Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Another "MSSE seems to have disappeared..." I think


  • Please log in to reply
72 replies to this topic

#1 seth815

seth815

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Local time:09:51 AM

Posted 20 June 2013 - 09:03 AM

Hello, this is my first post.  I run Windows Vista (x32) on an Acer Aspire 6920G laptop.

 

I have encountered a problem which seems very similar to the one in this thread:

http://www.bleepingcomputer.com/forums/t/494163/msse-seems-to-have-disappeared/

 

which is eventually resolved in this thread:

http://www.bleepingcomputer.com/forums/t/494269/havehad-trojan0access-can-reinstall-msse

 

 

Details:

 

Early this morning I attempted to save an image with Firefox, and even though it seemed to download, the file itself was missing.

 

After googling around I found it to be an issue with Microsoft Security Essentials not functioning currectly, and so Firefox (and also Chrome) was deleting the files as soon as they had downloaded.

 

(I was able to download again after disabling Windows' security policy in the registry - a temporary solution if there ever was one)

 

I hadn't noticed, but sure enough, the MSE icon was missing from the taskbar and the option to "scan with microsoft security essentials" was missing from the right-click menu.

 

I opened My Computer and went in search of C:\Program Files\Microsoft Security Client and - uh oh - all the files in that folder have been replaced by shortcuts. The same is true of the Windows Defender folder. The non-antivirus folders seem normal, however.

 

I rebooted into Safe Mode and ran Malwarebytes, which detected and removed several threats (I still have the logs, if needed), but the MSE files are still shortcuts.

 

I tried to uninstall MSE from the Control Panel, with the intention of installing a Kaspersky trial, but encountered a "You do not have sufficient access to uninstall Microsoft Security Essentials." error, even though I am the system administrator

 

 

Looking at the 7 long pages of trial and error in the other thread, I'm a little concerned, but they did eventually manage to solve the issue. I would message user JSntgRvr who helped the fellow in the other thread, but he appears to be offline.

 

Could someone help me out?


Edited by Orange Blossom, 20 June 2013 - 04:27 PM.
Moved to log forum. ~ OB


BC AdBot (Login to Remove)

 


#2 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,931 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:04:51 AM

Posted 20 June 2013 - 11:02 AM

:welcome:

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#3 seth815

seth815
  • Topic Starter

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Local time:09:51 AM

Posted 20 June 2013 - 11:45 AM

Thank you so much!! Here is the scan result:

 

~~~~~~~~~~

 

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 20-06-2013
Ran by Mike (administrator) on 20-06-2013 17:34:53
Running from C:\Users\Mike\Desktop
Microsoft® Windows Vista™ Home Premium  Service Pack 1 (X86) OS Language: English(US)
Internet Explorer Version 7
Boot Mode: Safe Mode (with Networking)

==================== Processes (Whitelisted) ===================

(Microsoft Corporation) C:\Windows\system32\wbem\unsecapp.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] RtHDVCpl.exe [x]
HKLM\...\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1033512 2008-01-18] (Synaptics, Inc.)
HKLM\...\Run: [ePower_DMC] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe [397312 2008-03-12] (Acer Inc.)
HKLM\...\Run: [eDataSecurity Loader] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe [526896 2008-03-05] (Egis Incorporated)
HKLM\...\Run: [eAudio] "C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe" [544768 2008-03-07] (Acer Incorporated)
HKLM\...\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup [13527584 2008-03-07] (NVIDIA Corporation)
HKLM\...\Run: [ZPdtWzdVitaKey MC3000] "C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe" show [3642368 2009-08-01] (Arachnoid Biometrics Identification Group Corp.)
HKLM\...\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe [805384 2008-03-13] (Dritek System Inc.)
HKLM\...\Run: [eRecoveryService]  [x]
HKLM\...\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM\...\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59280 2012-11-28] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" [421776 2012-09-10] (Apple Inc.)
Winlogon\Notify\AWinNotifyVitaKey MC3000: C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll [X]
HKLM\...D6A79037F57F\InprocServer32: [Default-fastprox] fastprox.dll ATTENTION! ====> ZeroAccess
HKCU\...\Run: [Google Update] "C:\Users\Mike\AppData\Local\Google\Update\GoogleUpdate.exe" /c [136176 2010-05-09] (Google Inc.)
HKCR\...409d6c4515e9\InprocServer32: [Default-shell32] C:\$Recycle.Bin\S-1-5-21-1454010757-150385511-3650685186-1000\$b0d49e572500678cdcf4298b9b2c8514\n. ATTENTION! ====> ZeroAccess
HKCU\...\Policies\system: [disableregistrytools] 0
HKU\Default\...\RunOnce: [AcerScrSav]  [x]
HKU\Default User\...\RunOnce: [AcerScrSav]  [x]

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://en.uk.acer.yahoo.com
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKLM SearchScopes: DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
HKCU SearchScopes: DefaultScope {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = http://uk.search.yahoo.com/search?p={searchTerms}&fr=chr-acer
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKCU - {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = http://uk.search.yahoo.com/search?p={searchTerms}&fr=chr-acer
BHO: No Name - {02478D38-C3F9-4efb-9B51-7695ECA05670} -  No File
BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll (Egis)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\u9dlhr6r.default
FF Homepage: hxxp://www.google.co.uk/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.9.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.9.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Extension: British English Dictionary - C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\u9dlhr6r.default\Extensions\en-GB@dictionaries.addons.mozilla.org
FF Extension: Ghostery - C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\u9dlhr6r.default\Extensions\firefox@ghostery.com
FF Extension: DownloadHelper - C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\u9dlhr6r.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF Extension: No Name - C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\u9dlhr6r.default\Extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}.xpi
FF Extension: No Name - C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\u9dlhr6r.default\Extensions\{b749fc7c-e949-447f-926c-3f4eed6accfe}.xpi
FF Extension: No Name - C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\u9dlhr6r.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

Chrome:
=======
CHR HomePage: hxxp://www.google.co.uk/
CHR RestoreOnStartup: "hxxp://www.google.co.uk/"
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Users\Mike\AppData\Local\Google\Chrome\Application\27.0.1453.110\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Mike\AppData\Local\Google\Chrome\Application\27.0.1453.110\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Mike\AppData\Local\Google\Chrome\Application\27.0.1453.110\pdf.dll ()
CHR Plugin: (2007 Microsoft Office system) - C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Picasa) - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Java™ Platform SE 7 U9) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll No File
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Google Update) - C:\Users\Mike\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (Windows Presentation Foundation) - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
CHR Plugin: (Java Deployment Toolkit 7.0.90.5) - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
CHR Extension: (YouTube) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Chrome YouTube Downloader) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbdjiinahkdjdcdlgfimlcolkjpbooja\2.6.15_0
CHR Extension: (Adblock Plus) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.4.1_0
CHR Extension: (Google Search) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Empty New Tab Page) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpjamkmjmigaoobjbekmfgabipmfilij\1.1.1_0
CHR Extension: (FlashBlock) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\gofhjkjmkpinhpoiabjplobcaignabnl\0.9.31
CHR Extension: (Late Night) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgbdhkpacgdhfabeceekiafonfkipohm\1.0
CHR Extension: (Gmail) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1

========================== Services (Whitelisted) =================

S2 ETService; C:\Program Files\Acer\Empowering Technology\Service\ETService.exe [24576 2008-03-07] ()
S2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 MobilityService; C:\Acer\Mobility Center\MobilityService.exe [110592 2007-12-07] ()
S2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [11552 2012-03-26] ()
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [214952 2012-03-26] ()
S2 RS_Service; C:\Program Files\Acer\Acer VCM\RS_Service.exe [233472 2008-01-10] (Acer Incorporated)
S4 0176911337746244mcinstcleanup; C:\Users\Mike\AppData\Local\Temp\0176911337746244mcinst.exe C:\PROGRA~1\COMMON~1\McAfee\INSTAL~1\cleanup.ini -cleanup -nolog -service [x]

==================== Drivers (Whitelisted) ====================

R0 AlfaFF; C:\Windows\System32\Drivers\AlfaFF.sys [43184 2009-08-01] (Alfa Corporation)
S1 DritekPortIO; C:\PROGRA~1\LAUNCH~1\DPortIO.sys [20112 2006-11-02] (Dritek System Inc.)
S2 int15; C:\Windows\system32\drivers\int15.sys [69632 2007-01-26] ()
R3 itecir; C:\Windows\System32\DRIVERS\itecir.sys [54784 2007-12-19] (ITE Tech. Inc. )
R3 L1E; C:\Windows\System32\DRIVERS\L1E60x86.sys [48640 2009-06-29] (Atheros Communications, Inc.)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
S0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [171064 2012-03-20] (Microsoft Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [477240 2013-01-15] (Duplex Secure Ltd.)
S2 {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054}; C:\Program Files\CyberLink\PowerDVD8\000.fcl [41456 2008-08-08] (Cyberlink Corp.)
S3 btwaudio; system32\drivers\btwaudio.sys [x]
S3 btwavdt; system32\drivers\btwavdt.sys [x]
S3 btwrchid; system32\DRIVERS\btwrchid.sys [x]
S3 catchme; \??\C:\Users\Mike\AppData\Local\Temp\catchme.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 N; \??\C:\Program Files\NewTech Infosystems\NTI Media Maker 8\NTI Ripper Suite\ [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-06-20 17:34 - 2013-06-20 17:34 - 00000000 ____D C:\FRST
2013-06-20 17:33 - 2013-06-20 17:33 - 01368263 ____A (Farbar) C:\Users\Mike\Desktop\FRST.exe
2013-06-20 14:00 - 2013-06-20 14:00 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-06-20 13:46 - 2013-06-20 13:46 - 11091432 ____A (Microsoft Corporation) C:\Users\Mike\Desktop\mseinstall.exe
2013-06-20 11:18 - 2013-06-20 11:20 - 182090200 ____A (Kaspersky Lab ZAO) C:\Users\Mike\Desktop\kav13.0.1.4190abcdefgEN_4539.exe
2013-06-20 11:15 - 2013-06-20 11:15 - 21289608 ____A (Mozilla) C:\Users\Mike\Desktop\Firefox Setup 21.0.exe
2013-06-20 11:06 - 2012-09-02 15:38 - 00000000 ____D C:\Users\Mike\Desktop\Mapkeyboard
2013-06-20 10:35 - 2013-06-20 10:35 - 00000910 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-06-20 10:35 - 2013-06-20 10:35 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-06-20 10:35 - 2013-04-04 14:50 - 00022856 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2013-06-20 10:33 - 2013-06-20 10:33 - 10285040 ____A (Malwarebytes Corporation                                    ) C:\Users\Mike\Desktop\mbam-setup-1.75.0.1300.exe
2013-06-20 09:31 - 2013-06-20 09:31 - 00000000 ___HD C:\Windows\PIF
2013-06-18 21:23 - 2013-06-20 10:45 - 00000000 ____D C:\Users\Mike\AppData\Roaming\Idywar
2013-06-18 21:23 - 2013-06-20 09:26 - 00000000 ____D C:\Users\Mike\AppData\Roaming\Ceik
2013-06-18 21:23 - 2013-06-18 21:23 - 00000000 ____D C:\Users\Mike\AppData\Roaming\Ificda
2013-06-16 16:54 - 2013-06-16 17:09 - 00000000 ____D C:\Users\Mike\Desktop\New Folder
2013-06-16 16:53 - 2013-06-16 16:53 - 00510632 ____A C:\Windows\System32\GDIPFONTCACHEV1.DAT
2013-06-09 12:58 - 2013-06-09 14:40 - 00000000 ____D C:\Users\Mike\Desktop\slowdive - morningrise
2013-05-31 08:45 - 2013-06-04 12:38 - 00000000 ____D C:\Users\Mike\Desktop\Les_Miserables-Deluxe_Edition-OST-2CD-2013-MTD
2013-05-30 20:55 - 2013-06-13 17:10 - 00002935 ____A C:\Users\Mike\Documents\UserPreferences.ini
2013-05-29 13:53 - 2013-05-29 13:53 - 00000881 ____A C:\Users\Mike\Desktop\VLC.lnk

==================== One Month Modified Files and Folders ========

2013-06-20 17:34 - 2013-06-20 17:34 - 00000000 ____D C:\FRST
2013-06-20 17:33 - 2013-06-20 17:33 - 01368263 ____A (Farbar) C:\Users\Mike\Desktop\FRST.exe
2013-06-20 15:39 - 2006-11-02 11:33 - 00712264 ____A C:\Windows\System32\PerfStringBackup.INI
2013-06-20 15:34 - 2008-01-21 03:47 - 06629740 ____A C:\Windows\PFRO.log
2013-06-20 15:33 - 2009-08-02 01:26 - 01545705 ____A C:\Windows\WindowsUpdate.log
2013-06-20 15:33 - 2006-11-02 14:01 - 00032644 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2013-06-20 15:33 - 2006-11-02 14:01 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-06-20 15:31 - 2012-05-23 05:57 - 00027744 ____A C:\ProgramData\nvModes.001
2013-06-20 15:31 - 2012-05-23 05:49 - 00027744 ____A C:\ProgramData\nvModes.dat
2013-06-20 15:31 - 2009-08-01 17:48 - 00000000 ____A C:\Windows\System32\LogConfigTemp.xml
2013-06-20 15:31 - 2006-11-02 13:47 - 00003216 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-06-20 15:31 - 2006-11-02 13:47 - 00003216 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-06-20 14:00 - 2013-06-20 14:00 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-06-20 14:00 - 2009-08-01 18:16 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-06-20 13:46 - 2013-06-20 13:46 - 11091432 ____A (Microsoft Corporation) C:\Users\Mike\Desktop\mseinstall.exe
2013-06-20 13:19 - 2009-11-30 12:31 - 00000000 ____D C:\Windows\RegisteredPackages
2013-06-20 11:20 - 2013-06-20 11:18 - 182090200 ____A (Kaspersky Lab ZAO) C:\Users\Mike\Desktop\kav13.0.1.4190abcdefgEN_4539.exe
2013-06-20 11:15 - 2013-06-20 11:15 - 21289608 ____A (Mozilla) C:\Users\Mike\Desktop\Firefox Setup 21.0.exe
2013-06-20 10:45 - 2013-06-18 21:23 - 00000000 ____D C:\Users\Mike\AppData\Roaming\Idywar
2013-06-20 10:35 - 2013-06-20 10:35 - 00000910 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-06-20 10:35 - 2013-06-20 10:35 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-06-20 10:33 - 2013-06-20 10:33 - 10285040 ____A (Malwarebytes Corporation                                    ) C:\Users\Mike\Desktop\mbam-setup-1.75.0.1300.exe
2013-06-20 10:08 - 2009-08-01 19:33 - 00001356 ____A C:\Users\Mike\AppData\Local\d3d9caps.dat
2013-06-20 09:32 - 2012-05-24 00:16 - 00000000 ____D C:\Program Files\Microsoft Security Client
2013-06-20 09:31 - 2013-06-20 09:31 - 00000000 ___HD C:\Windows\PIF
2013-06-20 09:26 - 2013-06-18 21:23 - 00000000 ____D C:\Users\Mike\AppData\Roaming\Ceik
2013-06-20 09:23 - 2011-03-13 21:54 - 00000258 _RASH C:\ProgramData\ntuser.pol
2013-06-20 09:19 - 2009-08-01 18:54 - 00000000 ____D C:\Users\Mike\AppData\Local\Last.fm
2013-06-20 08:37 - 2010-05-09 20:21 - 00000904 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1454010757-150385511-3650685186-1000UA.job
2013-06-20 05:51 - 2009-08-01 19:26 - 00000000 ____D C:\Users\Mike\AppData\Roaming\vlc
2013-06-19 03:37 - 2010-05-09 20:21 - 00000852 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1454010757-150385511-3650685186-1000Core.job
2013-06-18 21:23 - 2013-06-18 21:23 - 00000000 ____D C:\Users\Mike\AppData\Roaming\Ificda
2013-06-18 20:15 - 2009-08-01 19:26 - 00044032 ____A C:\Users\Mike\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-06-16 17:45 - 2012-05-26 19:50 - 00000000 ____D C:\Users\Mike\AppData\Roaming\Mp3tag
2013-06-16 17:09 - 2013-06-16 16:54 - 00000000 ____D C:\Users\Mike\Desktop\New Folder
2013-06-16 16:53 - 2013-06-16 16:53 - 00510632 ____A C:\Windows\System32\GDIPFONTCACHEV1.DAT
2013-06-16 16:53 - 2012-10-07 18:32 - 02864560 ____A C:\Windows\System32\FNTCACHE.DAT
2013-06-16 16:52 - 2009-08-01 17:39 - 00008224 ____A C:\Users\Mike\AppData\Local\GDIPFONTCACHEV1.DAT
2013-06-15 23:16 - 2012-02-14 21:29 - 00000000 ____D C:\Users\Mike\Desktop\Music 2
2013-06-13 17:10 - 2013-05-30 20:55 - 00002935 ____A C:\Users\Mike\Documents\UserPreferences.ini
2013-06-12 18:46 - 2009-08-19 20:01 - 00000000 ____D C:\Users\Mike\Desktop\Songs
2013-06-09 14:40 - 2013-06-09 12:58 - 00000000 ____D C:\Users\Mike\Desktop\slowdive - morningrise
2013-06-08 22:34 - 2009-08-01 19:35 - 00000000 ____D C:\Users\Mike\AppData\Roaming\Azureus
2013-06-06 12:44 - 2011-08-20 16:39 - 00000000 ____D C:\Users\Mike\Desktop\download
2013-06-04 12:38 - 2013-05-31 08:45 - 00000000 ____D C:\Users\Mike\Desktop\Les_Miserables-Deluxe_Edition-OST-2CD-2013-MTD
2013-06-01 03:14 - 2009-09-15 04:18 - 00000000 ____D C:\Users\Mike\Desktop\Recordings
2013-05-30 22:33 - 2010-09-19 13:06 - 00000000 ____D C:\Users\Mike\AppData\Local\Turbine
2013-05-29 13:53 - 2013-05-29 13:53 - 00000881 ____A C:\Users\Mike\Desktop\VLC.lnk
2013-05-29 13:53 - 2012-07-22 13:07 - 00000000 ____D C:\Users\Mike\AppData\Roaming\dvdcss
2013-05-27 02:04 - 2011-05-27 16:51 - 00000000 ____D C:\Users\Mike\AppData\Local\DVD Profiler
2013-05-27 02:03 - 2011-05-27 16:46 - 00000000 ____D C:\Users\Mike\Documents\DVD Profiler
2013-05-24 16:17 - 2010-05-22 04:51 - 00000000 ____D C:\Program Files\JDownloader
2013-05-24 04:53 - 2009-10-15 19:52 - 00000510 ____A C:\Windows\WORDPAD.INI
2013-05-23 19:27 - 2011-02-17 20:41 - 00000000 ____D C:\Program Files\Microsoft Silverlight

ZeroAccess:
C:\$Recycle.Bin\S-1-5-21-1454010757-150385511-3650685186-1000\$b0d49e572500678cdcf4298b9b2c8514

ZeroAccess:
C:\$Recycle.Bin\S-1-5-18\$b0d49e572500678cdcf4298b9b2c8514

Files to move or delete:
====================
C:\ProgramData\nvModes.dat

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
C:\Program Files\Windows Defender\mpsvc.dll => ATTENTION: ZeroAccess. Use DeleteJunctionsIndirectory: C:\Program Files\Windows Defender
C:\Program Files\Microsoft Security Client\MsMpEng.exe => ATTENTION: ZeroAccess. Use DeleteJunctionsIndirectory: C:\Program Files\Microsoft Security Client


LastRegBack: 2013-06-20 15:54

==================== End Of Log ============================

 

 

 

 

 

~~~~

 

I can't see how to attach a file. Can I copy/paste the addition.txt here as well?

 



#4 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,931 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:04:51 AM

Posted 20 June 2013 - 02:00 PM

Lets try this fix:

Open notepad. Please copy the entire contents of the quote box below. (To do this highlight the contents of the box, right click on it and select copy. Right-click in the open notepad and select Paste). Save it next to FRST as fixlist.txt

start
HKLM\...D6A79037F57F\InprocServer32: [Default-fastprox] fastprox.dll ATTENTION! ====> ZeroAccess
HKCR\...409d6c4515e9\InprocServer32: [Default-shell32] C:\$Recycle.Bin\S-1-5-21-1454010757-150385511-3650685186-1000\$b0d49e572500678cdcf4298b9b2c8514\n. ATTENTION! ====> ZeroAccess
HKCU\...\Policies\system: [disableregistrytools] 0
HKU\Default\...\RunOnce: [AcerScrSav]  [x]
HKU\Default User\...\RunOnce: [AcerScrSav]  [x]
C:\$Recycle.Bin\S-1-5-21-1454010757-150385511-3650685186-1000\$b0d49e572500678cdcf4298b9b2c8514
C:\$Recycle.Bin\S-1-5-18\$b0d49e572500678cdcf4298b9b2c8514
C:\ProgramData\nvModes.dat
DeleteJunctionsIndirectory: C:\Program Files\Windows Defender
DeleteJunctionsIndirectory: C:\Program Files\Microsoft Security Client
end

 



NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST as you did before, except this time around click on the Fix button just once and wait.

The tool will make a log next to FRST (Fixlog.txt) please post it to your reply. If FRST does not restart the computer, manually restart it.
 

If successful, follow these steps:

Download AdwCleaner from here to your desktop
Run AdwCleaner and select Delete

AdwCleaner.GIF

Once done it will ask to reboot, allow this.

On reboot a log will be produced at C:\ADWCleaner[XX].txt please post it in your next reply.

Please download the latest version of TDSSKiller from here and save it to your Desktop.

  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
    image000q.png
  • Put a checkmark beside loaded modules.
    2012081514h0118.png
  • A reboot will be needed to apply the changes. Do it.
  • TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
  • Then click on Change parameters in TDSSKiller.
  • Check all boxes then click OK.
    2012081517h0349.png
  • Click the Start Scan button.
    19695967.jpg
  • The scan should take no longer than 2 minutes.
  • If a suspicious object is detected, the default action will be Skip, click on Continue.
    67776163.jpg
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
    Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    62117367.jpg
    Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
  • A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

bf_new.gif Please download Malwarebytes' Anti-Malware from Here. Never download Malwarebytes' Anti-Malware from other sources.

Double Click mbam-setup.exe to install the application.

  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.

Report to post:

Fixlog.txt
C:\ADWCleaner[XX].txt
TDSSKiller.[Version]_[Date]_[Time]_log.txt
MBAM log


Edited by JSntgRvr, 20 June 2013 - 02:12 PM.

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#5 seth815

seth815
  • Topic Starter

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Local time:09:51 AM

Posted 20 June 2013 - 02:07 PM

Woo! Okay, I'm on it. Quick question: do I perform these tasks in Safe Mode or just boot up regularly?



#6 seth815

seth815
  • Topic Starter

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Local time:09:51 AM

Posted 20 June 2013 - 02:09 PM

Lets try this fix:

Download the enclosed file.

Save it next to FRST.

Run FRST as you did before, except that this time around click on the Fix button and wait.

 

Also, I don't see any enclosed file!



#7 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,931 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:04:51 AM

Posted 20 June 2013 - 02:14 PM

Check again. The forum didn't allow me to attach the file.


No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#8 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,931 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:04:51 AM

Posted 20 June 2013 - 02:17 PM

Woo! Okay, I'm on it. Quick question: do I perform these tasks in Safe Mode or just boot up regularly?

I would prefer Normal Mode.


No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#9 seth815

seth815
  • Topic Starter

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Local time:09:51 AM

Posted 20 June 2013 - 02:21 PM

Okay! I'm on it. Will post the results ASAP



#10 seth815

seth815
  • Topic Starter

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Local time:09:51 AM

Posted 20 June 2013 - 03:08 PM

Here are the reports! (post 1 of 2 - the reports are too big for a single post)

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 20-06-2013
Ran by Mike at 2013-06-20 20:26:36 Run:1
Running from C:\Users\Mike\Desktop
Boot Mode: Normal

==============================================

HKLM\Software\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InprocServer32\\Default => Value was restored successfully.
HKCR\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InprocServer32\\Default => Value was restored successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\system\\disableregistrytools => Value deleted successfully.
HKU\Default\Software\Microsoft\Windows\CurrentVersion\RunOnce\\AcerScrSav => Value deleted successfully.
HKU\Default User\Software\Microsoft\Windows\CurrentVersion\RunOnce\\AcerScrSav => Value not found.
C:\$Recycle.Bin\S-1-5-21-1454010757-150385511-3650685186-1000\$b0d49e572500678cdcf4298b9b2c8514 => Directory moved successfully.
C:\$Recycle.Bin\S-1-5-18\$b0d49e572500678cdcf4298b9b2c8514 => Deleted successfully.
C:\ProgramData\nvModes.dat => Moved successfully.
"C:\Program Files\Windows Defender" => Deleting reparse point and unlocking started.
"C:\Program Files\Windows Defender\en-US" => Deleting reparse point and unlocking completed.
"C:\Program Files\Windows Defender\MpAsDesc.dll" => Deleting reparse point and unlocking completed.
"C:\Program Files\Windows Defender\MpClient.dll" => Deleting reparse point and unlocking completed.
"C:\Program Files\Windows Defender\MpCmdRun.exe" => Deleting reparse point and unlocking completed.
"C:\Program Files\Windows Defender\MpEvMsg.dll" => Deleting reparse point and unlocking completed.
"C:\Program Files\Windows Defender\MpOAV.dll" => Deleting reparse point and unlocking completed.
"C:\Program Files\Windows Defender\MpRtMon.dll" => Deleting reparse point and unlocking completed.
"C:\Program Files\Windows Defender\MpRtPlug.dll" => Deleting reparse point and unlocking completed.
"C:\Program Files\Windows Defender\MpSigDwn.dll" => Deleting reparse point and unlocking completed.
"C:\Program Files\Windows Defender\MpSoftEx.dll" => Deleting reparse point and unlocking completed.
"C:\Program Files\Windows Defender\MpSvc.dll" => Deleting reparse point and unlocking completed.
"C:\Program Files\Windows Defender\MSASCui.exe" => Deleting reparse point and unlocking completed.
"C:\Program Files\Windows Defender\MsMpCom.dll" => Deleting reparse point and unlocking completed.
"C:\Program Files\Windows Defender\MsMpLics.dll" => Deleting reparse point and unlocking completed.
"C:\Program Files\Windows Defender\MsMpRes.dll" => Deleting reparse point and unlocking completed.
"C:\Program Files\Windows Defender" => Deleting reparse point and unlocking completed.
"C:\Program Files\Microsoft Security Client" => Deleting reparse point and unlocking started.
"C:\Program Files\Microsoft Security Client\Backup" => Deleting reparse point and unlocking completed.
"C:\Program Files\Microsoft Security Client\Drivers" => Deleting reparse point and unlocking completed.
"C:\Program Files\Microsoft Security Client\en-us" => Deleting reparse point and unlocking completed.
"C:\Program Files\Microsoft Security Client\EppManifest.dll" => Deleting reparse point and unlocking completed.
"C:\Program Files\Microsoft Security Client\IpsConsumer.dll" => Deleting reparse point and unlocking completed.
"C:\Program Files\Microsoft Security Client\MpAsDesc.dll" => Deleting reparse point and unlocking completed.
"C:\Program Files\Microsoft Security Client\MpClient.dll" => Deleting reparse point and unlocking completed.
"C:\Program Files\Microsoft Security Client\MpCmdRun.exe" => Deleting reparse point and unlocking completed.
"C:\Program Files\Microsoft Security Client\MpCommu.dll" => Deleting reparse point and unlocking completed.
"C:\Program Files\Microsoft Security Client\mpevmsg.dll" => Deleting reparse point and unlocking completed.
"C:\Program Files\Microsoft Security Client\MpOAv.dll" => Deleting reparse point and unlocking completed.
"C:\Program Files\Microsoft Security Client\MpRTP.dll" => Deleting reparse point and unlocking completed.
"C:\Program Files\Microsoft Security Client\MpSvc.dll" => Deleting reparse point and unlocking completed.
"C:\Program Files\Microsoft Security Client\MpUtil.dll" => Deleting reparse point and unlocking completed.
"C:\Program Files\Microsoft Security Client\MsMpCom.dll" => Deleting reparse point and unlocking completed.
"C:\Program Files\Microsoft Security Client\MsMpEng.exe" => Deleting reparse point and unlocking completed.
"C:\Program Files\Microsoft Security Client\MsMpLics.dll" => Deleting reparse point and unlocking completed.
"C:\Program Files\Microsoft Security Client\MsMpRes.dll" => Deleting reparse point and unlocking completed.
"C:\Program Files\Microsoft Security Client\msseces.exe" => Deleting reparse point and unlocking completed.
"C:\Program Files\Microsoft Security Client\MsseWat.dll" => Deleting reparse point and unlocking completed.
"C:\Program Files\Microsoft Security Client\NisIpsPlugin.dll" => Deleting reparse point and unlocking completed.
"C:\Program Files\Microsoft Security Client\NisLog.dll" => Deleting reparse point and unlocking completed.
"C:\Program Files\Microsoft Security Client\NisNetIP.dll" => Deleting reparse point and unlocking completed.
"C:\Program Files\Microsoft Security Client\NisPerformanceProvider.dll" => Deleting reparse point and unlocking completed.
"C:\Program Files\Microsoft Security Client\NisSrv.exe" => Deleting reparse point and unlocking completed.
"C:\Program Files\Microsoft Security Client\NisWFP.dll" => Deleting reparse point and unlocking completed.
"C:\Program Files\Microsoft Security Client\Setup.exe" => Deleting reparse point and unlocking completed.
"C:\Program Files\Microsoft Security Client\SetupRes.dll" => Deleting reparse point and unlocking completed.
"C:\Program Files\Microsoft Security Client\shellext.dll" => Deleting reparse point and unlocking completed.
"C:\Program Files\Microsoft Security Client\SqmApi.dll" => Deleting reparse point and unlocking completed.
"C:\Program Files\Microsoft Security Client" => Deleting reparse point and unlocking completed.


The system needs a manual reboot.

==== End of Fixlog ====









# AdwCleaner v2.303 - Logfile created 06/20/2013 at 20:32:23
# Updated 08/06/2013 by Xplode
# Operating system : Windows Vista ™ Home Premium Service Pack 1 (32 bits)
# User : Mike - SETHLAPTOP
# Boot Mode : Normal
# Running from : C:\Users\Mike\Desktop\AdwCleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Users\Mike\AppData\Local\PackageAware

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\Freecause
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{201F27D4-3704-41D6-89C1-AA35E39143ED}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3041D03E-FD4B-44E0-B742-2D9B88305F98}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{26C9E18C-3717-4BE1-A225-04E4471F5B6E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966

***** [Internet Browsers] *****

-\\ Internet Explorer v7.0.6001.18639

[OK] Registry is clean.

-\\ Mozilla Firefox v21.0 (en-US)

File : C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\u9dlhr6r.default\prefs.js

C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\u9dlhr6r.default\user.js ... Deleted !

[OK] File is clean.

File : C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\vpgvize1.newww\prefs.js

[OK] File is clean.

-\\ Google Chrome v27.0.1453.110

File : C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [2371 octets] - [20/06/2013 20:32:23]

########## EOF - C:\AdwCleaner[S1].txt - [2431 octets] ##########









(the TDSSKiller created 2 reports)
(1)

20:38:04.0206 2660  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
20:38:04.0253 2660  ============================================================
20:38:04.0253 2660  Current date / time: 2013/06/20 20:38:04.0253
20:38:04.0253 2660  SystemInfo:
20:38:04.0253 2660  
20:38:04.0253 2660  OS Version: 6.0.6001 ServicePack: 1.0
20:38:04.0253 2660  Product type: Workstation
20:38:04.0253 2660  ComputerName: SETHLAPTOP
20:38:04.0253 2660  UserName: Mike
20:38:04.0253 2660  Windows directory: C:\Windows
20:38:04.0253 2660  System windows directory: C:\Windows
20:38:04.0253 2660  Processor architecture: Intel x86
20:38:04.0253 2660  Number of processors: 2
20:38:04.0253 2660  Page size: 0x1000
20:38:04.0253 2660  Boot type: Normal boot
20:38:04.0253 2660  ============================================================
20:38:05.0501 2660  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
20:38:05.0501 2660  ============================================================
20:38:05.0501 2660  \Device\Harddisk0\DR0:
20:38:05.0501 2660  MBR partitions:
20:38:05.0501 2660  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1400800, BlocksNum 0x12016800
20:38:05.0501 2660  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x13417000, BlocksNum 0x11900000
20:38:05.0501 2660  ============================================================
20:38:05.0532 2660  C: <-> \Device\Harddisk0\DR0\Partition1
20:38:05.0610 2660  D: <-> \Device\Harddisk0\DR0\Partition2
20:38:05.0610 2660  ============================================================
20:38:05.0610 2660  Initialize success
20:38:05.0610 2660  ============================================================
20:38:28.0308 2988  Deinitialize success



