Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

medfos.b - gone???


  • Please log in to reply
18 replies to this topic

#1 theNimrod

theNimrod

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:02:42 AM

Posted 02 January 2013 - 11:13 AM

Hello - new to this site, thank you for any help in advance.

Was working on my laptop last night...MSE popped up telling me that it had identified a threat and was dealing with it. I'd barely had a chance to read the entire MSE pop-up before SYSTEM PROGRESSIVE PROTECTION popped up on my screen, did a 'scan', told me I needed to update my definitions, and locked down every other application, including task manager.

I rebooted in safe mode, ran malwarebytes, and rebooted again. The SYSTEM PROGRESSIVE PROTECTION seemed to be gone, but MSE was still telling me it was taking care of a threat. I also now noticed in the task manager that there was an internet explorer running (I use firefox) with some ad website title - although I could not see it on my task bar and could not stop the process. I opened MSE up and found that it was quarantining a bunch of 'medfos.b' trojans. I removed them but they kept coming - always quarantined by MSE. Malwarebytes couldn't seem to make a dent in this thing, so I restored Windows to a restore point created earlier in the week.

Since the restore, all traces of the problems I was having are gone. No extra IE process running, no trojans being quarantined by MSE, etc. Only thing I would say is that it's maybe (maybe?) taking a second or two longer to boot than I expect and the icons on my task bar show up as blank paper icons for a second or two when I boot up. It's possible that this was always the case and I'm just watching more closely now, but I don't know.

Bottom line, I've always been very careful with my computers and don't have much experience with virus/malware removal, so I'm a little paranoid here. My question is: how can I be sure that the threat has been eliminated? Also, for my information, how does this particular infection take hold? I was doing nothing but use excel and spotify yesterday. Finally, is there more that I should be doing to protect myself from threats like these? As stated, I use MSE, Windows firewall, consistently create restore points, and keep Windows updated.

Thanks again for any help you can provide!


Mod Edit: Moved to Am I Infected forum ~~boopme

Edited by boopme, 02 January 2013 - 12:43 PM.


BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,489 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:42 AM

Posted 02 January 2013 - 03:54 PM

Hello, boot into Safe Mode with Networking

Next run RKILL and then update and re run MBAm

Please download Rkill by Grinler and save it to your desktop.Link 1
Link 2
  • Double-click on the Rkill desktop icon to run the tool.
  • If using Vista, right-click on it and Run As Administrator.
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the one provided in Link 2.
  • If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
  • If the tool does not run from any of the links provided, please let me know.
Do not reboot the computer, you will need to run the application again.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 theNimrod

theNimrod
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:02:42 AM

Posted 02 January 2013 - 08:19 PM

Thanks for the feedback. I ran both RKill and MBAm without issue, and both reports looked clean. Reports are pasted below. Will await further instruction.

Thanks again.

-----------------------------------------------------------------
Rkill 2.4.5 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 01/02/2013 06:16:45 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* Explorer Policy Removed: NoActiveDesktopChanges [HKLM]

Backup Registry file created at:
C:\Users\LAS_ANS\Desktop\rkill\rkill-01-02-2013-06-16-47.reg

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* COM+ Event System (EventSystem) is not Running.
Startup Type set to: Automatic

* Security Center (wscsvc) is not Running.
Startup Type set to: Automatic (Delayed Start)

* Windows Update (wuauserv) is not Running.
Startup Type set to: Automatic (Delayed Start)

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* No issues found.

Program finished at: 01/02/2013 06:16:56 PM
Execution time: 0 hours(s), 0 minute(s), and 11 seconds(s)
-----------------------------------------------------------------

Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Database version: v2013.01.02.10

Windows 7 Service Pack 1 x64 NTFS (Safe Mode/Networking)
Internet Explorer 9.0.8112.16421
LAS_ANS :: STEFANSKIULTRA [administrator]

1/2/2013 6:22:00 PM
mbam-log-2013-01-02 (18-22-00).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 342955
Time elapsed: 31 minute(s), 51 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,489 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:42 AM

Posted 02 January 2013 - 11:42 PM

Looks good ,if you still have the icon type issue at start then...
I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image
      icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.

NOTE:Sometimes if ESET finds no infections it will not create a log.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 theNimrod

theNimrod
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:02:42 AM

Posted 03 January 2013 - 07:42 AM

Ran ESET, two items were found and deleted. Log text is pasted below. Thank you again for the help, I will await further instructions.

-------------------------------------------------------------------------------

C:\Users\LAS_ANS\AppData\Local\Temp\PostalReceipt.zip Win32/TrojanDownloader.Zortob.B trojan deleted - quarantined

C:\Users\LAS_ANS\AppData\Roaming\Mozilla\Firefox\Profiles\tr65q03g.default\extensions\{5a562532-dbb7-4e76-9dab-d0b2417c76ed}.xpi JS/Redirector.NCL trojan deleted - quarantined

#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,489 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:42 AM

Posted 03 January 2013 - 10:14 AM

OK< this was good. Run MSE and see if its clear now.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 theNimrod

theNimrod
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:02:42 AM

Posted 04 January 2013 - 12:01 AM

Apologies for the delay. I ran a scan with MSE and it found no threats. Real time protection is also not identifying anything to quarantine.

Normal operation of the computer seems normal. Boot time still seems a little slow, and the taskbar icons are still blank paper while the wireless signal is acquired. However, like I said before, it's certainly possible that I'm just watching more closely than I ever have before.

Thank you once again for all the help. If you are still suspicious that something malicious is causing the perceived boot delay, I am more than willing to keep trying anything you can offer and will await further instructions.

If not, please let me know if there are any other preventative measures I can be taking to protect from future infections like this one. As mentioned above, I use MSE, regularly update windows, run MSE scans weekly, and create restore points consistently.

#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,489 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:42 AM

Posted 04 January 2013 - 11:35 AM

Hell,this came as a ZIP attachment and is a trojan that tries to steal passwords and files from your computer. The spammed message may look like a failure delivery notice or an airline e-ticket, for example:see
http://www.microsoft.com/security/portal/threat/encyclopedia/entry.aspx?Name=TrojanDownloader%3AWin32%2FKuluoz!zip ..

Hence passwords should be changed.




Due to it's nature please run these

Please Download TDSSkiller
Launch it.
Click on change parameters-Select TDLFS file system
Click on "Scan".
Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results.


Please download aswMBR ( 4.5MB ) to your desktop.
  • Double click the aswMBR.exe icon, and click Run.
  • When asked if you'd like to "download the latest Avast! virus definitions", click Yes.
  • Click the Scan button to start the scan.
  • On completion of the scan, click the save log button, save it to your desktop, then copy and paste it in your next reply.


Now a system look..
MiniToolBox
Please download MiniToolBox, save it to your desktop and run it.Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.

Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run. Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 theNimrod

theNimrod
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:02:42 AM

Posted 04 January 2013 - 12:11 PM

Do I need to continue to run these items in Safe Mode with Networking?

Also, I will be out of town today and tomorrow away from the infected computer. I will execute these steps on Sunday morning (1/6) and report back. Please do not delete the thread.

Thanks!

#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,489 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:42 AM

Posted 04 January 2013 - 01:29 PM

These can be done in normal mode.

We'l keep a light on for ya!!
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#11 theNimrod

theNimrod
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:02:42 AM

Posted 06 January 2013 - 10:46 AM

All three applications finished, logs below. Thank you once again, I will await further instructions.

-----------------------------------------------------------------------------------
TDSSKiller.2.8.15.0_06.01.2013_09.05.09_log.txt


