Author Topic: Kaspersky Malicious URL Blocked -- Windows Explorer Shuts Down (Read 189216 times)

Peter Jordan · « **Reply #30 on:** June 02, 2012, 06:55:20 PM »

MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version:      Windows 7 Professional
Windows Information:      Service Pack 1 (build 7601), 32-bit
Base Board Manufacturer:   Acer
BIOS Manufacturer:      Phoenix Technologies LTD
System Manufacturer:      Acer
System Product Name:      TravelMate 5530
Logical Drives Mask:      0x0000000c

Kernel Drivers (total 214):
0x8303A000 \SystemRoot\system32\ntkrnlpa.exe
0x83003000 \SystemRoot\system32\halmacpi.dll
0x80BAF000 \SystemRoot\system32\kdcom.dll
0x8360D000 \SystemRoot\system32\mcupdate_AuthenticAMD.dll
0x83618000 \SystemRoot\system32\PSHED.dll
0x83629000 \SystemRoot\system32\BOOTVID.dll
0x83631000 \SystemRoot\system32\CLFS.SYS
0x83673000 \SystemRoot\system32\CI.dll
0x8371E000 \SystemRoot\system32\drivers\Wdf01000.sys
0x8378F000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x8379D000 \SystemRoot\system32\drivers\ACPI.sys
0x837E5000 \SystemRoot\system32\drivers\WMILIB.SYS
0x837EE000 \SystemRoot\system32\drivers\msisadrv.sys
0x8AA1E000 \SystemRoot\system32\drivers\pci.sys
0x8AA48000 \SystemRoot\system32\drivers\vdrvroot.sys
0x8AA53000 \SystemRoot\System32\drivers\partmgr.sys
0x8AA64000 \SystemRoot\system32\DRIVERS\compbatt.sys
0x8AA6C000 \SystemRoot\system32\DRIVERS\BATTC.SYS
0x8AA77000 \SystemRoot\system32\drivers\volmgr.sys
0x8AA87000 \SystemRoot\System32\drivers\volmgrx.sys
0x8AAD2000 \SystemRoot\System32\drivers\mountmgr.sys
0x8AAE8000 \SystemRoot\system32\drivers\vmbus.sys
0x8AB12000 \SystemRoot\system32\drivers\winhv.sys
0x8AB24000 \SystemRoot\system32\drivers\atapi.sys
0x8AB2D000 \SystemRoot\system32\drivers\ataport.SYS
0x8AB50000 \SystemRoot\system32\drivers\msahci.sys
0x8AB5A000 \SystemRoot\system32\drivers\PCIIDEX.SYS
0x8AB68000 \SystemRoot\system32\drivers\amdxata.sys
0x8AB71000 \SystemRoot\system32\drivers\fltmgr.sys
0x8ABA5000 \SystemRoot\system32\drivers\fileinfo.sys
0x8AC06000 \SystemRoot\System32\Drivers\Ntfs.sys
0x8AD35000 \SystemRoot\System32\Drivers\msrpc.sys
0x8AD60000 \SystemRoot\System32\Drivers\ksecdd.sys
0x8AD73000 \SystemRoot\System32\Drivers\cng.sys
0x8ADD0000 \SystemRoot\System32\drivers\pcw.sys
0x8ADDE000 \SystemRoot\System32\Drivers\Fs_Rec.sys
0x8AE24000 \SystemRoot\system32\drivers\ndis.sys
0x8AEDB000 \SystemRoot\system32\drivers\NETIO.SYS
0x8AF19000 \SystemRoot\System32\Drivers\ksecpkg.sys
0x8B02E000 \SystemRoot\System32\drivers\tcpip.sys
0x8B179000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x8B1AA000 \SystemRoot\system32\drivers\vmstorfl.sys
0x8B1B3000 \SystemRoot\system32\drivers\volsnap.sys
0x8B1F2000 \SystemRoot\System32\Drivers\spldr.sys
0x8B000000 \SystemRoot\System32\drivers\rdyboost.sys
0x8AF3E000 \SystemRoot\System32\Drivers\mup.sys
0x8AF4E000 \SystemRoot\system32\drivers\klbg.sys
0x8AF5B000 \SystemRoot\System32\drivers\hwpolicy.sys
0x8AF63000 \SystemRoot\System32\DRIVERS\fvevol.sys
0x8AF95000 \SystemRoot\system32\DRIVERS\disk.sys
0x8AFA6000 \SystemRoot\system32\DRIVERS\CLASSPNP.SYS
0x8AFCB000 \SystemRoot\system32\DRIVERS\AtiPcie.sys
0x8ABB6000 \SystemRoot\system32\drivers\cdrom.sys
0x94014000 \SystemRoot\system32\DRIVERS\klif.sys
0x94065000 \SystemRoot\System32\Drivers\Null.SYS
0x9406C000 \SystemRoot\System32\Drivers\Beep.SYS
0x94073000 \SystemRoot\System32\drivers\vga.sys
0x9407F000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x940A0000 \SystemRoot\System32\drivers\watchdog.sys
0x940AD000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x940B5000 \SystemRoot\system32\drivers\rdpencdd.sys
0x940BD000 \SystemRoot\system32\drivers\rdprefmp.sys
0x940C5000 \SystemRoot\System32\Drivers\Msfs.SYS
0x940D0000 \SystemRoot\System32\Drivers\Npfs.SYS
0x940DE000 \SystemRoot\system32\DRIVERS\tdx.sys
0x940F5000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x94101000 \SystemRoot\System32\DRIVERS\netbt.sys
0x95A2D000 \SystemRoot\system32\DRIVERS\kl1.sys
0x95F4D000 \SystemRoot\system32\drivers\afd.sys
0x95FA7000 \SystemRoot\system32\drivers\ws2ifsl.sys
0x95FB0000 \SystemRoot\system32\DRIVERS\wfplwf.sys
0x95FB7000 \SystemRoot\system32\DRIVERS\pacer.sys
0x95FD6000 \SystemRoot\system32\DRIVERS\vwififlt.sys
0x95FE7000 \SystemRoot\system32\DRIVERS\klim6.sys
0x95FEE000 \SystemRoot\system32\DRIVERS\netbios.sys
0x95A00000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x95A13000 \SystemRoot\system32\drivers\termdd.sys
0x94133000 \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
0x95A24000 \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
0x94155000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x94196000 \SystemRoot\system32\drivers\nsiproxy.sys
0x941A0000 \SystemRoot\system32\drivers\mssmbios.sys
0x941AA000 \SystemRoot\System32\drivers\discache.sys
0x95627000 \SystemRoot\system32\drivers\csc.sys
0x9568B000 \SystemRoot\System32\Drivers\dfsc.sys
0x956A3000 \SystemRoot\system32\DRIVERS\blbdrive.sys
0x956B1000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x956D2000 \SystemRoot\system32\DRIVERS\amdppm.sys
0x956E3000 \SystemRoot\system32\drivers\wmiacpi.sys
0x96633000 \SystemRoot\system32\DRIVERS\atikmdag.sys
0x96B48000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x956EC000 \SystemRoot\System32\drivers\dxgmms1.sys
0x96600000 \SystemRoot\system32\drivers\HDAudBus.sys
0x95725000 \SystemRoot\system32\DRIVERS\b57nd60x.sys
0x96C3A000 \SystemRoot\system32\DRIVERS\athr.sys
0x96D67000 \SystemRoot\system32\DRIVERS\vwifibus.sys
0x96D71000 \??\C:\Windows\system32\drivers\UBHelper.sys
0x96D79000 \??\C:\Windows\system32\drivers\NTIDrvr.sys
0x96D81000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
0x96D87000 \SystemRoot\system32\DRIVERS\usbohci.sys
0x96D91000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0x96DDC000 \SystemRoot\system32\DRIVERS\usbfilter.sys
0x96DE2000 \SystemRoot\system32\DRIVERS\usbehci.sys
0x96DF1000 \SystemRoot\system32\DRIVERS\CmBatt.sys
0x96C00000 \SystemRoot\system32\drivers\i8042prt.sys
0x96C18000 \SystemRoot\system32\DRIVERS\DKbFltr.sys
0x96C22000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x95766000 \SystemRoot\system32\DRIVERS\SynTP.sys
0x96C2F000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x96C31000 \SystemRoot\system32\DRIVERS\klmouflt.sys
0x9661F000 \SystemRoot\system32\drivers\mouclass.sys
0x95799000 \SystemRoot\system32\DRIVERS\pcmcia.sys
0x96DF5000 \SystemRoot\system32\DRIVERS\o2sd.sys
0x957C7000 \SystemRoot\system32\DRIVERS\SCSIPORT.SYS
0x957ED000 \SystemRoot\system32\DRIVERS\o2media.sys
0x95600000 \SystemRoot\system32\drivers\CompositeBus.sys
0x9560D000 \SystemRoot\system32\DRIVERS\AgileVpn.sys
0x941B6000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x941CE000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x941D9000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x8ADE7000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x8ABD5000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x8AA00000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x94000000 \SystemRoot\system32\DRIVERS\rdpbus.sys
0x96DFE000 \SystemRoot\system32\drivers\swenum.sys
0x9781E000 \SystemRoot\system32\drivers\ks.sys
0x97852000 \SystemRoot\system32\DRIVERS\umbus.sys
0x97860000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x978A4000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x978B5000 \SystemRoot\system32\drivers\AtiHdmi.sys
0x978D1000 \SystemRoot\system32\drivers\portcls.sys
0x97900000 \SystemRoot\system32\drivers\drmk.sys
0x99203000 \SystemRoot\system32\drivers\RTKVHDA.sys
0x994A0000 \SystemRoot\system32\DRIVERS\HSXHWAZL.sys
0x994DD000 \SystemRoot\system32\DRIVERS\HSX_DPV.sys
0x97919000 \SystemRoot\system32\DRIVERS\HSX_CNXT.sys
0x995DF000 \SystemRoot\system32\drivers\modem.sys
0x9A310000 \SystemRoot\System32\win32k.sys
0x995EC000 \SystemRoot\System32\drivers\Dxapi.sys
0x979CE000 \SystemRoot\System32\Drivers\tcusb.sys
0x979D9000 \SystemRoot\system32\DRIVERS\usbprint.sys
0x979E4000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0x8AFD3000 \SystemRoot\System32\Drivers\usbvideo.sys
0x97800000 \SystemRoot\system32\DRIVERS\monitor.sys
0x9A570000 \SystemRoot\System32\TSDDD.dll
0x9A5A0000 \SystemRoot\System32\cdd.dll
0x8AE00000 \SystemRoot\system32\drivers\luafv.sys
0x82237000 \SystemRoot\system32\drivers\WudfPf.sys
0x82251000 \SystemRoot\system32\DRIVERS\lltdio.sys
0x82261000 \SystemRoot\system32\DRIVERS\nwifi.sys
0x822A7000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0x822B7000 \SystemRoot\system32\DRIVERS\rspndr.sys
0x822CA000 \SystemRoot\system32\DRIVERS\udfs.sys
0x8230A000 \SystemRoot\System32\Drivers\crashdmp.sys
0x82317000 \SystemRoot\System32\Drivers\dump_dumpata.sys
0x82322000 \SystemRoot\System32\Drivers\dump_msahci.sys
0x8232C000 \SystemRoot\System32\Drivers\dump_dumpfve.sys
0x8233D000 \SystemRoot\system32\DRIVERS\vwifimp.sys
0x82346000 \SystemRoot\system32\drivers\HTTP.sys
0x823CB000 \SystemRoot\system32\DRIVERS\bowser.sys
0x823E4000 \SystemRoot\System32\drivers\mpsdrv.sys
0x82200000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0xA460C000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0xA4647000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0xA467A000 \??\C:\Windows\system32\drivers\int15.sys
0xA4682000 \SystemRoot\system32\DRIVERS\mdmxsdk.sys
0xA4686000 \SystemRoot\system32\drivers\peauth.sys
0xA471D000 \SystemRoot\system32\drivers\regi.sys
0xA471F000 \SystemRoot\System32\Drivers\secdrv.SYS
0xA4729000 \SystemRoot\System32\DRIVERS\srvnet.sys
0xA474A000 \SystemRoot\System32\drivers\tcpipreg.sys
0xA4757000 \SystemRoot\system32\DRIVERS\XAudio32.sys
0xA475F000 \SystemRoot\System32\DRIVERS\srv2.sys
0xA4003000 \SystemRoot\System32\DRIVERS\srv.sys
0xA4055000 \SystemRoot\System32\drivers\ipnat.sys
0x77390000 \Windows\System32\ntdll.dll
0x47EF0000 \Windows\System32\smss.exe
0x775D0000 \Windows\System32\apisetschema.dll
0x00240000 \Windows\System32\autochk.exe
0x775A0000 \Windows\System32\sechost.dll
0x77230000 \Windows\System32\ole32.dll
0x774D0000 \Windows\System32\msctf.dll
0x771A0000 \Windows\System32\clbcatq.dll
0x770D0000 \Windows\System32\user32.dll
0x77080000 \Windows\System32\gdi32.dll
0x76FF0000 \Windows\System32\oleaut32.dll
0x76F70000 \Windows\System32\comdlg32.dll
0x76F20000 \Windows\System32\Wldap32.dll
0x76F10000 \Windows\System32\lpk.dll
0x76F00000 \Windows\System32\psapi.dll
0x76E50000 \Windows\System32\msvcrt.dll
0x76E10000 \Windows\System32\ws2_32.dll
0x76D30000 \Windows\System32\kernel32.dll
0x76D10000 \Windows\System32\imm32.dll
0x76D00000 \Windows\System32\nsi.dll
0x76BE0000 \Windows\System32\wininet.dll
0x76A20000 \Windows\System32\iertutil.dll
0x76880000 \Windows\System32\setupapi.dll
0x76820000 \Windows\System32\difxapi.dll
0x76780000 \Windows\System32\usp10.dll
0x766D0000 \Windows\System32\rpcrt4.dll
0x766C0000 \Windows\System32\normaliz.dll
0x76690000 \Windows\System32\imagehlp.dll
0x76630000 \Windows\System32\shlwapi.dll
0x76590000 \Windows\System32\advapi32.dll
0x76470000 \Windows\System32\urlmon.dll
0x75820000 \Windows\System32\shell32.dll
0x757F0000 \Windows\System32\wintrust.dll
0x756D0000 \Windows\System32\crypt32.dll
0x756B0000 \Windows\System32\devobj.dll
0x75680000 \Windows\System32\cfgmgr32.dll
0x75630000 \Windows\System32\KernelBase.dll
0x755A0000 \Windows\System32\comctl32.dll
0x75590000 \Windows\System32\msasn1.dll