(2)
20:43:26.0201 3124  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
20:43:26.0934 3124  ============================================================
20:43:26.0934 3124  Current date / time: 2013/06/20 20:43:26.0934
20:43:26.0934 3124  SystemInfo:
20:43:26.0934 3124  
20:43:26.0934 3124  OS Version: 6.0.6001 ServicePack: 1.0
20:43:26.0934 3124  Product type: Workstation
20:43:26.0934 3124  ComputerName: SETHLAPTOP
20:43:26.0934 3124  UserName: Mike
20:43:26.0934 3124  Windows directory: C:\Windows
20:43:26.0934 3124  System windows directory: C:\Windows
20:43:26.0934 3124  Processor architecture: Intel x86
20:43:26.0934 3124  Number of processors: 2
20:43:26.0934 3124  Page size: 0x1000
20:43:26.0934 3124  Boot type: Normal boot
20:43:26.0934 3124  ============================================================
20:43:28.0790 3124  BG loaded
20:43:30.0007 3124  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
20:43:30.0070 3124  ============================================================
20:43:30.0070 3124  \Device\Harddisk0\DR0:
20:43:30.0070 3124  MBR partitions:
20:43:30.0070 3124  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1400800, BlocksNum 0x12016800
20:43:30.0070 3124  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x13417000, BlocksNum 0x11900000
20:43:30.0070 3124  ============================================================
20:43:30.0116 3124  C: <-> \Device\Harddisk0\DR0\Partition1
20:43:30.0179 3124  D: <-> \Device\Harddisk0\DR0\Partition2
20:43:30.0179 3124  ============================================================
20:43:30.0179 3124  Initialize success
20:43:30.0179 3124  ============================================================
20:44:11.0425 3816  ============================================================
20:44:11.0425 3816  Scan started
20:44:11.0425 3816  Mode: Manual; SigCheck; TDLFS;
20:44:11.0425 3816  ============================================================
20:44:11.0706 3816  ================ Scan system memory ========================
20:44:11.0706 3816  System memory - ok
20:44:11.0706 3816  ================ Scan services =============================
20:44:11.0940 3816  0176911337746244mcinstcleanup - ok
20:44:12.0143 3816  [ FCB8C7210F0135E24C6580F7F649C73C ] ACPI            C:\Windows\system32\drivers\acpi.sys
20:44:12.0252 3816  ACPI - ok
20:44:12.0346 3816  [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
20:44:12.0533 3816  adp94xx - ok
20:44:12.0595 3816  [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci         C:\Windows\system32\drivers\adpahci.sys
20:44:12.0611 3816  adpahci - ok
20:44:12.0642 3816  [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
20:44:12.0658 3816  adpu160m - ok
20:44:12.0689 3816  [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
20:44:12.0704 3816  adpu320 - ok
20:44:12.0751 3816  [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
20:44:12.0845 3816  AeLookupSvc - ok
20:44:12.0923 3816  [ 48EB99503533C27AC6135648E5474457 ] AFD             C:\Windows\system32\drivers\afd.sys
20:44:12.0985 3816  AFD - ok
20:44:13.0032 3816  [ 8ED60797908FD394EEE0D6949F493224 ] AgereModemAudio C:\Windows\system32\agrsmsvc.exe
20:44:13.0079 3816  AgereModemAudio - ok
20:44:13.0141 3816  [ 38325C6AA8EAE011897D61CE48EC6435 ] AgereSoftModem  C:\Windows\system32\DRIVERS\AGRSM.sys
20:44:13.0204 3816  AgereSoftModem - ok
20:44:13.0235 3816  [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440          C:\Windows\system32\drivers\agp440.sys
20:44:13.0250 3816  agp440 - ok
20:44:13.0282 3816  [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
20:44:13.0297 3816  aic78xx - ok
20:44:13.0360 3816  [ 8D59617A9C3DBF4650AA44F4E9215744 ] AlfaFF          C:\Windows\system32\Drivers\AlfaFF.sys
20:44:13.0562 3816  AlfaFF - ok
20:44:13.0594 3816  [ A1545B731579895D8CC44FC0481C1192 ] ALG             C:\Windows\System32\alg.exe
20:44:13.0734 3816  ALG - ok
20:44:13.0765 3816  [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide          C:\Windows\system32\drivers\aliide.sys
20:44:13.0781 3816  aliide - ok
20:44:13.0812 3816  [ C47344BC706E5F0B9DCE369516661578 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
20:44:13.0828 3816  amdagp - ok
20:44:13.0859 3816  [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide          C:\Windows\system32\drivers\amdide.sys
20:44:13.0874 3816  amdide - ok
20:44:13.0906 3816  [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7           C:\Windows\system32\drivers\amdk7.sys
20:44:13.0952 3816  AmdK7 - ok
20:44:13.0984 3816  [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
20:44:14.0030 3816  AmdK8 - ok
20:44:14.0093 3816  [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo         C:\Windows\System32\appinfo.dll
20:44:14.0155 3816  Appinfo - ok
20:44:14.0311 3816  [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:44:14.0327 3816  Apple Mobile Device - ok
20:44:14.0389 3816  [ 5D2888182FB46632511ACEE92FDAD522 ] arc             C:\Windows\system32\drivers\arc.sys
20:44:14.0405 3816  arc - ok
20:44:14.0452 3816  [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
20:44:14.0452 3816  arcsas - ok
20:44:14.0545 3816  [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
20:44:14.0561 3816  aspnet_state - ok
20:44:14.0592 3816  [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
20:44:14.0639 3816  AsyncMac - ok
20:44:14.0654 3816  [ 2D9C903DC76A66813D350A562DE40ED9 ] atapi           C:\Windows\system32\drivers\atapi.sys
20:44:14.0670 3816  atapi - ok
20:44:14.0717 3816  [ 42076E29AAFA0830A2C5D4E310F58DD1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:44:14.0764 3816  AudioEndpointBuilder - ok
20:44:14.0779 3816  [ 42076E29AAFA0830A2C5D4E310F58DD1 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
20:44:14.0810 3816  Audiosrv - ok
20:44:14.0873 3816  [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep            C:\Windows\system32\drivers\Beep.sys
20:44:14.0935 3816  Beep - ok
20:44:15.0029 3816  [ 02ED7B4DBC2A3232A389106DA7515C3D ] BITS            C:\Windows\system32\qmgr.dll
20:44:15.0091 3816  BITS - ok
20:44:15.0122 3816  [ D4DF28447741FD3D953526E33A617397 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
20:44:15.0154 3816  blbdrive - ok
20:44:15.0216 3816  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
20:44:15.0232 3816  Bonjour Service - ok
20:44:15.0263 3816  [ 8153396D5551276227FA146900F734E6 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
20:44:15.0325 3816  bowser - ok
20:44:15.0356 3816  [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
20:44:15.0388 3816  BrFiltLo - ok
20:44:15.0419 3816  [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
20:44:15.0481 3816  BrFiltUp - ok
20:44:15.0512 3816  [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser         C:\Windows\System32\browser.dll
20:44:15.0544 3816  Browser - ok
20:44:15.0590 3816  [ B304E75CFF293029EDDF094246747113 ] Brserid         C:\Windows\system32\drivers\brserid.sys
20:44:15.0762 3816  Brserid - ok
20:44:15.0793 3816  [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
20:44:15.0871 3816  BrSerWdm - ok
20:44:15.0902 3816  [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
20:44:15.0965 3816  BrUsbMdm - ok
20:44:16.0027 3816  [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
20:44:16.0121 3816  BrUsbSer - ok
20:44:16.0183 3816  [ DA7B195275BDA7F8FCF79B40E0F45DDE ] BthEnum         C:\Windows\system32\DRIVERS\BthEnum.sys
20:44:16.0214 3816  BthEnum - ok
20:44:16.0246 3816  [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
20:44:16.0292 3816  BTHMODEM - ok
20:44:16.0339 3816  [ 5904EFA25F829BF84EA6FB045134A1D8 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
20:44:16.0370 3816  BthPan - ok
20:44:16.0433 3816  [ 73D53F8E90550BA81E2CF44A0873B410 ] BthPort         C:\Windows\system32\Drivers\BTHport.sys
20:44:16.0495 3816  BthPort - ok
20:44:16.0542 3816  [ 58EE7F5E68310BC8D4E7CEBD8358C12E ] BthServ         C:\Windows\System32\bthserv.dll
20:44:16.0573 3816  BthServ - ok
20:44:16.0589 3816  [ 32045A4BB143BBC5BAB1298C4E9E309A ] BTHUSB          C:\Windows\system32\Drivers\BTHUSB.sys
20:44:16.0620 3816  BTHUSB - ok
20:44:16.0636 3816  btwaudio - ok
20:44:16.0636 3816  btwavdt - ok
20:44:16.0651 3816  btwrchid - ok
20:44:16.0651 3816  catchme - ok
20:44:16.0682 3816  [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
20:44:16.0729 3816  cdfs - ok
20:44:16.0745 3816  [ 1EC25CEA0DE6AC4718BF89F9E1778B57 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
20:44:16.0885 3816  cdrom - ok
20:44:16.0948 3816  [ 87C2D0377B23E2D8A41093C2F5FB1A5B ] CertPropSvc     C:\Windows\System32\certprop.dll
20:44:16.0979 3816  CertPropSvc - ok
20:44:17.0026 3816  [ E5D4133F37219DBCFE102BC61072589D ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
20:44:17.0072 3816  circlass - ok
20:44:17.0119 3816  [ 745D20B75B3BDDA545022625ED5DBB1B ] CISVC           C:\Windows\system32\CISVC.EXE
20:44:17.0150 3816  CISVC - ok
20:44:17.0166 3816  [ 465745561C832B29F7C48B488AAB3842 ] CLFS            C:\Windows\system32\CLFS.sys
20:44:17.0182 3816  CLFS - ok
20:44:17.0228 3816  [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:44:17.0260 3816  clr_optimization_v2.0.50727_32 - ok
20:44:17.0322 3816  [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
20:44:17.0369 3816  CmBatt - ok
20:44:17.0384 3816  [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
20:44:17.0400 3816  cmdide - ok
20:44:17.0478 3816  [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
20:44:17.0494 3816  Compbatt - ok
20:44:17.0494 3816  COMSysApp - ok
20:44:17.0509 3816  [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
20:44:17.0525 3816  crcdisk - ok
20:44:17.0556 3816  [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe          C:\Windows\system32\drivers\crusoe.sys
20:44:17.0572 3816  Crusoe - ok
20:44:17.0618 3816  [ 6DE363F9F99334514C46AEC02D3E3678 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
20:44:17.0650 3816  CryptSvc - ok
20:44:17.0696 3816  [ 301AE00E12408650BADDC04DBC832830 ] DcomLaunch      C:\Windows\system32\rpcss.dll
20:44:17.0759 3816  DcomLaunch - ok
20:44:17.0806 3816  [ A3E9FA213F443AC77C7746119D13FEEC ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
20:44:17.0884 3816  DfsC - ok
20:44:17.0930 3816  [ 43A988A9C10333476CB5FB667CBD629D ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
20:44:17.0962 3816  Dhcp - ok
20:44:17.0993 3816  [ 64109E623ABD6955C8FB110B592E68B7 ] disk            C:\Windows\system32\drivers\disk.sys
20:44:18.0008 3816  disk - ok
20:44:18.0024 3816  [ 73BAF270D24FE726B9CD7F80BB17A23D ] DKbFltr         C:\Windows\system32\DRIVERS\DKbFltr.sys
20:44:18.0024 3816  DKbFltr - ok
20:44:18.0102 3816  [ 4805D9A6D281C7A7DEFD9094DEC6AF7D ] Dnscache        C:\Windows\System32\dnsrslvr.dll
20:44:18.0211 3816  Dnscache - ok
20:44:18.0227 3816  [ 5AF620A08C614E24206B79E8153CF1A8 ] dot3svc         C:\Windows\System32\dot3svc.dll
20:44:18.0242 3816  dot3svc - ok
20:44:18.0320 3816  [ 4F59C172C094E1A1D46463A8DC061CBD ] Dot4            C:\Windows\system32\DRIVERS\Dot4.sys
20:44:18.0430 3816  Dot4 - ok
20:44:18.0461 3816  [ 80BF3BA09F6F2523C8F6B7CC6DBF7BD5 ] Dot4Print       C:\Windows\system32\DRIVERS\Dot4Prt.sys
20:44:18.0539 3816  Dot4Print - ok
20:44:18.0554 3816  [ C55004CA6B419B6695970DFE849B122F ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys
20:44:18.0617 3816  dot4usb - ok
20:44:18.0679 3816  [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS             C:\Windows\system32\dps.dll
20:44:18.0710 3816  DPS - ok
20:44:18.0773 3816  [ 5C918D413F5837E67A85775C9873775E ] DritekPortIO    C:\PROGRA~1\LAUNCH~1\DPortIO.sys
20:44:18.0773 3816  DritekPortIO - ok
20:44:18.0804 3816  [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
20:44:18.0835 3816  drmkaud - ok
20:44:18.0882 3816  [ 85F33880B8CFB554BD3D9CCDB486845A ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
20:44:18.0960 3816  DXGKrnl - ok
20:44:18.0991 3816  [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60           C:\Windows\system32\DRIVERS\E1G60I32.sys
20:44:19.0038 3816  E1G60 - ok
20:44:19.0085 3816  [ C0B95E40D85CD807D614E264248A45B9 ] EapHost         C:\Windows\System32\eapsvc.dll
20:44:19.0116 3816  EapHost - ok
20:44:19.0163 3816  [ DD2CD259D83D8B72C02C5F2331FF9D68 ] Ecache          C:\Windows\system32\drivers\ecache.sys
20:44:19.0163 3816  Ecache - ok
20:44:19.0256 3816  [ B7DC2580425225C320CEDA78DE55A3D0 ] eDataSecurity Service C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
20:44:19.0272 3816  eDataSecurity Service - ok
20:44:19.0334 3816  [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
20:44:19.0381 3816  ehRecvr - ok
20:44:19.0397 3816  [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched         C:\Windows\ehome\ehsched.exe
20:44:19.0459 3816  ehSched - ok
20:44:19.0459 3816  [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart         C:\Windows\ehome\ehstart.dll
20:44:19.0490 3816  ehstart - ok
20:44:19.0537 3816  [ 23B62471681A124889978F6295B3F4C6 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
20:44:19.0553 3816  elxstor - ok
20:44:19.0693 3816  [ 70B1A86DF0C8EAD17D2BC332EDAE2C7C ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
20:44:19.0756 3816  EMDMgmt - ok
20:44:19.0787 3816  [ 3DB974F3935483555D7148663F726C61 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
20:44:19.0818 3816  ErrDev - ok
20:44:19.0880 3816  [ 58D906D84CC2E303C754AC7314595D3C ] ETService       C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
20:44:19.0896 3816  ETService ( UnsignedFile.Multi.Generic ) - warning
20:44:19.0896 3816  ETService - detected UnsignedFile.Multi.Generic (1)
20:44:19.0943 3816  [ 3CB3343D720168B575133A0A20DC2465 ] EventSystem     C:\Windows\system32\es.dll
20:44:19.0990 3816  EventSystem - ok
20:44:20.0192 3816  [ 54B6E150BFF4A47EB0D204119D262E46 ] EvtEng          C:\Program Files\Intel\WiFi\bin\EvtEng.exe
20:44:20.0255 3816  EvtEng ( UnsignedFile.Multi.Generic ) - warning
20:44:20.0255 3816  EvtEng - detected UnsignedFile.Multi.Generic (1)
20:44:20.0302 3816  [ 0D858EB20589A34EFB25695ACAA6AA2D ] exfat           C:\Windows\system32\drivers\exfat.sys
20:44:20.0333 3816  exfat - ok
20:44:20.0364 3816  [ 3C489390C2E2064563727752AF8EAB9E ] fastfat         C:\Windows\system32\drivers\fastfat.sys
20:44:20.0411 3816  fastfat - ok
20:44:20.0442 3816  [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
20:44:20.0489 3816  fdc - ok
20:44:20.0504 3816  [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost         C:\Windows\system32\fdPHost.dll
20:44:20.0551 3816  fdPHost - ok
20:44:20.0567 3816  [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub        C:\Windows\system32\fdrespub.dll
20:44:20.0645 3816  FDResPub - ok
20:44:20.0660 3816  [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
20:44:20.0676 3816  FileInfo - ok
20:44:20.0707 3816  [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
20:44:20.0723 3816  Filetrace - ok
20:44:20.0801 3816  [ BB0667B0171B632B97EA759515476F07 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
20:44:20.0848 3816  FLEXnet Licensing Service - ok
20:44:20.0894 3816  [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
20:44:20.0926 3816  flpydisk - ok
20:44:20.0957 3816  [ 05EA53AFE985443011E36DAB07343B46 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
20:44:20.0972 3816  FltMgr - ok
20:44:21.0066 3816  [ C9BE08664611DDAF98E2331E9288B00B ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
20:44:21.0082 3816  FontCache3.0.0.0 - ok
20:44:21.0097 3816  [ 65EA8B77B5851854F0C55C43FA51A198 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
20:44:21.0144 3816  Fs_Rec - ok
20:44:21.0160 3816  [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
20:44:21.0175 3816  gagp30kx - ok
20:44:21.0206 3816  [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
20:44:21.0222 3816  GEARAspiWDM - ok
20:44:21.0253 3816  [ D9F1113D9401185245573350712F92FC ] gpsvc           C:\Windows\System32\gpsvc.dll
20:44:21.0347 3816  gpsvc - ok
20:44:21.0503 3816  [ C1B577B2169900F4CF7190C39F085794 ] gusvc           C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
20:44:21.0518 3816  gusvc - ok
20:44:21.0581 3816  [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:44:21.0643 3816  HdAudAddService - ok
20:44:21.0674 3816  [ C87B1EE051C0464491C1A7B03FA0BC99 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
20:44:21.0690 3816  HDAudBus - ok
20:44:21.0721 3816  [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth          C:\Windows\system32\drivers\hidbth.sys
20:44:21.0784 3816  HidBth - ok
20:44:21.0799 3816  [ D8DF3722D5E961BAA1292AA2F12827E2 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
20:44:21.0815 3816  HidIr - ok
20:44:21.0924 3816  [ 8FA640195279ACE21BEA91396A0054FC ] hidserv         C:\Windows\System32\hidserv.dll
20:44:22.0002 3816  hidserv - ok
20:44:22.0033 3816  [ 854CA287AB7FAF949617A788306D967E ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
20:44:22.0080 3816  HidUsb - ok
20:44:22.0111 3816  [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc          C:\Windows\system32\kmsvc.dll
20:44:22.0189 3816  hkmsvc - ok
20:44:22.0220 3816  [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
20:44:22.0236 3816  HpCISSs - ok
20:44:22.0267 3816  [ 96E241624C71211A79C84F50A8E71CAB ] HTTP            C:\Windows\system32\drivers\HTTP.sys
20:44:22.0330 3816  HTTP - ok
20:44:22.0392 3816  [ 63B3EFF36272787619C1E773ED581693 ] hwdatacard      C:\Windows\system32\DRIVERS\ewusbmdm.sys
20:44:22.0423 3816  hwdatacard - ok
20:44:22.0470 3816  [ C6B032D69650985468160FC9937CF5B4 ] i2omp           C:\Windows\system32\drivers\i2omp.sys
20:44:22.0470 3816  i2omp - ok
20:44:22.0517 3816  [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
20:44:22.0548 3816  i8042prt - ok
20:44:22.0610 3816  [ 72B53E9C8924949DEC8F3799BCBA2251 ] IAANTMON        C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
20:44:22.0626 3816  IAANTMON - ok
20:44:22.0673 3816  [ E5A0034847537EAEE3C00349D5C34C5F ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
20:44:22.0673 3816  iaStor - ok
20:44:22.0704 3816  [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
20:44:22.0720 3816  iaStorV - ok
20:44:22.0813 3816  [ 7B630ACAED64FEF0C3E1CF255CB56686 ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:44:22.0876 3816  idsvc - ok
20:44:22.0922 3816  [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
20:44:22.0938 3816  iirsp - ok
20:44:23.0000 3816  [ 68E8C415E102E5D79FD7E4A765B8CBA4 ] IKEEXT          C:\Windows\System32\ikeext.dll
20:44:23.0032 3816  IKEEXT - ok
20:44:23.0063 3816  [ 4D8D5B1C895EA0F2A721B98A7CE198F1 ] int15           C:\Windows\system32\drivers\int15.sys
20:44:23.0078 3816  int15 ( UnsignedFile.Multi.Generic ) - warning
20:44:23.0078 3816  int15 - detected UnsignedFile.Multi.Generic (1)
20:44:23.0188 3816  [ 92BCC487F16892CDA495DBD8160272D9 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
20:44:23.0266 3816  IntcAzAudAddService - ok
20:44:23.0312 3816  [ 83AA759F3189E6370C30DE5DC5590718 ] intelide        C:\Windows\system32\drivers\intelide.sys
20:44:23.0328 3816  intelide - ok
20:44:23.0359 3816  [ 224191001E78C89DFA78924C3EA595FF ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
20:44:23.0406 3816  intelppm - ok
20:44:23.0453 3816  [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
20:44:23.0484 3816  IPBusEnum - ok
20:44:23.0515 3816  [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:44:23.0546 3816  IpFilterDriver - ok
20:44:23.0546 3816  IpInIp - ok
20:44:23.0578 3816  [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
20:44:23.0609 3816  IPMIDRV - ok
20:44:23.0624 3816  [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
20:44:23.0640 3816  IPNAT - ok
20:44:23.0718 3816  [ BC0EA61246F8D940FBC5F652D337D6BD ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
20:44:23.0734 3816  iPod Service - ok
20:44:23.0780 3816  [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
20:44:23.0812 3816  IRENUM - ok
20:44:23.0843 3816  [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
20:44:23.0858 3816  isapnp - ok
20:44:23.0890 3816  [ F247EEC28317F6C739C16DE420097301 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
20:44:23.0905 3816  iScsiPrt - ok
20:44:23.0952 3816  [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
20:44:23.0952 3816  iteatapi - ok
20:44:23.0999 3816  [ 8BCD857C7932AD005D5F9C89329DA2E1 ] itecir          C:\Windows\system32\DRIVERS\itecir.sys
20:44:24.0030 3816  itecir - ok
20:44:24.0046 3816  [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid         C:\Windows\system32\drivers\iteraid.sys
20:44:24.0061 3816  iteraid - ok
20:44:24.0092 3816  [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
20:44:24.0092 3816  kbdclass - ok
20:44:24.0139 3816  [ 18247836959BA67E3511B62846B9C2E0 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
20:44:24.0186 3816  kbdhid - ok
20:44:24.0217 3816  [ A911ECAC81F94ADEAFBE8E3F7873EDB0 ] KeyIso          C:\Windows\system32\lsass.exe
20:44:24.0248 3816  KeyIso - ok
20:44:24.0295 3816  [ 7A0CF7908B6824D6A2A1D313E5AE3DCA ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
20:44:24.0311 3816  KSecDD - ok
20:44:24.0389 3816  [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm           C:\Windows\system32\msdtckrm.dll
20:44:24.0420 3816  KtmRm - ok
20:44:24.0482 3816  [ 03AFB2705E68703E165CD817779B472F ] L1E             C:\Windows\system32\DRIVERS\L1E60x86.sys
20:44:24.0529 3816  L1E - ok
20:44:24.0560 3816  [ 1925E63C91CF1610AE41BFD539062079 ] LanmanServer    C:\Windows\System32\srvsvc.dll
20:44:24.0592 3816  LanmanServer - ok
20:44:24.0623 3816  [ 2AE2E1628C5D3F1C0A46A67C9FA1DF15 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:44:24.0670 3816  LanmanWorkstation - ok
20:44:24.0716 3816  [ 793FF718477345CD5D232C50BED1E452 ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
20:44:24.0732 3816  LightScribeService ( UnsignedFile.Multi.Generic ) - warning
20:44:24.0732 3816  LightScribeService - detected UnsignedFile.Multi.Generic (1)
20:44:24.0779 3816  [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
20:44:24.0857 3816  lltdio - ok
20:44:24.0919 3816  [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
20:44:24.0982 3816  lltdsvc - ok
20:44:24.0997 3816  [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts         C:\Windows\System32\lmhsvc.dll
20:44:25.0044 3816  lmhosts - ok
20:44:25.0091 3816  [ C7E15E82879BF3235B559563D4185365 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
20:44:25.0091 3816  LSI_FC - ok
20:44:25.0122 3816  [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
20:44:25.0138 3816  LSI_SAS - ok
20:44:25.0169 3816  [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
20:44:25.0184 3816  LSI_SCSI - ok
20:44:25.0184 3816  [ 8F5C7426567798E62A3B3614965D62CC ] luafv           C:\Windows\system32\drivers\luafv.sys
20:44:25.0231 3816  luafv - ok
20:44:25.0262 3816  [ 4470E3C1E0C3378E4CAB137893C12C3A ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
20:44:25.0294 3816  MBAMProtector - ok
20:44:25.0340 3816  [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler   C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
20:44:25.0356 3816  MBAMScheduler - ok
20:44:25.0403 3816  [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService     C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
20:44:25.0418 3816  MBAMService - ok
20:44:25.0481 3816  [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
20:44:25.0496 3816  Mcx2Svc - ok
20:44:25.0559 3816  [ 0001CE609D66632FA17B84705F658879 ] megasas         C:\Windows\system32\drivers\megasas.sys
20:44:25.0559 3816  megasas - ok
20:44:25.0590 3816  [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR          C:\Windows\system32\drivers\megasr.sys
20:44:25.0606 3816  MegaSR - ok
20:44:25.0652 3816  [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS           C:\Windows\system32\mmcss.dll
20:44:25.0684 3816  MMCSS - ok
20:44:25.0746 3816  MobilityService - ok
20:44:25.0762 3816  [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem           C:\Windows\system32\drivers\modem.sys
20:44:25.0793 3816  Modem - ok
20:44:25.0824 3816  [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
20:44:25.0871 3816  monitor - ok
20:44:25.0886 3816  [ 5BF6A1326A335C5298477754A506D263 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
20:44:25.0886 3816  mouclass - ok
20:44:25.0964 3816  [ 93B8D4869E12CFBE663915502900876F ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
20:44:25.0996 3816  mouhid - ok
20:44:26.0011 3816  [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
20:44:26.0027 3816  MountMgr - ok
20:44:26.0105 3816  [ 825BF0E46B4470A463AEB641480C5FCA ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
20:44:26.0167 3816  MozillaMaintenance - ok
20:44:26.0230 3816  [ D993BEA500E7382DC4E760BF4F35EFCB ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
20:44:26.0245 3816  MpFilter - ok
20:44:26.0276 3816  [ 511D011289755DD9F9A7579FB0B064E6 ] mpio            C:\Windows\system32\drivers\mpio.sys
20:44:26.0292 3816  mpio - ok
20:44:26.0432 3816  [ A69630D039C38018689190234F866D77 ] MpKsl900e6534   C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{EF81955C-5F2D-4FD1-ABF2-827226723684}\MpKsl900e6534.sys
20:44:26.0448 3816  MpKsl900e6534 - ok
20:44:26.0526 3816  [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
20:44:26.0542 3816  mpsdrv - ok
20:44:26.0573 3816  [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
20:44:26.0588 3816  Mraid35x - ok
20:44:26.0604 3816  [ AE3DE84536B6799D2267443CEC8EDBB9 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
20:44:26.0666 3816  MRxDAV - ok
20:44:26.0698 3816  [ 5734A0F2BE7E495F7D3ED6EFD4B9F5A1 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
20:44:26.0744 3816  mrxsmb - ok
20:44:26.0807 3816  [ 6B5FA5ADFACAC9DBBE0991F4566D7D55 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:44:26.0869 3816  mrxsmb10 - ok
20:44:26.0885 3816  [ 5C80D8159181C7ABF1B14BA703B01E0B ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:44:26.0932 3816  mrxsmb20 - ok
20:44:26.0994 3816  [ 28023E86F17001F7CD9B15A5BC9AE07D ] msahci          C:\Windows\system32\drivers\msahci.sys
20:44:27.0010 3816  msahci - ok
20:44:27.0041 3816  [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
20:44:27.0056 3816  msdsm - ok
20:44:27.0103 3816  [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC           C:\Windows\System32\msdtc.exe
20:44:27.0119 3816  MSDTC - ok
20:44:27.0134 3816  [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
20:44:27.0181 3816  Msfs - ok
20:44:27.0212 3816  [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
20:44:27.0212 3816  msisadrv - ok
20:44:27.0259 3816  [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
20:44:27.0290 3816  MSiSCSI - ok
20:44:27.0306 3816  msiserver - ok
20:44:27.0337 3816  [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
20:44:27.0368 3816  MSKSSRV - ok
20:44:27.0478 3816  [ 24516BF4E12A46CB67302E2CDCB8CDDF ] MsMpSvc         C:\Program Files\Microsoft Security Client\MsMpEng.exe
20:44:27.0493 3816  MsMpSvc - ok
20:44:27.0524 3816  [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
20:44:27.0556 3816  MSPCLOCK - ok
20:44:27.0587 3816  [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
20:44:27.0618 3816  MSPQM - ok
20:44:27.0634 3816  [ B5614AECB05A9340AA0FB55BF561CC63 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
20:44:27.0649 3816  MsRPC - ok
20:44:27.0665 3816  [ E384487CB84BE41D09711C30CA79646C ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
20:44:27.0680 3816  mssmbios - ok
20:44:27.0712 3816  [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
20:44:27.0743 3816  MSTEE - ok
20:44:27.0758 3816  [ 6DFD1D322DE55B0B7DB7D21B90BEC49C ] Mup             C:\Windows\system32\Drivers\mup.sys
20:44:27.0758 3816  Mup - ok
20:44:27.0790 3816  N - ok
20:44:27.0805 3816  [ C43B25863FBD65B6D2A142AF3AE320CA ] napagent        C:\Windows\system32\qagentRT.dll
20:44:27.0836 3816  napagent - ok
20:44:27.0914 3816  [ 3C21CE48FF529BB73DADB98770B54025 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
20:44:27.0930 3816  NativeWifiP - ok
20:44:27.0961 3816  [ 9BDC71790FA08F0A0B5F10462B1BD0B1 ] NDIS            C:\Windows\system32\drivers\ndis.sys
20:44:27.0992 3816  NDIS - ok
20:44:28.0008 3816  [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
20:44:28.0039 3816  NdisTapi - ok
20:44:28.0070 3816  [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
20:44:28.0086 3816  Ndisuio - ok
20:44:28.0133 3816  [ 3D14C3B3496F88890D431E8AA022A411 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
20:44:28.0148 3816  NdisWan - ok
20:44:28.0164 3816  [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
20:44:28.0180 3816  NDProxy - ok
20:44:28.0258 3816  [ 510C138564486FF926A3F773205C63D1 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
20:44:28.0273 3816  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
20:44:28.0273 3816  Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
20:44:28.0304 3816  [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
20:44:28.0336 3816  NetBIOS - ok
20:44:28.0351 3816  [ 7C5FEE5B1C5728507CD96FB4A13E7A02 ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
20:44:28.0414 3816  netbt - ok
20:44:28.0445 3816  [ A911ECAC81F94ADEAFBE8E3F7873EDB0 ] Netlogon        C:\Windows\system32\lsass.exe
20:44:28.0460 3816  Netlogon - ok
20:44:28.0507 3816  [ C8052711DAECC48B982434C5116CA401 ] Netman          C:\Windows\System32\netman.dll
20:44:28.0538 3816  Netman - ok
20:44:28.0554 3816  [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm        C:\Windows\System32\netprofm.dll
20:44:28.0585 3816  netprofm - ok
20:44:28.0648 3816  [ 0AD5876EF4E9EB77C8F93EB5B2FFF386 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:44:28.0663 3816  NetTcpPortSharing - ok
20:44:28.0788 3816  [ CAAEA35DAE7F4C19DB05481DAC22C2BA ] NETw4v32        C:\Windows\system32\DRIVERS\NETw4v32.sys
20:44:28.0991 3816  NETw4v32 - ok
20:44:29.0116 3816  [ 8DE67BD902095A13329FD82C85A1FA09 ] NETw5v32        C:\Windows\system32\DRIVERS\NETw5v32.sys
20:44:29.0256 3816  NETw5v32 - ok
20:44:29.0272 3816  [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
20:44:29.0287 3816  nfrd960 - ok
20:44:29.0334 3816  [ B52F26BADE7D7E4A79706E3FD91834CD ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
20:44:29.0334 3816  NisDrv - ok
20:44:29.0365 3816  [ 290C0D4C4889398797F8DF3BE00B9698 ] NisSrv          C:\Program Files\Microsoft Security Client\NisSrv.exe
20:44:29.0443 3816  NisSrv - ok
20:44:29.0474 3816  [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc          C:\Windows\System32\nlasvc.dll
20:44:29.0521 3816  NlaSvc - ok
20:44:29.0552 3816  [ ECB5003F484F9ED6C608D6D6C7886CBB ] Npfs            C:\Windows\system32\drivers\Npfs.sys
20:44:29.0615 3816  Npfs - ok
20:44:29.0630 3816  [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi             C:\Windows\system32\nsisvc.dll
20:44:29.0693 3816  nsi - ok
20:44:29.0708 3816  [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
20:44:29.0755 3816  nsiproxy - ok
20:44:29.0818 3816  [ B4EFFE29EB4F15538FD8A9681108492D ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
20:44:29.0911 3816  Ntfs - ok
20:44:29.0942 3816  [ 2757D2BA59AEE155209E24942AB127C9 ] NTIDrvr         C:\Windows\system32\DRIVERS\NTIDrvr.sys
20:44:29.0974 3816  NTIDrvr - ok
20:44:30.0005 3816  [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi       C:\Windows\system32\drivers\ntrigdigi.sys
20:44:30.0067 3816  ntrigdigi - ok
20:44:30.0083 3816  [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null            C:\Windows\system32\drivers\Null.sys
20:44:30.0130 3816  Null - ok
20:44:30.0332 3816  [ 87A335A444551A432226720D18337AD9 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
20:44:30.0613 3816  nvlddmkm - ok
20:44:30.0644 3816  [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
20:44:30.0660 3816  nvraid - ok
20:44:30.0676 3816  [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
20:44:30.0691 3816  nvstor - ok
20:44:30.0707 3816  [ 03BD4F5759E6630D521BE0E123060A9B ] nvsvc           C:\Windows\system32\nvvsvc.exe
20:44:30.0722 3816  nvsvc - ok
20:44:30.0738 3816  [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
20:44:30.0754 3816  nv_agp - ok
20:44:30.0754 3816  NwlnkFlt - ok
20:44:30.0769 3816  NwlnkFwd - ok
20:44:30.0878 3816  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
20:44:30.0894 3816  odserv - ok
20:44:30.0941 3816  [ BE32DA025A0BE1878F0EE8D6D9386CD5 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
20:44:30.0988 3816  ohci1394 - ok
20:44:31.0050 3816  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:44:31.0050 3816  ose - ok
20:44:31.0128 3816  [ 5DE1A3972FD3112C75EB17BDCF454169 ] p2pimsvc        C:\Windows\system32\p2psvc.dll
20:44:31.0190 3816  p2pimsvc - ok
20:44:31.0222 3816  [ 5DE1A3972FD3112C75EB17BDCF454169 ] p2psvc          C:\Windows\system32\p2psvc.dll
20:44:31.0237 3816  p2psvc - ok
20:44:31.0268 3816  [ 0FA9B5055484649D63C303FE404E5F4D ] Parport         C:\Windows\system32\drivers\parport.sys
20:44:31.0346 3816  Parport - ok
20:44:31.0378 3816  [ 3B38467E7C3DAED009DFE359E17F139F ] partmgr         C:\Windows\system32\drivers\partmgr.sys
20:44:31.0393 3816  partmgr - ok
20:44:31.0409 3816  [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm          C:\Windows\system32\drivers\parvdm.sys
20:44:31.0456 3816  Parvdm - ok
20:44:31.0471 3816  [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc          C:\Windows\System32\pcasvc.dll
20:44:31.0502 3816  PcaSvc - ok
20:44:31.0534 3816  [ 01B94418DEB235DFF777CC80076354B4 ] pci             C:\Windows\system32\drivers\pci.sys
20:44:31.0549 3816  pci - ok
20:44:31.0565 3816  [ FC175F5DDAB666D7F4D17449A547626F ] pciide          C:\Windows\system32\drivers\pciide.sys
20:44:31.0580 3816  pciide - ok
20:44:31.0596 3816  [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
20:44:31.0612 3816  pcmcia - ok
20:44:31.0658 3816  [ 5B6C11DE7E839C05248CED8825470FEF ] pcouffin        C:\Windows\system32\Drivers\pcouffin.sys
20:44:31.0690 3816  pcouffin - ok
20:44:31.0736 3816  [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
20:44:31.0814 3816  PEAUTH - ok
20:44:31.0892 3816  [ B1689DF169143F57053F795390C99DB3 ] pla             C:\Windows\system32\pla.dll
20:44:31.0970 3816  pla - ok
20:44:32.0017 3816  [ 78F975CB6D18265BE6F492EDB2D7BC7B ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
20:44:32.0048 3816  PlugPlay - ok
20:44:32.0111 3816  [ 37E5E8FFBAD35605DAEEC3224EA0E465 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
20:44:32.0111 3816  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
20:44:32.0111 3816  Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
20:44:32.0173 3816  [ 5DE1A3972FD3112C75EB17BDCF454169 ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
20:44:32.0189 3816  PNRPAutoReg - ok
20:44:32.0236 3816  [ 5DE1A3972FD3112C75EB17BDCF454169 ] PNRPsvc         C:\Windows\system32\p2psvc.dll
20:44:32.0251 3816  PNRPsvc - ok
20:44:32.0314 3816  [ 47B8F37AA18B74D8C2E1BC1A7A2C8F8A ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
20:44:32.0376 3816  PolicyAgent - ok
20:44:32.0438 3816  [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
20:44:32.0470 3816  PptpMiniport - ok
20:44:32.0485 3816  [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor       C:\Windows\system32\drivers\processr.sys
20:44:32.0516 3816  Processor - ok
20:44:32.0548 3816  [ B627E4FC8585E8843C5905D4D3587A90 ] ProfSvc         C:\Windows\system32\profsvc.dll
20:44:32.0594 3816  ProfSvc - ok
20:44:32.0610 3816  [ A911ECAC81F94ADEAFBE8E3F7873EDB0 ] ProtectedStorage C:\Windows\system32\lsass.exe
20:44:32.0626 3816  ProtectedStorage - ok
20:44:32.0672 3816  [ BFEF604508A0ED1EAE2A73E872555FFB ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
20:44:32.0719 3816  PSched - ok
20:44:32.0766 3816  [ AB94285FF6C6BC5433407D8D182A4BB4 ] PSDFilter       C:\Windows\system32\DRIVERS\psdfilter.sys
20:44:32.0766 3816  PSDFilter - ok
20:44:32.0782 3816  [ 2AAF9A5D7A63D26BFAEA853C5F2292BC ] PSDNServ        C:\Windows\system32\DRIVERS\PSDNServ.sys
20:44:32.0797 3816  PSDNServ - ok
20:44:32.0797 3816  [ 0EB8CEC99855BEAE5B0D02C2302619EF ] psdvdisk        C:\Windows\system32\DRIVERS\PSDVdisk.sys
20:44:32.0813 3816  psdvdisk - ok
20:44:32.0860 3816  [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
20:44:32.0938 3816  ql2300 - ok
20:44:32.0969 3816  [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
20:44:32.0984 3816  ql40xx - ok
20:44:33.0031 3816  [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE           C:\Windows\system32\qwave.dll
20:44:33.0062 3816  QWAVE - ok
20:44:33.0078 3816  [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
20:44:33.0109 3816  QWAVEdrv - ok
20:44:33.0125 3816  [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
20:44:33.0156 3816  RasAcd - ok
20:44:33.0172 3816  [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto         C:\Windows\System32\rasauto.dll
20:44:33.0203 3816  RasAuto - ok
20:44:33.0296 3816  [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
20:44:33.0312 3816  Rasl2tp - ok
20:44:33.0359 3816  [ 6E7C284FC5C4EC07AD164D93810385A6 ] RasMan          C:\Windows\System32\rasmans.dll
20:44:33.0390 3816  RasMan - ok
20:44:33.0421 3816  [ 3E9D9B048107B40D87B97DF2E48E0744 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
20:44:33.0437 3816  RasPppoe - ok
20:44:33.0452 3816  [ A7D141684E9500AC928A772ED8E6B671 ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
20:44:33.0484 3816  RasSstp - ok
20:44:33.0499 3816  [ 6E1C5D0457622F9EE35F683110E93D14 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
20:44:33.0515 3816  rdbss - ok
20:44:33.0562 3816  [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
20:44:33.0608 3816  RDPCDD - ok
20:44:33.0640 3816  [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr           C:\Windows\system32\drivers\rdpdr.sys
20:44:33.0671 3816  rdpdr - ok
20:44:33.0671 3816  [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
20:44:33.0702 3816  RDPENCDD - ok
20:44:33.0733 3816  [ E1C18F4097A5ABCEC941DC4B2F99DB7E ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
20:44:33.0780 3816  RDPWD - ok
20:44:33.0889 3816  [ 3FF45B7F17D5837216ABAE652CC61540 ] RegSrvc         C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
20:44:33.0905 3816  RegSrvc ( UnsignedFile.Multi.Generic ) - warning
20:44:33.0905 3816  RegSrvc - detected UnsignedFile.Multi.Generic (1)
20:44:33.0952 3816  [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess    C:\Windows\System32\mprdim.dll
20:44:33.0967 3816  RemoteAccess - ok
20:44:33.0998 3816  [ CC4E32400F3C7253400CF8F3F3A0B676 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