09:05:09.0156 5008 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
09:05:09.0468 5008 ============================================================
09:05:09.0468 5008 Current date / time: 2013/01/06 09:05:09.0468
09:05:09.0468 5008 SystemInfo:
09:05:09.0468 5008
09:05:09.0468 5008 OS Version: 6.1.7601 ServicePack: 1.0
09:05:09.0468 5008 Product type: Workstation
09:05:09.0468 5008 ComputerName: STEFANSKIULTRA
09:05:09.0468 5008 UserName: LAS_ANS
09:05:09.0468 5008 Windows directory: C:\Windows
09:05:09.0468 5008 System windows directory: C:\Windows
09:05:09.0468 5008 Running under WOW64
09:05:09.0468 5008 Processor architecture: Intel x64
09:05:09.0468 5008 Number of processors: 4
09:05:09.0468 5008 Page size: 0x1000
09:05:09.0468 5008 Boot type: Normal boot
09:05:09.0468 5008 ============================================================
09:05:10.0217 5008 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:05:10.0233 5008 Drive \Device\Harddisk1\DR1 - Size: 0x4A8F86000 (18.64 Gb), SectorSize: 0x200, Cylinders: 0x981, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:05:10.0233 5008 ============================================================
09:05:10.0233 5008 \Device\Harddisk0\DR0:
09:05:10.0233 5008 MBR partitions:
09:05:10.0233 5008 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2100800, BlocksNum 0x32000
09:05:10.0233 5008 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2132800, BlocksNum 0x38253000
09:05:10.0233 5008 \Device\Harddisk1\DR1:
09:05:10.0233 5008 MBR partitions:
09:05:10.0233 5008 ============================================================
09:05:10.0248 5008 C: <-> \Device\Harddisk0\DR0\Partition2
09:05:10.0248 5008 ============================================================
09:05:10.0248 5008 Initialize success
09:05:10.0248 5008 ============================================================
09:05:39.0826 3804 ============================================================
09:05:39.0826 3804 Scan started
09:05:39.0826 3804 Mode: Manual; TDLFS;
09:05:39.0826 3804 ============================================================
09:05:39.0966 3804 ================ Scan system memory ========================
09:05:39.0966 3804 System memory - ok
09:05:39.0966 3804 ================ Scan services =============================
09:05:40.0075 3804 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
09:05:40.0075 3804 1394ohci - ok
09:05:40.0091 3804 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
09:05:40.0107 3804 ACPI - ok
09:05:40.0122 3804 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
09:05:40.0122 3804 AcpiPmi - ok
09:05:40.0216 3804 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
09:05:40.0216 3804 AdobeARMservice - ok
09:05:40.0294 3804 [ 95CE557D16A75606CCC2D7F3B0B0BCCB ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
09:05:40.0294 3804 AdobeFlashPlayerUpdateSvc - ok
09:05:40.0325 3804 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
09:05:40.0341 3804 adp94xx - ok
09:05:40.0356 3804 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
09:05:40.0356 3804 adpahci - ok
09:05:40.0387 3804 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
09:05:40.0387 3804 adpu320 - ok
09:05:40.0419 3804 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
09:05:40.0419 3804 AeLookupSvc - ok
09:05:40.0450 3804 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
09:05:40.0450 3804 AFD - ok
09:05:40.0465 3804 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
09:05:40.0465 3804 agp440 - ok
09:05:40.0497 3804 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
09:05:40.0497 3804 ALG - ok
09:05:40.0512 3804 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
09:05:40.0512 3804 aliide - ok
09:05:40.0512 3804 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
09:05:40.0512 3804 amdide - ok
09:05:40.0528 3804 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
09:05:40.0543 3804 AmdK8 - ok
09:05:40.0543 3804 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
09:05:40.0543 3804 AmdPPM - ok
09:05:40.0559 3804 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
09:05:40.0559 3804 amdsata - ok
09:05:40.0575 3804 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
09:05:40.0575 3804 amdsbs - ok
09:05:40.0606 3804 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
09:05:40.0606 3804 amdxata - ok
09:05:40.0621 3804 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
09:05:40.0621 3804 AppID - ok
09:05:40.0637 3804 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
09:05:40.0637 3804 AppIDSvc - ok
09:05:40.0653 3804 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
09:05:40.0653 3804 Appinfo - ok
09:05:40.0731 3804 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
09:05:40.0731 3804 Apple Mobile Device - ok
09:05:40.0746 3804 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
09:05:40.0746 3804 arc - ok
09:05:40.0762 3804 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
09:05:40.0762 3804 arcsas - ok
09:05:40.0793 3804 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
09:05:40.0793 3804 AsyncMac - ok
09:05:40.0824 3804 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
09:05:40.0824 3804 atapi - ok
09:05:40.0855 3804 [ BCC09E0B0362741D0C084828A1B950F3 ] AthBTPort C:\Windows\system32\DRIVERS\btath_flt.sys
09:05:40.0855 3804 AthBTPort - ok
09:05:40.0902 3804 [ 762C54CA7C201643C7184056CE4A53F5 ] AtherosSvc C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
09:05:40.0902 3804 AtherosSvc - ok
09:05:40.0965 3804 [ 4EF8D5C1C0A02A9D1C2C465BA730EE69 ] athr C:\Windows\system32\DRIVERS\athrx.sys
09:05:40.0980 3804 athr - ok
09:05:41.0011 3804 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
09:05:41.0027 3804 AudioEndpointBuilder - ok
09:05:41.0027 3804 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
09:05:41.0043 3804 AudioSrv - ok
09:05:41.0058 3804 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
09:05:41.0074 3804 AxInstSV - ok
09:05:41.0105 3804 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
09:05:41.0105 3804 b06bdrv - ok
09:05:41.0152 3804 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
09:05:41.0152 3804 b57nd60a - ok
09:05:41.0152 3804 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
09:05:41.0152 3804 BDESVC - ok
09:05:41.0167 3804 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
09:05:41.0167 3804 Beep - ok
09:05:41.0199 3804 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
09:05:41.0214 3804 BFE - ok
09:05:41.0245 3804 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
09:05:41.0245 3804 BITS - ok
09:05:41.0277 3804 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
09:05:41.0277 3804 blbdrive - ok
09:05:41.0370 3804 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
09:05:41.0370 3804 Bonjour Service - ok
09:05:41.0386 3804 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
09:05:41.0386 3804 bowser - ok
09:05:41.0401 3804 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
09:05:41.0401 3804 BrFiltLo - ok
09:05:41.0417 3804 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
09:05:41.0417 3804 BrFiltUp - ok
09:05:41.0448 3804 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
09:05:41.0448 3804 Browser - ok
09:05:41.0464 3804 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
09:05:41.0464 3804 Brserid - ok
09:05:41.0479 3804 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
09:05:41.0479 3804 BrSerWdm - ok
09:05:41.0479 3804 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
09:05:41.0479 3804 BrUsbMdm - ok
09:05:41.0495 3804 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
09:05:41.0495 3804 BrUsbSer - ok
09:05:41.0526 3804 [ 9455A8F85BE24514E50AFE90D4C976DB ] BTATH_A2DP C:\Windows\system32\drivers\btath_a2dp.sys
09:05:41.0542 3804 BTATH_A2DP - ok
09:05:41.0542 3804 [ 2D27F7A831657D63AFC78E5E78DCA83F ] btath_avdt C:\Windows\system32\drivers\btath_avdt.sys
09:05:41.0542 3804 btath_avdt - ok
09:05:41.0589 3804 [ E6B734A37ADE36FE1A77035F4E484C8C ] BTATH_BUS C:\Windows\system32\DRIVERS\btath_bus.sys
09:05:41.0589 3804 BTATH_BUS - ok
09:05:41.0604 3804 [ FB3833E63FF602B69C2FF085846DCF43 ] BTATH_HCRP C:\Windows\system32\DRIVERS\btath_hcrp.sys
09:05:41.0604 3804 BTATH_HCRP - ok
09:05:41.0604 3804 [ 371A11C1333BA526263A987A93ACDE3D ] BTATH_LWFLT C:\Windows\system32\DRIVERS\btath_lwflt.sys
09:05:41.0620 3804 BTATH_LWFLT - ok
09:05:41.0635 3804 [ ABCD3C16CA850A7594CEB9AD5D966810 ] BTATH_RCP C:\Windows\system32\DRIVERS\btath_rcp.sys
09:05:41.0635 3804 BTATH_RCP - ok
09:05:41.0682 3804 [ EA92CE309DD24F489FDB149847AE6835 ] BtFilter C:\Windows\system32\DRIVERS\btfilter.sys
09:05:41.0682 3804 BtFilter - ok
09:05:41.0713 3804 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
09:05:41.0713 3804 BthEnum - ok
09:05:41.0729 3804 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
09:05:41.0729 3804 BTHMODEM - ok
09:05:41.0760 3804 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
09:05:41.0760 3804 BthPan - ok
09:05:41.0776 3804 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
09:05:41.0791 3804 BTHPORT - ok
09:05:41.0823 3804 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
09:05:41.0823 3804 bthserv - ok
09:05:41.0838 3804 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
09:05:41.0838 3804 BTHUSB - ok
09:05:41.0869 3804 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
09:05:41.0869 3804 cdfs - ok
09:05:41.0885 3804 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
09:05:41.0901 3804 cdrom - ok
09:05:41.0901 3804 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
09:05:41.0901 3804 CertPropSvc - ok
09:05:41.0932 3804 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
09:05:41.0932 3804 circlass - ok
09:05:41.0947 3804 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
09:05:41.0963 3804 CLFS - ok
09:05:41.0994 3804 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:05:41.0994 3804 clr_optimization_v2.0.50727_32 - ok
09:05:42.0010 3804 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
09:05:42.0010 3804 clr_optimization_v2.0.50727_64 - ok
09:05:42.0072 3804 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:05:42.0072 3804 clr_optimization_v4.0.30319_32 - ok
09:05:42.0119 3804 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
09:05:42.0119 3804 clr_optimization_v4.0.30319_64 - ok
09:05:42.0135 3804 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
09:05:42.0135 3804 CmBatt - ok
09:05:42.0166 3804 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
09:05:42.0181 3804 cmdide - ok
09:05:42.0228 3804 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys
09:05:42.0228 3804 CNG - ok
09:05:42.0228 3804 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
09:05:42.0228 3804 Compbatt - ok
09:05:42.0228 3804 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
09:05:42.0244 3804 CompositeBus - ok
09:05:42.0259 3804 COMSysApp - ok
09:05:42.0306 3804 [ 2EF1B96EF990B70F13D260F324E4AFA8 ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
09:05:42.0306 3804 cphs - ok
09:05:42.0322 3804 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
09:05:42.0322 3804 crcdisk - ok
09:05:42.0337 3804 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
09:05:42.0337 3804 CryptSvc - ok
09:05:42.0369 3804 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
09:05:42.0369 3804 DcomLaunch - ok
09:05:42.0384 3804 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
09:05:42.0400 3804 defragsvc - ok
09:05:42.0400 3804 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
09:05:42.0400 3804 DfsC - ok
09:05:42.0431 3804 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
09:05:42.0431 3804 Dhcp - ok
09:05:42.0447 3804 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
09:05:42.0447 3804 discache - ok
09:05:42.0478 3804 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
09:05:42.0478 3804 Disk - ok
09:05:42.0509 3804 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
09:05:42.0509 3804 Dnscache - ok
09:05:42.0525 3804 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
09:05:42.0525 3804 dot3svc - ok
09:05:42.0556 3804 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
09:05:42.0556 3804 DPS - ok
09:05:42.0587 3804 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
09:05:42.0587 3804 drmkaud - ok
09:05:42.0649 3804 [ C02FF01B821FBB72104132E56EC5B881 ] DsiWMIService C:\Program Files (x86)\Launch Manager\dsiwmis.exe
09:05:42.0727 3804 DsiWMIService - ok
09:05:42.0759 3804 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
09:05:42.0759 3804 DXGKrnl - ok
09:05:42.0774 3804 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
09:05:42.0774 3804 EapHost - ok
09:05:42.0837 3804 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
09:05:42.0899 3804 ebdrv - ok
09:05:42.0930 3804 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
09:05:42.0930 3804 EFS - ok
09:05:42.0977 3804 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
09:05:42.0993 3804 ehRecvr - ok
09:05:43.0008 3804 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
09:05:43.0008 3804 ehSched - ok
09:05:43.0039 3804 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
09:05:43.0055 3804 elxstor - ok
09:05:43.0102 3804 [ 76B978AD795A7E71C48390B000F6023F ] ePowerSvc C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
09:05:43.0117 3804 ePowerSvc - ok
09:05:43.0149 3804 [ 757305C7AD34222F4A46D86FE0BEE241 ] EpsonCustomerParticipation C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
09:05:43.0149 3804 EpsonCustomerParticipation - ok
09:05:43.0164 3804 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
09:05:43.0164 3804 ErrDev - ok
