Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Desktop Working Too Hard


  • Please log in to reply
13 replies to this topic

#1 Ette

Ette

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:03:22 AM

Posted 29 November 2013 - 04:42 PM

After my laptop was unused for a year or better, I attempted to install anti virus software.  I received a message that the Base Filtering Service (BFE) is not running.  When I tried to enable the BFE, I could not locate the BFE in the registry.  I tried to turn on Windows firewall and got a message, Windows Firewall was unable to make the requested updates.  I could not locate Windows Firewall in the registry.  I cannot locate an original or a created Windows installation disc.

 

The laptop has a few hiccups here and there.  The computer is slow.  A large amount of unknown items are running in Task Manager Processes.  Url addresses sometimes get typed in from right to left rather than left to right. So, I must position the cursor to type the words correctly.

 

I am running Windows Vista on a 32 bit system.

 

Your help is must appreciated.



BC AdBot (Login to Remove)

 


#2 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,708 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:01:22 AM

Posted 29 November 2013 - 07:57 PM

Welcome aboard p22002758.gif

 

p22002970.gif Download Security Check from here or here and save it to your Desktop.

  • Double-click SecurityCheck.exe
  • Follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.
NOTE 2 SecurityCheck may produce some false warning(s), so leave the results reading to me.

p22002970.gif Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.


p22002970.gif Please download MiniToolBox and run it.

Checkmark following boxes:
  • Report IE Proxy Settings
  • Report FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices (do NOT change any settings here)
  • List Users, Partitions and Memory size

Click Go and post the result.

p22002970.gif Download Malwarebytes' Anti-Malware (aka MBAM): https://www.bleepingcomputer.com/download/malwarebytes-anti-malware/ to your desktop.

* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad.
* Post the log back here.

Be sure to restart the computer.

The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt

p22002970.gifDownload Malwarebytes Anti-Rootkit from HERE to your Desktop.
  • Unzip downloaded file.
  • Open the folder where the contents were unzipped and run mbar.exe
  • Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
  • DO NOT click on the Cleanup button. Simply exit the program.
  • When done, please post the two logs produced they will be in the MBAR folder..... mbar-log-xxxxx.txt and system-log.txt


p22002970.gif Please download Rkill (courtesy of BleepingComputer.com) to your desktop.
There are 2 different versions. If one of them won't run then download and try to run the other one.
You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

rKill.exe: http://www.bleepingcomputer.com/download/rkill/dl/10/
iExplore.exe (renamed rKill.exe): http://www.bleepingcomputer.com/download/rkill/dl/11/

  • Double-click on the Rkill desktop icon to run the tool.
  • If using Vista or Windows 7 right-click on it and choose Run As Administrator.
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the one provided in Link 2.
  • Do not reboot until instructed.
  • If the tool does not run from any of the links provided, please let me know.


If normal mode still doesn't work, run the tool from safe mode.

When the scan is done Notepad will open with rKill log.
Post it in your next reply.

NOTE. rKill.txt log will also be present on your desktop.

NOTE Do NOT wrap your logs in "quote" or "code" brackets.


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#3 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,607 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:01:22 AM

Posted 01 December 2013 - 10:16 AM

Did you look here... HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE


Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#4 Ette

Ette
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:03:22 AM

Posted 01 December 2013 - 10:28 AM

After my laptop was unused for a year or better, I attempted to install anti virus software.  I received a message that the Base Filtering Service (BFE) is not running.  When I tried to enable the BFE, I could not locate the BFE in the registry.  I tried to turn on Windows firewall and got a message, Windows Firewall was unable to make the requested updates.  I could not locate Windows Firewall in the registry.  I cannot locate an original or a created Windows installation disc.

 

The laptop has a some hiccups here and there.  The computer is slow.  A large amount of unknown items are running in Task Manager Processes.  On the internet, when I type in url addresses, the address sometimes get typed in from right to left rather than left to right. So, I must position the cursor to type each letter of the words correctly.  Where selection is an option, without clicking the mouse, an item will get selected when the cursor passes over it and cannot always be unselected.

 

I am running Windows Vista on a 32 bit system.

 

Your help is much appreciated.

.

Moderator Edit: Merged two other posts into this one.

Roger


Edited by rotor123, 01 December 2013 - 02:22 PM.


#5 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,708 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:01:22 AM

Posted 01 December 2013 - 04:45 PM

Go ahead with my reply #3.


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#6 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,708 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:01:22 AM

Posted 03 December 2013 - 03:38 PM

PLEASE NOTE:  Following are the logs from my Desktop, Not the Laptop:

 

I'm confused. I though you have problems with your laptop.


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#7 Ette

Ette
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:03:22 AM

Posted 04 December 2013 - 05:01 AM

I too am confused.  It appears that Bleeping Computer Moderator, Roger, merged my other posts with this one. 

 

Under the "Am I Infected" forum, I discussed the problems with my desktop (working too hard--high cpu usage and very slow). 

 

Under the "Windows Vista" forum, I discussed problems with my laptop (no BFE, no windows firewall, no computer security, other hiccups).  Seeing no immediate reply and after a second thought, I re-posted the problems with my laptop under the "Am I Infected" forum, but under a separate and different topic title.

 

I thought you responded to my Desktop problems.  Later, I realized that the moderator had merged my posts.

 

Any advice on what to do next with the Desktop?  What advice do you have for the Laptop?

 

Thank you for your help.



#8 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,708 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:01:22 AM

Posted 04 December 2013 - 11:45 AM

OK, post all logs for LAPTOP here and when we're done we'll deal with desktop.


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#9 Ette

Ette
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:03:22 AM

Posted 11 December 2013 - 10:44 AM

Logs from laptop are posted below.  Thank you.

 