Processes (total 71):
0 System Idle Process
4 System
320 C:\Windows\System32\smss.exe
460 csrss.exe
536 C:\Windows\System32\wininit.exe
552 csrss.exe
596 C:\Windows\System32\services.exe
612 C:\Windows\System32\lsass.exe
620 C:\Windows\System32\lsm.exe
756 C:\Windows\System32\winlogon.exe
788 C:\Windows\System32\svchost.exe
864 C:\Windows\System32\svchost.exe
904 C:\Windows\System32\atiesrxx.exe
992 C:\Windows\System32\svchost.exe
1036 C:\Windows\System32\svchost.exe
1084 C:\Windows\System32\svchost.exe
1172 C:\Windows\System32\audiodg.exe
1236 C:\Windows\System32\svchost.exe
1268 C:\Windows\System32\atieclxx.exe
1412 C:\Windows\System32\svchost.exe
1524 C:\Program Files\Common Files\SPBA\upeksvr.exe
1648 C:\Windows\System32\spoolsv.exe
1748 C:\Program Files\Acer Bio Protection\CompPtcVUI.exe
1768 C:\Windows\System32\svchost.exe
1896 C:\Program Files\SUPERAntiSpyware\SASCore.exe
1920 C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
1940 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
1972 C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe
2008 C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
284 C:\Windows\System32\svchost.exe
480 C:\Windows\System32\svchost.exe
380 C:\Windows\System32\svchost.exe
1324 C:\Windows\System32\svchost.exe
1328 C:\Windows\System32\taskhost.exe
1732 C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
804 C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
2164 C:\Windows\System32\dwm.exe
2252 C:\Windows\System32\svchost.exe
2408 C:\Windows\System32\svchost.exe
2456 C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
2668 C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
3172 C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
3200 C:\Program Files\Acer Bio Protection\PdtWzd.exe
3828 C:\Windows\System32\alg.exe
2160 C:\Windows\System32\SearchIndexer.exe
2356 C:\Windows\System32\svchost.exe
3296 C:\Program Files\Windows Media Player\wmpnetwk.exe
3516 C:\Program Files\Launch Manager\LManager.exe
3988 C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
4028 C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe
2860 C:\Program Files\Common Files\Java\Java Update\jusched.exe
2400 C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
2380 C:\Windows\System32\wbem\unsecapp.exe
2616 WmiPrvSE.exe
4416 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
4724 C:\Windows\System32\svchost.exe
5208 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
5844 C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
5856 dllhost.exe
3008 C:\Windows\System32\taskeng.exe
4328 C:\Windows\System32\rundll32.exe
6120 C:\Program Files\Mozilla Firefox\firefox.exe
4360 C:\Program Files\Mozilla Firefox\plugin-container.exe
1276 C:\Windows\System32\taskeng.exe
2324 C:\Windows\System32\svchost.exe
4196 C:\Windows\explorer.exe
4496 C:\Windows\System32\SearchProtocolHost.exe
5380 C:\Windows\System32\SearchFilterHost.exe
2592 C:\Users\Peter\Desktop\MBRCheck.exe
2864 C:\Windows\System32\conhost.exe
5428 C:\Windows\System32\dllhost.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000002`f4500000 (NTFS)

PhysicalDrive0 Model Number: HitachiHTS543225L9A300, Rev: FBEOC40C

Size Device Name MBR Status
--------------------------------------------
232 GB \\.\PhysicalDrive0 Windows 7 MBR code detected
SHA1: F37A9776F0E98E38BD78E91425829D97888CEEF C

Done!

evilfantasy · « **Reply #31 on:** June 02, 2012, 06:57:28 PM »

* Click START then RUN - Vista/Windows 7 users press the Windows Key and the R keys for the Run box.
* Now type (or copy/paste) in the runbox:

Code: [Select]

"%userprofile%\Desktop\combofix" /uninstall* Make sure there's a space between Combofix and /Uninstall
* Then hit Enter

* The above procedure will remove ComboFix and its associated files and folders.

----------

Clean out your temporary internet files and temp files.

Download TFC by OldTimer to your desktop.

Double-click TFC.exe to run it.

Note: If you are running on Vista, right-click on the file and choose Run As Administrator

TFC will close all programs when run, so make sure you have saved all your work before you begin.

* Click the Start button to begin the cleaning process.
* Depending on how often you clean temp files, execution time should be anywhere from a few seconds to a minute or two.
* Please let TFC run uninterrupted until it is finished.

Once TFC is finished it should restart your computer. If it does not, please manually restart the computer yourself to ensure a complete cleaning.

----------

ESET Online Scan

Scan your computer with the ESET FREE Online Virus Scan

* Click the ESET Online Scanner button.

* For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
* Click on the esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop
* Double click on the esetsmartinstaller_enu.exe icon on your desktop.
* Place a check mark next to YES, I accept the Terms of Use.

* Click the Start button.
* Accept any security warnings from your browser.
* Leave the check mark next to Remove found threats and place a check next to Scan archives.
* Click the Start button.
* ESET will then download updates, install, and begin scanning your computer. Please be patient as this can take some time.
* When the scan completes, click List of found threats.
* Next click Export to text file and save the file to your desktop using a name such as ESETScan. Include the contents of this report in your next reply.
* Click the <<Back button then click Finish.

In your next reply please include the ESET Online Scan Log

Peter Jordan · « **Reply #32 on:** June 02, 2012, 07:08:25 PM »

I ran the scans you asked me to, but thusfar no change has been noted.

I ran another Kaspersky update and a full scan -- but again no change.

A second run of TDSS RK, however, produced the following 4 entries. I took no action on them, as I was uncertain as to whether they posed true threats or were possible false positives, etc. Will await your advice.

Meanwhile, I will run the ESET scan overnight and post the results in the morning as it typically takes around 8 hours.

Thanks for your efforts. Hopefully we'll get to the bottom of it soon.