09:05:43.0211 3804 [ D4E81658884AF5BA88CDBD150E5EC476 ] ETD C:\Windows\system32\DRIVERS\ETD.sys
09:05:43.0211 3804 ETD - ok
09:05:43.0242 3804 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
09:05:43.0258 3804 EventSystem - ok
09:05:43.0289 3804 [ 6BAF341D52620412302BB05D6126EADB ] excfs C:\Windows\system32\DRIVERS\excfs.sys
09:05:43.0289 3804 excfs - ok
09:05:43.0289 3804 [ 9E871D746BEC9943F8D4BB172DB59D18 ] excsd C:\Windows\system32\DRIVERS\excsd.sys
09:05:43.0289 3804 excsd - ok
09:05:43.0305 3804 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
09:05:43.0305 3804 exfat - ok
09:05:43.0336 3804 [ 268D08F7C45522DBB35F410E809AB65E ] ExpressCache C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe
09:05:43.0351 3804 ExpressCache - ok
09:05:43.0351 3804 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
09:05:43.0351 3804 fastfat - ok
09:05:43.0383 3804 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
09:05:43.0398 3804 Fax - ok
09:05:43.0429 3804 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
09:05:43.0445 3804 fdc - ok
09:05:43.0476 3804 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
09:05:43.0476 3804 fdPHost - ok
09:05:43.0492 3804 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
09:05:43.0492 3804 FDResPub - ok
09:05:43.0523 3804 [ E4BB551E0848822B4564DF128CF492C6 ] FFSOpzSvc C:\Program Files\Sleep Memory Optimizer\FFSService.exe
09:05:43.0539 3804 FFSOpzSvc - ok
09:05:43.0539 3804 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
09:05:43.0539 3804 FileInfo - ok
09:05:43.0554 3804 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
09:05:43.0554 3804 Filetrace - ok
09:05:43.0617 3804 [ BB0667B0171B632B97EA759515476F07 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
09:05:43.0617 3804 FLEXnet Licensing Service - ok
09:05:43.0632 3804 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
09:05:43.0632 3804 flpydisk - ok
09:05:43.0648 3804 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
09:05:43.0648 3804 FltMgr - ok
09:05:43.0695 3804 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
09:05:43.0710 3804 FontCache - ok
09:05:43.0773 3804 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
09:05:43.0773 3804 FontCache3.0.0.0 - ok
09:05:43.0788 3804 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
09:05:43.0788 3804 FsDepends - ok
09:05:43.0804 3804 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
09:05:43.0819 3804 Fs_Rec - ok
09:05:43.0851 3804 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
09:05:43.0851 3804 fvevol - ok
09:05:43.0882 3804 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
09:05:43.0882 3804 gagp30kx - ok
09:05:43.0929 3804 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
09:05:43.0929 3804 GamesAppService - ok
09:05:43.0975 3804 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
09:05:43.0975 3804 GEARAspiWDM - ok
09:05:43.0991 3804 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
09:05:44.0007 3804 gpsvc - ok
09:05:44.0053 3804 [ 32096F187020A54D29C95B3A1467D963 ] GREGService C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
09:05:44.0053 3804 GREGService - ok
09:05:44.0069 3804 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
09:05:44.0069 3804 hcw85cir - ok
09:05:44.0100 3804 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
09:05:44.0100 3804 HdAudAddService - ok
09:05:44.0116 3804 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
09:05:44.0116 3804 HDAudBus - ok
09:05:44.0116 3804 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
09:05:44.0131 3804 HidBatt - ok
09:05:44.0131 3804 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
09:05:44.0131 3804 HidBth - ok
09:05:44.0163 3804 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
09:05:44.0163 3804 HidIr - ok
09:05:44.0178 3804 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
09:05:44.0178 3804 hidserv - ok
09:05:44.0209 3804 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
09:05:44.0350 3804 HidUsb - ok
09:05:44.0350 3804 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
09:05:44.0350 3804 hkmsvc - ok
09:05:44.0381 3804 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
09:05:44.0397 3804 HomeGroupListener - ok
09:05:44.0412 3804 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
09:05:44.0428 3804 HomeGroupProvider - ok
09:05:44.0443 3804 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
09:05:44.0443 3804 HpSAMD - ok
09:05:44.0443 3804 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
09:05:44.0459 3804 HTTP - ok
09:05:44.0475 3804 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
09:05:44.0475 3804 hwpolicy - ok
09:05:44.0475 3804 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
09:05:44.0475 3804 i8042prt - ok
09:05:44.0506 3804 [ D1753C06EE17E29352B065EACF3F10D0 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
09:05:44.0506 3804 iaStor - ok
09:05:44.0553 3804 [ 545462D0DBE24AF379BA869B7C185CCD ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
09:05:44.0553 3804 IAStorDataMgrSvc - ok
09:05:44.0568 3804 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
09:05:44.0568 3804 iaStorV - ok
09:05:44.0615 3804 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
09:05:44.0631 3804 idsvc - ok
09:05:44.0911 3804 [ 3FB253E8059A1AAC3A8B83A31D094CC5 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
09:05:44.0989 3804 igfx - ok
09:05:45.0036 3804 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
09:05:45.0036 3804 iirsp - ok
09:05:45.0067 3804 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
09:05:45.0083 3804 IKEEXT - ok
09:05:45.0161 3804 [ D20E649D87193BBCEE5CB0EAB75F96A4 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
09:05:45.0192 3804 IntcAzAudAddService - ok
09:05:45.0208 3804 [ 6C9FFFECA9FED31347D211C5D1FFBD2D ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
09:05:45.0223 3804 IntcDAud - ok
09:05:45.0255 3804 [ 832CE330DD987227B7DEA8C03F22AEFA ] Intel® Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
09:05:46.0050 3804 Intel® Capability Licensing Service Interface - ok
09:05:46.0081 3804 [ 5A8C154DE7DDEE8ADA3375CC76C4351F ] Intel® ME Service C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
09:05:46.0081 3804 Intel® ME Service - ok
09:05:46.0113 3804 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
09:05:46.0113 3804 intelide - ok
09:05:46.0128 3804 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
09:05:46.0144 3804 intelppm - ok
09:05:46.0175 3804 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
09:05:46.0175 3804 IPBusEnum - ok
09:05:46.0191 3804 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:05:46.0191 3804 IpFilterDriver - ok
09:05:46.0206 3804 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
09:05:46.0222 3804 iphlpsvc - ok
09:05:46.0222 3804 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
09:05:46.0237 3804 IPMIDRV - ok
09:05:46.0237 3804 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
09:05:46.0253 3804 IPNAT - ok
09:05:46.0300 3804 [ 0F261EC4F514926177C70C1832374231 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
09:05:46.0315 3804 iPod Service - ok
09:05:46.0315 3804 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
09:05:46.0315 3804 IRENUM - ok
09:05:46.0347 3804 [ 6DC22BDAA595BE00F19696E72F2F3312 ] irstrtdv C:\Windows\system32\DRIVERS\irstrtdv.sys
09:05:46.0347 3804 irstrtdv - ok
09:05:46.0362 3804 [ 49869B871F6DB76021D0E9B5DF1CC2CB ] irstrtsv C:\Windows\SysWOW64\irstrtsv.exe
09:05:46.0362 3804 irstrtsv - ok
09:05:46.0362 3804 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
09:05:46.0362 3804 isapnp - ok
09:05:46.0378 3804 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
09:05:46.0393 3804 iScsiPrt - ok
09:05:46.0456 3804 [ 846354992EBB373F452EB9182D501B08 ] iusb3hcs C:\Windows\system32\DRIVERS\iusb3hcs.sys
09:05:46.0456 3804 iusb3hcs - ok
09:05:46.0471 3804 [ 1D88A23853387D34D52CC8F9DDBFC56C ] iusb3hub C:\Windows\system32\DRIVERS\iusb3hub.sys
09:05:46.0471 3804 iusb3hub - ok
09:05:46.0503 3804 [ FC5EFD7C797DF19DFB999F0605A7924E ] iusb3xhc C:\Windows\system32\DRIVERS\iusb3xhc.sys
09:05:46.0503 3804 iusb3xhc - ok
09:05:46.0518 3804 [ 13E838EA8652F8451F29301D3B56B17B ] jhi_service C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
09:05:46.0518 3804 jhi_service - ok
09:05:46.0534 3804 [ F163BB6827F41D61594EFD5E6C00AD4A ] k57nd60a C:\Windows\system32\DRIVERS\k57nd60a.sys
09:05:46.0534 3804 k57nd60a - ok
09:05:46.0565 3804 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
09:05:46.0581 3804 kbdclass - ok
09:05:46.0612 3804 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
09:05:46.0627 3804 kbdhid - ok
09:05:46.0643 3804 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
09:05:46.0643 3804 KeyIso - ok
09:05:46.0659 3804 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
09:05:46.0659 3804 KSecDD - ok
09:05:46.0721 3804 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
09:05:46.0721 3804 KSecPkg - ok
09:05:46.0737 3804 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
09:05:46.0737 3804 ksthunk - ok
09:05:46.0752 3804 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
09:05:46.0752 3804 KtmRm - ok
09:05:46.0815 3804 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
09:05:46.0815 3804 LanmanServer - ok
09:05:46.0815 3804 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
09:05:46.0815 3804 LanmanWorkstation - ok
09:05:46.0924 3804 [ 88E52495B47C67126B510AF53FDB0BC7 ] LBTServ C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
09:05:46.0924 3804 LBTServ - ok
09:05:46.0955 3804 [ BECBD7CD46776B8739EE18061F45A581 ] LEqdUsb C:\Windows\system32\DRIVERS\LEqdUsb.Sys
09:05:46.0955 3804 LEqdUsb - ok
09:05:46.0971 3804 [ 21D6BD7D62C270059EB8E2B1D4095880 ] LHidEqd C:\Windows\system32\DRIVERS\LHidEqd.Sys
09:05:46.0971 3804 LHidEqd - ok
09:05:46.0971 3804 [ B6552D382FF070B4ED34CBD6737277C0 ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys
09:05:46.0986 3804 LHidFilt - ok
09:05:47.0017 3804 [ 6BB516A31DE232DAB436FF3A117E1E80 ] Live Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
09:05:47.0033 3804 Live Updater Service - ok
09:05:47.0064 3804 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
09:05:47.0064 3804 lltdio - ok
09:05:47.0080 3804 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
09:05:47.0080 3804 lltdsvc - ok
09:05:47.0095 3804 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
09:05:47.0095 3804 lmhosts - ok
09:05:47.0111 3804 [ 73C1F563AB73D459DFFE682D66476558 ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys
09:05:47.0111 3804 LMouFilt - ok
09:05:47.0158 3804 [ BD9457699AC9C1A0FE43398043617279 ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
09:05:47.0158 3804 LMS - ok
09:05:47.0189 3804 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
09:05:47.0189 3804 LSI_FC - ok
09:05:47.0189 3804 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
09:05:47.0205 3804 LSI_SAS - ok
09:05:47.0205 3804 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
09:05:47.0205 3804 LSI_SAS2 - ok
09:05:47.0220 3804 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
09:05:47.0220 3804 LSI_SCSI - ok
09:05:47.0251 3804 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
09:05:47.0251 3804 luafv - ok
09:05:47.0267 3804 McAfee SiteAdvisor Service - ok
09:05:47.0283 3804 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
09:05:47.0283 3804 Mcx2Svc - ok
09:05:47.0314 3804 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
09:05:47.0314 3804 megasas - ok
09:05:47.0314 3804 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
09:05:47.0329 3804 MegaSR - ok
09:05:47.0376 3804 [ 772A1DEEDFDBC244183B5C805D1B7D85 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
09:05:47.0392 3804 MEIx64 - ok
09:05:47.0392 3804 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
09:05:47.0392 3804 MMCSS - ok
09:05:47.0423 3804 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
09:05:47.0423 3804 Modem - ok
09:05:47.0439 3804 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
09:05:47.0439 3804 monitor - ok
09:05:47.0454 3804 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
09:05:47.0470 3804 mouclass - ok
09:05:47.0485 3804 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
09:05:47.0485 3804 mouhid - ok
09:05:47.0501 3804 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
09:05:47.0501 3804 mountmgr - ok
09:05:47.0532 3804 [ 8C7336950F1E69CDFD811CBBD9CF00A2 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
09:05:47.0532 3804 MozillaMaintenance - ok
09:05:47.0563 3804 [ 05BF204EC0E82CC4A054DB189C8A3D84 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
09:05:47.0563 3804 MpFilter - ok
09:05:47.0579 3804 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
09:05:47.0579 3804 mpio - ok
09:05:47.0595 3804 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
09:05:47.0595 3804 mpsdrv - ok
09:05:47.0626 3804 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
09:05:47.0626 3804 MpsSvc - ok
09:05:47.0641 3804 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
09:05:47.0657 3804 MRxDAV - ok
09:05:47.0657 3804 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
09:05:47.0657 3804 mrxsmb - ok
09:05:47.0673 3804 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:05:47.0673 3804 mrxsmb10 - ok
09:05:47.0673 3804 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:05:47.0673 3804 mrxsmb20 - ok
09:05:47.0704 3804 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
09:05:47.0704 3804 msahci - ok
09:05:47.0704 3804 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
09:05:47.0704 3804 msdsm - ok