20:44:34.0061 3816  RemoteRegistry - ok
20:44:34.0123 3816  [ 34CC78C06587718C2AD6D3AA83B1F072 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
20:44:34.0154 3816  RFCOMM - ok
20:44:34.0170 3816  [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator      C:\Windows\system32\locator.exe
20:44:34.0201 3816  RpcLocator - ok
20:44:34.0232 3816  [ 301AE00E12408650BADDC04DBC832830 ] RpcSs           C:\Windows\system32\rpcss.dll
20:44:34.0264 3816  RpcSs - ok
20:44:34.0295 3816  [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
20:44:34.0326 3816  rspndr - ok
20:44:34.0498 3816  [ 73835C4F79ADC404EF39C8A9E2D4183B ] RS_Service      C:\Program Files\Acer\Acer VCM\RS_Service.exe
20:44:34.0544 3816  RS_Service ( UnsignedFile.Multi.Generic ) - warning
20:44:34.0544 3816  RS_Service - detected UnsignedFile.Multi.Generic (1)
20:44:34.0544 3816  [ A911ECAC81F94ADEAFBE8E3F7873EDB0 ] SamSs           C:\Windows\system32\lsass.exe
20:44:34.0560 3816  SamSs - ok
20:44:34.0576 3816  [ 3CE8F073A557E172B330109436984E30 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
20:44:34.0591 3816  sbp2port - ok
20:44:34.0638 3816  [ 11387E32642269C7E62E8B52C060B3C6 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
20:44:34.0669 3816  SCardSvr - ok
20:44:34.0732 3816  [ 7B587B8A6D4A99F79D2902D0385F29BD ] Schedule        C:\Windows\system32\schedsvc.dll
20:44:34.0778 3816  Schedule - ok
20:44:34.0810 3816  [ 87C2D0377B23E2D8A41093C2F5FB1A5B ] SCPolicySvc     C:\Windows\System32\certprop.dll
20:44:34.0825 3816  SCPolicySvc - ok
20:44:34.0856 3816  [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
20:44:34.0888 3816  SDRSVC - ok
20:44:34.0903 3816  [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
20:44:34.0981 3816  secdrv - ok
20:44:35.0028 3816  [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon        C:\Windows\system32\seclogon.dll
20:44:35.0059 3816  seclogon - ok
20:44:35.0075 3816  [ A9BBAB5759771E523F55563D6CBE140F ] SENS            C:\Windows\system32\sens.dll
20:44:35.0122 3816  SENS - ok
20:44:35.0137 3816  [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum         C:\Windows\system32\drivers\serenum.sys
20:44:35.0200 3816  Serenum - ok
20:44:35.0215 3816  [ C70D69A918B178D3C3B06339B40C2E1B ] Serial          C:\Windows\system32\drivers\serial.sys
20:44:35.0278 3816  Serial - ok
20:44:35.0309 3816  [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
20:44:35.0324 3816  sermouse - ok
20:44:35.0356 3816  [ D2193326F729B163125610DBF3E17D57 ] SessionEnv      C:\Windows\system32\sessenv.dll
20:44:35.0387 3816  SessionEnv - ok
20:44:35.0418 3816  [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
20:44:35.0434 3816  sffdisk - ok
20:44:35.0449 3816  [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
20:44:35.0480 3816  sffp_mmc - ok
20:44:35.0496 3816  [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
20:44:35.0527 3816  sffp_sd - ok
20:44:35.0543 3816  [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
20:44:35.0605 3816  sfloppy - ok
20:44:35.0636 3816  [ 1E3FDB80E40A3CE645F229DFBDFB7694 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:44:35.0699 3816  ShellHWDetection - ok
20:44:35.0714 3816  [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp          C:\Windows\system32\drivers\sisagp.sys
20:44:35.0730 3816  sisagp - ok
20:44:35.0746 3816  [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
20:44:35.0761 3816  SiSRaid2 - ok
20:44:35.0777 3816  [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
20:44:35.0792 3816  SiSRaid4 - ok
20:44:35.0870 3816  [ 0BA91E1358AD25236863039BB2609A2E ] slsvc           C:\Windows\system32\SLsvc.exe
20:44:35.0995 3816  slsvc - ok
20:44:36.0026 3816  [ 7C6DC44CA0BFA6291629AB764200D1D4 ] SLUINotify      C:\Windows\system32\SLUINotify.dll
20:44:36.0058 3816  SLUINotify - ok
20:44:36.0104 3816  [ 031E6BCD53C9B2B9ACE111EAFEC347B6 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
20:44:36.0136 3816  Smb - ok
20:44:36.0167 3816  [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
20:44:36.0182 3816  SNMPTRAP - ok
20:44:36.0214 3816  [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr           C:\Windows\system32\drivers\spldr.sys
20:44:36.0214 3816  spldr - ok
20:44:36.0276 3816  [ 3665F79026A3F91FBCA63F2C65A09B19 ] Spooler         C:\Windows\System32\spoolsv.exe
20:44:36.0323 3816  Spooler - ok
20:44:36.0385 3816  [ 0022CFFF1A41E5CE3A764050A7DDF22A ] sptd            C:\Windows\System32\Drivers\sptd.sys
20:44:36.0401 3816  sptd - ok
20:44:36.0448 3816  [ 2252AEF839B1093D16761189F45AF885 ] srv             C:\Windows\system32\DRIVERS\srv.sys
20:44:36.0463 3816  srv - ok
20:44:36.0494 3816  [ B7FF59408034119476B00A81BB53D5D1 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
20:44:36.0526 3816  srv2 - ok
20:44:36.0604 3816  [ 2ACCC9B12AF02030F531E6CCA6F8B76E ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
20:44:36.0650 3816  srvnet - ok
20:44:36.0697 3816  [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
20:44:36.0728 3816  SSDPSRV - ok
20:44:36.0791 3816  [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
20:44:36.0822 3816  SstpSvc - ok
20:44:36.0853 3816  Steam Client Service - ok
20:44:36.0884 3816  [ 7DD08A597BC56051F320DA0BAF69E389 ] stisvc          C:\Windows\System32\wiaservc.dll
20:44:36.0900 3816  stisvc - ok
20:44:36.0947 3816  [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
20:44:36.0962 3816  swenum - ok
20:44:37.0040 3816  [ B36C7CDB86F7F7A8E884479219766950 ] swprv           C:\Windows\System32\swprv.dll
20:44:37.0118 3816  swprv - ok
20:44:37.0134 3816  [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
20:44:37.0150 3816  Symc8xx - ok
20:44:37.0165 3816  [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
20:44:37.0165 3816  Sym_hi - ok
20:44:37.0212 3816  [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
20:44:37.0228 3816  Sym_u3 - ok
20:44:37.0274 3816  [ BF7AA84D5AF0FAA0978C840E63B17DBF ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
20:44:37.0274 3816  SynTP - ok
20:44:37.0321 3816  [ 8710A92D0024B03B5FB9540DF1F71F1D ] SysMain         C:\Windows\system32\sysmain.dll
20:44:37.0384 3816  SysMain - ok
20:44:37.0540 3816  [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:44:37.0618 3816  TabletInputService - ok
20:44:37.0633 3816  [ 680916BB09EE0F3A6ACA7C274B0D633F ] TapiSrv         C:\Windows\System32\tapisrv.dll
20:44:37.0696 3816  TapiSrv - ok
20:44:37.0711 3816  [ CB05822CD9CC6C688168E113C603DBE7 ] TBS             C:\Windows\System32\tbssvc.dll
20:44:37.0758 3816  TBS - ok
20:44:37.0820 3816  [ 6216A954ED7045B62880A92D6C9B9FC7 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
20:44:37.0883 3816  Tcpip - ok
20:44:37.0930 3816  [ 6216A954ED7045B62880A92D6C9B9FC7 ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
20:44:37.0992 3816  Tcpip6 - ok
20:44:38.0039 3816  [ D4A2E4A4B011F3A883AF77315A5AE76B ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
20:44:38.0132 3816  tcpipreg - ok
20:44:38.0164 3816  [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
20:44:38.0226 3816  TDPIPE - ok
20:44:38.0242 3816  [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
20:44:38.0273 3816  TDTCP - ok
20:44:38.0288 3816  [ D09276B1FAB033CE1D40DCBDF303D10F ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
20:44:38.0320 3816  tdx - ok
20:44:38.0351 3816  [ A048056F5E1A96A9BF3071B91741A5AA ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
20:44:38.0351 3816  TermDD - ok
20:44:38.0398 3816  [ D605031E225AACCBCEB5B76A4F1603A6 ] TermService     C:\Windows\System32\termsrv.dll
20:44:38.0429 3816  TermService - ok
20:44:38.0476 3816  [ 1E3FDB80E40A3CE645F229DFBDFB7694 ] Themes          C:\Windows\system32\shsvcs.dll
20:44:38.0491 3816  Themes - ok
20:44:38.0522 3816  [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER     C:\Windows\system32\mmcss.dll
20:44:38.0538 3816  THREADORDER - ok
20:44:38.0569 3816  [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks          C:\Windows\System32\trkwks.dll
20:44:38.0632 3816  TrkWks - ok
20:44:38.0694 3816  [ 16613A1BAD034D4ECF957AF18B7C2FF5 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:44:38.0756 3816  TrustedInstaller - ok
20:44:38.0772 3816  [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
20:44:38.0819 3816  tssecsrv - ok
20:44:38.0850 3816  [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
20:44:38.0866 3816  tunmp - ok
20:44:38.0881 3816  [ 6042505FF6FA9AC1EF7684D0E03B6940 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
20:44:38.0928 3816  tunnel - ok
20:44:38.0944 3816  [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35          C:\Windows\system32\drivers\uagp35.sys
20:44:38.0959 3816  uagp35 - ok
20:44:38.0990 3816  [ 8B5088058FA1D1CD897A2113CCFF6C58 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
20:44:39.0006 3816  udfs - ok
20:44:39.0053 3816  [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
20:44:39.0115 3816  UI0Detect - ok
20:44:39.0131 3816  [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
20:44:39.0146 3816  uliagpkx - ok
20:44:39.0178 3816  [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci         C:\Windows\system32\drivers\uliahci.sys
20:44:39.0193 3816  uliahci - ok
20:44:39.0209 3816  [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata          C:\Windows\system32\drivers\ulsata.sys
20:44:39.0224 3816  UlSata - ok
20:44:39.0240 3816  [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
20:44:39.0256 3816  ulsata2 - ok
20:44:39.0271 3816  [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
20:44:39.0318 3816  umbus - ok
20:44:39.0334 3816  [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost        C:\Windows\System32\upnphost.dll
20:44:39.0365 3816  upnphost - ok
20:44:39.0521 3816  [ 292A25BB75A568AE2C67169BA2C6365A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
20:44:39.0552 3816  usbaudio - ok
20:44:39.0568 3816  [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
20:44:39.0630 3816  usbccgp - ok
20:44:39.0692 3816  [ E9476E6C486E76BC4898074768FB7131 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
20:44:39.0739 3816  usbcir - ok
20:44:39.0770 3816  [ CEBE90821810E76320155BEBA722FCF9 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
20:44:39.0802 3816  usbehci - ok
20:44:39.0926 3816  [ CC6B28E4CE39951357963119CE47B143 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
20:44:39.0942 3816  usbhub - ok
20:44:39.0973 3816  [ 38DBC7DD6CC5A72011F187425384388B ] usbohci         C:\Windows\system32\drivers\usbohci.sys
20:44:40.0051 3816  usbohci - ok
20:44:40.0238 3816  [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
20:44:40.0332 3816  usbprint - ok
20:44:40.0363 3816  [ A508C9BD8724980512136B039BBA65E9 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
20:44:40.0426 3816  usbscan - ok
20:44:40.0457 3816  [ 87BA6B83C5D19B69160968D07D6E2982 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:44:40.0519 3816  USBSTOR - ok
20:44:40.0566 3816  [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
20:44:40.0597 3816  usbuhci - ok
20:44:40.0660 3816  [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
20:44:40.0706 3816  usbvideo - ok
20:44:40.0738 3816  [ 032A0ACC3909AE7215D524E29D536797 ] UxSms           C:\Windows\System32\uxsms.dll
20:44:40.0753 3816  UxSms - ok
20:44:40.0800 3816  [ B13BC395B9D6116628F5AF47E0802AC4 ] vds             C:\Windows\System32\vds.exe
20:44:40.0878 3816  vds - ok
20:44:40.0909 3816  [ 4D45A93A7DD638CA2DB0A86FBFBF42D1 ] vfs101x         C:\Windows\system32\drivers\vfs101x.sys
20:44:40.0925 3816  vfs101x - ok
20:44:41.0003 3816  [ 96BB29C8D28CBCF595A7C44A4519C002 ] vfsFPService    C:\Windows\system32\vfsFPService.exe
20:44:41.0018 3816  vfsFPService - ok
20:44:41.0034 3816  [ 87B06E1F30B749A114F74622D013F8D4 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
20:44:41.0096 3816  vga - ok
20:44:41.0112 3816  [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave         C:\Windows\System32\drivers\vga.sys
20:44:41.0143 3816  VgaSave - ok
20:44:41.0221 3816  [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp          C:\Windows\system32\drivers\viaagp.sys
20:44:41.0237 3816  viaagp - ok
20:44:41.0284 3816  [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7           C:\Windows\system32\drivers\viac7.sys
20:44:41.0299 3816  ViaC7 - ok
20:44:41.0315 3816  [ AADF5587A4063F52C2C3FED7887426FC ] viaide          C:\Windows\system32\drivers\viaide.sys
20:44:41.0330 3816  viaide - ok
20:44:41.0346 3816  [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
20:44:41.0362 3816  volmgr - ok
20:44:41.0377 3816  [ 98F5FFE6316BD74E9E2C97206C190196 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
20:44:41.0393 3816  volmgrx - ok
20:44:41.0408 3816  [ D8B4A53DD2769F226B3EB374374987C9 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
20:44:41.0424 3816  volsnap - ok
20:44:41.0455 3816  [ 587253E09325E6BF226B299774B728A9 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
20:44:41.0471 3816  vsmraid - ok
20:44:41.0518 3816  [ D5FB73D19C46ADE183F968E13F186B23 ] VSS             C:\Windows\system32\vssvc.exe
20:44:41.0580 3816  VSS - ok
20:44:41.0611 3816  [ 1CF9206966A8458CDA9A8B20DF8AB7D3 ] W32Time         C:\Windows\system32\w32time.dll
20:44:41.0658 3816  W32Time - ok
20:44:41.0689 3816  [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
20:44:41.0736 3816  WacomPen - ok
20:44:41.0767 3816  [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
20:44:41.0798 3816  Wanarp - ok
20:44:41.0798 3816  [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
20:44:41.0830 3816  Wanarpv6 - ok
20:44:41.0861 3816  [ F3A5C2E1A6533192B070D06ECF6BE796 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
20:44:41.0908 3816  wcncsvc - ok
20:44:41.0939 3816  [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:44:41.0970 3816  WcsPlugInService - ok
20:44:41.0986 3816  [ 78FE9542363F297B18C027B2D7E7C07F ] Wd              C:\Windows\system32\drivers\wd.sys
20:44:42.0001 3816  Wd - ok
20:44:42.0032 3816  [ B6F0A7AD6D4BD325FBCD8BAC96CD8D96 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
20:44:42.0079 3816  Wdf01000 - ok
20:44:42.0095 3816  [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost  C:\Windows\system32\wdi.dll
20:44:42.0110 3816  WdiServiceHost - ok
20:44:42.0126 3816  [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost   C:\Windows\system32\wdi.dll
20:44:42.0157 3816  WdiSystemHost - ok
20:44:42.0188 3816  [ CF9A5F41789B642DB967021DE06A2713 ] WebClient       C:\Windows\System32\webclnt.dll
20:44:42.0235 3816  WebClient - ok
20:44:42.0251 3816  [ 905214925A88311FCE52F66153DE7610 ] Wecsvc          C:\Windows\system32\wecsvc.dll
20:44:42.0391 3816  Wecsvc - ok
20:44:42.0422 3816  [ 670FF720071ED741206D69BD995EA453 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
20:44:42.0454 3816  wercplsupport - ok
20:44:42.0610 3816  [ FD1965AAA112C6818A30AB02742D0461 ] WerSvc          C:\Windows\System32\WerSvc.dll
20:44:42.0641 3816  WerSvc - ok
20:44:42.0641 3816  WinHttpAutoProxySvc - ok
20:44:42.0719 3816  [ 00B79A7C984678F24CF052E5BEB3A2F5 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
20:44:42.0906 3816  Winmgmt - ok
20:44:42.0937 3816  [ 20FC93FDC916843CFDFCAA7A1B0DB16F ] WinRM           C:\Windows\system32\WsmSvc.dll
20:44:43.0015 3816  WinRM - ok
20:44:43.0078 3816  [ 275F4346E569DF56CFB95243BD6F6FF0 ] Wlansvc         C:\Windows\System32\wlansvc.dll
20:44:43.0140 3816  Wlansvc - ok
20:44:43.0171 3816  [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
20:44:43.0187 3816  WmiAcpi - ok
20:44:43.0218 3816  [ ABA4CF9F856D9A3A25F4DDD7690A6E9D ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
20:44:43.0265 3816  wmiApSrv - ok
20:44:43.0343 3816  [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
20:44:43.0405 3816  WMPNetworkSvc - ok
20:44:43.0436 3816  [ 5D94CD167751294962BA238D82DD1BB8 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
20:44:43.0483 3816  WPCSvc - ok
20:44:43.0499 3816  [ 396D406292B0CD26E3504FFE82784702 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
20:44:43.0530 3816  WPDBusEnum - ok
20:44:43.0561 3816  [ 0CEC23084B51B8288099EB710224E955 ] WpdUsb          C:\Windows\system32\DRIVERS\wpdusb.sys
20:44:43.0592 3816  WpdUsb - ok
20:44:43.0624 3816  [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
20:44:43.0655 3816  ws2ifsl - ok
20:44:43.0670 3816  WSearch - ok
20:44:43.0733 3816  [ 6298277B73C77FA99106B271A7525163 ] wuauserv        C:\Windows\system32\wuaueng.dll
20:44:43.0811 3816  wuauserv - ok
20:44:43.0858 3816  [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
20:44:43.0889 3816  WUDFRd - ok
20:44:43.0920 3816  [ 575A4190D989F64732119E4114045A4F ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
20:44:43.0998 3816  wudfsvc - ok
20:44:44.0170 3816  [ 5867CE254625645345C833510D24F124 ] {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054} C:\Program Files\CyberLink\PowerDVD8\000.fcl
20:44:44.0170 3816  {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054} - ok
20:44:44.0170 3816  ================ Scan global ===============================
20:44:44.0216 3816  [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
20:44:44.0248 3816  [ F42F8855CB5C22E203C6672B124F17FD ] C:\Windows\system32\winsrv.dll
20:44:44.0279 3816  [ F42F8855CB5C22E203C6672B124F17FD ] C:\Windows\system32\winsrv.dll
20:44:44.0326 3816  [ 2B336AB6286D6C81FA02CBAB914E3C6C ] C:\Windows\system32\services.exe
20:44:44.0326 3816  [Global] - ok
20:44:44.0326 3816  ================ Scan MBR ==================================
20:44:44.0341 3816  [ BB9D3A6A13C5010348DA7C900BB6AF50 ] \Device\Harddisk0\DR0
20:44:47.0009 3816  \Device\Harddisk0\DR0 ( TDSS File System ) - warning
20:44:47.0009 3816  \Device\Harddisk0\DR0 - detected TDSS File System (1)
20:44:47.0009 3816  ================ Scan VBR ==================================
20:44:47.0040 3816  [ 9297EA4740F58AE802304D9E733303D1 ] \Device\Harddisk0\DR0\Partition1
20:44:47.0040 3816  \Device\Harddisk0\DR0\Partition1 - ok
20:44:47.0321 3816  [ E81836E7ED4055C185B93DF16059B343 ] \Device\Harddisk0\DR0\Partition2
20:44:47.0321 3816  \Device\Harddisk0\DR0\Partition2 - ok
20:44:47.0321 3816  ================ Scan active images ========================
20:44:47.0336 3816  [ E9ACAE97F17C99CB735A1E08859BF806 ] C:\Windows\System32\drivers\crashdmp.sys
20:44:47.0336 3816  C:\Windows\System32\drivers\crashdmp.sys - ok
20:44:47.0336 3816  [ 6042505FF6FA9AC1EF7684D0E03B6940 ] C:\Windows\System32\drivers\tunnel.sys
20:44:47.0336 3816  C:\Windows\System32\drivers\tunnel.sys - ok
20:44:47.0336 3816  [ 224191001E78C89DFA78924C3EA595FF ] C:\Windows\System32\drivers\intelppm.sys
20:44:47.0336 3816  C:\Windows\System32\drivers\intelppm.sys - ok
20:44:47.0336 3816  [ CAECC0120AC49E3D2F758B9169872D38 ] C:\Windows\System32\drivers\TUNMP.SYS
20:44:47.0336 3816  C:\Windows\System32\drivers\TUNMP.SYS - ok
20:44:47.0352 3816  [ 2E7255D172DF0B8283CDFB7B433B864E ] C:\Windows\System32\drivers\wmiacpi.sys
20:44:47.0352 3816  C:\Windows\System32\drivers\wmiacpi.sys - ok
20:44:47.0352 3816  [ 87A335A444551A432226720D18337AD9 ] C:\Windows\System32\drivers\nvlddmkm.sys
20:44:47.0352 3816  C:\Windows\System32\drivers\nvlddmkm.sys - ok
20:44:47.0352 3816  [ 85F33880B8CFB554BD3D9CCDB486845A ] C:\Windows\System32\drivers\dxgkrnl.sys
20:44:47.0352 3816  C:\Windows\System32\drivers\dxgkrnl.sys - ok
20:44:47.0368 3816  [ 6C8B7DF75ECF4A7DD668BEC58E268329 ] C:\Windows\System32\drivers\watchdog.sys
20:44:47.0368 3816  C:\Windows\System32\drivers\watchdog.sys - ok
20:44:47.0368 3816  [ CEBE90821810E76320155BEBA722FCF9 ] C:\Windows\System32\drivers\usbehci.sys
20:44:47.0368 3816  C:\Windows\System32\drivers\usbehci.sys - ok
20:44:47.0368 3816  [ 65AD9C60DBFA2F0EA582E691CBA03F0C ] C:\Windows\System32\drivers\usbport.sys
20:44:47.0368 3816  C:\Windows\System32\drivers\usbport.sys - ok
20:44:47.0368 3816  [ 814D653EFC4D48BE3B04A307ECEFF56F ] C:\Windows\System32\drivers\usbuhci.sys
20:44:47.0368 3816  C:\Windows\System32\drivers\usbuhci.sys - ok
20:44:47.0383 3816  [ C87B1EE051C0464491C1A7B03FA0BC99 ] C:\Windows\System32\drivers\hdaudbus.sys
20:44:47.0383 3816  C:\Windows\System32\drivers\hdaudbus.sys - ok
20:44:47.0383 3816  [ 03AFB2705E68703E165CD817779B472F ] C:\Windows\System32\drivers\L1E60x86.sys
20:44:47.0383 3816  C:\Windows\System32\drivers\L1E60x86.sys - ok
20:44:47.0383 3816  [ 8DE67BD902095A13329FD82C85A1FA09 ] C:\Windows\System32\drivers\NETw5v32.sys
20:44:47.0383 3816  C:\Windows\System32\drivers\NETw5v32.sys - ok
20:44:47.0399 3816  [ 99AFC3795B58CC478FBBBCDC658FCB56 ] C:\Windows\System32\drivers\CmBatt.sys
20:44:47.0399 3816  C:\Windows\System32\drivers\CmBatt.sys - ok
20:44:47.0399 3816  [ 8BCD857C7932AD005D5F9C89329DA2E1 ] C:\Windows\System32\drivers\itecir.sys
20:44:47.0399 3816  C:\Windows\System32\drivers\itecir.sys - ok
20:44:47.0399 3816  [ 73BAF270D24FE726B9CD7F80BB17A23D ] C:\Windows\System32\drivers\DKbFltr.sys
20:44:47.0399 3816  C:\Windows\System32\drivers\DKbFltr.sys - ok
20:44:47.0399 3816  [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] C:\Windows\System32\drivers\i8042prt.sys
20:44:47.0399 3816  C:\Windows\System32\drivers\i8042prt.sys - ok
20:44:47.0414 3816  [ 37605E0A8CF00CBBA538E753E4344C6E ] C:\Windows\System32\drivers\kbdclass.sys
20:44:47.0414 3816  C:\Windows\System32\drivers\kbdclass.sys - ok
20:44:47.0414 3816  [ BF7AA84D5AF0FAA0978C840E63B17DBF ] C:\Windows\System32\drivers\SynTP.sys
20:44:47.0414 3816  C:\Windows\System32\drivers\SynTP.sys - ok
20:44:47.0414 3816  [ 790FDAC6D0C762DF9047C3C625A6FF6C ] C:\Windows\System32\drivers\usbd.sys
20:44:47.0414 3816  C:\Windows\System32\drivers\usbd.sys - ok
20:44:47.0430 3816  [ 5BF6A1326A335C5298477754A506D263 ] C:\Windows\System32\drivers\mouclass.sys
20:44:47.0430 3816  C:\Windows\System32\drivers\mouclass.sys - ok
20:44:47.0430 3816  [ F247EEC28317F6C739C16DE420097301 ] C:\Windows\System32\drivers\msiscsi.sys
20:44:47.0430 3816  C:\Windows\System32\drivers\msiscsi.sys - ok
20:44:47.0430 3816  [ 39AD2C7B9C05C1CCD12480890DBA4EB5 ] C:\Windows\System32\drivers\Storport.sys
20:44:47.0430 3816  C:\Windows\System32\drivers\Storport.sys - ok
20:44:47.0430 3816  [ 77937EFF009AC696B90E09F671F9D0A4 ] C:\Windows\System32\drivers\tdi.sys
20:44:47.0430 3816  C:\Windows\System32\drivers\tdi.sys - ok
20:44:47.0446 3816  [ A214ADBAF4CB47DD2728859EF31F26B0 ] C:\Windows\System32\drivers\rasl2tp.sys
20:44:47.0446 3816  C:\Windows\System32\drivers\rasl2tp.sys - ok
20:44:47.0446 3816  [ 0E186E90404980569FB449BA7519AE61 ] C:\Windows\System32\drivers\ndistapi.sys
20:44:47.0446 3816  C:\Windows\System32\drivers\ndistapi.sys - ok
20:44:47.0446 3816  [ 3D14C3B3496F88890D431E8AA022A411 ] C:\Windows\System32\drivers\ndiswan.sys
20:44:47.0446 3816  C:\Windows\System32\drivers\ndiswan.sys - ok
20:44:47.0446 3816  [ 3E9D9B048107B40D87B97DF2E48E0744 ] C:\Windows\System32\drivers\raspppoe.sys
20:44:47.0446 3816  C:\Windows\System32\drivers\raspppoe.sys - ok
20:44:47.0461 3816  [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] C:\Windows\System32\drivers\raspptp.sys
20:44:47.0461 3816  C:\Windows\System32\drivers\raspptp.sys - ok
20:44:47.0461 3816  [ A7D141684E9500AC928A772ED8E6B671 ] C:\Windows\System32\drivers\rassstp.sys
20:44:47.0461 3816  C:\Windows\System32\drivers\rassstp.sys - ok
20:44:47.0461 3816  [ 5B6C11DE7E839C05248CED8825470FEF ] C:\Windows\System32\drivers\pcouffin.sys
20:44:47.0461 3816  C:\Windows\System32\drivers\pcouffin.sys - ok
20:44:47.0461 3816  [ A048056F5E1A96A9BF3071B91741A5AA ] C:\Windows\System32\drivers\termdd.sys
20:44:47.0477 3816  C:\Windows\System32\drivers\termdd.sys - ok
20:44:47.0477 3816  [ 47CB1CBB1D80517D7909D0860128E860 ] C:\Windows\System32\drivers\ks.sys
20:44:47.0477 3816  C:\Windows\System32\drivers\ks.sys - ok
20:44:47.0477 3816  [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] C:\Windows\System32\drivers\swenum.sys
20:44:47.0477 3816  C:\Windows\System32\drivers\swenum.sys - ok
20:44:47.0477 3816  [ E5D4133F37219DBCFE102BC61072589D ] C:\Windows\System32\drivers\circlass.sys
20:44:47.0477 3816  C:\Windows\System32\drivers\circlass.sys - ok
20:44:47.0492 3816  [ E384487CB84BE41D09711C30CA79646C ] C:\Windows\System32\drivers\mssmbios.sys
20:44:47.0492 3816  C:\Windows\System32\drivers\mssmbios.sys - ok
20:44:47.0492 3816  [ 32CFF9F809AE9AED85464492BF3E32D2 ] C:\Windows\System32\drivers\umbus.sys
20:44:47.0492 3816  C:\Windows\System32\drivers\umbus.sys - ok
20:44:47.0492 3816  [ CC6B28E4CE39951357963119CE47B143 ] C:\Windows\System32\drivers\usbhub.sys
20:44:47.0492 3816  C:\Windows\System32\drivers\usbhub.sys - ok
20:44:47.0508 3816  [ 71DAB552B41936358F3B541AE5997FB3 ] C:\Windows\System32\drivers\ndproxy.sys
20:44:47.0508 3816  C:\Windows\System32\drivers\ndproxy.sys - ok
20:44:47.0508 3816  [ 7BE5A3C671A2CB56E94403BFC2020A0D ] C:\Windows\System32\drivers\drmk.sys
20:44:47.0508 3816  C:\Windows\System32\drivers\drmk.sys - ok
20:44:47.0508 3816  [ 75DAD0E7F4CD3CB9455A76123AC16BF3 ] C:\Windows\System32\drivers\portcls.sys
20:44:47.0508 3816  C:\Windows\System32\drivers\portcls.sys - ok
20:44:47.0508 3816  [ 92BCC487F16892CDA495DBD8160272D9 ] C:\Windows\System32\drivers\RTKVHDA.sys
20:44:47.0508 3816  C:\Windows\System32\drivers\RTKVHDA.sys - ok
20:44:47.0524 3816  [ 38325C6AA8EAE011897D61CE48EC6435 ] C:\Windows\System32\drivers\AGRSM.sys
20:44:47.0524 3816  C:\Windows\System32\drivers\AGRSM.sys - ok
20:44:47.0524 3816  [ E13B5EA0F51BA5B1512EC671393D09BA ] C:\Windows\System32\drivers\modem.sys
20:44:47.0524 3816  C:\Windows\System32\drivers\modem.sys - ok
20:44:47.0524 3816  [ 04F49DDD00A26C6CA984A9B480FDAA33 ] C:\Windows\System32\drivers\hidclass.sys
20:44:47.0524 3816  C:\Windows\System32\drivers\hidclass.sys - ok
20:44:47.0539 3816  [ D8DF3722D5E961BAA1292AA2F12827E2 ] C:\Windows\System32\drivers\hidir.sys
20:44:47.0539 3816  C:\Windows\System32\drivers\hidir.sys - ok
20:44:47.0539 3816  [ 175444D3A01CA45D0E1C5DC5F48DF7CD ] C:\Windows\System32\drivers\hidparse.sys
20:44:47.0539 3816  C:\Windows\System32\drivers\hidparse.sys - ok
20:44:47.0539 3816  [ 18247836959BA67E3511B62846B9C2E0 ] C:\Windows\System32\drivers\kbdhid.sys
20:44:47.0539 3816  C:\Windows\System32\drivers\kbdhid.sys - ok
20:44:47.0539 3816  [ 93B8D4869E12CFBE663915502900876F ] C:\Windows\System32\drivers\mouhid.sys
20:44:47.0539 3816  C:\Windows\System32\drivers\mouhid.sys - ok
20:44:47.0555 3816  [ 1EC25CEA0DE6AC4718BF89F9E1778B57 ] C:\Windows\System32\drivers\cdrom.sys
20:44:47.0555 3816  C:\Windows\System32\drivers\cdrom.sys - ok
20:44:47.0555 3816  [ 65EA8B77B5851854F0C55C43FA51A198 ] C:\Windows\System32\drivers\fs_rec.sys
20:44:47.0555 3816  C:\Windows\System32\drivers\fs_rec.sys - ok
20:44:47.0555 3816  [ 67E506B75BD5326A3EC7B70BD014DFB6 ] C:\Windows\System32\drivers\beep.sys
20:44:47.0555 3816  C:\Windows\System32\drivers\beep.sys - ok
20:44:47.0555 3816  [ C5DBBCDA07D780BDA9B685DF333BB41E ] C:\Windows\System32\drivers\null.sys
20:44:47.0555 3816  C:\Windows\System32\drivers\null.sys - ok
20:44:47.0570 3816  [ 2E93AC0A1D8C79D019DB6C51F036636C ] C:\Windows\System32\drivers\vga.sys
20:44:47.0570 3816  C:\Windows\System32\drivers\vga.sys - ok
20:44:47.0570 3816  [ C048D2C33D27441A0CDCAAE2651EB03D ] C:\Windows\System32\drivers\videoprt.sys
20:44:47.0570 3816  C:\Windows\System32\drivers\videoprt.sys - ok
20:44:47.0570 3816  [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] C:\Windows\System32\drivers\RDPCDD.sys
20:44:47.0570 3816  C:\Windows\System32\drivers\RDPCDD.sys - ok
20:44:47.0586 3816  [ A9927F4A46B816C92F461ACB90CF8515 ] C:\Windows\System32\drivers\msfs.sys
20:44:47.0586 3816  C:\Windows\System32\drivers\msfs.sys - ok
20:44:47.0586 3816  [ 9D91FE5286F748862ECFFA05F8A0710C ] C:\Windows\System32\drivers\RDPENCDD.sys
20:44:47.0586 3816  C:\Windows\System32\drivers\RDPENCDD.sys - ok
20:44:47.0586 3816  [ ECB5003F484F9ED6C608D6D6C7886CBB ] C:\Windows\System32\drivers\npfs.sys
20:44:47.0586 3816  C:\Windows\System32\drivers\npfs.sys - ok
20:44:47.0602 3816  [ 147D7F9C556D259924351FEB0DE606C3 ] C:\Windows\System32\drivers\rasacd.sys
20:44:47.0602 3816  C:\Windows\System32\drivers\rasacd.sys - ok
20:44:47.0602 3816  [ C9D3B914BE423F8A35174E0DEBB717A2 ] C:\Windows\System32\drivers\FWPKCLNT.SYS
20:44:47.0602 3816  C:\Windows\System32\drivers\FWPKCLNT.SYS - ok
20:44:47.0602 3816  [ 6216A954ED7045B62880A92D6C9B9FC7 ] C:\Windows\System32\drivers\tcpip.sys
20:44:47.0602 3816  C:\Windows\System32\drivers\tcpip.sys - ok
20:44:47.0602 3816  [ D09276B1FAB033CE1D40DCBDF303D10F ] C:\Windows\System32\drivers\tdx.sys
20:44:47.0602 3816  C:\Windows\System32\drivers\tdx.sys - ok
20:44:47.0617 3816  [ 031E6BCD53C9B2B9ACE111EAFEC347B6 ] C:\Windows\System32\drivers\smb.sys
20:44:47.0617 3816  C:\Windows\System32\drivers\smb.sys - ok
20:44:47.0617 3816  [ 48EB99503533C27AC6135648E5474457 ] C:\Windows\System32\drivers\afd.sys
20:44:47.0617 3816  C:\Windows\System32\drivers\afd.sys - ok
20:44:47.0617 3816  [ 7C5FEE5B1C5728507CD96FB4A13E7A02 ] C:\Windows\System32\drivers\netbt.sys
20:44:47.0617 3816  C:\Windows\System32\drivers\netbt.sys - ok
20:44:47.0633 3816  [ E3A3CB253C0EC2494D4A61F5E43A389C ] C:\Windows\System32\drivers\ws2ifsl.sys
20:44:47.0633 3816  C:\Windows\System32\drivers\ws2ifsl.sys - ok
20:44:47.0633 3816  [ BFEF604508A0ED1EAE2A73E872555FFB ] C:\Windows\System32\drivers\pacer.sys
20:44:47.0633 3816  C:\Windows\System32\drivers\pacer.sys - ok
20:44:47.0633 3816  [ BCD093A5A6777CF626434568DC7DBA78 ] C:\Windows\System32\drivers\netbios.sys
20:44:47.0633 3816  C:\Windows\System32\drivers\netbios.sys - ok
20:44:47.0633 3816  [ 55201897378CCA7AF8B5EFD874374A26 ] C:\Windows\System32\drivers\wanarp.sys
20:44:47.0633 3816  C:\Windows\System32\drivers\wanarp.sys - ok
20:44:47.0648 3816  [ 5C918D413F5837E67A85775C9873775E ] C:\PROGRA~1\LAUNCH~1\DPortIO.sys
20:44:47.0648 3816  C:\PROGRA~1\LAUNCH~1\DPortIO.sys - ok
20:44:47.0648 3816  [ 6E1C5D0457622F9EE35F683110E93D14 ] C:\Windows\System32\drivers\rdbss.sys
20:44:47.0648 3816  C:\Windows\System32\drivers\rdbss.sys - ok
20:44:47.0648 3816  [ 609773E344A97410CE4EBF74A8914FCF ] C:\Windows\System32\drivers\nsiproxy.sys
20:44:47.0648 3816  C:\Windows\System32\drivers\nsiproxy.sys - ok
20:44:47.0664 3816  [ A3E9FA213F443AC77C7746119D13FEEC ] C:\Windows\System32\drivers\dfsc.sys
20:44:47.0664 3816  C:\Windows\System32\drivers\dfsc.sys - ok
20:44:47.0664 3816  [ CAF811AE4C147FFCD5B51750C7F09142 ] C:\Windows\System32\drivers\usbccgp.sys
20:44:47.0664 3816  C:\Windows\System32\drivers\usbccgp.sys - ok
20:44:47.0664 3816  [ 2FC5BE79B51714B479809358E4908FC3 ] C:\Windows\System32\autochk.exe
20:44:47.0664 3816  C:\Windows\System32\autochk.exe - ok
20:44:47.0680 3816  [ 89D0E06D6165C98E47065722CE703FAD ] C:\Windows\System32\ntdll.dll
20:44:47.0680 3816  C:\Windows\System32\ntdll.dll - ok
20:44:47.0680 3816  [ 6701DDAF68BEDE6BBEEA9D514D73A35B ] C:\Windows\System32\smss.exe
20:44:47.0680 3816  C:\Windows\System32\smss.exe - ok
20:44:47.0680 3816  [ 4D45A93A7DD638CA2DB0A86FBFBF42D1 ] C:\Windows\System32\drivers\vfs101x.sys
20:44:47.0680 3816  C:\Windows\System32\drivers\vfs101x.sys - ok
20:44:47.0680 3816  [ 962ABFB0805210936F0C149F9154BEDF ] C:\Windows\System32\iertutil.dll
20:44:47.0680 3816  C:\Windows\System32\iertutil.dll - ok
20:44:47.0695 3816  [ B974D9F06DC7D1908E825DC201681269 ] C:\Windows\System32\user32.dll
20:44:47.0695 3816  C:\Windows\System32\user32.dll - ok
20:44:47.0695 3816  [ 030981927E732FD4013910B3B06BD45B ] C:\Windows\System32\msctf.dll
20:44:47.0695 3816  C:\Windows\System32\msctf.dll - ok
20:44:47.0695 3816  [ EC17194A193CD8E90D27CFB93DFA9A2E ] C:\Windows\System32\imm32.dll
20:44:47.0695 3816  C:\Windows\System32\imm32.dll - ok
20:44:47.0695 3816  [ A64AEBC6C78B4CFD7F41A7277879DF8F ] C:\Windows\System32\nsi.dll
20:44:47.0695 3816  C:\Windows\System32\nsi.dll - ok
20:44:47.0711 3816  [ 44338CAB70F1DB264D2F3F9F86A5D281 ] C:\Windows\System32\shlwapi.dll
20:44:47.0711 3816  C:\Windows\System32\shlwapi.dll - ok
20:44:47.0711 3816  [ EC6F86F7718ABE932926DEED0B871D46 ] C:\Windows\System32\setupapi.dll
20:44:47.0711 3816  C:\Windows\System32\setupapi.dll - ok
20:44:47.0711 3816  [ A23E4692716C25E5AEA300ED74E73A1C ] C:\Windows\System32\usp10.dll
20:44:47.0711 3816  C:\Windows\System32\usp10.dll - ok
20:44:47.0726 3816  [ DD496299B7351E16E602FC4299345A33 ] C:\Windows\System32\lpk.dll
20:44:47.0726 3816  C:\Windows\System32\lpk.dll - ok
20:44:47.0726 3816  [ 44638B7584A362E7B50B1EDD859FACAD ] C:\Windows\System32\Wldap32.dll
20:44:47.0726 3816  C:\Windows\System32\Wldap32.dll - ok
20:44:47.0726 3816  [ DA5A72211661C7F162B332FEA4F09A69 ] C:\Windows\System32\wininet.dll
20:44:47.0726 3816  C:\Windows\System32\wininet.dll - ok
20:44:47.0726 3816  [ FA6BD25A5A65A6FF5BE4385098E3BDEF ] C:\Windows\System32\oleaut32.dll
20:44:47.0726 3816  C:\Windows\System32\oleaut32.dll - ok
20:44:47.0742 3816  [ C44A1766E93E506EE2102A305799E1A1 ] C:\Windows\System32\advapi32.dll
20:44:47.0742 3816  C:\Windows\System32\advapi32.dll - ok
20:44:47.0742 3816  [ D71266E0E06421E81CA85F2346B7EE9E ] C:\Windows\System32\comdlg32.dll
20:44:47.0742 3816  C:\Windows\System32\comdlg32.dll - ok
20:44:47.0742 3816  [ FEDF099539E39797A58F136AC3144BE4 ] C:\Windows\System32\urlmon.dll
20:44:47.0742 3816  C:\Windows\System32\urlmon.dll - ok
20:44:47.0742 3816  [ AA406846DD60E3A4536DBAAB4037B685 ] C:\Windows\System32\ole32.dll
20:44:47.0742 3816  C:\Windows\System32\ole32.dll - ok
20:44:47.0758 3816  [ B304D47D5744BA20FCB99FB8B2C07B0B ] C:\Windows\System32\ws2_32.dll
20:44:47.0758 3816  C:\Windows\System32\ws2_32.dll - ok
20:44:47.0758 3816  [ 8C55A6333DAFAB88E44C040C55179274 ] C:\Windows\System32\imagehlp.dll
20:44:47.0758 3816  C:\Windows\System32\imagehlp.dll - ok
20:44:47.0758 3816  [ 048B65EC931A39A5F42016BE04775274 ] C:\Windows\System32\shell32.dll
20:44:47.0758 3816  C:\Windows\System32\shell32.dll - ok
20:44:47.0773 3816  [ C394079EB162E812D682C73FA96AF6E4 ] C:\Windows\System32\clbcatq.dll
20:44:47.0773 3816  C:\Windows\System32\clbcatq.dll - ok
20:44:47.0773 3816  [ 6F29236AB5926100972924BD29D9D225 ] C:\Windows\System32\normaliz.dll
20:44:47.0773 3816  C:\Windows\System32\normaliz.dll - ok
20:44:47.0773 3816  [ 9DE05CE950E4BC8820464F137029B358 ] C:\Windows\System32\rpcrt4.dll
20:44:47.0773 3816  C:\Windows\System32\rpcrt4.dll - ok
20:44:47.0773 3816  [ 04CBEAA089B6A752B3EB660BEE8C4964 ] C:\Windows\System32\msvcrt.dll
20:44:47.0773 3816  C:\Windows\System32\msvcrt.dll - ok
20:44:47.0789 3816  [ DB6E3731E6F5C8AE2843F80B5787F7C6 ] C:\Windows\System32\kernel32.dll
20:44:47.0789 3816  C:\Windows\System32\kernel32.dll - ok
20:44:47.0789 3816  [ 766DC8261DB0AC993B301DC29BD475DD ] C:\Windows\System32\gdi32.dll
20:44:47.0789 3816  C:\Windows\System32\gdi32.dll - ok
20:44:47.0789 3816  [ 457366B876CEAB9E92DDF976B8520CB6 ] C:\Windows\System32\comctl32.dll
20:44:47.0789 3816  C:\Windows\System32\comctl32.dll - ok
20:44:47.0789 3816  [ 93A1732F7F997E36A5C3893539E2FF02 ] C:\Windows\System32\psapi.dll
20:44:47.0789 3816  C:\Windows\System32\psapi.dll - ok
20:44:47.0804 3816  [ EAAAFEF04FBB45665C9576E525D45A12 ] C:\Windows\System32\drivers\dxapi.sys
20:44:47.0804 3816  C:\Windows\System32\drivers\dxapi.sys - ok
20:44:47.0804 3816  [ 1AB81DE60826E31BCA3644C34C35006D ] C:\Windows\System32\win32k.sys
20:44:47.0804 3816  C:\Windows\System32\win32k.sys - ok
20:44:47.0804 3816  [ A8838BAFFC18781990CF7D7BB9678715 ] C:\Windows\System32\csrsrv.dll
20:44:47.0804 3816  C:\Windows\System32\csrsrv.dll - ok
20:44:47.0820 3816  [ ABCA209EBA02CB59233614DB83B4F50D ] C:\Windows\System32\csrss.exe
20:44:47.0820 3816  C:\Windows\System32\csrss.exe - ok
20:44:47.0820 3816  [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\System32\basesrv.dll
20:44:47.0820 3816  C:\Windows\System32\basesrv.dll - ok
20:44:47.0820 3816  [ F42F8855CB5C22E203C6672B124F17FD ] C:\Windows\System32\winsrv.dll
20:44:47.0820 3816  C:\Windows\System32\winsrv.dll - ok
20:44:47.0820 3816  [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] C:\Windows\System32\drivers\monitor.sys
20:44:47.0820 3816  C:\Windows\System32\drivers\monitor.sys - ok
20:44:47.0836 3816  [ CC21507D246861671A0BF97E75CE1B00 ] C:\Windows\System32\tsddd.dll
20:44:47.0836 3816  C:\Windows\System32\tsddd.dll - ok
20:44:47.0836 3816  [ 101BA3EA053480BB5D957EF37C06B5ED ] C:\Windows\System32\wininit.exe
20:44:47.0836 3816  C:\Windows\System32\wininit.exe - ok
20:44:47.0836 3816  [ C2383A7FA2608D384ACAE1CDDE19A9F2 ] C:\Windows\System32\KBDUK.DLL
20:44:47.0836 3816  C:\Windows\System32\KBDUK.DLL - ok
20:44:47.0851 3816  [ 5CF121E62E74480E0F07D384FF7EB5B1 ] C:\Windows\System32\secur32.dll
20:44:47.0851 3816  C:\Windows\System32\secur32.dll - ok
20:44:47.0851 3816  [ DB5E62FABC9407756F35F5EFBB3E15E5 ] C:\Windows\System32\userenv.dll
20:44:47.0851 3816  C:\Windows\System32\userenv.dll - ok
20:44:47.0851 3816  [ 53E09730CB6190F6FF7633B8B5B914EC ] C:\Windows\System32\apphelp.dll
20:44:47.0851 3816  C:\Windows\System32\apphelp.dll - ok
20:44:47.0851 3816  [ 2B336AB6286D6C81FA02CBAB914E3C6C ] C:\Windows\System32\services.exe
20:44:47.0851 3816  C:\Windows\System32\services.exe - ok
20:44:47.0867 3816  [ 92283D9E33EC5F41ECC0B430B7459241 ] C:\Windows\System32\WlS0WndH.dll
20:44:47.0867 3816  C:\Windows\System32\WlS0WndH.dll - ok
20:44:47.0867 3816  [ BE6FAC6F0745C67DAE7522C96406D083 ] C:\Windows\System32\sxs.dll
20:44:47.0867 3816  C:\Windows\System32\sxs.dll - ok
20:44:47.0867 3816  [ 99D8D5AF1826A4CB454B865223540449 ] C:\Windows\System32\cdd.dll
20:44:47.0867 3816  C:\Windows\System32\cdd.dll - ok
20:44:47.0882 3816  [ A911ECAC81F94ADEAFBE8E3F7873EDB0 ] C:\Windows\System32\lsass.exe
20:44:47.0882 3816  C:\Windows\System32\lsass.exe - ok
20:44:47.0882 3816  [ 4774AD6C447E02E954BD9A793614EBEC ] C:\Windows\System32\lsm.exe
20:44:47.0882 3816  C:\Windows\System32\lsm.exe - ok
20:44:47.0882 3816  [ EA5D4BFB6A9F6A659C3DDCE419D8217C ] C:\Windows\System32\scesrv.dll
20:44:47.0882 3816  C:\Windows\System32\scesrv.dll - ok
20:44:47.0882 3816  [ DABF301FCC92C3E6D068B16C1949ECD7 ] C:\Windows\System32\lsasrv.dll
20:44:47.0882 3816  C:\Windows\System32\lsasrv.dll - ok
20:44:47.0898 3816  [ 71F5A7104FDF16C0AC5283A6CE666553 ] C:\Windows\System32\sysntfy.dll
20:44:47.0898 3816  C:\Windows\System32\sysntfy.dll - ok
20:44:47.0898 3816  [ F0321DA5203F1E71917F3B7A13DC4912 ] C:\Windows\System32\wmsgapi.dll
20:44:47.0898 3816  C:\Windows\System32\wmsgapi.dll - ok
20:44:47.0898 3816  [ 669388DB959F5B07AAAA43C796C7AA05 ] C:\Windows\System32\authz.dll
20:44:47.0898 3816  C:\Windows\System32\authz.dll - ok
20:44:47.0914 3816  [ F1011BD3AAD22375F34CF48CACD483C1 ] C:\Windows\System32\netapi32.dll
20:44:47.0914 3816  C:\Windows\System32\netapi32.dll - ok
20:44:47.0914 3816  [ 2FA16465F64DB54B1F7F511395EB4FD7 ] C:\Windows\System32\ncobjapi.dll
20:44:47.0914 3816  C:\Windows\System32\ncobjapi.dll - ok
 