Security Check

Results of screen317's Security Check version 0.99.77  
 Windows Vista  x86 (UAC is disabled!)  
 Out of date service pack!!
 Internet Explorer 7 Out of date!
``````````````Antivirus/Firewall Check:``````````````
 WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
 Out of date HijackThis  installed!
 Spybot - Search & Destroy
 HijackThis 2.0.2    
 Java™ 6 Update 4  
 Java version out of Date!
 Adobe Flash Player     11.9.900.117  
 Adobe Reader 8 Adobe Reader out of Date!
 Mozilla Firefox (25.0.1)
````````Process Check: objlist.exe by Laurent````````  
 Microsoft Security Essentials MSMpEng.exe
 Microsoft Security Essentials msseces.exe
 Spybot Teatimer.exe is disabled!
 Empowering Technology eSettings Service capuserv.exe
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 7 % Defragment your hard drive soon! (Do NOT defrag if SSD!)
````````````````````End of Log``````````````````````
 

Farbar Service Scanner

Farbar Service Scanner Version: 23-11-2013
Ran by User (administrator) on 10-12-2013 at 20:45:54
Running from "C:\Users\User\Desktop\Bleeping Computer - Laptop"
Microsoft® Windows Vista™ Home Premium   (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.

MpsSvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking LEGACY_MpsSvc: ATTENTION!=====> Unable to open LEGACY_MpsSvc\0000 registry key. The key does not exist.

bfe Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking LEGACY_bfe: ATTENTION!=====> Unable to open LEGACY_bfe\0000 registry key. The key does not exist.


Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Security Center Notification Icon =====> Unable to open HKLM\...\ShellServiceObjects\{FD6905CE-952F-41F1-9A6F-135D9C6622CC} key. The key does not exist.


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcsvc.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll
[2007-08-12 23:14] - [2007-08-12 23:14] - 0265912 ____A (Microsoft Corporation) 0D5AD0E71FF5DDAC5DD2F443B499ABD0

C:\Windows\system32\ipnathlp.dll => MD5 is legit
C:\Windows\system32\iphlpsvc.dll
[2010-04-14 01:13] - [2010-02-18 09:19] - 0179712 ____A (Microsoft Corporation) ECC9AD72CFC4AB41CF6A9BCC11F9FEF6

C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****

 

MiniToolBox

MiniToolBox by Farbar  Version: 13-07-2013
Ran by User (administrator) on 10-12-2013 at 21:02:50
Running from "C:\Users\User\Desktop\Bleeping Computer - Laptop"
Microsoft® Windows Vista™ Home Premium   (X86)
Boot Mode: Normal
***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

========================= FF Proxy Settings: ==============================

========================= Hosts content: =================================

127.0.0.1       localhost

========================= IP Configuration: ================================

Medialink MWN-USB150N = Wireless Network Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set interface luid=loopback_0 forwarding=disabled advertise=disabled mtu=0 metric=0 metric=0 nud=disabled basereachabletime=0 retransmittime=0 routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled
set interface luid=ethernet_1 forwarding=disabled advertise=disabled mtu=1300 metric=0 metric=0 nud=disabled basereachabletime=0 retransmittime=0 routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled
set interface luid=ethernet_2 forwarding=disabled advertise=disabled mtu=0 metric=0 metric=0 nud=disabled basereachabletime=0 retransmittime=0 routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled
set interface luid=ethernet_4 forwarding=disabled advertise=disabled mtu=1300 metric=0 metric=0 nud=disabled basereachabletime=0 retransmittime=0 routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled
set interface luid=wireless_0 forwarding=disabled advertise=disabled mtu=1300 metric=0 metric=0 nud=disabled basereachabletime=0 retransmittime=0 routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled
set interface luid=ethernet_6 forwarding=disabled advertise=disabled mtu=1300 metric=0 metric=0 nud=disabled basereachabletime=0 retransmittime=0 routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled
set interface luid=ethernet_14 forwarding=disabled advertise=disabled mtu=0 metric=0 metric=0 nud=disabled basereachabletime=0 retransmittime=0 routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled
set interface luid=ethernet_15 forwarding=disabled advertise=disabled mtu=0 metric=0 metric=0 nud=disabled basereachabletime=0 retransmittime=0 routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled
set interface luid=ethernet_17 forwarding=disabled advertise=disabled mtu=0 metric=0 metric=0 nud=disabled basereachabletime=0 retransmittime=0 routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled
set interface luid=ethernet_20 forwarding=disabled advertise=disabled mtu=0 metric=0 metric=0 nud=disabled basereachabletime=0 retransmittime=0 routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled
set interface luid=ethernet_18 forwarding=disabled advertise=disabled mtu=0 metric=0 metric=0 nud=disabled basereachabletime=0 retransmittime=0 routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled
set interface luid=ethernet_19 forwarding=disabled advertise=disabled mtu=0 metric=0 metric=0 nud=disabled basereachabletime=0 retransmittime=0 routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled
set interface luid=ppp_3 forwarding=disabled advertise=disabled mtu=0 metric=0 metric=0 nud=disabled basereachabletime=0 retransmittime=0 routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled
set interface luid=wireless_1 forwarding=disabled advertise=disabled mtu=0 metric=0 metric=0 nud=disabled basereachabletime=0 retransmittime=0 routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : User-PC
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : home

Wireless LAN adapter Wireless Network Connection:

   Connection-specific DNS Suffix  . : home
   Description . . . . . . . . . . . : Medialink MWN-USB150N
   Physical Address. . . . . . . . . : 14-35-8B-0B-82-AA
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::219d:c33f:201a:6f88%67(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.4(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Tuesday, December 10, 2013 8:35:01 PM
   Lease Expires . . . . . . . . . . : Tuesday, December 17, 2013 8:42:34 PM
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 1125397899
   DNS Servers . . . . . . . . . . . : 192.168.1.1
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Local Area Connection* 7:

   Connection-specific DNS Suffix  . : home
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::5efe:192.168.1.4%71(Preferred)
   Default Gateway . . . . . . . . . :
   DNS Servers . . . . . . . . . . . : 192.168.1.1
   NetBIOS over Tcpip. . . . . . . . : Disabled
Server:  verizon.home
Address:  192.168.1.1:53

Name:    google.com
Addresses:  74.125.228.70, 74.125.228.64, 74.125.228.78, 74.125.228.66
      74.125.228.68, 74.125.228.67, 74.125.228.65, 74.125.228.71, 74.125.228.72
      74.125.228.73, 74.125.228.69



Pinging google.com [74.125.228.5] with 32 bytes of data:



Reply from 74.125.228.5: bytes=32 time=38ms TTL=57

Reply from 74.125.228.5: bytes=32 time=43ms TTL=57



Ping statistics for 74.125.228.5:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 38ms, Maximum = 43ms, Average = 40ms

Server:  verizon.home
Address:  192.168.1.1:53

Name:    yahoo.com
Addresses:  98.138.253.109, 206.190.36.45, 98.139.183.24



Pinging yahoo.com [206.190.36.45] with 32 bytes of data:



Reply from 206.190.36.45: bytes=32 time=128ms TTL=49

Reply from 206.190.36.45: bytes=32 time=171ms TTL=49



Ping statistics for 206.190.36.45:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 128ms, Maximum = 171ms, Average = 149ms



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
 67 ...14 35 8b 0b 82 aa ...... Medialink MWN-USB150N
  1 ........................... Software Loopback Interface 1
 71 ...00 00 00 00 00 00 00 e0  Microsoft ISATAP Adapter
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1      192.168.1.4     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link       192.168.1.4    281
      192.168.1.4  255.255.255.255         On-link       192.168.1.4    281
    192.168.1.255  255.255.255.255         On-link       192.168.1.4    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link       192.168.1.4    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link       192.168.1.4    281
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
 67    281 fe80::/64                On-link
 71    276 fe80::5efe:192.168.1.4/128
                                    On-link
 67    281 fe80::219d:c33f:201a:6f88/128
                                    On-link
  1    306 ff00::/8                 On-link
 67    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

Catalog5 02 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\winrnr.dll [19968] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 05 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 06 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 07 C:\Windows\system32\wshbth.dll [34304] (Microsoft Corporation)
Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [152864] (Apple Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (12/10/2013 08:57:55 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {68c21a27-a445-4827-8d98-a367f1899847}

Error: (12/10/2013 08:39:36 PM) (Source: WerSvc) (User: )
Description: The target file for the Windows Feedback Platform (a DLL file containing the list of problems on this computer that require additional data collection for diagnosis) could not be parsed. The error code was 8014FFF9.

Error: (12/10/2013 09:16:32 AM) (Source: WerSvc) (User: )
Description: The target file for the Windows Feedback Platform (a DLL file containing the list of problems on this computer that require additional data collection for diagnosis) could not be parsed. The error code was 8014FFF9.

Error: (12/09/2013 10:27:56 PM) (Source: WerSvc) (User: )
Description: The target file for the Windows Feedback Platform (a DLL file containing the list of problems on this computer that require additional data collection for diagnosis) could not be parsed. The error code was 8014FFF9.

Error: (12/08/2013 09:00:13 PM) (Source: WerSvc) (User: )
Description: The target file for the Windows Feedback Platform (a DLL file containing the list of problems on this computer that require additional data collection for diagnosis) could not be parsed. The error code was 8014FFF9.

Error: (12/08/2013 11:03:12 AM) (Source: WerSvc) (User: )
Description: The target file for the Windows Feedback Platform (a DLL file containing the list of problems on this computer that require additional data collection for diagnosis) could not be parsed. The error code was 8014FFF9.

Error: (12/06/2013 11:14:06 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {ff372cf0-6343-423e-bb79-46473cfd15ba}

Error: (12/06/2013 09:24:46 AM) (Source: WerSvc) (User: )
Description: The target file for the Windows Feedback Platform (a DLL file containing the list of problems on this computer that require additional data collection for diagnosis) could not be parsed. The error code was 8014FFF9.

Error: (12/05/2013 11:26:20 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {b18ae56b-712f-41eb-b65e-13c347e0bf36}

Error: (12/05/2013 09:14:23 PM) (Source: WerSvc) (User: )
Description: The target file for the Windows Feedback Platform (a DLL file containing the list of problems on this computer that require additional data collection for diagnosis) could not be parsed. The error code was 8014FFF9.


System errors:
=============
Error: (12/10/2013 08:42:34 PM) (Source: netbt) (User: )
Description: The name "USER-PC        :20" could not be registered on the interface with IP address 192.168.1.4.
The computer with the IP address 192.168.1.2 did not allow the name to be claimed by
this computer.

Error: (12/10/2013 08:42:34 PM) (Source: netbt) (User: )
Description: The name "USER-PC        :0" could not be registered on the interface with IP address 192.168.1.4.
The computer with the IP address 192.168.1.2 did not allow the name to be claimed by
this computer.

Error: (12/10/2013 08:42:34 PM) (Source: Server) (User: )
Description: The server could not bind to the transport \Device\NetBT_Tcpip_{1FD79940-9532-4FFF-9C77-A2EE8A337150} because another computer on the network has the same name.  The server could not start.

Error: (12/10/2013 08:35:02 PM) (Source: netbt) (User: )
Description: The name "USER-PC        :20" could not be registered on the interface with IP address 192.168.1.4.
The computer with the IP address 192.168.1.2 did not allow the name to be claimed by
this computer.

Error: (12/10/2013 08:35:02 PM) (Source: netbt) (User: )
Description: The name "USER-PC        :0" could not be registered on the interface with IP address 192.168.1.4.
The computer with the IP address 192.168.1.2 did not allow the name to be claimed by
this computer.

Error: (12/10/2013 08:35:02 PM) (Source: Server) (User: )
Description: The server could not bind to the transport \Device\NetBT_Tcpip_{1FD79940-9532-4FFF-9C77-A2EE8A337150} because another computer on the network has the same name.  The server could not start.

Error: (12/10/2013 08:34:35 PM) (Source: Service Control Manager) (User: )
Description: 74346763

Error: (12/10/2013 08:34:34 PM) (Source: Service Control Manager) (User: )
Description: IPsec Policy AgentBFE

Error: (12/10/2013 08:34:34 PM) (Source: Service Control Manager) (User: )
Description: IKE and AuthIP IPsec Keying ModulesBFE

Error: (12/10/2013 08:34:34 PM) (Source: Service Control Manager) (User: )
Description: Box_NTR v2.6A%%1053


Microsoft Office Sessions:
=========================
Error: (06/20/2012 01:51:19 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 13804 seconds with 4740 seconds of active time.  This session ended with a crash.

Error: (01/27/2012 10:51:41 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 8700 seconds with 3540 seconds of active time.  This session ended with a crash.


CodeIntegrity Errors:
===================================
  Date: 2012-08-17 07:04:28.618
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys because the set of per-page image hashes could not be found on the system.

  Date: 2012-08-17 07:04:28.485
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys because the set of per-page image hashes could not be found on the system.

  Date: 2012-08-17 07:04:28.312
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys because the set of per-page image hashes could not be found on the system.

  Date: 2012-08-17 07:04:28.174
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys because the set of per-page image hashes could not be found on the system.

  Date: 2012-08-17 07:04:28.040
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys because the set of per-page image hashes could not be found on the system.