09:05:47.0719 3804 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
09:05:47.0735 3804 MSDTC - ok
09:05:47.0735 3804 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
09:05:47.0735 3804 Msfs - ok
09:05:47.0751 3804 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
09:05:47.0751 3804 mshidkmdf - ok
09:05:47.0751 3804 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
09:05:47.0751 3804 msisadrv - ok
09:05:47.0797 3804 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
09:05:47.0797 3804 MSiSCSI - ok
09:05:47.0797 3804 msiserver - ok
09:05:47.0813 3804 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
09:05:47.0813 3804 MSKSSRV - ok
09:05:47.0875 3804 [ CC8E4F72F21340A4D3A3D4DB50313EF5 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
09:05:47.0875 3804 MsMpSvc - ok
09:05:47.0891 3804 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
09:05:47.0891 3804 MSPCLOCK - ok
09:05:47.0891 3804 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
09:05:47.0891 3804 MSPQM - ok
09:05:47.0907 3804 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
09:05:47.0922 3804 MsRPC - ok
09:05:47.0938 3804 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
09:05:47.0938 3804 mssmbios - ok
09:05:47.0953 3804 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
09:05:47.0953 3804 MSTEE - ok
09:05:47.0953 3804 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
09:05:47.0953 3804 MTConfig - ok
09:05:47.0969 3804 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
09:05:47.0969 3804 Mup - ok
09:05:47.0985 3804 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
09:05:48.0000 3804 napagent - ok
09:05:48.0031 3804 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
09:05:48.0031 3804 NativeWifiP - ok
09:05:48.0078 3804 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
09:05:48.0078 3804 NDIS - ok
09:05:48.0094 3804 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
09:05:48.0094 3804 NdisCap - ok
09:05:48.0125 3804 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
09:05:48.0125 3804 NdisTapi - ok
09:05:48.0141 3804 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
09:05:48.0141 3804 Ndisuio - ok
09:05:48.0141 3804 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
09:05:48.0141 3804 NdisWan - ok
09:05:48.0156 3804 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
09:05:48.0156 3804 NDProxy - ok
09:05:48.0172 3804 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
09:05:48.0172 3804 NetBIOS - ok
09:05:48.0187 3804 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
09:05:48.0187 3804 NetBT - ok
09:05:48.0187 3804 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
09:05:48.0203 3804 Netlogon - ok
09:05:48.0234 3804 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
09:05:48.0234 3804 Netman - ok
09:05:48.0234 3804 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
09:05:48.0250 3804 netprofm - ok
09:05:48.0265 3804 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
09:05:48.0265 3804 NetTcpPortSharing - ok
09:05:48.0297 3804 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
09:05:48.0297 3804 nfrd960 - ok
09:05:48.0328 3804 [ 5FF89F20317309D28AC1EDEB0CD1BA72 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
09:05:48.0328 3804 NisDrv - ok
09:05:48.0375 3804 [ 79E80B10FE8F6662E0C9162A68C43444 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
09:05:48.0375 3804 NisSrv - ok
09:05:48.0406 3804 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
09:05:48.0406 3804 NlaSvc - ok
09:05:48.0421 3804 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
09:05:48.0421 3804 Npfs - ok
09:05:48.0421 3804 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
09:05:48.0437 3804 nsi - ok
09:05:48.0437 3804 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
09:05:48.0437 3804 nsiproxy - ok
09:05:48.0484 3804 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
09:05:48.0499 3804 Ntfs - ok
09:05:48.0531 3804 [ D27A4546417ED7C4AEA7B3420D4F1F50 ] NTI IScheduleSvc C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
09:05:48.0593 3804 NTI IScheduleSvc - ok
09:05:48.0609 3804 [ EE3BA1024594D5D09E314F206B94069E ] NTIDrvr C:\Windows\system32\drivers\NTIDrvr.sys
09:05:48.0609 3804 NTIDrvr - ok
09:05:48.0609 3804 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
09:05:48.0624 3804 Null - ok
09:05:48.0843 3804 [ 5104BAC2DA2A5BDD86AC6B0708B00F06 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
09:05:48.0921 3804 nvlddmkm - ok
09:05:48.0936 3804 [ 918841B2454F4F2BD94479692079490B ] nvpciflt C:\Windows\system32\DRIVERS\nvpciflt.sys
09:05:48.0936 3804 nvpciflt - ok
09:05:48.0952 3804 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
09:05:48.0952 3804 nvraid - ok
09:05:48.0967 3804 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
09:05:48.0967 3804 nvstor - ok
09:05:49.0014 3804 [ DDFAFCE89A5C93D04712B86F94E9FCBA ] nvsvc C:\Windows\system32\nvvsvc.exe
09:05:49.0030 3804 nvsvc - ok
09:05:49.0108 3804 [ 84E035225474E48CD3A6A3CE52332095 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
09:05:49.0123 3804 nvUpdatusService - ok
09:05:49.0139 3804 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
09:05:49.0139 3804 nv_agp - ok
09:05:49.0170 3804 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
09:05:49.0170 3804 ohci1394 - ok
09:05:49.0233 3804 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:05:49.0248 3804 ose - ok
09:05:49.0342 3804 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
09:05:49.0404 3804 osppsvc - ok
09:05:49.0420 3804 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
09:05:49.0435 3804 p2pimsvc - ok
09:05:49.0435 3804 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
09:05:49.0435 3804 p2psvc - ok
09:05:49.0467 3804 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
09:05:49.0467 3804 Parport - ok
09:05:49.0482 3804 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
09:05:49.0482 3804 partmgr - ok
09:05:49.0498 3804 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
09:05:49.0498 3804 PcaSvc - ok
09:05:49.0498 3804 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
09:05:49.0513 3804 pci - ok
09:05:49.0513 3804 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
09:05:49.0513 3804 pciide - ok
09:05:49.0529 3804 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
09:05:49.0529 3804 pcmcia - ok
09:05:49.0529 3804 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
09:05:49.0529 3804 pcw - ok
09:05:49.0560 3804 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
09:05:49.0560 3804 PEAUTH - ok
09:05:49.0576 3804 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
09:05:49.0576 3804 PerfHost - ok
09:05:49.0607 3804 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
09:05:49.0623 3804 pla - ok
09:05:49.0654 3804 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
09:05:49.0669 3804 PlugPlay - ok
09:05:49.0669 3804 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
09:05:49.0669 3804 PNRPAutoReg - ok
09:05:49.0685 3804 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
09:05:49.0701 3804 PNRPsvc - ok
09:05:49.0716 3804 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
09:05:49.0732 3804 PolicyAgent - ok
09:05:49.0732 3804 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
09:05:49.0732 3804 Power - ok
09:05:49.0779 3804 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
09:05:49.0779 3804 PptpMiniport - ok
09:05:49.0794 3804 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
09:05:49.0810 3804 Processor - ok
09:05:49.0825 3804 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
09:05:49.0825 3804 ProfSvc - ok
09:05:49.0841 3804 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
09:05:49.0841 3804 ProtectedStorage - ok
09:05:49.0857 3804 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
09:05:49.0857 3804 Psched - ok
09:05:49.0888 3804 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
09:05:49.0935 3804 ql2300 - ok
09:05:49.0935 3804 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
09:05:49.0935 3804 ql40xx - ok
09:05:49.0950 3804 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
09:05:49.0966 3804 QWAVE - ok
09:05:49.0966 3804 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
09:05:49.0966 3804 QWAVEdrv - ok
09:05:49.0981 3804 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
09:05:49.0981 3804 RasAcd - ok
09:05:50.0013 3804 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
09:05:50.0013 3804 RasAgileVpn - ok
09:05:50.0013 3804 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
09:05:50.0013 3804 RasAuto - ok
09:05:50.0028 3804 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
09:05:50.0028 3804 Rasl2tp - ok
09:05:50.0028 3804 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
09:05:50.0028 3804 RasMan - ok
09:05:50.0044 3804 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
09:05:50.0044 3804 RasPppoe - ok
09:05:50.0044 3804 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
09:05:50.0044 3804 RasSstp - ok
09:05:50.0059 3804 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
09:05:50.0075 3804 rdbss - ok
09:05:50.0075 3804 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
09:05:50.0075 3804 rdpbus - ok
09:05:50.0091 3804 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
09:05:50.0091 3804 RDPCDD - ok
09:05:50.0106 3804 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
09:05:50.0106 3804 RDPENCDD - ok
09:05:50.0122 3804 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
09:05:50.0122 3804 RDPREFMP - ok
09:05:50.0184 3804 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
09:05:50.0184 3804 RdpVideoMiniport - ok
09:05:50.0200 3804 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
09:05:50.0215 3804 RDPWD - ok
09:05:50.0231 3804 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
09:05:50.0247 3804 rdyboost - ok
09:05:50.0262 3804 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
09:05:50.0262 3804 RemoteAccess - ok
09:05:50.0278 3804 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
09:05:50.0278 3804 RemoteRegistry - ok
09:05:50.0309 3804 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
09:05:50.0325 3804 RFCOMM - ok
09:05:50.0325 3804 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
09:05:50.0325 3804 RpcEptMapper - ok
09:05:50.0325 3804 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
09:05:50.0325 3804 RpcLocator - ok
09:05:50.0356 3804 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
09:05:50.0356 3804 RpcSs - ok
09:05:50.0387 3804 [ E909662BF3CED6B79F2239DDA75BC6A4 ] RSPCIESTOR C:\Windows\system32\DRIVERS\RtsPStor.sys
09:05:50.0387 3804 RSPCIESTOR - ok
09:05:50.0403 3804 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
09:05:50.0403 3804 rspndr - ok
09:05:50.0434 3804 [ 7CB9F0FDD730F4A4ECF6CDE15EA12E8A ] RS_Service C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
09:05:50.0449 3804 RS_Service - ok
09:05:50.0465 3804 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
09:05:50.0465 3804 SamSs - ok
09:05:50.0465 3804 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
09:05:50.0481 3804 sbp2port - ok
09:05:50.0496 3804 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
09:05:50.0496 3804 SCardSvr - ok
09:05:50.0496 3804 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
09:05:50.0496 3804 scfilter - ok
09:05:50.0512 3804 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
09:05:50.0527 3804 Schedule - ok
09:05:50.0559 3804 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
09:05:50.0559 3804 SCPolicySvc - ok
09:05:50.0590 3804 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
09:05:50.0590 3804 sdbus - ok
09:05:50.0590 3804 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
09:05:50.0605 3804 SDRSVC - ok
09:05:50.0621 3804 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
09:05:50.0621 3804 secdrv - ok
09:05:50.0637 3804 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
09:05:50.0637 3804 seclogon - ok
09:05:50.0637 3804 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
09:05:50.0637 3804 SENS - ok
09:05:50.0652 3804 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
09:05:50.0652 3804 SensrSvc - ok
09:05:50.0668 3804 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
09:05:50.0668 3804 Serenum - ok
09:05:50.0683 3804 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
09:05:50.0683 3804 Serial - ok
09:05:50.0699 3804 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
09:05:50.0699 3804 sermouse - ok
09:05:50.0699 3804 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
09:05:50.0699 3804 SessionEnv - ok
09:05:50.0715 3804 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
09:05:50.0730 3804 sffdisk - ok
09:05:50.0730 3804 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
09:05:50.0746 3804 sffp_mmc - ok
09:05:50.0746 3804 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
09:05:50.0761 3804 sffp_sd - ok
09:05:50.0777 3804 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
09:05:50.0777 3804 sfloppy - ok
09:05:50.0793 3804 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
09:05:50.0793 3804 SharedAccess - ok
09:05:50.0824 3804 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
09:05:50.0824 3804 ShellHWDetection - ok
09:05:50.0855 3804 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
09:05:50.0855 3804 SiSRaid2 - ok
09:05:50.0871 3804 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
09:05:50.0871 3804 SiSRaid4 - ok
09:05:50.0917 3804 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
09:05:50.0917 3804 SkypeUpdate - ok
09:05:50.0949 3804 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
09:05:50.0949 3804 Smb - ok