(post 2 of 2)

 

20:44:47.0914 3816  [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] C:\Windows\System32\aelupsvc.dll
20:44:47.0914 3816  C:\Windows\System32\aelupsvc.dll - ok
20:44:47.0914 3816  [ A1545B731579895D8CC44FC0481C1192 ] C:\Windows\System32\alg.exe
20:44:47.0914 3816  C:\Windows\System32\alg.exe - ok
20:44:47.0929 3816  [ C6D704C7F0434DC791AAC37CAC4B6E14 ] C:\Windows\System32\appinfo.dll
20:44:47.0929 3816  C:\Windows\System32\appinfo.dll - ok
20:44:47.0929 3816  [ 3464DAE0E801F5A81A23C571D86F30B2 ] C:\Windows\System32\rascfg.dll
20:44:47.0929 3816  C:\Windows\System32\rascfg.dll - ok
20:44:47.0929 3816  [ 42076E29AAFA0830A2C5D4E310F58DD1 ] C:\Windows\System32\audiosrv.dll
20:44:47.0929 3816  C:\Windows\System32\audiosrv.dll - ok
20:44:47.0929 3816  [ 02ED7B4DBC2A3232A389106DA7515C3D ] C:\Windows\System32\qmgr.dll
20:44:47.0929 3816  C:\Windows\System32\qmgr.dll - ok
20:44:47.0945 3816  [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] C:\Windows\System32\browser.dll
20:44:47.0945 3816  C:\Windows\System32\browser.dll - ok
20:44:47.0945 3816  [ 87C2D0377B23E2D8A41093C2F5FB1A5B ] C:\Windows\System32\certprop.dll
20:44:47.0945 3816  C:\Windows\System32\certprop.dll - ok
20:44:47.0945 3816  [ 745D20B75B3BDDA545022625ED5DBB1B ] C:\Windows\System32\CISVC.EXE
20:44:47.0945 3816  C:\Windows\System32\CISVC.EXE - ok
20:44:47.0960 3816  [ 4211249955AF9133E2E357CC92B54DFD ] C:\Windows\System32\comres.dll
20:44:47.0960 3816  C:\Windows\System32\comres.dll - ok
20:44:47.0960 3816  [ 1EACFF296A418F23B38BBC02E337F38B ] C:\Windows\System32\samsrv.dll
20:44:47.0960 3816  C:\Windows\System32\samsrv.dll - ok
20:44:47.0960 3816  [ 459B48188494490707DCA8BAA91AA185 ] C:\Windows\System32\cryptdll.dll
20:44:47.0960 3816  C:\Windows\System32\cryptdll.dll - ok
20:44:47.0960 3816  [ 5665120753FCE7123C4DEACE241EE715 ] C:\Windows\System32\dnsapi.dll
20:44:47.0960 3816  C:\Windows\System32\dnsapi.dll - ok
20:44:47.0976 3816  [ 4FB37EC51BDB2A6543F1F712555B9579 ] C:\Windows\System32\feclient.dll
20:44:47.0976 3816  C:\Windows\System32\feclient.dll - ok
20:44:47.0976 3816  [ C047F0EEB03D8513B90A6EA70416DC18 ] C:\Windows\System32\mpr.dll
20:44:47.0976 3816  C:\Windows\System32\mpr.dll - ok
20:44:47.0976 3816  [ BA577783E8B4E2F49ED859E01C77F47B ] C:\Windows\System32\msasn1.dll
20:44:47.0976 3816  C:\Windows\System32\msasn1.dll - ok
20:44:47.0976 3816  [ 7F0F1D4B0D847696F8E309423D227DCE ] C:\Windows\System32\ntdsapi.dll
20:44:47.0976 3816  C:\Windows\System32\ntdsapi.dll - ok
20:44:47.0992 3816  [ 599826174ECA68388BD413C665753BF7 ] C:\Windows\System32\samlib.dll
20:44:47.0992 3816  C:\Windows\System32\samlib.dll - ok
20:44:47.0992 3816  [ D4D86075510C02F887528207D8E0D713 ] C:\Windows\System32\crypt32.dll
20:44:47.0992 3816  C:\Windows\System32\crypt32.dll - ok
20:44:47.0992 3816  [ 6DE363F9F99334514C46AEC02D3E3678 ] C:\Windows\System32\cryptsvc.dll
20:44:47.0992 3816  C:\Windows\System32\cryptsvc.dll - ok
20:44:48.0007 3816  [ 43A988A9C10333476CB5FB667CBD629D ] C:\Windows\System32\dhcpcsvc.dll
20:44:48.0007 3816  C:\Windows\System32\dhcpcsvc.dll - ok
20:44:48.0007 3816  [ 08D6D1692B62C9EE4062E1FA04D8FE2F ] C:\Windows\System32\oleres.dll
20:44:48.0007 3816  C:\Windows\System32\oleres.dll - ok
20:44:48.0007 3816  [ C0D487FD64092792B47E80A0FF27E5C6 ] C:\Windows\System32\SLC.dll
20:44:48.0007 3816  C:\Windows\System32\SLC.dll - ok
20:44:48.0023 3816  [ E83DD205830F7FAEDA91E8E8D5C15ECC ] C:\Windows\System32\wevtapi.dll
20:44:48.0023 3816  C:\Windows\System32\wevtapi.dll - ok
20:44:48.0023 3816  [ 5AF620A08C614E24206B79E8153CF1A8 ] C:\Windows\System32\dot3svc.dll
20:44:48.0023 3816  C:\Windows\System32\dot3svc.dll - ok
20:44:48.0023 3816  [ EEBC4C814729C50E7D21EF70CF3E2B4A ] C:\Windows\System32\dhcpcsvc6.dll
20:44:48.0023 3816  C:\Windows\System32\dhcpcsvc6.dll - ok
20:44:48.0023 3816  [ 3E7978C513204CAA21E455D0F31F7F61 ] C:\Windows\System32\IPHLPAPI.DLL
20:44:48.0023 3816  C:\Windows\System32\IPHLPAPI.DLL - ok
20:44:48.0038 3816  [ 6B09105742C75DF80CEF21700F20F55A ] C:\Windows\System32\winnsi.dll
20:44:48.0038 3816  C:\Windows\System32\winnsi.dll - ok
20:44:48.0038 3816  [ A622E888F8AA2F6B49E9BC466F0E5DEF ] C:\Windows\System32\dps.dll
20:44:48.0038 3816  C:\Windows\System32\dps.dll - ok
20:44:48.0038 3816  [ 9BE3744D295A7701EB425332014F0797 ] C:\Windows\ehome\ehrecvr.exe
20:44:48.0038 3816  C:\Windows\ehome\ehrecvr.exe - ok
20:44:48.0038 3816  [ 7F15B4953378C8B5161D65C26D5FED4D ] C:\Windows\System32\cngaudit.dll
20:44:48.0038 3816  C:\Windows\System32\cngaudit.dll - ok
20:44:48.0054 3816  [ C0B95E40D85CD807D614E264248A45B9 ] C:\Windows\System32\eapsvc.dll
20:44:48.0054 3816  C:\Windows\System32\eapsvc.dll - ok
20:44:48.0054 3816  [ 5D0B2FF2BAA623FC833C06916CB3428E ] C:\Windows\System32\ncrypt.dll
20:44:48.0054 3816  C:\Windows\System32\ncrypt.dll - ok
20:44:48.0054 3816  [ AD1870C8E5D6DD340C829E6074BF3C3F ] C:\Windows\ehome\ehsched.exe
20:44:48.0054 3816  C:\Windows\ehome\ehsched.exe - ok
20:44:48.0070 3816  [ F7FFB0F018DDC0A120A1133437C37AB0 ] C:\Windows\System32\bcrypt.dll
20:44:48.0070 3816  C:\Windows\System32\bcrypt.dll - ok
20:44:48.0070 3816  [ 26F139DDEC6407508071930D3D07337E ] C:\Windows\System32\credssp.dll
20:44:48.0070 3816  C:\Windows\System32\credssp.dll - ok
20:44:48.0070 3816  [ 70B1A86DF0C8EAD17D2BC332EDAE2C7C ] C:\Windows\System32\emdmgmt.dll
20:44:48.0070 3816  C:\Windows\System32\emdmgmt.dll - ok
20:44:48.0070 3816  [ ABE9EEA1EABEA0711610A637A7B1C25D ] C:\Windows\System32\msprivs.dll
20:44:48.0070 3816  C:\Windows\System32\msprivs.dll - ok
20:44:48.0085 3816  [ 7D80A6E1FE4F3B40E5992EE8964A00F4 ] C:\Windows\System32\kerberos.dll
20:44:48.0085 3816  C:\Windows\System32\kerberos.dll - ok
20:44:48.0085 3816  [ 3ABDB4BEAE7CF1187109756D5F3A9BC0 ] C:\Windows\System32\wevtsvc.dll
20:44:48.0085 3816  C:\Windows\System32\wevtsvc.dll - ok
20:44:48.0085 3816  [ 9E80FF0752E365F97FD2D1D68C2AFDA1 ] C:\Windows\System32\wship6.dll
20:44:48.0085 3816  C:\Windows\System32\wship6.dll - ok
20:44:48.0085 3816  [ 22CFAEB9172F5F198048401485CD0571 ] C:\Windows\System32\WSHTCPIP.DLL
20:44:48.0085 3816  C:\Windows\System32\WSHTCPIP.DLL - ok
20:44:48.0101 3816  [ 6629B5F0E98151F4AFDD87567EA32BA3 ] C:\Windows\System32\fdPHost.dll
20:44:48.0101 3816  C:\Windows\System32\fdPHost.dll - ok
20:44:48.0101 3816  [ 89ED56DCE8E47AF40892778A5BD31FD2 ] C:\Windows\System32\FDResPub.dll
20:44:48.0101 3816  C:\Windows\System32\FDResPub.dll - ok
20:44:48.0101 3816  [ 05C3B38DB95BA5585817A4F898EE5581 ] C:\Windows\System32\wshqos.dll
20:44:48.0101 3816  C:\Windows\System32\wshqos.dll - ok
20:44:48.0116 3816  [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] C:\Windows\System32\nlasvc.dll
20:44:48.0116 3816  C:\Windows\System32\nlasvc.dll - ok
20:44:48.0116 3816  [ 302964DCAC79D618CC7B72C778DA9FD2 ] C:\Windows\System32\PresentationHost.exe
20:44:48.0116 3816  C:\Windows\System32\PresentationHost.exe - ok
20:44:48.0116 3816  [ EC366A76243A6755146F802F7D60E4B6 ] C:\Windows\System32\gpapi.dll
20:44:48.0116 3816  C:\Windows\System32\gpapi.dll - ok
20:44:48.0116 3816  [ FC62A635063B762E1C3C60EA77279378 ] C:\Windows\System32\NapiNSP.dll
20:44:48.0116 3816  C:\Windows\System32\NapiNSP.dll - ok
20:44:48.0132 3816  [ 690D41DF1D555F96D4898A0F54EBA065 ] C:\Windows\System32\pnrpnsp.dll
20:44:48.0132 3816  C:\Windows\System32\pnrpnsp.dll - ok
20:44:48.0132 3816  [ 8FA640195279ACE21BEA91396A0054FC ] C:\Windows\System32\hidserv.dll
20:44:48.0132 3816  C:\Windows\System32\hidserv.dll - ok
20:44:48.0132 3816  [ D8AD255B37DA92434C26E4876DB7D418 ] C:\Windows\System32\KMSVC.DLL
20:44:48.0132 3816  C:\Windows\System32\KMSVC.DLL - ok
20:44:48.0132 3816  [ 89FD0595EEA4E505CABEFCF7008F2612 ] C:\Windows\System32\mswsock.dll
20:44:48.0132 3816  C:\Windows\System32\mswsock.dll - ok
20:44:48.0148 3816  [ FE1178E1D65E230721A1F9ADBEBD84CB ] C:\Windows\System32\msv1_0.dll
20:44:48.0148 3816  C:\Windows\System32\msv1_0.dll - ok
20:44:48.0148 3816  [ A8EFC0B6E75B789F7FD3BA5025D4E37F ] C:\Windows\System32\netlogon.dll
20:44:48.0148 3816  C:\Windows\System32\netlogon.dll - ok
20:44:48.0163 3816  [ 72910BC4A218C49EA8E43D1FAEC403A5 ] C:\Windows\System32\winbrand.dll
20:44:48.0163 3816  C:\Windows\System32\winbrand.dll - ok
20:44:48.0163 3816  [ 0F21CE32F5F52E50BC6358BD46D0CFCA ] C:\Windows\System32\atmfd.dll
20:44:48.0163 3816  C:\Windows\System32\atmfd.dll - ok
20:44:48.0163 3816  [ 58236642134BC28334F3209F0130F7A0 ] C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll
20:44:48.0163 3816  C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll - ok
20:44:48.0163 3816  [ 6528EE11EFA77F8C8B1C6EAD401F907F ] C:\Windows\System32\schannel.dll
20:44:48.0163 3816  C:\Windows\System32\schannel.dll - ok
20:44:48.0179 3816  [ 68E8C415E102E5D79FD7E4A765B8CBA4 ] C:\Windows\System32\IKEEXT.DLL
20:44:48.0179 3816  C:\Windows\System32\IKEEXT.DLL - ok
20:44:48.0179 3816  [ 29EC7259E8196D9F90A3D59B3D546FAF ] C:\Windows\System32\wdigest.dll
20:44:48.0179 3816  C:\Windows\System32\wdigest.dll - ok
20:44:48.0179 3816  [ 5178D99B1CBD1C9D310904417E2C5A11 ] C:\Windows\System32\rsaenh.dll
20:44:48.0179 3816  C:\Windows\System32\rsaenh.dll - ok
20:44:48.0179 3816  [ F8873D15018F411588BEC02C1725BADA ] C:\Windows\System32\TSpkg.dll
20:44:48.0179 3816  C:\Windows\System32\TSpkg.dll - ok
20:44:48.0194 3816  [ 9AC218C6E6105477484C6FDBE7D409A4 ] C:\Windows\System32\IPBusEnum.dll
20:44:48.0194 3816  C:\Windows\System32\IPBusEnum.dll - ok
20:44:48.0194 3816  [ 74C2F29CC612B2B34231BEBD824D2FB2 ] C:\Windows\System32\keyiso.dll
20:44:48.0194 3816  C:\Windows\System32\keyiso.dll - ok
20:44:48.0194 3816  [ 1925E63C91CF1610AE41BFD539062079 ] C:\Windows\System32\srvsvc.dll
20:44:48.0194 3816  C:\Windows\System32\srvsvc.dll - ok
20:44:48.0210 3816  [ 2AE2E1628C5D3F1C0A46A67C9FA1DF15 ] C:\Windows\System32\wkssvc.dll
20:44:48.0210 3816  C:\Windows\System32\wkssvc.dll - ok
20:44:48.0210 3816  [ FA0593D936C9B95FB6FAA32AD1595D49 ] C:\Windows\System32\lltdres.dll
20:44:48.0210 3816  C:\Windows\System32\lltdres.dll - ok
20:44:48.0210 3816  [ D1A3C58860DD10877C4C5CD76FD9EF89 ] C:\Windows\ehome\ehres.dll
20:44:48.0210 3816  C:\Windows\ehome\ehres.dll - ok
20:44:48.0210 3816  [ 35D40113E4A5B961B6CE5C5857702518 ] C:\Windows\System32\lmhsvc.dll
20:44:48.0210 3816  C:\Windows\System32\lmhsvc.dll - ok
20:44:48.0226 3816  [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] C:\Windows\System32\mmcss.dll
20:44:48.0226 3816  C:\Windows\System32\mmcss.dll - ok
20:44:48.0226 3816  [ 95F1EB99B81CFD6F581C85F0A0AA9B2B ] C:\Windows\System32\FirewallAPI.dll
20:44:48.0226 3816  C:\Windows\System32\FirewallAPI.dll - ok
20:44:48.0226 3816  [ EA822412BBBA9B7D2B1A3748AD50EFB8 ] C:\Windows\System32\iscsidsc.dll
20:44:48.0226 3816  C:\Windows\System32\iscsidsc.dll - ok
20:44:48.0226 3816  [ 200C81D5EB703CEF14C5A11D12E22396 ] C:\Windows\System32\msimsg.dll
20:44:48.0226 3816  C:\Windows\System32\msimsg.dll - ok
20:44:48.0241 3816  [ C43B25863FBD65B6D2A142AF3AE320CA ] C:\Windows\System32\QAGENTRT.DLL
20:44:48.0241 3816  C:\Windows\System32\QAGENTRT.DLL - ok
20:44:48.0241 3816  [ C8052711DAECC48B982434C5116CA401 ] C:\Windows\System32\netman.dll
20:44:48.0241 3816  C:\Windows\System32\netman.dll - ok
20:44:48.0241 3816  [ ED640F4CE585058119B824CC76591D9C ] C:\Windows\System32\netprof.dll
20:44:48.0241 3816  C:\Windows\System32\netprof.dll - ok
20:44:48.0257 3816  [ 77C61B93D15CB4EFCDEEBB4A3A7A5938 ] C:\Program Files\Microsoft Security Client\MpAsDesc.dll
20:44:48.0257 3816  C:\Program Files\Microsoft Security Client\MpAsDesc.dll - ok
20:44:48.0257 3816  [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] C:\Windows\System32\nsisvc.dll
20:44:48.0257 3816  C:\Windows\System32\nsisvc.dll - ok
20:44:48.0257 3816  [ 5DE1A3972FD3112C75EB17BDCF454169 ] C:\Windows\System32\p2psvc.dll
20:44:48.0257 3816  C:\Windows\System32\p2psvc.dll - ok
20:44:48.0257 3816  [ C6276AD11F4BB49B58AA1ED88537F14A ] C:\Windows\System32\pcasvc.dll
20:44:48.0257 3816  C:\Windows\System32\pcasvc.dll - ok
20:44:48.0272 3816  [ B1689DF169143F57053F795390C99DB3 ] C:\Windows\System32\pla.dll
20:44:48.0272 3816  C:\Windows\System32\pla.dll - ok
20:44:48.0272 3816  [ 64B28D672B5B6A01E87B0C3096B1E047 ] C:\Windows\System32\polstore.dll
20:44:48.0272 3816  C:\Windows\System32\polstore.dll - ok
20:44:48.0272 3816  [ 78F975CB6D18265BE6F492EDB2D7BC7B ] C:\Windows\System32\umpnpmgr.dll
20:44:48.0272 3816  C:\Windows\System32\umpnpmgr.dll - ok
20:44:48.0288 3816  [ B627E4FC8585E8843C5905D4D3587A90 ] C:\Windows\System32\profsvc.dll
20:44:48.0288 3816  C:\Windows\System32\profsvc.dll - ok
20:44:48.0288 3816  [ 08F9134A2215B7ED985409A4DF60AC60 ] C:\Windows\System32\psbase.dll
20:44:48.0288 3816  C:\Windows\System32\psbase.dll - ok
20:44:48.0288 3816  [ E9ECAE663F47E6CB43962D18AB18890F ] C:\Windows\System32\qwave.dll
20:44:48.0288 3816  C:\Windows\System32\qwave.dll - ok
20:44:48.0288 3816  [ 9F5E0E1926014D17486901C88ECA2DB7 ] C:\Windows\System32\drivers\qwavedrv.sys
20:44:48.0288 3816  C:\Windows\System32\drivers\qwavedrv.sys - ok
20:44:48.0304 3816  [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] C:\Windows\System32\rasauto.dll
20:44:48.0304 3816  C:\Windows\System32\rasauto.dll - ok
20:44:48.0304 3816  [ 6E7C284FC5C4EC07AD164D93810385A6 ] C:\Windows\System32\rasmans.dll
20:44:48.0304 3816  C:\Windows\System32\rasmans.dll - ok
20:44:48.0304 3816  [ 6F1A32E7B7B30F004D9A20AFADB14944 ] C:\Windows\System32\sstpsvc.dll
20:44:48.0304 3816  C:\Windows\System32\sstpsvc.dll - ok
20:44:48.0319 3816  [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] C:\Windows\System32\mprdim.dll
20:44:48.0319 3816  C:\Windows\System32\mprdim.dll - ok
20:44:48.0319 3816  [ 5123F83CBC4349D065534EEB6BBDC42B ] C:\Windows\System32\Locator.exe
20:44:48.0319 3816  C:\Windows\System32\Locator.exe - ok
20:44:48.0319 3816  [ CC4E32400F3C7253400CF8F3F3A0B676 ] C:\Windows\System32\regsvc.dll
20:44:48.0319 3816  C:\Windows\System32\regsvc.dll - ok
20:44:48.0319 3816  [ 11387E32642269C7E62E8B52C060B3C6 ] C:\Windows\System32\SCardSvr.dll
20:44:48.0319 3816  C:\Windows\System32\SCardSvr.dll - ok
20:44:48.0335 3816  [ 7B587B8A6D4A99F79D2902D0385F29BD ] C:\Windows\System32\schedsvc.dll
20:44:48.0335 3816  C:\Windows\System32\schedsvc.dll - ok
20:44:48.0335 3816  [ 716313D9F6B0529D03F726D5AAF6F191 ] C:\Windows\System32\sdrsvc.dll
20:44:48.0335 3816  C:\Windows\System32\sdrsvc.dll - ok
20:44:48.0335 3816  [ FD5199D4D8A521005E4B5EE7FE00FA9B ] C:\Windows\System32\seclogon.dll
20:44:48.0335 3816  C:\Windows\System32\seclogon.dll - ok
20:44:48.0350 3816  [ A9BBAB5759771E523F55563D6CBE140F ] C:\Windows\System32\Sens.dll
20:44:48.0350 3816  C:\Windows\System32\Sens.dll - ok
20:44:48.0350 3816  [ D2193326F729B163125610DBF3E17D57 ] C:\Windows\System32\SessEnv.dll
20:44:48.0350 3816  C:\Windows\System32\SessEnv.dll - ok
20:44:48.0350 3816  [ 1E3FDB80E40A3CE645F229DFBDFB7694 ] C:\Windows\System32\shsvcs.dll
20:44:48.0350 3816  C:\Windows\System32\shsvcs.dll - ok
20:44:48.0350 3816  [ 0BA91E1358AD25236863039BB2609A2E ] C:\Windows\System32\SLsvc.exe
20:44:48.0350 3816  C:\Windows\System32\SLsvc.exe - ok
20:44:48.0366 3816  [ C2610B6BDBEFC053BBDAB4F1B965CB24 ] C:\Windows\System32\winlogon.exe
20:44:48.0366 3816  C:\Windows\System32\winlogon.exe - ok
20:44:48.0366 3816  [ 4AAFC7461633848AA87A363B2CBEC522 ] C:\Windows\System32\winsta.dll
20:44:48.0366 3816  C:\Windows\System32\winsta.dll - ok
20:44:48.0366 3816  [ 7C6DC44CA0BFA6291629AB764200D1D4 ] C:\Windows\System32\SLUINotify.dll
20:44:48.0366 3816  C:\Windows\System32\SLUINotify.dll - ok
20:44:48.0382 3816  [ 2E4E9353D829636120CFDE95D60881BA ] C:\Windows\System32\tcpipcfg.dll
20:44:48.0382 3816  C:\Windows\System32\tcpipcfg.dll - ok
20:44:48.0382 3816  [ 2A146A055B4401C16EE62D18B8E2A032 ] C:\Windows\System32\snmptrap.exe
20:44:48.0382 3816  C:\Windows\System32\snmptrap.exe - ok
20:44:48.0382 3816  [ 3665F79026A3F91FBCA63F2C65A09B19 ] C:\Windows\System32\spoolsv.exe
20:44:48.0382 3816  C:\Windows\System32\spoolsv.exe - ok
20:44:48.0382 3816  [ 03D50B37234967433A5EA5BA72BC0B62 ] C:\Windows\System32\ssdpsrv.dll
20:44:48.0382 3816  C:\Windows\System32\ssdpsrv.dll - ok
20:44:48.0397 3816  [ 7DD08A597BC56051F320DA0BAF69E389 ] C:\Windows\System32\wiaservc.dll
20:44:48.0397 3816  C:\Windows\System32\wiaservc.dll - ok
20:44:48.0397 3816  [ B36C7CDB86F7F7A8E884479219766950 ] C:\Windows\System32\swprv.dll
20:44:48.0397 3816  C:\Windows\System32\swprv.dll - ok
20:44:48.0397 3816  [ 8710A92D0024B03B5FB9540DF1F71F1D ] C:\Windows\System32\sysmain.dll
20:44:48.0397 3816  C:\Windows\System32\sysmain.dll - ok
20:44:48.0413 3816  [ 680916BB09EE0F3A6ACA7C274B0D633F ] C:\Windows\System32\tapisrv.dll
20:44:48.0413 3816  C:\Windows\System32\tapisrv.dll - ok
20:44:48.0413 3816  [ CB05822CD9CC6C688168E113C603DBE7 ] C:\Windows\System32\tbssvc.dll
20:44:48.0413 3816  C:\Windows\System32\tbssvc.dll - ok
20:44:48.0413 3816  [ D605031E225AACCBCEB5B76A4F1603A6 ] C:\Windows\System32\termsrv.dll
20:44:48.0413 3816  C:\Windows\System32\termsrv.dll - ok
20:44:48.0413 3816  [ 16613A1BAD034D4ECF957AF18B7C2FF5 ] C:\Windows\servicing\TrustedInstaller.exe
20:44:48.0413 3816  C:\Windows\servicing\TrustedInstaller.exe - ok
20:44:48.0428 3816  [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] C:\Windows\System32\trkwks.dll
20:44:48.0428 3816  C:\Windows\System32\trkwks.dll - ok
20:44:48.0428 3816  [ ECEF404F62863755951E09C802C94AD5 ] C:\Windows\System32\UI0Detect.exe
20:44:48.0428 3816  C:\Windows\System32\UI0Detect.exe - ok
20:44:48.0428 3816  [ 68308183F4AE0BE7BF8ECD07CB297999 ] C:\Windows\System32\upnphost.dll
20:44:48.0428 3816  C:\Windows\System32\upnphost.dll - ok
20:44:48.0444 3816  [ 59903071D7ACE6A02093C47E9E38AF97 ] C:\Windows\System32\dwm.exe
20:44:48.0444 3816  C:\Windows\System32\dwm.exe - ok
20:44:48.0444 3816  [ B13BC395B9D6116628F5AF47E0802AC4 ] C:\Windows\System32\vds.exe
20:44:48.0444 3816  C:\Windows\System32\vds.exe - ok
20:44:48.0444 3816  [ D5FB73D19C46ADE183F968E13F186B23 ] C:\Windows\System32\VSSVC.exe
20:44:48.0444 3816  C:\Windows\System32\VSSVC.exe - ok
20:44:48.0444 3816  [ 1CF9206966A8458CDA9A8B20DF8AB7D3 ] C:\Windows\System32\w32time.dll
20:44:48.0444 3816  C:\Windows\System32\w32time.dll - ok
20:44:48.0460 3816  [ F3A5C2E1A6533192B070D06ECF6BE796 ] C:\Windows\System32\wcncsvc.dll
20:44:48.0460 3816  C:\Windows\System32\wcncsvc.dll - ok
20:44:48.0460 3816  [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] C:\Windows\System32\WcsPlugInService.dll
20:44:48.0460 3816  C:\Windows\System32\WcsPlugInService.dll - ok
20:44:48.0460 3816  [ ABFC76B48BB6C96E3338D8943C5D93B5 ] C:\Windows\System32\wdi.dll
20:44:48.0460 3816  C:\Windows\System32\wdi.dll - ok
20:44:48.0475 3816  [ CF9A5F41789B642DB967021DE06A2713 ] C:\Windows\System32\WebClnt.dll
20:44:48.0475 3816  C:\Windows\System32\WebClnt.dll - ok
20:44:48.0475 3816  [ 905214925A88311FCE52F66153DE7610 ] C:\Windows\System32\wecsvc.dll
20:44:48.0475 3816  C:\Windows\System32\wecsvc.dll - ok
20:44:48.0475 3816  [ 670FF720071ED741206D69BD995EA453 ] C:\Windows\System32\wercplsupport.dll
20:44:48.0475 3816  C:\Windows\System32\wercplsupport.dll - ok
20:44:48.0491 3816  [ FD1965AAA112C6818A30AB02742D0461 ] C:\Windows\System32\wersvc.dll
20:44:48.0491 3816  C:\Windows\System32\wersvc.dll - ok
20:44:48.0491 3816  [ CE412DEE2B485C11BA1802A64473E9BA ] C:\Windows\System32\winhttp.dll
20:44:48.0491 3816  C:\Windows\System32\winhttp.dll - ok
20:44:48.0491 3816  [ 00B79A7C984678F24CF052E5BEB3A2F5 ] C:\Windows\System32\wbem\WMIsvc.dll
20:44:48.0491 3816  C:\Windows\System32\wbem\WMIsvc.dll - ok
20:44:48.0491 3816  [ 20FC93FDC916843CFDFCAA7A1B0DB16F ] C:\Windows\System32\WsmSvc.dll
20:44:48.0491 3816  C:\Windows\System32\WsmSvc.dll - ok
20:44:48.0506 3816  [ ABA4CF9F856D9A3A25F4DDD7690A6E9D ] C:\Windows\System32\wbem\WmiApSrv.exe
20:44:48.0506 3816  C:\Windows\System32\wbem\WmiApSrv.exe - ok
20:44:48.0506 3816  [ 275F4346E569DF56CFB95243BD6F6FF0 ] C:\Windows\System32\wlansvc.dll
20:44:48.0506 3816  C:\Windows\System32\wlansvc.dll - ok
20:44:48.0506 3816  [ 3978704576A121A9204F8CC49A301A9B ] C:\Program Files\Windows Media Player\wmpnetwk.exe
20:44:48.0506 3816  C:\Program Files\Windows Media Player\wmpnetwk.exe - ok
20:44:48.0506 3816  [ 5D94CD167751294962BA238D82DD1BB8 ] C:\Windows\System32\wpcsvc.dll
20:44:48.0506 3816  C:\Windows\System32\wpcsvc.dll - ok
20:44:48.0522 3816  [ 396D406292B0CD26E3504FFE82784702 ] C:\Windows\System32\wpdbusenum.dll
20:44:48.0522 3816  C:\Windows\System32\wpdbusenum.dll - ok
20:44:48.0522 3816  [ EF68EEBE88FDBE6D31F3E446C1DD9FB8 ] C:\Windows\System32\SearchIndexer.exe
20:44:48.0522 3816  C:\Windows\System32\SearchIndexer.exe - ok
20:44:48.0522 3816  [ 6298277B73C77FA99106B271A7525163 ] C:\Windows\System32\wuaueng.dll
20:44:48.0522 3816  C:\Windows\System32\wuaueng.dll - ok
20:44:48.0538 3816  [ 575A4190D989F64732119E4114045A4F ] C:\Windows\System32\WUDFSvc.dll
20:44:48.0538 3816  C:\Windows\System32\WUDFSvc.dll - ok
20:44:48.0538 3816  [ 28B84EB538F7E8A0FE8B9299D591E0B9 ] C:\Windows\System32\scecli.dll
20:44:48.0538 3816  C:\Windows\System32\scecli.dll - ok
20:44:48.0538 3816  [ 6B9E1AC6EB04767DACE3B24C089A86D0 ] C:\Windows\System32\ntmarta.dll
20:44:48.0538 3816  C:\Windows\System32\ntmarta.dll - ok
20:44:48.0553 3816  [ 3794B461C45882E06856F282EEF025AF ] C:\Windows\System32\svchost.exe
20:44:48.0553 3816  C:\Windows\System32\svchost.exe - ok
20:44:48.0553 3816  [ 51832219A52C3535BF4771C375E63F9B ] C:\Windows\System32\powrprof.dll
20:44:48.0553 3816  C:\Windows\System32\powrprof.dll - ok
20:44:48.0553 3816  [ 8F5C7426567798E62A3B3614965D62CC ] C:\Windows\System32\drivers\luafv.sys
20:44:48.0553 3816  C:\Windows\System32\drivers\luafv.sys - ok
20:44:48.0553 3816  [ 4470E3C1E0C3378E4CAB137893C12C3A ] C:\Windows\System32\drivers\mbam.sys
20:44:48.0553 3816  C:\Windows\System32\drivers\mbam.sys - ok
20:44:48.0569 3816  [ 03BD4F5759E6630D521BE0E123060A9B ] C:\Windows\System32\nvvsvc.exe
20:44:48.0569 3816  C:\Windows\System32\nvvsvc.exe - ok
20:44:48.0569 3816  [ F42483814FC39170B3982A184EC5AAA2 ] C:\Windows\System32\wtsapi32.dll
20:44:48.0569 3816  C:\Windows\System32\wtsapi32.dll - ok
20:44:48.0569 3816  [ D702B4E30B31BFCAB7BD4E5965C1A5DC ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_5cdd65e20837faf2\comctl32.dll
20:44:48.0569 3816  C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_5cdd65e20837faf2\comctl32.dll - ok
20:44:48.0569 3816  [ 301AE00E12408650BADDC04DBC832830 ] C:\Windows\System32\rpcss.dll
20:44:48.0569 3816  C:\Windows\System32\rpcss.dll - ok
20:44:48.0584 3816  [ 187D588F7A1A45DE48B8540401A90850 ] C:\Windows\System32\version.dll
20:44:48.0584 3816  C:\Windows\System32\version.dll - ok
20:44:48.0584 3816  [ 24516BF4E12A46CB67302E2CDCB8CDDF ] C:\Program Files\Microsoft Security Client\MsMpEng.exe
20:44:48.0584 3816  C:\Program Files\Microsoft Security Client\MsMpEng.exe - ok
20:44:48.0584 3816  [ 120AA0938E8B76CE044D5307DD6CAA11 ] C:\Program Files\Microsoft Security Client\MpSvc.dll
20:44:48.0584 3816  C:\Program Files\Microsoft Security Client\MpSvc.dll - ok
20:44:48.0600 3816  [ 410CCADF699CEE2C0C741DF0FD90F204 ] C:\Program Files\Microsoft Security Client\MpClient.dll
20:44:48.0600 3816  C:\Program Files\Microsoft Security Client\MpClient.dll - ok
20:44:48.0600 3816  [ 6E012DA20D59C3991751CA6E8C71EB06 ] C:\Windows\System32\wintrust.dll
20:44:48.0600 3816  C:\Windows\System32\wintrust.dll - ok
20:44:48.0600 3816  [ 62D577288B48998FC6667BF22DC5B690 ] C:\Windows\System32\LogonUI.exe
20:44:48.0600 3816  C:\Windows\System32\LogonUI.exe - ok
20:44:48.0600 3816  [ A8E35801E04A4183A27DF60829402867 ] C:\Program Files\Microsoft Security Client\EppManifest.dll
20:44:48.0600 3816  C:\Program Files\Microsoft Security Client\EppManifest.dll - ok
20:44:48.0616 3816  [ A9BF9F54B6FAC7C1839AA6C93C5664C5 ] C:\Windows\System32\authui.dll
20:44:48.0616 3816  C:\Windows\System32\authui.dll - ok
20:44:48.0616 3816  [ 3040D9DF36AE94DB309726400582E02F ] C:\Windows\System32\MMDevAPI.dll
20:44:48.0616 3816  C:\Windows\System32\MMDevAPI.dll - ok
20:44:48.0616 3816  [ 0B3E2A065BB0E0C8854FEF37F90DC3BE ] C:\Program Files\Microsoft Security Client\MpRTP.dll
20:44:48.0616 3816  C:\Program Files\Microsoft Security Client\MpRTP.dll - ok
20:44:48.0631 3816  [ 05EA53AFE985443011E36DAB07343B46 ] C:\Windows\System32\drivers\fltMgr.sys
20:44:48.0631 3816  C:\Windows\System32\drivers\fltMgr.sys - ok
20:44:48.0631 3816  [ C9244BCAC83B259B920BBEE18A97BFE1 ] C:\Windows\System32\avrt.dll
20:44:48.0631 3816  C:\Windows\System32\avrt.dll - ok
20:44:48.0631 3816  [ 9B70EC8230DBC6BE9C0A54FCCA7BE841 ] C:\Windows\System32\adtschema.dll
20:44:48.0631 3816  C:\Windows\System32\adtschema.dll - ok
20:44:48.0631 3816  [ A9542FF2E9A82CF100E5729EC79068F0 ] C:\Windows\System32\fltLib.dll
20:44:48.0631 3816  C:\Windows\System32\fltLib.dll - ok
20:44:48.0647 3816  [ A99871BA522CB2539AE275AC18CACC8F ] C:\Windows\System32\cabinet.dll
20:44:48.0647 3816  C:\Windows\System32\cabinet.dll - ok
20:44:48.0647 3816  [ 479C0A2246C14F51171DD6B4333EA3A2 ] C:\Windows\System32\PSHED.DLL
20:44:48.0647 3816  C:\Windows\System32\PSHED.DLL - ok
20:44:48.0647 3816  [ 79D05A6BD37B12F8F0608082298EBA27 ] C:\Program Files\Microsoft Security Client\MsMpLics.dll
20:44:48.0647 3816  C:\Program Files\Microsoft Security Client\MsMpLics.dll - ok
20:44:48.0662 3816  [ D993BEA500E7382DC4E760BF4F35EFCB ] C:\Windows\System32\drivers\MpFilter.sys
20:44:48.0662 3816  C:\Windows\System32\drivers\MpFilter.sys - ok
20:44:48.0662 3816  [ 8DE82BD61F12035A07DDF62F4A44D225 ] C:\Program Files\Microsoft Security Client\NisIpsPlugin.dll
20:44:48.0662 3816  C:\Program Files\Microsoft Security Client\NisIpsPlugin.dll - ok
20:44:48.0662 3816  [ 2A3BD8FF5430F454E146974D6BE5C784 ] C:\Windows\System32\audiodg.exe
20:44:48.0662 3816  C:\Windows\System32\audiodg.exe - ok
20:44:48.0678 3816  [ 3E4F7CEF4D814584D3E9E390CA59DE5F ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{EF81955C-5F2D-4FD1-ABF2-827226723684}\mpengine.dll
20:44:48.0678 3816  C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{EF81955C-5F2D-4FD1-ABF2-827226723684}\mpengine.dll - ok
20:44:48.0678 3816  [ D9F1113D9401185245573350712F92FC ] C:\Windows\System32\gpsvc.dll
20:44:48.0678 3816  C:\Windows\System32\gpsvc.dll - ok
20:44:48.0678 3816  [ D1A84F7D4CAFCFE2A32149FF418056E5 ] C:\Windows\System32\nlaapi.dll
20:44:48.0678 3816  C:\Windows\System32\nlaapi.dll - ok
20:44:48.0678 3816  [ 35979494DABAF115F5FFA960830817DF ] C:\Windows\System32\atl.dll
20:44:48.0678 3816  C:\Windows\System32\atl.dll - ok
20:44:48.0694 3816  [ 3CB3343D720168B575133A0A20DC2465 ] C:\Windows\System32\es.dll
20:44:48.0694 3816  C:\Windows\System32\es.dll - ok
20:44:48.0694 3816  [ F713E67C329CE82FF1E1EBB497887427 ] C:\Windows\System32\drivers\spsys.sys
20:44:48.0694 3816  C:\Windows\System32\drivers\spsys.sys - ok
20:44:48.0694 3816  [ BDB159ED6E8F97E988EAFD71FF3E8990 ] C:\Windows\System32\propsys.dll
20:44:48.0694 3816  C:\Windows\System32\propsys.dll - ok
20:44:48.0694 3816  [ 032A0ACC3909AE7215D524E29D536797 ] C:\Windows\System32\uxsms.dll
20:44:48.0694 3816  C:\Windows\System32\uxsms.dll - ok
20:44:48.0709 3816  [ 399BB52AD0668472717498E97CF28341 ] C:\Windows\System32\WUDFPlatform.dll
20:44:48.0709 3816  C:\Windows\System32\WUDFPlatform.dll - ok
20:44:48.0709 3816  [ 96BB29C8D28CBCF595A7C44A4519C002 ] C:\Windows\System32\vfsFPService.exe
20:44:48.0709 3816  C:\Windows\System32\vfsFPService.exe - ok
20:44:48.0709 3816  [ 7DFE18823AA8E3AE8DE9F8E1B804D4CC ] C:\Windows\System32\vfsCommUSB20.DLL
20:44:48.0709 3816  C:\Windows\System32\vfsCommUSB20.DLL - ok
20:44:48.0725 3816  [ 5CAAE5333EF36DB4A8D294418AB37E80 ] C:\Windows\System32\p2pcollab.dll
20:44:48.0725 3816  C:\Windows\System32\p2pcollab.dll - ok
20:44:48.0725 3816  [ 62C265C38769B864CB25B4BCF62DF6C3 ] C:\Windows\System32\drivers\ipfltdrv.sys
20:44:48.0725 3816  C:\Windows\System32\drivers\ipfltdrv.sys - ok
20:44:48.0725 3816  [ D1C5883087A0C3F1344D9D55A44901F6 ] C:\Windows\System32\drivers\lltdio.sys
20:44:48.0725 3816  C:\Windows\System32\drivers\lltdio.sys - ok
20:44:48.0725 3816  [ 3C21CE48FF529BB73DADB98770B54025 ] C:\Windows\System32\drivers\nwifi.sys
20:44:48.0725 3816  C:\Windows\System32\drivers\nwifi.sys - ok
20:44:48.0740 3816  [ D6973AA34C4D5D76C0430B181C3CD389 ] C:\Windows\System32\drivers\ndisuio.sys
20:44:48.0740 3816  C:\Windows\System32\drivers\ndisuio.sys - ok
20:44:48.0740 3816  [ 9C508F4074A39E8B4B31D27198146FAD ] C:\Windows\System32\drivers\rspndr.sys
20:44:48.0740 3816  C:\Windows\System32\drivers\rspndr.sys - ok
20:44:48.0740 3816  [ 4805D9A6D281C7A7DEFD9094DEC6AF7D ] C:\Windows\System32\dnsrslvr.dll
20:44:48.0740 3816  C:\Windows\System32\dnsrslvr.dll - ok
20:44:48.0756 3816  [ 0AF64A7B89F34A51FCF25E1F360CCA39 ] C:\Windows\System32\eapphost.dll
20:44:48.0756 3816  C:\Windows\System32\eapphost.dll - ok
20:44:48.0756 3816  [ 6CDB3406B41B5851F788DE287D7EF6E3 ] C:\Program Files\Cisco\Cisco LEAP Module\CiscoEapLeap.dll
20:44:48.0756 3816  C:\Program Files\Cisco\Cisco LEAP Module\CiscoEapLeap.dll - ok
20:44:48.0756 3816  [ D0D93E9CAFCFF7C0AFF51638544B0A3E ] C:\Program Files\Cisco\Cisco PEAP Module\CiscoEapPeap.dll
20:44:48.0756 3816  C:\Program Files\Cisco\Cisco PEAP Module\CiscoEapPeap.dll - ok
20:44:48.0772 3816  [ AFDCEF7AAC3EB412EEB21E85490046CE ] C:\Program Files\Cisco\Cisco EAP-FAST Module\CiscoEapFast.dll
20:44:48.0772 3816  C:\Program Files\Cisco\Cisco EAP-FAST Module\CiscoEapFast.dll - ok
20:44:48.0772 3816  [ 1C0E2529FED8862F08BE8B562CFC3C5C ] C:\Windows\System32\rastls.dll
20:44:48.0772 3816  C:\Windows\System32\rastls.dll - ok
20:44:48.0772 3816  [ 5EAAD3F8B0AFE4C5C1777DE18262FBD3 ] C:\Windows\System32\raschap.dll
20:44:48.0772 3816  C:\Windows\System32\raschap.dll - ok
20:44:48.0772 3816  [ E45051C374F845EDF3DB02A35BA13193 ] C:\Windows\System32\umb.dll
20:44:48.0772 3816  C:\Windows\System32\umb.dll - ok
20:44:48.0787 3816  [ 1F232B3F8F93563015E01197B37EFA79 ] C:\Windows\System32\onex.dll
20:44:48.0787 3816  C:\Windows\System32\onex.dll - ok
20:44:48.0787 3816  [ ABE9DEC1E78226F70F5A6D18F701AFF2 ] C:\Windows\System32\wlanmsm.dll
20:44:48.0787 3816  C:\Windows\System32\wlanmsm.dll - ok
20:44:48.0787 3816  [ 2938E3B155C2647137A1910F534E66BE ] C:\Windows\System32\wlansec.dll
20:44:48.0787 3816  C:\Windows\System32\wlansec.dll - ok
20:44:48.0803 3816  [ 7AB5D82A29B778911445653058886D24 ] C:\Windows\System32\eappcfg.dll
20:44:48.0803 3816  C:\Windows\System32\eappcfg.dll - ok
20:44:48.0803 3816  [ 9D9FFC923FADBB575E0452EA0BBB15BD ] C:\Windows\System32\eappprxy.dll
20:44:48.0803 3816  C:\Windows\System32\eappprxy.dll - ok
20:44:48.0803 3816  [ 81E199BFE82C106D38F989674D0DEC1F ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18551_none_9e7a1850c9c1b3dc\GdiPlus.dll
20:44:48.0803 3816  C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18551_none_9e7a1850c9c1b3dc\GdiPlus.dll - ok
20:44:48.0803 3816  [ 75EB73E64F5B4655D9797D20F26DE320 ] C:\Windows\System32\duser.dll
20:44:48.0803 3816  C:\Windows\System32\duser.dll - ok
20:44:48.0818 3816  [ 97CA916976B4EAED3FD35C238F42BCD9 ] C:\Windows\System32\oleacc.dll
20:44:48.0818 3816  C:\Windows\System32\oleacc.dll - ok
20:44:48.0818 3816  [ 999D69DEB576C2C424294DF025891CC6 ] C:\Windows\System32\uxtheme.dll
20:44:48.0818 3816  C:\Windows\System32\uxtheme.dll - ok
20:44:48.0818 3816  [ 19FFAD68A02AF1BF0BC336EE26CD6767 ] C:\Windows\System32\l2gpstore.dll
20:44:48.0818 3816  C:\Windows\System32\l2gpstore.dll - ok
20:44:48.0834 3816  [ 6F12098823894C744F45D632CB45BD18 ] C:\Windows\System32\WinSCard.dll
20:44:48.0834 3816  C:\Windows\System32\WinSCard.dll - ok
20:44:48.0834 3816  [ EB2170D0DDF3B2A92506AE16BC524B0B ] C:\Windows\System32\wlanutil.dll
20:44:48.0834 3816  C:\Windows\System32\wlanutil.dll - ok
20:44:48.0834 3816  [ 0636D4FE43C198C289F37BE4083204D0 ] C:\Windows\System32\wlgpclnt.dll
20:44:48.0834 3816  C:\Windows\System32\wlgpclnt.dll - ok
20:44:48.0834 3816  [ FAED2BB920F8C729693A517394C87DD0 ] C:\Windows\System32\msxml6.dll
20:44:48.0834 3816  C:\Windows\System32\msxml6.dll - ok
20:44:48.0850 3816  [ CA0B849566776A17F35F0339BE17DFD9 ] C:\Windows\System32\ktmw32.dll
20:44:48.0850 3816  C:\Windows\System32\ktmw32.dll - ok
20:44:48.0850 3816  [ E402A6E79D1E4DBFEBA8B364C67A3158 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6001.18523_none_886c608850a2f36f\comctl32.dll
20:44:48.0850 3816  C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6001.18523_none_886c608850a2f36f\comctl32.dll - ok
20:44:48.0850 3816  [ 23C3A0680042C0D1DE1F360F8B62BC57 ] C:\Windows\System32\wlanext.exe
20:44:48.0850 3816  C:\Windows\System32\wlanext.exe - ok
20:44:48.0850 3816  [ 6926ABB89F37B215BB02D253A261D19F ] C:\Windows\System32\iwmssvc.dll
20:44:48.0850 3816  C:\Windows\System32\iwmssvc.dll - ok
20:44:48.0865 3816  [ 73FE2E5FA55088A241AA2732F5D387D6 ] C:\Windows\System32\wiarpc.dll
20:44:48.0865 3816  C:\Windows\System32\wiarpc.dll - ok
20:44:48.0865 3816  [ F5D7969538B129BEB58F4A77B5999212 ] C:\Windows\System32\winspool.drv
20:44:48.0865 3816  C:\Windows\System32\winspool.drv - ok
20:44:48.0865 3816  [ E3923280E0D6E8A98925BA36E835CC73 ] C:\Windows\System32\taskcomp.dll
20:44:48.0865 3816  C:\Windows\System32\taskcomp.dll - ok
20:44:48.0881 3816  [ F28F5E62EEA67807AD4D4449F29BE2BD ] C:\Windows\System32\wlanapi.dll
20:44:48.0881 3816  C:\Windows\System32\wlanapi.dll - ok
20:44:48.0881 3816  [ 96E241624C71211A79C84F50A8E71CAB ] C:\Windows\System32\drivers\http.sys
20:44:48.0881 3816  C:\Windows\System32\drivers\http.sys - ok
20:44:48.0881 3816  [ 8153396D5551276227FA146900F734E6 ] C:\Windows\System32\drivers\bowser.sys
20:44:48.0881 3816  C:\Windows\System32\drivers\bowser.sys - ok
20:44:48.0896 3816  [ 2ACCC9B12AF02030F531E6CCA6F8B76E ] C:\Windows\System32\drivers\srvnet.sys
20:44:48.0896 3816  C:\Windows\System32\drivers\srvnet.sys - ok
20:44:48.0896 3816  [ 76D54175BDE317E4F251028AFA117309 ] C:\Windows\System32\spoolss.dll
20:44:48.0896 3816  C:\Windows\System32\spoolss.dll - ok
20:44:48.0896 3816  [ AE3DE84536B6799D2267443CEC8EDBB9 ] C:\Windows\System32\drivers\mrxdav.sys
20:44:48.0896 3816  C:\Windows\System32\drivers\mrxdav.sys - ok
20:44:48.0912 3816  [ 5734A0F2BE7E495F7D3ED6EFD4B9F5A1 ] C:\Windows\System32\drivers\mrxsmb.sys
20:44:48.0912 3816  C:\Windows\System32\drivers\mrxsmb.sys - ok
20:44:48.0912 3816  [ 6B5FA5ADFACAC9DBBE0991F4566D7D55 ] C:\Windows\System32\drivers\mrxsmb10.sys
20:44:48.0912 3816  C:\Windows\System32\drivers\mrxsmb10.sys - ok
20:44:48.0912 3816  [ 5C80D8159181C7ABF1B14BA703B01E0B ] C:\Windows\System32\drivers\mrxsmb20.sys
20:44:48.0912 3816  C:\Windows\System32\drivers\mrxsmb20.sys - ok
20:44:48.0928 3816  [ B7FF59408034119476B00A81BB53D5D1 ] C:\Windows\System32\drivers\srv2.sys
20:44:48.0928 3816  C:\Windows\System32\drivers\srv2.sys - ok
20:44:48.0928 3816  [ 11ADD8816D61A6025844EB5123EC92D3 ] C:\Program Files\Common Files\Intel\WirelessCommon\libeay32.dll
20:44:48.0928 3816  C:\Program Files\Common Files\Intel\WirelessCommon\libeay32.dll - ok