  Date: 2012-08-17 07:04:27.900
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys because the set of per-page image hashes could not be found on the system.

  Date: 2012-08-17 07:04:27.707
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22577_none_b36309477fb64a54\tcpip.sys because the set of per-page image hashes could not be found on the system.

  Date: 2012-08-17 07:04:27.573
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22577_none_b36309477fb64a54\tcpip.sys because the set of per-page image hashes could not be found on the system.

  Date: 2012-08-17 07:04:27.391
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22577_none_b36309477fb64a54\tcpip.sys because the set of per-page image hashes could not be found on the system.

  Date: 2012-08-17 07:04:27.260
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22577_none_b36309477fb64a54\tcpip.sys because the set of per-page image hashes could not be found on the system.


=========================== Installed Programs ============================

 Update for Microsoft Office 2007 (KB2508958)
µTorrent (Version: 1.6.1)
µTorrent (Version: 1.8.2)
32 Bit HP CIO Components Installer (Version: 3.1.1)
50 FREE MP3s +1 Free Audiobook! (Version: 1.0.0.1)
6500_E709_eDocs (Version: 1.00.0000)
6500_E709_Help (Version: 1.00.0000)
6500_E709a (Version: 50.0.165.000)
Acer Arcade Deluxe (Version: 1.12.4327)
Acer Assist
Acer Crystal Eye webcam (Version: 1.0.13)
Acer Crystal Eye webcam (Version: 5.7.29.500-1.0)
Acer eAudio Management (Version: 2.5.4205)
Acer eDataSecurity Management (Version: 2.5.4241)
Acer eLock Management (Version: 2.5.4008)
Acer Empowering Technology (Version: 2.5.4010)
Acer eNet Management (Version: 2.6.4008)
Acer ePower Management (Version: 2.5.4018)
Acer ePresentation Management (Version: 2.5.4002)
Acer eSettings Management (Version: 2.5.4011)
Acer GridVista (Version: 2.68.622)
Acer Mobility Center Plug-In (Version: 1.0.3003)
Acer Registration
Acer ScreenSaver (Version: 1.11.20070515)
Acer Tour (Version: 2.0.1003)
Adobe Flash Player 11 ActiveX (Version: 11.9.900.117)
Adobe Flash Player 11 Plugin (Version: 11.9.900.117)
Adobe Reader 8.1.3 (Version: 8.1.3)
Agere Systems HDA Modem
AIM 6
AIM Toolbar
AnyDVD (Version: 6.7.9.0)
AOL Coach Version 2.0(Build:20041026.5 en)
AOL Connectivity Services
AOL Deskbar
AOL Uninstaller
AOL You've Got Pictures Screensaver
Apple Application Support (Version: 1.3.2)
Apple Mobile Device Support (Version: 3.2.0.47)
Apple Software Update (Version: 2.1.1.116)
Audacity 1.2.6
AutoUpdate (Version: 1.1)
Big Kahuna Reef 2
BitTornado 0.3.17 (Version: 0.3.17)
Bonjour (Version: 2.0.2.0)
bpd_scan (Version: 3.00.0000)
BPDSoftware (Version: 50.0.165.000)
BPDSoftware_Ini (Version: 1.00.0000)
Bricks of Egypt
Broadcom Gigabit Integrated Controller (Version: 10.50.08)
BSPlayer
BufferChm (Version: 120.0.194.000)
CDex extraction audio
CDisplay 1.8
Cisco Systems VPN Client 5.0.01.0600 (Version: 5.0.1)
CloneCD
CloneDVD 3.9.4
CloneDVD2
Clubbox ÆÄÀÏÀü¼Û°ü¸®ÀÚ
Combined Community Codec Pack 2008-09-21 16:18 (Version: 2008.09.21.0)
Cucusoft MPEG/MOV/RM/DivX/AVI to DVD/VCD/SVCD Creator Pro 7.07
CustomerResearchQFolder (Version: 1.00.0000)
D5060 (Version: 82.0.233.000)
D5060_Help (Version: 82.0.233.000)
Destination Component (Version: 110.0.0.0)
DeviceDiscovery (Version: 120.0.194.000)
DeviceManagementQFolder (Version: 1.00.0000)
Digital Editions Converter (Version: 1.4.1)
Digital Photo Navigator 1.5
DivX Codec (Version: 6.8.5)
DivX Converter (Version: 7.0.0)
DivX Player (Version: 7.1.0)
DivX Version Checker (Version: 7.0.0.19)
DivX Web Player (Version: 1.4.3)
DJ_AIO_03_F4200_Software_Min (Version: 110.0.206.000)
DocMgr (Version: 120.0.000.000)
DocProc (Version: 12.0.0.0)
Download Direct (Version: 1.0)
Download Updater (AOL LLC)
DriverToolkit version 8.1.1.0 (Version: 8.1.1.0)
DVD Decrypter (Remove Only)
DVDFab Platinum 3.2.1.0
Dynasty
eSupportQFolder (Version: 1.00.0000)
Fax (Version: 120.0.194.000)
FLV Player 1.3.3
Free Photo Converter (Version: 1.0)
Galapago
GIZMO ver.2 (Version: 2.22.1)
GPBaseService2 (Version: 120.0.194.000)
Guitar Pro 5.0
HijackThis 2.0.2 (Version: 2.0.2)
HP Customer Participation Program 12.0 (Version: 12.0)
HP Deskjet & Photosmart Printer Driver Software 8.0.A (Version: 8.0)
HP Deskjet F4200 All-In-One Driver 11.0 03 (Version: 11.0)
HP Document Manager 2.0 (Version: 2.0)
HP Imaging Device Functions 12.0 (Version: 12.0)
HP LaserJet Professional P1100-P1560-P1600 Series
HP Officejet 6500 E709 Series (Version: 12.0)
HP Photosmart Essential (Version: 1.12.0.46)
HP Smart Web Printing (Version: 4.05)
HP Solution Center 12.0 (Version: 12.0)
HP Update (Version: 5.003.001.001)
hppLaserJetService (Version: 001.001.0.0)
hppP1100P1560P1600SeriesLaserJetService (Version: 001.001.0.0)
HPProductAssistant (Version: 120.0.194.000)
hppusgP1100P1560P1600Series (Version: 1.0.0.1)
HPSSupply (Version: 120.0.194.000)
ImgBurn (Remove Only)
ImTOO DVD to iPod Converter 5 (Version: 5.0.50.0717)
ImTOO MP4 Video Converter (Version: 3.1.40.0824b)
Intel® Graphics Media Accelerator Driver
Intel® Matrix Storage Manager
InterActual Player
InterVideo WinDVD 7 (Version: 7.0-B27.172)
iTunes (Version: 10.0.0.68)
Japanese Fonts Support For Adobe Reader 8 (Version: 8.0)
Java™ 6 Update 4 (Version: 1.6.0.40)
Jewel Quest Solitaire
LADSPA_plugins-win-0.4.15
Launch Manager
LightScribe  1.4.142.1 (Version: 1.4.142.1)
Luxor 2
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
MarketResearch (Version: 130.0.374.000)
Medialink MWN-USB150N (Version: 1.00.0000)
Mega Manager (Version: 3.1.0)
Megaupload Toolbar
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Basic Edition 2003 (Version: 11.0.8173.0)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Security Client (Version: 4.4.0304.0)
Microsoft Security Essentials (Version: 4.4.304.0)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft VC9 runtime libraries (Version: 1.0.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft XML Parser (Version: 8.20.8730.4)
MobileMe Control Panel (Version: 3.0.1.1)
Move Networks Media Player for Internet Explorer
Mozilla Firefox 25.0.1 (x86 en-US) (Version: 25.0.1)
Mozilla Maintenance Service (Version: 25.0.1)
Mp3tag v2.42 (Version: v2.42)
MPEG Encoder 3 (Version: 3.1.27.0403b)
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)
MSXML 4.0 SP2 (KB941833) (Version: 4.20.9849.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP2 Parser and SDK (Version: 4.20.9818.0)
Mystery Case Files - Prime Suspects
Mystery Case Files Ravenhearst
Netflix Movie Viewer (Version: 1.2.211)
Network (Version: 120.0.194.000)
NTI Backup NOW! 4.7 (Version: 4)
NTI CD & DVD-Maker (Version: 7)
OCR Software by I.R.I.S. 12.0 (Version: 12.0)
Opera 9.62 (Version: 9.62)
Orbit Downloader
Orion (Version: 01.00.0017)
PowerCinema NE for Everio
PowerDirector Express
PowerProducer 3.72 (Version: 074324(3.7)_Vista_Acer)
ProductContext (Version: 50.0.165.000)
ProxyChecker (remove only)
Pure Networks Port Magic (Version: 1.2.1393.0)
Python 2.5 PIL-1.1.6
Python 2.5.2 (Version: 2.5.2150)
QuickTime (Version: 7.67.75.0)
RAR Password Cracker 4.12
RaySource 2.1.10.8366 (Version: 2.1.10.8366)
RealPlayer
Realtek High Definition Audio Driver (Version: 6.0.1.5423)
Recover My Files (Version: 3.9.8.6472)
Recuva (remove only)
Rhapsody Player Engine (Version: 1.1.0)
RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01 (Version: 3.51.01)
Safari (Version: 3.525.21.0)
Samsung New PC Studio (Version: 1.00.0000)
SAMSUNG USB Driver for Mobile Phones (Version: 1.2.912.17215)
Sateira CD&DVD Burner 2.8
Scan (Version: 12.0.0.0)
SF_CDA_Software (Version: 82.0.233.000)
Shop for HP Supplies (Version: 12)
Sibelius 5 (Version: 5.0.0)
Skype™ 5.10 (Version: 5.10.116)
SmartWebPrinting (Version: 120.0.194.000)
SolutionCenter (Version: 120.0.194.000)
Sonic RecordNow! Deluxe (Version: 7.0)
Spybot - Search & Destroy (Version: 1.5.2)
Status (Version: 120.0.194.000)
Synaptics Pointing Device Driver (Version: 9.1.20.0)
System Requirements Lab
Toolbox (Version: 120.0.194.000)
Toolbox (Version: 82.0.173.000)
TrayApp (Version: 120.0.194.000)
Treasures of the Deep
TubEmAll Pro 0.99 (Version: 0.99)
UNIQLOCK COLOR_v2 Screen Saver
uniqlock_24color Screen Saver
UnloadSupport (Version: 11.0.0)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2825642) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
VC80CRTRedist - 8.0.50727.762 (Version: 1.0.0)
Veoh Video Compass (Version: 1.4.5.1004)
Veoh Web Player (Version: 1.1.3.1027)
VeohTV BETA (Version: 3.9.1)
Viewpoint Media Player
VirtualCloneDrive
vixy converter uninstall (Version: 1.0)
VLC media player 1.1.9 (Version: 1.1.9)
WebReg (Version: 120.0.194.000)
WIDCOMM Bluetooth Software 6.0.1.4400 (Version: 6.0.1.4400)
Winamp (Version: 5.56 )
Winamp Toolbar
Winbond CIR Drivers (Version: 7.60.1002)
WinRAR archiver
Xilisoft DVD Ripper Platinum 5 (Version: 5.0.40.0801)
Yahoo! Messenger
Yahoo! Toolbar
Zuma Deluxe

========================= Devices: ================================

Name: isatap.{4A4C95D1-DC04-4C17-9A15-F42F41F7449A}
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: isatap.{4A4C95D1-DC04-4C17-9A15-F42F41F7449A}
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: isatap.{4A4C95D1-DC04-4C17-9A15-F42F41F7449A}
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: isatap.{C04FCCFF-A4C4-40D6-97E1-1BC3BEB398D2}
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: isatap.{4A4C95D1-DC04-4C17-9A15-F42F41F7449A}
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: isatap.{4A4C95D1-DC04-4C17-9A15-F42F41F7449A}
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: isatap.myhome.westell.com
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: isatap.myhome.westell.com
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: isatap.myhome.westell.com
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: isatap.{4A4C95D1-DC04-4C17-9A15-F42F41F7449A}
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: isatap.{4A4C95D1-DC04-4C17-9A15-F42F41F7449A}
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: isatap.{4A4C95D1-DC04-4C17-9A15-F42F41F7449A}
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: isatap.{4A4C95D1-DC04-4C17-9A15-F42F41F7449A}
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: isatap.{4A4C95D1-DC04-4C17-9A15-F42F41F7449A}
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: isatap.{4A4C95D1-DC04-4C17-9A15-F42F41F7449A}
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Tun Miniport Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunmp
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Atheros AR5007EG Wireless Network Adapter
Description: Atheros AR5007EG Wireless Network Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Atheros Communications Inc.
Service: athr
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Broadcom NetLink ™ Gigabit Ethernet
Description: Broadcom NetLink ™ Gigabit Ethernet
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Broadcom
Service: b57nd60x
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Cisco Systems VPN Adapter #2 - Deterministic Network Enhancer Miniport
Description: Deterministic Network Enhancer Miniport
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Deterministic Networks
Service: DNE
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Cisco Systems VPN Adapter - Deterministic Network Enhancer Miniport
Description: Deterministic Network Enhancer Miniport
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Deterministic Networks
Service: DNE
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Atheros AR5007EG Wireless Network Adapter - Deterministic Network Enhancer Miniport
Description: Deterministic Network Enhancer Miniport
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Deterministic Networks
Service: DNE
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Broadcom NetLink ™ Gigabit Ethernet - Deterministic Network Enhancer Miniport
Description: Deterministic Network Enhancer Miniport
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Deterministic Networks
Service: DNE
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: WAN Miniport (IP) - Deterministic Network Enhancer Miniport
Description: Deterministic Network Enhancer Miniport
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Deterministic Networks
Service: DNE
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: WAN Miniport (IPv6) - Deterministic Network Enhancer Miniport
Description: Deterministic Network Enhancer Miniport
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Deterministic Networks
Service: DNE
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: WAN Miniport (L2TP)
Description: WAN Miniport (L2TP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: Rasl2tp
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: WAN Miniport (IP)
Description: WAN Miniport (IP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: WAN Miniport (IPv6)
Description: WAN Miniport (IPv6)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: WAN Miniport (PPPOE)
Description: WAN Miniport (PPPOE)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: RasPppoe
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: WAN Miniport (PPTP)
Description: WAN Miniport (PPTP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: PptpMiniport
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: WAN Miniport (ATW)
Description: WAN Miniport (ATW)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: America Online, Inc.
Service: wanatw
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver


========================= Memory info: ===================================

Percentage of memory in use: 60%
Total physical RAM: 2037.81 MB
Available physical RAM: 813.1 MB
Total Pagefile: 4280.64 MB
Available Pagefile: 2920.72 MB
Total Virtual: 2047.88 MB
Available Virtual: 1956.12 MB

========================= Partitions: =====================================

1 Drive c: (ACER) (Fixed) (Total:68.77 GB) (Free:0.99 GB) NTFS
2 Drive d: (DATA) (Fixed) (Total:68.56 GB) (Free:21.01 GB) NTFS

========================= Users: ========================================

User accounts for \\USER-PC

Administrator            Guest                    User                     


**** End of log ****
 

Malwarebytes' Anti-Malware

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.12.10.07

Windows Vista x86 NTFS
Internet Explorer 7.0.6000.17037
User :: USER-PC [administrator]

12/10/2013 9:34:42 PM
mbam-log-2013-12-10 (21-34-42).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 222942
Time elapsed: 21 minute(s), 53 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 2
C:\Program Files\BitTornado\btdownloadgui.exe (P2P.BitTornado) -> No action taken.
C:\Users\User\Downloads\iLividSetupV1.exe (PUP.Optional.Bandoo) -> Quarantined and deleted successfully.

(end)
 

Malwarebytes AntiRootkit

Malwarebytes Anti-Rootkit BETA 1.07.0.1008
www.malwarebytes.org

Database version: v2013.12.11.01

Windows Vista x86 NTFS
Internet Explorer 7.0.6000.17037
