Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Impossible popup! HELP!


  • Please log in to reply
6 replies to this topic

#1 omgimcarrie

omgimcarrie

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:06:10 PM

Posted 02 April 2013 - 08:19 PM

For weeks now, I've been getting these Russian popups on several different websites that I frequent. I don't know how to get rid of them! I've run a plethora of malware programs and anti-virus programs and they still come up! I've left pictures below of what they look like, can anyone help me get rid of them?!

 

I haven't installed any toolbars or free programs recently.
No one but my son has been on my computer and he only checked my mail for me while I was in hospital.
I've tried opening Firefox in safe mode but it still happens (also happens in IE).
I've checked Firefox Add Ons and there's nothing fishy there.

Any idea how to make them go away?

This is what it looks normally (with Adblock Plus on)

1zg9mh2.jpg



This is what it looks like in safe mode

9ghoaa.jpg

 

Thank you for your help!

xo: Carrie



BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,220 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:06:10 PM

Posted 02 April 2013 - 08:30 PM

Hello, I moved this from Win7 to Am I Infected for some scans.

 

 

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:

  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.

Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.

 

 

 

Please Download TDSSkiller
Launch it.
Click on change parameters-Select TDLFS file system
Click on "Scan".
Please post the LOG report(log file should be in your C drive)
 
Do not change the default options on scan results.

 

 

 

Please download AdwCleaner by Xplode onto your desktop.
•Close all open programs and internet browsers.
•Double click on adwcleaner.exe to run the tool.
•Click on Delete.
•Confirm each time with Ok.
•You will be prompted to restart your computer. A text file will open after the restart.
•Please post the contents of that logfile with your next reply.
•You can find the logfile at C:\AdwCleaner[S1].txt as well.


>>>>

Now I'd like us to scan your machine with ESET OnlineScan

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png  button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.

NOTE:Sometimes if ESET finds no infections it will not create a log.


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 omgimcarrie

omgimcarrie
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:06:10 PM

Posted 02 April 2013 - 11:09 PM

Okay... here we go:

 

MiniToolBox

MiniToolBox by Farbar  Version:05-03-2013
Ran by Carrie (administrator) on 02-04-2013 at 21:48:54
Running from "C:\Users\Carrie\Desktop"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



127.0.0.1       adobeereg.com
127.0.0.1       www.adobeereg.com
127.0.0.1       activate.adobe.com
127.0.0.1       activate-sea.adobe.com
127.0.0.1       activate-sjc0.adobe.com
127.0.0.1       wwis-dubc1-vip60.adobe.com

========================= IP Configuration: ================================

Broadcom 802.11n Network Adapter = Wireless Network Connection (Connected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Hardware not present)
Broadcom NetLink ™ Gigabit Ethernet = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : Carrie-PC
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Broadcom 802.11n Network Adapter
   Physical Address. . . . . . . . . : 88-9F-FA-88-D0-B5
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::b5d3:c5f9:40b7:ab71%11(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.2(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Tuesday, April 02, 2013 8:48:05 PM
   Lease Expires . . . . . . . . . . : Wednesday, April 03, 2013 8:48:07 PM
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 394829818
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-FB-30-E8-1C-75-08-D7-7B-02
   DNS Servers . . . . . . . . . . . : 5.199.140.179
   NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Broadcom NetLink ™ Gigabit Ethernet
   Physical Address. . . . . . . . . : 1C-75-08-D7-7B-02
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{A5D357D4-C5BA-4CE0-AD06-78D26D7B1ABE}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6ab8:4e:d0ba:bc11:3793(Preferred)
   Link-local IPv6 Address . . . . . : fe80::4e:d0ba:bc11:3793%12(Preferred)
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled
Server:  UnKnown
Address:  5.199.140.179

Name:    google.com
Addresses:  2a00:1450:400d:804::1009
      173.194.39.162
      173.194.39.163
      173.194.39.164
      173.194.39.165
      173.194.39.166
      173.194.39.167
      173.194.39.168
      173.194.39.169
      173.194.39.174
      173.194.39.160
      173.194.39.161


Pinging google.com [173.194.39.161] with 32 bytes of data:
Reply from 173.194.39.161: bytes=32 time=141ms TTL=46
Reply from 173.194.39.161: bytes=32 time=143ms TTL=46

Ping statistics for 173.194.39.161:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 141ms, Maximum = 143ms, Average = 142ms
Server:  UnKnown
Address:  5.199.140.179

Name:    yahoo.com
Addresses:  98.138.253.109
      98.139.183.24
      206.190.36.45


Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
Reply from 206.190.36.45: bytes=32 time=198ms TTL=46
Reply from 206.190.36.45: bytes=32 time=140ms TTL=46

Ping statistics for 206.190.36.45:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 140ms, Maximum = 198ms, Average = 169ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
==========================================================================

=
Interface List
 11...88 9f fa 88 d0 b5 ......Broadcom 802.11n Network Adapter
 10...1c 75 08 d7 7b 02 ......Broadcom NetLink ™ Gigabit Ethernet
  1...........................Software Loopback Interface 1
 15...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
==========================================================================

=

IPv4 Route Table
==========================================================================

=
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1      192.168.1.2     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link       192.168.1.2    281
      192.168.1.2  255.255.255.255         On-link       192.168.1.2    281
    192.168.1.255  255.255.255.255         On-link       192.168.1.2    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link       192.168.1.2    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link       192.168.1.2    281
==========================================================================

=
Persistent Routes:
  None

IPv6 Route Table
==========================================================================

=
Active Routes:
 If Metric Network Destination      Gateway
 12     58 ::/0                     On-link
  1    306 ::1/128                  On-link
 12     58 2001::/32                On-link
 12    306 2001:0:9d38:6ab8:4e:d0ba:bc11:3793/128
                                    On-link
 11    281 fe80::/64                On-link
 12    306 fe80::/64                On-link
 12    306 fe80::4e:d0ba:bc11:3793/128
                                    On-link
 11    281 fe80::b5d3:c5f9:40b7:ab71/128
                                    On-link
  1    306 ff00::/8                 On-link
 12    306 ff00::/8                 On-link
 11    281 ff00::/8                 On-link
==========================================================================

=
Persistent Routes:
  None
========================= Winsock entries

=====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live

\WLIDNSP.DLL [145648] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live

\WLIDNSP.DLL [145648] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live

\WLIDNSP.DLL [171760] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live

\WLIDNSP.DLL [171760] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (04/02/2013 09:48:07 PM) (Source: Windows Search Service) (User: )
Description: The index cannot be initialized.


Details:
    The object you are trying to create already exists. Try again using a different name.  

(HRESULT : 0x80040d02) (0x80040d02)

Error: (04/02/2013 09:48:07 PM) (Source: Windows Search Service) (User: )
Description: The application cannot be initialized.

Context: Windows Application


Details:
    The object you are trying to create already exists. Try again using a different name.  

(HRESULT : 0x80040d02) (0x80040d02)

Error: (04/02/2013 09:48:07 PM) (Source: Windows Search Service) (User: )
Description: The gatherer object cannot be initialized.

Context: Windows Application, SystemIndex

Catalog


Details:
    The object you are trying to create already exists. Try again using a different name.  

(HRESULT : 0x80040d02) (0x80040d02)

Error: (04/02/2013 09:48:07 PM) (Source: Windows Search Service) (User: )
Description: The plug-in in <Search.TripoliIndexer> cannot be initialized.

Context: Windows

Application, SystemIndex Catalog


Details:
    Element not found.  (HRESULT : 0x80070490) (0x80070490)

Error: (04/02/2013 09:48:07 PM) (Source: Windows Search Service) (User: )
Description: The plug-in in <Search.JetPropStore> cannot be initialized.

Context: Windows

Application, SystemIndex Catalog


Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (04/02/2013 09:48:07 PM) (Source: Windows Search Service) (User: )
Description: The Windows Search Service cannot load the property store information.

Context:

Windows Application, SystemIndex Catalog


Details:
    The content index server cannot update or access information because of a database

error.  Stop and restart the search service.  If the problem persists, reset and recrawl the content

index.  In some cases it may be necessary to delete and recreate the content index.  (HRESULT :

0x8004117f) (0x8004117f)

Error: (04/02/2013 09:48:07 PM) (Source: Windows Search Service) (User: )
Description: The search service has detected corrupted data files in the index {id=1100}. The

service will attempt to automatically correct this problem by rebuilding the index.


Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (04/02/2013 09:48:07 PM) (Source: Windows Search Service) (User: )
Description: The Windows Search Service cannot open the Jet property store.


Details:
    0x%08x (0x8004117f - The content index server cannot update or access information

because of a database error.  Stop and restart the search service.  If the problem persists, reset

and recrawl the content index.  In some cases it may be necessary to delete and recreate the

content index.  (HRESULT : 0x8004117f))

Error: (04/02/2013 09:20:10 PM) (Source: Windows Search Service) (User: )
Description: The index cannot be initialized.


Details:
    The object you are trying to create already exists. Try again using a different name.  

(HRESULT : 0x80040d02) (0x80040d02)

Error: (04/02/2013 09:20:10 PM) (Source: Windows Search Service) (User: )
Description: The application cannot be initialized.

Context: Windows Application


Details:
    The object you are trying to create already exists. Try again using a different name.  

(HRESULT : 0x80040d02) (0x80040d02)


System errors:
=============
Error: (04/02/2013 09:48:07 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 7 time(s).

Error: (04/02/2013 09:48:07 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated with service-specific error %%-

2147218174.

Error: (04/02/2013 09:20:10 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 6 time(s).

Error: (04/02/2013 09:20:10 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated with service-specific error %%-

2147218174.

Error: (04/02/2013 09:20:05 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 5 time(s).

Error: (04/02/2013 09:20:05 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated with service-specific error %%-

2147218174.

Error: (04/02/2013 08:50:13 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 4 time(s).

Error: (04/02/2013 08:50:13 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated with service-specific error %%-

2147218174.

Error: (04/02/2013 08:49:20 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 3 time(s).

Error: (04/02/2013 08:49:20 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated with service-specific error %%-

2147218174.


Microsoft Office Sessions:
=========================
Error: (04/02/2013 09:48:07 PM) (Source: Windows Search Service)(User: )
Description:
Details:
    The object you are trying to create already exists. Try again using a different name.  

(HRESULT : 0x80040d02) (0x80040d02)

Error: (04/02/2013 09:48:07 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application


Details:
    The object you are trying to create already exists. Try again using a different name.  

(HRESULT : 0x80040d02) (0x80040d02)

Error: (04/02/2013 09:48:07 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog


Details:
    The object you are trying to create already exists. Try again using a different name.  

