.sys"
+ "AVGIDSDriver" "AVG Technologies IDS Application Activity Monitor Driver" "AVG Technologies CZ, s.r.o. " "c:\windows\system32\drivers\avgidsdrivera.sys"
+ "AVGIDSHA" "AVG Technologies IDS Application Activity Monitor Helper Driver" "AVG Technologies CZ, s.r.o. " "c:\windows\system32\drivers\avgidsha.sys"
+ "Avgldx64" "AVG AVI Loader Driver" "AVG Technologies CZ, s.r.o." "c:\windows\system32\drivers\avgldx64.sys"
+ "Avgloga" "AVG Logging Driver" "AVG Technologies CZ, s.r.o." "c:\windows\system32\drivers\avgloga.sys"
+ "Avgmfx64" "AVG Resident Shield Minifilter Driver" "AVG Technologies CZ, s.r.o." "c:\windows\system32\drivers\avgmfx64.sys"
+ "Avgrkx64" "AVG Anti-Rootkit Driver" "AVG Technologies CZ, s.r.o." "c:\windows\system32\drivers\avgrkx64.sys"
+ "Avgtdia" "AVG Network connection watcher" "AVG Technologies CZ, s.r.o." "c:\windows\system32\drivers\avgtdia.sys"
+ "avgtp" "" "AVG Technologies" "c:\windows\system32\drivers\avgtpx64.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbda.sys"
+ "b57nd60a" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60a.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "CnxtHdAudService" "64-bit High Definition Audio Function Driver" "Conexant Systems Inc." "c:\windows\system32\drivers\chdrt64.sys"
+ "DKbFltr" "Dritek 64-bit PS/2 Keyboard Filter Driver" "Dritek System Inc." "c:\windows\syswow64\drivers\dkbfltr.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbda.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
+ "GEARAspiWDM" "CD DVD Filter" "GEAR Software Inc." "c:\windows\system32\drivers\gearaspiwdm.sys"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys"
+ "iaStor" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastor.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "igfx" "Intel Graphics Kernel Mode Driver" "Intel Corporation" "c:\windows\system32\drivers\igdkmd64.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "L1C" "Atheros L1c PCI-E Gigabit Ethernet Controller" "Atheros Communications, Inc." "c:\windows\system32\drivers\l1c62x64.sys"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys"
+ "LxrSII1d" "Secure II Driver" "Lexar Media, Inc." "c:\windows\system32\drivers\lxrsii1d.sys"
+ "massfilter" "ZTE CDROM Filter" "ZTE Incorporated" "c:\windows\system32\drivers\massfilter.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
+ "Netaapl" "Apple Mobile Device Ethernet" "Apple Inc." "c:\windows\system32\drivers\netaapl64.sys"
+ "netw5v64" "Intel® Wireless WiFi Link Driver" "Intel Corporation" "c:\windows\system32\drivers\netw5v64.sys"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
+ "RSUSBSTOR" "Realtek USB Mass Storage Driver for 2K/XP/Vista/Win7" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtsustor.sys"
+ "RTL8187B" "Realtek RTL8187B NDIS Driver" "Realtek Semiconductor Corporation " "c:\windows\system32\drivers\rtl8187b.sys"
+ "RtsUIR" "" "" "File not found: system32\DRIVERS\Rts516xIR.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
+ "stexstor" "Promise SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys"
+ "SynTP" "Synaptics Touchpad Driver" "Synaptics Incorporated" "c:\windows\system32\drivers\syntp.sys"
+ "tmactmon" "Trend Micro Activity Monitor Driver" "Trend Micro Inc." "c:\windows\system32\drivers\tmactmon.sys"
+ "tmcomm" "Trend Micro Common Engine Driver" "Trend Micro Inc." "c:\windows\system32\drivers\tmcomm.sys"
+ "tmevtmgr" "Trend Micro Event Manager Driver" "Trend Micro Inc." "c:\windows\system32\drivers\tmevtmgr.sys"
+ "tmlwf" "Trend Micro NDIS 6.0 Filter Driver" "Trend Micro Inc." "c:\windows\system32\drivers\tmlwf.sys"
+ "tmtdi" "Trend Micro TDI Driver (amd64-fre)" "Trend Micro Inc." "c:\windows\system32\drivers\tmtdi.sys"
+ "tmwfp" "Trend Micro WFP Callout Driver" "Trend Micro Inc." "c:\windows\system32\drivers\tmwfp.sys"
+ "USBAAPL64" "Apple Mobile Device USB Driver" "Apple, Inc." "c:\windows\system32\drivers\usbaapl64.sys"
+ "USBCCID" "" "" "File not found: system32\DRIVERS\RtsUCcid.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
+ "WDC_SAM" "Manages WD external storage products." "Western Digital Technologies" "c:\windows\system32\drivers\wdcsam64.sys"
+ "ZTEusbmdm6k" "USB Modem/Serial Device Driver" "ZTE Incorporated" "c:\windows\system32\drivers\zteusbmdm6k.sys"
+ "ZTEusbnet" "USB NDIS Miniport Driver" "ZTE Corporation" "c:\windows\system32\drivers\zteusbnet.sys"
+ "ZTEusbnmea" "USB Modem/Serial Device Driver" "ZTE Incorporated" "c:\windows\system32\drivers\zteusbnmea.sys"
+ "ZTEusbser6k" "USB Modem/Serial Device Driver" "ZTE Incorporated" "c:\windows\system32\drivers\zteusbser6k.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codeca.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\syswow64\iccvid.dll"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "Acer Screen Capture Filter" "Acer Screen Capture Filter" "Acer Incoporated" "c:\program files (x86)\acer\acer vcm\acerscreencap.dll"
+ "Acer Siren Decoding Filter" "Acer Siren Audio Decoding Filter" "Acer Incoporated" "c:\program files (x86)\acer\acer vcm\acersirendec.dll"
+ "Acer SirenEncoding Filter" "Acer Siren Audio Encoding Filter" "Acer Incoporated" "c:\program files (x86)\acer\acer vcm\acersirenenc.dll"
+ "Acer WMV9 Video Encoding Filter" "Acer WMV9 Video Encoding Filter" "Acer Incoporated" "c:\program files (x86)\acer\acer vcm\acerwmv9enc.dll"
+ "Capture File Writer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "InterVideo Audio Decoder" "IVIAUDIO LOGID.85053" "InterVideo Inc." "c:\program files (x86)\intervideo\common\bin\iviaudio.ax"
+ "InterVideo Video Decoder" "IVIVIDEO LOGID.85053" " InterVideo Inc." "c:\program files (x86)\intervideo\common\bin\ivivideo.ax"
+ "Record Queue" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "SlideShow" "" "" "File not found: C:\Program Files (x86)\NewTech Infosystems\NTI Media Maker 8\Photo Maker\SlideShow.ax"
+ "WM VIH2 Fix" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT DV Extract Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Sample Info Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Switch Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Renderer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Source" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMV9 Screen Encoding Filter" "Acer WMV9 Screen Encoding Filter" "Acer Incoporated" "c:\program files (x86)\acer\acer vcm\acerwmv9screenenc.dll"
"HKLM\System\CurrentControlSet\Control\Session Manager\BootExecute" "" "" ""
+ "C:\PROGRA~2\AVG\AVG2013\avgrsa.exe /sync /restart" "AVG Resident Shield Service" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2013\avgrsa.exe"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" "" "" ""
+ "igfxcui" "igfxdev Module" "Intel Corporation" "c:\windows\system32\igfxdev.dll"
"HKCU\Control Panel\Desktop\Scrnsave.exe" "" "" ""
+ "C:\Windows\System32\Acer.scr" "Screen Saver" "" "c:\windows\system32\acer.scr"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files (x86)\bonjour\mdnsnsp.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files\bonjour\mdnsnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "HP 9311 Status Monitor" "Print Status Language Monitor" "Hewlett-Packard Co." "c:\windows\system32\hpinksts9311lm.dll"
+ "HP Discovery Port Monitor (HP Deskjet 3050 J610 series)" "HP Discovery Port Monitor" "Hewlett-Packard Co." "c:\windows\system32\hpdiscopm9311.dll"
+ "hpf3l70v.dll" "LanguageMonitor" "Hewlett-Packard Company" "c:\windows\system32\hpf3l70v.dll"
+ "LIDIL hpzllw71" "LanguageMonitor" "Hewlett-Packard Corporation" "c:\windows\system32\hpzllw71.dll"
+ "PCL hpz3lwn7" "LanguageMonitor" "Hewlett-Packard Company" "c:\windows\system32\hpz3lwn7.dll"
"C:\Users\susan\AppData\Local\Microsoft\Windows Sidebar\Settings.ini" "" "" ""
+ "HP Photo Print" "Drag and drop photos to print." "Hewlett-Packard Corp" "C:\Users\susan\AppData\Local\Microsoft\Windows Sidebar\Gadgets\HPPhoto.gadget\Gadget.xml"