User :: USER-PC [administrator]

12/11/2013 12:43:00 AM
mbar-log-2013-12-11 (00-43-00).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 227974
Time elapsed: 51 minute(s), 23 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 2
HKLM\SOFTWARE\CLASSES\INTERFACE\{825C19D3-35CE-428F-876B-88E080466689} (Adware.CWS) -> No action taken.
HKLM\SOFTWARE\CLASSES\TypeLib\{0409743C-E5E3-4BDD-9EC7-EFF622530282} (Adware.CWS) -> No action taken.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
 

 

---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.07.0.1008

© Malwarebytes Corporation 2011-2012

OS version: 6.0.6000 Windows Vista x86

Account is Administrative

Internet Explorer version: 7.0.6000.17037

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
CPU speed: 1.600000 GHz
Memory total: 2136801280, free: 912478208

Could not load protection driver
=======================================


---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.07.0.1007

© Malwarebytes Corporation 2011-2012

OS version: 6.0.6000 Windows Vista x86

Account is Administrative

Internet Explorer version: 7.0.6000.17037

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
CPU speed: 1.600000 GHz
Memory total: 2136801280, free: 903483392

---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.07.0.1007

© Malwarebytes Corporation 2011-2012

OS version: 6.0.6000 Windows Vista x86

Account is Administrative

Internet Explorer version: 7.0.6000.17037

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
CPU speed: 1.600000 GHz
Memory total: 2136801280, free: 924270592

---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.07.0.1007

© Malwarebytes Corporation 2011-2012

OS version: 6.0.6000 Windows Vista x86

Account is Administrative

Internet Explorer version: 7.0.6000.17037

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
CPU speed: 1.600000 GHz
Memory total: 2136801280, free: 926695424

---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.07.0.1008

© Malwarebytes Corporation 2011-2012

OS version: 6.0.6000 Windows Vista x86

Account is Administrative

Internet Explorer version: 7.0.6000.17037

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
CPU speed: 1.600000 GHz
Memory total: 2136801280, free: 914546688

Could not load protection driver
Downloaded database version: v2013.12.11.01
Downloaded database version: v2013.10.11.02
=======================================
Initializing...
------------ Kernel report ------------
     12/11/2013 00:42:51
------------ Loaded modules -----------
\SystemRoot\system32\ntkrnlpa.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\BOOTVID.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\System32\drivers\barwr.sys
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\acpi.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\system32\DRIVERS\compbatt.sys
\SystemRoot\system32\DRIVERS\BATTC.SYS
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\drivers\intelide.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\system32\DRIVERS\VClone.sys
\SystemRoot\system32\DRIVERS\SCSIPORT.SYS
\SystemRoot\system32\DRIVERS\iaStor.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\system32\DRIVERS\MpFilter.sys
\SystemRoot\system32\DRIVERS\psdfilter.sys
\SystemRoot\System32\Drivers\PxHelp20.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\msrpc.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\system32\drivers\psdvdisk.sys
\SystemRoot\system32\drivers\PSDNServ.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\ecache.sys
\SystemRoot\system32\drivers\disk.sys
\SystemRoot\system32\drivers\CLASSPNP.SYS
\SystemRoot\system32\drivers\crcdisk.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\DRIVERS\igdkmd32.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\system32\DRIVERS\usbuhci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\DRIVERS\HDAudBus.sys
\SystemRoot\system32\DRIVERS\ohci1394.sys
\SystemRoot\system32\DRIVERS\1394BUS.SYS
\SystemRoot\system32\DRIVERS\sdbus.sys
\SystemRoot\system32\DRIVERS\rimmptsk.sys
\SystemRoot\system32\DRIVERS\rimsptsk.sys
\SystemRoot\system32\DRIVERS\rixdptsk.sys
\SystemRoot\system32\DRIVERS\winbondcir.sys
\SystemRoot\system32\DRIVERS\i8042prt.sys
\SystemRoot\system32\DRIVERS\DKbFltr.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\SynTP.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\System32\Drivers\AnyDVD.sys
\SystemRoot\System32\Drivers\ElbyCDFL.sys
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\system32\DRIVERS\NTIDrvr.sys
\SystemRoot\System32\Drivers\GEARAspiWDM.sys
\SystemRoot\system32\DRIVERS\CmBatt.sys
\SystemRoot\system32\DRIVERS\wmiacpi.sys
\SystemRoot\system32\DRIVERS\dne2000.sys
\SystemRoot\system32\DRIVERS\msiscsi.sys
\SystemRoot\system32\DRIVERS\storport.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\System32\Drivers\pcouffin.sys
\SystemRoot\system32\DRIVERS\termdd.sys
\SystemRoot\system32\DRIVERS\swenum.sys
\SystemRoot\system32\DRIVERS\ks.sys
\SystemRoot\system32\DRIVERS\circlass.sys
\SystemRoot\system32\DRIVERS\mssmbios.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\system32\drivers\RTKVHDA.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\DRIVERS\AGRSM.sys
\SystemRoot\system32\drivers\modem.sys
\SystemRoot\system32\DRIVERS\hidir.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\kbdhid.sys
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\System32\Drivers\Fs_Rec.SYS
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\System32\DRIVERS\rasacd.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\smb.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\ws2ifsl.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\System32\Drivers\ElbyCDIO.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_iaStor.sys
\SystemRoot\system32\DRIVERS\snp2uvc.sys
\SystemRoot\system32\DRIVERS\STREAM.SYS
\SystemRoot\system32\DRIVERS\sncduvc.SYS
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\system32\DRIVERS\netr28u.sys
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\drivers\spsys.sys
\SystemRoot\system32\DRIVERS\AegisP.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\system32\drivers\mrxdav.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\??\C:\Windows\system32\Drivers\CVPNDRVA.sys
\SystemRoot\system32\DRIVERS\cdfs.sys
\??\C:\Acer\Empowering Technology\eRecovery\int15.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\drivers\tcpipreg.sys
\??\C:\Program Files\Acer Arcade Deluxe\Play Movie\000.fcl
\??\C:\Windows\system32\FsUsbExDisk.SYS
\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
\Windows\System32\ntdll.dll
----------- End -----------
Done!
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xffffffff86790ad8
Upper Device Driver Name: \Driver\disk\
Lower Device Name: \Device\Ide\IAAStorageDevice-0\
Lower Device Object: 0xffffffff857fd030
Lower Device Driver Name: \Driver\iaStor\
<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xffffffff86790ad8, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff867907e0, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffffff86790ad8, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
DevicePointer: 0xffffffff85811870, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xffffffff857fd030, DeviceName: \Device\Ide\IAAStorageDevice-0\, DriverName: \Driver\iaStor\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 371DC4AF

Partition information:

    Partition 0 type is Other (0x27)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 63  Numsec = 24563322

    Partition 1 type is Other (0x6)
    Partition is ACTIVE.
    Partition starts at LBA: 24563712  Numsec = 144228352
    Partition is not bootable

    Partition 2 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 168792064  Numsec = 143785984

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

Disk Size: 160041885696 bytes
Sector size: 512 bytes

Scanning physical sectors of unpartitioned space on drive 0 (1-62-312561808-312581808)...
Done!
Infected: HKLM\SOFTWARE\CLASSES\INTERFACE\{825C19D3-35CE-428F-876B-88E080466689} --> [Adware.CWS]
Infected: HKLM\SOFTWARE\CLASSES\TypeLib\{0409743C-E5E3-4BDD-9EC7-EFF622530282} --> [Adware.CWS]
Scan finished
=======================================


Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR_0_i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\Bootstrap_0_1_24563712_i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR_0_r.mbam...
Removal finished
 

 

Rkill

Rkill 2.6.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 12/11/2013 10:08:34 AM in x86 mode.
Windows Version: Windows Vista ™ Home Premium

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * C:\Users\User\AppData\Local\Temp\RtkBtMnt.exe (PID: 4024) [UP-HEUR]
 * C:\Users\User\AppData\Local\Temp\RtkBtMnt.exe (PID: 4024) [T-HEUR]

2 proccesses terminated!

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
  * HKLM\Software\Classes\exefile\shell\open\command\\IsolatedCommand was changed. It was reset to "%1" %*!

  * HKLM\Software\Classes\exefile\shell\runas\command\\IsolatedCommand was changed. It was reset to "%1" %*!


Performing miscellaneous checks:

 * Windows Firewall Disabled

   [HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
   "EnableFirewall" = dword:00000000

Checking Windows Service Integrity:

 * Windows Firewall Authorization Driver (mpsdrv) is not Running.
   Startup Type set to: Manual

 * BFE [Missing Service]
 * MpsSvc [Missing Service]

Searching for Missing Digital Signatures:

 * No issues found.

Checking HOSTS File:

 * HOSTS file entries found:

  127.0.0.1       localhost

Program finished at: 12/11/2013 10:10:37 AM
Execution time: 0 hours(s), 2 minute(s), and 3 seconds(s)
 



#10 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,708 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:01:22 AM

Posted 11 December 2013 - 11:01 AM

Download TDSSKiller and save it to your desktop.

  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#11 Ette

Ette
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:03:22 AM

Posted 12 December 2013 - 12:19 PM

Here is the result from the TDSSKiller Scan.  Thank you.

 

TDSSKiller Report

 

12:04:42.0989 5768  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
12:04:47.0662 5768  ============================================================
12:04:47.0662 5768  Current date / time: 2013/12/12 12:04:47.0662
12:04:47.0662 5768  SystemInfo:
12:04:47.0663 5768  
12:04:47.0663 5768  OS Version: 6.0.6000 ServicePack: 0.0
12:04:47.0663 5768  Product type: Workstation
12:04:47.0663 5768  ComputerName: USER-PC
12:04:47.0663 5768  UserName: User
12:04:47.0664 5768  Windows directory: C:\Windows
12:04:47.0664 5768  System windows directory: C:\Windows
12:04:47.0664 5768  Processor architecture: Intel x86
12:04:47.0664 5768  Number of processors: 2
12:04:47.0664 5768  Page size: 0x1000
12:04:47.0664 5768  Boot type: Normal boot
12:04:47.0664 5768  ============================================================
12:04:49.0526 5768  Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
12:04:49.0529 5768  ============================================================
12:04:49.0529 5768  \Device\Harddisk0\DR0:
12:04:49.0529 5768  MBR partitions:
12:04:49.0529 5768  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x6, StartLBA 0x176D000, BlocksNum 0x898C000
12:04:49.0529 5768  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xA0F9000, BlocksNum 0x8920000
12:04:49.0529 5768  ============================================================
12:04:49.0563 5768  C: <-> \Device\Harddisk0\DR0\Partition1
12:04:49.0651 5768  D: <-> \Device\Harddisk0\DR0\Partition2
12:04:49.0652 5768  ============================================================
12:04:49.0652 5768  Initialize success
12:04:49.0652 5768  ============================================================
12:06:50.0625 6048  ============================================================
12:06:50.0625 6048  Scan started
12:06:50.0625 6048  Mode: Manual;
12:06:50.0625 6048  ============================================================
12:06:50.0946 6048  ================ Scan system memory ========================
12:06:50.0946 6048  System memory - ok
12:06:50.0947 6048  ================ Scan services =============================
12:06:51.0121 6048  [ 6F7A16E4EC3924B54C18940E1D09826B ] .bntr           C:\ProgramData\Norton\bntr.exe
12:06:53.0383 6048  .bntr - ok
12:06:53.0637 6048  [ 45EF15EE13010FD53ED870FD240FA929 ] 61883           C:\Windows\system32\DRIVERS\61883.sys
12:06:53.0679 6048  61883 - ok
12:06:53.0727 6048  74346763 - ok
12:06:53.0783 6048  [ 84FC6DF81212D16BE5C4F441682FECCC ] ACPI            C:\Windows\system32\drivers\acpi.sys
12:06:53.0789 6048  ACPI - ok
12:06:53.0882 6048  [ 1BA1AB4141A92EB34DA99F1249CA2D4D ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
12:06:53.0888 6048  AdobeFlashPlayerUpdateSvc - ok
12:06:53.0924 6048  [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
12:06:53.0934 6048  adp94xx - ok
12:06:53.0970 6048  [ B84088CA3CDCA97DA44A984C6CE1CCAD ] adpahci         C:\Windows\system32\drivers\adpahci.sys
12:06:53.0977 6048  adpahci - ok
12:06:54.0009 6048  [ 7880C67BCCC27C86FD05AA2AFB5EA469 ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
12:06:54.0012 6048  adpu160m - ok
12:06:54.0035 6048  [ 9AE713F8E30EFC2ABCCD84904333DF4D ] adpu320         C:\Windows\system32\drivers\adpu320.sys
12:06:54.0039 6048  adpu320 - ok
12:06:54.0105 6048  [ 15E655BAA989444F56787EF558823643 ] AegisP          C:\Windows\system32\DRIVERS\AegisP.sys
12:06:54.0171 6048  AegisP - ok
12:06:54.0219 6048  [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
12:06:54.0255 6048  AeLookupSvc - ok
12:06:54.0316 6048  [ 5D24CAF8EFD924A875698FF28384DB8B ] AFD             C:\Windows\system32\drivers\afd.sys
12:06:54.0357 6048  AFD - ok
12:06:54.0410 6048  [ 39E435C90C9C4F780FA0ED05CA3C3A1B ] AgereModemAudio C:\Windows\system32\agrsmsvc.exe
12:06:54.0460 6048  AgereModemAudio - ok
12:06:54.0543 6048  [ D31D1A92479BD8C0D050A6FFBDD410D9 ] AgereSoftModem  C:\Windows\system32\DRIVERS\AGRSM.sys
12:06:54.0739 6048  AgereSoftModem - ok
12:06:54.0779 6048  [ EF23439CDD587F64C2C1B8825CEAD7D8 ] agp440          C:\Windows\system32\drivers\agp440.sys
12:06:54.0781 6048  agp440 - ok
12:06:54.0834 6048  [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
12:06:54.0836 6048  aic78xx - ok
12:06:54.0925 6048  [ BB49E86AB8AC13D6F5FD3A6996A81720 ] ALaunchService  C:\Acer\ALaunch\ALaunchSvc.exe
12:06:55.0038 6048  ALaunchService - ok
12:06:55.0073 6048  [ E69FB0E3112C40FDC0EF7D21A52DC951 ] ALG             C:\Windows\System32\alg.exe
12:06:55.0116 6048  ALG - ok
12:06:55.0134 6048  [ 90395B64600EBB4552E26E178C94B2E4 ] aliide          C:\Windows\system32\drivers\aliide.sys
12:06:55.0135 6048  aliide - ok
12:06:55.0158 6048  [ 2B13E304C9DFDFA5EB582F6A149FA2C7 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
12:06:55.0160 6048  amdagp - ok