Peter

21:10:49.0635 4372   TDSS rootkit removing tool 2.7.36.0 May 21 2012 16:40:16
21:10:50.0042 4372   ============================================================
21:10:50.0043 4372   Current date / time: 2012/06/02 21:10:50.0042
21:10:50.0043 4372   SystemInfo:
21:10:50.0043 4372
21:10:50.0043 4372   OS Version: 6.1.7601 ServicePack: 1.0
21:10:50.0043 4372   Product type: Workstation
21:10:50.0043 4372   ComputerName: PETER-PC
21:10:50.0047 4372   UserName: Peter
21:10:50.0047 4372   Windows directory: C:\Windows
21:10:50.0047 4372   System windows directory: C:\Windows
21:10:50.0047 4372   Processor architecture: Intel x86
21:10:50.0047 4372   Number of processors: 2
21:10:50.0047 4372   Page size: 0x1000
21:10:50.0047 4372   Boot type: Normal boot
21:10:50.0047 4372   ============================================================
21:10:52.0297 4372   Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
21:10:52.0299 4372   ============================================================
21:10:52.0299 4372   \Device\Harddisk0\DR0:
21:10:52.0299 4372   MBR partitions:
21:10:52.0299 4372   \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1770800, BlocksNum 0x32000
21:10:52.0299 4372   \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x17A2800, BlocksNum 0x1BA22970
21:10:52.0299 4372   ============================================================
21:10:52.0335 4372   C: <-> \Device\Harddisk0\DR0\Partition1
21:10:52.0335 4372   ============================================================
21:10:52.0335 4372   Initialize success
21:10:52.0335 4372   ============================================================
21:10:59.0391 1432   ============================================================
21:10:59.0391 1432   Scan started
21:10:59.0391 1432   Mode: Manual; SigCheck; TDLFS;
21:10:59.0391 1432   ============================================================
21:11:00.0468 1432   !SASCORE (c0393eb99a6c72c6bef9bfc4a72b33a6) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
21:11:00.0599 1432   !SASCORE - ok
21:11:00.0810 1432   1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
21:11:00.0988 1432   1394ohci - ok
21:11:01.0078 1432   ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
21:11:01.0214 1432   ACPI - ok
21:11:01.0234 1432   AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
21:11:01.0407 1432   AcpiPmi - ok
21:11:01.0598 1432   AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
21:11:01.0643 1432   AdobeARMservice - ok
21:11:01.0758 1432   AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
21:11:01.0819 1432   AdobeFlashPlayerUpdateSvc - ok
21:11:01.0880 1432   adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
21:11:01.0947 1432   adp94xx - ok
21:11:01.0971 1432   adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
21:11:02.0022 1432   adpahci - ok
21:11:02.0038 1432   adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
21:11:02.0097 1432   adpu320 - ok
21:11:02.0149 1432   AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\Windows\System32\aelupsvc.dll
21:11:02.0204 1432   AeLookupSvc - ok
21:11:02.0262 1432   AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys
21:11:02.0393 1432   AFD - ok
21:11:02.0473 1432   agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
21:11:02.0580 1432   agp440 - ok
21:11:02.0602 1432   aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
21:11:02.0648 1432   aic78xx - ok
21:11:02.0684 1432   ALG (18a54e132947cd98fea9accc57f98f13) C:\Windows\System32\alg.exe
21:11:02.0735 1432   ALG - ok
21:11:02.0771 1432   aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
21:11:02.0885 1432   aliide - ok
21:11:02.0931 1432   AMD External Events Utility (92543da5bb9775978fdbc1650c24a058) C:\Windows\system32\atiesrxx.exe
21:11:03.0015 1432   AMD External Events Utility - ok
21:11:03.0033 1432   amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
21:11:03.0126 1432   amdagp - ok
21:11:03.0165 1432   amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
21:11:03.0266 1432   amdide - ok
21:11:03.0295 1432   AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
21:11:03.0358 1432   AmdK8 - ok
21:11:03.0377 1432   AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
21:11:03.0419 1432   AmdPPM - ok
21:11:03.0444 1432   amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys
21:11:03.0546 1432   amdsata - ok
21:11:03.0570 1432   amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
21:11:03.0629 1432   amdsbs - ok
21:11:03.0675 1432   amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys
21:11:03.0791 1432   amdxata - ok
21:11:03.0883 1432   AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
21:11:04.0044 1432   AppID - ok
21:11:04.0085 1432   AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\Windows\System32\appidsvc.dll
21:11:04.0162 1432   AppIDSvc - ok
21:11:04.0208 1432   Appinfo (fb1959012294d6ad43e5304df65e3c26) C:\Windows\System32\appinfo.dll
21:11:04.0281 1432   Appinfo - ok
21:11:04.0420 1432   Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
21:11:04.0464 1432   Apple Mobile Device - ok
21:11:04.0496 1432   AppMgmt (a45d184df6a8803da13a0b329517a64a) C:\Windows\System32\appmgmts.dll
21:11:04.0544 1432   AppMgmt - ok
21:11:04.0577 1432   arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
21:11:04.0618 1432   arc - ok
21:11:04.0635 1432   arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
21:11:04.0678 1432   arcsas - ok
21:11:04.0808 1432   aspnet_state (776acefa0ca9df0faa51a5fb2f435705) C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
21:11:04.0933 1432   aspnet_state - ok
21:11:04.0953 1432   AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
21:11:05.0014 1432   AsyncMac - ok
21:11:05.0054 1432   atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
21:11:05.0078 1432   atapi - ok
21:11:05.0197 1432   athr (b01751cc563aecac09bbe36aaa21fbef) C:\Windows\system32\DRIVERS\athr.sys
21:11:05.0368 1432   athr - ok
21:11:05.0746 1432   AtiHdmiService (bb9e7c7f937714f05a4e05c287d6ddff) C:\Windows\system32\drivers\AtiHdmi.sys
21:11:05.0890 1432   AtiHdmiService - ok
21:11:06.0226 1432   atikmdag (632a5be70d168b84f658a82ac8dbbead) C:\Windows\system32\DRIVERS\atikmdag.sys
21:11:06.0493 1432   atikmdag - ok
21:11:06.0630 1432   AtiPcie (b73c832088dd54b55e04ff6f9646ad8c) C:\Windows\system32\DRIVERS\AtiPcie.sys
21:11:06.0700 1432   AtiPcie - ok
21:11:06.0763 1432   AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
21:11:06.0875 1432   AudioEndpointBuilder - ok
21:11:06.0884 1432   Audiosrv (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
21:11:06.0936 1432   Audiosrv - ok
21:11:07.0090 1432   AVP (df9586377384df3808d42090242cc23b) C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe
21:11:07.0370 1432   AVP - ok
21:11:07.0433 1432   AxInstSV (6e30d02aac9cac84f421622e3a2f6178) C:\Windows\System32\AxInstSV.dll
21:11:07.0590 1432   AxInstSV - ok
21:11:07.0640 1432   b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
21:11:07.0728 1432   b06bdrv - ok
21:11:07.0787 1432   b57nd60x (6f41a4c5745bb99f89406f57164f099e) C:\Windows\system32\DRIVERS\b57nd60x.sys
21:11:07.0851 1432   b57nd60x - ok
21:11:07.0950 1432   BcmSqlStartupSvc (6163664c7e9cd110af70180c126c3fdc) C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
21:11:08.0039 1432   BcmSqlStartupSvc - ok
21:11:08.0073 1432   BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:\Windows\System32\bdesvc.dll
21:11:08.0136 1432   BDESVC - ok
21:11:08.0158 1432   Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
21:11:08.0222 1432   Beep - ok
21:11:08.0327 1432   BFE (1e2bac209d184bb851e1a187d8a29136) C:\Windows\System32\bfe.dll
21:11:08.0516 1432   BFE - ok
21:11:08.0592 1432   BITS (e585445d5021971fae10393f0f1c3961) C:\Windows\system32\qmgr.dll
21:11:08.0677 1432   BITS - ok
21:11:08.0699 1432   blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
21:11:08.0756 1432   blbdrive - ok
21:11:08.0901 1432   Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
21:11:08.0982 1432   Bonjour Service - ok
21:11:09.0025 1432   bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys
21:11:09.0149 1432   bowser - ok
21:11:09.0166 1432   BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
21:11:09.0224 1432   BrFiltLo - ok
21:11:09.0257 1432   BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
21:11:09.0302 1432   BrFiltUp - ok
21:11:09.0359 1432   BridgeMP (77361d72a04f18809d0efb6cceb74d4b) C:\Windows\system32\DRIVERS\bridge.sys
21:11:09.0446 1432   BridgeMP - ok
21:11:09.0516 1432   Browser (6e11f33d14d020f58d5e02e4d67dfa19) C:\Windows\System32\browser.dll
21:11:09.0594 1432   Browser - ok
21:11:09.0633 1432   Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
21:11:09.0695 1432   Brserid - ok
21:11:09.0717 1432   BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
21:11:09.0763 1432   BrSerWdm - ok
21:11:09.0776 1432   BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
21:11:09.0821 1432   BrUsbMdm - ok
21:11:09.0837 1432   BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
21:11:09.0880 1432   BrUsbSer - ok
21:11:09.0933 1432   BthEnum (2865a5c8e98c70c605f417908cebb3a4) C:\Windows\system32\drivers\BthEnum.sys
21:11:10.0018 1432   BthEnum - ok
21:11:10.0047 1432   BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
21:11:10.0116 1432   BTHMODEM - ok