09:05:50.0995 3804 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
09:05:50.0995 3804 SNMPTRAP - ok
09:05:50.0995 3804 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
09:05:50.0995 3804 spldr - ok
09:05:51.0011 3804 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
09:05:51.0027 3804 Spooler - ok
09:05:51.0089 3804 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
09:05:51.0120 3804 sppsvc - ok
09:05:51.0120 3804 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
09:05:51.0120 3804 sppuinotify - ok
09:05:51.0136 3804 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
09:05:51.0136 3804 srv - ok
09:05:51.0151 3804 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
09:05:51.0151 3804 srv2 - ok
09:05:51.0167 3804 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
09:05:51.0167 3804 srvnet - ok
09:05:51.0183 3804 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
09:05:51.0183 3804 SSDPSRV - ok
09:05:51.0198 3804 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
09:05:51.0214 3804 SstpSvc - ok
09:05:51.0214 3804 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
09:05:51.0261 3804 stexstor - ok
09:05:51.0276 3804 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
09:05:51.0292 3804 stisvc - ok
09:05:51.0307 3804 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
09:05:51.0307 3804 swenum - ok
09:05:51.0307 3804 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
09:05:51.0323 3804 swprv - ok
09:05:51.0370 3804 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
09:05:51.0385 3804 SysMain - ok
09:05:51.0417 3804 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
09:05:51.0417 3804 TabletInputService - ok
09:05:51.0417 3804 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
09:05:51.0417 3804 TapiSrv - ok
09:05:51.0432 3804 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
09:05:51.0432 3804 TBS - ok
09:05:51.0495 3804 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
09:05:51.0541 3804 Tcpip - ok
09:05:51.0573 3804 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
09:05:51.0588 3804 TCPIP6 - ok
09:05:51.0604 3804 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
09:05:51.0604 3804 tcpipreg - ok
09:05:51.0619 3804 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
09:05:51.0619 3804 TDPIPE - ok
09:05:51.0619 3804 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
09:05:51.0619 3804 TDTCP - ok
09:05:51.0635 3804 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
09:05:51.0635 3804 tdx - ok
09:05:51.0651 3804 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
09:05:51.0651 3804 TermDD - ok
09:05:51.0666 3804 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
09:05:51.0682 3804 TermService - ok
09:05:51.0682 3804 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
09:05:51.0682 3804 Themes - ok
09:05:51.0697 3804 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
09:05:51.0697 3804 THREADORDER - ok
09:05:51.0713 3804 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
09:05:51.0713 3804 TrkWks - ok
09:05:51.0744 3804 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
09:05:51.0744 3804 TrustedInstaller - ok
09:05:51.0744 3804 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
09:05:51.0744 3804 tssecsrv - ok
09:05:51.0791 3804 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
09:05:51.0791 3804 TsUsbFlt - ok
09:05:51.0822 3804 [ AD64450A4ABE076F5CB34CC08EEACB07 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
09:05:51.0822 3804 TsUsbGD - ok
09:05:51.0869 3804 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
09:05:51.0869 3804 tunnel - ok
09:05:51.0900 3804 [ FD24F98D2898BE093FE926604BE7DB99 ] TurboB C:\Windows\system32\DRIVERS\TurboB.sys
09:05:51.0900 3804 TurboB - ok
09:05:51.0947 3804 [ 600B406A04D90F577FEA8A88D7379F08 ] TurboBoost C:\Program Files\Intel\TurboBoost\TurboBoost.exe
09:05:51.0963 3804 TurboBoost - ok
09:05:51.0963 3804 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
09:05:51.0978 3804 uagp35 - ok
09:05:51.0994 3804 [ A17D5E1A6DF4EAB0A480F2C490DE4C9D ] UBHelper C:\Windows\system32\drivers\UBHelper.sys
09:05:51.0994 3804 UBHelper - ok
09:05:52.0009 3804 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
09:05:52.0025 3804 udfs - ok
09:05:52.0041 3804 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
09:05:52.0041 3804 UI0Detect - ok
09:05:52.0056 3804 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
09:05:52.0056 3804 uliagpkx - ok
09:05:52.0087 3804 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
09:05:52.0087 3804 umbus - ok
09:05:52.0103 3804 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
09:05:52.0103 3804 UmPass - ok
09:05:52.0150 3804 [ F76057596EF65049869098677AB72C30 ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
09:05:52.0165 3804 UNS - ok
09:05:52.0165 3804 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
09:05:52.0165 3804 upnphost - ok
09:05:52.0243 3804 [ 43228F8EDD1B0BCDD3145AD246E63D39 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
09:05:52.0243 3804 USBAAPL64 - ok
09:05:52.0259 3804 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
09:05:52.0275 3804 usbccgp - ok
09:05:52.0290 3804 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
09:05:52.0290 3804 usbcir - ok
09:05:52.0306 3804 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
09:05:52.0306 3804 usbehci - ok
09:05:52.0337 3804 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\drivers\usbhub.sys
09:05:52.0337 3804 usbhub - ok
09:05:52.0353 3804 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
09:05:52.0353 3804 usbohci - ok
09:05:52.0353 3804 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys
09:05:52.0353 3804 usbprint - ok
09:05:52.0368 3804 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
09:05:52.0368 3804 USBSTOR - ok
09:05:52.0384 3804 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
09:05:52.0384 3804 usbuhci - ok
09:05:52.0399 3804 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
09:05:52.0415 3804 usbvideo - ok
09:05:52.0462 3804 [ D49641B30C07C7C57D4436FDBAD9FE1D ] USecuAppSvc C:\Program Files\Acer\Acer Theft Shield\USecuAppSvc.exe
09:05:52.0462 3804 USecuAppSvc - ok
09:05:52.0493 3804 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
09:05:52.0493 3804 UxSms - ok
09:05:52.0493 3804 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
09:05:52.0509 3804 VaultSvc - ok
09:05:52.0524 3804 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
09:05:52.0524 3804 vdrvroot - ok
09:05:52.0555 3804 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
09:05:52.0555 3804 vds - ok
09:05:52.0571 3804 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
09:05:52.0587 3804 vga - ok
09:05:52.0602 3804 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
09:05:52.0602 3804 VgaSave - ok
09:05:52.0602 3804 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
09:05:52.0618 3804 vhdmp - ok
09:05:52.0633 3804 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
09:05:52.0633 3804 viaide - ok
09:05:52.0633 3804 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
09:05:52.0633 3804 volmgr - ok
09:05:52.0649 3804 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
09:05:52.0649 3804 volmgrx - ok
09:05:52.0649 3804 [ DF8126BD41180351A093A3AD2FC8903B ] volsnap C:\Windows\system32\drivers\volsnap.sys
09:05:52.0665 3804 volsnap - ok
09:05:52.0696 3804 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
09:05:52.0696 3804 vsmraid - ok
09:05:52.0727 3804 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
09:05:52.0743 3804 VSS - ok
09:05:52.0758 3804 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
09:05:52.0774 3804 vwifibus - ok
09:05:52.0789 3804 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
09:05:52.0789 3804 vwififlt - ok
09:05:52.0836 3804 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
09:05:52.0836 3804 vwifimp - ok
09:05:52.0836 3804 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
09:05:52.0852 3804 W32Time - ok
09:05:52.0867 3804 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
09:05:52.0899 3804 WacomPen - ok
09:05:52.0914 3804 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
09:05:52.0914 3804 WANARP - ok
09:05:52.0930 3804 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
09:05:52.0930 3804 Wanarpv6 - ok
09:05:53.0039 3804 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
09:05:53.0055 3804 WatAdminSvc - ok
09:05:53.0101 3804 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
09:05:53.0133 3804 wbengine - ok
09:05:53.0133 3804 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
09:05:53.0148 3804 WbioSrvc - ok
09:05:53.0148 3804 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
09:05:53.0148 3804 wcncsvc - ok
09:05:53.0164 3804 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
09:05:53.0164 3804 WcsPlugInService - ok
09:05:53.0164 3804 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
09:05:53.0164 3804 Wd - ok
09:05:53.0211 3804 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
09:05:53.0211 3804 Wdf01000 - ok
09:05:53.0226 3804 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
09:05:53.0226 3804 WdiServiceHost - ok
09:05:53.0226 3804 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
09:05:53.0226 3804 WdiSystemHost - ok
09:05:53.0242 3804 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
09:05:53.0242 3804 WebClient - ok
09:05:53.0257 3804 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
09:05:53.0257 3804 Wecsvc - ok
09:05:53.0273 3804 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
09:05:53.0273 3804 wercplsupport - ok
09:05:53.0289 3804 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
09:05:53.0289 3804 WerSvc - ok
09:05:53.0304 3804 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
09:05:53.0304 3804 WfpLwf - ok
09:05:53.0304 3804 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
09:05:53.0304 3804 WIMMount - ok
09:05:53.0335 3804 WinDefend - ok
09:05:53.0335 3804 WinHttpAutoProxySvc - ok
09:05:53.0398 3804 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
09:05:53.0398 3804 Winmgmt - ok
09:05:53.0429 3804 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
09:05:53.0460 3804 WinRM - ok
09:05:53.0523 3804 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
09:05:53.0523 3804 WinUsb - ok
09:05:53.0554 3804 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
09:05:53.0554 3804 Wlansvc - ok
09:05:53.0616 3804 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
09:05:53.0632 3804 wlcrasvc - ok
09:05:53.0694 3804 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
09:05:53.0710 3804 wlidsvc - ok
09:05:53.0741 3804 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
09:05:53.0741 3804 WmiAcpi - ok
09:05:53.0772 3804 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
09:05:53.0772 3804 wmiApSrv - ok
09:05:53.0803 3804 WMPNetworkSvc - ok
09:05:53.0835 3804 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
09:05:53.0835 3804 WPCSvc - ok
09:05:53.0835 3804 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
09:05:53.0835 3804 WPDBusEnum - ok
09:05:53.0850 3804 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
09:05:53.0850 3804 ws2ifsl - ok
09:05:53.0850 3804 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
09:05:53.0850 3804 wscsvc - ok
09:05:53.0897 3804 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
09:05:53.0897 3804 WSDPrintDevice - ok
09:05:53.0944 3804 [ 4A2A5C50DD1A63577D3ACA94269FBC7F ] WSDScan C:\Windows\system32\DRIVERS\WSDScan.sys
09:05:53.0959 3804 WSDScan - ok
09:05:53.0959 3804 WSearch - ok
09:05:54.0006 3804 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
09:05:54.0037 3804 wuauserv - ok
09:05:54.0069 3804 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
09:05:54.0069 3804 WudfPf - ok
09:05:54.0100 3804 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
09:05:54.0100 3804 WUDFRd - ok
09:05:54.0131 3804 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
09:05:54.0131 3804 wudfsvc - ok
09:05:54.0162 3804 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
09:05:54.0162 3804 WwanSvc - ok
09:05:54.0178 3804 ================ Scan global ===============================
09:05:54.0209 3804 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
09:05:54.0240 3804 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll
09:05:54.0256 3804 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll
09:05:54.0271 3804 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
09:05:54.0287 3804 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
09:05:54.0287 3804 [Global] - ok
09:05:54.0287 3804 ================ Scan MBR ==================================
09:05:54.0303 3804 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
09:05:54.0630 3804 \Device\Harddisk0\DR0 - ok
09:05:54.0630 3804 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
09:05:54.0661 3804 \Device\Harddisk1\DR1 - ok
09:05:54.0661 3804 ================ Scan VBR ==================================
09:05:54.0661 3804 [ 8D4406EE8A8573FA97A86738AD0A0937 ] \Device\Harddisk0\DR0\Partition1
09:05:54.0661 3804 \Device\Harddisk0\DR0\Partition1 - ok
09:05:54.0693 3804 [ 2EEFDD475CBFDAE5A9E508AF0F635B8D ] \Device\Harddisk0\DR0\Partition2
09:05:54.0693 3804 \Device\Harddisk0\DR0\Partition2 - ok
09:05:54.0693 3804 ============================================================
09:05:54.0693 3804 Scan finished
09:05:54.0693 3804 ============================================================
09:05:54.0708 2824 Detected object count: 0
09:05:54.0708 2824 Actual detected object count: 0
09:06:57.0032 2996 Deinitialize success