12:06:55.0206 6048  [ 0577DF1D323FE75A739C787893D300EA ] amdide          C:\Windows\system32\drivers\amdide.sys
12:06:55.0208 6048  amdide - ok
12:06:55.0238 6048  [ DC487885BCEF9F28EECE6FAC0E5DDFC5 ] AmdK7           C:\Windows\system32\drivers\amdk7.sys
12:06:55.0292 6048  AmdK7 - ok
12:06:55.0317 6048  [ 0CA0071DA4315B00FC1328CA86B425DA ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
12:06:55.0350 6048  AmdK8 - ok
12:06:55.0426 6048  [ 40C279A23BD43553BFBA6E88A9B38AE2 ] AnyDVD          C:\Windows\system32\Drivers\AnyDVD.sys
12:06:55.0464 6048  AnyDVD - ok
12:06:55.0601 6048  [ AA2770FD967DAB91A597619C4EADC0C9 ] AOL ACS         C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
12:06:55.0630 6048  AOL ACS - ok
12:06:55.0704 6048  [ 7FB54900AA9792AB6307C699EC1859D4 ] AOL TopSpeedMonitor C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
12:06:55.0706 6048  AOL TopSpeedMonitor - ok
12:06:55.0776 6048  [ CFA455816879F06F1C4E5BBF9E8AEF7D ] Appinfo         C:\Windows\System32\appinfo.dll
12:06:55.0799 6048  Appinfo - ok
12:06:55.0875 6048  [ 70D7BE78061126DD0C3ACCDB7E129017 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
12:06:55.0880 6048  Apple Mobile Device - ok
12:06:55.0942 6048  [ 5F673180268BB1FDB69C99B6619FE379 ] arc             C:\Windows\system32\drivers\arc.sys
12:06:55.0945 6048  arc - ok
12:06:55.0992 6048  [ 957F7540B5E7F602E44648C7DE5A1C05 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
12:06:55.0995 6048  arcsas - ok
12:06:56.0017 6048  [ E86CF7CE67D5DE898F27EF884DC357D8 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
12:06:56.0043 6048  AsyncMac - ok
12:06:56.0109 6048  [ B35CFCEF838382AB6490B321C87EDF17 ] atapi           C:\Windows\system32\drivers\atapi.sys
12:06:56.0111 6048  atapi - ok
12:06:56.0177 6048  [ 42A781B795B36A7182DED8B55C245153 ] athr            C:\Windows\system32\DRIVERS\athr.sys
12:06:56.0220 6048  athr - ok
12:06:56.0303 6048  [ E760FC1BD68F7F6F1B17EB4E8D9480B0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:06:56.0389 6048  AudioEndpointBuilder - ok
12:06:56.0410 6048  [ E760FC1BD68F7F6F1B17EB4E8D9480B0 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
12:06:56.0413 6048  Audiosrv - ok
12:06:56.0463 6048  [ 18C8269BE7F0F65A2EFC5B408D4A17DF ] Avc             C:\Windows\system32\DRIVERS\avc.sys
12:06:56.0496 6048  Avc - ok
12:06:56.0531 6048  [ B81958C4C42CBC77B5DB7710962F99C3 ] AVCSTRM         C:\Windows\system32\DRIVERS\avcstrm.sys
12:06:56.0554 6048  AVCSTRM - ok
12:06:56.0585 6048  [ AA6B367CA7DA571DFC3374EC137D87A5 ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
12:06:56.0661 6048  b57nd60x - ok
12:06:56.0716 6048  [ AC3DD1708B22761EBD7CBE14DCC3B5D7 ] Beep            C:\Windows\system32\drivers\Beep.sys
12:06:56.0771 6048  Beep - ok
12:06:56.0881 6048  [ DA551697E34D2B9943C8B1C8EAFFE89A ] BITS            C:\Windows\system32\qmgr.dll
12:06:56.0971 6048  BITS - ok
12:06:56.0980 6048  blbdrive - ok
12:06:57.0116 6048  [ 5AB58C337AC65837FE404462AD6265AB ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
12:06:57.0124 6048  Bonjour Service - ok
12:06:57.0172 6048  [ 913CD06FBE9105CE6077E90FD4418561 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
12:06:57.0215 6048  bowser - ok
12:06:57.0272 6048  [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
12:06:57.0308 6048  BrFiltLo - ok
12:06:57.0342 6048  [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
12:06:57.0413 6048  BrFiltUp - ok
12:06:57.0450 6048  [ BEB6470532B7461D7BB426E3FACB424F ] Browser         C:\Windows\System32\browser.dll
12:06:57.0493 6048  Browser - ok
12:06:57.0533 6048  [ B304E75CFF293029EDDF094246747113 ] Brserid         C:\Windows\system32\drivers\brserid.sys
12:06:57.0586 6048  Brserid - ok
12:06:57.0630 6048  [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
12:06:57.0675 6048  BrSerWdm - ok
12:06:57.0701 6048  [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
12:06:57.0722 6048  BrUsbMdm - ok
12:06:57.0750 6048  [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
12:06:57.0773 6048  BrUsbSer - ok
12:06:57.0823 6048  [ CF97C2D6A011EE9403B42191B5F95BA8 ] BthEnum         C:\Windows\system32\DRIVERS\BthEnum.sys
12:06:57.0847 6048  BthEnum - ok
12:06:57.0874 6048  [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
12:06:57.0908 6048  BTHMODEM - ok
12:06:57.0931 6048  [ B8C3D9DDF85FD197C3E5F849FEF71144 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
12:06:57.0952 6048  BthPan - ok
12:06:58.0018 6048  [ B4CE8000AAB30A9AB16CD0FB3DB4D7CF ] BTHPORT         C:\Windows\system32\Drivers\BTHport.sys
12:06:58.0051 6048  BTHPORT - ok
12:06:58.0094 6048  [ 58EE7F5E68310BC8D4E7CEBD8358C12E ] BthServ         C:\Windows\System32\bthserv.dll
12:06:58.0119 6048  BthServ - ok
12:06:58.0137 6048  [ 9A4DDC8544C1459AA2A118A8858DADE3 ] BTHUSB          C:\Windows\system32\Drivers\BTHUSB.sys
12:06:58.0172 6048  BTHUSB - ok
12:06:58.0220 6048  [ 636F45A8500C1438CFA7DEE15FC5C184 ] btwaudio        C:\Windows\system32\drivers\btwaudio.sys
12:06:58.0223 6048  btwaudio - ok
12:06:58.0249 6048  [ BF9256FF01B093A5D90BB7A35EC90410 ] btwavdt         C:\Windows\system32\drivers\btwavdt.sys
12:06:58.0252 6048  btwavdt - ok
12:06:58.0288 6048  [ 0AB8C1AC177AFB27309E1072FAF34A37 ] btwrchid        C:\Windows\system32\DRIVERS\btwrchid.sys
12:06:58.0290 6048  btwrchid - ok
12:06:58.0484 6048  catchme - ok
12:06:58.0522 6048  [ 6C3A437FC873C6F6A4FC620B6888CB86 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
12:06:58.0563 6048  cdfs - ok
12:06:58.0620 6048  [ 8D1866E61AF096AE8B582454F5E4D303 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
12:06:58.0685 6048  cdrom - ok
12:06:58.0737 6048  [ 0600E04315FE543802A379D5D23C8BE0 ] CertPropSvc     C:\Windows\System32\certprop.dll
12:06:58.0798 6048  CertPropSvc - ok
12:06:58.0839 6048  [ DA8E0AFC7BAA226C538EF53AC2F90897 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
12:06:58.0870 6048  circlass - ok
12:06:58.0938 6048  [ 1B84FD0937D3B99AF9BA38DDFF3DAF54 ] CLFS            C:\Windows\system32\CLFS.sys
12:06:58.0944 6048  CLFS - ok
12:06:59.0023 6048  [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:06:59.0026 6048  clr_optimization_v2.0.50727_32 - ok
12:06:59.0084 6048  [ ED97AD3DF1B9005989EAF149BF06C821 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
12:06:59.0105 6048  CmBatt - ok
12:06:59.0125 6048  [ 45201046C776FFDAF3FC8A0029C581C8 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
12:06:59.0127 6048  cmdide - ok
12:06:59.0137 6048  [ 722936AFB75A7F509662B69B5632F48A ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
12:06:59.0139 6048  Compbatt - ok
12:06:59.0150 6048  COMSysApp - ok
12:06:59.0163 6048  [ 2A213AE086BBEC5E937553C7D9A2B22C ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
12:06:59.0167 6048  crcdisk - ok
12:06:59.0187 6048  [ 22A7F883508176489F559EE745B5BF5D ] Crusoe          C:\Windows\system32\drivers\crusoe.sys
12:06:59.0217 6048  Crusoe - ok
12:06:59.0272 6048  [ 1C26FB097170A2A91066D1E3A24366E3 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
12:06:59.0273 6048  CryptSvc - ok
12:06:59.0339 6048  [ B5ECADF7708960F1818C7FA015F4C239 ] CVirtA          C:\Windows\system32\DRIVERS\CVirtA.sys
12:06:59.0357 6048  CVirtA - ok
12:06:59.0483 6048  [ DAD192D12DD0B4C92F6843203852829F ] CVPND           C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
12:06:59.0711 6048  CVPND - ok
12:06:59.0784 6048  [ 26DEEF07394624247D1F549BD94F0B15 ] CVPNDRVA        C:\Windows\system32\Drivers\CVPNDRVA.sys
12:06:59.0880 6048  CVPNDRVA - ok
12:06:59.0948 6048  [ 7B981222A257D076885BFFB66F19B7CE ] DcomLaunch      C:\Windows\system32\rpcss.dll
12:06:59.0969 6048  DcomLaunch - ok
12:07:00.0002 6048  [ A7179DE59AE269AB70345527894CCD7C ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
12:07:00.0085 6048  DfsC - ok
12:07:00.0215 6048  [ E0D584AA76C7D845BA9F3A788260528F ] DFSR            C:\Windows\system32\DFSR.exe
12:07:00.0442 6048  DFSR - ok
12:07:00.0516 6048  [ DC45739BC22D528D2B3E50D3F6761750 ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
12:07:00.0519 6048  Dhcp - ok
12:07:00.0542 6048  [ 841AF4C4D41D3E3B2F244E976B0F7963 ] disk            C:\Windows\system32\drivers\disk.sys
12:07:00.0545 6048  disk - ok
12:07:00.0588 6048  [ 73BAF270D24FE726B9CD7F80BB17A23D ] DKbFltr         C:\Windows\system32\DRIVERS\DKbFltr.sys
12:07:00.0589 6048  DKbFltr - ok
12:07:00.0642 6048  [ 7B4FDFBE97C047175E613AA96F3DE987 ] DNE             C:\Windows\system32\DRIVERS\dne2000.sys
12:07:00.0646 6048  DNE - ok
12:07:00.0677 6048  [ EECBA1DD142BF8693C476BE8F32FE253 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
12:07:00.0743 6048  Dnscache - ok
12:07:00.0778 6048  [ 1F795D214820E496BF1124434A6DB546 ] dot3svc         C:\Windows\System32\dot3svc.dll
12:07:00.0933 6048  dot3svc - ok
12:07:00.0997 6048  [ 57B2D433A08B95E4F1B53A919937F3E5 ] Dot4            C:\Windows\system32\DRIVERS\Dot4.sys
12:07:01.0038 6048  Dot4 - ok
12:07:01.0081 6048  [ D93FA484BB62FBE7E5EF335C5415D3CF ] Dot4Print       C:\Windows\system32\DRIVERS\Dot4Prt.sys
12:07:01.0105 6048  Dot4Print - ok
12:07:01.0151 6048  [ 599742C4260FB3E8EDB3BE148B8CE856 ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys
12:07:01.0189 6048  dot4usb - ok
12:07:01.0246 6048  [ 032C90AD677BF7B7A8013D6087C7A921 ] DPS             C:\Windows\system32\dps.dll
12:07:01.0248 6048  DPS - ok
12:07:01.0281 6048  [ EE472CD2C01F6F8E8AA1FA06FFEF61B6 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
12:07:01.0299 6048  drmkaud - ok
12:07:01.0351 6048  [ 334988883DE69ADB27E2CF9F9715BBDB ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
12:07:01.0398 6048  DXGKrnl - ok
12:07:01.0445 6048  [ F88FB26547FD2CE6D0A5AF2985892C48 ] E1G60           C:\Windows\system32\DRIVERS\E1G60I32.sys
12:07:01.0481 6048  E1G60 - ok
12:07:01.0526 6048  [ 90A0A875642E18618010645311B4E89E ] EapHost         C:\Windows\System32\eapsvc.dll
12:07:01.0578 6048  EapHost - ok
12:07:01.0620 6048  [ 0EFC7531B936EE57FDB4E837664C509F ] Ecache          C:\Windows\system32\drivers\ecache.sys
12:07:01.0624 6048  Ecache - ok
12:07:01.0709 6048  [ F54907AA07F60AFF81E1E09E97AF98B0 ] eDataSecurity Service C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
12:07:01.0857 6048  eDataSecurity Service - ok
12:07:01.0910 6048  [ B4580122B0A7B263B6EE9ACBA69C8013 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
12:07:01.0918 6048  ehRecvr - ok
12:07:01.0941 6048  [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched         C:\Windows\ehome\ehsched.exe
12:07:01.0944 6048  ehSched - ok
12:07:01.0982 6048  [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart         C:\Windows\ehome\ehstart.dll
12:07:01.0983 6048  ehstart - ok
12:07:02.0031 6048  [ C61C83501268B0110B5C5DB7E63DEE0C ] ElbyCDFL        C:\Windows\system32\Drivers\ElbyCDFL.sys
12:07:02.0081 6048  ElbyCDFL - ok
12:07:02.0152 6048  [ D71233D7CCC2E64F8715A20428D5A33B ] ElbyCDIO        C:\Windows\system32\Drivers\ElbyCDIO.sys
12:07:02.0154 6048  ElbyCDIO - ok
12:07:02.0226 6048  [ A7B5F3B9363F9AB1D4FE459BAF3B15D6 ] eLockService    C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
12:07:02.0282 6048  eLockService - ok
12:07:02.0329 6048  [ E8F3F21A71720C84BCF423B80028359F ] elxstor         C:\Windows\system32\drivers\elxstor.sys
12:07:02.0336 6048  elxstor - ok
12:07:02.0394 6048  [ 3226FDA08988526E819E364E8CCE4CEE ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
12:07:02.0454 6048  EMDMgmt - ok
12:07:02.0487 6048  [ 207E2DDA01AAC6AD64F0368CA59FC179 ] eNet Service    C:\Acer\Empowering Technology\eNet\eNet Service.exe
12:07:02.0568 6048  eNet Service - ok
12:07:02.0664 6048  [ A7B084BFBBD582A843D2F5C35220F962 ] eRecoveryService C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
12:07:02.0700 6048  eRecoveryService - ok
12:07:02.0756 6048  [ 06484E97D22F06DE8DE0F8E2BEC6FA9E ] eSettingsService C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
12:07:02.0807 6048  eSettingsService - ok
12:07:02.0874 6048  [ 7B4971C3D43525175A4EA0D143E0412E ] EventSystem     C:\Windows\system32\es.dll
12:07:02.0881 6048  EventSystem - ok
12:07:02.0920 6048  [ 84A317CB0B3954D3768CDCD018DBF670 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
12:07:02.0953 6048  fastfat - ok
12:07:02.0982 6048  [ 63BDADA84951B9C03E641800E176898A ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
12:07:03.0024 6048  fdc - ok
12:07:03.0064 6048  [ E43BCE1A77D6FD4ED5F8E0482B9E7DF1 ] fdPHost         C:\Windows\system32\fdPHost.dll
12:07:03.0091 6048  fdPHost - ok
12:07:03.0111 6048  [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub        C:\Windows\system32\fdrespub.dll
12:07:03.0136 6048  FDResPub - ok
12:07:03.0178 6048  [ 65773D6115C037FFD7EF8280AE85EB9D ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
12:07:03.0183 6048  FileInfo - ok
12:07:03.0206 6048  [ C226DD0DE060745F3E042F58DCF78402 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
12:07:03.0233 6048  Filetrace - ok
12:07:03.0253 6048  [ 6603957EFF5EC62D25075EA8AC27DE68 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
12:07:03.0300 6048  flpydisk - ok
12:07:03.0313 6048  [ A6A8DA7AE4D53394AB22AC3AB6D3F5D3 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
12:07:03.0317 6048  FltMgr - ok
12:07:03.0381 6048  [ C9BE08664611DDAF98E2331E9288B00B ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
12:07:03.0383 6048  FontCache3.0.0.0 - ok
12:07:03.0448 6048  [ 790A4CA68F44BE35967B3DF61F3E4675 ] FsUsbExDisk     C:\Windows\system32\FsUsbExDisk.SYS
12:07:03.0487 6048  FsUsbExDisk - ok
12:07:03.0569 6048  [ FA8CA15A7013260D70D493CC9926E16A ] FsUsbExService  C:\Windows\system32\FsUsbExService.Exe
12:07:03.0576 6048  FsUsbExService - ok
12:07:03.0590 6048  [ 66A078591208BAA210C7634B11EB392C ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
12:07:03.0614 6048  Fs_Rec - ok
12:07:03.0640 6048  [ 4E1CD0A45C50A8882616CAE5BF82F3C5 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
12:07:03.0642 6048  gagp30kx - ok
12:07:03.0708 6048  [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM     C:\Windows\system32\Drivers\GEARAspiWDM.sys
12:07:03.0710 6048  GEARAspiWDM - ok
12:07:03.0756 6048  [ BCF6589C42D8F6A20F33EF133FFE0524 ] gpsvc           C:\Windows\System32\gpsvc.dll
12:07:03.0878 6048  gpsvc - ok
12:07:03.0937 6048  [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
12:07:03.0978 6048  HdAudAddService - ok
12:07:04.0000 6048  [ 0DB613A7E427B5663563677796FD5258 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
12:07:04.0035 6048  HDAudBus - ok
12:07:04.0060 6048  [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
12:07:04.0085 6048  HidBth - ok
12:07:04.0116 6048  [ F24393C44FDFE2E5E9F416FD3BDF98E2 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
12:07:04.0140 6048  HidIr - ok
12:07:04.0159 6048  [ 8FA640195279ACE21BEA91396A0054FC ] hidserv         C:\Windows\System32\hidserv.dll
12:07:04.0212 6048  hidserv - ok
12:07:04.0238 6048  [ 01E7971E9F4BD6AC6A08DB52D0EA0418 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
12:07:04.0277 6048  HidUsb - ok