(HRESULT : 0x80040d02) (0x80040d02)

Error: (04/02/2013 09:48:07 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog


Details:
    Element not found.  (HRESULT : 0x80070490) (0x80070490)
Search.TripoliIndexer

Error: (04/02/2013 09:48:07 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog


Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
Search.JetPropStore

Error: (04/02/2013 09:48:07 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog


Details:
    The content index server cannot update or access information because of a database

error.  Stop and restart the search service.  If the problem persists, reset and recrawl the content

index.  In some cases it may be necessary to delete and recreate the content index.  (HRESULT :

0x8004117f) (0x8004117f)

Error: (04/02/2013 09:48:07 PM) (Source: Windows Search Service)(User: )
Description:
Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
1100

Error: (04/02/2013 09:48:07 PM) (Source: Windows Search Service)(User: )
Description:
Details:
    0x%08x (0x8004117f - The content index server cannot update or access information

because of a database error.  Stop and restart the search service.  If the problem persists, reset

and recrawl the content index.  In some cases it may be necessary to delete and recreate the

content index.  (HRESULT : 0x8004117f))

Error: (04/02/2013 09:20:10 PM) (Source: Windows Search Service)(User: )
Description:
Details:
    The object you are trying to create already exists. Try again using a different name.  

(HRESULT : 0x80040d02) (0x80040d02)

Error: (04/02/2013 09:20:10 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application


Details:
    The object you are trying to create already exists. Try again using a different name.  

(HRESULT : 0x80040d02) (0x80040d02)


CodeIntegrity Errors:
===================================
  Date: 2013-04-01 20:43:20.620
  Description: Code Integrity is unable to verify the image integrity of the file \Device

\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus

2013\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on

the system.

  Date: 2013-04-01 20:43:20.609
  Description: Code Integrity is unable to verify the image integrity of the file \Device

\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus

2013\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on

the system.

  Date: 2013-04-01 20:43:20.592
  Description: Code Integrity is unable to verify the image integrity of the file \Device

\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus

2013\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on

the system.


=========================== Installed Programs ============================

Acer Crystal Eye webcam Ver:1.1.199.107 (Version: 1.1.199.107)
Acer ePower Management (Version: 5.00.3005)
Acer eRecovery Management (Version: 4.05.3013)
Acer Registration (Version: 1.03.3003)
Acer Updater (Version: 1.02.3001)
Acrobat.com (Version: 1.6.65)
Adobe Flash Player 11 ActiveX (Version: 11.6.602.180)
Adobe Flash Player 11 Plugin (Version: 11.6.602.180)
Adobe Photoshop CS4 (Version: 11.0)
Adobe Reader X (10.1.6) (Version: 10.1.6)
Adobe Shockwave Player 11.6 (Version: 11.6.3.633)
Amazon MP3 Downloader 1.0.17 (Version: 1.0.17)
AMR to MP3 Converter 1.4
Any Video Converter 3.2.7
Apple Application Support (Version: 2.3.3)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (Version: 2.1.3.127)
Audacity 1.3.13 (Unicode)
Bonjour (Version: 3.0.0.10)
Brother MFL-Pro Suite MFC-J265W (Version: 1.0.3.0)
CCleaner (Version: 3.26)
Codec Pack - All In 1 6.0.3.0
CyberLink PowerDVD 9 (Version: 9.0.3216.50)
D3DX10 (Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Free WMA to MP3 Converter 1.16
Identity Card (Version: 1.00.3003)
Intel® Graphics Media Accelerator Driver (Version: 8.15.10.1892)
Intel® Rapid Storage Technology (Version: 9.6.2.1001)
iTunes (Version: 11.0.2.26)
Java Auto Updater (Version: 2.0.6.1)
Java™ 6 Update 22 (Version: 6.0.220)
Java™ 6 Update 29 (64-bit) (Version: 6.0.290)
Junk Mail filter update (Version: 16.4.3505.0912)
LAME v3.98.3 for Audacity
Launch Manager (Version: 4.0.14)
Mah Jong Quest III (remove only)
MediaMonkey 4.0 (Version: 4.0)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook Connector (Version: 14.0.5118.5000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Professional 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Outlook 2010 (Version: 14.0.6029.1000)
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (Version:

14.0.5120.5000)
Microsoft Silverlight (Version: 5.1.20125.0)
Microsoft SkyDrive (Version: 16.4.6013.0910)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft VC9 runtime libraries (Version: 2.0.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Movie Maker (Version: 16.4.3505.0912)
Mozilla Firefox 20.0 (x86 en-US) (Version: 20.0)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT Redists (Version: 1.0)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSVCRT110 (Version: 16.4.1108.0727)
MSVCRT110_amd64 (Version: 16.4.1109.0912)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
NTI Media Maker 9 (Version: 9.0.2.8939)
PaperPort Image Printer 64-bit (Version: 1.00.0000)
Photo Gallery (Version: 16.4.3505.0912)
PowerISO (Version: 4.8)
QuickTime (Version: 7.73.80.64)
Realtek USB 2.0 Card Reader (Version: 6.1.7600.30121)
Rosetta Stone Version 3 (Version: 3.4.5.0)
ScanSoft PaperPort 11 (Version: 11.2.0000)
swMSM (Version: 12.0.0.1)
Synaptics Pointing Device Driver (Version: 14.0.19.0)
Tunatic
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
Vegas Pro 11.0 (64-bit) (Version: 11.0.371)
Visual Studio 2008 x64 Redistributables (Version: 10.0.0.2)
VLC media player 2.0.5 (Version: 2.0.5)
Vuze (Version: 4.8.1.0)
Windows Live Communications Platform (Version: 16.4.3505.0912)
Windows Live Essentials (Version: 16.4.3505.0912)
Windows Live Family Safety (Version: 16.4.3505.0912)
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0)
Windows Live Installer (Version: 16.4.3505.0912)
Windows Live Mail (Version: 16.4.3505.0912)
Windows Live Messenger (Version: 16.4.3505.0912)
Windows Live MIME IFilter (Version: 16.4.3505.0912)
Windows Live Photo Common (Version: 16.4.3505.0912)
Windows Live PIMT Platform (Version: 16.4.3505.0912)
Windows Live SOXE (Version: 16.4.3505.0912)
Windows Live SOXE Definitions (Version: 16.4.3505.0912)
Windows Live UX Platform (Version: 16.4.3505.0912)
Windows Live UX Platform Language Pack (Version: 16.4.3505.0912)
Windows Live Writer (Version: 16.4.3505.0912)
Windows Live Writer Resources (Version: 16.4.3505.0912)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
WinRAR 4.01 (64-bit) (Version: 4.01.0)
Yahoo! Detect

========================= Memory info: ===================================

Percentage of memory in use: 42%
Total physical RAM: 3001.97 MB
Available physical RAM: 1735.57 MB
Total Pagefile: 6002.13 MB
Available Pagefile: 4617.27 MB
Total Virtual: 4095.88 MB
Available Virtual: 3958.56 MB

========================= Partitions: =====================================

1 Drive c: (Acer) (Fixed) (Total:284.49 GB) (Free:156.86 GB) NTFS

========================= Users: ========================================

User accounts for \\CARRIE-PC

Administrator            Carrie                   Guest                    


**** End of log ****




TDSSKiller

21:51:13.0287 3352  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
21:51:13.0677 3352  

============================================================
21:51:13.0677 3352  Current date / time: 2013/04/02 21:51:13.0677
21:51:13.0677 3352  SystemInfo:
21:51:13.0677 3352  
21:51:13.0677 3352  OS Version: 6.1.7601 ServicePack: 1.0
21:51:13.0677 3352  Product type: Workstation
21:51:13.0677 3352  ComputerName: CARRIE-PC
21:51:13.0677 3352  UserName: Carrie
21:51:13.0677 3352  Windows directory: C:\Windows
21:51:13.0677 3352  System windows directory: C:\Windows
21:51:13.0677 3352  Running under WOW64
21:51:13.0677 3352  Processor architecture: Intel x64
21:51:13.0677 3352  Number of processors: 2
21:51:13.0677 3352  Page size: 0x1000
21:51:13.0677 3352  Boot type: Normal boot
21:51:13.0677 3352  

============================================================
21:51:14.0036 3352  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb),

SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type

'K0', Flags 0x00000040
21:51:14.0036 3352  

============================================================
21:51:14.0036 3352  \Device\Harddisk0\DR0:
21:51:14.0036 3352  MBR partitions:
21:51:14.0036 3352  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1B00800,

BlocksNum 0x32000
21:51:14.0036 3352  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1B32800,

BlocksNum 0x238FB800
21:51:14.0036 3352  

============================================================
21:51:14.0067 3352  C: <-> \Device\Harddisk0\DR0\Partition2
21:51:14.0067 3352  

============================================================
21:51:14.0067 3352  Initialize success
21:51:14.0067 3352  

============================================================
21:51:30.0759 0764  

============================================================
21:51:30.0759 0764  Scan started
21:51:30.0759 0764  Mode: Manual; TDLFS;
21:51:30.0759 0764  

============================================================
21:51:31.0071 0764  ================ Scan system memory ========================
21:51:31.0071 0764  System memory - ok
21:51:31.0071 0764  ================ Scan services =============================
21:51:31.0243 0764  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows

\system32\drivers\1394ohci.sys
21:51:31.0258 0764  1394ohci - ok
21:51:31.0274 0764  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows

\system32\drivers\ACPI.sys
21:51:31.0290 0764  ACPI - ok
21:51:31.0305 0764  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows

\system32\drivers\acpipmi.sys
21:51:31.0305 0764  AcpiPmi - ok
21:51:31.0399 0764  [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:

\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
21:51:31.0399 0764  AdobeARMservice - ok
21:51:31.0570 0764  [ EA856F4A46320389D1899B2CAA7BF40F ]

AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash

\FlashPlayerUpdateService.exe
21:51:31.0570 0764  AdobeFlashPlayerUpdateSvc - ok
21:51:31.0633 0764  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows

\system32\DRIVERS\adp94xx.sys
21:51:31.0633 0764  adp94xx - ok
21:51:31.0680 0764  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows

\system32\DRIVERS\adpahci.sys
21:51:31.0680 0764  adpahci - ok
21:51:31.0742 0764  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows

\system32\DRIVERS\adpu320.sys
21:51:31.0742 0764  adpu320 - ok
21:51:31.0820 0764  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:

\Windows\System32\aelupsvc.dll
21:51:31.0820 0764  AeLookupSvc - ok
21:51:31.0867 0764  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows

\system32\drivers\afd.sys
21:51:31.0882 0764  AFD - ok
21:51:31.0929 0764  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows

\system32\drivers\agp440.sys
21:51:31.0929 0764  agp440 - ok
21:51:31.0960 0764  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows

\System32\alg.exe
21:51:31.0960 0764  ALG - ok
21:51:31.0976 0764  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows

\system32\drivers\aliide.sys
21:51:31.0976 0764  aliide - ok
21:51:32.0007 0764  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows

\system32\drivers\amdide.sys
21:51:32.0007 0764  amdide - ok
21:51:32.0023 0764  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows

\system32\DRIVERS\amdk8.sys
21:51:32.0023 0764  AmdK8 - ok
21:51:32.0054 0764  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:

\Windows\system32\DRIVERS\amdppm.sys
21:51:32.0054 0764  AmdPPM - ok
21:51:32.0070 0764  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:

\Windows\system32\drivers\amdsata.sys
21:51:32.0085 0764  amdsata - ok
21:51:32.0101 0764  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows

\system32\DRIVERS\amdsbs.sys
21:51:32.0101 0764  amdsbs - ok
21:51:32.0132 0764  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows

\system32\drivers\amdxata.sys
21:51:32.0132 0764  amdxata - ok
21:51:32.0163 0764  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows

\system32\drivers\appid.sys
21:51:32.0163 0764  AppID - ok
21:51:32.0179 0764  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows

\System32\appidsvc.dll
21:51:32.0194 0764  AppIDSvc - ok
21:51:32.0226 0764  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo         C:\Windows

\System32\appinfo.dll
21:51:32.0226 0764  Appinfo - ok
21:51:32.0288 0764  [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:

\Program Files (x86)\Common Files\Apple\Mobile Device Support

\AppleMobileDeviceService.exe
21:51:32.0288 0764  Apple Mobile Device - ok
21:51:32.0319 0764  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows

\system32\DRIVERS\arc.sys
21:51:32.0319 0764  arc - ok
21:51:32.0335 0764  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows

\system32\DRIVERS\arcsas.sys
21:51:32.0350 0764  arcsas - ok
21:51:32.0366 0764  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows

\system32\DRIVERS\asyncmac.sys
21:51:32.0366 0764  AsyncMac - ok
21:51:32.0366 0764  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows

\system32\drivers\atapi.sys
21:51:32.0366 0764  atapi - ok
21:51:32.0460 0764  [ E857EEE6B92AAA473EBB3465ADD8F7E7 ] athr            C:\Windows

\system32\DRIVERS\athrx.sys
21:51:32.0506 0764  athr - ok
21:51:32.0569 0764  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:

\Windows\System32\Audiosrv.dll
21:51:32.0584 0764  AudioEndpointBuilder - ok
21:51:32.0600 0764  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows

\System32\Audiosrv.dll
21:51:32.0600 0764  AudioSrv - ok
21:51:32.0647 0764  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows

\System32\AxInstSV.dll
21:51:32.0647 0764  AxInstSV - ok
21:51:32.0678 0764  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows

\system32\DRIVERS\bxvbda.sys
21:51:32.0678 0764  b06bdrv - ok
21:51:32.0709 0764  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:

\Windows\system32\DRIVERS\b57nd60a.sys
21:51:32.0709 0764  b57nd60a - ok
21:51:32.0834 0764  [ 2D659B569A76CDB83B815675A80D7096 ] BCM43XX         C:

\Windows\system32\DRIVERS\bcmwl664.sys
21:51:32.0865 0764  BCM43XX - ok
21:51:32.0881 0764  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:

\Windows\System32\bdesvc.dll
21:51:32.0896 0764  BDESVC - ok
21:51:32.0912 0764  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows

\system32\drivers\Beep.sys
21:51:32.0912 0764  Beep - ok
21:51:32.0943 0764  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows

\System32\bfe.dll
21:51:32.0959 0764  BFE - ok
21:51:33.0021 0764  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows

\System32\qmgr.dll
21:51:33.0052 0764  BITS - ok
21:51:33.0084 0764  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows

\system32\DRIVERS\blbdrive.sys
21:51:33.0084 0764  blbdrive - ok
21:51:33.0177 0764  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:

\Program Files\Bonjour\mDNSResponder.exe
21:51:33.0193 0764  Bonjour Service - ok
21:51:33.0240 0764  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows

\system32\DRIVERS\bowser.sys
21:51:33.0240 0764  bowser - ok
21:51:33.0255 0764  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows

\system32\DRIVERS\BrFiltLo.sys
21:51:33.0255 0764  BrFiltLo - ok
21:51:33.0271 0764  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows

\system32\DRIVERS\BrFiltUp.sys
21:51:33.0271 0764  BrFiltUp - ok
21:51:33.0318 0764  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows

\System32\browser.dll
21:51:33.0318 0764  Browser - ok
21:51:33.0349 0764  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows

\System32\Drivers\Brserid.sys
21:51:33.0349 0764  Brserid - ok
21:51:33.0364 0764  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:

\Windows\System32\Drivers\BrSerWdm.sys
21:51:33.0380 0764  BrSerWdm - ok
21:51:33.0380 0764  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:

\Windows\System32\Drivers\BrUsbMdm.sys
21:51:33.0380 0764  BrUsbMdm - ok
21:51:33.0396 0764  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows

\System32\Drivers\BrUsbSer.sys
21:51:33.0396 0764  BrUsbSer - ok
21:51:33.0458 0764  [ EA7E57F87D6FEE5FD6C5F813C04E8CD2 ] BrYNSvc         C:

\Program Files (x86)\Browny02\BrYNSvc.exe
21:51:33.0458 0764  BrYNSvc - ok
21:51:33.0474 0764  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:

\Windows\system32\DRIVERS\bthmodem.sys
21:51:33.0474 0764  BTHMODEM - ok
21:51:33.0505 0764  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows

\system32\bthserv.dll
21:51:33.0505 0764  bthserv - ok
21:51:33.0552 0764  [ 9887CA12F407D7FBC7F48F3678F5F0B6 ] BVRPMPR5a64     C:

\Windows\system32\drivers\BVRPMPR5a64.SYS
21:51:33.0552 0764  BVRPMPR5a64 - ok
21:51:33.0567 0764  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows

\system32\DRIVERS\cdfs.sys
21:51:33.0567 0764  cdfs - ok
21:51:33.0614 0764  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows

\system32\DRIVERS\cdrom.sys
21:51:33.0614 0764  cdrom - ok
21:51:33.0645 0764  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:

\Windows\System32\certprop.dll
21:51:33.0645 0764  CertPropSvc - ok
21:51:33.0676 0764  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows

\system32\DRIVERS\circlass.sys
21:51:33.0676 0764  circlass - ok
21:51:33.0708 0764  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows

\system32\CLFS.sys
21:51:33.0723 0764  CLFS - ok
21:51:33.0786 0764  [ D88040F816FDA31C3B466F0FA0918F29 ]

clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework

\v2.0.50727\mscorsvw.exe
21:51:33.0786 0764  clr_optimization_v2.0.50727_32 - ok
21:51:33.0832 0764  [ D1CEEA2B47CB998321C579651CE3E4F8 ]

clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET

\Framework64\v2.0.50727\mscorsvw.exe
21:51:33.0832 0764  clr_optimization_v2.0.50727_64 - ok
21:51:33.0910 0764  [ C5A75EB48E2344ABDC162BDA79E16841 ]

clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework

\v4.0.30319\mscorsvw.exe
21:51:33.0910 0764  clr_optimization_v4.0.30319_32 - ok
21:51:33.0957 0764  [ C6F9AF94DCD58122A4D7E89DB6BED29D ]

clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET

\Framework64\v4.0.30319\mscorsvw.exe
21:51:33.0957 0764  clr_optimization_v4.0.30319_64 - ok
21:51:33.0988 0764  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows

\system32\DRIVERS\CmBatt.sys
21:51:33.0988 0764  CmBatt - ok
21:51:34.0004 0764  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows

\system32\drivers\cmdide.sys
21:51:34.0004 0764  cmdide - ok
21:51:34.0051 0764  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows

\system32\Drivers\cng.sys
21:51:34.0066 0764  CNG - ok
21:51:34.0082 0764  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows

\system32\DRIVERS\compbatt.sys
21:51:34.0082 0764  Compbatt - ok
21:51:34.0113 0764  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:

\Windows\system32\drivers\CompositeBus.sys
21:51:34.0113 0764  CompositeBus - ok
21:51:34.0113 0764  COMSysApp - ok
21:51:34.0129 0764  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows

\system32\DRIVERS\crcdisk.sys
21:51:34.0144 0764  crcdisk - ok
21:51:34.0191 0764  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:

\Windows\system32\cryptsvc.dll
21:51:34.0191 0764  CryptSvc - ok
21:51:34.0238 0764  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:

\Windows\system32\rpcss.dll
21:51:34.0238 0764  DcomLaunch - ok
21:51:34.0269 0764  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows

\System32\defragsvc.dll
21:51:34.0269 0764  defragsvc - ok
21:51:34.0316 0764  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows

\system32\Drivers\dfsc.sys
21:51:34.0316 0764  DfsC - ok
21:51:34.0347 0764  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows

\system32\dhcpcore.dll
21:51:34.0347 0764  Dhcp - ok
21:51:34.0363 0764  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows

\system32\drivers\discache.sys
21:51:34.0363 0764  discache - ok
21:51:34.0394 0764  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows

\system32\DRIVERS\disk.sys
21:51:34.0394 0764  Disk - ok
21:51:34.0425 0764  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:

\Windows\System32\dnsrslvr.dll
21:51:34.0425 0764  Dnscache - ok
21:51:34.0472 0764  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows

\System32\dot3svc.dll
21:51:34.0472 0764  dot3svc - ok
21:51:34.0503 0764  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows

\system32\dps.dll
21:51:34.0503 0764  DPS - ok
21:51:34.0519 0764  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows

\system32\drivers\drmkaud.sys
21:51:34.0519 0764  drmkaud - ok
21:51:34.0581 0764  [ 9CF46FDF163E06B83D03FF929EF2296C ] DsiWMIService   C:

\Program Files (x86)\Launch Manager\dsiwmis.exe
21:51:34.0581 0764  DsiWMIService - ok
21:51:34.0644 0764  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl         C:\Windows

\System32\drivers\dxgkrnl.sys
21:51:34.0644 0764  DXGKrnl - ok
21:51:34.0690 0764  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:

\Windows\System32\eapsvc.dll
21:51:34.0690 0764  EapHost - ok
21:51:34.0784 0764  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows

\system32\DRIVERS\evbda.sys
21:51:34.0878 0764  ebdrv - ok
21:51:34.0909 0764  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows

\System32\lsass.exe
21:51:34.0909 0764  EFS - ok
21:51:34.0971 0764  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows

\ehome\ehRecvr.exe
21:51:35.0002 0764  ehRecvr - ok
21:51:35.0034 0764  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows

\ehome\ehsched.exe
21:51:35.0034 0764  ehSched - ok
21:51:35.0065 0764  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows

\system32\DRIVERS\elxstor.sys
21:51:35.0065 0764  elxstor - ok
21:51:35.0158 0764  [ 3EA2C4F68A782839D97B3C83595575B6 ] ePowerSvc       C:\Program

Files\Acer\Acer ePower Management\ePowerSvc.exe
21:51:35.0158 0764  ePowerSvc - ok
21:51:35.0221 0764  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows

\system32\drivers\errdev.sys
21:51:35.0221 0764  ErrDev - ok
21:51:35.0236 0764  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:

\Windows\system32\es.dll
21:51:35.0252 0764  EventSystem - ok
21:51:35.0268 0764  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows

\system32\drivers\exfat.sys
21:51:35.0268 0764  exfat - ok
21:51:35.0299 0764  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows

\system32\drivers\fastfat.sys
21:51:35.0299 0764  fastfat - ok
21:51:35.0346 0764  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows

\system32\fxssvc.exe
21:51:35.0361 0764  Fax - ok
21:51:35.0377 0764  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows

\system32\DRIVERS\fdc.sys
21:51:35.0392 0764  fdc - ok
21:51:35.0408 0764  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows

\system32\fdPHost.dll
21:51:35.0408 0764  fdPHost - ok
21:51:35.0424 0764  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:

\Windows\system32\fdrespub.dll
21:51:35.0424 0764  FDResPub - ok
21:51:35.0439 0764  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows

\system32\drivers\fileinfo.sys
21:51:35.0439 0764  FileInfo - ok
21:51:35.0455 0764  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows

\system32\drivers\filetrace.sys
21:51:35.0455 0764  Filetrace - ok
21:51:35.0502 0764  [ BB0667B0171B632B97EA759515476F07 ] FLEXnet Licensing Service

C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher

\FNPLicensingService.exe
21:51:35.0502 0764  FLEXnet Licensing Service - ok
21:51:35.0533 0764  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows

\system32\DRIVERS\flpydisk.sys
21:51:35.0533 0764  flpydisk - ok
21:51:35.0564 0764  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows

\system32\drivers\fltmgr.sys
21:51:35.0580 0764  FltMgr - ok
21:51:35.0642 0764  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:

\Windows\system32\FntCache.dll
21:51:35.0673 0764  FontCache - ok
21:51:35.0736 0764  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:

\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:51:35.0736 0764  FontCache3.0.0.0 - ok
21:51:35.0751 0764  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:

\Windows\system32\drivers\FsDepends.sys
21:51:35.0767 0764  FsDepends - ok
21:51:35.0798 0764  [ C2E475625F2C6F7DCDE4E920523A0573 ] fssfltr         C:\Windows

\system32\DRIVERS\fssfltr.sys
21:51:35.0798 0764  fssfltr - ok
21:51:35.0907 0764  [ 812E1BA5C52A78F13EA6AA10DF708B1D ] fsssvc          C:\Program

Files (x86)\Windows Live\Family Safety\fsssvc.exe
21:51:35.0954 0764  fsssvc - ok
21:51:35.0985 0764  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:

\Windows\system32\drivers\Fs_Rec.sys
21:51:35.0985 0764  Fs_Rec - ok
21:51:36.0032 0764  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows

\system32\DRIVERS\fvevol.sys
21:51:36.0032 0764  fvevol - ok
21:51:36.0048 0764  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:

\Windows\system32\DRIVERS\gagp30kx.sys
21:51:36.0048 0764  gagp30kx - ok
21:51:36.0094 0764  [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM     C:

\Windows\system32\DRIVERS\GEARAspiWDM.sys
21:51:36.0094 0764  GEARAspiWDM - ok
21:51:36.0141 0764  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows

\System32\gpsvc.dll
21:51:36.0157 0764  gpsvc - ok
21:51:36.0219 0764  [ 0191DEE9B9EB7902AF2CF4F67301095D ] GREGService     C:

\Program Files (x86)\Acer\Registration\GREGsvc.exe
21:51:36.0219 0764  GREGService - ok
21:51:36.0235 0764  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows

\system32\drivers\hcw85cir.sys
21:51:36.0250 0764  hcw85cir - ok
21:51:36.0297 0764  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:

\Windows\system32\drivers\HdAudio.sys
21:51:36.0297 0764  HdAudAddService - ok
21:51:36.0328 0764  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:

\Windows\system32\drivers\HDAudBus.sys
21:51:36.0328 0764  HDAudBus - ok
21:51:36.0360 0764  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows

\system32\DRIVERS\HidBatt.sys
21:51:36.0360 0764  HidBatt - ok
21:51:36.0375 0764  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows

\system32\DRIVERS\hidbth.sys
21:51:36.0375 0764  HidBth - ok
21:51:36.0406 0764  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows

\system32\DRIVERS\hidir.sys
21:51:36.0406 0764  HidIr - ok
21:51:36.0438 0764  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows

\system32\hidserv.dll
21:51:36.0438 0764  hidserv - ok
21:51:36.0484 0764  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows

\system32\DRIVERS\hidusb.sys
21:51:36.0484 0764  HidUsb - ok
21:51:36.0516 0764  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows

\system32\kmsvc.dll
21:51:36.0531 0764  hkmsvc - ok
21:51:36.0562 0764  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:

\Windows\system32\ListSvc.dll
21:51:36.0578 0764  HomeGroupListener - ok
21:51:36.0609 0764  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:

\Windows\system32\provsvc.dll
21:51:36.0609 0764  HomeGroupProvider - ok
21:51:36.0625 0764  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:

\Windows\system32\drivers\HpSAMD.sys
21:51:36.0625 0764  HpSAMD - ok
21:51:36.0672 0764  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:

\Windows\system32\drivers\HTTP.sys
21:51:36.0687 0764  HTTP - ok
21:51:36.0703 0764  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows

\system32\drivers\hwpolicy.sys
21:51:36.0703 0764  hwpolicy - ok
21:51:36.0734 0764  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows

\system32\drivers\i8042prt.sys
21:51:36.0734 0764  i8042prt - ok
21:51:36.0796 0764  [ 1384872112E8E7FD5786ECEB8BDDF4C9 ] iaStor          C:\Windows

\system32\DRIVERS\iaStor.sys
21:51:36.0796 0764  iaStor - ok
21:51:36.0859 0764  [ 6B24D1C3096DE796D15571079EA5E98C ] IAStorDataMgrSvc C:

\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
21:51:36.0859 0764  IAStorDataMgrSvc - ok
21:51:36.0890 0764  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows

\system32\drivers\iaStorV.sys
21:51:36.0890 0764  iaStorV - ok
21:51:36.0937 0764  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows

\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:51:36.0952 0764  idsvc - ok
21:51:37.0171 0764  [ 2D18C9E1F23970DE32D78D3B1CDDA0A7 ] igfx            C:\Windows

\system32\DRIVERS\igdkmd64.sys
21:51:37.0358 0764  igfx - ok
21:51:37.0389 0764  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows

\system32\DRIVERS\iirsp.sys
21:51:37.0389 0764  iirsp - ok
21:51:37.0436 0764  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows

\System32\ikeext.dll
21:51:37.0452 0764  IKEEXT - ok
21:51:37.0467 0764  IntcAzAudAddService - ok
21:51:37.0498 0764  [ 88A20FA54C73DED4E8DAC764E9130AE9 ] IntcHdmiAddService C:

\Windows\system32\drivers\IntcHdmi.sys
21:51:37.0498 0764  IntcHdmiAddService - ok
21:51:37.0514 0764  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows

\system32\drivers\intelide.sys
21:51:37.0514 0764  intelide - ok
21:51:37.0530 0764  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows

\system32\DRIVERS\intelppm.sys
21:51:37.0530 0764  intelppm - ok
21:51:37.0561 0764  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:

\Windows\system32\ipbusenum.dll
21:51:37.0561 0764  IPBusEnum - ok
21:51:37.0592 0764  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows

\system32\DRIVERS\ipfltdrv.sys
21:51:37.0592 0764  IpFilterDriver - ok
21:51:37.0639 0764  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows

\System32\iphlpsvc.dll
21:51:37.0654 0764  iphlpsvc - ok
21:51:37.0686 0764  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:

\Windows\system32\drivers\IPMIDrv.sys
21:51:37.0686 0764  IPMIDRV - ok
21:51:37.0701 0764  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows

\system32\drivers\ipnat.sys
21:51:37.0701 0764  IPNAT - ok
21:51:37.0748 0764  [ 4EFFC8FF6D349E971E94B1C670C0C66A ] iPod Service    C:

\Program Files\iPod\bin\iPodService.exe
21:51:37.0764 0764  iPod Service - ok
21:51:37.0779 0764  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:

\Windows\system32\drivers\irenum.sys
21:51:37.0779 0764  IRENUM - ok
21:51:37.0795 0764  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows

\system32\drivers\isapnp.sys
21:51:37.0795 0764  isapnp - ok
21:51:37.0826 0764  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows

\system32\drivers\msiscsi.sys
21:51:37.0826 0764  iScsiPrt - ok
21:51:37.0873 0764  [ 37E053A2CF8F0082B689ED74106E0CEC ] k57nd60a        C:

\Windows\system32\DRIVERS\k57nd60a.sys
21:51:37.0873 0764  k57nd60a - ok
21:51:37.0888 0764  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:

\Windows\system32\drivers\kbdclass.sys
21:51:37.0904 0764  kbdclass - ok
21:51:37.0920 0764  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows

\system32\drivers\kbdhid.sys
21:51:37.0920 0764  kbdhid - ok
21:51:37.0935 0764  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows

\system32\lsass.exe
21:51:37.0951 0764  KeyIso - ok
21:51:37.0982 0764  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows

\system32\Drivers\ksecdd.sys
21:51:37.0982 0764  KSecDD - ok
21:51:38.0013 0764  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:

\Windows\system32\Drivers\ksecpkg.sys
21:51:38.0013 0764  KSecPkg - ok
21:51:38.0013 0764  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows

\system32\drivers\ksthunk.sys
21:51:38.0029 0764  ksthunk - ok
21:51:38.0076 0764  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows

\system32\msdtckrm.dll
21:51:38.0076 0764  KtmRm - ok
21:51:38.0122 0764  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:

\Windows\system32\srvsvc.dll
21:51:38.0122 0764  LanmanServer - ok
21:51:38.0169 0764  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:

\Windows\System32\wkssvc.dll
21:51:38.0169 0764  LanmanWorkstation - ok
21:51:38.0200 0764  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows

\system32\DRIVERS\lltdio.sys
21:51:38.0200 0764  lltdio - ok
21:51:38.0247 0764  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows

\System32\lltdsvc.dll
21:51:38.0247 0764  lltdsvc - ok
21:51:38.0278 0764  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows

\System32\lmhsvc.dll
21:51:38.0278 0764  lmhosts - ok
21:51:38.0310 0764  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:

\Windows\system32\DRIVERS\lsi_fc.sys
21:51:38.0310 0764  LSI_FC - ok
21:51:38.0325 0764  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows

\system32\DRIVERS\lsi_sas.sys
21:51:38.0325 0764  LSI_SAS - ok
21:51:38.0341 0764  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:

\Windows\system32\DRIVERS\lsi_sas2.sys
21:51:38.0356 0764  LSI_SAS2 - ok
21:51:38.0372 0764  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:

\Windows\system32\DRIVERS\lsi_scsi.sys
21:51:38.0372 0764  LSI_SCSI - ok
21:51:38.0403 0764  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows

\system32\drivers\luafv.sys
21:51:38.0403 0764  luafv - ok
21:51:38.0434 0764  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:

\Windows\system32\Mcx2Svc.dll
21:51:38.0434 0764  Mcx2Svc - ok
21:51:38.0497 0764  [ 11F714F85530A2BD134074DC30E99FCA ] MDM             C:\Program

Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
21:51:38.0497 0764  MDM - ok
21:51:38.0512 0764  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:

\Windows\system32\DRIVERS\megasas.sys
21:51:38.0512 0764  megasas - ok
21:51:38.0528 0764  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:

\Windows\system32\DRIVERS\MegaSR.sys
21:51:38.0528 0764  MegaSR - ok
21:51:38.0559 0764  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:

\Windows\system32\mmcss.dll
21:51:38.0559 0764  MMCSS - ok
21:51:38.0575 0764  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows

\system32\drivers\modem.sys
21:51:38.0575 0764  Modem - ok
21:51:38.0606 0764  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:

\Windows\system32\DRIVERS\monitor.sys
21:51:38.0606 0764  monitor - ok
21:51:38.0653 0764  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows

\system32\DRIVERS\mouclass.sys
21:51:38.0653 0764  mouclass - ok
21:51:38.0668 0764  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows

\system32\DRIVERS\mouhid.sys
21:51:38.0668 0764  mouhid - ok
21:51:38.0715 0764  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:

\Windows\system32\drivers\mountmgr.sys
21:51:38.0715 0764  mountmgr - ok
21:51:38.0731 0764  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows

\system32\drivers\mpio.sys
21:51:38.0731 0764  mpio - ok
21:51:38.0778 0764  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows

\system32\drivers\mpsdrv.sys
21:51:38.0778 0764  mpsdrv - ok
21:51:38.0824 0764  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows

\system32\mpssvc.dll
21:51:38.0840 0764  MpsSvc - ok
21:51:38.0887 0764  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:

\Windows\system32\drivers\mrxdav.sys
21:51:38.0887 0764  MRxDAV - ok
21:51:38.0918 0764  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:

\Windows\system32\DRIVERS\mrxsmb.sys
21:51:38.0918 0764  mrxsmb - ok
21:51:38.0949 0764  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:

\Windows\system32\DRIVERS\mrxsmb10.sys
21:51:38.0949 0764  mrxsmb10 - ok
21:51:38.0996 0764  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:

\Windows\system32\DRIVERS\mrxsmb20.sys
21:51:38.0996 0764  mrxsmb20 - ok
21:51:39.0012 0764  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:

\Windows\system32\drivers\msahci.sys
21:51:39.0027 0764  msahci - ok
21:51:39.0058 0764  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows

\system32\drivers\msdsm.sys
21:51:39.0058 0764  msdsm - ok
21:51:39.0074 0764  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:

\Windows\System32\msdtc.exe
21:51:39.0090 0764  MSDTC - ok
21:51:39.0121 0764  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows

\system32\drivers\Msfs.sys
21:51:39.0121 0764  Msfs - ok
21:51:39.0136 0764  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows

\System32\drivers\mshidkmdf.sys
21:51:39.0136 0764  mshidkmdf - ok
21:51:39.0152 0764  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:

\Windows\system32\drivers\msisadrv.sys
21:51:39.0152 0764  msisadrv - ok
21:51:39.0199 0764  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows

\system32\iscsiexe.dll
21:51:39.0199 0764  MSiSCSI - ok
21:51:39.0199 0764  msiserver - ok
21:51:39.0230 0764  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:

\Windows\system32\drivers\MSKSSRV.sys
21:51:39.0230 0764  MSKSSRV - ok
21:51:39.0261 0764  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:

\Windows\system32\drivers\MSPCLOCK.sys
21:51:39.0261 0764  MSPCLOCK - ok
21:51:39.0277 0764  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:

\Windows\system32\drivers\MSPQM.sys
21:51:39.0277 0764  MSPQM - ok
21:51:39.0308 0764  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:

\Windows\system32\drivers\MsRPC.sys
21:51:39.0308 0764  MsRPC - ok
21:51:39.0355 0764  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:

\Windows\system32\drivers\mssmbios.sys
21:51:39.0355 0764  mssmbios - ok
21:51:39.0370 0764  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows

\system32\drivers\MSTEE.sys
21:51:39.0370 0764  MSTEE - ok
21:51:39.0402 0764  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:

\Windows\system32\DRIVERS\MTConfig.sys
21:51:39.0402 0764  MTConfig - ok
21:51:39.0448 0764  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows

\system32\Drivers\mup.sys
21:51:39.0448 0764  Mup - ok
21:51:39.0480 0764  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows

\system32\qagentRT.dll
21:51:39.0480 0764  napagent - ok
21:51:39.0511 0764  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows

\system32\DRIVERS\nwifi.sys
21:51:39.0526 0764  NativeWifiP - ok
21:51:39.0604 0764  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows

\system32\drivers\ndis.sys
21:51:39.0636 0764  NDIS - ok
21:51:39.0667 0764  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:

\Windows\system32\DRIVERS\ndiscap.sys
21:51:39.0667 0764  NdisCap - ok
21:51:39.0682 0764  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows

\system32\DRIVERS\ndistapi.sys
21:51:39.0682 0764  NdisTapi - ok
21:51:39.0714 0764  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows

\system32\DRIVERS\ndisuio.sys
21:51:39.0714 0764  Ndisuio - ok
21:51:39.0745 0764  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows

\system32\DRIVERS\ndiswan.sys
21:51:39.0745 0764  NdisWan - ok
21:51:39.0807 0764  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:

\Windows\system32\drivers\NDProxy.sys
21:51:39.0807 0764  NDProxy - ok
21:51:39.0838 0764  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows

\system32\DRIVERS\netbios.sys
21:51:39.0838 0764  NetBIOS - ok
21:51:39.0870 0764  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows

\system32\DRIVERS\netbt.sys
21:51:39.0870 0764  NetBT - ok
21:51:39.0901 0764  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows

\system32\lsass.exe
21:51:39.0901 0764  Netlogon - ok
21:51:39.0932 0764  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows

\System32\netman.dll
21:51:39.0948 0764  Netman - ok
21:51:39.0963 0764  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows

\System32\netprofm.dll
21:51:39.0979 0764  netprofm - ok
21:51:40.0010 0764  [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:

\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation

\SMSvcHost.exe
21:51:40.0010 0764  NetTcpPortSharing - ok
21:51:40.0041 0764  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows

\system32\DRIVERS\nfrd960.sys
21:51:40.0041 0764  nfrd960 - ok
21:51:40.0104 0764  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows

\System32\nlasvc.dll
21:51:40.0104 0764  NlaSvc - ok
21:51:40.0119 0764  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows

\system32\drivers\Npfs.sys
21:51:40.0119 0764  Npfs - ok
21:51:40.0150 0764  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows

\system32\nsisvc.dll
21:51:40.0150 0764  nsi - ok
21:51:40.0166 0764  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows

\system32\drivers\nsiproxy.sys
21:51:40.0166 0764  nsiproxy - ok
21:51:40.0260 0764  [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs            C:\Windows

\system32\drivers\Ntfs.sys
21:51:40.0306 0764  Ntfs - ok
21:51:40.0338 0764  [ EE3BA1024594D5D09E314F206B94069E ] NTIDrvr         C:\Windows

\system32\drivers\NTIDrvr.sys
21:51:40.0338 0764  NTIDrvr - ok
21:51:40.0353 0764  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows

\system32\drivers\Null.sys
21:51:40.0353 0764  Null - ok
21:51:40.0384 0764  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows

\system32\drivers\nvraid.sys
21:51:40.0384 0764  nvraid - ok
21:51:40.0416 0764  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows

\system32\drivers\nvstor.sys
21:51:40.0416 0764  nvstor - ok
21:51:40.0447 0764  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows

\system32\drivers\nv_agp.sys
21:51:40.0447 0764  nv_agp - ok
21:51:40.0462 0764  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows

\system32\drivers\ohci1394.sys
21:51:40.0462 0764  ohci1394 - ok
21:51:40.0509 0764  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program

Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:51:40.0509 0764  ose - ok
21:51:40.0728 0764  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc         C:\Program

Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
21:51:40.0852 0764  osppsvc - ok
21:51:40.0899 0764  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:

\Windows\system32\pnrpsvc.dll
21:51:40.0899 0764  p2pimsvc - ok
21:51:40.0930 0764  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows

\system32\p2psvc.dll
21:51:40.0930 0764  p2psvc - ok
21:51:40.0946 0764  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows

\system32\DRIVERS\parport.sys
21:51:40.0962 0764  Parport - ok
21:51:40.0993 0764  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:

\Windows\system32\drivers\partmgr.sys
21:51:40.0993 0764  partmgr - ok
21:51:40.0993 0764  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows

\System32\pcasvc.dll
21:51:40.0993 0764  PcaSvc - ok
21:51:41.0024 0764  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows

\system32\drivers\pci.sys
21:51:41.0024 0764  pci - ok
21:51:41.0040 0764  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows

\system32\drivers\pciide.sys
21:51:41.0040 0764  pciide - ok
21:51:41.0055 0764  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows

\system32\DRIVERS\pcmcia.sys
21:51:41.0055 0764  pcmcia - ok
21:51:41.0071 0764  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows

\system32\drivers\pcw.sys
21:51:41.0071 0764  pcw - ok
21:51:41.0102 0764  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:

\Windows\system32\drivers\peauth.sys
21:51:41.0118 0764  PEAUTH - ok
21:51:41.0242 0764  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows

\SysWow64\perfhost.exe
21:51:41.0242 0764  PerfHost - ok
21:51:41.0320 0764  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows

\system32\pla.dll
21:51:41.0367 0764  pla - ok
21:51:41.0398 0764  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows

\system32\umpnpmgr.dll
21:51:41.0414 0764  PlugPlay - ok
21:51:41.0430 0764  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:

\Windows\system32\pnrpauto.dll
21:51:41.0430 0764  PNRPAutoReg - ok
21:51:41.0445 0764  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:

\Windows\system32\pnrpsvc.dll
21:51:41.0445 0764  PNRPsvc - ok
21:51:41.0476 0764  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:

\Windows\System32\ipsecsvc.dll
21:51:41.0492 0764  PolicyAgent - ok
21:51:41.0539 0764  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:

\Windows\system32\umpo.dll
21:51:41.0539 0764  Power - ok
21:51:41.0586 0764  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:

\Windows\system32\DRIVERS\raspptp.sys
21:51:41.0586 0764  PptpMiniport - ok
21:51:41.0601 0764  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:

\Windows\system32\DRIVERS\processr.sys
21:51:41.0601 0764  Processor - ok
21:51:41.0648 0764  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows

\system32\profsvc.dll
21:51:41.0648 0764  ProfSvc - ok
21:51:41.0679 0764  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:

\Windows\system32\lsass.exe
21:51:41.0679 0764  ProtectedStorage - ok
21:51:41.0710 0764  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows

\system32\DRIVERS\pacer.sys
21:51:41.0710 0764  Psched - ok
21:51:41.0757 0764  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows

\system32\DRIVERS\ql2300.sys
21:51:41.0788 0764  ql2300 - ok
21:51:41.0820 0764  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows

\system32\DRIVERS\ql40xx.sys
21:51:41.0820 0764  ql40xx - ok
21:51:41.0851 0764  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows

\system32\qwave.dll
21:51:41.0866 0764  QWAVE - ok
21:51:41.0882 0764  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:

\Windows\system32\drivers\qwavedrv.sys
21:51:41.0882 0764  QWAVEdrv - ok
21:51:41.0898 0764  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows

\system32\DRIVERS\rasacd.sys
21:51:41.0898 0764  RasAcd - ok
21:51:41.0929 0764  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:

\Windows\system32\DRIVERS\AgileVpn.sys
21:51:41.0929 0764  RasAgileVpn - ok
21:51:41.0944 0764  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:

\Windows\System32\rasauto.dll
21:51:41.0960 0764  RasAuto - ok
21:51:41.0976 0764  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows

\system32\DRIVERS\rasl2tp.sys
21:51:41.0991 0764  Rasl2tp - ok
21:51:42.0022 0764  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:

\Windows\System32\rasmans.dll
21:51:42.0038 0764  RasMan - ok
21:51:42.0054 0764  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:

\Windows\system32\DRIVERS\raspppoe.sys
21:51:42.0054 0764  RasPppoe - ok
21:51:42.0069 0764  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:

\Windows\system32\DRIVERS\rassstp.sys
21:51:42.0069 0764  RasSstp - ok
21:51:42.0085 0764  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows

\system32\DRIVERS\rdbss.sys
21:51:42.0100 0764  rdbss - ok
21:51:42.0116 0764  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows

\system32\DRIVERS\rdpbus.sys
21:51:42.0116 0764  rdpbus - ok
21:51:42.0132 0764  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:

\Windows\system32\DRIVERS\RDPCDD.sys
21:51:42.0132 0764  RDPCDD - ok
21:51:42.0147 0764  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:

\Windows\system32\drivers\rdpencdd.sys
21:51:42.0147 0764  RDPENCDD - ok
21:51:42.0163 0764  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:

\Windows\system32\drivers\rdprefmp.sys
21:51:42.0163 0764  RDPREFMP - ok
21:51:42.0210 0764  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:

\Windows\system32\drivers\RDPWD.sys
21:51:42.0225 0764  RDPWD - ok
21:51:42.0256 0764  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows

\system32\drivers\rdyboost.sys
21:51:42.0256 0764  rdyboost - ok
21:51:42.0288 0764  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:

\Windows\System32\mprdim.dll
21:51:42.0303 0764  RemoteAccess - ok
21:51:42.0334 0764  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:

\Windows\system32\regsvc.dll
21:51:42.0334 0764  RemoteRegistry - ok
21:51:42.0366 0764  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:

\Windows\System32\RpcEpMap.dll
21:51:42.0366 0764  RpcEptMapper - ok
21:51:42.0397 0764  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:

\Windows\system32\locator.exe
21:51:42.0397 0764  RpcLocator - ok
21:51:42.0428 0764  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows

\system32\rpcss.dll
21:51:42.0444 0764  RpcSs - ok
21:51:42.0459 0764  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows

\system32\DRIVERS\rspndr.sys
21:51:42.0459 0764  rspndr - ok
21:51:42.0506 0764  [ 44ED82612403021E36998E1ECB1198F1 ] RSUSBSTOR       C:

\Windows\system32\Drivers\RtsUStor.sys
21:51:42.0506 0764  RSUSBSTOR - ok
21:51:42.0506 0764  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows

\system32\lsass.exe
21:51:42.0522 0764  SamSs - ok
21:51:42.0553 0764  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:

\Windows\system32\drivers\sbp2port.sys
21:51:42.0553 0764  sbp2port - ok
21:51:42.0584 0764  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows

\System32\SCardSvr.dll
21:51:42.0584 0764  SCardSvr - ok
21:51:42.0615 0764  [ B2F50286DC82B93C013E3FC57BA1A956 ] SCDEmu          C:

\Windows\system32\drivers\SCDEmu.sys
21:51:42.0615 0764  SCDEmu - ok
21:51:42.0646 0764  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows

\system32\DRIVERS\scfilter.sys
21:51:42.0646 0764  scfilter - ok
21:51:42.0693 0764  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows

\system32\schedsvc.dll
21:51:42.0724 0764  Schedule - ok
21:51:42.0787 0764  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:

\Windows\System32\certprop.dll
21:51:42.0787 0764  SCPolicySvc - ok
21:51:42.0818 0764  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:

\Windows\System32\SDRSVC.dll
21:51:42.0834 0764  SDRSVC - ok
21:51:42.0849 0764  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows

\system32\drivers\secdrv.sys
21:51:42.0849 0764  secdrv - ok
21:51:42.0865 0764  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows

\system32\seclogon.dll
21:51:42.0880 0764  seclogon - ok
21:51:42.0896 0764  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows

\System32\sens.dll
21:51:42.0896 0764  SENS - ok
21:51:42.0927 0764  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows

\system32\sensrsvc.dll
21:51:42.0927 0764  SensrSvc - ok
21:51:42.0943 0764  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:

\Windows\system32\DRIVERS\serenum.sys
21:51:42.0943 0764  Serenum - ok
21:51:42.0974 0764  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows

\system32\DRIVERS\serial.sys
21:51:42.0974 0764  Serial - ok
21:51:42.0990 0764  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows

\system32\DRIVERS\sermouse.sys
21:51:42.0990 0764  sermouse - ok
21:51:43.0052 0764  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:

\Windows\system32\sessenv.dll
21:51:43.0052 0764  SessionEnv - ok
21:51:43.0114 0764  [ 18A4EB256E35A6DD233C4D005835879A ] SetupARService  C:

\Program Files (x86)\Realtek\Audio\SetupAfterRebootService.exe
21:51:43.0114 0764  SetupARService - ok
21:51:43.0130 0764  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows

\system32\drivers\sffdisk.sys
21:51:43.0146 0764  sffdisk - ok
21:51:43.0161 0764  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:

\Windows\system32\drivers\sffp_mmc.sys
21:51:43.0161 0764  sffp_mmc - ok
21:51:43.0177 0764  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows

\system32\drivers\sffp_sd.sys
21:51:43.0177 0764  sffp_sd - ok
21:51:43.0192 0764  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows

\system32\DRIVERS\sfloppy.sys
21:51:43.0192 0764  sfloppy - ok
21:51:43.0239 0764  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:

\Windows\System32\ipnathlp.dll
21:51:43.0255 0764  SharedAccess - ok
21:51:43.0302 0764  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:

\Windows\System32\shsvcs.dll
21:51:43.0302 0764  ShellHWDetection - ok
21:51:43.0333 0764  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:

\Windows\system32\DRIVERS\SiSRaid2.sys
21:51:43.0333 0764  SiSRaid2 - ok
21:51:43.0364 0764  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:

\Windows\system32\DRIVERS\sisraid4.sys
21:51:43.0364 0764  SiSRaid4 - ok
21:51:43.0395 0764  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows

\system32\DRIVERS\smb.sys
21:51:43.0395 0764  Smb - ok
21:51:43.0426 0764  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:

\Windows\System32\snmptrap.exe
21:51:43.0426 0764  SNMPTRAP - ok
21:51:43.0442 0764  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows

\system32\drivers\spldr.sys
21:51:43.0442 0764  spldr - ok
21:51:43.0504 0764  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows

\System32\spoolsv.exe
21:51:43.0504 0764  Spooler - ok
21:51:43.0614 0764  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows

\system32\sppsvc.exe
21:51:43.0660 0764  sppsvc - ok
21:51:43.0676 0764  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows

\system32\sppuinotify.dll
21:51:43.0676 0764  sppuinotify - ok
21:51:43.0707 0764  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows

\system32\DRIVERS\srv.sys
21:51:43.0723 0764  srv - ok
21:51:43.0754 0764  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows

\system32\DRIVERS\srv2.sys
21:51:43.0754 0764  srv2 - ok
21:51:43.0785 0764  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows

\system32\DRIVERS\srvnet.sys
21:51:43.0785 0764  srvnet - ok
21:51:43.0816 0764  [ ED161B91FDF7EAA39469D72D463D5F4E ] sscdbus         C:

\Windows\system32\DRIVERS\sscdbus.sys
21:51:43.0832 0764  sscdbus - ok
21:51:43.0863 0764  [ 4CB09E77593DBD8D7AF33B37375CA715 ] sscdmdfl        C:\Windows

\system32\DRIVERS\sscdmdfl.sys
21:51:43.0863 0764  sscdmdfl - ok
21:51:43.0894 0764  [ C7B4CF53497A6E5363F3439427663882 ] sscdmdm         C:\Windows

\system32\DRIVERS\sscdmdm.sys
21:51:43.0894 0764  sscdmdm - ok
21:51:43.0926 0764  [ 05FFA552F578E27AB2D41B6828DB477F ] sscdserd        C:\Windows