----------------------------------------------------------------------------------------------------------------

aswMBR.txt


aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2013-01-06 09:09:07
-----------------------------
09:09:07.893 OS Version: Windows x64 6.1.7601 Service Pack 1
09:09:07.893 Number of processors: 4 586 0x3A09
09:09:07.893 ComputerName: STEFANSKIULTRA UserName: LAS_ANS
09:09:08.112 Initialize success
09:10:08.881 AVAST engine defs: 13010600
09:10:25.916 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
09:10:25.916 Disk 0 Vendor: ST500LT0 0001 Size: 476940MB BusType: 3
09:10:25.916 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IAAStorageDevice-2
09:10:25.916 Disk 1 Vendor: SATA_SSD S5FA Size: 19087MB BusType: 3
09:10:25.947 Disk 0 MBR read successfully
09:10:25.947 Disk 0 MBR scan
09:10:25.947 Disk 0 Windows 7 default MBR code
09:10:25.963 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 16896 MB offset 2048
09:10:25.994 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 34605056
09:10:25.994 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 459942 MB offset 34809856
09:10:26.041 Disk 0 scanning C:\Windows\system32\drivers
09:10:36.618 Service scanning
09:10:44.387 Modules scanning
09:10:44.387 Disk 0 trace - called modules:
09:10:44.402 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
09:10:44.402 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8008030060]
09:10:44.402 3 CLASSPNP.SYS[fffff88001c5a43f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8006dd0050]
09:10:44.745 AVAST engine scan C:\Windows
09:10:46.898 AVAST engine scan C:\Windows\system32
09:12:53.525 AVAST engine scan C:\Windows\system32\drivers
09:13:05.240 AVAST engine scan C:\Users\LAS_ANS
09:16:07.063 AVAST engine scan C:\ProgramData
09:17:17.748 Scan finished successfully
09:20:44.704 Disk 0 MBR has been saved successfully to "C:\Users\LAS_ANS\Desktop\MBR.dat"
09:20:44.704 The log file has been saved successfully to "C:\Users\LAS_ANS\Desktop\aswMBR.txt"




-----------------------------------------------------------------------------------------------------------

Result.txt

MiniToolBox by Farbar Version: 25-11-2012
Ran by LAS_ANS (administrator) on 06-01-2013 at 09:28:45
Running from "C:\Users\LAS_ANS\Desktop"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Qualcomm Atheros AR5BWB222 Wireless Network Adapter = Wireless Network Connection (Connected)
Broadcom NetLink ™ Gigabit Ethernet = Local Area Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : StefanskiUltra
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : hsd1.il.comcast.net.