12:07:04.0321 6048  [ D40AA05E29BF6ED29B139F044B461E9B ] hkmsvc          C:\Windows\system32\kmsvc.dll
12:07:04.0355 6048  hkmsvc - ok
12:07:04.0490 6048  [ 53DCA61931847E35C950504BFB7559C6 ] HP LaserJet Service C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe
12:07:04.0555 6048  HP LaserJet Service - ok
12:07:04.0600 6048  [ DF353B401001246853763C4B7AAA6F50 ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
12:07:04.0602 6048  HpCISSs - ok
12:07:04.0724 6048  [ CE0FCEC4D4D860F36D972759B11EAF0F ] hpqcxs08        C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
12:07:04.0847 6048  hpqcxs08 - ok
12:07:04.0919 6048  [ 7DA3211AC63EDD90B8ECA1CA1ABFD43B ] hpqddsvc        C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
12:07:05.0007 6048  hpqddsvc - ok
12:07:05.0074 6048  [ 94D23D4F096F12CA42C2FE4196631F46 ] HPSIService     C:\Windows\system32\HPSIsvc.exe
12:07:05.0156 6048  HPSIService - ok
12:07:05.0215 6048  [ 14229263AA19C704E0D6D2E7404A8455 ] HPSLPSVC        C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL
12:07:05.0234 6048  HPSLPSVC - ok
12:07:05.0298 6048  [ EA24FE637D974A8A31BC650F478E3533 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
12:07:05.0403 6048  HTTP - ok
12:07:05.0448 6048  [ 324C2152FF2C61ABAE92D09F3CCA4D63 ] i2omp           C:\Windows\system32\drivers\i2omp.sys
12:07:05.0450 6048  i2omp - ok
12:07:05.0509 6048  [ 1C9EE072BAA3ABB460B91D7EE9152660 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
12:07:05.0543 6048  i8042prt - ok
12:07:05.0594 6048  [ 271A5CA508B8172C050D726B217E9B99 ] IAANTMON        C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
12:07:05.0603 6048  IAANTMON - ok
12:07:05.0637 6048  [ 997E8F5939F2D12CD9F2E6B395724C16 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
12:07:05.0640 6048  iaStor - ok
12:07:05.0674 6048  [ C957BF4B5D80B46C5017BF0101E6C906 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
12:07:05.0680 6048  iaStorV - ok
12:07:05.0761 6048  [ 7B630ACAED64FEF0C3E1CF255CB56686 ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
12:07:05.0790 6048  idsvc - ok
12:07:05.0869 6048  [ A03B37DBC601C35DE9591B6AA1A20C22 ] igfx            C:\Windows\system32\DRIVERS\igdkmd32.sys
12:07:05.0984 6048  igfx - ok
12:07:06.0008 6048  [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
12:07:06.0010 6048  iirsp - ok
12:07:06.0054 6048  [ 35662FE4D8622F667AA5A5568F7F1B40 ] IKEEXT          C:\Windows\System32\ikeext.dll
12:07:06.0127 6048  IKEEXT - ok
12:07:06.0177 6048  [ 9D64201C9E5AC8D1F088762BA00FF3AB ] int15           C:\Acer\Empowering Technology\eRecovery\int15.sys
12:07:06.0181 6048  int15 - ok
12:07:06.0294 6048  [ 9438FE15DA89C6AACE8A79DB2C6F60C1 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
12:07:06.0350 6048  IntcAzAudAddService - ok
12:07:06.0386 6048  [ 988981C840084F480BA9E3319CEBDE1B ] intelide        C:\Windows\system32\drivers\intelide.sys
12:07:06.0387 6048  intelide - ok
12:07:06.0431 6048  [ CE44CC04262F28216DD4341E9E36A16F ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
12:07:06.0466 6048  intelppm - ok
12:07:06.0487 6048  [ 88CF5281ED9880D74DC9011CF8B5262D ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
12:07:06.0517 6048  IPBusEnum - ok
12:07:06.0539 6048  [ 880C6F86CC3F551B8FEA2C11141268C0 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:07:06.0576 6048  IpFilterDriver - ok
12:07:06.0656 6048  [ ECC9AD72CFC4AB41CF6A9BCC11F9FEF6 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
12:07:06.0705 6048  iphlpsvc - ok
12:07:06.0713 6048  IpInIp - ok
12:07:06.0734 6048  [ 40F34F8ABA2A015D780E4B09138B6C17 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
12:07:06.0784 6048  IPMIDRV - ok
12:07:06.0813 6048  [ 10077C35845101548037DF04FD1A420B ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
12:07:06.0859 6048  IPNAT - ok
12:07:06.0919 6048  [ DCB3796E0169419618C72F0CE34C68ED ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
12:07:06.0952 6048  iPod Service - ok
12:07:06.0974 6048  [ A82F328F4792304184642D6D397BB1E3 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
12:07:06.0997 6048  IRENUM - ok
12:07:07.0011 6048  [ 350FCA7E73CF65BCEF43FAE1E4E91293 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
12:07:07.0013 6048  isapnp - ok
12:07:07.0043 6048  [ 4DCA456D4D5723F8FA9C6760D240B0DF ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
12:07:07.0048 6048  iScsiPrt - ok
12:07:07.0067 6048  [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
12:07:07.0069 6048  iteatapi - ok
12:07:07.0107 6048  [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid         C:\Windows\system32\drivers\iteraid.sys
12:07:07.0109 6048  iteraid - ok
12:07:07.0148 6048  [ B076B2AB806B3F696DAB21375389101C ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
12:07:07.0150 6048  kbdclass - ok
12:07:07.0186 6048  [ ED61DBC6603F612B7338283EDBACBC4B ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
12:07:07.0211 6048  kbdhid - ok
12:07:07.0243 6048  [ C731B1FE449D4E9CEA358C9D55B69BE9 ] KeyIso          C:\Windows\system32\lsass.exe
12:07:07.0300 6048  KeyIso - ok
12:07:07.0352 6048  [ 0A829977B078DEA11641FC2AF87CEADE ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
12:07:07.0361 6048  KSecDD - ok
12:07:07.0424 6048  [ 45C537FE5DDE9A0146AEFF76E615737D ] KtmRm           C:\Windows\system32\msdtckrm.dll
12:07:07.0545 6048  KtmRm - ok
12:07:07.0581 6048  [ 53D1482FC1AA36AC015A85E6CF2146BD ] LanmanServer    C:\Windows\System32\srvsvc.dll
12:07:07.0613 6048  LanmanServer - ok
12:07:07.0673 6048  [ 435F0F6DC87A4B5DA78F1FA309884189 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:07:07.0713 6048  LanmanWorkstation - ok
12:07:07.0744 6048  LBTServ - ok
12:07:07.0813 6048  [ 793FF718477345CD5D232C50BED1E452 ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
12:07:07.0815 6048  LightScribeService - ok
12:07:07.0844 6048  [ FD015B4F95DAA2B712F0E372A116FBAD ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
12:07:07.0877 6048  lltdio - ok
12:07:07.0912 6048  [ 7450DBCF754391DD6363FFFD5EF0E789 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
12:07:07.0950 6048  lltdsvc - ok
12:07:07.0968 6048  [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts         C:\Windows\System32\lmhsvc.dll
12:07:07.0993 6048  lmhosts - ok
12:07:08.0024 6048  [ A2262FB9F28935E862B4DB46438C80D2 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
12:07:08.0027 6048  LSI_FC - ok
12:07:08.0053 6048  [ 30D73327D390F72A62F32C103DAF1D6D ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
12:07:08.0056 6048  LSI_SAS - ok
12:07:08.0078 6048  [ E1E36FEFD45849A95F1AB81DE0159FE3 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
12:07:08.0081 6048  LSI_SCSI - ok
12:07:08.0106 6048  [ 42885BB44B6E065B8575A8DD6C430C52 ] luafv           C:\Windows\system32\drivers\luafv.sys
12:07:08.0146 6048  luafv - ok
12:07:08.0183 6048  [ E93C1AD58E88A0846EAEE10671C2A8F3 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
12:07:08.0216 6048  Mcx2Svc - ok
12:07:08.0379 6048  [ 7CF1B716372B89568AE4C0FE769F5869 ] MDM             C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
12:07:08.0387 6048  MDM - ok
12:07:08.0422 6048  [ D153B14FC6598EAE8422A2037553ADCE ] megasas         C:\Windows\system32\drivers\megasas.sys
12:07:08.0424 6048  megasas - ok
12:07:08.0451 6048  [ 9DFA3A459AF0954AA85B4F7622AD87BB ] MMCSS           C:\Windows\system32\mmcss.dll
12:07:08.0478 6048  MMCSS - ok
12:07:08.0512 6048  MobilityService - ok
12:07:08.0526 6048  [ 21755967298A46FB6ADFEC9DB6012211 ] Modem           C:\Windows\system32\drivers\modem.sys
12:07:08.0576 6048  Modem - ok
12:07:08.0617 6048  [ 7446E104A5FE5987CA9E4983FBAC4F97 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
12:07:08.0647 6048  monitor - ok
12:07:08.0686 6048  [ 5FBA13C1A1841B0885D316ED3589489D ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
12:07:08.0688 6048  mouclass - ok
12:07:08.0731 6048  [ B569B5C5D3BDE545DF3A6AF512CCCDBA ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
12:07:08.0753 6048  mouhid - ok
12:07:08.0768 6048  [ 01F1E5A3E4877C931CBB31613FEC16A6 ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
12:07:08.0770 6048  MountMgr - ok
12:07:08.0864 6048  [ 5E0686615A80A6279B2314E13CD23F6E ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
12:07:08.0868 6048  MozillaMaintenance - ok
12:07:08.0931 6048  [ E77DC03DD3C8E5A388BF9EED2A28F3D1 ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
12:07:08.0937 6048  MpFilter - ok
12:07:08.0959 6048  [ 583A41F26278D9E0EA548163D6139397 ] mpio            C:\Windows\system32\drivers\mpio.sys
12:07:08.0962 6048  mpio - ok
12:07:08.0986 6048  [ 6E7A7F0C1193EE5648443FE2D4B789EC ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
12:07:09.0007 6048  mpsdrv - ok
12:07:09.0034 6048  [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
12:07:09.0036 6048  Mraid35x - ok
12:07:09.0086 6048  [ 1D8828B98EE309D65E006F0829E280E5 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
12:07:09.0114 6048  MRxDAV - ok
12:07:09.0157 6048  [ 8AF705CE1BB907932157FAB821170F27 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
12:07:09.0214 6048  mrxsmb - ok
12:07:09.0251 6048  [ 47E13AB23371BE3279EEF22BBFA2C1BE ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:07:09.0284 6048  mrxsmb10 - ok
12:07:09.0300 6048  [ 90B3FC7BD6B3D7EE7635DEBBA2187F66 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:07:09.0338 6048  mrxsmb20 - ok
12:07:09.0360 6048  [ 742AED7939E734C36B7E8D6228CE26B7 ] msahci          C:\Windows\system32\drivers\msahci.sys
12:07:09.0362 6048  msahci - ok
12:07:09.0381 6048  [ 3FC82A2AE4CC149165A94699183D3028 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
12:07:09.0383 6048  msdsm - ok
12:07:09.0413 6048  [ BC64A92D821EFEA8BAB8E8CAF1B668BC ] MSDTC           C:\Windows\System32\msdtc.exe
12:07:09.0451 6048  MSDTC - ok
12:07:09.0477 6048  [ 729EAFEFD4E7417165F353A18DBE947D ] Msfs            C:\Windows\system32\drivers\Msfs.sys
12:07:09.0504 6048  Msfs - ok
12:07:09.0534 6048  [ 5F454A16A5146CD91A176D70F0CFA3EC ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
12:07:09.0535 6048  msisadrv - ok
12:07:09.0571 6048  [ 8ACF956D9154E893E789881430C12632 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
12:07:09.0600 6048  MSiSCSI - ok
12:07:09.0611 6048  msiserver - ok
12:07:09.0629 6048  [ 892CEDEFA7E0FFE7BE8DA651B651D047 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
12:07:09.0665 6048  MSKSSRV - ok
12:07:09.0764 6048  [ B0F49DA36F30922F5DDC3B623B778FCE ] MsMpSvc         C:\Program Files\Microsoft Security Client\MsMpEng.exe
12:07:09.0766 6048  MsMpSvc - ok
12:07:09.0797 6048  [ AE2CB1DA69B2676B4CEE2A501AF5871C ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
12:07:09.0815 6048  MSPCLOCK - ok
12:07:09.0836 6048  [ F910DA84FA90C44A3ADDB7CD874463FD ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
12:07:09.0857 6048  MSPQM - ok
12:07:09.0891 6048  [ 84571C0AE07647BA38D493F5F0015DF7 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
12:07:09.0895 6048  MsRPC - ok
12:07:09.0915 6048  [ 4385C80EDE885E25492D408CAD91BD6F ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
12:07:09.0918 6048  mssmbios - ok
12:07:09.0968 6048  [ D79C9C58BA624AF195A54BA2B8244FB3 ] MSTAPE          C:\Windows\system32\DRIVERS\mstape.sys
12:07:09.0992 6048  MSTAPE - ok
12:07:10.0015 6048  [ C826DD1373F38AFD9CA46EC3C436A14E ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
12:07:10.0034 6048  MSTEE - ok
12:07:10.0056 6048  [ FA7AA70050CF5E2D15DE00941E5665E5 ] Mup             C:\Windows\system32\Drivers\mup.sys
12:07:10.0059 6048  Mup - ok
12:07:10.0121 6048  [ B9DF137953A5280EDDBD4A705CA093A2 ] mvusbews        C:\Windows\system32\Drivers\mvusbews.sys
12:07:10.0147 6048  mvusbews - ok
12:07:10.0198 6048  [ 1CDBB5D002FE2BC5300AA20550D8A52E ] napagent        C:\Windows\system32\qagentRT.dll
12:07:10.0204 6048  napagent - ok
12:07:10.0270 6048  [ 6DA4A0FC7C0E83DF0CB3CFD0A514C3BC ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
12:07:10.0296 6048  NativeWifiP - ok
12:07:10.0326 6048  [ 227C11E1E7CF6EF8AFB2A238D209760C ] NDIS            C:\Windows\system32\drivers\ndis.sys
12:07:10.0337 6048  NDIS - ok
12:07:10.0384 6048  [ 81659CDCBD0F9A9E07E6878AD8C78D3F ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
12:07:10.0411 6048  NdisTapi - ok
12:07:10.0443 6048  [ 5DE5EE546BF40838EBE0E01CB629DF64 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
12:07:10.0481 6048  Ndisuio - ok
12:07:10.0511 6048  [ 397402ADCBB8946223A1950101F6CD94 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
12:07:10.0534 6048  NdisWan - ok
12:07:10.0585 6048  [ 1B24FA907AF283199A81B3BB37E5E526 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
12:07:10.0637 6048  NDProxy - ok
12:07:10.0700 6048  [ 2969D26EEE289BE7422AA46FC55F4E38 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
12:07:10.0753 6048  Net Driver HPZ12 - ok
12:07:10.0780 6048  [ 356DBB9F98E8DC1028DD3092FCEEB877 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
12:07:10.0831 6048  NetBIOS - ok
12:07:10.0871 6048  [ E3A168912E7EEFC3BD3B814720D68B41 ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
12:07:10.0945 6048  netbt - ok
12:07:10.0975 6048  [ C731B1FE449D4E9CEA358C9D55B69BE9 ] Netlogon        C:\Windows\system32\lsass.exe
12:07:10.0977 6048  Netlogon - ok
12:07:11.0019 6048  [ 90A4DAE28B94497F83BEA0F2A3B77092 ] Netman          C:\Windows\System32\netman.dll
12:07:11.0089 6048  Netman - ok
12:07:11.0122 6048  [ 7C5C3D9CEEE838856B828AB6F98A2857 ] netprofm        C:\Windows\System32\netprofm.dll
12:07:11.0166 6048  netprofm - ok
12:07:11.0232 6048  [ C64E8EF4C6322B09B6EE570A8BA41E26 ] netr28u         C:\Windows\system32\DRIVERS\netr28u.sys
12:07:11.0283 6048  netr28u - ok
12:07:11.0335 6048  [ 0AD5876EF4E9EB77C8F93EB5B2FFF386 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
12:07:11.0339 6048  NetTcpPortSharing - ok
12:07:11.0364 6048  [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
12:07:11.0366 6048  nfrd960 - ok
12:07:11.0404 6048  [ C424117A562F2DE37A42266894C79AEB ] NlaSvc          C:\Windows\System32\nlasvc.dll
12:07:11.0410 6048  NlaSvc - ok
12:07:11.0474 6048  [ 8608F696D4A60A3EA64B8168AE36BD00 ] NOWMEMDF        C:\Windows\system32\NOWMEMDF.sys
12:07:11.0500 6048  NOWMEMDF - ok
12:07:11.0538 6048  [ 4F9832BEB9FAFD8CEB0E541F1323B26E ] Npfs            C:\Windows\system32\drivers\Npfs.sys
12:07:11.0570 6048  Npfs - ok
12:07:11.0590 6048  [ 23B8201A363DE0E649FC75EE9874DEE2 ] nsi             C:\Windows\system32\nsisvc.dll
12:07:11.0616 6048  nsi - ok
12:07:11.0633 6048  [ B488DFEC274DE1FC9D653870EF2587BE ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
12:07:11.0682 6048  nsiproxy - ok
12:07:11.0756 6048  [ 37430AA7A66D7A63407ADC2C0D05E9F6 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
12:07:11.0787 6048  Ntfs - ok
12:07:11.0798 6048  [ 7F1C1F78D709C4A54CBB46EDE7E0B48D ] NTIDrvr         C:\Windows\system32\DRIVERS\NTIDrvr.sys
12:07:11.0827 6048  NTIDrvr - ok