#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:46 PM

Posted 01 December 2012 - 02:08 PM

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

#13 Oneeyedsophie

Oneeyedsophie
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:10:46 AM

Posted 01 December 2012 - 02:13 PM

Farbar Service Scanner Version: 01-12-2012 02
Ran by susan (administrator) on 02-12-2012 at 06:12:03
Running from "C:\Users\susan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KY9U2M0L"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============

Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

#14 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:46 PM

Posted 01 December 2012 - 02:14 PM

That looks good

Remove temporary and junk files

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode


Create a new restore point

Follow this guide to turn off and turn on your restore points

XP- http://support.microsoft.com/kb/310405

Vista & windows 7- http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Turn off your system restore-It deletes old infected restore points

Turn on system restore and create a new restore point

Update JAVA and Flash player

Uninstall old version of java from control panel-Add or remove programs.Download the latest version from here

http://java.com/en/

Update your flash player

Antivirus recommendations

Update your antivirus frequently.Two free antivirus that i would suggest are

Microsoft security essentials or Avast.You can select either one of them.

If you have a paid one,make sure to update it frequently.Do not use multiple security softwares.

Informative guides that could prevent you from being infected again

How did I get infected?

http://www.bleepingcomputer.com/forums/topic2520.html

Best Practices for Safe Computing - Prevention of Malware Infection

http://www.bleepingcomputer.com/forums/topic407147.html

Simple and easy ways to keep your computer safe and secure on the Internet

http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/

Safe surfing :)

#15 Oneeyedsophie

Oneeyedsophie
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:10:46 AM

Posted 01 December 2012 - 03:10 PM

ok thank you. I guess that means I don't have an infected computer anymore but I just tried and still can't delete trend micro or java. trend micro says its running through another open program so I can't delete it and java says error 1723 in remove programs.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users