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : 2A-3E-8E-87-4E-69
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : hsd1.il.comcast.net.
Description . . . . . . . . . . . : Qualcomm Atheros AR5BWB222 Wireless Network Adapter
Physical Address. . . . . . . . . : 08-3E-8E-87-4E-69
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::e866:a1d3:e0a6:a98%15(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.108(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Sunday, January 06, 2013 8:48:31 AM
Lease Expires . . . . . . . . . . : Monday, January 07, 2013 8:48:30 AM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 487079566
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-17-D0-0B-70-08-9E-01-07-65-39
DNS Servers . . . . . . . . . . . : 75.75.75.75
75.75.76.76
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : D2-Line.com
Description . . . . . . . . . . . : Broadcom NetLink ™ Gigabit Ethernet
Physical Address. . . . . . . . . : 08-9E-01-07-65-39
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.hsd1.il.comcast.net.:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : hsd1.il.comcast.net.
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 12:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:2cc6:f9a:9d29:3a4f(Preferred)
Link-local IPv6 Address . . . . . : fe80::2cc6:f9a:9d29:3a4f%17(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: cdns01.comcast.net
Address: 75.75.75.75

Name: google.com
Addresses: 2607:f8b0:4009:802::1001
74.125.225.99
74.125.225.102
74.125.225.100
74.125.225.101
74.125.225.97
74.125.225.104
74.125.225.96
74.125.225.110
74.125.225.105
74.125.225.103
74.125.225.98


Pinging google.com [74.125.225.101] with 32 bytes of data:
Reply from 74.125.225.101: bytes=32 time=19ms TTL=53
Reply from 74.125.225.101: bytes=32 time=17ms TTL=53

Ping statistics for 74.125.225.101:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 17ms, Maximum = 19ms, Average = 18ms
Server: cdns01.comcast.net
Address: 75.75.75.75

DNS request timed out.
timeout was 2 seconds.
Name: yahoo.com
Addresses: 72.30.38.140
98.138.253.109
98.139.183.24


Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=87ms TTL=49
Reply from 98.138.253.109: bytes=32 time=73ms TTL=49

Ping statistics for 98.138.253.109:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 73ms, Maximum = 87ms, Average = 80ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
16...2a 3e 8e 87 4e 69 ......Microsoft Virtual WiFi Miniport Adapter
15...08 3e 8e 87 4e 69 ......Qualcomm Atheros AR5BWB222 Wireless Network Adapter
11...08 9e 01 07 65 39 ......Broadcom NetLink ™ Gigabit Ethernet
1...........................Software Loopback Interface 1
18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
12...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
17...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.108 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.108 281
192.168.1.108 255.255.255.255 On-link 192.168.1.108 281
192.168.1.255 255.255.255.255 On-link 192.168.1.108 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.108 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.108 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
17 58 ::/0 On-link
1 306 ::1/128 On-link
17 58 2001::/32 On-link
17 306 2001:0:4137:9e76:2cc6:f9a:9d29:3a4f/128
On-link
15 281 fe80::/64 On-link
17 306 fe80::/64 On-link
17 306 fe80::2cc6:f9a:9d29:3a4f/128
On-link
15 281 fe80::e866:a1d3:e0a6:a98/128
On-link
1 306 ff00::/8 On-link
17 306 ff00::/8 On-link
15 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 10 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 09 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog5 10 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (01/06/2013 09:04:10 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (01/06/2013 09:03:16 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (01/06/2013 09:03:16 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (01/06/2013 08:48:33 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/06/2013 08:45:11 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/05/2013 01:24:53 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/05/2013 10:05:48 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 268244

Error: (01/05/2013 10:05:48 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 268244

Error: (01/05/2013 10:05:48 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/05/2013 10:00:38 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (01/06/2013 08:49:27 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (01/06/2013 08:48:27 AM) (Source: Service Control Manager) (User: )
Description: The McAfee SiteAdvisor Service service failed to start due to the following error:
%%2

Error: (01/06/2013 08:46:04 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (01/06/2013 08:45:05 AM) (Source: Service Control Manager) (User: )
Description: The McAfee SiteAdvisor Service service failed to start due to the following error:
%%2

Error: (01/05/2013 01:25:43 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (01/05/2013 01:24:49 PM) (Source: Service Control Manager) (User: )
Description: The McAfee SiteAdvisor Service service failed to start due to the following error:
%%2

Error: (01/05/2013 10:01:32 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (01/05/2013 10:00:33 AM) (Source: Service Control Manager) (User: )
Description: The McAfee SiteAdvisor Service service failed to start due to the following error:
%%2

Error: (01/05/2013 09:40:37 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (01/05/2013 09:39:39 AM) (Source: Service Control Manager) (User: )
Description: The McAfee SiteAdvisor Service service failed to start due to the following error:
%%2


Microsoft Office Sessions:
=========================
Error: (01/06/2013 09:04:10 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\LAS_ANS\Desktop\esetsmartinstaller_enu.exe

Error: (01/06/2013 09:03:16 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\LAS_ANS\Downloads\esetsmartinstaller_enu.exe

Error: (01/06/2013 09:03:16 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\LAS_ANS\Downloads\esetsmartinstaller_enu(1).exe

Error: (01/06/2013 08:48:33 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/06/2013 08:45:11 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/05/2013 01:24:53 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/05/2013 10:05:48 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 268244

Error: (01/05/2013 10:05:48 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 268244

Error: (01/05/2013 10:05:48 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/05/2013 10:00:38 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


=========================== Installed Programs ============================

Acer Backup Manager (Version: 3.0.0.100)
Acer Crystal Eye Webcam (Version: 1.5.2728.00)
Acer ePower Management (Version: 6.00.3010)
Acer eRecovery Management (Version: 5.00.3508)
Acer Games (Version: 1.0.2.5)
Acer Instant Update Service (Version: 1.00.3004)
Acer Registration (Version: 1.04.3506)
Acer Theft Shield (Version: 1.00.3005)
Acer Updater (Version: 1.02.3501)
Acer USB Charge Manager (Version: 1.00.3002)
Acer VCM (Version: 4.05.3501)
Adobe AIR (Version: 2.6.0.19120)
Adobe Flash Player 11 ActiveX (Version: 11.5.502.135)
Adobe Flash Player 11 Plugin (Version: 11.5.502.135)
Adobe Reader X (10.1.4) MUI (Version: 10.1.4)
Agatha Christie - Death on the Nile (Version: 2.2.0.98)
Any Video Converter 3.5.7
Apple Application Support (Version: 2.3.2)
Apple Mobile Device Support (Version: 6.0.1.3)
Apple Software Update (Version: 2.1.3.127)
Atheros Bluetooth Suite (64) (Version: 7.4.0.125)
Backup Manager V3 (Version: 3.0.0.100)
Bejeweled 3 (Version: 2.2.0.98)
Bonjour (Version: 3.0.0.10)
Broadcom NetLink Controller (Version: 15.0.6.1)
Canon MG6200 series MP Drivers
CDDRV_Installer (Version: 4.60)
Chronicles of Albian (Version: 2.2.0.95)
Chuzzle Deluxe (Version: 2.2.0.95)
Cradle of Rome 2 (Version: 2.2.0.98)
CyberLink MediaEspresso (Version: 6.5.1720_38230)
D3DX10 (Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dolby Home Theater v4 (Version: 7.2.7000.7)
Dora's World Adventure (Version: 2.2.0.95)
Dropbox (Version: 1.6.11)
Epson Connect
Epson Customer Participation (Version: 1.0.0.0)
Epson Download Navigator (Version: 1.0.1)
Epson Event Manager (Version: 2.50.0001)
Epson FAX Utility (Version: 1.20.00)
Epson PC-FAX Driver
EPSON Scan
EPSON WorkForce 545 Series Printer Uninstall
EpsonNet Print (Version: 2.4j)
erLT (Version: 1.20.0137)
ESET Online Scanner v3
ETDWare PS/2-X64 10.6.10.8_WHQL (Version: 10.6.10.8)
ExpressCache (Version: 1.0.82)
FATE (Version: 2.2.0.97)
Final Drive: Nitro (Version: 2.2.0.95)
Galerie de photos Windows Live (Version: 15.4.3502.0922)
Galería fotográfica de Windows Live (Version: 15.4.3502.0922)
Governor of Poker 2 Premium Edition (Version: 2.2.0.95)
Greenshot 1.0.6.2228 (Version: 1.0.6.2228)
Identity Card (Version: 1.00.3501)
Intel® Control Center (Version: 1.2.1.1007)
Intel® Management Engine Components (Version: 8.0.4.1441)
Intel® OpenCL CPU Runtime
Intel® Processor Graphics (Version: 8.15.10.2712)
Intel® Rapid Start Technology (Version: 1.0.0.1022)
Intel® Rapid Storage Technology (Version: 11.1.0.1006)
Intel® Turbo Boost Technology Monitor 2.0 (Version: 2.1.23.0)
Intel® USB 3.0 eXtensible Host Controller Driver (Version: 1.0.4.220)
Intel® Trusted Connect Service Client (Version: 1.23.605.1)
iTunes (Version: 11.0.1.12)
Java 7 Update 9 (Version: 7.0.90)
Java Auto Updater (Version: 2.1.9.0)
Jewel Match 3 (Version: 2.2.0.98)
Jewel Quest Mysteries: The Seventh Gate Collector's Edition (Version: 2.2.0.98)
Junk Mail filter update (Version: 15.4.3502.0922)
KhalInstallWrapper (Version: 2.00.0000)
Launch Manager (Version: 5.1.15)
Logitech SetPoint (Version: 4.80)
Malwarebytes Anti-Malware version 1.70.0.1100 (Version: 1.70.0.1100)
Mesh Runtime (Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Home and Student 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Security Client (Version: 4.1.0522.0)
Microsoft Security Essentials (Version: 4.1.522.0)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Mozilla Firefox 17.0.1 (x86 en-US) (Version: 17.0.1)
Mozilla Maintenance Service (Version: 17.0.1)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
NOOK for PC (Version: 2.5.6.9575)
NTI Media Maker 9 (Version: 9.0.2.9006)
NVIDIA Control Panel 306.97 (Version: 306.97)
NVIDIA Graphics Driver 306.97 (Version: 306.97)
NVIDIA Install Application (Version: 2.1002.85.551)
NVIDIA Optimus 1.10.8 (Version: 1.10.8)
NVIDIA PhysX (Version: 9.12.0604)
NVIDIA PhysX System Software 9.12.0604 (Version: 9.12.0604)
NVIDIA Update 1.10.8 (Version: 1.10.8)
NVIDIA Update Components (Version: 1.10.8)
Penguins! (Version: 2.2.0.98)
Plants vs. Zombies - Game of the Year (Version: 2.2.0.98)
Polar Bowler (Version: 2.2.0.97)
Polar Golfer (Version: 2.2.0.98)
Realtek High Definition Audio Driver (Version: 6.0.1.6612)
Realtek PCIE Card Reader (Version: 6.1.7601.28104)
Remote Control USB Driver (Version: 2.3.2.317)
Skype™ 5.10 (Version: 5.10.116)
Sleep Memory Optimizer (Version: 1.00.3004)
Smart Timer (Version: 1.00.3004)
Spotify (Version: 0.8.5.1333.g822e0de8)
Torchlight (Version: 2.2.0.98)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2687277) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
Update Installer for WildTangent Games App
Virtual Villagers 5 - New Believers (Version: 2.2.0.97)
Welcome Center (Version: 1.02.3507)
WildTangent Games App (Acer Games) (Version: 4.0.5.32)
Windows Live (Version: 15.4.3502.0922)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3538.0513)
Windows Live Galeria de Fotos (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3538.0513)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Zuma's Revenge (Version: 2.2.0.98)