21:11:10.0147 1432   BthPan (ad1872e5829e8a2c3b5b4b641c3eab0e) C:\Windows\system32\DRIVERS\bthpan.sys
21:11:10.0263 1432   BthPan - ok
21:11:10.0341 1432   BTHPORT (c2fbf6d271d9a94d839c416bf186ead9) C:\Windows\System32\Drivers\BTHport.sys
21:11:10.0545 1432   BTHPORT - ok
21:11:10.0580 1432   bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\Windows\system32\bthserv.dll
21:11:10.0675 1432   bthserv - ok
21:11:10.0732 1432   BTHUSB (c81e9413a25a439f436b1d4b6a0cf9e9) C:\Windows\System32\Drivers\BTHUSB.sys
21:11:10.0922 1432   BTHUSB - ok
21:11:10.0961 1432   btwaudio (d57d29132efe13a83133d9bd449e0cf1) C:\Windows\system32\drivers\btwaudio.sys
21:11:11.0109 1432   btwaudio - ok
21:11:11.0134 1432   btwavdt (d282c14a69357d0e1bafaecc2ca98c3a) C:\Windows\system32\drivers\btwavdt.sys
21:11:11.0254 1432   btwavdt - ok
21:11:11.0351 1432   btwdins (528aaea4bea415f7dbc30653ef2cdca5) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
21:11:11.0433 1432   btwdins - ok
21:11:11.0457 1432   btwl2cap (aafd7cb76ba61fbb08e302da208c974a) C:\Windows\system32\DRIVERS\btwl2cap.sys
21:11:11.0572 1432   btwl2cap - ok
21:11:11.0587 1432   btwrchid (02eb4d2b05967df2d32f29c84ab1fb17) C:\Windows\system32\DRIVERS\btwrchid.sys
21:11:11.0692 1432   btwrchid - ok
21:11:11.0815 1432   catchme - ok
21:11:11.0856 1432   cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
21:11:11.0942 1432   cdfs - ok
21:11:11.0986 1432   cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\drivers\cdrom.sys
21:11:12.0126 1432   cdrom - ok
21:11:12.0174 1432   CertPropSvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
21:11:12.0266 1432   CertPropSvc - ok
21:11:12.0280 1432   circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
21:11:12.0325 1432   circlass - ok
21:11:12.0364 1432   CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
21:11:12.0417 1432   CLFS - ok
21:11:12.0475 1432   clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:11:12.0533 1432   clr_optimization_v2.0.50727_32 - ok
21:11:12.0591 1432   clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:11:12.0650 1432   clr_optimization_v4.0.30319_32 - ok
21:11:12.0691 1432   CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
21:11:12.0741 1432   CmBatt - ok
21:11:12.0787 1432   cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
21:11:12.0905 1432   cmdide - ok
21:11:12.0964 1432   CNG (6427525d76f61d0c519b008d3680e8e7) C:\Windows\system32\Drivers\cng.sys
21:11:13.0038 1432   CNG - ok
21:11:13.0053 1432   Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
21:11:13.0093 1432   Compbatt - ok
21:11:13.0141 1432   CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys
21:11:13.0339 1432   CompositeBus - ok
21:11:13.0344 1432   COMSysApp - ok
21:11:13.0449 1432   crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
21:11:13.0506 1432   crcdisk - ok
21:11:13.0560 1432   CryptSvc (a585bebf7d054bd9618eda0922d5484a) C:\Windows\system32\cryptsvc.dll
21:11:13.0637 1432   CryptSvc - ok
21:11:13.0710 1432   CSC (3c2177a897b4ca2788c6fb0c3fd81d4b) C:\Windows\system32\drivers\csc.sys
21:11:13.0849 1432   CSC - ok
21:11:13.0978 1432   CscService (15f93b37f6801943360d9eb42485d5d3) C:\Windows\System32\cscsvc.dll
21:11:14.0056 1432   CscService - ok
21:11:14.0101 1432   DcomLaunch (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
21:11:14.0176 1432   DcomLaunch - ok
21:11:14.0214 1432   defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\Windows\System32\defragsvc.dll
21:11:14.0284 1432   defragsvc - ok
21:11:14.0367 1432   DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
21:11:14.0447 1432   DfsC - ok
21:11:14.0500 1432   Dhcp (e9e01eb683c132f7fa27cd607b8a2b63) C:\Windows\system32\dhcpcore.dll
21:11:14.0567 1432   Dhcp - ok
21:11:14.0591 1432   discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
21:11:14.0651 1432   discache - ok
21:11:14.0680 1432   Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
21:11:14.0751 1432   Disk - ok
21:11:14.0774 1432   DKbFltr (c701324c9e0c25dd9d60311bd87fbc84) C:\Windows\system32\DRIVERS\DKbFltr.sys
21:11:14.0889 1432   DKbFltr - ok
21:11:14.0940 1432   Dnscache (33ef4861f19a0736b11314aad9ae28d0) C:\Windows\System32\dnsrslvr.dll
21:11:15.0187 1432   Dnscache - ok
21:11:15.0236 1432   dot3svc (366ba8fb4b7bb7435e3b9eacb3843f67) C:\Windows\System32\dot3svc.dll
21:11:15.0330 1432   dot3svc - ok
21:11:15.0389 1432   DPS (8ec04ca86f1d68da9e11952eb85973d6) C:\Windows\system32\dps.dll
21:11:15.0496 1432   DPS - ok
21:11:15.0527 1432   drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
21:11:15.0596 1432   drmkaud - ok
21:11:15.0634 1432   dwshd - ok
21:11:15.0932 1432   DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
21:11:16.0010 1432   DXGKrnl - ok
21:11:16.0048 1432   EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\Windows\System32\eapsvc.dll
21:11:16.0142 1432   EapHost - ok
21:11:16.0373 1432   ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
21:11:16.0492 1432   ebdrv - ok
21:11:16.0618 1432   EFS (81951f51e318aecc2d68559e47485cc4) C:\Windows\System32\lsass.exe
21:11:16.0682 1432   EFS - ok
21:11:16.0809 1432   ehRecvr (a8c362018efc87beb013ee28f29c0863) C:\Windows\ehome\ehRecvr.exe
21:11:16.0957 1432   ehRecvr - ok
21:11:16.0982 1432   ehSched (d389bff34f80caede417bf9d1507996a) C:\Windows\ehome\ehsched.exe
21:11:17.0020 1432   ehSched - ok
21:11:17.0108 1432   elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
21:11:17.0182 1432   elxstor - ok
21:11:17.0226 1432   ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
21:11:17.0358 1432   ErrDev - ok
21:11:17.0419 1432   esgiguard - ok
21:11:17.0507 1432   ETService (2f6d55dc521c557880116b51925a792a) C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
21:11:17.0551 1432   ETService ( UnsignedFile.Multi.Generic ) - warning
21:11:17.0551 1432   ETService - detected UnsignedFile.Multi.Generic (1)
21:11:17.0623 1432   EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\Windows\system32\es.dll
21:11:17.0705 1432   EventSystem - ok
21:11:17.0745 1432   exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
21:11:17.0806 1432   exfat - ok
21:11:17.0833 1432   fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
21:11:17.0904 1432   fastfat - ok
21:11:17.0993 1432   Fax (967ea5b213e9984cbe270205df37755b) C:\Windows\system32\fxssvc.exe
21:11:18.0115 1432   Fax - ok
21:11:18.0135 1432   fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
21:11:18.0178 1432   fdc - ok
21:11:18.0211 1432   fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\Windows\system32\fdPHost.dll
21:11:18.0276 1432   fdPHost - ok
21:11:18.0287 1432   FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\Windows\system32\fdrespub.dll
21:11:18.0347 1432   FDResPub - ok
21:11:18.0362 1432   FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
21:11:18.0401 1432   FileInfo - ok
21:11:18.0420 1432   Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
21:11:18.0478 1432   Filetrace - ok
21:11:18.0505 1432   flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
21:11:18.0547 1432   flpydisk - ok
21:11:18.0572 1432   FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
21:11:18.0615 1432   FltMgr - ok
21:11:18.0708 1432   FontCache (b3a5ec6b6b6673db7e87c2bcdbddc074) C:\Windows\system32\FntCache.dll
21:11:18.0803 1432   FontCache - ok
21:11:18.0870 1432   FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
21:11:18.0929 1432   FontCache3.0.0.0 - ok
21:11:18.0956 1432   FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
21:11:19.0000 1432   FsDepends - ok
21:11:19.0044 1432   Fs_Rec (7dae5ebcc80e45d3253f4923dc424d05) C:\Windows\system32\drivers\Fs_Rec.sys
21:11:19.0074 1432   Fs_Rec - ok
21:11:19.0139 1432   fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
21:11:19.0194 1432   fvevol - ok
21:11:19.0216 1432   gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
21:11:19.0258 1432   gagp30kx - ok
21:11:19.0307 1432   GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
21:11:19.0353 1432   GEARAspiWDM - ok
21:11:19.0446 1432   gpsvc (e897eaf5ed6ba41e081060c9b447a673) C:\Windows\System32\gpsvc.dll
21:11:19.0529 1432   gpsvc - ok
21:11:19.0784 1432   Greg_Service (816fd5a6f3c2f3d600900096632fc60e) C:\Program Files\Acer\Registration\GregHSRW.exe
21:11:19.0870 1432   Greg_Service - ok
21:11:19.0981 1432   gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
21:11:20.0017 1432   gupdate - ok
21:11:20.0073 1432   gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
21:11:20.0097 1432   gupdatem - ok
21:11:20.0247 1432   hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
21:11:20.0343 1432   hcw85cir - ok
21:11:20.0454 1432   HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys
21:11:20.0822 1432   HdAudAddService - ok
21:11:20.0848 1432   HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys
21:11:21.0108 1432   HDAudBus - ok
21:11:21.0124 1432   HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
21:11:21.0252 1432   HidBatt - ok
21:11:21.0309 1432   HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
21:11:21.0415 1432   HidBth - ok
21:11:21.0447 1432   HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
21:11:21.0584 1432   HidIr - ok
21:11:21.0612 1432   hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\Windows\System32\hidserv.dll
21:11:21.0737 1432   hidserv - ok