20:44:48.0928 3816  [ 2252AEF839B1093D16761189F45AF885 ] C:\Windows\System32\drivers\srv.sys
20:44:48.0928 3816  C:\Windows\System32\drivers\srv.sys - ok
20:44:48.0928 3816  [ A324D72A06C110152E7607745F39BFA1 ] C:\Windows\System32\netmsg.dll
20:44:48.0928 3816  C:\Windows\System32\netmsg.dll - ok
20:44:48.0943 3816  [ E582816A4855914DEFFC212E12B3B744 ] C:\Windows\System32\wsock32.dll
20:44:48.0943 3816  C:\Windows\System32\wsock32.dll - ok
20:44:48.0943 3816  [ 2EC53B5A351C4D443896DBAD117F7E82 ] C:\Windows\System32\msimg32.dll
20:44:48.0943 3816  C:\Windows\System32\msimg32.dll - ok
20:44:48.0943 3816  [ 84ABB260A81130D39126EF79F2624E15 ] C:\Windows\System32\xmllite.dll
20:44:48.0943 3816  C:\Windows\System32\xmllite.dll - ok
20:44:48.0943 3816  [ 6B5A5E98B3BE97F6999A1E0C3924FC60 ] C:\Program Files\Common Files\Intel\WirelessCommon\PsRegApi.dll
20:44:48.0943 3816  C:\Program Files\Common Files\Intel\WirelessCommon\PsRegApi.dll - ok
20:44:48.0959 3816  [ 9C2B6A28A412294135D997D8329AF73A ] C:\Program Files\Common Files\Intel\WirelessCommon\TraceAPI.dll
20:44:48.0959 3816  C:\Program Files\Common Files\Intel\WirelessCommon\TraceAPI.dll - ok
20:44:48.0959 3816  [ DAB1DBB899D04C1DAF47C514610330AF ] C:\Program Files\Acer\Acer Bio Protection\CompPtc.dll
20:44:48.0959 3816  C:\Program Files\Acer\Acer Bio Protection\CompPtc.dll - ok
20:44:48.0959 3816  [ AE73F26BF8FD9A080646BE897194DC8A ] C:\Windows\System32\rasplap.dll
20:44:48.0959 3816  C:\Windows\System32\rasplap.dll - ok
20:44:48.0974 3816  [ DB689551B8BD6009308F30675F11AB2F ] C:\Windows\System32\SmartcardCredentialProvider.dll
20:44:48.0974 3816  C:\Windows\System32\SmartcardCredentialProvider.dll - ok
20:44:48.0974 3816  [ F9A9BFEBE2AEBA9071FA5CE5B426B4E6 ] C:\Windows\System32\rasapi32.dll
20:44:48.0974 3816  C:\Windows\System32\rasapi32.dll - ok
20:44:48.0974 3816  [ 3A1DDA77F331D107BA40DB06E4D666E9 ] C:\Windows\System32\rasman.dll
20:44:48.0974 3816  C:\Windows\System32\rasman.dll - ok
20:44:48.0990 3816  [ 70F08ECE7A30A639D3F0C8C433685C7D ] C:\Windows\System32\tapi32.dll
20:44:48.0990 3816  C:\Windows\System32\tapi32.dll - ok
20:44:48.0990 3816  [ 5DEE866BB87A161C33B273408CCEDA93 ] C:\Windows\System32\rtutils.dll
20:44:48.0990 3816  C:\Windows\System32\rtutils.dll - ok
20:44:48.0990 3816  [ EEFE4228157CE404F4A69DA90F288ECA ] C:\Windows\System32\winmm.dll
20:44:48.0990 3816  C:\Windows\System32\winmm.dll - ok
20:44:48.0990 3816  [ 12A1DF1B84FB45A00D47B2CDE2CEEBBA ] C:\Windows\System32\shgina.dll
20:44:48.0990 3816  C:\Windows\System32\shgina.dll - ok
20:44:49.0006 3816  [ 70932D6C3D59B416CBD2BE5A3B3D4BE6 ] C:\Windows\System32\shacct.dll
20:44:49.0006 3816  C:\Windows\System32\shacct.dll - ok
20:44:49.0006 3816  [ 4B555106290BD117334E9A08761C035A ] C:\Windows\System32\rundll32.exe
20:44:49.0006 3816  C:\Windows\System32\rundll32.exe - ok
20:44:49.0006 3816  [ A5A3089763FE03C88C20B7C26CE15DD3 ] C:\Windows\System32\WindowsCodecs.dll
20:44:49.0006 3816  C:\Windows\System32\WindowsCodecs.dll - ok
20:44:49.0021 3816  [ BE0F083AB45542FF73ABC59199F09E3B ] C:\Program Files\Intel\WiFi\bin\KmmdlPlugins\ccxplugin.dll
20:44:49.0021 3816  C:\Program Files\Intel\WiFi\bin\KmmdlPlugins\ccxplugin.dll - ok
20:44:49.0021 3816  [ 1DACD1530C6E58AEAE9F6DE7DA851935 ] C:\Windows\System32\shimeng.dll
20:44:49.0021 3816  C:\Windows\System32\shimeng.dll - ok
20:44:49.0021 3816  [ DF019618F93CE8DC3ADC7E28CDFAE539 ] C:\Windows\AppPatch\AcLayers.dll
20:44:49.0021 3816  C:\Windows\AppPatch\AcLayers.dll - ok
20:44:49.0021 3816  [ 452341E471D2D961229DFE0842957272 ] C:\Windows\System32\sscore.dll
20:44:49.0021 3816  C:\Windows\System32\sscore.dll - ok
20:44:49.0037 3816  [ D333058925CE305E39DE8D5AD2B52A46 ] C:\Windows\System32\clusapi.dll
20:44:49.0037 3816  C:\Windows\System32\clusapi.dll - ok
20:44:49.0037 3816  [ 6468C3FF6D0C7874FA8C619AF3E23B22 ] C:\Windows\System32\activeds.dll
20:44:49.0037 3816  C:\Windows\System32\activeds.dll - ok
20:44:49.0037 3816  [ FF7D033ABD1805E3F5BF5CDAB1453A0B ] C:\Windows\System32\nvsvc.dll
20:44:49.0037 3816  C:\Windows\System32\nvsvc.dll - ok
20:44:49.0037 3816  [ E0761B16F3F6F7083C7EDA3EF59F13BA ] C:\Windows\System32\adsldpc.dll
20:44:49.0037 3816  C:\Windows\System32\adsldpc.dll - ok
20:44:49.0052 3816  [ 129A64901AAF7205F753090A779A4321 ] C:\Windows\System32\credui.dll
20:44:49.0052 3816  C:\Windows\System32\credui.dll - ok
20:44:49.0052 3816  [ E9D3516235CD1C8797FB2F8986F1D1CE ] C:\Windows\System32\nvapi.dll
20:44:49.0052 3816  C:\Windows\System32\nvapi.dll - ok
20:44:49.0052 3816  [ 9B96F6952186336CC6E3D4E08BE2E0AF ] C:\Windows\System32\dwmapi.dll
20:44:49.0052 3816  C:\Windows\System32\dwmapi.dll - ok
20:44:49.0068 3816  [ B9F3FF52B84FD9E3CAFB29B8EE385E5B ] C:\Windows\System32\resutils.dll
20:44:49.0068 3816  C:\Windows\System32\resutils.dll - ok
20:44:49.0068 3816  [ 8269CC01940A202BBB9FDF26705DBD67 ] C:\Windows\System32\hid.dll
20:44:49.0068 3816  C:\Windows\System32\hid.dll - ok
20:44:49.0068 3816  [ 1BEE3BFB3A56787196BB7C5337693504 ] C:\Program Files\Acer\Acer Bio Protection\CompPtcVUI.exe
20:44:49.0068 3816  C:\Program Files\Acer\Acer Bio Protection\CompPtcVUI.exe - ok
20:44:49.0084 3816  [ 8ED60797908FD394EEE0D6949F493224 ] C:\Windows\System32\agrsmsvc.exe
20:44:49.0084 3816  C:\Windows\System32\agrsmsvc.exe - ok
20:44:49.0084 3816  [ 05B6A5CE1C7767C32DF35966107CB1EC ] C:\Windows\System32\hhctrl.ocx
20:44:49.0084 3816  C:\Windows\System32\hhctrl.ocx - ok
20:44:49.0084 3816  [ A5299D04ED225D64CF07A568A3E1BF8C ] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:44:49.0084 3816  C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe - ok
20:44:49.0084 3816  [ 0A990AFB9F2726323D61C8ECB8B70B17 ] C:\Windows\System32\security.dll
20:44:49.0084 3816  C:\Windows\System32\security.dll - ok
20:44:49.0099 3816  [ 912802A4A75123F9EE160764A7A6E603 ] C:\Program Files\Common Files\System\ado\msado15.dll
20:44:49.0099 3816  C:\Program Files\Common Files\System\ado\msado15.dll - ok
20:44:49.0099 3816  [ 554ED6988E44FDF18941429E8B2CB652 ] C:\Windows\System32\msdart.dll
20:44:49.0099 3816  C:\Windows\System32\msdart.dll - ok
20:44:49.0099 3816  [ CFB825B0BE5218B346AEF86A149B8BE2 ] C:\Program Files\Acer\Acer Bio Protection\CustomRes.dll
20:44:49.0099 3816  C:\Program Files\Acer\Acer Bio Protection\CustomRes.dll - ok
20:44:49.0115 3816  [ 951F36219C7384C6ED6C9F44D45C5235 ] C:\Program Files\Common Files\System\Ole DB\oledb32.dll
20:44:49.0115 3816  C:\Program Files\Common Files\System\Ole DB\oledb32.dll - ok
20:44:49.0115 3816  [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll
20:44:49.0115 3816  C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll - ok
20:44:49.0115 3816  [ 892125B60BA6C2A66F485A89C4A6B918 ] C:\Program Files\Common Files\System\Ole DB\oledb32r.dll
20:44:49.0115 3816  C:\Program Files\Common Files\System\Ole DB\oledb32r.dll - ok
20:44:49.0115 3816  [ C9564CF4976E7E96B4052737AA2492B4 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
20:44:49.0115 3816  C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok
20:44:49.0130 3816  [ EE11E4FE19D61275246E5772BC1EC795 ] C:\Windows\System32\comsvcs.dll
20:44:49.0130 3816  C:\Windows\System32\comsvcs.dll - ok
20:44:49.0130 3816  [ 848BC9A0BB2361E549FD4C22D7548FB8 ] C:\Program Files\Common Files\Apple\Apple Application Support\AppleVersions.dll
20:44:49.0130 3816  C:\Program Files\Common Files\Apple\Apple Application Support\AppleVersions.dll - ok
20:44:49.0130 3816  [ 2B13E9849ACC136E65AAE5ACC6A89826 ] C:\Program Files\Common Files\System\Ole DB\msdasql.dll
20:44:49.0130 3816  C:\Program Files\Common Files\System\Ole DB\msdasql.dll - ok
20:44:49.0146 3816  [ 9F590A94A9C17AC5EBFDF2CADCEB5C5B ] C:\Windows\System32\BioOne.dll
20:44:49.0146 3816  C:\Windows\System32\BioOne.dll - ok
20:44:49.0146 3816  [ 244E4109D37FA851210B173CEDC83237 ] C:\Windows\System32\vfsEMPIRE_Sensor.DLL
20:44:49.0146 3816  C:\Windows\System32\vfsEMPIRE_Sensor.DLL - ok
20:44:49.0146 3816  [ C3D821190C04C6782B65CDF00896A7B0 ] C:\Program Files\Common Files\System\Ole DB\msdatl3.dll
20:44:49.0146 3816  C:\Program Files\Common Files\System\Ole DB\msdatl3.dll - ok
20:44:49.0162 3816  [ CABE68B4AD2FEC8C18E18F73303EB26F ] C:\Windows\System32\odbc32.dll
20:44:49.0162 3816  C:\Windows\System32\odbc32.dll - ok
20:44:49.0162 3816  [ 0DAAF8032546D1B4543D7B101B53FD6C ] C:\Windows\System32\odbcint.dll
20:44:49.0162 3816  C:\Windows\System32\odbcint.dll - ok
20:44:49.0162 3816  [ 64894527838C86454E2F378FF39FA336 ] C:\Program Files\Common Files\Apple\Apple Application Support\YSCrashDump.dll
20:44:49.0162 3816  C:\Program Files\Common Files\Apple\Apple Application Support\YSCrashDump.dll - ok
20:44:49.0162 3816  [ 3E2F2CD837734A0577C9E392D7E73886 ] C:\Program Files\Common Files\System\Ole DB\msdasqlr.dll
20:44:49.0162 3816  C:\Program Files\Common Files\System\Ole DB\msdasqlr.dll - ok
20:44:49.0177 3816  [ EF8CD3C64EE9C08980D6D06CCCE46C68 ] C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll
20:44:49.0177 3816  C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll - ok
20:44:49.0177 3816  [ 152F8772D5A5CD7883305C3B8D28470E ] C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll
20:44:49.0177 3816  C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll - ok
20:44:49.0177 3816  [ 78865ABC5F5D13190F8B35BD9044714A ] C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll
20:44:49.0177 3816  C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll - ok
20:44:49.0193 3816  [ FF9831030678C7B6D70BAC00F68F8976 ] C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll
20:44:49.0193 3816  C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll - ok
20:44:49.0193 3816  [ 5A963C340DE1A01BA6E24945CE05D16A ] C:\Program Files\Common Files\Apple\Apple Application Support\libicuin.dll
20:44:49.0193 3816  C:\Program Files\Common Files\Apple\Apple Application Support\libicuin.dll - ok
20:44:49.0193 3816  [ F4BC62990E7E5C29799A895B80FC3177 ] C:\Program Files\Common Files\Apple\Apple Application Support\libicuuc.dll
20:44:49.0193 3816  C:\Program Files\Common Files\Apple\Apple Application Support\libicuuc.dll - ok
20:44:49.0208 3816  [ 149D74E1128A86DC9CFB2851FBEA11EB ] C:\Program Files\Common Files\Apple\Apple Application Support\icudt46.dll
20:44:49.0208 3816  C:\Program Files\Common Files\Apple\Apple Application Support\icudt46.dll - ok
20:44:49.0208 3816  [ F6FD367C9EAAEDF90CD7A7952AE0B336 ] C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll
20:44:49.0208 3816  C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll - ok
20:44:49.0208 3816  [ 4E4EDF9CA82E95BAB2977DD9F21B00F6 ] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll
20:44:49.0208 3816  C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll - ok
20:44:49.0224 3816  [ 062373995EAE5F0EAC9EAA9192136BFB ] C:\Windows\System32\dnssd.dll
20:44:49.0224 3816  C:\Windows\System32\dnssd.dll - ok
20:44:49.0224 3816  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] C:\Program Files\Bonjour\mDNSResponder.exe
20:44:49.0224 3816  C:\Program Files\Bonjour\mDNSResponder.exe - ok
20:44:49.0224 3816  [ 60802D34ABEE835CE80CEA4CE04A2140 ] C:\Windows\System32\Query.dll
20:44:49.0224 3816  C:\Windows\System32\Query.dll - ok
20:44:49.0240 3816  [ 0E1B02C9CC352A1F61703B7D1A8A2C45 ] C:\Program Files\Common Files\Apple\Mobile Device Support\MobileDevice.dll
20:44:49.0240 3816  C:\Program Files\Common Files\Apple\Mobile Device Support\MobileDevice.dll - ok
20:44:49.0240 3816  [ 2E14406E05789F91C9282AE7CFCA3A07 ] C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
20:44:49.0240 3816  C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll - ok
20:44:49.0240 3816  [ CF3126A2FF45AA224FC541BC543C2D9C ] C:\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.dll
20:44:49.0240 3816  C:\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.dll - ok
20:44:49.0240 3816  [ 8BA9851E671E8B5E49E303748FFD530C ] C:\Program Files\Common Files\Apple\Apple Application Support\SQLite3.dll
20:44:49.0255 3816  C:\Program Files\Common Files\Apple\Apple Application Support\SQLite3.dll - ok
20:44:49.0255 3816  [ 5E33C164DC7FA74728D8A83036C438BB ] C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
20:44:49.0255 3816  C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll - ok
20:44:49.0255 3816  [ AA9AF23BD99F81784AF0C8F1EF4702AD ] C:\Windows\System32\odbcjt32.dll
20:44:49.0255 3816  C:\Windows\System32\odbcjt32.dll - ok
20:44:49.0271 3816  [ 42F99DDE2DD172CC68849C8ECDB86432 ] C:\Windows\System32\msjet40.dll
20:44:49.0271 3816  C:\Windows\System32\msjet40.dll - ok
20:44:49.0271 3816  [ 00DE6E95C16103D25411789156C4928C ] C:\Windows\System32\vssapi.dll
20:44:49.0271 3816  C:\Windows\System32\vssapi.dll - ok
20:44:49.0271 3816  [ B7DC2580425225C320CEDA78DE55A3D0 ] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
20:44:49.0271 3816  C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe - ok
20:44:49.0271 3816  [ DC3AE9F1554DCD97F90983DDBDACD83D ] C:\Windows\System32\vsstrace.dll
20:44:49.0271 3816  C:\Windows\System32\vsstrace.dll - ok
20:44:49.0286 3816  [ C99A99CDF3F073F9BCA69B77D60B37FB ] C:\Windows\System32\wdscore.dll
20:44:49.0286 3816  C:\Windows\System32\wdscore.dll - ok
20:44:49.0286 3816  [ 7269A928BC18DAFBDDCFFB96B6E987F1 ] C:\Windows\System32\slwga.dll
20:44:49.0286 3816  C:\Windows\System32\slwga.dll - ok
20:44:49.0286 3816  [ F315E8A8517EBFA13ECD16011FB0A03B ] C:\Windows\System32\taskschd.dll
20:44:49.0286 3816  C:\Windows\System32\taskschd.dll - ok
20:44:49.0286 3816  [ 8ACD8E3EA303DA48DB223F4759CFB254 ] C:\Windows\System32\diagperf.dll
20:44:49.0286 3816  C:\Windows\System32\diagperf.dll - ok
20:44:49.0302 3816  [ AFBF454753455D5BC18BEE6771504913 ] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\sysenv.dll
20:44:49.0302 3816  C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\sysenv.dll - ok
20:44:49.0302 3816  [ 58D906D84CC2E303C754AC7314595D3C ] C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
20:44:49.0302 3816  C:\Program Files\Acer\Empowering Technology\Service\ETService.exe - ok
20:44:49.0302 3816  [ 128DD9AF8640DBCC711940903C8B554F ] C:\Windows\System32\mscoree.dll
20:44:49.0318 3816  C:\Windows\System32\mscoree.dll - ok
20:44:49.0318 3816  [ 7D6668C1697BF48A599E6F29774AAACE ] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSop.dll
20:44:49.0318 3816  C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSop.dll - ok
20:44:49.0318 3816  [ 4590E05204E3DE7E5FA7D736E6463B44 ] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\CryptoAPI.dll
20:44:49.0318 3816  C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\CryptoAPI.dll - ok
20:44:49.0318 3816  [ 429E3EFAFCAE6C89A57CD5D8E3442CAE ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
20:44:49.0318 3816  C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll - ok
20:44:49.0333 3816  [ 116E20930E9E5C7E082EE5B94FFAECF9 ] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\keyManager.dll
20:44:49.0333 3816  C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\keyManager.dll - ok
20:44:49.0333 3816  [ DF3B640B8A2527F152E7F4CCAAC0FA38 ] C:\Windows\System32\mswstr10.dll
20:44:49.0333 3816  C:\Windows\System32\mswstr10.dll - ok
20:44:49.0333 3816  [ 9C8A3598AD9385B518A0E817A74063E2 ] C:\Windows\System32\msjint40.dll
20:44:49.0333 3816  C:\Windows\System32\msjint40.dll - ok
20:44:49.0349 3816  [ BDEBA5B8796180653C51DBFE465956CB ] C:\Windows\System32\msjter40.dll
20:44:49.0349 3816  C:\Windows\System32\msjter40.dll - ok
20:44:49.0349 3816  [ CA31BA25129963394DDF70C59A374BD1 ] C:\Windows\System32\odbccp32.dll
20:44:49.0349 3816  C:\Windows\System32\odbccp32.dll - ok
20:44:49.0349 3816  [ DA5599911D138F6A2B471B3A60478022 ] C:\Windows\System32\odbcji32.dll
20:44:49.0349 3816  C:\Windows\System32\odbcji32.dll - ok
20:44:49.0349 3816  [ D66E48ABA96AFB61A29580713FB19D4B ] C:\Program Files\Microsoft Security Client\MpCmdRun.exe
20:44:49.0349 3816  C:\Program Files\Microsoft Security Client\MpCmdRun.exe - ok
20:44:49.0364 3816  [ 7C190FAB7D50BED44E7991AF82AAB806 ] C:\Program Files\Common Files\System\msadc\msadce.dll
20:44:49.0364 3816  C:\Program Files\Common Files\System\msadc\msadce.dll - ok
20:44:49.0364 3816  [ 9E064B07B1625BFF18393917519A73CD ] C:\Program Files\Common Files\System\msadc\msadcer.dll
20:44:49.0364 3816  C:\Program Files\Common Files\System\msadc\msadcer.dll - ok
20:44:49.0364 3816  [ 8A833F7BB5F15283E398EB82D7188C76 ] C:\Windows\System32\wdmaud.drv
20:44:49.0364 3816  C:\Windows\System32\wdmaud.drv - ok
20:44:49.0364 3816  [ 919CC2A0476D5A6A4C935D4B88E29912 ] C:\Windows\System32\ksuser.dll
20:44:49.0364 3816  C:\Windows\System32\ksuser.dll - ok
20:44:49.0380 3816  [ DB7F4AB85298F3FE522C5512B8B0F56D ] C:\Windows\System32\AudioEng.dll
20:44:49.0380 3816  C:\Windows\System32\AudioEng.dll - ok
20:44:49.0380 3816  [ 154E3891ED6D5520EDA5D87B4EC3F7C2 ] C:\Windows\System32\AudioSes.dll
20:44:49.0380 3816  C:\Windows\System32\AudioSes.dll - ok
20:44:49.0380 3816  [ BDBB449425991154135E5ED1559927E6 ] C:\Windows\System32\msacm32.dll
20:44:49.0380 3816  C:\Windows\System32\msacm32.dll - ok
20:44:49.0396 3816  [ C4220533841020EDE4429A4358B3E253 ] C:\Windows\System32\msacm32.drv
20:44:49.0396 3816  C:\Windows\System32\msacm32.drv - ok
20:44:49.0396 3816  [ D7F1F6C72276A15579D5761098018891 ] C:\Windows\System32\midimap.dll
20:44:49.0396 3816  C:\Windows\System32\midimap.dll - ok
20:44:49.0396 3816  [ 6BC5FCEF351E4CB5A269C1E84B5A06DA ] C:\Windows\System32\netcfgx.dll
20:44:49.0396 3816  C:\Windows\System32\netcfgx.dll - ok
20:44:49.0396 3816  [ 296937202E4D930AAE98085B99D744D8 ] C:\Windows\System32\AUDIOKSE.dll
20:44:49.0396 3816  C:\Windows\System32\AUDIOKSE.dll - ok
20:44:49.0411 3816  [ 617FB85504F7BE3D0231B5C67724B1BA ] C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\0309936a8e1672d39b9cf14463ce69f9\mscorlib.ni.dll
20:44:49.0411 3816  C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\0309936a8e1672d39b9cf14463ce69f9\mscorlib.ni.dll - ok
20:44:49.0411 3816  [ D6A5F828E7FB4F6450DA20FAB4C74204 ] C:\Windows\System32\RtkAPO.dll
20:44:49.0411 3816  C:\Windows\System32\RtkAPO.dll - ok
20:44:49.0411 3816  [ 0727200F10320A6BA7E59433094FBBA7 ] C:\Windows\System32\WMALFXGFXDSP.dll
20:44:49.0411 3816  C:\Windows\System32\WMALFXGFXDSP.dll - ok
20:44:49.0427 3816  [ 6D92D25519EE321870998F265E86C954 ] C:\Windows\System32\mfplat.dll
20:44:49.0427 3816  C:\Windows\System32\mfplat.dll - ok
20:44:49.0427 3816  [ 2BAC92E8AC5E16ED60062E9141B8D5F6 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
20:44:49.0427 3816  C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll - ok
20:44:49.0427 3816  [ BDF166C4515E4AFAFE285E717B428418 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9dff86a62a525ec8dc827fe9f50298b7\System.ni.dll
20:44:49.0427 3816  C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9dff86a62a525ec8dc827fe9f50298b7\System.ni.dll - ok
20:44:49.0427 3816  [ 4FE2BD6B4A19E573E25C33E8EC71C010 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\c933fd5d1d27f268331890d7ddba8fec\System.ServiceProcess.ni.dll
20:44:49.0442 3816  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\c933fd5d1d27f268331890d7ddba8fec\System.ServiceProcess.ni.dll - ok
20:44:49.0442 3816  [ 4397F0A0C9FCFC6F0EC8B71FDD3EFFC6 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\1ba19f8efcff8ad7f972aa38ab9a15f5\System.Runtime.Remoting.ni.dll
20:44:49.0442 3816  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\1ba19f8efcff8ad7f972aa38ab9a15f5\System.Runtime.Remoting.ni.dll - ok
20:44:49.0442 3816  [ 950163AE5EE91E60CE0D7BC36FF15202 ] C:\Program Files\Microsoft Security Client\MsseWat.dll
20:44:49.0442 3816  C:\Program Files\Microsoft Security Client\MsseWat.dll - ok
20:44:49.0442 3816  [ EB8455DD6FB70DD3EDFBE97E72BEF945 ] C:\Windows\assembly\GAC_MSIL\Framework.Model.Controller\3.0.3005.0__14bcaafdb44b5951\Framework.Model.Controller.dll
20:44:49.0442 3816  C:\Windows\assembly\GAC_MSIL\Framework.Model.Controller\3.0.3005.0__14bcaafdb44b5951\Framework.Model.Controller.dll - ok
20:44:49.0458 3816  [ 5B83CE4121949A13CA34E0ECE3F11422 ] C:\Program Files\Intel\WiFi\bin\iWMSProv.dll
20:44:49.0458 3816  C:\Program Files\Intel\WiFi\bin\iWMSProv.dll - ok
20:44:49.0458 3816  [ 4E3504A3929008E951DC660813DD9DE9 ] C:\Windows\assembly\GAC_MSIL\Framework.Model.ControllerInterface\3.0.3005.0__d842b71b4d6ed079\Framework.Model.ControllerInterface.dll
20:44:49.0458 3816  C:\Windows\assembly\GAC_MSIL\Framework.Model.ControllerInterface\3.0.3005.0__d842b71b4d6ed079\Framework.Model.ControllerInterface.dll - ok
20:44:49.0458 3816  [ 08ACF4D5ACC1A6735AE717E39B4F803A ] C:\Windows\assembly\GAC_MSIL\Framework.Library\3.0.3005.0__3036420f80dd6947\Framework.Library.dll
20:44:49.0458 3816  C:\Windows\assembly\GAC_MSIL\Framework.Library\3.0.3005.0__3036420f80dd6947\Framework.Library.dll - ok
20:44:49.0474 3816  [ B7853019869F8570179B67DF4B17781A ] C:\Windows\assembly\GAC_MSIL\Framework.Host\3.0.3005.0__672b450de5a7e94a\Framework.Host.dll
20:44:49.0474 3816  C:\Windows\assembly\GAC_MSIL\Framework.Host\3.0.3005.0__672b450de5a7e94a\Framework.Host.dll - ok
20:44:49.0474 3816  [ 54B6E150BFF4A47EB0D204119D262E46 ] C:\Program Files\Intel\WiFi\bin\EvtEng.exe
20:44:49.0474 3816  C:\Program Files\Intel\WiFi\bin\EvtEng.exe - ok
20:44:49.0474 3816  [ 243CF8BFAA7495E37BC37C9D612338E4 ] C:\Windows\assembly\GAC_MSIL\Framework.Utility.CommonFunctions\3.0.3005.0__770d2a375f176870\Framework.Utility.CommonFunctions.dll
20:44:49.0474 3816  C:\Windows\assembly\GAC_MSIL\Framework.Utility.CommonFunctions\3.0.3005.0__770d2a375f176870\Framework.Utility.CommonFunctions.dll - ok
20:44:49.0489 3816  [ 3B1EBF1E7DF94D16C3E487FB00EE390B ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\e3180b4230f052996adb81da3dc64ad0\System.Management.ni.dll
20:44:49.0489 3816  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\e3180b4230f052996adb81da3dc64ad0\System.Management.ni.dll - ok
20:44:49.0489 3816  [ BE01E566D1F569AAB32D0335613E1EEA ] C:\Windows\System32\dllhost.exe
20:44:49.0489 3816  C:\Windows\System32\dllhost.exe - ok
20:44:49.0489 3816  [ E1CD7CBF074489D86AC11CE3C982374D ] C:\Windows\assembly\GAC_MSIL\Framework.PluginInterface\3.0.3005.0__9ecdf03bb2054f94\Framework.PluginInterface.dll
20:44:49.0489 3816  C:\Windows\assembly\GAC_MSIL\Framework.PluginInterface\3.0.3005.0__9ecdf03bb2054f94\Framework.PluginInterface.dll - ok
20:44:49.0489 3816  [ 3CD1B69551236977918E60F9543C89A2 ] C:\Windows\System32\AtBroker.exe
20:44:49.0489 3816  C:\Windows\System32\AtBroker.exe - ok
20:44:49.0505 3816  [ 860FAD57B4668A9F5F350A9D5444AE89 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll
20:44:49.0505 3816  C:\Windows\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll - ok
20:44:49.0505 3816  [ 0E135526E9785D085BCD9AEDE6FBCBF9 ] C:\Windows\System32\userinit.exe
20:44:49.0505 3816  C:\Windows\System32\userinit.exe - ok
20:44:49.0505 3816  [ 1D2E758F4062423F208AF96C6D36CE1A ] C:\Program Files\Intel\WiFi\bin\PfMgrApi.dll
20:44:49.0505 3816  C:\Program Files\Intel\WiFi\bin\PfMgrApi.dll - ok
20:44:49.0520 3816  [ EAFB5897AC9CD84890171AC38862320F ] C:\Windows\System32\taskeng.exe
20:44:49.0520 3816  C:\Windows\System32\taskeng.exe - ok
20:44:49.0520 3816  [ D80C6539C00CB4F5D59066865479C308 ] C:\Windows\System32\dwmredir.dll
20:44:49.0520 3816  C:\Windows\System32\dwmredir.dll - ok
20:44:49.0520 3816  [ CE18FBC9756956F7D916D8F43DE4938C ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\f1aa2385c0109f3059e0e6ba8b58ff68\System.Drawing.ni.dll
20:44:49.0520 3816  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\f1aa2385c0109f3059e0e6ba8b58ff68\System.Drawing.ni.dll - ok
20:44:49.0520 3816  [ 1633289ED1E512D53B7D60FE806600D7 ] C:\Windows\System32\milcore.dll
20:44:49.0520 3816  C:\Windows\System32\milcore.dll - ok
20:44:49.0536 3816  [ FF78B8E67EDCE9FEED651D7858D77A04 ] C:\Windows\System32\winrnr.dll
20:44:49.0536 3816  C:\Windows\System32\winrnr.dll - ok
20:44:49.0536 3816  [ 4431834E287DE5AE715D964215014048 ] C:\Windows\System32\wshbth.dll
20:44:49.0536 3816  C:\Windows\System32\wshbth.dll - ok
20:44:49.0536 3816  [ 40947436A70E0034E41123DF5A0A7702 ] C:\Program Files\Bonjour\mdnsNSP.dll
20:44:49.0536 3816  C:\Program Files\Bonjour\mdnsNSP.dll - ok
20:44:49.0552 3816  [ A7D525E5C0D91C8C1D84C6BCD25AD77D ] C:\Windows\System32\rasadhlp.dll
20:44:49.0552 3816  C:\Windows\System32\rasadhlp.dll - ok
20:44:49.0552 3816  [ B11FDCA4410D6252964EF97F9A47DE74 ] C:\Windows\System32\TSChannel.dll
20:44:49.0552 3816  C:\Windows\System32\TSChannel.dll - ok
20:44:49.0552 3816  [ 782C8019C89920A77B1907AD3B4C8FF9 ] C:\Windows\System32\HotStartUserAgent.dll
20:44:49.0552 3816  C:\Windows\System32\HotStartUserAgent.dll - ok
20:44:49.0552 3816  [ 6B08495EA542B1DACB6B6A853FE21D44 ] C:\Windows\System32\MsCtfMonitor.dll
20:44:49.0552 3816  C:\Windows\System32\MsCtfMonitor.dll - ok
20:44:49.0567 3816  [ 68A11EB85D8BEC7329FEF4C7F6612972 ] C:\Windows\System32\msutb.dll
20:44:49.0567 3816  C:\Windows\System32\msutb.dll - ok
20:44:49.0567 3816  [ 57125869A7B9638A5D11DD685AA65EB4 ] C:\Windows\System32\PlaySndSrv.dll
20:44:49.0567 3816  C:\Windows\System32\PlaySndSrv.dll - ok
20:44:49.0567 3816  [ 4F554999D7D5F05DAAEBBA7B5BA1089D ] C:\Windows\explorer.exe
20:44:49.0567 3816  C:\Windows\explorer.exe - ok
20:44:49.0567 3816  [ 2144CF83AB7CFD67FC3F7D1019591451 ] C:\Program Files\Intel\WiFi\bin\MurocApi.dll
20:44:49.0567 3816  C:\Program Files\Intel\WiFi\bin\MurocApi.dll - ok
20:44:49.0583 3816  [ DCA3FA9F9DD103DC39C24C85EF073DB1 ] C:\Windows\System32\icmp.dll
20:44:49.0583 3816  C:\Windows\System32\icmp.dll - ok
20:44:49.0583 3816  [ 86B89709BDFC7A59D566590CC30CDBB1 ] C:\Windows\System32\shdocvw.dll
20:44:49.0583 3816  C:\Windows\System32\shdocvw.dll - ok
20:44:49.0583 3816  [ FAB8F08EC64A54917C07BDB6DC811C95 ] C:\Windows\System32\d3d9.dll
20:44:49.0583 3816  C:\Windows\System32\d3d9.dll - ok
20:44:49.0583 3816  [ A1779DC7C088582D68ACB963A562636F ] C:\Windows\System32\localspl.dll
20:44:49.0583 3816  C:\Windows\System32\localspl.dll - ok
20:44:49.0598 3816  [ A3C1B75B0156D5B68B271C6FE0A5FDE7 ] C:\Windows\System32\browseui.dll
20:44:49.0598 3816  C:\Windows\System32\browseui.dll - ok
20:44:49.0598 3816  [ 79AF1994B0C8E8DF8B72D27EAD8EFFE5 ] C:\Program Files\Intel\WiFi\bin\IntStngs.dll
20:44:49.0598 3816  C:\Program Files\Intel\WiFi\bin\IntStngs.dll - ok
20:44:49.0598 3816  [ F4E1AA5D59C849A4AB47E895DC76B9C8 ] C:\Windows\System32\sfc.dll
20:44:49.0598 3816  C:\Windows\System32\sfc.dll - ok
20:44:49.0614 3816  [ CD6DA5770CAE9D5E6E86722E17B442E0 ] C:\Windows\System32\d3d8thk.dll
20:44:49.0614 3816  C:\Windows\System32\d3d8thk.dll - ok
20:44:49.0614 3816  [ D1F4EF194A129726FBF30E2F514824AA ] C:\Users\Mike\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
20:44:49.0614 3816  C:\Users\Mike\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll - ok
20:44:49.0614 3816  [ 4413857BF29BD093FA38994236E2B1B1 ] C:\Windows\System32\hpf3l083.dll
20:44:49.0614 3816  C:\Windows\System32\hpf3l083.dll - ok
20:44:49.0614 3816  [ 4934241CD20AC87D78121352E3BA8318 ] C:\Windows\System32\dbghelp.dll
20:44:49.0614 3816  C:\Windows\System32\dbghelp.dll - ok
20:44:49.0630 3816  [ 871F979D70414C900B35E56222932DAF ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.1_none_e163563597edeada\msvcp90.dll
20:44:49.0630 3816  C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.1_none_e163563597edeada\msvcp90.dll - ok
20:44:49.0630 3816  [ 4F5A24376CA224F83236A5764CFF0255 ] C:\Windows\System32\nvd3dum.dll
20:44:49.0630 3816  C:\Windows\System32\nvd3dum.dll - ok
20:44:49.0630 3816  [ 4D03CA609E68F4C90CF66515218017F8 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.1_none_e163563597edeada\msvcr90.dll
20:44:49.0630 3816  C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.1_none_e163563597edeada\msvcr90.dll - ok
20:44:49.0630 3816  [ C52CE534397E1D3A442FB4C88A3CBE42 ] C:\Windows\System32\msonpmon.dll
20:44:49.0630 3816  C:\Windows\System32\msonpmon.dll - ok
20:44:49.0645 3816  [ B19180F7C2363AF7E8C3C901D7A92FE1 ] C:\Windows\System32\msi.dll
20:44:49.0645 3816  C:\Windows\System32\msi.dll - ok
20:44:49.0645 3816  [ 83E6F9D63CA13BFD70A91D4932D1BE1B ] C:\Windows\System32\uDWM.dll
20:44:49.0645 3816  C:\Windows\System32\uDWM.dll - ok
20:44:49.0645 3816  [ 50E1787A622650B0A4D6409889DEE659 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\381fb23cb39e1a61e13b8770eb9800ba\System.Windows.Forms.ni.dll
20:44:49.0645 3816  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\381fb23cb39e1a61e13b8770eb9800ba\System.Windows.Forms.ni.dll - ok
20:44:49.0661 3816  [ A94FAF333EFAE818F1150B4D9B970C0C ] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll
20:44:49.0661 3816  C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll - ok
20:44:49.0661 3816  [ 111C47816F39A91EAAA18DA0A54E8E63 ] C:\Windows\System32\imageres.dll
20:44:49.0661 3816  C:\Windows\System32\imageres.dll - ok
20:44:49.0661 3816  [ AF24A9DF84637BF9858EC6FB88EBA7B2 ] C:\Windows\System32\snmpapi.dll
20:44:49.0661 3816  C:\Windows\System32\snmpapi.dll - ok
20:44:49.0676 3816  [ F9290D67C4B4B9B31CD3FC8BE73A4C9B ] C:\Windows\System32\tcpmon.dll
20:44:49.0676 3816  C:\Windows\System32\tcpmon.dll - ok
20:44:49.0676 3816  [ 1367EF1C1BA82E4A559FEDA1F0D8383C ] C:\Windows\System32\wsnmp32.dll
20:44:49.0676 3816  C:\Windows\System32\wsnmp32.dll - ok
20:44:49.0676 3816  [ 5091452DC719281CF1DD69367E13B494 ] C:\Windows\System32\tcpmib.dll
20:44:49.0676 3816  C:\Windows\System32\tcpmib.dll - ok
20:44:49.0676 3816  [ B4F5DE3DAD8E6B97272F45DB97674878 ] C:\Windows\System32\mgmtapi.dll
20:44:49.0676 3816  C:\Windows\System32\mgmtapi.dll - ok
20:44:49.0692 3816  [ 72B53E9C8924949DEC8F3799BCBA2251 ] C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
20:44:49.0692 3816  C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe - ok
20:44:49.0692 3816  [ 0BF0BB276F17B6AD61A8694D2551EC28 ] C:\Windows\System32\usbmon.dll
20:44:49.0692 3816  C:\Windows\System32\usbmon.dll - ok
20:44:49.0692 3816  [ A1AE533904205E4FAC30107D15A489D3 ] C:\Windows\System32\httpapi.dll
20:44:49.0692 3816  C:\Windows\System32\httpapi.dll - ok
20:44:49.0708 3816  [ D7F8D560FF816126F4DB520D1BDC3281 ] C:\Windows\System32\WSDApi.dll
20:44:49.0708 3816  C:\Windows\System32\WSDApi.dll - ok
20:44:49.0708 3816  [ D547391C463E4B329B597A3BC07EA29D ] C:\Windows\System32\fundisc.dll
20:44:49.0708 3816  C:\Windows\System32\fundisc.dll - ok
20:44:49.0708 3816  [ 293C5CCD99D332ECC94637FEDA38D1F2 ] C:\Windows\System32\TMM.dll
20:44:49.0708 3816  C:\Windows\System32\TMM.dll - ok
20:44:49.0708 3816  [ 08578F3CA5365F896D90CE2BF97FD000 ] C:\Windows\System32\IconCodecService.dll
20:44:49.0708 3816  C:\Windows\System32\IconCodecService.dll - ok
20:44:49.0723 3816  [ 12A4E29C7F0C1B1E89541830FD0E52F1 ] C:\Windows\System32\msxml3.dll
20:44:49.0723 3816  C:\Windows\System32\msxml3.dll - ok
20:44:49.0723 3816  [ 47C4359FA1E1460F16CEBD1A2BCA73BE ] C:\Windows\System32\WSDMon.dll
20:44:49.0723 3816  C:\Windows\System32\WSDMon.dll - ok
20:44:49.0723 3816  [ 9A6A653ADF28D9D69670B48F535E6B90 ] C:\Windows\System32\runonce.exe
20:44:49.0723 3816  C:\Windows\System32\runonce.exe - ok
20:44:49.0723 3816  [ 1A09CB187440993FA5E24DE1EEB7B916 ] C:\Windows\System32\cfgmgr32.dll
20:44:49.0723 3816  C:\Windows\System32\cfgmgr32.dll - ok
20:44:49.0739 3816  [ 3A1E66A261DEA3187EF5DCC746CDE971 ] C:\Program Files\Intel\Intel Matrix Storage Manager\ISDI.dll
20:44:49.0739 3816  C:\Program Files\Intel\Intel Matrix Storage Manager\ISDI.dll - ok
20:44:49.0739 3816  [ 4D8D5B1C895EA0F2A721B98A7CE198F1 ] C:\Windows\System32\drivers\int15.sys
20:44:49.0739 3816  C:\Windows\System32\drivers\int15.sys - ok
20:44:49.0739 3816  [ 793FF718477345CD5D232C50BED1E452 ] C:\Program Files\Common Files\LightScribe\LSSrvc.exe
20:44:49.0739 3816  C:\Program Files\Common Files\LightScribe\LSSrvc.exe - ok
20:44:49.0754 3816  [ 74F26FC01B180D4A99A168ED69C30A53 ] C:\Windows\System32\cmd.exe
20:44:49.0754 3816  C:\Windows\System32\cmd.exe - ok
20:44:49.0754 3816  [ 6BDE4A2BD00C7F970330F74D978CD301 ] C:\Windows\System32\spool\prtprocs\w32x86\hpfpp083.dll
20:44:49.0754 3816  C:\Windows\System32\spool\prtprocs\w32x86\hpfpp083.dll - ok
20:44:49.0754 3816  [ 4278079BAD7EC9F1ABDD16E11AFC3AE7 ] C:\Program Files\Intel\Intel Matrix Storage Manager\PlugInRAID_ENU.dll
20:44:49.0754 3816  C:\Program Files\Intel\Intel Matrix Storage Manager\PlugInRAID_ENU.dll - ok
20:44:49.0770 3816  [ F348280907B38FDBDB3CEF55D456E149 ] C:\Windows\System32\spool\prtprocs\w32x86\msonpppr.dll
20:44:49.0770 3816  C:\Windows\System32\spool\prtprocs\w32x86\msonpppr.dll - ok
20:44:49.0770 3816  [ 74B8C2EA72D43727142D12397D5A49F9 ] C:\Windows\System32\wbemcomn.dll
20:44:49.0770 3816  C:\Windows\System32\wbemcomn.dll - ok
20:44:49.0770 3816  [ DA39B480239FEB2CC0F4BE7B185B63DB ] C:\Windows\System32\wbem\wbemprox.dll
20:44:49.0770 3816  C:\Windows\System32\wbem\wbemprox.dll - ok
20:44:49.0770 3816  [ A124671239014087C345CB57398CDAA7 ] C:\Program Files\Acer\Empowering Technology\eAudio\eAudioSrvPlugin.dll
20:44:49.0770 3816  C:\Program Files\Acer\Empowering Technology\eAudio\eAudioSrvPlugin.dll - ok
20:44:49.0786 3816  [ 0E9E06B6E190EC854E714E59EF20F977 ] C:\Program Files\Acer\Empowering Technology\ePower\ePowerSrvPlugin.dll
20:44:49.0786 3816  C:\Program Files\Acer\Empowering Technology\ePower\ePowerSrvPlugin.dll - ok
20:44:49.0786 3816  [ 60CFFD3FA1179EA8C40671604071DA06 ] C:\Windows\System32\win32spl.dll
20:44:49.0786 3816  C:\Windows\System32\win32spl.dll - ok
20:44:49.0786 3816  [ 92047ADE3FE9FF51132BC14FB8D77997 ] C:\Windows\System32\ieframe.dll
20:44:49.0786 3816  C:\Windows\System32\ieframe.dll - ok
20:44:49.0801 3816  [ 0F4C603FB6B4223BDA8904716D0CA067 ] C:\Program Files\Acer\Empowering Technology\ePower\WMIServiceDLL.dll
20:44:49.0801 3816  C:\Program Files\Acer\Empowering Technology\ePower\WMIServiceDLL.dll - ok
20:44:49.0801 3816  [ 4BF053944E973C073339BE841C9ECF28 ] C:\Windows\System32\netrap.dll
20:44:49.0801 3816  C:\Windows\System32\netrap.dll - ok
20:44:49.0801 3816  [ E340845C8E96D107C36420065D7A5733 ] C:\Windows\System32\printcom.dll
20:44:49.0801 3816  C:\Windows\System32\printcom.dll - ok
20:44:49.0801 3816  [ EC760B0B76A4353DE49D66520EB2141F ] C:\Windows\System32\SensApi.dll
20:44:49.0801 3816  C:\Windows\System32\SensApi.dll - ok
20:44:49.0817 3816  [ 1D109ED0D660654EA7FF1574558031C4 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcm80.dll
20:44:49.0817 3816  C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcm80.dll - ok
20:44:49.0817 3816  [ D6534F188D83F46F6A79BE5518A1248C ] C:\Program Files\Acer\Empowering Technology\ePower\WMIInterface.dll
20:44:49.0817 3816  C:\Program Files\Acer\Empowering Technology\ePower\WMIInterface.dll - ok
20:44:49.0817 3816  [ D7EB32B51B7472FBEE86BFA47B3C4BC5 ] C:\Program Files\Common Files\LightScribe\LSSProxy.dll
20:44:49.0817 3816  C:\Program Files\Common Files\LightScribe\LSSProxy.dll - ok