\system32\DRIVERS\sscdserd.sys
21:51:43.0926 0764  sscdserd - ok
21:51:43.0957 0764  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:

\Windows\System32\ssdpsrv.dll
21:51:43.0972 0764  SSDPSRV - ok
21:51:43.0988 0764  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:

\Windows\system32\sstpsvc.dll
21:51:44.0004 0764  SstpSvc - ok
21:51:44.0019 0764  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows

\system32\DRIVERS\stexstor.sys
21:51:44.0019 0764  stexstor - ok
21:51:44.0050 0764  [ DECACB6921DED1A38642642685D77DAC ] StillCam        C:

\Windows\system32\DRIVERS\serscan.sys
21:51:44.0050 0764  StillCam - ok
21:51:44.0082 0764  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows

\System32\wiaservc.dll
21:51:44.0097 0764  stisvc - ok
21:51:44.0128 0764  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:

\Windows\system32\drivers\swenum.sys
21:51:44.0128 0764  swenum - ok
21:51:44.0160 0764  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows

\System32\swprv.dll
21:51:44.0175 0764  swprv - ok
21:51:44.0206 0764  [ 064A2530A4A7C7CEC1BE6A1945645BE4 ] SynTP           C:\Windows

\system32\DRIVERS\SynTP.sys
21:51:44.0206 0764  SynTP - ok
21:51:44.0284 0764  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:

\Windows\system32\sysmain.dll
21:51:44.0331 0764  SysMain - ok
21:51:44.0362 0764  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:

\Windows\System32\TabSvc.dll
21:51:44.0362 0764  TabletInputService - ok
21:51:44.0394 0764  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows

\System32\tapisrv.dll
21:51:44.0394 0764  TapiSrv - ok
21:51:44.0425 0764  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows

\System32\tbssvc.dll
21:51:44.0425 0764  TBS - ok
21:51:44.0503 0764  [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip           C:\Windows

\system32\drivers\tcpip.sys
21:51:44.0550 0764  Tcpip - ok
21:51:44.0596 0764  [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6          C:\Windows

\system32\DRIVERS\tcpip.sys
21:51:44.0612 0764  TCPIP6 - ok
21:51:44.0659 0764  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:

\Windows\system32\drivers\tcpipreg.sys
21:51:44.0659 0764  tcpipreg - ok
21:51:44.0706 0764  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows

\system32\drivers\tdpipe.sys
21:51:44.0706 0764  TDPIPE - ok
21:51:44.0721 0764  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:

\Windows\system32\drivers\tdtcp.sys
21:51:44.0737 0764  TDTCP - ok
21:51:44.0752 0764  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows

\system32\DRIVERS\tdx.sys
21:51:44.0752 0764  tdx - ok
21:51:44.0768 0764  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:

\Windows\system32\drivers\termdd.sys
21:51:44.0784 0764  TermDD - ok
21:51:44.0830 0764  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows

\System32\termsrv.dll
21:51:44.0830 0764  TermService - ok
21:51:44.0862 0764  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows

\system32\themeservice.dll
21:51:44.0862 0764  Themes - ok
21:51:44.0908 0764  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:

\Windows\system32\mmcss.dll
21:51:44.0908 0764  THREADORDER - ok
21:51:44.0924 0764  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:

\Windows\System32\trkwks.dll
21:51:44.0940 0764  TrkWks - ok
21:51:44.0971 0764  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:

\Windows\servicing\TrustedInstaller.exe
21:51:44.0986 0764  TrustedInstaller - ok
21:51:45.0018 0764  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:

\Windows\system32\DRIVERS\tssecsrv.sys
21:51:45.0018 0764  tssecsrv - ok
21:51:45.0049 0764  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:

\Windows\system32\drivers\tsusbflt.sys
21:51:45.0049 0764  TsUsbFlt - ok
21:51:45.0080 0764  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows

\system32\DRIVERS\tunnel.sys
21:51:45.0080 0764  tunnel - ok
21:51:45.0111 0764  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:

\Windows\system32\DRIVERS\uagp35.sys
21:51:45.0111 0764  uagp35 - ok
21:51:45.0127 0764  [ A17D5E1A6DF4EAB0A480F2C490DE4C9D ] UBHelper        C:

\Windows\system32\drivers\UBHelper.sys
21:51:45.0127 0764  UBHelper - ok
21:51:45.0174 0764  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows

\system32\DRIVERS\udfs.sys
21:51:45.0189 0764  udfs - ok
21:51:45.0236 0764  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:

\Windows\system32\UI0Detect.exe
21:51:45.0252 0764  UI0Detect - ok
21:51:45.0267 0764  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows

\system32\drivers\uliagpkx.sys
21:51:45.0267 0764  uliagpkx - ok
21:51:45.0298 0764  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows

\system32\drivers\umbus.sys
21:51:45.0298 0764  umbus - ok
21:51:45.0330 0764  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:

\Windows\system32\DRIVERS\umpass.sys
21:51:45.0330 0764  UmPass - ok
21:51:45.0392 0764  [ F9EC9ACD504D823D9B9CA98A4F8D3CA2 ] Updater Service C:

\Program Files\Acer\Acer Updater\UpdaterService.exe
21:51:45.0392 0764  Updater Service - ok
21:51:45.0423 0764  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:

\Windows\System32\upnphost.dll
21:51:45.0423 0764  upnphost - ok
21:51:45.0470 0764  [ C9E9D59C0099A9FF51697E9306A44240 ] USBAAPL64       C:

\Windows\system32\Drivers\usbaapl64.sys
21:51:45.0470 0764  USBAAPL64 - ok
21:51:45.0517 0764  [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio        C:

\Windows\system32\drivers\usbaudio.sys
21:51:45.0517 0764  usbaudio - ok
21:51:45.0548 0764  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows

\system32\DRIVERS\usbccgp.sys
21:51:45.0548 0764  usbccgp - ok
21:51:45.0579 0764  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows

\system32\drivers\usbcir.sys
21:51:45.0595 0764  usbcir - ok
21:51:45.0610 0764  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows

\system32\DRIVERS\usbehci.sys
21:51:45.0610 0764  usbehci - ok
21:51:45.0642 0764  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows

\system32\DRIVERS\usbhub.sys
21:51:45.0657 0764  usbhub - ok
21:51:45.0688 0764  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows

\system32\drivers\usbohci.sys
21:51:45.0688 0764  usbohci - ok
21:51:45.0704 0764  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows

\system32\DRIVERS\usbprint.sys
21:51:45.0704 0764  usbprint - ok
21:51:45.0735 0764  [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan         C:

\Windows\system32\DRIVERS\usbscan.sys
21:51:45.0735 0764  usbscan - ok
21:51:45.0751 0764  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:

\Windows\system32\DRIVERS\USBSTOR.SYS
21:51:45.0766 0764  USBSTOR - ok
21:51:45.0782 0764  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows

\system32\DRIVERS\usbuhci.sys
21:51:45.0782 0764  usbuhci - ok
21:51:45.0813 0764  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\Windows

\System32\Drivers\usbvideo.sys
21:51:45.0813 0764  usbvideo - ok
21:51:45.0829 0764  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:

\Windows\System32\uxsms.dll
21:51:45.0829 0764  UxSms - ok
21:51:45.0844 0764  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows

\system32\lsass.exe
21:51:45.0860 0764  VaultSvc - ok
21:51:45.0860 0764  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows

\system32\drivers\vdrvroot.sys
21:51:45.0860 0764  vdrvroot - ok
21:51:45.0907 0764  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows

\System32\vds.exe
21:51:45.0922 0764  vds - ok
21:51:45.0954 0764  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows

\system32\DRIVERS\vgapnp.sys
21:51:45.0954 0764  vga - ok
21:51:45.0969 0764  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:

\Windows\System32\drivers\vga.sys
21:51:45.0969 0764  VgaSave - ok
21:51:46.0000 0764  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:

\Windows\system32\drivers\vhdmp.sys
21:51:46.0000 0764  vhdmp - ok
21:51:46.0032 0764  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows

\system32\drivers\viaide.sys
21:51:46.0032 0764  viaide - ok
21:51:46.0047 0764  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows

\system32\drivers\volmgr.sys
21:51:46.0047 0764  volmgr - ok
21:51:46.0094 0764  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows

\system32\drivers\volmgrx.sys
21:51:46.0094 0764  volmgrx - ok
21:51:46.0156 0764  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows

\system32\drivers\volsnap.sys
21:51:46.0172 0764  volsnap - ok
21:51:46.0188 0764  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows

\system32\DRIVERS\vsmraid.sys
21:51:46.0188 0764  vsmraid - ok
21:51:46.0250 0764  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows

\system32\vssvc.exe
21:51:46.0297 0764  VSS - ok
21:51:46.0344 0764  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows

\system32\DRIVERS\vwifibus.sys
21:51:46.0344 0764  vwifibus - ok
21:51:46.0359 0764  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows

\system32\DRIVERS\vwififlt.sys
21:51:46.0359 0764  vwififlt - ok
21:51:46.0390 0764  [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp         C:

\Windows\system32\DRIVERS\vwifimp.sys
21:51:46.0390 0764  vwifimp - ok
21:51:46.0422 0764  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows

\system32\w32time.dll
21:51:46.0437 0764  W32Time - ok
21:51:46.0453 0764  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:

\Windows\system32\DRIVERS\wacompen.sys
21:51:46.0468 0764  WacomPen - ok
21:51:46.0484 0764  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:

\Windows\system32\DRIVERS\wanarp.sys
21:51:46.0484 0764  WANARP - ok
21:51:46.0500 0764  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows

\system32\DRIVERS\wanarp.sys
21:51:46.0500 0764  Wanarpv6 - ok
21:51:46.0515 0764  wanatw - ok
21:51:46.0578 0764  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:

\Windows\system32\Wat\WatAdminSvc.exe
21:51:46.0609 0764  WatAdminSvc - ok
21:51:46.0671 0764  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:

\Windows\system32\wbengine.exe
21:51:46.0702 0764  wbengine - ok
21:51:46.0734 0764  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:

\Windows\System32\wbiosrvc.dll
21:51:46.0734 0764  WbioSrvc - ok
21:51:46.0765 0764  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:

\Windows\System32\wcncsvc.dll
21:51:46.0765 0764  wcncsvc - ok
21:51:46.0796 0764  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:

\Windows\System32\WcsPlugInService.dll
21:51:46.0796 0764  WcsPlugInService - ok
21:51:46.0796 0764  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows

\system32\DRIVERS\wd.sys
21:51:46.0796 0764  Wd - ok
21:51:46.0858 0764  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:

\Windows\system32\drivers\Wdf01000.sys
21:51:46.0858 0764  Wdf01000 - ok
21:51:46.0874 0764  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:

\Windows\system32\wdi.dll
21:51:46.0890 0764  WdiServiceHost - ok
21:51:46.0890 0764  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:

\Windows\system32\wdi.dll
21:51:46.0890 0764  WdiSystemHost - ok
21:51:46.0921 0764  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:

\Windows\System32\webclnt.dll
21:51:46.0921 0764  WebClient - ok
21:51:46.0952 0764  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows

\system32\wecsvc.dll
21:51:46.0952 0764  Wecsvc - ok
21:51:46.0983 0764  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:

\Windows\System32\wercplsupport.dll
21:51:46.0983 0764  wercplsupport - ok
21:51:46.0999 0764  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows

\System32\WerSvc.dll
21:51:46.0999 0764  WerSvc - ok
21:51:47.0014 0764  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows

\system32\DRIVERS\wfplwf.sys
21:51:47.0014 0764  WfpLwf - ok
21:51:47.0046 0764  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:

\Windows\system32\drivers\wimmount.sys
21:51:47.0046 0764  WIMMount - ok
21:51:47.0061 0764  WinDefend - ok
21:51:47.0077 0764  WinHttpAutoProxySvc - ok
21:51:47.0139 0764  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows

\system32\wbem\WMIsvc.dll
21:51:47.0155 0764  Winmgmt - ok
21:51:47.0217 0764  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows

\system32\WsmSvc.dll
21:51:47.0264 0764  WinRM - ok
21:51:47.0326 0764  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows

\system32\DRIVERS\WinUsb.sys
21:51:47.0326 0764  WinUsb - ok
21:51:47.0404 0764  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows

\System32\wlansvc.dll
21:51:47.0436 0764  Wlansvc - ok
21:51:47.0607 0764  [ 357CABBF155AFD1D3926E62539D2A3A7 ] wlidsvc         C:\Program

Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
21:51:47.0654 0764  wlidsvc - ok
21:51:47.0685 0764  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows

\system32\drivers\wmiacpi.sys
21:51:47.0685 0764  WmiAcpi - ok
21:51:47.0732 0764  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:

\Windows\system32\wbem\WmiApSrv.exe
21:51:47.0732 0764  wmiApSrv - ok
21:51:47.0732 0764  WMPNetworkSvc - ok
21:51:47.0810 0764  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:

\Windows\System32\wpcsvc.dll
21:51:47.0810 0764  WPCSvc - ok
21:51:47.0857 0764  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:

\Windows\system32\wpdbusenum.dll
21:51:47.0857 0764  WPDBusEnum - ok
21:51:47.0888 0764  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows

\system32\drivers\ws2ifsl.sys
21:51:47.0888 0764  ws2ifsl - ok
21:51:47.0904 0764  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows

\System32\wscsvc.dll
21:51:47.0904 0764  wscsvc - ok
21:51:47.0950 0764  [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice  C:

\Windows\system32\DRIVERS\WSDPrint.sys
21:51:47.0950 0764  WSDPrintDevice - ok
21:51:47.0950 0764  WSearch - ok
21:51:48.0060 0764  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:

\Windows\system32\wuaueng.dll
21:51:48.0138 0764  wuauserv - ok
21:51:48.0184 0764  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows

\system32\drivers\WudfPf.sys
21:51:48.0184 0764  WudfPf - ok
21:51:48.0216 0764  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:

\Windows\system32\DRIVERS\WUDFRd.sys
21:51:48.0216 0764  WUDFRd - ok
21:51:48.0262 0764  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows

\System32\WUDFSvc.dll
21:51:48.0262 0764  wudfsvc - ok
21:51:48.0278 0764  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:

\Windows\System32\wwansvc.dll
21:51:48.0294 0764  WwanSvc - ok
21:51:48.0309 0764  ================ Scan global ===============================
21:51:48.0372 0764  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows

\system32\basesrv.dll
21:51:48.0418 0764  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows

\system32\winsrv.dll
21:51:48.0434 0764  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows

\system32\winsrv.dll
21:51:48.0512 0764  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows

\system32\sxssrv.dll
21:51:48.0543 0764  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows

\system32\services.exe
21:51:48.0559 0764  [Global] - ok
21:51:48.0559 0764  ================ Scan MBR

==================================
21:51:48.0574 0764  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
21:51:49.0027 0764  \Device\Harddisk0\DR0 - ok
21:51:49.0027 0764  ================ Scan VBR

==================================
21:51:49.0027 0764  [ 1DF9F58A65D9370287D84940E02998C8 ] \Device

\Harddisk0\DR0\Partition1
21:51:49.0043 0764  \Device\Harddisk0\DR0\Partition1 - ok
21:51:49.0058 0764  [ 4188EA1704987EFAB60FB801C0C64A12 ] \Device

\Harddisk0\DR0\Partition2
21:51:49.0074 0764  \Device\Harddisk0\DR0\Partition2 - ok
21:51:49.0074 0764  

============================================================
21:51:49.0074 0764  Scan finished
21:51:49.0074 0764  

============================================================
21:51:49.0089 2480  Detected object count: 0
21:51:49.0089 2480  Actual detected object count: 0
21:51:57.0701 3644  Deinitialize success


AdwCleaner

# AdwCleaner v2.200 - Logfile created 04/02/2013 at 21:55:37
# Updated 02/04/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Carrie - CARRIE-PC
# Boot Mode : Normal
# Running from : C:\Users\Carrie\Desktop\AdwCleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.7601.17514

[OK] Registry is clean.

-\\ Mozilla Firefox v20.0 (en-US)

File : C:\Users\Carrie\AppData\Roaming\Mozilla\Firefox\Profiles\an7dionc.default\prefs.js

Deleted : user_pref("xkit.xinbox", "//* VERSION 4.8 REV A **//\r\n//* INTERVAL 0 **//\r\n//* TITLE

XInbox 4.8 [...]
Deleted : user_pref("xkit.xinbox_icon",

"data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAACAAAAAgCAYAAABzenr0AAA

[...]
Deleted : user_pref("xkit.xkit_installed_extensions",

"xkit_main,xkit_required,xkit_preferences,xkit_update_ma[...]
Deleted : user_pref("xkit.xkit_installer", "//* VERSION 6.1 REV A **//\r\n// XKit Installer\r\n// Installs

XKi[...]
Deleted : user_pref("xkit.xkit_log", "NaNxkit_update_manager</b>:<p>Update Manager 6.0 REV

F Working...</p></l[...]
Deleted : user_pref("xkit.xquickasks", "//* VERSION 3.0 REV D **//\r\n//* TITLE Quick Asks **//\r

\n//* DESCRIP[...]
Deleted : user_pref("xkit.xquickasks_icon",

"data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAACAAAAAgCAYAAABzenr[...]

*************************

AdwCleaner[R1].txt - [6995 octets] - [02/04/2013 17:54:24]
AdwCleaner[S1].txt - [7087 octets] - [02/04/2013 17:56:57]
AdwCleaner[S2].txt - [1589 octets] - [02/04/2013 21:55:37]

########## EOF - C:\AdwCleaner[S2].txt - [1649 octets] ##########


ESET

ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=45e11613b522ef4bb33474e5cf21de91
# engine=13535
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2013-04-03 04:05:24
# local_time=2013-04-03 12:05:24 (-0500, Eastern Daylight Time)
# country="United States"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1279 16777215 0 0 0 0 0 0
# compatibility_mode=5893 16776573 100 94 0 116505374 0 0
# scanned=368008
# found=3
# cleaned=0
# scan_time=7347
sh=81C2C3354F11ECE49D7667538CEFE9F2B2395319 ft=1 fh=cca4b3788ffc60aa vn="a variant of Win32/Bundled.Toolbar.Ask application" ac=I fn="C:\Program Files (x86)\Common Files\DVDVideoSoft\AskTB\ApnIC.dll"
sh=99DD33D629341F95D9853B1E63FCE454EC654560 ft=1 fh=08803d4e54260720 vn="a variant of Win32/Bundled.Toolbar.Ask application" ac=I fn="C:\Program Files (x86)\Common Files\DVDVideoSoft\AskTB\ApnToolbarInstaller.exe"
sh=A77DAB0CC1A063A0AC9B44E94E12FA6598810723 ft=0 fh=0000000000000000 vn="a variant of Win32/Bunndle application" ac=I fn="C:\Program Files (x86)\Vuze\bunndle.zip"
 



#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,220 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:06:10 PM

Posted 03 April 2013 - 10:08 AM

Hi Carrrie, did you put the check in the box at step 7 of ESET..

7. Under scan settings, check "Scan Archives" and "Remove found threats"

 

The log says

 found=3
cleaned=0
# scan_time=7347
sh=81C2C3354F11ECE49D7667538CEFE9F2B2395319 ft=1 fh=cca4b3788ffc60aa vn="a variant of Win32/Bundled.Toolbar.Ask application" ac=I fn="C:\Program Files (x86)\Common Files\DVDVideoSoft\AskTB\ApnIC.dll"
sh=99DD33D629341F95D9853B1E63FCE454EC654560 ft=1 fh=08803d4e54260720 vn="a variant of Win32/Bundled.Toolbar.Ask application" ac=I fn="C:\Program Files (x86)\Common Files\DVDVideoSoft\AskTB\ApnToolbarInstaller.exe"
sh=A77DAB0CC1A063A0AC9B44E94E12FA6598810723 ft=0 fh=0000000000000000 vn="a variant of Win32/Bunndle application" ac=I fn="C:\Program Files (x86)\Vuze\bunndle.zip


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 omgimcarrie

omgimcarrie
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:06:10 PM

Posted 03 April 2013 - 11:35 AM

Yes, I did. I followed the directions exactly. I'm redoing the ESET scan again right now, just in case, and will post the results as soon as they're done.



#6 omgimcarrie

omgimcarrie
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:06:10 PM

Posted 03 April 2013 - 01:05 PM

Here's the ESET again and it still didn't "clean" the threats although I ticked the proper choices.

 

C:\Program Files (x86)\Common Files\DVDVideoSoft\AskTB\ApnIC.dll    a variant of Win32/Bundled.Toolbar.Ask application    
C:\Program Files (x86)\Common Files\DVDVideoSoft\AskTB\ApnToolbarInstaller.exe    a variant of Win32/Bundled.Toolbar.Ask application    
C:\Program Files (x86)\Vuze\bunndle.zip    a variant of Win32/Bunndle application    
 



#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,220 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:06:10 PM

Posted 03 April 2013 - 02:31 PM

Ugh!! then there is something worse inside and we have to find it..

 Please follow this Preparation Guide . Do steps 6,7,8, and post in a new topic. Titled ESET won't remove infections.

 

Let me know if all went well.


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users