21:11:21.0785 1432   HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\DRIVERS\hidusb.sys
21:11:21.0968 1432   HidUsb - ok
21:11:22.0055 1432   hkmsvc (196b4e3f4cccc24af836ce58facbb699) C:\Windows\system32\kmsvc.dll
21:11:22.0128 1432   hkmsvc - ok
21:11:22.0162 1432   HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:\Windows\system32\ListSvc.dll
21:11:22.0374 1432   HomeGroupListener - ok
21:11:22.0444 1432   HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:\Windows\system32\provsvc.dll
21:11:22.0572 1432   HomeGroupProvider - ok
21:11:22.0723 1432   HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
21:11:22.0885 1432   HpSAMD - ok
21:11:23.0021 1432   HsfXAudioService (210388fd8225b02bd83d77628aae64a9) C:\Windows\system32\XAudio32.dll
21:11:23.0145 1432   HsfXAudioService - ok
21:11:23.0237 1432   HSF_DPV (227c3ba25012752bb7450235392c719f) C:\Windows\system32\DRIVERS\HSX_DPV.sys
21:11:23.0354 1432   HSF_DPV - ok
21:11:23.0474 1432   HSXHWAZL (4df5c76302dc2f8f3465966c8426a292) C:\Windows\system32\DRIVERS\HSXHWAZL.sys
21:11:23.0598 1432   HSXHWAZL - ok
21:11:23.0677 1432   HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
21:11:23.0784 1432   HTTP - ok
21:11:23.0828 1432   hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
21:11:23.0880 1432   hwpolicy - ok
21:11:23.0939 1432   i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys
21:11:24.0051 1432   i8042prt - ok
21:11:24.0102 1432   iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys
21:11:24.0234 1432   iaStorV - ok
21:11:24.0396 1432   idsvc (c521d7eb6497bb1af6afa89e322fb43c) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
21:11:24.0470 1432   idsvc - ok
21:11:24.0837 1432   IGBASVC (884243a20eccf90f747854e2f0954719) c:\Program Files\Acer Bio Protection\BASVC.exe
21:11:24.0958 1432   IGBASVC ( UnsignedFile.Multi.Generic ) - warning
21:11:24.0958 1432   IGBASVC - detected UnsignedFile.Multi.Generic (1)
21:11:25.0442 1432   igfx (ad626f6964f4d364d226c39e06872dd3) C:\Windows\system32\DRIVERS\igdkmd32.sys
21:11:25.0709 1432   igfx - ok
21:11:25.0831 1432   iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
21:11:25.0947 1432   iirsp - ok
21:11:26.0041 1432   IKEEXT (f95622f161474511b8d80d6b093aa610) C:\Windows\System32\ikeext.dll
21:11:26.0113 1432   IKEEXT - ok
21:11:26.0139 1432   int15 (58ff11c95c3681c9250914521cb9f036) C:\Windows\system32\drivers\int15.sys
21:11:26.0226 1432   int15 - ok
21:11:26.0450 1432   IntcAzAudAddService (b29e79c67f3779e70ba187e31b639ebc) C:\Windows\system32\drivers\RTKVHDA.sys
21:11:26.0670 1432   IntcAzAudAddService - ok
21:11:26.0827 1432   intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
21:11:27.0019 1432   intelide - ok
21:11:27.0038 1432   intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
21:11:27.0160 1432   intelppm - ok
21:11:27.0208 1432   IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\Windows\system32\ipbusenum.dll
21:11:27.0323 1432   IPBusEnum - ok
21:11:27.0416 1432   IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:11:27.0554 1432   IpFilterDriver - ok
21:11:27.0636 1432   iphlpsvc (4d65a07b795d6674312f879d09aa7663) C:\Windows\System32\iphlpsvc.dll
21:11:27.0725 1432   iphlpsvc - ok
21:11:27.0778 1432   IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
21:11:27.0899 1432   IPMIDRV - ok
21:11:27.0942 1432   IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
21:11:28.0063 1432   IPNAT - ok
21:11:28.0249 1432   iPod Service (ce004777b92dea56fe14ec900d20baa4) C:\Program Files\iPod\bin\iPodService.exe
21:11:28.0311 1432   iPod Service - ok
21:11:28.0322 1432   IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
21:11:28.0422 1432   IRENUM - ok
21:11:28.0460 1432   isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
21:11:28.0579 1432   isapnp - ok
21:11:28.0618 1432   iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
21:11:28.0727 1432   iScsiPrt - ok
21:11:28.0810 1432   IviRegMgr (213822072085b5bbad9af30ab577d817) C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
21:11:28.0884 1432   IviRegMgr - ok
21:11:28.0908 1432   kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
21:11:29.0001 1432   kbdclass - ok
21:11:29.0044 1432   kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\DRIVERS\kbdhid.sys
21:11:29.0140 1432   kbdhid - ok
21:11:29.0185 1432   KeyIso (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
21:11:29.0222 1432   KeyIso - ok
21:11:29.0314 1432   kl1 (ce3958f58547454884e97bda78cd7040) C:\Windows\system32\DRIVERS\kl1.sys
21:11:29.0376 1432   kl1 - ok
21:11:29.0404 1432   klbg (53eedab3f0511321ac3ae8bc968b158c) C:\Windows\system32\drivers\klbg.sys
21:11:29.0439 1432   klbg - ok
21:11:29.0497 1432   KLIF (de6c14fb8438ef932d9f58f269a19b85) C:\Windows\system32\DRIVERS\klif.sys
21:11:29.0555 1432   KLIF - ok
21:11:29.0618 1432   KLIM6 (892cc162dc88ab084c86485879526c59) C:\Windows\system32\DRIVERS\klim6.sys
21:11:29.0678 1432   KLIM6 - ok
21:11:29.0704 1432   klmouflt (aa63a815876a76987b5dbce6af7478e9) C:\Windows\system32\DRIVERS\klmouflt.sys
21:11:29.0737 1432   klmouflt - ok
21:11:29.0779 1432   KSecDD (f4647bb23db9038a7536cf6b68f4207f) C:\Windows\system32\Drivers\ksecdd.sys
21:11:29.0816 1432   KSecDD - ok
21:11:29.0835 1432   KSecPkg (e73cae53bbb72ba26918492c6b4c229d) C:\Windows\system32\Drivers\ksecpkg.sys
21:11:29.0875 1432   KSecPkg - ok
21:11:29.0920 1432   KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\Windows\system32\msdtckrm.dll
21:11:30.0033 1432   KtmRm - ok
21:11:30.0064 1432   L1E (8c804b1ffad1efa952b747e8285c3b76) C:\Windows\system32\DRIVERS\L1E62x86.sys
21:11:30.0136 1432   L1E - ok
21:11:30.0214 1432   LanmanServer (d64af876d53eca3668bb97b51b4e70ab) C:\Windows\System32\srvsvc.dll
21:11:30.0304 1432   LanmanServer - ok
21:11:30.0356 1432   LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:\Windows\System32\wkssvc.dll
21:11:30.0419 1432   LanmanWorkstation - ok
21:11:30.0436 1432   lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
21:11:30.0523 1432   lltdio - ok
21:11:30.0560 1432   lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\Windows\System32\lltdsvc.dll
21:11:30.0669 1432   lltdsvc - ok
21:11:30.0692 1432   lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:\Windows\System32\lmhsvc.dll
21:11:30.0804 1432   lmhosts - ok
21:11:30.0850 1432   LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
21:11:30.0954 1432   LSI_FC - ok
21:11:30.0969 1432   LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
21:11:31.0092 1432   LSI_SAS - ok
21:11:31.0173 1432   LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
21:11:31.0309 1432   LSI_SAS2 - ok
21:11:31.0337 1432   LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
21:11:31.0459 1432   LSI_SCSI - ok
21:11:31.0483 1432   luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
21:11:31.0628 1432   luafv - ok
21:11:31.0708 1432   Mcx2Svc (bfb9ee8ee977efe85d1a3105abef6dd1) C:\Windows\system32\Mcx2Svc.dll
21:11:31.0777 1432   Mcx2Svc - ok
21:11:31.0802 1432   mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys
21:11:31.0894 1432   mdmxsdk - ok
21:11:31.0921 1432   megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
21:11:31.0996 1432   megasas - ok
21:11:32.0022 1432   MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
21:11:32.0096 1432   MegaSR - ok
21:11:32.0213 1432   Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
21:11:32.0259 1432   Microsoft Office Groove Audit Service - ok
21:11:32.0290 1432   MMCSS (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
21:11:32.0378 1432   MMCSS - ok
21:11:32.0399 1432   Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
21:11:32.0486 1432   Modem - ok
21:11:32.0506 1432   monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
21:11:32.0578 1432   monitor - ok
21:11:32.0627 1432   mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\drivers\mouclass.sys
21:11:32.0723 1432   mouclass - ok
21:11:32.0760 1432   mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
21:11:32.0829 1432   mouhid - ok
21:11:32.0876 1432   mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
21:11:32.0919 1432   mountmgr - ok
21:11:33.0023 1432   MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
21:11:33.0061 1432   MozillaMaintenance - ok
21:11:33.0110 1432   mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
21:11:33.0207 1432   mpio - ok
21:11:33.0236 1432   mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
21:11:33.0322 1432   mpsdrv - ok
21:11:33.0392 1432   MpsSvc (9835584e999d25004e1ee8e5f3e3b881) C:\Windows\system32\mpssvc.dll
21:11:33.0469 1432   MpsSvc - ok
21:11:33.0520 1432   MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
21:11:33.0592 1432   MRxDAV - ok
21:11:33.0648 1432   mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys
21:11:33.0819 1432   mrxsmb - ok
21:11:33.0879 1432   mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:11:34.0016 1432   mrxsmb10 - ok
21:11:34.0038 1432   mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:11:34.0137 1432   mrxsmb20 - ok
21:11:34.0178 1432   msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys
21:11:34.0296 1432   msahci - ok
21:11:34.0350 1432   msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys
21:11:34.0445 1432   msdsm - ok
21:11:34.0482 1432   MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:\Windows\System32\msdtc.exe