20:44:49.0832 3816  [ C2CC198A085AFE8EF403DC14454D05C6 ] C:\Windows\assembly\GAC_MSIL\Framework.Service.Utility\3.0.3005.0__40d56bd2d2a1d6f8\Framework.Service.Utility.dll
20:44:49.0832 3816  C:\Windows\assembly\GAC_MSIL\Framework.Service.Utility\3.0.3005.0__40d56bd2d2a1d6f8\Framework.Service.Utility.dll - ok
20:44:49.0832 3816  [ 0EE266A90D43E82A07CF33755D6DE1CC ] C:\Program Files\Common Files\LightScribe\LSLog.dll
20:44:49.0832 3816  C:\Program Files\Common Files\LightScribe\LSLog.dll - ok
20:44:49.0832 3816  [ 65085456FD9A74D7F1A999520C299ECB ] C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
20:44:49.0832 3816  C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe - ok
20:44:49.0848 3816  [ EF39CCCC9AD927A25334AE0B41A8A343 ] C:\Program Files\Malwarebytes' Anti-Malware\mbam.dll
20:44:49.0848 3816  C:\Program Files\Malwarebytes' Anti-Malware\mbam.dll - ok
20:44:49.0848 3816  [ 9275F02BEA644F43A459E316A932658F ] C:\Program Files\Malwarebytes' Anti-Malware\mbamnet.dll
20:44:49.0848 3816  C:\Program Files\Malwarebytes' Anti-Malware\mbamnet.dll - ok
20:44:49.0848 3816  [ E0D7732F2D2E24B2DB3F67B6750295B8 ] C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
20:44:49.0848 3816  C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe - ok
20:44:49.0864 3816  [ 80D8679BF84A9383BFF33E07D5D9FC35 ] C:\Program Files\Malwarebytes' Anti-Malware\mbamcore.dll
20:44:49.0864 3816  C:\Program Files\Malwarebytes' Anti-Malware\mbamcore.dll - ok
20:44:49.0864 3816  [ 92735E1769ED5387528EB1A37DB46DBB ] C:\Program Files\Intel\WiFi\bin\S24MUDLL.dll
20:44:49.0864 3816  C:\Program Files\Intel\WiFi\bin\S24MUDLL.dll - ok
20:44:49.0864 3816  [ F935DF6F39BC274DEA31BA84071ED89D ] C:\Windows\System32\ci.dll
20:44:49.0864 3816  C:\Windows\System32\ci.dll - ok
20:44:49.0864 3816  [ 6349F6ED9C623B44B52EA3C63C831A92 ] C:\Windows\System32\drivers\PEAuth.sys
20:44:49.0864 3816  C:\Windows\System32\drivers\PEAuth.sys - ok
20:44:49.0879 3816  [ 2AAF9A5D7A63D26BFAEA853C5F2292BC ] C:\Windows\System32\drivers\PSDNServ.sys
20:44:49.0879 3816  C:\Windows\System32\drivers\PSDNServ.sys - ok
20:44:49.0879 3816  [ 0EB8CEC99855BEAE5B0D02C2302619EF ] C:\Windows\System32\drivers\PSDVdisk.sys
20:44:49.0879 3816  C:\Windows\System32\drivers\PSDVdisk.sys - ok
20:44:49.0879 3816  [ F4D9ED6BD74AD7CC0BEC83C43A1CB76B ] C:\Windows\System32\ncsi.dll
20:44:49.0879 3816  C:\Windows\System32\ncsi.dll - ok
20:44:49.0895 3816  [ 01BCD91CC2B0EFDA4890F547010750BD ] C:\Windows\System32\ssdpapi.dll
20:44:49.0895 3816  C:\Windows\System32\ssdpapi.dll - ok
20:44:49.0895 3816  [ 510C138564486FF926A3F773205C63D1 ] C:\Windows\System32\HPZinw12.dll
20:44:49.0895 3816  C:\Windows\System32\HPZinw12.dll - ok
20:44:49.0895 3816  [ 37E5E8FFBAD35605DAEEC3224EA0E465 ] C:\Windows\System32\HPZipm12.dll
20:44:49.0895 3816  C:\Windows\System32\HPZipm12.dll - ok
20:44:49.0895 3816  [ D1D5DAB39DCB4BE0359943738D87409B ] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
20:44:49.0895 3816  C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe - ok
20:44:49.0910 3816  [ 3FF45B7F17D5837216ABAE652CC61540 ] C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
20:44:49.0910 3816  C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe - ok
20:44:49.0910 3816  [ 73835C4F79ADC404EF39C8A9E2D4183B ] C:\Program Files\Acer\Acer VCM\RS_Service.exe
20:44:49.0910 3816  C:\Program Files\Acer\Acer VCM\RS_Service.exe - ok
20:44:49.0910 3816  [ 90A3935D05B494A5A39D37E71F09A677 ] C:\Windows\System32\drivers\secdrv.sys
20:44:49.0910 3816  C:\Windows\System32\drivers\secdrv.sys - ok
20:44:49.0910 3816  [ BDE89AB6F15F0093A2A7861D1FC413ED ] C:\Windows\System32\QAGENT.DLL
20:44:49.0910 3816  C:\Windows\System32\QAGENT.DLL - ok
20:44:49.0926 3816  [ D4A2E4A4B011F3A883AF77315A5AE76B ] C:\Windows\System32\drivers\tcpipreg.sys
20:44:49.0926 3816  C:\Windows\System32\drivers\tcpipreg.sys - ok
20:44:49.0926 3816  [ CD5A4DFDEBC0E36A666DB92F93290C63 ] C:\Windows\System32\FWPUCLNT.DLL
20:44:49.0926 3816  C:\Windows\System32\FWPUCLNT.DLL - ok
20:44:49.0926 3816  [ 0C84B6AFFA7486422235584110D7176F ] C:\Windows\System32\icaapi.dll
20:44:49.0926 3816  C:\Windows\System32\icaapi.dll - ok
20:44:49.0942 3816  [ 769D027B977CED05658C85E698D3C5B1 ] C:\Windows\System32\QUTIL.DLL
20:44:49.0942 3816  C:\Windows\System32\QUTIL.DLL - ok
20:44:49.0942 3816  [ 428FF21418ADCD6FAD6189CD9520A67B ] C:\Windows\System32\wiatrace.dll
20:44:49.0942 3816  C:\Windows\System32\wiatrace.dll - ok
20:44:49.0942 3816  [ CCAF246004F719F858E841A2BA12C308 ] C:\Windows\System32\wsdchngr.dll
20:44:49.0942 3816  C:\Windows\System32\wsdchngr.dll - ok
20:44:49.0942 3816  [ 5867CE254625645345C833510D24F124 ] C:\Program Files\Cyberlink\PowerDVD8\000.fcl
20:44:49.0942 3816  C:\Program Files\Cyberlink\PowerDVD8\000.fcl - ok
20:44:49.0957 3816  [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] C:\Windows\System32\netprofm.dll
20:44:49.0957 3816  C:\Windows\System32\netprofm.dll - ok
20:44:49.0957 3816  [ DFCAB29E8FD38F95650CC1E203E8D318 ] C:\Windows\System32\npmproxy.dll
20:44:49.0957 3816  C:\Windows\System32\npmproxy.dll - ok
20:44:49.0957 3816  [ 2722DF0EAA13B4B363DA9753D16D2106 ] C:\Windows\System32\PortableDeviceApi.dll
20:44:49.0957 3816  C:\Windows\System32\PortableDeviceApi.dll - ok
20:44:49.0973 3816  [ 1F18B9EA1BBFF033413414C3BEA13AD6 ] C:\Windows\System32\wbem\WinMgmtR.dll
20:44:49.0973 3816  C:\Windows\System32\wbem\WinMgmtR.dll - ok
20:44:49.0973 3816  [ 178A34E5554DCE485E1262DDF027960C ] C:\Users\Mike\AppData\Local\temp\517FE7CA-C5A7-4A50-88A0-3D6B7C69E54D.exe
20:44:49.0973 3816  C:\Users\Mike\AppData\Local\temp\517FE7CA-C5A7-4A50-88A0-3D6B7C69E54D.exe - ok
20:44:49.0973 3816  [ 12BCF4DAD8E5A1B3D5FA7AB4A79DA105 ] C:\Windows\System32\sfc_os.dll
20:44:49.0973 3816  C:\Windows\System32\sfc_os.dll - ok
20:44:49.0973 3816  [ 21322832C99E8DE85BD047689A2A69DB ] C:\Windows\System32\pnpts.dll
20:44:49.0973 3816  C:\Windows\System32\pnpts.dll - ok
20:44:49.0988 3816  [ F0062778F50838145AC46B384FFB4FA3 ] C:\Windows\System32\pcadm.dll
20:44:49.0988 3816  C:\Windows\System32\pcadm.dll - ok
20:44:49.0988 3816  [ 8BEB91025512C439B4B8624A0CFBD2C3 ] C:\Windows\System32\wbem\wbemcore.dll
20:44:49.0988 3816  C:\Windows\System32\wbem\wbemcore.dll - ok
20:44:49.0988 3816  [ 7EDD3CDEFF1004CF15E5C86168FF2D62 ] C:\Windows\System32\wbem\esscli.dll
20:44:49.0988 3816  C:\Windows\System32\wbem\esscli.dll - ok
20:44:50.0004 3816  [ 52A53BCCCF489D4097191B7B78DFFA58 ] C:\Windows\System32\wbem\fastprox.dll
20:44:50.0004 3816  C:\Windows\System32\wbem\fastprox.dll - ok
20:44:50.0004 3816  [ 3A5BDC4FC1F314359CB12B8186E3E107 ] C:\Windows\System32\wbem\wbemsvc.dll
20:44:50.0004 3816  C:\Windows\System32\wbem\wbemsvc.dll - ok
20:44:50.0004 3816  [ 6EE98BE53BE3EEC7B772B36889757B49 ] C:\Windows\System32\timedate.cpl
20:44:50.0004 3816  C:\Windows\System32\timedate.cpl - ok
20:44:50.0004 3816  [ DC30569EAEFAF3455CE765AE8FDAF48B ] C:\Windows\System32\wbem\wmiutils.dll
20:44:50.0004 3816  C:\Windows\System32\wbem\wmiutils.dll - ok
20:44:50.0020 3816  [ 8D78BA30DB4AE040A52EDEE725782715 ] C:\Windows\System32\actxprxy.dll
20:44:50.0020 3816  C:\Windows\System32\actxprxy.dll - ok
20:44:50.0020 3816  [ 220DB6D951B90C5CEDDB4D3A93C108DF ] C:\Windows\System32\wbem\repdrvfs.dll
20:44:50.0020 3816  C:\Windows\System32\wbem\repdrvfs.dll - ok
20:44:50.0020 3816  [ 24F90AEFEBE601D427CB4511E74CDCB6 ] C:\Windows\System32\linkinfo.dll
20:44:50.0020 3816  C:\Windows\System32\linkinfo.dll - ok
20:44:50.0035 3816  [ E91A23A9BC6DC56A049EB16096C17D02 ] C:\Windows\System32\wbem\WmiPrvSD.dll
20:44:50.0035 3816  C:\Windows\System32\wbem\WmiPrvSD.dll - ok
20:44:50.0035 3816  [ FD02CA3F5AE91337D67B80F6852D2EFB ] C:\Windows\System32\wbem\wbemess.dll
20:44:50.0035 3816  C:\Windows\System32\wbem\wbemess.dll - ok
20:44:50.0035 3816  [ 25873356E52849C3F5B3F1B02317E8C8 ] C:\Windows\System32\wbem\unsecapp.exe
20:44:50.0035 3816  C:\Windows\System32\wbem\unsecapp.exe - ok
20:44:50.0035 3816  [ A1F734BDE374EDE1AE4A16EB8F0E254F ] C:\Program Files\Intel\Intel Matrix Storage Manager\PlugInRAID.pin
20:44:50.0035 3816  C:\Program Files\Intel\Intel Matrix Storage Manager\PlugInRAID.pin - ok
20:44:50.0051 3816  [ 4C3C30FA8DC2F16DD89759882935477E ] C:\Program Files\Intel\Intel Matrix Storage Manager\RAIDWizM.dll
20:44:50.0051 3816  C:\Program Files\Intel\Intel Matrix Storage Manager\RAIDWizM.dll - ok
20:44:50.0051 3816  [ 19D93154C82FE39A99B269CED1056A92 ] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
20:44:50.0051 3816  C:\Program Files\Synaptics\SynTP\SynTPEnh.exe - ok
20:44:50.0051 3816  [ 5016B8FC59AD616F03813FBE63295081 ] C:\Windows\System32\thumbcache.dll
20:44:50.0051 3816  C:\Windows\System32\thumbcache.dll - ok
20:44:50.0066 3816  [ BADC359C9A0D9C217B7E8DA17BF3F5BB ] C:\Windows\System32\ntshrui.dll
20:44:50.0066 3816  C:\Windows\System32\ntshrui.dll - ok
20:44:50.0066 3816  [ 693DCDFFD4760CBA41D8D22D34E6911B ] C:\Windows\System32\cscapi.dll
20:44:50.0066 3816  C:\Windows\System32\cscapi.dll - ok
20:44:50.0066 3816  [ FBF1C00F54579BB7A66EE497427E9885 ] C:\Program Files\Intel\Intel Matrix Storage Manager\RAIDWizD.dll
20:44:50.0066 3816  C:\Program Files\Intel\Intel Matrix Storage Manager\RAIDWizD.dll - ok
20:44:50.0082 3816  [ B43DC259D9D66075D0E1BCB8A235CBBD ] C:\Windows\System32\ExplorerFrame.dll
20:44:50.0082 3816  C:\Windows\System32\ExplorerFrame.dll - ok
20:44:50.0082 3816  [ 858F9CE874A92F63858407856DD02AB4 ] C:\Windows\RtHDVCpl.exe
20:44:50.0082 3816  C:\Windows\RtHDVCpl.exe - ok
20:44:50.0082 3816  [ A3B6CBB71BD7C54B8E7DC4EB2C4B7E21 ] C:\Program Files\Intel\Intel Matrix Storage Manager\RAIDWizR.dll
20:44:50.0082 3816  C:\Program Files\Intel\Intel Matrix Storage Manager\RAIDWizR.dll - ok
20:44:50.0082 3816  [ A68AEDA4EB23012C5207DFF729D85692 ] C:\Windows\System32\wbem\NCProv.dll
20:44:50.0082 3816  C:\Windows\System32\wbem\NCProv.dll - ok
20:44:50.0098 3816  [ A859852DEA22D60295A69B8BF92928F1 ] C:\Windows\System32\wbem\WmiPrvSE.exe
20:44:50.0098 3816  C:\Windows\System32\wbem\WmiPrvSE.exe - ok
20:44:50.0098 3816  [ E3F535656B5ABF249702EB64F3CF9AF0 ] C:\Windows\System32\wbem\wbemcons.dll
20:44:50.0098 3816  C:\Windows\System32\wbem\wbemcons.dll - ok
20:44:50.0098 3816  [ 3D525A7AB3C01793A94DC89E9FFCF8C0 ] C:\Program Files\Intel\Intel Matrix Storage Manager\RaidWizCnG.dll
20:44:50.0098 3816  C:\Program Files\Intel\Intel Matrix Storage Manager\RaidWizCnG.dll - ok
20:44:50.0098 3816  [ C4FD6255CED4F5EBB34AE57A471F9219 ] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
20:44:50.0098 3816  C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe - ok
20:44:50.0113 3816  [ 4BC8167722B6C79B1B13F1F2076B9EEC ] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
20:44:50.0113 3816  C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe - ok
20:44:50.0113 3816  [ A8590E33BCF59D4D75FCB940F95E7BBB ] C:\Program Files\Intel\Intel Matrix Storage Manager\RAIDWizC.dll
20:44:50.0113 3816  C:\Program Files\Intel\Intel Matrix Storage Manager\RAIDWizC.dll - ok
20:44:50.0129 3816  [ 80CA893EC96B99D3109176AB440E3756 ] C:\Windows\System32\wbem\wmiprov.dll
20:44:50.0129 3816  C:\Windows\System32\wbem\wmiprov.dll - ok
20:44:50.0129 3816  [ BFE74095684093F14D24801C8C0D16E3 ] C:\Windows\System32\wmi.dll
20:44:50.0129 3816  C:\Windows\System32\wmi.dll - ok
20:44:50.0129 3816  [ 2A8681AEA24003040CA7D677BE9F1702 ] C:\Windows\System32\drivers\54827559.sys
20:44:50.0129 3816  C:\Windows\System32\drivers\54827559.sys - ok
20:44:50.0129 3816  [ 250EF6EE2EEFE202E0B35B6EC583E8BF ] C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe
20:44:50.0129 3816  C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe - ok
20:44:50.0144 3816  [ 623ECC167CE924D4B13D4791157446F1 ] C:\Program Files\Intel\Intel Matrix Storage Manager\RAIDWizCFE.dll
20:44:50.0144 3816  C:\Program Files\Intel\Intel Matrix Storage Manager\RAIDWizCFE.dll - ok
20:44:50.0144 3816  [ EC9B27B37D8E9D361C38E8D364F09611 ] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
20:44:50.0144 3816  C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe - ok
20:44:50.0144 3816  [ 8A7B8DA5CA558D2DE47086BB23556543 ] C:\Windows\System32\dsound.dll
20:44:50.0144 3816  C:\Windows\System32\dsound.dll - ok
20:44:50.0160 3816  [ 7716634E80AB36F6CE6A40D098EFDA4D ] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ADMIN_CLASS_LIB.dll
20:44:50.0160 3816  C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ADMIN_CLASS_LIB.dll - ok
20:44:50.0160 3816  [ 80BD4B26E2CBC0D65445D0463DFF6FC2 ] C:\Windows\System32\oledlg.dll
20:44:50.0160 3816  C:\Windows\System32\oledlg.dll - ok
20:44:50.0160 3816  [ C4028151E8553EBCCDAB33A3356A24E1 ] C:\Windows\System32\nvcpl.dll
20:44:50.0160 3816  C:\Windows\System32\nvcpl.dll - ok
20:44:50.0176 3816  [ EADE311CA02A23E30F7116C0A7F28219 ] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\PSDUtil.dll
20:44:50.0176 3816  C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\PSDUtil.dll - ok
20:44:50.0176 3816  [ B894D3E3D9AA815B754D0D30D56B944A ] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ShowErrMsg.dll
20:44:50.0176 3816  C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ShowErrMsg.dll - ok
20:44:50.0176 3816  [ 21752EE3EE7C8269220FEC2C6A6C9C6D ] C:\Windows\System32\PresentationSettings.exe
20:44:50.0176 3816  C:\Windows\System32\PresentationSettings.exe - ok
20:44:50.0176 3816  [ 06A716D18015BACDC4B3F46CAA21CD06 ] C:\Program Files\Acer\Empowering Technology\eAudio\Language\ENU\LangEnu.dll
20:44:50.0176 3816  C:\Program Files\Acer\Empowering Technology\eAudio\Language\ENU\LangEnu.dll - ok
20:44:50.0191 3816  [ CAE6861B19A2A7E5D42FEFC4DFDF5CCF ] C:\Program Files\Acer\Empowering Technology\ePower\msvcm80.dll
20:44:50.0191 3816  C:\Program Files\Acer\Empowering Technology\ePower\msvcm80.dll - ok
20:44:50.0191 3816  [ DCE0705B5D3861BFF813DB2A8160FBF0 ] C:\Windows\System32\SynCOM.dll
20:44:50.0191 3816  C:\Windows\System32\SynCOM.dll - ok
20:44:50.0191 3816  [ 9A120D6EEB7FA55DABF7731DA892972C ] C:\Windows\System32\riched20.dll
20:44:50.0191 3816  C:\Windows\System32\riched20.dll - ok
20:44:50.0207 3816  [ E2C48CD0132D4D1DC7D0DF9A6BEF686A ] C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\mfc80u.dll
20:44:50.0207 3816  C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\mfc80u.dll - ok
20:44:50.0207 3816  [ 365CA3842C52C459E03E5C2A1470D893 ] C:\Program Files\Acer\Empowering Technology\ePower\CompileMOF.exe
20:44:50.0207 3816  C:\Program Files\Acer\Empowering Technology\ePower\CompileMOF.exe - ok
20:44:50.0207 3816  [ 670FBEA172D1C9D108E0FFF272E85C3B ] C:\Windows\System32\wbem\mofd.dll
20:44:50.0207 3816  C:\Windows\System32\wbem\mofd.dll - ok
20:44:50.0222 3816  [ 6CE4E67A31214337BB4381419228613B ] C:\Windows\System32\stobject.dll
20:44:50.0222 3816  C:\Windows\System32\stobject.dll - ok
20:44:50.0222 3816  [ EC69B16644C613F41A57169F8D068F1D ] C:\Windows\System32\batmeter.dll
20:44:50.0222 3816  C:\Windows\System32\batmeter.dll - ok
20:44:50.0222 3816  [ 8AAD795FC3A4042E2654175A4B6EADCF ] C:\Program Files\Acer\Empowering Technology\eRecovery\eRecovery.ServicePlugin.dll
20:44:50.0222 3816  C:\Program Files\Acer\Empowering Technology\eRecovery\eRecovery.ServicePlugin.dll - ok
20:44:50.0222 3816  [ E05A6EA66A8FDE7E74DD3C506AEC7AAC ] C:\Windows\assembly\GAC_MSIL\Framework.Utility\3.0.3005.0__4df5dcab8860d239\Framework.Utility.dll
20:44:50.0222 3816  C:\Windows\assembly\GAC_MSIL\Framework.Utility\3.0.3005.0__4df5dcab8860d239\Framework.Utility.dll - ok
20:44:50.0238 3816  [ 8FDC0C93D12EFE6D940F5FDD87897B74 ] C:\Program Files\Acer\Empowering Technology\eRecovery\eRecovery.RemoteServer.dll
20:44:50.0238 3816  C:\Program Files\Acer\Empowering Technology\eRecovery\eRecovery.RemoteServer.dll - ok
20:44:50.0238 3816  [ C1F5279B83D85D242AB9D4E18863CD90 ] C:\Program Files\Acer\Empowering Technology\Service\eRecovery.RemoteServerInterface.dll
20:44:50.0238 3816  C:\Program Files\Acer\Empowering Technology\Service\eRecovery.RemoteServerInterface.dll - ok
20:44:50.0238 3816  [ 30F02D9C55053367E26A11482F51E255 ] C:\Windows\System32\SndVolSSO.dll
20:44:50.0238 3816  C:\Windows\System32\SndVolSSO.dll - ok
20:44:50.0254 3816  [ AA83361E1505A5AEC46FA0A2AAF18181 ] C:\Windows\ehome\ehSSO.dll
20:44:50.0254 3816  C:\Windows\ehome\ehSSO.dll - ok
20:44:50.0254 3816  [ 5F3BD963F02108C36592B5728FA725C5 ] C:\Windows\assembly\GAC_MSIL\log4net\1.2.10.0__1b44e1d426115821\log4net.dll
20:44:50.0254 3816  C:\Windows\assembly\GAC_MSIL\log4net\1.2.10.0__1b44e1d426115821\log4net.dll - ok
20:44:50.0254 3816  [ 5AA18E7840E880E10789DE414BF3131A ] C:\Windows\System32\netshell.dll
20:44:50.0254 3816  C:\Windows\System32\netshell.dll - ok
20:44:50.0269 3816  [ 0D9FA58B4D9B0676A0D491FABC9E0B9D ] C:\Program Files\Acer\Empowering Technology\eRecovery\HidChk.exe
20:44:50.0269 3816  C:\Program Files\Acer\Empowering Technology\eRecovery\HidChk.exe - ok
20:44:50.0269 3816  [ A823FB26B70C3F7574C77B6100C7D075 ] C:\Program Files\Acer\Empowering Technology\eRecovery\wimgapi.dll
20:44:50.0269 3816  C:\Program Files\Acer\Empowering Technology\eRecovery\wimgapi.dll - ok
20:44:50.0269 3816  [ EC70A90028E4B9C33D47854DC219C0B8 ] C:\Windows\System32\pnidui.dll
20:44:50.0269 3816  C:\Windows\System32\pnidui.dll - ok
20:44:50.0285 3816  [ B7BF68E1FEE5FBC360FABDF8C4F4540A ] C:\Windows\System32\fdProxy.dll
20:44:50.0285 3816  C:\Windows\System32\fdProxy.dll - ok
20:44:50.0285 3816  [ DE7F813217EC88C0A6D4D8F2F39D7949 ] C:\Windows\System32\msiltcfg.dll
20:44:50.0285 3816  C:\Windows\System32\msiltcfg.dll - ok
20:44:50.0285 3816  [ 5351C624740DB6663EC915602920CC91 ] C:\Program Files\Launch Manager\LManager.exe
20:44:50.0285 3816  C:\Program Files\Launch Manager\LManager.exe - ok
20:44:50.0285 3816  [ DA4C2F3978CB670546DF8163CD014180 ] C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe
20:44:50.0285 3816  C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe - ok
20:44:50.0300 3816  [ 3D1FB16287644240A6DAF3C7D80E6BB0 ] C:\Windows\System32\fdWSD.dll
20:44:50.0300 3816  C:\Windows\System32\fdWSD.dll - ok
20:44:50.0300 3816  [ 3EB6D30D82F0E300FCFBAD0498F654FD ] C:\Windows\System32\mlang.dll
20:44:50.0300 3816  C:\Windows\System32\mlang.dll - ok
20:44:50.0300 3816  [ 12916E0642E92561C98B18A2A2D01B14 ] C:\Program Files\Common Files\Java\Java Update\jusched.exe
20:44:50.0300 3816  C:\Program Files\Common Files\Java\Java Update\jusched.exe - ok
20:44:50.0316 3816  [ 88940E369CE544704662621267C6615E ] C:\Windows\System32\fdSSDP.dll
20:44:50.0316 3816  C:\Windows\System32\fdSSDP.dll - ok
20:44:50.0316 3816  [ 83A54618958DAA59F2F7312D6897D3E8 ] C:\Windows\System32\rasdlg.dll
20:44:50.0316 3816  C:\Windows\System32\rasdlg.dll - ok
20:44:50.0316 3816  [ 6CA63B0FAA55E778B32A9D1F398AC2DB ] C:\Program Files\Acer\Empowering Technology\eSettings\eSettings.ServicePlugin.dll
20:44:50.0316 3816  C:\Program Files\Acer\Empowering Technology\eSettings\eSettings.ServicePlugin.dll - ok
20:44:50.0316 3816  [ C26B09276755E0698B31CF0BAE0BF182 ] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
20:44:50.0316 3816  C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe - ok
20:44:50.0332 3816  [ 3DBFEBE4DDF9CE3D647FAAFC1D15F3C6 ] C:\Windows\System32\mprapi.dll
20:44:50.0332 3816  C:\Windows\System32\mprapi.dll - ok
20:44:50.0332 3816  [ 4AFFDCAADCB1DBBFFAF06C7F82E7F6FC ] C:\Program Files\iTunes\iTunesHelper.exe
20:44:50.0332 3816  C:\Program Files\iTunes\iTunesHelper.exe - ok
20:44:50.0332 3816  [ 237E2D7EA29E8680BFD95C3F5DDE5388 ] C:\Program Files\Acer\Empowering Technology\eSettings\eSettings.Logger.dll
20:44:50.0332 3816  C:\Program Files\Acer\Empowering Technology\eSettings\eSettings.Logger.dll - ok
20:44:50.0347 3816  [ F02A533F517EB38333CB12A9E8963773 ] C:\Users\Mike\AppData\Local\Google\Update\GoogleUpdate.exe
20:44:50.0347 3816  C:\Users\Mike\AppData\Local\Google\Update\GoogleUpdate.exe - ok
20:44:50.0347 3816  [ 33B90E937309B393214D685F2980D583 ] C:\Program Files\Acer\Empowering Technology\eSettings\eSettings.Model.Computer.dll
20:44:50.0347 3816  C:\Program Files\Acer\Empowering Technology\eSettings\eSettings.Model.Computer.dll - ok
20:44:50.0347 3816  [ F6F5D040A9B86E9296B5B69DC5E784B5 ] C:\Program Files\Acer\Empowering Technology\Service\eSettings.Model.ComputerInterface.dll
20:44:50.0347 3816  C:\Program Files\Acer\Empowering Technology\Service\eSettings.Model.ComputerInterface.dll - ok
20:44:50.0363 3816  [ A69630D039C38018689190234F866D77 ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{EF81955C-5F2D-4FD1-ABF2-827226723684}\MpKsl900e6534.sys
20:44:50.0363 3816  C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{EF81955C-5F2D-4FD1-ABF2-827226723684}\MpKsl900e6534.sys - ok
20:44:50.0363 3816  [ 84A4A18145274E650CB97CC55A2BEA33 ] C:\Program Files\Acer\Empowering Technology\eAudio\AcrRtAud.dll
20:44:50.0363 3816  C:\Program Files\Acer\Empowering Technology\eAudio\AcrRtAud.dll - ok
20:44:50.0363 3816  [ 9EF5CD37551AC5381FC2CA763DC1CEE8 ] C:\Windows\System32\SynTPAPI.dll
20:44:50.0363 3816  C:\Windows\System32\SynTPAPI.dll - ok
20:44:50.0363 3816  [ 4A839160ED1963F9A1526DDA2D1233B2 ] C:\Windows\System32\AltTab.dll
20:44:50.0363 3816  C:\Windows\System32\AltTab.dll - ok
20:44:50.0378 3816  [ 82BFC519B8E21111634B6C6B7EC4CE3F ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\0a1195c6b5fab213527364c9e8b26ef0\System.Web.ni.dll
20:44:50.0378 3816  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\0a1195c6b5fab213527364c9e8b26ef0\System.Web.ni.dll - ok
20:44:50.0378 3816  [ A216F1C708CA4CBB7E1EB096C3A7EC5F ] C:\Windows\System32\WPDShServiceObj.dll
20:44:50.0378 3816  C:\Windows\System32\WPDShServiceObj.dll - ok
20:44:50.0378 3816  [ 2C0871B3464674E132EF8D04780366A7 ] C:\Program Files\Windows Calendar\WinCal.exe
20:44:50.0378 3816  C:\Program Files\Windows Calendar\WinCal.exe - ok
20:44:50.0378 3816  [ DFD9B010993B70083CEB74C245B98120 ] C:\Windows\System32\srchadmin.dll
20:44:50.0378 3816  C:\Windows\System32\srchadmin.dll - ok
20:44:50.0394 3816  [ 4F4889A9D680714BE11B31BD01A0411A ] C:\Windows\System32\webcheck.dll
20:44:50.0394 3816  C:\Windows\System32\webcheck.dll - ok
20:44:50.0394 3816  [ 85DD71F98C305D7FD9D032216B55483C ] C:\Program Files\FileZilla FTP Client\fzshellext.dll
20:44:50.0394 3816  C:\Program Files\FileZilla FTP Client\fzshellext.dll - ok
20:44:50.0394 3816  [ C8527AB1BC08E6BB57EA545DA8C6569F ] C:\Windows\System32\SyncCenter.dll
20:44:50.0394 3816  C:\Windows\System32\SyncCenter.dll - ok
20:44:50.0410 3816  [ A5BFB7EA350091649F7F1B2B6C2A67C2 ] C:\Windows\System32\imapi2.dll
20:44:50.0410 3816  C:\Windows\System32\imapi2.dll - ok
20:44:50.0410 3816  [ 9FB61C3FFC2BD247DFFABAD9B4322609 ] C:\Windows\System32\PortableDeviceTypes.dll
20:44:50.0410 3816  C:\Windows\System32\PortableDeviceTypes.dll - ok
20:44:50.0410 3816  [ 729B02AFB824D893882D84A46CD7D12B ] C:\Windows\System32\SysHook.dll
20:44:50.0410 3816  C:\Windows\System32\SysHook.dll - ok
20:44:50.0410 3816  [ 8256A6D9F7E25520C032227FCF88A4E3 ] C:\Windows\System32\tzres.dll
20:44:50.0425 3816  C:\Windows\System32\tzres.dll - ok
20:44:50.0425 3816  [ A952D0DED445F26AEFCF593A935AB300 ] C:\Windows\System32\hnetcfg.dll
20:44:50.0425 3816  C:\Windows\System32\hnetcfg.dll - ok
20:44:50.0425 3816  [ 3192ED5E2FFDF5B630541B9643AE1AA3 ] C:\Windows\System32\upnp.dll
20:44:50.0425 3816  C:\Windows\System32\upnp.dll - ok
20:44:50.0425 3816  [ B2994EC6452DBD04E57828EEFEDFB93C ] C:\Users\Mike\AppData\Local\temp\RtkBtMnt.exe
20:44:50.0425 3816  C:\Users\Mike\AppData\Local\temp\RtkBtMnt.exe - ok
20:44:50.0441 3816  [ F44F5CF7F050191602523A828B327EBB ] C:\Program Files\Launch Manager\COMFNUTL.DLL
20:44:50.0441 3816  C:\Program Files\Launch Manager\COMFNUTL.DLL - ok
20:44:50.0441 3816  [ 7B845BFE314509D08AB5865CB141E332 ] C:\Program Files\iTunes\iTunesHelper.dll
20:44:50.0441 3816  C:\Program Files\iTunes\iTunesHelper.dll - ok
20:44:50.0441 3816  [ 28A09777D2D952122567A8A82F1A2C7B ] C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\mfc80ENU.dll
20:44:50.0441 3816  C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\mfc80ENU.dll - ok
20:44:50.0456 3816  [ 898ABECCD5F0B9A8E8F1318DDB234685 ] C:\Windows\System32\dot3api.dll
20:44:50.0456 3816  C:\Windows\System32\dot3api.dll - ok
20:44:50.0456 3816  [ 4B8BE68C1F19509BC62E6A2846D429C1 ] C:\Windows\System32\wlanhlp.dll
20:44:50.0456 3816  C:\Windows\System32\wlanhlp.dll - ok
20:44:50.0456 3816  [ 35EAFA4F987A2B05F110C54173836066 ] C:\Program Files\Launch Manager\SZUPFUTL.DLL
20:44:50.0456 3816  C:\Program Files\Launch Manager\SZUPFUTL.DLL - ok
20:44:50.0456 3816  [ 219AF0F9A54EBEEB3E7E20025D801034 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll
20:44:50.0456 3816  C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll - ok
20:44:50.0472 3816  [ F3C74862035D9645E2C08731F43AEA3F ] C:\Windows\System32\rastapi.dll
20:44:50.0472 3816  C:\Windows\System32\rastapi.dll - ok
20:44:50.0472 3816  [ 6CDD310172BCC9F5A2FAC445B20B3D5E ] C:\Windows\System32\unimdm.tsp
20:44:50.0472 3816  C:\Windows\System32\unimdm.tsp - ok
20:44:50.0472 3816  [ DFBAADF1B624DC71E88D34D86B3595BE ] C:\Windows\System32\uniplat.dll
20:44:50.0472 3816  C:\Windows\System32\uniplat.dll - ok
20:44:50.0488 3816  [ 5BBC45E19BCFB982C946429B9369DEE4 ] C:\Windows\System32\modemui.dll
20:44:50.0488 3816  C:\Windows\System32\modemui.dll - ok
20:44:50.0488 3816  [ 0B71899E60D1265229BF3D080EAB573D ] C:\Windows\System32\unimdmat.dll
20:44:50.0488 3816  C:\Windows\System32\unimdmat.dll - ok
20:44:50.0488 3816  [ 9FCE388428CB6466534AE7A12ACDF60C ] C:\Program Files\Launch Manager\OSDUTL.DLL
20:44:50.0488 3816  C:\Program Files\Launch Manager\OSDUTL.DLL - ok
20:44:50.0503 3816  [ B4B59AC042EE3733A862F26CBC0B17FC ] C:\Windows\System32\hidphone.tsp
20:44:50.0503 3816  C:\Windows\System32\hidphone.tsp - ok
20:44:50.0503 3816  [ 953193A9DEA40348C1086D171F6440AE ] C:\Windows\System32\kmddsp.tsp
20:44:50.0503 3816  C:\Windows\System32\kmddsp.tsp - ok
20:44:50.0503 3816  [ 2F6776ACEFE41EE889C464EA407918F2 ] C:\Windows\System32\ndptsp.tsp
20:44:50.0503 3816  C:\Windows\System32\ndptsp.tsp - ok
20:44:50.0503 3816  [ FF672EC108883FE90C8BEC3E8E1D503F ] C:\Windows\System32\rasppp.dll
20:44:50.0503 3816  C:\Windows\System32\rasppp.dll - ok
20:44:50.0519 3816  [ 88225070DD2F7B0B2ED51E7935078641 ] C:\Windows\System32\rasqec.dll
20:44:50.0519 3816  C:\Windows\System32\rasqec.dll - ok
20:44:50.0519 3816  [ 615A3B1CDA204E8123C5472540D229C0 ] C:\Windows\System32\cryptui.dll
20:44:50.0519 3816  C:\Windows\System32\cryptui.dll - ok
20:44:50.0519 3816  [ 5A1822B18FEE8807EB7EB33BA8CF9B0F ] C:\Program Files\Launch Manager\RGNMAKER.DLL
20:44:50.0519 3816  C:\Program Files\Launch Manager\RGNMAKER.DLL - ok
20:44:50.0519 3816  [ 1D45A7FF7949628D466E0E884EECAA85 ] C:\Program Files\Launch Manager\CDROMUTL.DLL
20:44:50.0519 3816  C:\Program Files\Launch Manager\CDROMUTL.DLL - ok
20:44:50.0534 3816  [ 8E3122A02C3981A9681C814E2AE102F1 ] C:\Program Files\Launch Manager\MIXERUTL.DLL
20:44:50.0534 3816  C:\Program Files\Launch Manager\MIXERUTL.DLL - ok
20:44:50.0534 3816  [ C9A8F1D76F468EB1C6E05949F5485B0D ] C:\Program Files\Launch Manager\WND2FILE.DLL
20:44:50.0534 3816  C:\Program Files\Launch Manager\WND2FILE.DLL - ok
20:44:50.0534 3816  [ 758D99511FD82B6C55E70494039E9F1A ] C:\Users\Mike\AppData\Local\Google\Update\1.3.21.145\goopdate.dll
20:44:50.0534 3816  C:\Users\Mike\AppData\Local\Google\Update\1.3.21.145\goopdate.dll - ok
20:44:50.0550 3816  [ 219F279E9A34C94538647191AB76C735 ] C:\Windows\System32\esent.dll
20:44:50.0550 3816  C:\Windows\System32\esent.dll - ok
20:44:50.0550 3816  [ 8AB292E01E668A92B147B823E6E9E85B ] C:\Windows\System32\bthprops.cpl
20:44:50.0550 3816  C:\Windows\System32\bthprops.cpl - ok
20:44:50.0550 3816  [ 5B2F136FFB0291EFB259F2AB22CD35A2 ] C:\Program Files\Launch Manager\PowerUtl.dll
20:44:50.0550 3816  C:\Program Files\Launch Manager\PowerUtl.dll - ok
20:44:50.0550 3816  [ 76B35CB0F3A4E69D6DFF27F542B9F856 ] C:\Users\Mike\AppData\Local\Google\Update\1.3.21.145\GoogleCrashHandler.exe
20:44:50.0550 3816  C:\Users\Mike\AppData\Local\Google\Update\1.3.21.145\GoogleCrashHandler.exe - ok
20:44:50.0566 3816  [ 3A2EEE8444A8E5C1A454C57B2198F5FC ] C:\Windows\System32\ntlanman.dll
20:44:50.0566 3816  C:\Windows\System32\ntlanman.dll - ok
20:44:50.0566 3816  [ D306EA7436AC1587463A89BE29B456FB ] C:\Windows\System32\davclnt.dll
20:44:50.0566 3816  C:\Windows\System32\davclnt.dll - ok
20:44:50.0566 3816  [ 582EFE56FC0858E58A6CEBA2A64B02C7 ] C:\Windows\System32\drprov.dll
20:44:50.0566 3816  C:\Windows\System32\drprov.dll - ok
20:44:50.0581 3816  [ A7146C0C90D7BA0F251AC073E655D4D2 ] C:\Program Files\iTunes\iTunesHelper.Resources\iTunesHelper.dll
20:44:50.0581 3816  C:\Program Files\iTunes\iTunesHelper.Resources\iTunesHelper.dll - ok
20:44:50.0581 3816  [ 0EDF40E039D92EA5EB26BF01BE9ECC50 ] C:\Program Files\Launch Manager\LGKCUTL.DLL
20:44:50.0581 3816  C:\Program Files\Launch Manager\LGKCUTL.DLL - ok
20:44:50.0581 3816  [ 73FD66B14D3C4252F7A524B8836A4359 ] C:\Windows\System32\mstask.dll
20:44:50.0581 3816  C:\Windows\System32\mstask.dll - ok
20:44:50.0597 3816  [ 867755B464702C9CB77A1F930165DD82 ] C:\Program Files\Acer\Empowering Technology\eDataSecurity\EDS.Windows.Forms.dll
20:44:50.0597 3816  C:\Program Files\Acer\Empowering Technology\eDataSecurity\EDS.Windows.Forms.dll - ok
20:44:50.0597 3816  [ FC4954D8CCDBE5C469F7737525B3300E ] C:\Windows\System32\cryptnet.dll
20:44:50.0597 3816  C:\Windows\System32\cryptnet.dll - ok
20:44:50.0597 3816  [ D793F200A3E24E6333DA7CF1EB6C373D ] C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe
20:44:50.0597 3816  C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe - ok
20:44:50.0597 3816  [ E08588A7BB48017B428F474B9A280B33 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\cfb60f99da570cc494e27e0e8ee747e2\System.Xml.ni.dll
20:44:50.0597 3816  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\cfb60f99da570cc494e27e0e8ee747e2\System.Xml.ni.dll - ok
20:44:50.0612 3816  [ 9DEE004269DADEE715BD572410AA6076 ] C:\Program Files\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll
20:44:50.0612 3816  C:\Program Files\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll - ok
20:44:50.0612 3816  [ F282D4EDD85D53E20D902CC92190C5F5 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll
20:44:50.0612 3816  C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll - ok
20:44:50.0612 3816  [ E8C3D3CC6C8754529BE59FBA15695A14 ] C:\Program Files\Launch Manager\NTKCUtl.dll
20:44:50.0612 3816  C:\Program Files\Launch Manager\NTKCUtl.dll - ok
20:44:50.0628 3816  [ B5D2610D34142F287DF13130665F0B94 ] C:\Program Files\Windows Media Player\wmplayer.exe
20:44:50.0628 3816  C:\Program Files\Windows Media Player\wmplayer.exe - ok
20:44:50.0628 3816  [ 8C602D444D5643F551CE9AD65EBB605A ] C:\Users\Mike\AppData\Local\Google\Update\1.3.21.145\goopdateres_en-GB.dll
20:44:50.0628 3816  C:\Users\Mike\AppData\Local\Google\Update\1.3.21.145\goopdateres_en-GB.dll - ok
20:44:50.0628 3816  [ 66FA6EDD4873114E48BB17A8BE211919 ] C:\Program Files\Launch Manager\VistaVol.dll
20:44:50.0628 3816  C:\Program Files\Launch Manager\VistaVol.dll - ok
20:44:50.0644 3816  [ 3311CFCA1DD5356A57CD7B7E7CD13616 ] C:\Program Files\Launch Manager\MMDUtl.dll
20:44:50.0644 3816  C:\Program Files\Launch Manager\MMDUtl.dll - ok
20:44:50.0644 3816  [ AE70AE6F0760793D4893C3735EEC7292 ] C:\Windows\System32\olepro32.dll
20:44:50.0644 3816  C:\Windows\System32\olepro32.dll - ok
20:44:50.0644 3816  [ EF9E677D9B52C994AEA2FDCAC7FA8A85 ] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSDTS.exe
20:44:50.0644 3816  C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSDTS.exe - ok
20:44:50.0644 3816  [ 5112FBD9885D79A9FC73BDE9B1EF9334 ] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon_main.dll
20:44:50.0644 3816  C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon_main.dll - ok
20:44:50.0659 3816  [ AB781C0E4C09E08F464081D17C0F6184 ] C:\Program Files\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll
20:44:50.0659 3816  C:\Program Files\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll - ok
20:44:50.0659 3816  [ BC0EA61246F8D940FBC5F652D337D6BD ] C:\Program Files\iPod\bin\iPodService.exe
20:44:50.0659 3816  C:\Program Files\iPod\bin\iPodService.exe - ok
20:44:50.0659 3816  [ FC509EAAC8CFA34A961BB84147D66076 ] C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll
20:44:50.0659 3816  C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll - ok
20:44:50.0675 3816  [ 240DBC4B5E382CA2F63A2562062E9A08 ] C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll
20:44:50.0675 3816  C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll - ok
20:44:50.0675 3816  [ 35937EAD711207544E219C2A19A78A7D ] C:\Program Files\Windows Media Player\wmpnscfg.exe
20:44:50.0675 3816  C:\Program Files\Windows Media Player\wmpnscfg.exe - ok
20:44:50.0675 3816  [ 70C6489D56008D75DEDF73226FA63C11 ] C:\Windows\System32\dimsjob.dll
20:44:50.0675 3816  C:\Windows\System32\dimsjob.dll - ok
20:44:50.0690 3816  [ 98638A4CA187245C469DA0DEC4F04A45 ] C:\Windows\System32\pautoenr.dll
20:44:50.0690 3816  C:\Windows\System32\pautoenr.dll - ok
20:44:50.0690 3816  [ 57F8E9FFE823CBC3EEE0A63451700B08 ] C:\Windows\System32\certcli.dll
20:44:50.0690 3816  C:\Windows\System32\certcli.dll - ok
20:44:50.0690 3816  [ D2E1A0A64A0748C6E6A4E3F93DB7A027 ] C:\Windows\System32\CertEnroll.dll
20:44:50.0690 3816  C:\Windows\System32\CertEnroll.dll - ok
20:44:50.0690 3816  ============================================================
20:44:50.0690 3816  Scan finished
20:44:50.0690 3816  ============================================================
20:44:50.0706 2056  Detected object count: 9
20:44:50.0706 2056  Actual detected object count: 9
20:46:12.0200 2056  ETService ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:12.0200 2056  ETService ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:12.0216 2056  EvtEng ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:12.0216 2056  EvtEng ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:12.0216 2056  int15 ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:12.0216 2056  int15 ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:12.0216 2056  LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:12.0216 2056  LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:12.0216 2056  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:12.0216 2056  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:12.0216 2056  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:12.0216 2056  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:12.0216 2056  RegSrvc ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:12.0216 2056  RegSrvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:12.0216 2056  RS_Service ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:12.0216 2056  RS_Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:46:12.0216 2056  \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
20:46:12.0216 2056  \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
20:47:46.0331 2972  Deinitialize success






Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.06.20.04

Windows Vista Service Pack 1 x86 NTFS
Internet Explorer 7.0.6001.18000
Mike :: SETHLAPTOP [administrator]

20/06/2013 20:48:04
mbam-log-2013-06-20 (20-48-04).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 217268
Time elapsed: 10 minute(s), 16 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)



#11 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,931 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:04:51 AM

Posted 20 June 2013 - 06:39 PM

Re-run TDSSKiller once again and delete the following entries only:

 

20:46:12.0216 2056  \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
20:46:12.0216 2056  \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

 

Please run a free online scan with the ESET Online Scanner

Vista / Win7 users: Right-click on the either the IE or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator.

Note: This scan works with Internet Explorer or Mozilla FireFox.

If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.
 

  • Click the green ESET Online Scanner box
  • Tick the box next to YES, I accept the Terms of Use
     then click on: Start
  • You may see a panel towards the top of the screen telling you the website wants to install an addon... click and allow it to install. If your firewall asks whether you want to allow installation, say yes.
  • Make sure that the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Click on Start
  • The virus signature database will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically. The scan may take several hours.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed select Uninstall application on close, make sure you copy the logfile first!
  • Then click on: Finish
  • Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
  • Copy and paste that log as a reply to this topic.

 

 

 

 

How is the computer doing?


Edited by JSntgRvr, 20 June 2013 - 06:41 PM.

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#12 seth815

seth815
  • Topic Starter

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Local time:09:51 AM

Posted 20 June 2013 - 07:08 PM

I haven't touched it since we started, other than to follow your instructions, but I just had a peek and it looks like the files are back where they should be in the MSE folder - not a suspicious shortcut in sight. Also the MSE options are back in the right-click context menu. Looking good!

 

I'm running the ESET scanner now. Will report back here when it's complete! *fingers crossed*



#13 seth815

seth815
  • Topic Starter

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Local time:09:51 AM

Posted 20 June 2013 - 09:27 PM

Phew, that took a while. Here is the log from the ESET Online Scanner:

 

 

 

 

ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=8ccb881fcf6e0747ad6c541c6094ba53
# engine=14115
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2013-06-21 02:21:00
# local_time=2013-06-21 03:21:00 (+0000, GMT Daylight Time)
# country="United Kingdom"
# lang=1033
# osver=6.0.6001 NT Service Pack 1
# compatibility_mode=5892 16777213 88 94 64101 39512208 0 0
# scanned=284945
# found=5
# cleaned=5
# scan_time=8563
sh=F8B02F66C8324F55FA16363C3956C193E9C45372 ft=1 fh=2311c5a1e677fa6d vn="Win64/Olmarik.AMO trojan (cleaned by deleting - quarantined)" ac=C fn="C:\TDSSKiller_Quarantine\21.06.2013_00.47.06\tdlfs0000\tsk0006.dta"
sh=F546B6D01318E8838778995485DAF8358D8E2714 ft=0 fh=0000000000000000 vn="a variant of Java/Exploit.CVE-2012-1723.AM trojan (cleaned by deleting - quarantined)" ac=C fn="C:\Users\Mike\AppData\Local\temp\jar_cache10812937100029781.tmp"
sh=0505ABCEF327AA81D181F41DD077731065961769 ft=0 fh=0000000000000000 vn="a variant of Java/Exploit.CVE-2012-1723.FD trojan (cleaned by deleting - quarantined)" ac=C fn="C:\Users\Mike\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27\64b905b-4d4323f6"
sh=86A445D62B0E9F29024B098E85B8B83DA701DF27 ft=0 fh=0000000000000000 vn="JS/SecurityDisabler.A.Gen application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\u9dlhr6r.default\prefs.js"
sh=E747BE18B5BA11C77987C7F0930F7B9473D56DD3 ft=0 fh=0000000000000000 vn="Java/Agent.X trojan (cleaned by deleting - quarantined)" ac=C fn="C:\Windows\System32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\61\12f1fa3d-73f252c2"
 



#14 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,931 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:04:51 AM

Posted 20 June 2013 - 11:16 PM

Click here for instructions on how to manage ESET's Quarantine.

 

Lets take a final look;

 

Download OTL  to your Desktop

  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.

  • OTL should now start. Change the following settings
    • Change Drivers to All

    • Change Standard Registry to All

    • Under File Scans, change File age to 30


  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
    • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt (first run only). These are saved in the same location as OTL.

    • Please post  the contents of the OTL.txt file and attach the Extras.Txt, if any, in your next reply.


 

 

Any flaws in the performance of the computer?


No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#15 seth815

seth815
  • Topic Starter

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Local time:09:51 AM

Posted 21 June 2013 - 04:32 AM

I haven't detected any performance flaws, but I haven't used it to do anything but run these scans yet.

 

 

 

OTL logfile created on: 21/06/2013 10:15:02 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Mike\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
 
3.00 Gb Total Physical Memory | 1.72 Gb Available Physical Memory | 57.38% Memory free
6.19 Gb Paging File | 4.88 Gb Available in Paging File | 78.81% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 144.04 Gb Total Space | 1.96 Gb Free Space | 1.36% Space Free | Partition Type: NTFS
Drive D: | 140.50 Gb Total Space | 5.15 Gb Free Space | 3.67% Space Free | Partition Type: NTFS
 
Computer Name: SETHLAPTOP | User Name: Mike | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013/06/21 10:08:30 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Mike\Desktop\OTL.exe
PRC - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013/04/04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012/05/23 22:02:48 | 000,204,800 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Users\Mike\AppData\Local\temp\RtkBtMnt.exe
PRC - [2012/03/26 17:03:40 | 000,011,552 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2009/08/01 17:43:18 | 003,770,600 | -H-- | M] () -- C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe
PRC - [2009/08/01 17:43:14 | 003,337,728 | -H-- | M] (Arachnoid Biometrics Identification Group Corp.) -- C:\Program Files\Acer\Acer Bio Protection\CompPtcVUI.exe
PRC - [2009/08/01 17:43:04 | 003,642,368 | -H-- | M] (Arachnoid Biometrics Identification Group Corp.) -- C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe
PRC - [2008/10/29 07:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/10/16 17:26:20 | 000,860,160 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe
PRC - [2008/10/16 16:54:34 | 000,466,944 | ---- | M] (Intel® Corporation) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
PRC - [2008/03/13 10:24:20 | 000,805,384 | ---- | M] (Dritek System Inc.) -- C:\Program Files\Launch Manager\LManager.exe
PRC - [2008/03/12 03:30:28 | 000,397,312 | -H-- | M] (Acer Inc.) -- C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
PRC - [2008/03/11 10:53:54 | 005,296,128 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2008/03/07 23:05:10 | 000,024,576 | -H-- | M] () -- C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
PRC - [2008/03/07 11:36:12 | 000,544,768 | -H-- | M] (Acer Incorporated) -- C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe
PRC - [2008/03/05 07:38:34 | 000,500,784 | -H-- | M] (Egis Incorporated) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
PRC - [2008/03/05 07:38:28 | 000,526,896 | -H-- | M] (Egis Incorporated) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
PRC - [2008/02/15 09:09:30 | 000,595,248 | ---- | M] (Validity Sensors, Inc.) -- C:\Windows\System32\vfsFPService.exe
PRC - [2008/01/21 03:23:52 | 000,117,248 | ---- | M] () -- \\?\C:\Windows\System32\wbem\WMIADAP.EXE
PRC - [2008/01/10 17:03:00 | 000,233,472 | -H-- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer VCM\RS_Service.exe
PRC - [2007/12/11 04:15:04 | 000,012,800 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe
PRC - [2007/10/03 14:45:02 | 000,358,936 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012/05/27 14:36:48 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\c933fd5d1d27f268331890d7ddba8fec\System.ServiceProcess.ni.dll
MOD - [2012/05/27 14:36:35 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\1ba19f8efcff8ad7f972aa38ab9a15f5\System.Runtime.Remoting.ni.dll
MOD - [2012/05/27 14:35:04 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\cfb60f99da570cc494e27e0e8ee747e2\System.Xml.ni.dll
MOD - [2012/05/27 14:34:48 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\381fb23cb39e1a61e13b8770eb9800ba\System.Windows.Forms.ni.dll
MOD - [2012/05/27 14:34:39 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\f1aa2385c0109f3059e0e6ba8b58ff68\System.Drawing.ni.dll
MOD - [2012/05/27 14:33:37 | 007,950,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9dff86a62a525ec8dc827fe9f50298b7\System.ni.dll
MOD - [2012/05/27 14:33:29 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\0309936a8e1672d39b9cf14463ce69f9\mscorlib.ni.dll
MOD - [2011/11/02 00:26:32 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/11/02 00:26:12 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2009/08/01 17:43:18 | 003,770,600 | -H-- | M] () -- C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe
MOD - [2009/07/01 23:46:06 | 000,093,696 | ---- | M] () -- C:\Program Files\FileZilla FTP Client\fzshellext.dll
MOD - [2008/03/21 07:57:17 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Framework.Library\3.0.3005.0__3036420f80dd6947\Framework.Library.dll
MOD - [2008/03/21 07:57:17 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Framework.Utility\3.0.3005.0__4df5dcab8860d239\Framework.Utility.dll
MOD - [2008/03/21 07:57:17 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Framework.Model.ControllerInterface\3.0.3005.0__d842b71b4d6ed079\Framework.Model.ControllerInterface.dll
MOD - [2008/03/11 17:14:34 | 000,204,800 | ---- | M] () -- C:\Windows\System32\SysHook.dll
MOD - [2008/03/05 07:38:16 | 000,227,888 | -H-- | M] () -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ShowErrMsg.dll
MOD - [2003/06/07 06:30:08 | 000,057,344 | ---- | M] () -- C:\Program Files\Launch Manager\PowerUtl.dll
 
 
========== Services (SafeList) ==========
 
SRV - File not found [Disabled | Stopped] -- C:\Users\Mike\AppData\Local\Temp\0176911337746244mcinst.exe C:\PROGRA~1\COMMON~1\McAfee\INSTAL~1\cleanup.ini -- (0176911337746244mcinstcleanup)
SRV - [2013/05/11 23:26:17 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/03/26 17:03:40 | 000,214,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2012/03/26 17:03:40 | 000,011,552 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2011/03/16 10:42:06 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010/06/27 00:24:44 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2008/10/16 17:26:20 | 000,860,160 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV - [2008/10/16 16:54:34 | 000,466,944 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV - [2008/03/07 23:05:10 | 000,024,576 | -H-- | M] () [Auto | Running] -- C:\Program Files\Acer\Empowering Technology\Service\ETService.exe -- (ETService)
SRV - [2008/03/05 07:38:34 | 000,500,784 | -H-- | M] (Egis Incorporated) [Auto | Running] -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe -- (eDataSecurity Service)
SRV - [2008/02/15 09:09:30 | 000,595,248 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\System32\vfsFPService.exe -- (vfsFPService)
SRV - [2008/01/10 17:03:00 | 000,233,472 | -H-- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer VCM\RS_Service.exe -- (RS_Service)
SRV - [2007/12/11 04:15:04 | 000,012,800 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2007/12/07 00:15:28 | 000,110,592 | -H-- | M] () [On_Demand | Stopped] -- C:\ACER\Mobility Center\MobilityService.exe -- (MobilityService)
SRV - [2007/10/03 14:45:02 | 000,358,936 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)
 