12:07:11.0847 6048  [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi       C:\Windows\system32\drivers\ntrigdigi.sys
12:07:11.0872 6048  ntrigdigi - ok
12:07:11.0926 6048  [ CF7E041663119E09D2E118521ADA9300 ] NuidFltr        C:\Windows\system32\DRIVERS\NuidFltr.sys
12:07:11.0927 6048  NuidFltr - ok
12:07:11.0936 6048  [ EC5EFB3C60F1B624648344A328BCE596 ] Null            C:\Windows\system32\drivers\Null.sys
12:07:11.0967 6048  Null - ok
12:07:11.0992 6048  [ E69E946F80C1C31C53003BFBF50CBB7C ] nvraid          C:\Windows\system32\drivers\nvraid.sys
12:07:11.0995 6048  nvraid - ok
12:07:12.0016 6048  [ 9E0BA19A28C498A6D323D065DB76DFFC ] nvstor          C:\Windows\system32\drivers\nvstor.sys
12:07:12.0018 6048  nvstor - ok
12:07:12.0040 6048  [ 07C186427EB8FCC3D8D7927187F260F7 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
12:07:12.0044 6048  nv_agp - ok
12:07:12.0052 6048  NwlnkFlt - ok
12:07:12.0064 6048  NwlnkFwd - ok
12:07:12.0194 6048  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
12:07:12.0204 6048  odserv - ok
12:07:12.0253 6048  [ BE32DA025A0BE1878F0EE8D6D9386CD5 ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
12:07:12.0284 6048  ohci1394 - ok
12:07:12.0344 6048  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:07:12.0348 6048  ose - ok
12:07:12.0413 6048  [ 016D01D3B8FB976A193C7434BED8DCCF ] p2pimsvc        C:\Windows\system32\p2psvc.dll
12:07:12.0473 6048  p2pimsvc - ok
12:07:12.0493 6048  [ 016D01D3B8FB976A193C7434BED8DCCF ] p2psvc          C:\Windows\system32\p2psvc.dll
12:07:12.0502 6048  p2psvc - ok
12:07:12.0532 6048  [ 0FA9B5055484649D63C303FE404E5F4D ] Parport         C:\Windows\system32\drivers\parport.sys
12:07:12.0588 6048  Parport - ok
12:07:12.0620 6048  [ 555A5B2C8022983BC7467BC925B222EE ] partmgr         C:\Windows\system32\drivers\partmgr.sys
12:07:12.0622 6048  partmgr - ok
12:07:12.0647 6048  [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm          C:\Windows\system32\drivers\parvdm.sys
12:07:12.0680 6048  Parvdm - ok
12:07:12.0715 6048  [ D8C5C215C932233A4F1D7F368F4E4E65 ] PcaSvc          C:\Windows\System32\pcasvc.dll
12:07:12.0761 6048  PcaSvc - ok
12:07:12.0789 6048  [ 1085D75657807E0E8B32F9E19A1647C3 ] pci             C:\Windows\system32\drivers\pci.sys
12:07:12.0793 6048  pci - ok
12:07:12.0818 6048  [ 3B1901E401473E03EB8C874271E50C26 ] pciide          C:\Windows\system32\drivers\pciide.sys
12:07:12.0819 6048  pciide - ok
12:07:12.0843 6048  [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
12:07:12.0847 6048  pcmcia - ok
12:07:12.0903 6048  [ 5B68C60B01DAC03D895EC1CA0A0365DA ] pcouffin        C:\Windows\system32\Drivers\pcouffin.sys
12:07:12.0938 6048  pcouffin - ok
12:07:13.0000 6048  [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
12:07:13.0084 6048  PEAUTH - ok
12:07:13.0175 6048  [ CD05A38D166BEADE18030BAFC0C0A939 ] pla             C:\Windows\system32\pla.dll
12:07:13.0294 6048  pla - ok
12:07:13.0338 6048  [ 747BB4C31F3B6E8D1B5ED0AD61518CB5 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
12:07:13.0347 6048  PlugPlay - ok
12:07:13.0390 6048  [ BAFC9706BDF425A02B66468AB2605C59 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
12:07:13.0423 6048  Pml Driver HPZ12 - ok
12:07:13.0457 6048  [ 016D01D3B8FB976A193C7434BED8DCCF ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
12:07:13.0466 6048  PNRPAutoReg - ok
12:07:13.0501 6048  [ 016D01D3B8FB976A193C7434BED8DCCF ] PNRPsvc         C:\Windows\system32\p2psvc.dll
12:07:13.0509 6048  PNRPsvc - ok
12:07:13.0570 6048  [ 5EBDEC613BD377CE9A85382BE5C6B83B ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
12:07:13.0631 6048  PolicyAgent - ok
12:07:13.0676 6048  [ C04DEC5ACE67C5247B150C4223970BB7 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
12:07:13.0716 6048  PptpMiniport - ok
12:07:13.0761 6048  [ 0E3CEF5D28B40CF273281D620C50700A ] Processor       C:\Windows\system32\drivers\processr.sys
12:07:13.0793 6048  Processor - ok
12:07:13.0833 6048  [ 213112E152E68F0E4705E36F052A2880 ] ProfSvc         C:\Windows\system32\profsvc.dll
12:07:13.0911 6048  ProfSvc - ok
12:07:13.0941 6048  [ C731B1FE449D4E9CEA358C9D55B69BE9 ] ProtectedStorage C:\Windows\system32\lsass.exe
12:07:13.0943 6048  ProtectedStorage - ok
12:07:14.0000 6048  [ 2C8BAE55247C4E09352E870292E4D1AB ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
12:07:14.0001 6048  PSched - ok
12:07:14.0022 6048  [ E801D5CC24E1CF18FA87D24D7074B876 ] PSDFilter       C:\Windows\system32\DRIVERS\psdfilter.sys
12:07:14.0052 6048  PSDFilter - ok
12:07:14.0060 6048  [ 24B5E3429F7F0E779FC2E6E36A0A5F73 ] PSDNServ        C:\Windows\system32\drivers\PSDNServ.sys
12:07:14.0096 6048  PSDNServ - ok
12:07:14.0123 6048  [ 01CBFD08C0E8A6106BB26FCDA297154E ] psdvdisk        C:\Windows\system32\drivers\psdvdisk.sys
12:07:14.0204 6048  psdvdisk - ok
12:07:14.0240 6048  [ D86B4A68565E444D76457F14172C875A ] PxHelp20        C:\Windows\system32\Drivers\PxHelp20.sys
12:07:14.0241 6048  PxHelp20 - ok
12:07:14.0304 6048  [ CCDAC889326317792480C0A67156A1EC ] ql2300          C:\Windows\system32\drivers\ql2300.sys
12:07:14.0334 6048  ql2300 - ok
12:07:14.0360 6048  [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
12:07:14.0364 6048  ql40xx - ok
12:07:14.0413 6048  [ CA61BDFD3713A7CE75F2812AFC431594 ] QWAVE           C:\Windows\system32\qwave.dll
12:07:14.0550 6048  QWAVE - ok
12:07:14.0605 6048  [ D2B3E2B7426DC23E185FBC73C8936C12 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
12:07:14.0634 6048  QWAVEdrv - ok
12:07:14.0660 6048  [ BD7B30F55B3649506DD8B3D38F571D2A ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
12:07:14.0701 6048  RasAcd - ok
12:07:14.0718 6048  [ F14F4AAB9F54D099FE99192BDB100AC9 ] RasAuto         C:\Windows\System32\rasauto.dll
12:07:14.0748 6048  RasAuto - ok
12:07:14.0769 6048  [ 68B0019FEE429EC49D29017AF937E482 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
12:07:14.0808 6048  Rasl2tp - ok
12:07:14.0837 6048  [ 11D65E29BC9D1E4114D18FE68194394C ] RasMan          C:\Windows\System32\rasmans.dll
12:07:14.0928 6048  RasMan - ok
12:07:14.0946 6048  [ CCF4E9C6CBBAC81437F88CB2AE0B6C96 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
12:07:14.0974 6048  RasPppoe - ok
12:07:15.0009 6048  [ 54129C5D9581BBEC8BD1EBD3BA813F47 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
12:07:15.0086 6048  rdbss - ok
12:07:15.0100 6048  [ 794585276B5D7FCA9F3FC15543F9F0B9 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
12:07:15.0118 6048  RDPCDD - ok
12:07:15.0156 6048  [ E8BD98D46F2ED77132BA927FCCB47D8B ] rdpdr           C:\Windows\system32\drivers\rdpdr.sys
12:07:15.0163 6048  rdpdr - ok
12:07:15.0176 6048  [ 980B56E2E273E19D3A9D72D5C420F008 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
12:07:15.0196 6048  RDPENCDD - ok
12:07:15.0229 6048  [ 8830E790A74A96605FABA74F9665BB3C ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
12:07:15.0284 6048  RDPWD - ok
12:07:15.0318 6048  [ 6C1A43C589EE8011A1EBFD51C01B77CE ] RemoteAccess    C:\Windows\System32\mprdim.dll
12:07:15.0417 6048  RemoteAccess - ok
12:07:15.0464 6048  [ 9A043808667C8C1893DA7275AF373F0E ] RemoteRegistry  C:\Windows\system32\regsvc.dll
12:07:15.0495 6048  RemoteRegistry - ok
12:07:15.0542 6048  [ 7EC90C316177BA3F1BCE92005264B447 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
12:07:15.0574 6048  RFCOMM - ok
12:07:15.0699 6048  [ 4D05898896EC49CF663DDA61041AB096 ] RichVideo       C:\Program Files\CyberLink\Shared Files\RichVideo.exe
12:07:15.0706 6048  RichVideo - ok
12:07:15.0742 6048  [ 355AAC141B214BEF1DBC1483AFD9BD50 ] rimmptsk        C:\Windows\system32\DRIVERS\rimmptsk.sys
12:07:15.0774 6048  rimmptsk - ok
12:07:15.0795 6048  [ A4216C71DD4F60B26418CCFD99CD0815 ] rimsptsk        C:\Windows\system32\DRIVERS\rimsptsk.sys
12:07:15.0831 6048  rimsptsk - ok
12:07:15.0843 6048  [ D231B577024AA324AF13A42F3A807D10 ] rismxdp         C:\Windows\system32\DRIVERS\rixdptsk.sys
12:07:15.0876 6048  rismxdp - ok
12:07:15.0910 6048  [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator      C:\Windows\system32\locator.exe
12:07:15.0945 6048  RpcLocator - ok
12:07:15.0978 6048  [ 7B981222A257D076885BFFB66F19B7CE ] RpcSs           C:\Windows\system32\rpcss.dll
12:07:15.0986 6048  RpcSs - ok
12:07:16.0029 6048  [ 97E939D2128FEC5D5A3E6E79B290A2F4 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
12:07:16.0067 6048  rspndr - ok
12:07:16.0085 6048  [ C731B1FE449D4E9CEA358C9D55B69BE9 ] SamSs           C:\Windows\system32\lsass.exe
12:07:16.0087 6048  SamSs - ok
12:07:16.0110 6048  [ 3CE8F073A557E172B330109436984E30 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
12:07:16.0112 6048  sbp2port - ok
12:07:16.0188 6048  [ A0C00A6265949AC72AB51B711743CA6D ] SBSDWSCService  C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
12:07:16.0222 6048  SBSDWSCService - ok
12:07:16.0273 6048  [ 565B4B9E5AD2F2F18A4F8AAFA6C06BBB ] SCardSvr        C:\Windows\System32\SCardSvr.dll
12:07:16.0305 6048  SCardSvr - ok
12:07:16.0382 6048  [ 886CEC884B5BE29AB9828B8AB46B11F7 ] Schedule        C:\Windows\system32\schedsvc.dll
12:07:16.0403 6048  Schedule - ok
12:07:16.0421 6048  [ 0600E04315FE543802A379D5D23C8BE0 ] SCPolicySvc     C:\Windows\System32\certprop.dll
12:07:16.0423 6048  SCPolicySvc - ok
12:07:16.0433 6048  [ BCCA63A3D143938273A3158757389DC7 ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
12:07:16.0468 6048  sdbus - ok
12:07:16.0482 6048  [ F7B6BF02240D0A764ADF8C8966735552 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
12:07:16.0519 6048  SDRSVC - ok
12:07:16.0556 6048  [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
12:07:16.0583 6048  secdrv - ok
12:07:16.0596 6048  [ 8388C4133DDBE62AD7BC3EC9F14271ED ] seclogon        C:\Windows\system32\seclogon.dll
12:07:16.0625 6048  seclogon - ok
12:07:16.0641 6048  [ 34350AE2C1D33D21C7305F861BD8DAD8 ] SENS            C:\Windows\system32\sens.dll
12:07:16.0667 6048  SENS - ok
12:07:16.0692 6048  [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum         C:\Windows\system32\drivers\serenum.sys
12:07:16.0719 6048  Serenum - ok
12:07:16.0740 6048  [ C70D69A918B178D3C3B06339B40C2E1B ] Serial          C:\Windows\system32\drivers\serial.sys
12:07:16.0743 6048  Serial - ok
12:07:16.0780 6048  [ 450ACCD77EC5CEA720C1CDB9E26B953B ] sermouse        C:\Windows\system32\drivers\sermouse.sys
12:07:16.0819 6048  sermouse - ok
12:07:16.0866 6048  [ 78878235DA4DF0D116E86837A0A21DF8 ] SessionEnv      C:\Windows\system32\sessenv.dll
12:07:16.0895 6048  SessionEnv - ok
12:07:16.0939 6048  [ 5381BDDF337DC4D4DDF6AA4304462FD4 ] sffdisk         C:\Windows\system32\DRIVERS\sffdisk.sys
12:07:16.0962 6048  sffdisk - ok
12:07:16.0980 6048  [ 8FD08A310645FE872EEEC6E08C6BF3EE ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
12:07:17.0001 6048  sffp_mmc - ok
12:07:17.0050 6048  [ 2883E7A2C362DEB7BE5F43DBDD470BD5 ] sffp_sd         C:\Windows\system32\DRIVERS\sffp_sd.sys
12:07:17.0071 6048  sffp_sd - ok
12:07:17.0099 6048  [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
12:07:17.0118 6048  sfloppy - ok
12:07:17.0164 6048  [ 9A82BF4C90B00A63150A606A1E2FD82B ] SharedAccess    C:\Windows\System32\ipnathlp.dll
12:07:17.0282 6048  SharedAccess - ok
12:07:17.0311 6048  [ B264DFA21677728613267FE63802B332 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:07:17.0366 6048  ShellHWDetection - ok
12:07:17.0393 6048  [ D2A595D6EEBEEAF4334F8E50EFBC9931 ] sisagp          C:\Windows\system32\drivers\sisagp.sys
12:07:17.0395 6048  sisagp - ok
12:07:17.0423 6048  [ CEDD6F4E7D84E9F98B34B3FE988373AA ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
12:07:17.0425 6048  SiSRaid2 - ok
12:07:17.0447 6048  [ DF843C528C4F69D12CE41CE462E973A7 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
12:07:17.0451 6048  SiSRaid4 - ok
12:07:17.0531 6048  [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
12:07:17.0535 6048  SkypeUpdate - ok
12:07:17.0653 6048  [ A1DCD30534835CB67733AD00175125A6 ] slsvc           C:\Windows\system32\SLsvc.exe
12:07:17.0857 6048  slsvc - ok
12:07:17.0873 6048  [ 56DA296E7B376A727E7BDC5AC7FBEE02 ] SLUINotify      C:\Windows\system32\SLUINotify.dll
12:07:17.0921 6048  SLUINotify - ok
12:07:17.0942 6048  [ AC0D90738ADB51A6FD12FF00874A2162 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
12:07:17.0993 6048  Smb - ok
12:07:18.0017 6048  [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
12:07:18.0197 6048  SNMPTRAP - ok
12:07:18.0308 6048  [ 1C550748F896E53B7B0FE7717845132B ] SNP2UVC         C:\Windows\system32\DRIVERS\snp2uvc.sys
12:07:18.0418 6048  SNP2UVC - ok
12:07:18.0455 6048  [ 426F9B029AA9162CECCF65369457D046 ] spldr           C:\Windows\system32\drivers\spldr.sys
12:07:18.0457 6048  spldr - ok
12:07:18.0491 6048  [ DA612EF2556776DF2630B68BF2D48935 ] Spooler         C:\Windows\System32\spoolsv.exe
12:07:18.0531 6048  Spooler - ok
12:07:18.0592 6048  [ 038579C35F7CAD4A4BBF735DBF83277D ] srv             C:\Windows\system32\DRIVERS\srv.sys
12:07:18.0636 6048  srv - ok
12:07:18.0686 6048  [ 6971A757AF8CB5E2CBCBB76CC530DB6C ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
12:07:18.0713 6048  srv2 - ok
12:07:18.0762 6048  [ 9E1A4603B874EEBCE0298113951ABEFB ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
12:07:18.0787 6048  srvnet - ok
12:07:18.0813 6048  [ 8D3E4BAFF8B3997138C38EB1B600519A ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
12:07:18.0848 6048  SSDPSRV - ok
12:07:18.0897 6048  [ FDAEB4E13915D9096E10A334318481EA ] ssecbus         C:\Windows\system32\DRIVERS\ssecbus.sys
12:07:18.0900 6048  ssecbus - ok
12:07:18.0963 6048  [ 58D6E84ECD0AB3B90702BE52ED8718C9 ] ssecmdfl        C:\Windows\system32\DRIVERS\ssecmdfl.sys
12:07:18.0964 6048  ssecmdfl - ok
12:07:18.0974 6048  [ 1C559A3E8DE75D68603ED6BFCF7449CF ] ssecmdm         C:\Windows\system32\DRIVERS\ssecmdm.sys
12:07:18.0978 6048  ssecmdm - ok
12:07:19.0035 6048  [ A941E099EF46E3CC12F898CBE1C39910 ] stisvc          C:\Windows\System32\wiaservc.dll
12:07:19.0121 6048  stisvc - ok
12:07:19.0160 6048  [ 1379BDB336F8158C176A465E30759F57 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
12:07:19.0162 6048  swenum - ok
12:07:19.0204 6048  [ 749ADA8D6C18A08ADFEDE69CBF5DB2E0 ] swprv           C:\Windows\System32\swprv.dll
12:07:19.0282 6048  swprv - ok
12:07:19.0306 6048  [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
12:07:19.0308 6048  Symc8xx - ok
12:07:19.0333 6048  [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
12:07:19.0335 6048  Sym_hi - ok
12:07:19.0354 6048  [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
12:07:19.0356 6048  Sym_u3 - ok
12:07:19.0392 6048  [ 978ACC15501E62D4B26C1567CE42FBAD ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
12:07:19.0397 6048  SynTP - ok
12:07:19.0458 6048  [ 8F2B5FEDE18BD3C4C926CBF88E6F1264 ] SysMain         C:\Windows\system32\sysmain.dll
12:07:19.0537 6048  SysMain - ok
12:07:19.0571 6048  [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:07:19.0602 6048  TabletInputService - ok
12:07:19.0633 6048  [ EF3DD33C740FC2F82E7E4622F1C49289 ] TapiSrv         C:\Windows\System32\tapisrv.dll