21:11:34.0603 1432   MSDTC - ok
21:11:34.0649 1432   Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
21:11:34.0771 1432   Msfs - ok
21:11:34.0788 1432   mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
21:11:34.0908 1432   mshidkmdf - ok
21:11:34.0924 1432   msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
21:11:35.0105 1432   msisadrv - ok
21:11:35.0143 1432   MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:\Windows\system32\iscsiexe.dll
21:11:35.0270 1432   MSiSCSI - ok
21:11:35.0277 1432   msiserver - ok
21:11:35.0298 1432   MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
21:11:35.0437 1432   MSKSSRV - ok
21:11:35.0447 1432   MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
21:11:35.0591 1432   MSPCLOCK - ok
21:11:35.0599 1432   MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
21:11:35.0794 1432   MSPQM - ok
21:11:35.0831 1432   MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
21:11:35.0969 1432   MsRPC - ok
21:11:36.0023 1432   mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys
21:11:36.0260 1432   mssmbios - ok
21:11:36.0397 1432   MSSQL$MSSMLBIZ - ok
21:11:36.0440 1432   MSSQLServerADHelper (1d89eb4e2a99cabd4e81225f4f4c4b25) c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe
21:11:36.0619 1432   MSSQLServerADHelper - ok
21:11:36.0637 1432   MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
21:11:36.0771 1432   MSTEE - ok
21:11:36.0779 1432   MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
21:11:36.0896 1432   MTConfig - ok
21:11:36.0922 1432   Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
21:11:37.0034 1432   Mup - ok
21:11:37.0099 1432   napagent (61d57a5d7c6d9afe10e77dae6e1b445e) C:\Windows\system32\qagentRT.dll
21:11:37.0206 1432   napagent - ok
21:11:37.0241 1432   NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
21:11:37.0333 1432   NativeWifiP - ok
21:11:37.0401 1432   NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys
21:11:37.0459 1432   NDIS - ok
21:11:37.0488 1432   NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
21:11:37.0575 1432   NdisCap - ok
21:11:37.0599 1432   NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
21:11:37.0690 1432   NdisTapi - ok
21:11:37.0737 1432   Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys
21:11:37.0793 1432   Ndisuio - ok
21:11:37.0844 1432   NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys
21:11:37.0910 1432   NdisWan - ok
21:11:37.0960 1432   NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
21:11:38.0039 1432   NDProxy - ok
21:11:38.0082 1432   Net Driver HPZ12 (90eb97c8dbf11bb0016c51946ac5ecd6) C:\Windows\system32\HPZinw12.dll
21:11:38.0115 1432   Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
21:11:38.0115 1432   Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
21:11:38.0150 1432   NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
21:11:38.0276 1432   NetBIOS - ok
21:11:38.0325 1432   NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys
21:11:38.0440 1432   NetBT - ok
21:11:38.0485 1432   Netlogon (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
21:11:38.0514 1432   Netlogon - ok
21:11:38.0573 1432   Netman (7cccfca7510684768da22092d1fa4db2) C:\Windows\System32\netman.dll
21:11:38.0664 1432   Netman - ok
21:11:38.0806 1432   NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
21:11:38.0882 1432   NetMsmqActivator - ok
21:11:38.0891 1432   NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
21:11:38.0916 1432   NetPipeActivator - ok
21:11:38.0985 1432   netprofm (8c338238c16777a802d6a9211eb2ba50) C:\Windows\System32\netprofm.dll
21:11:39.0081 1432   netprofm - ok
21:11:39.0089 1432   NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
21:11:39.0116 1432   NetTcpActivator - ok
21:11:39.0122 1432   NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
21:11:39.0144 1432   NetTcpPortSharing - ok
21:11:39.0210 1432   nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
21:11:39.0308 1432   nfrd960 - ok
21:11:39.0379 1432   NlaSvc (912084381d30d8b89ec4e293053f4710) C:\Windows\System32\nlasvc.dll
21:11:39.0453 1432   NlaSvc - ok
21:11:39.0473 1432   Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
21:11:39.0570 1432   Npfs - ok
21:11:39.0598 1432   nsi (ba387e955e890c8a88306d9b8d06bf17) C:\Windows\system32\nsisvc.dll
21:11:39.0681 1432   nsi - ok
21:11:39.0694 1432   nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
21:11:39.0783 1432   nsiproxy - ok
21:11:39.0933 1432   Ntfs (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys
21:11:40.0103 1432   Ntfs - ok
21:11:40.0214 1432   NTIBackupSvc (fd324cce1d4d5bb5af65f8e55b462c7e) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
21:11:40.0270 1432   NTIBackupSvc - ok
21:11:40.0395 1432   NTIDrvr (6dcaa65f49ef3b97a5cffc0cb5de1c2f) C:\Windows\system32\drivers\NTIDrvr.sys
21:11:40.0470 1432   NTIDrvr - ok
21:11:40.0513 1432   NTISchedulerSvc (3f6268a2ec33cd38cf75c880af8ded42) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
21:11:40.0592 1432   NTISchedulerSvc - ok
21:11:40.0626 1432   Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
21:11:40.0760 1432   Null - ok
21:11:40.0816 1432   nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys
21:11:40.0987 1432   nvraid - ok
21:11:41.0020 1432   nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys
21:11:41.0182 1432   nvstor - ok
21:11:41.0205 1432   nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys
21:11:41.0378 1432   nv_agp - ok
21:11:41.0500 1432   O2FLASH (d955d5de998db2476bf0892be3a96c26) C:\Windows\system32\DRIVERS\o2flash.exe
21:11:41.0645 1432   O2FLASH - ok
21:11:41.0661 1432   O2MDRDR (922046f114ac0c1b2484bcdd5ca43c07) C:\Windows\system32\DRIVERS\o2media.sys
21:11:41.0740 1432   O2MDRDR - ok
21:11:41.0761 1432   O2SDRDR (51c368f577513feb59ed70b45e930076) C:\Windows\system32\DRIVERS\o2sd.sys
21:11:41.0832 1432   O2SDRDR - ok
21:11:41.0963 1432   odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
21:11:41.0998 1432   odserv - ok
21:11:42.0052 1432   ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
21:11:42.0223 1432   ohci1394 - ok
21:11:42.0282 1432   ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:11:42.0356 1432   ose - ok
21:11:42.0761 1432   osppsvc (358a9cca612c68eb2f07ddad4ce1d8d7) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
21:11:42.0892 1432   osppsvc - ok
21:11:43.0126 1432   p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
21:11:43.0279 1432   p2pimsvc - ok
21:11:43.0318 1432   p2psvc (59c3ddd501e39e006dac31bf55150d91) C:\Windows\system32\p2psvc.dll
21:11:43.0399 1432   p2psvc - ok
21:11:43.0445 1432   Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
21:11:43.0528 1432   Parport - ok
21:11:43.0582 1432   partmgr (3f34a1b4c5f6475f320c275e63afce9b) C:\Windows\system32\drivers\partmgr.sys
21:11:43.0617 1432   partmgr - ok
21:11:43.0641 1432   Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
21:11:43.0712 1432   Parvdm - ok
21:11:43.0757 1432   PcaSvc (358ab7956d3160000726574083dfc8a6) C:\Windows\System32\pcasvc.dll
21:11:43.0829 1432   PcaSvc - ok
21:11:43.0885 1432   pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
21:11:44.0030 1432   pci - ok
21:11:44.0087 1432   pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
21:11:44.0210 1432   pciide - ok
21:11:44.0243 1432   pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
21:11:44.0324 1432   pcmcia - ok
21:11:44.0347 1432   pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
21:11:44.0415 1432   pcw - ok
21:11:44.0475 1432   PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
21:11:44.0582 1432   PEAUTH - ok
21:11:44.0685 1432   PeerDistSvc (af4d64d2a57b9772cf3801950b8058a6) C:\Windows\system32\peerdistsvc.dll
21:11:44.0816 1432   PeerDistSvc - ok
21:11:44.0979 1432   pgfilter - ok
21:11:45.0172 1432   pla (414bba67a3ded1d28437eb66aeb8a720) C:\Windows\system32\pla.dll
21:11:45.0266 1432   pla - ok
21:11:45.0459 1432   PlugPlay (ec7bc28d207da09e79b3e9faf8b232ca) C:\Windows\system32\umpnpmgr.dll
21:11:45.0694 1432   PlugPlay - ok
21:11:45.0740 1432   Pml Driver HPZ12 (75cf9de0a67af916ed591743dfb69694) C:\Windows\system32\HPZipm12.dll
21:11:45.0884 1432   Pml Driver HPZ12 - ok
21:11:45.0907 1432   PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) C:\Windows\system32\pnrpauto.dll
21:11:46.0067 1432   PNRPAutoReg - ok
21:11:46.0104 1432   PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
21:11:46.0150 1432   PNRPsvc - ok
21:11:46.0223 1432   PolicyAgent (53946b69ba0836bd95b03759530c81ec) C:\Windows\System32\ipsecsvc.dll
21:11:46.0326 1432   PolicyAgent - ok
21:11:46.0394 1432   Power (f87d30e72e03d579a5199ccb3831d6ea) C:\Windows\system32\umpo.dll
21:11:46.0491 1432   Power - ok
21:11:46.0565 1432   PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
21:11:46.0683 1432   PptpMiniport - ok
21:11:46.0711 1432   Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
21:11:46.0817 1432   Processor - ok
21:11:46.0844 1432   ProfSvc (43ca4ccc22d52fb58e8988f0198851d0) C:\Windows\system32\profsvc.dll
21:11:46.0935 1432   ProfSvc - ok
21:11:46.0974 1432   ProtectedStorage (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
21:11:47.0003 1432   ProtectedStorage - ok
21:11:47.0024 1432   Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
21:11:47.0176 1432   Psched - ok