 
========== Driver Services (All) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\NewTech Infosystems\NTI Media Maker 8\NTI Ripper Suite\ -- (N)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Mike\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\btwrchid.sys -- (btwrchid)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\btwavdt.sys -- (btwavdt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\btwaudio.sys -- (btwaudio)
DRV - [2013/04/04 14:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2013/01/15 23:00:31 | 000,477,240 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2012/08/21 14:01:22 | 000,026,840 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2012/03/20 20:44:12 | 000,171,064 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\System32\drivers\MpFilter.sys -- (MpFilter)
DRV - [2012/03/20 20:44:12 | 000,074,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2011/07/06 15:56:47 | 000,213,504 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mrxsmb10.sys -- (mrxsmb10)
DRV - [2011/04/29 13:49:57 | 000,146,432 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\srv2.sys -- (srv2)
DRV - [2011/04/29 13:49:55 | 000,102,400 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\srvnet.sys -- (srvnet)
DRV - [2011/04/29 13:49:44 | 000,079,360 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mrxsmb20.sys -- (mrxsmb20)
DRV - [2011/04/29 13:49:35 | 000,105,984 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mrxsmb.sys -- (mrxsmb)
DRV - [2011/04/21 14:16:42 | 000,273,408 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\afd.sys -- (AFD)
DRV - [2011/04/14 15:24:14 | 000,075,264 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\System32\drivers\dfsc.sys -- (DfsC)
DRV - [2011/02/22 13:51:51 | 000,069,632 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\bowser.sys -- (bowser)
DRV - [2011/02/18 14:31:24 | 000,304,640 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\srv.sys -- (srv)
DRV - [2010/06/16 16:55:58 | 000,902,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tcpip.sys -- (Tcpip6)
DRV - [2010/06/16 16:55:58 | 000,902,032 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\tcpip.sys -- (Tcpip)
DRV - [2010/02/20 22:18:40 | 000,411,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\http.sys -- (HTTP)
DRV - [2010/02/18 12:52:00 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tunnel.sys -- (tunnel)
DRV - [2009/08/01 19:59:37 | 000,047,360 | ---- | M] (VSO Software) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\pcouffin.sys -- (pcouffin)
DRV - [2009/08/01 17:43:06 | 000,043,184 | ---- | M] (Alfa Corporation) [File_System | Boot | Running] -- C:\Windows\System32\drivers\AlfaFF.sys -- (AlfaFF)
DRV - [2009/06/29 09:16:48 | 000,048,640 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L1E60x86.sys -- (L1E)
DRV - [2009/06/15 19:20:59 | 000,439,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\ksecdd.sys -- (KSecDD)
DRV - [2008/11/17 07:40:22 | 003,668,480 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32)
DRV - [2008/08/08 10:15:56 | 000,041,456 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- C:\Program Files\Cyberlink\PowerDVD8\000.fcl -- ({FE4C91E7-22C2-4D0C-9F6B-82F1B7742054})
DRV - [2008/08/02 02:01:23 | 000,625,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\dxgkrnl.sys -- (DXGKrnl)
DRV - [2008/05/20 03:07:31 | 000,148,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nwifi.sys -- (NativeWifiP)
DRV - [2008/04/29 02:42:23 | 000,220,160 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\bthport.sys -- (BthPort)
DRV - [2008/04/29 02:42:21 | 000,029,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BTHUSB.SYS -- (BTHUSB)
DRV - [2008/04/05 02:21:42 | 000,072,192 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\pacer.sys -- (PSched)
DRV - [2008/03/11 11:55:36 | 002,077,080 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService)
DRV - [2008/03/07 18:55:00 | 007,480,384 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008/03/05 07:38:44 | 000,060,464 | ---- | M] (Egis Incorporated) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\PSDVdisk.sys -- (psdvdisk)
DRV - [2008/03/05 07:38:44 | 000,016,944 | ---- | M] (Egis Incorporated) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\PSDNServ.sys -- (PSDNServ)
DRV - [2008/03/05 07:38:42 | 000,018,992 | ---- | M] (Egis Incorporated) [File_System | Boot | Running] -- C:\Windows\System32\drivers\psdfilter.sys -- (PSDFilter)
DRV - [2008/02/29 08:13:38 | 001,202,560 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2008/02/15 09:09:46 | 000,040,752 | ---- | M] (Validity Sensors, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vfs101x.sys -- (vfs101x)
DRV - [2008/01/30 10:52:06 | 000,014,848 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV - [2008/01/21 03:25:05 | 000,069,120 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rassstp.sys -- (RasSstp)
DRV - [2008/01/21 03:25:02 | 000,136,192 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\exfat.sys -- (exfat)
DRV - [2008/01/21 03:25:00 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\smb.sys -- (Smb)
DRV - [2008/01/21 03:24:59 | 000,184,320 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\netbt.sys -- (netbt)
DRV - [2008/01/21 03:24:59 | 000,083,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WUDFRd.sys -- (WUDFRd)
DRV - [2008/01/21 03:24:59 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tssecsrv.sys -- (tssecsrv)
DRV - [2008/01/21 03:24:57 | 000,031,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\modem.sys -- (Modem)
DRV - [2008/01/21 03:24:55 | 000,076,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rasl2tp.sys -- (Rasl2tp)
DRV - [2008/01/21 03:24:55 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\raspptp.sys -- (PptpMiniport)
DRV - [2008/01/21 03:24:55 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ndisuio.sys -- (Ndisuio)
DRV - [2008/01/21 03:24:53 | 000,071,680 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\tdx.sys -- (tdx)
DRV - [2008/01/21 03:24:51 | 000,006,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mstee.sys -- (MSTEE)
DRV - [2008/01/21 03:24:51 | 000,005,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mspclock.sys -- (MSPCLOCK)
DRV - [2008/01/21 03:24:51 | 000,005,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mspqm.sys -- (MSPQM)
DRV - [2008/01/21 03:24:50 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\vga.sys -- (VgaSave)
DRV - [2008/01/21 03:24:50 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mskssrv.sys -- (MSKSSRV)
DRV - [2008/01/21 03:24:50 | 000,006,144 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\RDPENCDD.sys -- (RDPENCDD)
DRV - [2008/01/21 03:24:49 | 000,181,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpwd.sys -- (RDPWD)
DRV - [2008/01/21 03:24:47 | 000,064,000 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mpsdrv.sys -- (mpsdrv)
DRV - [2008/01/21 03:24:47 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\nsiproxy.sys -- (nsiproxy)
DRV - [2008/01/21 03:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\ws2ifsl.sys -- (ws2ifsl)
DRV - [2008/01/21 03:24:45 | 000,047,616 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\ipfltdrv.sys -- (IpFilterDriver)
DRV - [2008/01/21 03:24:44 | 000,056,376 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\partmgr.sys -- (partmgr)
DRV - [2008/01/21 03:24:37 | 000,084,480 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\System32\drivers\luafv.sys -- (luafv)
DRV - [2008/01/21 03:24:37 | 000,060,416 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rspndr.sys -- (rspndr)
DRV - [2008/01/21 03:24:37 | 000,047,104 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lltdio.sys -- (lltdio)
DRV - [2008/01/21 03:24:35 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\raspppoe.sys -- (RasPppoe)
DRV - [2008/01/21 03:24:27 | 000,294,456 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\volmgrx.sys -- (volmgrx)
DRV - [2008/01/21 03:24:26 | 000,163,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\msrpc.sys -- (MsRPC)
DRV - [2008/01/21 03:24:25 | 000,100,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ipnat.sys -- (IPNAT)
DRV - [2008/01/21 03:24:25 | 000,062,464 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\wanarp.sys -- (Wanarpv6)
DRV - [2008/01/21 03:24:25 | 000,062,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wanarp.sys -- (Wanarp)
DRV - [2008/01/21 03:24:25 | 000,049,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ndproxy.sys -- (NDProxy)
DRV - [2008/01/21 03:24:25 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ndistapi.sys -- (NdisTapi)
DRV - [2008/01/21 03:24:25 | 000,015,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\TUNMP.SYS -- (tunmp)
DRV - [2008/01/21 03:24:21 | 000,027,648 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\filetrace.sys -- (Filetrace)
DRV - [2008/01/21 03:24:20 | 000,035,840 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\System32\drivers\netbios.sys -- (NetBIOS)
DRV - [2008/01/21 03:24:19 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\rasacd.sys -- (RasAcd)
DRV - [2008/01/21 03:24:18 | 000,224,768 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\System32\drivers\rdbss.sys -- (rdbss)
DRV - [2008/01/21 03:24:14 | 000,049,720 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\System32\drivers\mup.sys -- (Mup)
DRV - [2008/01/21 03:24:13 | 000,143,360 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\fastfat.sys -- (fastfat)
DRV - [2008/01/21 03:24:13 | 000,121,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ndiswan.sys -- (NdisWan)
DRV - [2008/01/21 03:24:11 | 000,021,048 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\spldr.sys -- (spldr)
DRV - [2008/01/21 03:24:08 | 000,029,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tdtcp.sys -- (TDTCP)
DRV - [2008/01/21 03:24:08 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tdpipe.sys -- (TDPIPE)
DRV - [2008/01/21 03:24:06 | 000,012,800 | ---- | M] (Microsoft Corporation) [Recognizer | System | Unknown] -- C:\Windows\System32\drivers\fs_rec.sys -- (Fs_Rec)
DRV - [2008/01/21 03:24:06 | 000,006,144 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\RDPCDD.sys -- (RDPCDD)
DRV - [2008/01/21 03:24:04 | 000,058,936 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\System32\drivers\fileinfo.sys -- (FileInfo)
DRV - [2008/01/21 03:24:04 | 000,017,408 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\asyncmac.sys -- (AsyncMac)
DRV - [2008/01/21 03:24:01 | 000,192,056 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\System32\drivers\fltMgr.sys -- (FltMgr)
DRV - [2008/01/21 03:23:54 | 000,247,352 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\clfs.sys -- (CLFS)
DRV - [2008/01/21 03:23:54 | 000,013,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\irenum.sys -- (IRENUM)
DRV - [2008/01/21 03:23:51 | 001,081,912 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\ntfs.sys -- (Ntfs)
DRV - [2008/01/21 03:23:51 | 000,503,864 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\Wdf01000.sys -- (Wdf01000)
DRV - [2008/01/21 03:23:51 | 000,226,816 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\System32\drivers\udfs.sys -- (udfs)
DRV - [2008/01/21 03:23:51 | 000,070,144 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\System32\drivers\cdfs.sys -- (cdfs)
DRV - [2008/01/21 03:23:51 | 000,034,816 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\System32\drivers\npfs.sys -- (Npfs)
DRV - [2008/01/21 03:23:51 | 000,022,528 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\System32\drivers\msfs.sys -- (Msfs)
DRV - [2008/01/21 03:23:50 | 000,529,464 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\ndis.sys -- (NDIS)
DRV - [2008/01/21 03:23:50 | 000,004,608 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\null.sys -- (Null)
DRV - [2008/01/21 03:23:44 | 000,006,144 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\beep.sys -- (Beep)
DRV - [2008/01/21 03:23:43 | 000,057,400 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\mountmgr.sys -- (MountMgr)
DRV - [2008/01/21 03:23:43 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\tcpipreg.sys -- (tcpipreg)
DRV - [2008/01/21 03:23:39 | 000,143,416 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\ecache.sys -- (Ecache)
DRV - [2008/01/21 03:23:39 | 000,110,080 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mrxdav.sys -- (MRxDAV)
DRV - [2008/01/21 03:23:31 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\qwavedrv.sys -- (QWAVEdrv)
DRV - [2008/01/21 03:23:27 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\MegaSR.sys -- (MegaSR)
DRV - [2008/01/21 03:23:27 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\adpu320.sys -- (adpu320)
DRV - [2008/01/21 03:23:27 | 000,035,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbscan.sys -- (usbscan)
DRV - [2008/01/21 03:23:27 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\megasas.sys -- (megasas)
DRV - [2008/01/21 03:23:26 | 000,134,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbvideo.sys -- (usbvideo)
DRV - [2008/01/21 03:23:26 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2008/01/21 03:23:26 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2008/01/21 03:23:26 | 000,041,016 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sisraid2.sys -- (SiSRaid2)
DRV - [2008/01/21 03:23:26 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\HpCISSs.sys -- (HpCISSs)
DRV - [2008/01/21 03:23:26 | 000,035,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\circlass.sys -- (circlass)
DRV - [2008/01/21 03:23:26 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hidir.sys -- (HidIr)
DRV - [2008/01/21 03:23:26 | 000,014,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CmBatt.sys -- (CmBatt)
DRV - [2008/01/21 03:23:26 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hidusb.sys -- (HidUsb)
DRV - [2008/01/21 03:23:25 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\adpahci.sys -- (adpahci)
DRV - [2008/01/21 03:23:25 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2008/01/21 03:23:25 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\bthenum.sys -- (BthEnum)
DRV - [2008/01/21 03:23:24 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\ql2300.sys -- (ql2300)
DRV - [2008/01/21 03:23:24 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60)
DRV - [2008/01/21 03:23:24 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\arcsas.sys -- (arcsas)
DRV - [2008/01/21 03:23:24 | 000,055,296 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\USBSTOR.SYS -- (USBSTOR)
DRV - [2008/01/21 03:23:24 | 000,022,072 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\wd.sys -- (Wd)
DRV - [2008/01/21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\iaStorV.sys -- (iaStorV)
DRV - [2008/01/21 03:23:23 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2008/01/21 03:23:23 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2008/01/21 03:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2008/01/21 03:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2008/01/21 03:23:23 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\arc.sys -- (arc)
DRV - [2008/01/21 03:23:23 | 000,035,384 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\kbdclass.sys -- (kbdclass)
DRV - [2008/01/21 03:23:23 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\kbdhid.sys -- (kbdhid)
DRV - [2008/01/21 03:23:23 | 000,013,312 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sffdisk.sys -- (sffdisk)
DRV - [2008/01/21 03:23:23 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sffp_mmc.sys -- (sffp_mmc)
DRV - [2008/01/21 03:23:23 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sffp_sd.sys -- (sffp_sd)
DRV - [2008/01/21 03:23:22 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\elxstor.sys -- (elxstor)
DRV - [2008/01/21 03:23:22 | 000,064,512 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\IPMIDrv.sys -- (IPMIDRV)
DRV - [2008/01/21 03:23:22 | 000,061,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\GAGP30KX.SYS -- (gagp30kx)
DRV - [2008/01/21 03:23:22 | 000,059,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\UAGP35.SYS -- (uagp35)
DRV - [2008/01/21 03:23:22 | 000,053,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2008/01/21 03:23:22 | 000,041,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\monitor.sys -- (monitor)
DRV - [2008/01/21 03:23:22 | 000,034,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\umbus.sys -- (umbus)
DRV - [2008/01/21 03:23:22 | 000,024,632 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\crcdisk.sys -- (crcdisk)
DRV - [2008/01/21 03:23:22 | 000,018,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbprint.sys -- (usbprint)
DRV - [2008/01/21 03:23:21 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2008/01/21 03:23:21 | 000,227,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\volsnap.sys -- (volsnap)
DRV - [2008/01/21 03:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\nvraid.sys -- (nvraid)
DRV - [2008/01/21 03:23:21 | 000,094,776 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\msdsm.sys -- (msdsm)
DRV - [2008/01/21 03:23:21 | 000,073,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\USBAUDIO.sys -- (usbaudio)
DRV - [2008/01/21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\nvstor.sys -- (nvstor)
DRV - [2008/01/21 03:23:21 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WpdUsb.sys -- (WpdUsb)
DRV - [2008/01/21 03:23:21 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\drmkaud.sys -- (drmkaud)
DRV - [2008/01/21 03:23:20 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\uliahci.sys -- (uliahci)
DRV - [2008/01/21 03:23:20 | 000,105,016 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\mpio.sys -- (mpio)
DRV - [2008/01/21 03:23:20 | 000,092,160 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\bthpan.sys -- (BthPan)
DRV - [2008/01/21 03:23:20 | 000,073,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbccgp.sys -- (usbccgp)
DRV - [2008/01/21 03:23:20 | 000,055,352 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\disk.sys -- (disk)
DRV - [2008/01/21 03:23:20 | 000,054,784 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\i8042prt.sys -- (i8042prt)
DRV - [2008/01/21 03:23:20 | 000,034,360 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\mouclass.sys -- (mouclass)
DRV - [2008/01/21 03:23:20 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\fdc.sys -- (fdc)
DRV - [2008/01/21 03:23:20 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\flpydisk.sys -- (flpydisk)
DRV - [2008/01/21 03:23:20 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sermouse.sys -- (sermouse)
DRV - [2008/01/21 03:23:20 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mouhid.sys -- (mouhid)
DRV - [2008/01/21 03:23:03 | 000,194,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbhub.sys -- (usbhub)
DRV - [2008/01/21 03:23:03 | 000,049,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rfcomm.sys -- (RFCOMM)
DRV - [2008/01/21 03:23:03 | 000,039,424 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbehci.sys -- (usbehci)
DRV - [2008/01/21 03:23:03 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbuhci.sys -- (usbuhci)
DRV - [2008/01/21 03:23:03 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Dot4Prt.sys -- (Dot4Print)
DRV - [2008/01/21 03:23:02 | 000,067,072 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\cdrom.sys -- (cdrom)
DRV - [2008/01/21 03:23:02 | 000,030,264 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\i2omp.sys -- (i2omp)
DRV - [2008/01/21 03:23:02 | 000,026,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vgapnp.sys -- (vga)
DRV - [2008/01/21 03:23:01 | 000,248,832 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\rdpdr.sys -- (rdpdr)
DRV - [2008/01/21 03:23:01 | 000,181,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\msiscsi.sys -- (iScsiPrt)
DRV - [2008/01/21 03:23:01 | 000,151,096 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\pci.sys -- (pci)
DRV - [2008/01/21 03:23:01 | 000,131,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Dot4.sys -- (Dot4)
DRV - [2008/01/21 03:23:01 | 000,109,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NV_AGP.SYS -- (nv_agp)
DRV - [2008/01/21 03:23:01 | 000,060,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ULIAGPKX.SYS -- (uliagpkx)
DRV - [2008/01/21 03:23:01 | 000,057,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AMDAGP.SYS -- (amdagp)
DRV - [2008/01/21 03:23:01 | 000,056,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VIAAGP.SYS -- (viaagp)
DRV - [2008/01/21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AGP440.sys -- (agp440)
DRV - [2008/01/21 03:23:01 | 000,055,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SISAGP.SYS -- (sisagp)
DRV - [2008/01/21 03:23:01 | 000,054,328 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\termdd.sys -- (TermDD)
DRV - [2008/01/21 03:23:01 | 000,052,792 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\volmgr.sys -- (volmgr)
DRV - [2008/01/21 03:23:01 | 000,049,720 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\isapnp.sys -- (isapnp)
DRV - [2008/01/21 03:23:01 | 000,045,568 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2008/01/21 03:23:01 | 000,036,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Dot4usb.sys -- (dot4usb)
DRV - [2008/01/21 03:23:01 | 000,031,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mssmbios.sys -- (mssmbios)
DRV - [2008/01/21 03:23:01 | 000,016,440 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\msisadrv.sys -- (msisadrv)
DRV - [2008/01/21 03:23:01 | 000,015,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\swenum.sys -- (swenum)
DRV - [2008/01/21 03:23:00 | 000,266,808 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\acpi.sys -- (ACPI)
DRV - [2008/01/21 03:23:00 | 000,044,032 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\amdk8.sys -- (AmdK8)
DRV - [2008/01/21 03:23:00 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\viac7.sys -- (ViaC7)
DRV - [2008/01/21 03:23:00 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\intelppm.sys -- (intelppm)
DRV - [2008/01/21 03:23:00 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\amdk7.sys -- (AmdK7)
DRV - [2008/01/21 03:23:00 | 000,040,960 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\processr.sys -- (Processor)
DRV - [2008/01/21 03:23:00 | 000,040,960 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\crusoe.sys -- (Crusoe)
DRV - [2008/01/21 03:23:00 | 000,028,728 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\msahci.sys -- (msahci)
DRV - [2008/01/21 03:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\atapi.sys -- (atapi)
DRV - [2008/01/21 03:23:00 | 000,020,792 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\compbatt.sys -- (Compbatt)
DRV - [2008/01/21 03:23:00 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\viaide.sys -- (viaide)
DRV - [2008/01/21 03:23:00 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\cmdide.sys -- (cmdide)
DRV - [2008/01/21 03:23:00 | 000,017,976 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\intelide.sys -- (intelide)
DRV - [2008/01/21 03:23:00 | 000,017,976 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\amdide.sys -- (amdide)
DRV - [2008/01/21 03:23:00 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\aliide.sys -- (aliide)
DRV - [2008/01/21 03:23:00 | 000,016,440 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\pciide.sys -- (pciide)
DRV - [2008/01/21 03:23:00 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wmiacpi.sys -- (WmiAcpi)
DRV - [2008/01/21 03:23:00 | 000,006,656 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\errdev.sys -- (ErrDev)
DRV - [2008/01/18 04:31:26 | 000,196,784 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP)
DRV - [2008/01/08 20:10:32 | 002,554,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32)
DRV - [2007/12/19 01:12:12 | 000,054,784 | ---- | M] (ITE Tech. Inc. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\itecir.sys -- (itecir)
DRV - [2007/09/29 22:03:12 | 000,308,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\iaStor.sys -- (iaStor)
DRV - [2007/08/08 13:07:42 | 000,101,504 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2007/01/26 07:32:18 | 000,069,632 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\int15.sys -- (int15)
DRV - [2006/11/02 14:29:36 | 000,021,264 | ---- | M] (Dritek System Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\DKbFltr.sys -- (DKbFltr)
DRV - [2006/11/02 14:27:34 | 000,020,112 | ---- | M] (Dritek System Inc.) [Kernel | System | Running] -- C:\Program Files\Launch Manager\DPortIO.sys -- (DritekPortIO)
DRV - [2006/11/02 10:51:12 | 000,167,528 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\pcmcia.sys -- (pcmcia)
DRV - [2006/11/02 10:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 10:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 10:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 10:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 10:50:16 | 000,076,392 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sbp2port.sys -- (sbp2port)
DRV - [2006/11/02 10:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 10:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 10:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 10:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 10:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 10:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\Mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 10:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 10:04:35 | 000,878,080 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\PEAuth.sys -- (PEAUTH)
DRV - [2006/11/02 09:55:23 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\bthmodem.sys -- (BTHMODEM)
DRV - [2006/11/02 09:55:22 | 000,029,184 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\hidbth.sys -- (HidBth)
DRV - [2006/11/02 09:55:16 | 000,062,080 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\ohci1394.sys -- (ohci1394)
DRV - [2006/11/02 09:55:09 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\usbcir.sys -- (usbcir)
DRV - [2006/11/02 09:55:05 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\usbohci.sys -- (usbohci)
DRV - [2006/11/02 09:52:52 | 000,020,608 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\wacompen.sys -- (WacomPen)
DRV - [2006/11/02 09:51:40 | 000,013,312 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sfloppy.sys -- (sfloppy)
DRV - [2006/11/02 09:51:30 | 000,083,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\serial.sys -- (Serial)
DRV - [2006/11/02 09:51:30 | 000,079,360 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\parport.sys -- (Parport)
DRV - [2006/11/02 09:51:25 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\serenum.sys -- (Serenum)
DRV - [2006/11/02 09:51:23 | 000,008,704 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\parvdm.sys -- (Parvdm)
DRV - [2006/11/02 09:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\BrSerId.sys -- (Brserid)
DRV - [2006/11/02 09:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BrUsbSer.sys -- (BrUsbSer)
DRV - [2006/11/02 09:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BrFiltUp.sys -- (BrFiltUp)
DRV - [2006/11/02 09:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BrFiltLo.sys -- (BrFiltLo)
DRV - [2006/11/02 09:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\BrSerWdm.sys -- (BrSerWdm)
DRV - [2006/11/02 09:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\BrUsbMdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 08:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006/11/02 08:36:49 | 000,235,520 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\HdAudio.sys -- (HdAudAddService)
DRV - [2006/11/02 08:10:22 | 000,002,864 | ---- | M] (Microsoft Corporation) [Adapter | On_Demand | Unknown] -- C:\Windows\System32\WINSOCK.DLL -- (Winsock)
DRV - [2006/11/02 07:37:21 | 000,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\secdrv.sys -- (secdrv)
 
 
========== Standard Registry (All) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =  [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://en.uk.acer.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://global.acer.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}: "URL" = http://uk.search.yahoo.com/search?p={searchTerms}&fr=chr-acer
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.update: false
FF - prefs.js..extensions.enabledAddons: en-GB%40dictionaries.addons.mozilla.org:1.19.1
FF - prefs.js..extensions.enabledAddons: %7Bb749fc7c-e949-447f-926c-3f4eed6accfe%7D:0.7.1.1
FF - prefs.js..extensions.enabledAddons: %7B3d7eb24f-2740-49df-8937-200b1cc08f8a%7D:1.5.17
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Mike\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Mike\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2011/02/07 02:25:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/10/30 09:33:55 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{57E72829-C158-4341-BBED-58F0AD1740FD}: C:\Program Files\Google\Google Photos Screensaver\FF_ext [2009/08/01 20:22:57 | 000,000,000 | ---D | M]
 
[2011/08/31 03:55:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mike\AppData\Roaming\Mozilla\Extensions
[2009/08/01 18:16:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mike\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2011/08/31 03:55:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mike\AppData\Roaming\Mozilla\Extensions\celtx@celtx.com
[2013/06/21 10:06:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\u9dlhr6r.default\extensions
[2013/06/21 10:06:44 | 000,000,000 | ---D | M] (Flashblock) -- C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\u9dlhr6r.default\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}
[2013/06/21 03:29:38 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\u9dlhr6r.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2011/03/28 06:20:18 | 000,000,000 | ---D | M] (British English Dictionary) -- C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\u9dlhr6r.default\extensions\en-GB@dictionaries.addons.mozilla.org
[2013/06/21 03:29:36 | 000,000,000 | ---D | M] (Ghostery) -- C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\u9dlhr6r.default\extensions\firefox@ghostery.com
[2012/07/13 23:29:15 | 000,061,705 | ---- | M] () (No name found) -- C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\u9dlhr6r.default\extensions\{b749fc7c-e949-447f-926c-3f4eed6accfe}.xpi
[2013/06/21 03:29:39 | 000,870,680 | ---- | M] () (No name found) -- C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\u9dlhr6r.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013/06/20 14:00:32 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013/06/20 14:00:32 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2006/10/26 20:12:16 | 000,016,192 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL
[2011/04/27 09:20:33 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin.dll
[2011/04/27 09:20:33 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll
[2011/04/27 09:20:34 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll
[2011/04/27 09:20:34 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll
[2011/04/27 09:20:34 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll
[2011/04/27 09:20:34 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll
[2011/04/27 09:20:34 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll
[2012/05/23 04:43:43 | 000,002,127 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\blekkotb.xml
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - homepage: http://www.google.co.uk/
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Mike\AppData\Local\Google\Chrome\Application\27.0.1453.110\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Mike\AppData\Local\Google\Chrome\Application\27.0.1453.110\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Mike\AppData\Local\Google\Chrome\Application\27.0.1453.110\pdf.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll
CHR - plugin: Java™ Platform SE 7 U9 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Mike\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Java Deployment Toolkit 7.0.90.5 (Enabled) = C:\Windows\system32\npDeployJava1.dll
CHR - Extension: YouTube = C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Chrome YouTube Downloader = C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbdjiinahkdjdcdlgfimlcolkjpbooja\2.6.15_0\
CHR - Extension: Adblock Plus = C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.4.1_0\
CHR - Extension: Google Search = C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Empty New Tab Page = C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpjamkmjmigaoobjbekmfgabipmfilij\1.1.1_0\
CHR - Extension: FlashBlock = C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\gofhjkjmkpinhpoiabjplobcaignabnl\0.9.31\
CHR - Extension: Late Night = C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgbdhkpacgdhfabeceekiafonfkipohm\1.0\
CHR - Extension: Gmail = C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
 
O1 HOSTS File: ([2012/05/23 22:01:03 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (ShowBarObj Class) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll (Egis)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [eAudio] C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe (Acer Incorporated)
O4 - HKLM..\Run: [eDataSecurity Loader] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe (Egis Incorporated)
O4 - HKLM..\Run: [ePower_DMC] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe (Acer Inc.)
O4 - HKLM..\Run: [eRecoveryService]  File not found
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [ZPdtWzdVitaKey MC3000] C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe (Arachnoid Biometrics Identification Group Corp.)
O4 - HKCU..\Run: [Google Update] C:\Users\Mike\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe ()
O9 - Extra 'Tools' menuitem : Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe ()
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\System32\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\System32\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\System32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\System32\wshbth.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FC0BE569-7716-4E7D-91A2-01A67BE5DE6F}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\Windows\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\Windows\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\AWinNotifyVitaKey MC3000: DllName - (C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll) - C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll (Arachnoid Biometrics Identification Group Corp.)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\System32\webcheck.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\Windows\System32\browseui.dll (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Mike\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Mike\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\System32\credssp.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\System32\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\System32\tspkg.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013/06/21 10:08:34 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Mike\Desktop\OTL.exe
[2013/06/21 00:53:16 | 002,347,384 | ---- | C] (ESET) -- C:\Users\Mike\Desktop\esetsmartinstaller_enu.exe
[2013/06/21 00:49:48 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2013/06/20 20:37:37 | 002,237,968 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Mike\Desktop\tdsskiller.exe
[2013/06/20 17:34:40 | 000,000,000 | ---D | C] -- C:\FRST
[2013/06/20 17:33:50 | 001,368,263 | ---- | C] (Farbar) -- C:\Users\Mike\Desktop\FRST.exe
[2013/06/20 17:33:31 | 000,000,000 | ---D | C] -- C:\Users\Mike\Desktop\Desktop
[2013/06/20 14:00:33 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2013/06/20 13:46:14 | 011,091,432 | ---- | C] (Microsoft Corporation) -- C:\Users\Mike\Desktop\mseinstall.exe
[2013/06/20 11:18:43 | 182,090,200 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Mike\Desktop\kav13.0.1.4190abcdefgEN_4539.exe
[2013/06/20 11:15:20 | 021,289,608 | ---- | C] (Mozilla) -- C:\Users\Mike\Desktop\Firefox Setup 21.0.exe
[2013/06/20 11:06:19 | 000,000,000 | ---D | C] -- C:\Users\Mike\Desktop\Mapkeyboard
[2013/06/20 10:35:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/06/20 10:35:04 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2013/06/20 10:35:03 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013/06/20 10:33:47 | 010,285,040 | ---- | C] (Malwarebytes Corporation                                    ) -- C:\Users\Mike\Desktop\mbam-setup-1.75.0.1300.exe
[2013/06/20 09:31:26 | 000,000,000 | -H-D | C] -- C:\Windows\PIF
[2013/06/18 21:23:37 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Roaming\Ificda
[2013/06/18 21:23:37 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Roaming\Idywar
[2013/06/18 21:23:37 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Roaming\Ceik
[2013/06/16 16:54:24 | 000,000,000 | ---D | C] -- C:\Users\Mike\Desktop\New Folder
[2013/06/09 12:58:17 | 000,000,000 | ---D | C] -- C:\Users\Mike\Desktop\slowdive - morningrise
[2013/05/31 08:45:42 | 000,000,000 | ---D | C] -- C:\Users\Mike\Desktop\Les_Miserables-Deluxe_Edition-OST-2CD-2013-MTD
[2013/05/22 21:10:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2009/08/01 19:59:37 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\Mike\AppData\Roaming\pcouffin.sys
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013/06/21 10:18:20 | 000,613,756 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/06/21 10:18:20 | 000,112,148 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/06/21 10:11:11 | 000,027,744 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2013/06/21 10:11:11 | 000,027,744 | ---- | M] () -- C:\ProgramData\nvModes.001
[2013/06/21 10:10:52 | 000,000,000 | ---- | M] () -- C:\Windows\System32\LogConfigTemp.xml
[2013/06/21 10:10:41 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013/06/21 10:10:41 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013/06/21 10:10:34 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/06/21 10:08:30 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Mike\Desktop\OTL.exe
[2013/06/21 02:37:07 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1454010757-150385511-3650685186-1000UA.job
[2013/06/21 00:53:20 | 002,347,384 | ---- | M] (ESET) -- C:\Users\Mike\Desktop\esetsmartinstaller_enu.exe
[2013/06/20 20:37:49 | 002,237,968 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Mike\Desktop\tdsskiller.exe
[2013/06/20 20:31:30 | 000,648,201 | ---- | M] () -- C:\Users\Mike\Desktop\AdwCleaner.exe
[2013/06/20 17:33:47 | 001,368,263 | ---- | M] (Farbar) -- C:\Users\Mike\Desktop\FRST.exe
[2013/06/20 13:46:21 | 011,091,432 | ---- | M] (Microsoft Corporation) -- C:\Users\Mike\Desktop\mseinstall.exe
[2013/06/20 11:20:38 | 182,090,200 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Mike\Desktop\kav13.0.1.4190abcdefgEN_4539.exe
[2013/06/20 11:15:30 | 021,289,608 | ---- | M] (Mozilla) -- C:\Users\Mike\Desktop\Firefox Setup 21.0.exe
[2013/06/20 10:35:05 | 000,000,910 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/06/20 10:33:52 | 010,285,040 | ---- | M] (Malwarebytes Corporation                                    ) -- C:\Users\Mike\Desktop\mbam-setup-1.75.0.1300.exe
[2013/06/20 10:08:48 | 000,001,356 | ---- | M] () -- C:\Users\Mike\AppData\Local\d3d9caps.dat
[2013/06/20 09:23:49 | 000,000,258 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2013/06/19 03:37:00 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1454010757-150385511-3650685186-1000Core.job
[2013/06/18 20:15:51 | 000,044,032 | ---- | M] () -- C:\Users\Mike\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/06/16 16:53:31 | 002,864,560 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013/06/13 17:10:53 | 000,002,935 | ---- | M] () -- C:\Users\Mike\Documents\UserPreferences.ini
[2013/06/04 08:02:19 | 002,434,744 | ---- | M] () -- C:\Users\Mike\Desktop\20506_Emma1_123_478lo.jpg
[2013/05/29 13:53:07 | 000,000,881 | ---- | M] () -- C:\Users\Mike\Desktop\VLC.lnk
[2013/05/24 04:53:51 | 000,000,510 | ---- | M] () -- C:\Windows\WORDPAD.INI
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013/06/20 20:31:08 | 000,648,201 | ---- | C] () -- C:\Users\Mike\Desktop\AdwCleaner.exe
[2013/06/20 20:28:50 | 000,027,744 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2013/06/20 10:35:05 | 000,000,910 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/06/04 08:02:19 | 002,434,744 | ---- | C] () -- C:\Users\Mike\Desktop\20506_Emma1_123_478lo.jpg
[2013/05/30 20:55:20 | 000,002,935 | ---- | C] () -- C:\Users\Mike\Documents\UserPreferences.ini
[2013/05/29 13:53:07 | 000,000,881 | ---- | C] () -- C:\Users\Mike\Desktop\VLC.lnk
[2012/12/25 13:59:35 | 000,135,229 | ---- | C] () -- C:\Windows\hpoins36.dat
[2012/12/25 13:59:35 | 000,000,578 | ---- | C] () -- C:\Windows\hpomdl36.dat
[2012/10/07 18:32:50 | 002,864,560 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/05/23 05:57:56 | 000,027,744 | ---- | C] () -- C:\ProgramData\nvModes.001
[2011/03/13 21:54:16 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2011/03/13 07:21:13 | 000,000,024 | ---- | C] () -- C:\Users\Mike\AppData\Roaming\Final Draft Tagger Preferences
[2010/09/19 13:07:00 | 000,000,092 | ---- | C] () -- C:\Users\Mike\AppData\Local\fusioncache.dat
[2010/07/08 07:55:58 | 000,000,026 | ---- | C] () -- C:\ProgramData\.811261211181235583101118113995
[2010/04/11 00:11:54 | 000,000,090 | ---- | C] () -- C:\Users\Mike\cvdm.err
[2010/03/09 22:57:35 | 000,027,503 | ---- | C] () -- C:\Users\Mike\AppData\Roaming\UserTile.png
[2009/08/01 19:59:37 | 000,007,887 | ---- | C] () -- C:\Users\Mike\AppData\Roaming\pcouffin.cat
[2009/08/01 19:59:37 | 000,001,144 | ---- | C] () -- C:\Users\Mike\AppData\Roaming\pcouffin.inf
[2009/08/01 19:33:56 | 000,001,356 | ---- | C] () -- C:\Users\Mike\AppData\Local\d3d9caps.dat
[2009/08/01 19:26:53 | 000,044,032 | ---- | C] () -- C:\Users\Mike\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
 
========== ZeroAccess Check ==========
 
[2006/11/02 13:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
"ThreadingModel" = Both
"" = %SystemRoot%\system32\shell32.dll -- [2011/01/21 16:46:32 | 011,582,464 | ---- | M] (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2011/01/21 16:46:32 | 011,582,464 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/03/03 05:36:24 | 000,615,424 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008/01/21 03:24:03 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 127 bytes -> C:\ProgramData\Temp:4F636E25
@Alternate Data Stream - 101 bytes -> C:\ProgramData\Temp:2B99FE60

< End of report >
 


Here is the Extras.txt (I am unable to attach it)

 

 

 

OTL Extras logfile created on: 21/06/2013 10:15:02 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Mike\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
 
3.00 Gb Total Physical Memory | 1.72 Gb Available Physical Memory | 57.38% Memory free
6.19 Gb Paging File | 4.88 Gb Available in Paging File | 78.81% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 144.04 Gb Total Space | 1.96 Gb Free Space | 1.36% Space Free | Partition Type: NTFS
Drive D: | 140.50 Gb Total Space | 5.15 Gb Free Space | 3.67% Space Free | Partition Type: NTFS
 
Computer Name: SETHLAPTOP | User Name: Mike | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
"UpdatesDisableNotify" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-1454010757-150385511-3650685186-1000]
"EnableNotifications" = 0
"EnableNotificationsRef" = 1
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0046FA01-C5B9-4985-BACB-398DC480FC05}" = Adobe Photoshop CS3
"{00C62B23-9336-4AF2-8DD4-BBDBE599DD76}" = Google Photos Screensaver
"{0224CACC-994D-45F8-B973-D65056EA9C2F}" = Adobe XMP DVA Panels CS3
"{047F790A-7A2A-4B6A-AD02-38092BA63DAC}" = Acer VCM
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{0F6F6876-6334-4977-B5DD-CFC12E193420}" = iTunes
"{0F842B77-56EA-4AAF-8295-81A022350B5E}" = Microsoft Security Client
"{11316260-6666-467B-AC34-183FCB5D4335}" = Acer Mobility Center Plug-In
"{13D85C14-2B85-419F-AC41-C7F21E68B25D}" = Acer eSettings Management
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{1CA3A991-B03D-4C92-9922-315E5434E87B}" = PS_AIO_05_C4600_Software_Min
"{1E1746EF-F5BF-4677-8F30-04FE399130DA}" = HP Photosmart C4600 All-In-One Driver 14.0 Rel. 5
"{254BEB3E-1085-4D66-9CDC-0152C0DC2E93}" = EPSON TWAIN 5
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron JMB38X Flash Media Controller
"{26A24AE4-039D-4CA4-87B4-2F83217009FF}" = Java 7 Update 9
"{292F0F52-B62D-4E71-921B-89A682402201}" = Toolbox
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = CyberLink PowerDVD 8
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.® AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver
"{35C0A1E4-D02A-412C-841F-266DBB116ABB}" = Intel® PROSet/Wireless WiFi Software
"{459699C3-9430-4381-964B-4248D87B49F9}" = Apple Mobile Device Support
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{50F102CA-4BE2-41A9-9810-5BB05EB91B9A}" = Adobe Premiere Pro CS3 Functional Content
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{567E8236-C414-4888-8211-3D61608D57AE}" = Validity Sensors software
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57265292-228A-41FA-9AEC-4620CBCC2739}" = Acer eAudio Management
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{58DCEEE5-532E-44F4-B1D7-A146EF9E9FDA}" = Adobe Premiere Pro CS3
"{58E5844B-7CE2-413D-83D1-99294BF6C74F}" = Acer ePower Management
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{76C24F39-B161-498F-BD8B-C64789812D13}_is1" = ConvertXtoDVD 3.7.3.190b
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7C3C895B-AE02-4F30-8A6A-051D37A38DD0}" = Final Draft
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111118433}" = Mystery Case Files - Huntsville
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{8F1B6239-FEA0-450A-A950-B05276CE177C}" = Acer Empowering Technology
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D}" = 32 Bit HP CIO Components Installer
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{99011A6E-5200-11DE-BDB8-7ACD56D89593}" = Rosetta Stone Version 3
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A5633652-3795-4829-BB0B-644F0279E279}" = Acer eDataSecurity Management
"{A77255C4-AFCB-44A3-BF0F-2091A71FFD9E}" = Acer Crystal Eye Webcam 2.0.5
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-7AD7-1033-7B44-A81200000003}" = Adobe Reader 8.1.2
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BB81360F-041C-4CF7-B15E-71380D154244}" = Adobe Setup
"{C0E8FE43-C35B-451D-B35F-D4BD056D70E7}" = Camtasia Studio 7
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CCE825DB-347A-4004-A186-5F4A6FDD8547}" = Apple Application Support
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe  1.4.142.1
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D1BB4446-AE9C-4256-9A7F-4D46604D2462}" = Adobe Setup
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D5A31AB1-345D-47C7-A87B-036A669F6DF1}" = Adobe XMP Panels CS3
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FCED9B62-34FF-4C15-8A23-F65221F7874D}" = ITECIR Driver
"4f6dcc3b-179d-4b1b-80f0-b6083a0b3ce6_is1" = The Lord of the Rings Online™: Siege of Mirkwood™ v03.00.05.801
"7-Zip" = 7-Zip 9.07 beta
"8461-7759-5462-8226" = Vuze
"Acer Acer Bio Protection 6.0.00.08" = Acer Bio Protection

AAV 6.0.00.08
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Adobe_2ac78060bc5856b0c1cf873bb919b58" = Adobe Photoshop CS3
"Adobe_32fdd767b4383606e8168e834af5d90" = Adobe Premiere Pro CS3
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"ASIO4ALL" = ASIO4ALL
"Audacity_is1" = Audacity 1.2.6
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.3
"AVS4YOU Video Converter 6_is1" = AVS Video Converter 6
"FileZilla Client" = FileZilla Client 3.2.6.1
"FL Studio 9" = FL Studio 9
"GridVista" = Acer GridVista
"Hardcore" = Hardcore
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = CyberLink PowerDVD 8
"InvelosDVDProfiler_is1" = DVD Profiler Version 3.7.2
"JDownloader" = JDownloader
"KLiteCodecPack_is1" = K-Lite Codec Pack 5.0.0 (Full)
"LastFM_is1" = Last.fm Scrobbler 2.1.30
"Legend of Zelda, The Ocarina of Time 1.10" = Legend of Zelda, The Ocarina of Time 1.10
"Levelator_is1" = Levelator
"LManager" = Launch Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft Security Client" = Microsoft Security Essentials
"Mozilla Firefox 21.0 (x86 en-US)" = Mozilla Firefox 21.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Mp3tag" = Mp3tag v2.51
"My Screen Recorder Pro_is1" = My Screen Recorder Pro 2.3
"NVIDIA Drivers" = NVIDIA Drivers
"Piano Chord Helper_is1" = Piano Chord Helper 4.3
"Picasa 3" = Picasa 3
"PoiZone" = PoiZone
"ProInst" = Intel PROSet Wireless
"Sawer" = Sawer
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Toxic Biohazard" = Toxic Biohazard
"VLC media player" = VLC media player 1.0.1
"Winamp" = Winamp
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"WinRAR archiver" = WinRAR archiver
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"Google Chrome" = Google Chrome
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 20/06/2013 15:36:31 | Computer Name = SethLaptop | Source = WinMgmt | ID = 10
Description =
 
Error - 20/06/2013 15:43:27 | Computer Name = SethLaptop | Source = WinMgmt | ID = 10
Description =
 
Error - 20/06/2013 16:00:27 | Computer Name = SethLaptop | Source = EventSystem | ID = 4609
Description =
 
Error - 20/06/2013 16:00:35 | Computer Name = SethLaptop | Source = WinMgmt | ID = 10
Description =
 
Error - 20/06/2013 19:45:10 | Computer Name = SethLaptop | Source = WinMgmt | ID = 10
Description =
 
Error - 20/06/2013 19:46:57 | Computer Name = SethLaptop | Source = WinMgmt | ID = 10
Description =
 
Error - 21/06/2013 05:05:02 | Computer Name = SethLaptop | Source = WinMgmt | ID = 10
Description =
 
Error - 21/06/2013 05:06:31 | Computer Name = SethLaptop | Source = EventSystem | ID = 4609
Description =
 
Error - 21/06/2013 05:06:41 | Computer Name = SethLaptop | Source = WinMgmt | ID = 10
Description =
 
Error - 21/06/2013 05:10:47 | Computer Name = SethLaptop | Source = WinMgmt | ID = 10
Description =
 
[ System Events ]
Error - 21/06/2013 05:06:41 | Computer Name = SethLaptop | Source = Service Control Manager | ID = 7001
Description =
 
Error - 21/06/2013 05:06:41 | Computer Name = SethLaptop | Source = Service Control Manager | ID = 7003
Description =
 
Error - 21/06/2013 05:06:41 | Computer Name = SethLaptop | Source = Service Control Manager | ID = 7003
Description =
 
Error - 21/06/2013 05:06:41 | Computer Name = SethLaptop | Source = Service Control Manager | ID = 7026
Description =
 
Error - 21/06/2013 05:10:37 | Computer Name = SethLaptop | Source = HTTP | ID = 15016
Description =
 
Error - 21/06/2013 05:10:47 | Computer Name = SethLaptop | Source = Service Control Manager | ID = 7023
Description =
 
Error - 21/06/2013 05:10:47 | Computer Name = SethLaptop | Source = Service Control Manager | ID = 7003
Description =
 
Error - 21/06/2013 05:10:47 | Computer Name = SethLaptop | Source = Service Control Manager | ID = 7003
Description =
 
Error - 21/06/2013 05:10:47 | Computer Name = SethLaptop | Source = Service Control Manager | ID = 7026
Description =
 
Error - 21/06/2013 05:23:21 | Computer Name = SethLaptop | Source = Microsoft Antimalware | ID = 2001
Description = %%860 has encountered an error trying to update signatures.     New Signature
 Version:      Previous Signature Version: 1.153.188.0     Update Source: %%859     Update Stage:
 %%852     Source Path: http://www.microsoft.com     Signature Type: %%800     Update Type: %%803

    User:
 NT AUTHORITY\SYSTEM     Current Engine Version:      Previous Engine Version: 1.1.9607.0     Error
 code: 0x8024402c     Error description: An unexpected problem occurred while checking
 for updates. For information on installing or troubleshooting updates, see Help
 and Support.
 
 
< End of report >
 






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users