12:07:19.0680 6048  TapiSrv - ok
12:07:19.0699 6048  [ 68FA52794AE9ACC61BDE16FE0956B414 ] TBS             C:\Windows\System32\tbssvc.dll
12:07:19.0729 6048  TBS - ok
12:07:19.0837 6048  [ 4A82FA8F0DF67AA354580C3FAAF8BDE3 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
12:07:19.0944 6048  Tcpip - ok
12:07:19.0970 6048  [ 4A82FA8F0DF67AA354580C3FAAF8BDE3 ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
12:07:19.0978 6048  Tcpip6 - ok
12:07:20.0012 6048  [ 5CE0C4A7B12D0067DAD527D72B68C726 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
12:07:20.0039 6048  tcpipreg - ok
12:07:20.0059 6048  [ 964248AEF49C31FA6A93201A73FFAF50 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
12:07:20.0082 6048  TDPIPE - ok
12:07:20.0102 6048  [ 7D2C1AE1648A60FCE4AA0F7982E419D3 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
12:07:20.0128 6048  TDTCP - ok
12:07:20.0157 6048  [ AB4FDE8AF4A0270A46A001C08CBCE1C2 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
12:07:20.0202 6048  tdx - ok
12:07:20.0225 6048  [ 2C549BD9DD091FBFAA0A2A48E82EC2FB ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
12:07:20.0227 6048  TermDD - ok
12:07:20.0283 6048  [ FAD71C1E8E4047B154E899AE31EB8CAA ] TermService     C:\Windows\System32\termsrv.dll
12:07:20.0340 6048  TermService - ok
12:07:20.0365 6048  [ B264DFA21677728613267FE63802B332 ] Themes          C:\Windows\system32\shsvcs.dll
12:07:20.0371 6048  Themes - ok
12:07:20.0392 6048  [ 9DFA3A459AF0954AA85B4F7622AD87BB ] THREADORDER     C:\Windows\system32\mmcss.dll
12:07:20.0395 6048  THREADORDER - ok
12:07:20.0415 6048  [ 6BBA0582C0025D43729A1112D3B57897 ] TrkWks          C:\Windows\System32\trkwks.dll
12:07:20.0448 6048  TrkWks - ok
12:07:20.0490 6048  [ 34E388A395FEDBA1D0511ED39BBF4074 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:07:20.0491 6048  TrustedInstaller - ok
12:07:20.0522 6048  [ 29F0ECA726F0D51F7E048BDB0B372F29 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
12:07:20.0547 6048  tssecsrv - ok
12:07:20.0597 6048  [ 65E953BC0084D44498B51F59784D2A82 ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
12:07:20.0618 6048  tunmp - ok
12:07:20.0632 6048  [ 4A39BDA5E0FD30BDF4884F9D33AE6105 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
12:07:20.0660 6048  tunnel - ok
12:07:20.0700 6048  [ C3ADE15414120033A36C0F293D4A4121 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
12:07:20.0702 6048  uagp35 - ok
12:07:20.0733 6048  [ 6348DA98707CEDA8A0DFB05820E17732 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
12:07:20.0777 6048  udfs - ok
12:07:20.0811 6048  [ 24A333F4F14DCFB6FF6D5A1B9E5D79DD ] UI0Detect       C:\Windows\system32\UI0Detect.exe
12:07:20.0840 6048  UI0Detect - ok
12:07:20.0861 6048  [ 75E6890EBFCE0841D3291B02E7A8BDB0 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
12:07:20.0863 6048  uliagpkx - ok
12:07:20.0890 6048  [ 3CD4EA35A6221B85DCC25DAA46313F8D ] uliahci         C:\Windows\system32\drivers\uliahci.sys
12:07:20.0896 6048  uliahci - ok
12:07:20.0922 6048  [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata          C:\Windows\system32\drivers\ulsata.sys
12:07:20.0925 6048  UlSata - ok
12:07:20.0947 6048  [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
12:07:20.0951 6048  ulsata2 - ok
12:07:20.0975 6048  [ 3FB78F1D1DD86D87BECECD9DFFA24DD9 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
12:07:21.0006 6048  umbus - ok
12:07:21.0031 6048  [ 8EB871A3DEB6B3D5A85EB6DDFC390B59 ] upnphost        C:\Windows\System32\upnphost.dll
12:07:21.0129 6048  upnphost - ok
12:07:21.0196 6048  [ F6BF998AE33E3FB6C7D27F0560F1173F ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
12:07:21.0261 6048  usbaudio - ok
12:07:21.0321 6048  [ 51480458E6E9863F856EBF35AAE801B4 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
12:07:21.0361 6048  usbccgp - ok
12:07:21.0390 6048  [ E9476E6C486E76BC4898074768FB7131 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
12:07:21.0449 6048  usbcir - ok
12:07:21.0495 6048  [ 11FA3ACBF0DE0286829C69E01FE705E4 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
12:07:21.0524 6048  usbehci - ok
12:07:21.0549 6048  [ 6A7858A38B5105731E219E7C6A238730 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
12:07:21.0600 6048  usbhub - ok
12:07:21.0627 6048  [ 38DBC7DD6CC5A72011F187425384388B ] usbohci         C:\Windows\system32\drivers\usbohci.sys
12:07:21.0650 6048  usbohci - ok
12:07:21.0671 6048  [ B51E52ACF758BE00EF3A58EA452FE360 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
12:07:21.0696 6048  usbprint - ok
12:07:21.0751 6048  [ B1F95285C08DDFE00C0B955462637EC7 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
12:07:21.0813 6048  usbscan - ok
12:07:21.0854 6048  [ 7887CE56934E7F104E98C975F47353C5 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:07:21.0889 6048  USBSTOR - ok
12:07:21.0921 6048  [ 4013315FED70A2D293B998CBBA4022EE ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
12:07:21.0944 6048  usbuhci - ok
12:07:21.0974 6048  [ 0A6B81F01BC86399482E27E6FDA7B33B ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
12:07:22.0007 6048  usbvideo - ok
12:07:22.0041 6048  [ F79D0D7C9004474CB42746D9B2C30A2B ] UxSms           C:\Windows\System32\uxsms.dll
12:07:22.0068 6048  UxSms - ok
12:07:22.0112 6048  [ 1A131C2CA1B99542F9B0DD0C901F6587 ] VClone          C:\Windows\system32\DRIVERS\VClone.sys
12:07:22.0138 6048  VClone - ok
12:07:22.0166 6048  [ C9D0BAFEE0D0A2681F048CA61BC0DA96 ] vds             C:\Windows\System32\vds.exe
12:07:22.0231 6048  vds - ok
12:07:22.0275 6048  [ 7D92BE0028ECDEDEC74617009084B5EF ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
12:07:22.0298 6048  vga - ok
12:07:22.0321 6048  [ 17A8F877314E4067F8C8172CC6D9101C ] VgaSave         C:\Windows\System32\drivers\vga.sys
12:07:22.0346 6048  VgaSave - ok
12:07:22.0364 6048  [ 045D9961E591CF0674A920B6BA3BA5CB ] viaagp          C:\Windows\system32\drivers\viaagp.sys
12:07:22.0367 6048  viaagp - ok
12:07:22.0393 6048  [ 56A4DE5F02F2E88182B0981119B4DD98 ] ViaC7           C:\Windows\system32\drivers\viac7.sys
12:07:22.0425 6048  ViaC7 - ok
12:07:22.0445 6048  [ FD2E3175FCADA350C7AB4521DCA187EC ] viaide          C:\Windows\system32\drivers\viaide.sys
12:07:22.0447 6048  viaide - ok
12:07:22.0468 6048  [ 103E84C95832D0ED93507997CC7B54E8 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
12:07:22.0470 6048  volmgr - ok
12:07:22.0494 6048  [ 294DA8D3F965F6A8DB934A83C7B461FF ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
12:07:22.0502 6048  volmgrx - ok
12:07:22.0521 6048  [ 80DC0C9BCB579ED9815001A4D37CBFD5 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
12:07:22.0526 6048  volsnap - ok
12:07:22.0550 6048  [ D984439746D42B30FC65A4C3546C6829 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
12:07:22.0554 6048  vsmraid - ok
12:07:22.0602 6048  [ E0E29D9EF2524ABD11749C7C2FD7F607 ] VSS             C:\Windows\system32\vssvc.exe
12:07:22.0693 6048  VSS - ok
12:07:22.0738 6048  [ 62B0D0F6F5580D9D0DFA5E0B466FF2ED ] W32Time         C:\Windows\system32\w32time.dll
12:07:22.0781 6048  W32Time - ok
12:07:22.0806 6048  [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
12:07:22.0829 6048  WacomPen - ok
12:07:22.0867 6048  [ 6798C1209A53B5A0DED8D437C45145FF ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
12:07:22.0910 6048  Wanarp - ok
12:07:22.0919 6048  [ 6798C1209A53B5A0DED8D437C45145FF ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
12:07:22.0921 6048  Wanarpv6 - ok
12:07:22.0964 6048  [ 0A716C08CB13C3A8F4F51E882DBF7416 ] wanatw          C:\Windows\system32\DRIVERS\wanatw4.sys
12:07:23.0007 6048  wanatw - ok
12:07:23.0056 6048  [ C1B19162E0509CEAB4CDF664E139D956 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
12:07:23.0137 6048  wcncsvc - ok
12:07:23.0154 6048  [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:07:23.0185 6048  WcsPlugInService - ok
12:07:23.0218 6048  [ AFC5AD65B991C1E205CF25CFDBF7A6F4 ] Wd              C:\Windows\system32\drivers\wd.sys
12:07:23.0220 6048  Wd - ok
12:07:23.0271 6048  [ B6F0A7AD6D4BD325FBCD8BAC96CD8D96 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
12:07:23.0283 6048  Wdf01000 - ok
12:07:23.0309 6048  [ 2A424B89B14EF17A3D06BCB5A8F79601 ] WdiServiceHost  C:\Windows\system32\wdi.dll
12:07:23.0338 6048  WdiServiceHost - ok
12:07:23.0345 6048  [ 2A424B89B14EF17A3D06BCB5A8F79601 ] WdiSystemHost   C:\Windows\system32\wdi.dll
12:07:23.0351 6048  WdiSystemHost - ok
12:07:23.0378 6048  [ 01E41C264EEDCB827820A1909162579F ] WebClient       C:\Windows\System32\webclnt.dll
12:07:23.0435 6048  WebClient - ok
12:07:23.0462 6048  [ 9CF67FF7F8D34CBF115D0C278B9F74AA ] Wecsvc          C:\Windows\system32\wecsvc.dll
12:07:23.0527 6048  Wecsvc - ok
12:07:23.0558 6048  [ B68CAB45DB1DAB59D92ACADFAD6364A8 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
12:07:23.0587 6048  wercplsupport - ok
12:07:23.0605 6048  [ 36BA0707680EF4236FD752BEE982CC25 ] WerSvc          C:\Windows\System32\WerSvc.dll
12:07:23.0656 6048  WerSvc - ok
12:07:23.0676 6048  [ 3FA87D56769838AAC82FAFC3E78FC732 ] winbondcir      C:\Windows\system32\DRIVERS\winbondcir.sys
12:07:23.0715 6048  winbondcir - ok
12:07:23.0781 6048  [ 0D5AD0E71FF5DDAC5DD2F443B499ABD0 ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
12:07:23.0787 6048  WinDefend - ok
12:07:23.0797 6048  WinHttpAutoProxySvc - ok
12:07:23.0871 6048  [ 38A7B89DE4E3417C122317949667FDD8 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
12:07:23.0903 6048  Winmgmt - ok
12:07:23.0930 6048  [ 3F6823040030C3E4DA1CF11CD40B7534 ] WinRM           C:\Windows\system32\WsmSvc.dll
12:07:23.0982 6048  WinRM - ok
12:07:24.0054 6048  [ 7640ACEA41348BFEF34B76E245501261 ] Wlansvc         C:\Windows\System32\wlansvc.dll
12:07:24.0104 6048  Wlansvc - ok
12:07:24.0142 6048  [ 17EAC0D023A65FA9B02114CC2BAACAD5 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
12:07:24.0162 6048  WmiAcpi - ok
12:07:24.0187 6048  [ A279323BEE5FFFAFDA222910BCE92132 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
12:07:24.0278 6048  wmiApSrv - ok
12:07:24.0319 6048  [ E8781CF1A4262881897444D22921A3A6 ] WMIService      C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
12:07:24.0369 6048  WMIService - ok
12:07:24.0436 6048  [ ACB2E63D50157E3EA7140F29D9E76A48 ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
12:07:24.0468 6048  WMPNetworkSvc - ok
12:07:24.0506 6048  [ 3D3B3B80C12ABE506F56930C46422C28 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
12:07:24.0568 6048  WPCSvc - ok
12:07:24.0593 6048  [ C24844A1D0D9528B19D5BC266B8CD572 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
12:07:24.0644 6048  WPDBusEnum - ok
12:07:24.0681 6048  [ 2D27171B16A577EF14C1273668753485 ] WpdUsb          C:\Windows\system32\DRIVERS\wpdusb.sys
12:07:24.0711 6048  WpdUsb - ok
12:07:24.0731 6048  [ 84620AECDCFD2A7A14E6263927D8C0ED ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
12:07:24.0772 6048  ws2ifsl - ok
12:07:24.0808 6048  [ F97CBB919AF6D0A6643D1A59C15014D1 ] wscsvc          C:\Windows\system32\wscsvc.dll
12:07:24.0836 6048  wscsvc - ok
12:07:24.0843 6048  WSearch - ok
12:07:24.0960 6048  [ 6298277B73C77FA99106B271A7525163 ] wuauserv        C:\Windows\system32\wuaueng.dll
12:07:25.0027 6048  wuauserv - ok
12:07:25.0077 6048  [ A2AAFCC8A204736296D937C7C545B53F ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
12:07:25.0126 6048  WUDFRd - ok
12:07:25.0158 6048  [ DB5BF5AAB72B1B99B5331231D09EBB26 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
12:07:25.0187 6048  wudfsvc - ok
12:07:25.0257 6048  [ 8098180B3F6C430A4E60333BC036F936 ] {49DE1C67-83F8-4102-99E0-C16DCC7EEC796} C:\Program Files\Acer Arcade Deluxe\Play Movie\000.fcl
12:07:25.0258 6048  {49DE1C67-83F8-4102-99E0-C16DCC7EEC796} - ok
12:07:25.0259 6048  ================ Scan global ===============================
12:07:25.0284 6048  [ 8CD98A8EC9CADAF4E051CDCAC15C96C4 ] C:\Windows\system32\basesrv.dll
12:07:25.0360 6048  [ E3F137ADC0A9D7F3A2E4F557272FE6B3 ] C:\Windows\system32\winsrv.dll
12:07:25.0440 6048  [ E3F137ADC0A9D7F3A2E4F557272FE6B3 ] C:\Windows\system32\winsrv.dll
12:07:25.0483 6048  [ 329CF3C97CE4C19375C8ABCABAE258B0 ] C:\Windows\system32\services.exe
12:07:25.0492 6048  [Global] - ok
12:07:25.0493 6048  ================ Scan MBR ==================================
12:07:25.0514 6048  [ A863475757CC50891AA8458C415E4B25 ] \Device\Harddisk0\DR0
12:07:28.0756 6048  \Device\Harddisk0\DR0 - ok
12:07:28.0756 6048  ================ Scan VBR ==================================
12:07:28.0767 6048  [ 424FEEEFFA69C6C30DDE548E64D77E21 ] \Device\Harddisk0\DR0\Partition1
12:07:28.0769 6048  \Device\Harddisk0\DR0\Partition1 - ok
12:07:28.0813 6048  [ 3936C900CF300E476CF22A9847B09E87 ] \Device\Harddisk0\DR0\Partition2
12:07:28.0814 6048  \Device\Harddisk0\DR0\Partition2 - ok
12:07:28.0815 6048  ============================================================
12:07:28.0815 6048  Scan finished
12:07:28.0815 6048  ============================================================
12:07:28.0899 1412  Detected object count: 0
12:07:28.0899 1412  Actual detected object count: 0
 



#12 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,708 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:01:22 AM

Posted 12 December 2013 - 01:39 PM

Nothing there.

 

Download Process Explorer: http://technet.microsoft.com/en-us/sysinternals/bb896653.aspx
Unzip ProcessExplorer.zip, and double click on procexp.exe to run the program.
Click on View > Select Colunms.
In addition to already pre-selected options, make sure, the Command Line is selected, and press OK.
Go File>Save As, and save the report as Procexp.txt.
 

Upload the file(s) here: http://www.sendspace.com/
Click on Browse button and navigate to the file you want to upload.
Click on Upload button.
Click on FIRST Copy Link button and paste the link in your next reply.


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#13 Ette

Ette
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:03:22 AM

Posted 13 December 2013 - 12:52 PM

http://www.sendspace.com/file/iv7cru



#14 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,708 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:01:22 AM

Posted 13 December 2013 - 01:23 PM

I think it's time to employ more advanced tools.

 

Please follow the instructions in THIS GUIDE starting at Step 6. If you cannot complete a step, skip it and continue.

Once the proper logs are created, then make a NEW TOPIC and post it HERE. Please include a description of your computer issues, what you have done to resolve them, and a link to this topic.

If you can produce at least some of the logs, then please create the new topic and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the topic and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.

It would be helpful if you post a note here once you have completed the steps in the guide and have started your topic in malware removal. Good luck and be patient.

If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users