21:11:47.0247 1432   PSI_SVC_2 (a6a7ad767bf5141665f5c675f671b3e1) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
21:11:47.0337 1432   PSI_SVC_2 - ok
21:11:47.0490 1432   ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
21:11:47.0591 1432   ql2300 - ok
21:11:47.0748 1432   ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
21:11:47.0836 1432   ql40xx - ok
21:11:47.0880 1432   QWAVE (31ac809e7707eb580b2bdb760390765a) C:\Windows\system32\qwave.dll
21:11:47.0970 1432   QWAVE - ok
21:11:47.0987 1432   QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
21:11:48.0062 1432   QWAVEdrv - ok
21:11:48.0083 1432   RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
21:11:48.0170 1432   RasAcd - ok
21:11:48.0192 1432   RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
21:11:48.0251 1432   RasAgileVpn - ok
21:11:48.0275 1432   RasAuto (a60f1839849c0c00739787fd5ec03f13) C:\Windows\System32\rasauto.dll
21:11:48.0341 1432   RasAuto - ok
21:11:48.0361 1432   Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
21:11:48.0423 1432   Rasl2tp - ok
21:11:48.0496 1432   RasMan (cb9e04dc05eacf5b9a36ca276d475006) C:\Windows\System32\rasmans.dll
21:11:48.0589 1432   RasMan - ok
21:11:48.0612 1432   RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
21:11:48.0678 1432   RasPppoe - ok
21:11:48.0705 1432   RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
21:11:48.0767 1432   RasSstp - ok
21:11:48.0807 1432   rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
21:11:48.0868 1432   rdbss - ok
21:11:48.0884 1432   rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
21:11:48.0939 1432   rdpbus - ok
21:11:48.0984 1432   RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
21:11:49.0045 1432   RDPCDD - ok
21:11:49.0109 1432   RDPDR (b973fcfc50dc1434e1970a146f7e3885) C:\Windows\system32\drivers\rdpdr.sys
21:11:49.0206 1432   RDPDR - ok
21:11:49.0217 1432   RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
21:11:49.0303 1432   RDPENCDD - ok
21:11:49.0335 1432   RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
21:11:49.0431 1432   RDPREFMP - ok
21:11:49.0494 1432   RDPWD (244c83332f44589ae98fc347f11b2693) C:\Windows\system32\drivers\RDPWD.sys
21:11:49.0585 1432   RDPWD - ok
21:11:49.0662 1432   rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
21:11:49.0731 1432   rdyboost - ok
21:11:49.0755 1432   regi (001b4278407f4303efc902a2b16f2453) C:\Windows\system32\drivers\regi.sys
21:11:49.0844 1432   regi - ok
21:11:49.0894 1432   RemoteAccess (7b5e1419717fac363a31cc302895217a) C:\Windows\System32\mprdim.dll
21:11:49.0972 1432   RemoteAccess - ok
21:11:50.0014 1432   RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) C:\Windows\system32\regsvc.dll
21:11:50.0087 1432   RemoteRegistry - ok
21:11:50.0124 1432   RFCOMM (cb928d9e6daf51879dd6ba8d02f01321) C:\Windows\system32\DRIVERS\rfcomm.sys
21:11:50.0220 1432   RFCOMM - ok
21:11:50.0249 1432   RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) C:\Windows\System32\RpcEpMap.dll
21:11:50.0333 1432   RpcEptMapper - ok
21:11:50.0374 1432   RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) C:\Windows\system32\locator.exe
21:11:50.0457 1432   RpcLocator - ok
21:11:50.0525 1432   RpcSs (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
21:11:50.0594 1432   RpcSs - ok
21:11:50.0619 1432   rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
21:11:50.0717 1432   rspndr - ok
21:11:50.0853 1432   RS_Service (b5a4b7d779cf4070df408de18bd33b02) C:\Program Files\Acer\Acer VCM\RS_Service.exe
21:11:50.0923 1432   RS_Service ( UnsignedFile.Multi.Generic ) - warning
21:11:50.0923 1432   RS_Service - detected UnsignedFile.Multi.Generic (1)
21:11:50.0970 1432   s3cap (7fa7f2e249a5dcbb7970630e15e1f482) C:\Windows\system32\drivers\vms3cap.sys
21:11:51.0190 1432   s3cap - ok
21:11:51.0237 1432   SABKUTIL - ok
21:11:51.0264 1432   SABProcEnum - ok
21:11:51.0307 1432   SamSs (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
21:11:51.0335 1432   SamSs - ok
21:11:51.0452 1432   SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
21:11:51.0482 1432   SASDIFSV - ok
21:11:51.0502 1432   SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
21:11:51.0534 1432   SASKUTIL - ok
21:11:51.0626 1432   sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
21:11:51.0777 1432   sbp2port - ok
21:11:51.0913 1432   SCardSvr (8fc518ffe9519c2631d37515a68009c4) C:\Windows\System32\SCardSvr.dll
21:11:52.0003 1432   SCardSvr - ok
21:11:52.0050 1432   scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
21:11:52.0107 1432   scfilter - ok
21:11:52.0216 1432   Schedule (a04bb13f8a72f8b6e8b4071723e4e336) C:\Windows\system32\schedsvc.dll
21:11:52.0309 1432   Schedule - ok
21:11:52.0365 1432   SCPolicySvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
21:11:52.0432 1432   SCPolicySvc - ok
21:11:52.0498 1432   sdbus (0328be1c7f1cba23848179f8762e391c) C:\Windows\system32\drivers\sdbus.sys
21:11:52.0577 1432   sdbus - ok
21:11:52.0610 1432   SDRSVC (08236c4bce5edd0a0318a438af28e0f7) C:\Windows\System32\SDRSVC.dll
21:11:52.0732 1432   SDRSVC - ok
21:11:52.0764 1432   secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
21:11:52.0852 1432   secdrv - ok
21:11:52.0886 1432   seclogon (a59b3a4442c52060cc7a85293aa3546f) C:\Windows\system32\seclogon.dll
21:11:52.0968 1432   seclogon - ok
21:11:53.0010 1432   SENS (dcb7fcdcc97f87360f75d77425b81737) C:\Windows\system32\sens.dll
21:11:53.0102 1432   SENS - ok
21:11:53.0140 1432   SensrSvc (50087fe1ee447009c9cc2997b90de53f) C:\Windows\system32\sensrsvc.dll
21:11:53.0244 1432   SensrSvc - ok
21:11:53.0267 1432   Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
21:11:53.0362 1432   Serenum - ok
21:11:53.0385 1432   Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
21:11:53.0457 1432   Serial - ok
21:11:53.0514 1432   sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
21:11:53.0652 1432   sermouse - ok
21:11:53.0723 1432   SessionEnv (4ae380f39a0032eab7dd953030b26d28) C:\Windows\system32\sessenv.dll
21:11:53.0799 1432   SessionEnv - ok
21:11:53.0844 1432   sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
21:11:53.0962 1432   sffdisk - ok
21:11:53.0987 1432   sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
21:11:54.0082 1432   sffp_mmc - ok
21:11:54.0092 1432   sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys
21:11:54.0191 1432   sffp_sd - ok
21:11:54.0221 1432   sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
21:11:54.0292 1432   sfloppy - ok
21:11:54.0368 1432   SharedAccess (d1a079a0de2ea524513b6930c24527a2) C:\Windows\System32\ipnathlp.dll
21:11:54.0473 1432   SharedAccess - ok
21:11:54.0535 1432   ShellHWDetection (414da952a35bf5d50192e28263b40577) C:\Windows\System32\shsvcs.dll
21:11:54.0601 1432   ShellHWDetection - ok
21:11:54.0643 1432   sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
21:11:54.0819 1432   sisagp - ok
21:11:54.0843 1432   SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
21:11:54.0963 1432   SiSRaid2 - ok
21:11:55.0015 1432   SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
21:11:55.0076 1432   SiSRaid4 - ok
21:11:55.0105 1432   Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
21:11:55.0250 1432   Smb - ok
21:11:55.0289 1432   SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) C:\Windows\System32\snmptrap.exe
21:11:55.0417 1432   SNMPTRAP - ok
21:11:55.0450 1432   spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
21:11:55.0551 1432   spldr - ok
21:11:55.0588 1432   Spooler (866a43013535dc8587c258e43579c764) C:\Windows\System32\spoolsv.exe
21:11:55.0663 1432   Spooler - ok
21:11:55.0929 1432   sppsvc (cf87a1de791347e75b98885214ced2b8) C:\Windows\system32\sppsvc.exe
21:11:56.0048 1432   sppsvc - ok
21:11:56.0217 1432   sppuinotify (b0180b20b065d89232a78a40fe56eaa6) C:\Windows\system32\sppuinotify.dll
21:11:56.0305 1432   sppuinotify - ok
21:11:56.0419 1432   SQLBrowser (86ebd8b1f23e743aad21f4d5b4d40985) c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
21:11:56.0525 1432   SQLBrowser - ok
21:11:56.0551 1432   SQLWriter (d89083c4eb02daca8f944b0e05e57f9d) c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
21:11:56.0600 1432   SQLWriter - ok
21:11:56.0709 1432   srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys
21:11:56.0887 1432   srv - ok
21:11:56.0926 1432   srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys
21:11:57.0047 1432   srv2 - ok
21:11:57.0097 1432   SrvHsfHDA (e00fdfaff025e94f9821153750c35a6d) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
21:11:57.0168 1432   SrvHsfHDA - ok
21:11:57.0258 1432   SrvHsfV92 (ceb4e3b6890e1e42dca6694d9e59e1a0) C:\Windows\system32\DRIVERS\VSTDPV3.SYS
21:11:57.0322 1432   SrvHsfV92 - ok
21:11:57.0399 1432   SrvHsfWinac (bc0c7ea89194c299f051c24119000e17) C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
21:11:57.0479 1432   SrvHsfWinac - ok
21:11:57.0530 1432   srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys
21:11:57.0644 1432   srvnet - ok
21:11:57.0707 1432   SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) C:\Windows\System32\ssdpsrv.dll
21:11:57.0811 1432   SSDPSRV - ok
21:11:57.0840 1432   SstpSvc (d318f23be45d5e3a107469eb64815b50) C:\Windows\system32\sstpsvc.dll
21:11:57.0922 1432   SstpSvc - ok
21:11:57.0960 1432   stexstor (db32d325c192b801df274bfd12a7e72b) C:\Wi