========================= Memory info: ===================================

Percentage of memory in use: 63%
Total physical RAM: 3934.36 MB
Available physical RAM: 1447.11 MB
Total Pagefile: 7866.9 MB
Available Pagefile: 4873.72 MB
Total Virtual: 4095.88 MB
Available Virtual: 3969.96 MB

========================= Partitions: =====================================

1 Drive c: (Acer) (Fixed) (Total:449.16 GB) (Free:230.59 GB) NTFS

========================= Users: ========================================

User accounts for \\STEFANSKIULTRA

Administrator Guest LAS_ANS
UpdatusUser


**** End of log ****

#12 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,489 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:42 AM

Posted 06 January 2013 - 01:47 PM

We can still check for file corruption.. Run System File Checker
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#13 theNimrod

theNimrod
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:02:42 AM

Posted 06 January 2013 - 05:14 PM

I ran the System File Checker. It finished and displayed the following message:

"Windows Resource Protections did not find any integrity violations."

Will await further instructions.

#14 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,489 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:42 AM

Posted 06 January 2013 - 06:37 PM

Lets look at one more

Running GMER on 32 and 64 bit Systems

--------------------

Please download GMER from one of the following locations and save it to your desktop:

  • Main Mirror which will download a randomly named file
  • Zipped Mirror - Unzip the file to its own folder such as C:\gmer
  • Disconnect from the Internet and close all running programs
  • Temporarily disable any real-time active protection
  • It is very important you do not use your computer while GMER is running
  • Double-click on the randomly named GMER Posted Image icon
  • GMER will open to the Rootkit/Malware tab and perform an automatic quick scan
  • If you receive a warning about rootkit activity and are asked to fully scan your system click NO
  • Please check in the Quick scan box
  • Please uncheck the following:
    • IAT/EAT
    • Show All <<< Important
    Posted Image
  • Click Scan
  • If you see a rootkit warning window click OK
  • When the scan is finished, Save the results to your desktop as gmer.log
  • Click Copy then paste the results in your reply
  • Exit GMER and be sure to re-enable your Antivirus, Firewall and any other security programs you had disabled
Note:
  • If you encounter any problems, try running GMER in Safe Mode
  • If GMER crashes or keeps resulting in a Blue Screen of Death, uncheck Devices on the right side before scanning

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#15 theNimrod

theNimrod
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:02:42 AM

Posted 06 January 2013 - 07:44 PM

Scan complete, log below.

GMER 2.0.18437 - http://www.gmer.net
Rootkit scan 2013-01-06 18:41:08
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 ST500LT0 rev.0001 465.76GB
Running: 9iuqzqik.exe; Driver: C:\Users\LAS_ANS\AppData\Local\Temp\kgtdraoc.sys


---- User code sections - GMER 2.0 ----

.text C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe[2312] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000077c91401 2 bytes [C9, 77]
.text C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe[2312] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000077c91419 2 bytes [C9, 77]
.text C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe[2312] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000077c91431 2 bytes [C9, 77]
.text C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe[2312] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 0000000077c9144a 2 bytes [C9, 77]
.text ... * 9
.text C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe[2312] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 0000000077c914dd 2 bytes [C9, 77]
.text C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe[2312] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 0000000077c914f5 2 bytes [C9, 77]
.text C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe[2312] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 0000000077c9150d 2 bytes [C9, 77]
.text C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe[2312] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000077c91525 2 bytes [C9, 77]
.text C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe[2312] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 0000000077c9153d 2 bytes [C9, 77]
.text C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe[2312] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000077c91555 2 bytes [C9, 77]
.text C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe[2312] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 0000000077c9156d 2 bytes [C9, 77]
.text C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe[2312] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000077c91585 2 bytes [C9, 77]
.text C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe[2312] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 0000000077c9159d 2 bytes [C9, 77]
.text C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe[2312] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 0000000077c915b5 2 bytes [C9, 77]
.text C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe[2312] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 0000000077c915cd 2 bytes [C9, 77]
.text C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe[2312] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 0000000077c916b2 2 bytes [C9, 77]
.text C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe[2312] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 0000000077c916bd 2 bytes [C9, 77]

---- Threads - GMER 2.0 ----

Thread [948:160] 0000000077afaec0
Thread [948:696] 0000000077affbc0
Thread [948:712] 0000000077affbc0
Thread [948:716] 0000000077affbc0
Thread [948:720] 0000000077affbc0
Thread [948:724] 0000000077affbc0
Thread [948:800] 0000000077affbc0
Thread [948:5852] 0000000077affbc0
Thread [948:5604] 0000000077affbc0
Thread [948:3552] 0000000077affbc0
Thread [1200:1208] 0000000077afaec0
Thread [1200:1320] 000007fefb6e8274
Thread [1200:1612] 000007fefb6e8274
Thread [1200:2964] 0000000077affbc0
Thread C:\Windows\System32\spoolsv.exe [1656:2068] 000007fef8a710c8
Thread C:\Windows\System32\spoolsv.exe [1656:2104] 000007fef8a36144
Thread C:\Windows\System32\spoolsv.exe [1656:2108] 000007fef8825fd0
Thread C:\Windows\System32\spoolsv.exe [1656:2112] 000007fef8813438
Thread C:\Windows\System32\spoolsv.exe [1656:2116] 000007fef88263ec
Thread C:\Windows\System32\spoolsv.exe [1656:2120] 000007fef8813438
Thread C:\Windows\System32\spoolsv.exe [1656:2124] 000007fef88263ec
Thread C:\Windows\System32\spoolsv.exe [1656:2132] 000007fef8bd5e5c
Thread C:\Windows\System32\spoolsv.exe [1656:2180] 000007fef8badf70
Thread C:\Windows\System32\spoolsv.exe [1656:5432] 000007fefbe12060
Thread C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [1916:1968] 0000000072bd184f
Thread C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [1916:1972] 0000000072bd184f
Thread [1344:1504] 0000000071e91020
Thread [1344:1480] 0000000077d12e25
Thread C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [3104:3324] 000007fefc286204
Thread C:\Program Files\Greenshot\Greenshot.exe [3316:4100] 000007fefc4e2a7c
Thread C:\Program Files\Greenshot\Greenshot.exe [3316:412] 000007feed201ebc
Thread C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe [4088:3772] 0000000077d12e25
Thread C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe [4088:596] 000000002809d6e3
Thread [2792:3808] 0000000077afaec0
Thread [2792:4144] 000007fefe380168
Thread [2792:2780] 0000000077affbc0
Thread [2792:1568] 0000000077affbc0
---- Processes - GMER 2.0 ----

Library ? (*** suspicious ***) @ [948] 00000000ff1a0000
Library ? (*** suspicious ***) @ [1200] 00000000ff420000
Library ? (*** suspicious ***) @ C:\Windows\system32\nvvsvc.exe [1376] 000007fefde30000
Library ? (*** suspicious ***) @ C:\Windows\System32\spoolsv.exe [1656] 000007fef9c90000
Library ? (*** suspicious ***) @ C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [1916] 0000000074070000
Library ? (*** suspicious ***) @ C:\Program Files (x86)\Launch Manager\dsiwmis.exe [1164] 0000000077090000
Library ? (*** suspicious ***) @ [1344] 00000000012e0000
Library ? (*** suspicious ***) @ C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [2092] 0000000075e80000
Library ? (*** suspicious ***) @ C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [3104] 000007fefc870000
Library ? (*** suspicious ***) @ C:\Program Files\Elantech\ETDCtrl.exe [3156] 000007fef4860000
Library ? (*** suspicious ***) @ C:\Program Files\Microsoft Security Client\msseces.exe [3208] 000007fef3b80000
Library ? (*** suspicious ***) @ C:\Program Files\Greenshot\Greenshot.exe [3316] 000007fef3ef0000
Library ? (*** suspicious ***) @ C:\Users\LAS_ANS\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [3888] 00000000754b0000
Library ? (*** suspicious ***) @ [2792] 00000000ffcc0000
Library ? (*** suspicious ***) @ C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [5828] 000000006b000000
Library ? (*** suspicious ***) @ C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [6016] 00000000773e0000
Library ? (*** suspicious ***) @ C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [6080] 0000000077220000

---- Registry - GMER 2.0 ----

Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\083e8e874e6a
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\083e8e874e6a (not active ControlSet)

---- EOF - GMER 2.0 ----




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users