evilfantasy · « **Reply #33 on:** June 02, 2012, 07:10:45 PM »

The bottom of the log is cut off.

Yes we may need the ESET log.

Peter Jordan · « **Reply #34 on:** June 02, 2012, 07:12:57 PM »

21:11:58.0029 1432   stexstor - ok
21:11:58.0106 1432   StiSvc (e1fb3706030fb4578a0d72c2fc3689e4) C:\Windows\System32\wiaservc.dll
21:11:58.0209 1432   StiSvc - ok
21:11:58.0253 1432   storflt (472af0311073dceceaa8fa18ba2bdf89) C:\Windows\system32\drivers\vmstorfl.sys
21:11:58.0360 1432   storflt - ok
21:11:58.0411 1432   StorSvc (0bf669f0a910beda4a32258d363af2a5) C:\Windows\system32\storsvc.dll
21:11:58.0515 1432   StorSvc - ok
21:11:58.0535 1432   storvsc (dcaffd62259e0bdb433dd67b5bb37619) C:\Windows\system32\drivers\storvsc.sys
21:11:58.0629 1432   storvsc - ok
21:11:58.0648 1432   swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys
21:11:58.0745 1432   swenum - ok
21:11:58.0809 1432   swprv (a28bd92df340e57b024ba433165d34d7) C:\Windows\System32\swprv.dll
21:11:58.0916 1432   swprv - ok
21:11:58.0962 1432   SynTP (47183e3520c88fadd5b0c87d57040da5) C:\Windows\system32\DRIVERS\SynTP.sys
21:11:59.0107 1432   SynTP - ok
21:11:59.0232 1432   SysMain (36650d618ca34c9d357dfd3d89b2c56f) C:\Windows\system32\sysmain.dll
21:11:59.0297 1432   SysMain - ok
21:11:59.0342 1432   TabletInputService (763fecdc3d30c815fe72dd57936c6cd1) C:\Windows\System32\TabSvc.dll
21:11:59.0410 1432   TabletInputService - ok
21:11:59.0470 1432   TapiSrv (613bf4820361543956909043a265c6ac) C:\Windows\System32\tapisrv.dll
21:11:59.0563 1432   TapiSrv - ok
21:11:59.0597 1432   TBS (b799d9fdb26111737f58288d8dc172d9) C:\Windows\System32\tbssvc.dll
21:11:59.0746 1432   TBS - ok
21:11:59.0913 1432   Tcpip (7fa2e0f8b072bd04b77b421480b6cc22) C:\Windows\system32\drivers\tcpip.sys
21:12:00.0011 1432   Tcpip - ok
21:12:00.0271 1432   TCPIP6 (7fa2e0f8b072bd04b77b421480b6cc22) C:\Windows\system32\DRIVERS\tcpip.sys
21:12:00.0316 1432   TCPIP6 - ok
21:12:00.0485 1432   tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys
21:12:00.0560 1432   tcpipreg - ok
21:12:00.0599 1432   TcUsb (51d4e3f5d221539c0a4a186a27c09ad7) C:\Windows\system32\Drivers\tcusb.sys
21:12:00.0760 1432   TcUsb - ok
21:12:00.0822 1432   TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys
21:12:00.0884 1432   TDPIPE - ok
21:12:00.0947 1432   TDTCP (2c2c5afe7ee4f620d69c23c0617651a8) C:\Windows\system32\drivers\tdtcp.sys
21:12:01.0006 1432   TDTCP - ok
21:12:01.0030 1432   tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys
21:12:01.0086 1432   tdx - ok
21:12:01.0133 1432   TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys
21:12:01.0241 1432   TermDD - ok
21:12:01.0328 1432   TermService (382c804c92811be57829d8e550a900e2) C:\Windows\System32\termsrv.dll
21:12:01.0413 1432   TermService - ok
21:12:01.0454 1432   Themes (42fb6afd6b79d9fe07381609172e7ca4) C:\Windows\system32\themeservice.dll
21:12:01.0523 1432   Themes - ok
21:12:01.0557 1432   THREADORDER (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
21:12:01.0604 1432   THREADORDER - ok
21:12:01.0630 1432   TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) C:\Windows\System32\trkwks.dll
21:12:01.0714 1432   TrkWks - ok
21:12:01.0854 1432   TrustedInstaller (2c49b175aee1d4364b91b531417fe583) C:\Windows\servicing\TrustedInstaller.exe
21:12:01.0949 1432   TrustedInstaller - ok
21:12:01.0999 1432   tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys
21:12:02.0055 1432   tssecsrv - ok
21:12:02.0133 1432   TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys
21:12:02.0259 1432   TsUsbFlt - ok
21:12:02.0313 1432   tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys
21:12:02.0383 1432   tunnel - ok
21:12:02.0411 1432   uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
21:12:02.0479 1432   uagp35 - ok
21:12:02.0510 1432   UBHelper (d79c0b9bb011218b93705cbf77fa3e5e) C:\Windows\system32\drivers\UBHelper.sys
21:12:02.0552 1432   UBHelper - ok
21:12:02.0615 1432   udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys
21:12:02.0675 1432   udfs - ok
21:12:02.0724 1432   UI0Detect (8344fd4fce927880aa1aa7681d4927e5) C:\Windows\system32\UI0Detect.exe
21:12:02.0800 1432   UI0Detect - ok
21:12:02.0858 1432   uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
21:12:02.0994 1432   uliagpkx - ok
21:12:03.0038 1432   umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\DRIVERS\umbus.sys
21:12:03.0078 1432   umbus - ok
21:12:03.0111 1432   UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
21:12:03.0182 1432   UmPass - ok
21:12:03.0244 1432   UmRdpService (409994a8eaceee4e328749c0353527a0) C:\Windows\System32\umrdp.dll
21:12:03.0294 1432   UmRdpService - ok
21:12:03.0402 1432   Updater Service (70dde3a86dbeb1d6c3c30ad687b1877a) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
21:12:03.0471 1432   Updater Service - ok
21:12:03.0520 1432   upnphost (833fbb672460efce8011d262175fad33) C:\Windows\System32\upnphost.dll
21:12:03.0624 1432   upnphost - ok
21:12:03.0673 1432   USBAAPL (eafe1e00739afe6c51487a050e772e17) C:\Windows\system32\Drivers\usbaapl.sys
21:12:03.0750 1432   USBAAPL - ok
21:12:03.0814 1432   usbaudio (1d9f2bd026e8e2d45033a4df3f16b78c) C:\Windows\system32\drivers\usbaudio.sys
21:12:04.0001 1432   usbaudio - ok
21:12:04.0028 1432   usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\DRIVERS\usbccgp.sys
21:12:04.0259 1432   usbccgp - ok
21:12:04.0287 1432   usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
21:12:04.0496 1432   usbcir - ok
21:12:04.0516 1432   usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\DRIVERS\usbehci.sys
21:12:04.0689 1432   usbehci - ok
21:12:04.0722 1432   usbfilter (0150b06d3e73f6c27afcb963fd931820) C:\Windows\system32\DRIVERS\usbfilter.sys
21:12:04.0868 1432   usbfilter - ok
21:12:04.0906 1432   usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys
21:12:05.0097 1432   usbhub - ok
21:12:05.0143 1432   usbohci (e185d44fac515a18d9deddc23c2cdf44) C:\Windows\system32\DRIVERS\usbohci.sys
21:12:05.0177 1432   usbohci - ok
21:12:05.0208 1432   usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
21:12:05.0345 1432   usbprint - ok
21:12:05.0369 1432   USBSTOR (f991ab9cc6b908db552166768176896a) C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:12:05.0486 1432   USBSTOR - ok
21:12:05.0511 1432   usbuhci (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\drivers\usbuhci.sys
21:12:05.0608 1432   usbuhci - ok
21:12:05.0691 1432   usbvideo (45f4e7bf43db40a6c6b4d92c76cbc3f2) C:\Windows\System32\Drivers\usbvideo.sys
21:12:05.0822 1432   usbvideo - ok
21:12:05.0847 1432   UxSms (081e6e1c91aec36758902a9f727cd23c) C:\Windows\System32\uxsms.dll
21:12:05.0928 1432   UxSms - ok
21:12:05.0975 1432   VaultSvc (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
21:12:06.0022 1432   VaultSvc - ok
21:12:06.0072 1432   vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
21:12:06.0191 1432   vdrvroot - ok
21:12:06.0285 1432   vds (c3cd30495687c2a2f66a65ca6fd89be9) C:\Windows\System32\vds.exe
21:12:06.0394 1432   vds - ok
21:12:06.0434 1432   vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
21:12:06.0507 1432   vga - ok
21:12:06.0537 1432   VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
21:12:06.0624 1432   VgaSave - ok
21:12:06.0681 1432   vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys
21:12:06.0820 1432   vhdmp - ok
21:12:06.0876 1432   viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
21:12:06.0970 1432   viaagp - ok
21:12:07.0014 1432   ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
21:12:07.0090 1432   ViaC7 - ok
21:12:07.0131 1432   viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
21:12:07.0223 1432   viaide - ok
21:12:07.0271 1432   vmbus (c2f2911156fdc7817c52829c86da494e) C:\Windows\system32\drivers\vmbus.sys
21:12:07.0375 1432   vmbus - ok
21:12:07.0386 1432   VMBusHID (d4d77455211e204f370d08f4963063ce) C:\Windows\system32\drivers\VMBusHID.sys
21:12:07.0482 1432   VMBusHID - ok
21:12:07.0504 1432   volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys
21:12:07.0601 1432   volmgr - ok
21:12:07.0645 1432   volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
21:12:07.0728 1432   volmgrx - ok
21:12:07.0801 1432   volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys
21:12:07.0899 1432   volsnap - ok
21:12:07.0952 1432   vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
21:12:08.0037 1432   vsmraid - ok
21:12:08.0153 1432   VSS (209a3b1901b83aeb8527ed211cce9e4c) C:\Windows\system32\vssvc.exe
21:12:08.0268 1432   VSS - ok
21:12:08.0319 1432   vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\system32\DRIVERS\vwifibus.sys
21:12:08.0465 1432   vwifibus - ok
21:12:08.0486 1432   vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\Windows\system32\DRIVERS\vwififlt.sys
21:12:08.0618 1432   vwififlt - ok
21:12:08.0665 1432   vwifimp (a3f04cbea6c2a10e6cb01f8b47611882) C:\Windows\system32\DRIVERS\vwifimp.sys
21:12:08.0791 1432   vwifimp - ok
21:12:08.0848 1432   W32Time (55187fd710e27d5095d10a472c8baf1c) C:\Windows\system32\w32time.dll
21:12:08.0963 1432   W32Time - ok
21:12:08.0993 1432   WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
21:12:09.0111 1432   WacomPen - ok
21:12:09.0154 1432   WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
21:12:09.0254 1432   WANARP - ok
21:12:09.0263 1432   Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
21:12:09.0304 1432   Wanarpv6 - ok
21:12:09.0430 1432   WatAdminSvc (353a04c273ec58475d8633e75ccd5604) C:\Windows\system32\Wat\WatAdminSvc.exe
21:12:09.0551 1432   WatAdminSvc - ok
21:12:09.0781 1432   wbengine (691e3285e53dca558e1a84667f13e15a) C:\Windows\system32\wbengine.exe
21:12:09.0919 1432   wbengine - ok
21:12:09.0961 1432   WbioSrvc (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\Windows\System32\wbiosrvc.dll
21:12:10.0033 1432   WbioSrvc - ok
21:12:10.0111 1432   wcncsvc (34eee0dfaadb4f691d6d5308a51315dc) C:\Windows\System32\wcncsvc.dll
21:12:10.0190 1432   wcncsvc - ok
21:12:10.0208 1432   WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\Windows\System32\WcsPlugInService.dll
21:12:10.0291 1432   WcsPlugInService - ok
21:12:10.0344 1432   Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
21:12:10.0410 1432   Wd - ok
21:12:10.0470 1432   Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
21:12:10.0558 1432   Wdf01000 - ok
21:12:10.0599 1432   WdiServiceHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
21:12:10.0744 1432   WdiServiceHost - ok
21:12:10.0754 1432   WdiSystemHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
21:12:10.0787 1432   WdiSystemHost - ok
21:12:10.0854 1432   WebClient (a9d880f97530d5b8fee278923349929d) C:\Windows\System32\webclnt.dll
21:12:10.0904 1432   WebClient - ok
21:12:10.0941 1432   Wecsvc (760f0afe937a77cff27153206534f275) C:\Windows\system32\wecsvc.dll
21:12:11.0043 1432   Wecsvc - ok
21:12:11.0068 1432   wercplsupport (ac804569bb2364fb6017370258a4091b) C:\Windows\System32\wercplsupport.dll
21:12:11.0157 1432   wercplsupport - ok
21:12:11.0182 1432   WerSvc (08e420d873e4fd85241ee2421b02c4a4) C:\Windows\System32\WerSvc.dll
21:12:11.0265 1432   WerSvc - ok
21:12:11.0297 1432   WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
21:12:11.0385 1432   WfpLwf - ok
21:12:11.0405 1432   WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
21:12:11.0471 1432   WIMMount - ok
21:12:11.0546 1432   winachsf (8b976d4ca270110111df4f313da0e6e8) C:\Windows\system32\DRIVERS\HSX_CNXT.sys
21:12:11.0670 1432   winachsf - ok
21:12:11.0814 1432   WinDefend (3fae8f94296001c32eab62cd7d82e0fd) C:\Program Files\Windows Defender\mpsvc.dll
21:12:11.0901 1432   WinDefend - ok
21:12:11.0925 1432   WinHttpAutoProxySvc - ok
21:12:12.0237 1432   Winmgmt (f62e510b6ad4c21eb9fe8668ed251826) C:\Windows\system32\wbem\WMIsvc.dll
21:12:12.0348 1432   Winmgmt - ok
21:12:12.0474 1432   WinRM (1b91cd34ea3a90ab6a4ef0550174f4cc) C:\Windows\system32\WsmSvc.dll
21:12:12.0593 1432   WinRM - ok
21:12:12.0703 1432   WinUsb (a67e5f9a400f3bd1be3d80613b45f708) C:\Windows\system32\DRIVERS\WinUsb.sys
21:12:12.0770 1432   WinUsb - ok
21:12:12.0873 1432   Wlansvc (16935c98ff639d185086a3529b1f2067) C:\Windows\System32\wlansvc.dll
21:12:12.0999 1432   Wlansvc - ok
21:12:13.0253 1432   wlidsvc (0a70f4022ec2e14c159efc4f69aa2477) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
21:12:13.0384 1432   wlidsvc - ok
21:12:13.0513 1432   WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys
21:12:13.0687 1432   WmiAcpi - ok
21:12:13.0762 1432   wmiApSrv (6eb6b66517b048d87dc1856ddf1f4c3f) C:\Windows\system32\wbem\WmiApSrv.exe
21:12:13.0902 1432   wmiApSrv - ok
21:12:14.0079 1432   WMPNetworkSvc (3b40d3a61aa8c21b88ae57c58ab3122e) C:\Program Files\Windows Media Player\wmpnetwk.exe
21:12:14.0203 1432   WMPNetworkSvc - ok
21:12:14.0337 1432   WPCSvc (a2f0ec770a92f2b3f9de6d518e11409c) C:\Windows\System32\wpcsvc.dll
21:12:14.0479 1432   WPCSvc - ok
21:12:14.0541 1432   WPDBusEnum (aa53356d60af47eacc85bc617a4f3f66) C:\Windows\system32\wpdbusenum.dll
21:12:14.0695 1432   WPDBusEnum - ok
21:12:14.0762 1432   ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
21:12:14.0847 1432   ws2ifsl - ok
21:12:14.0877 1432   wscsvc (6f5d49efe0e7164e03ae773a3fe25340) C:\Windows\system32\wscsvc.dll
21:12:14.0947 1432   wscsvc - ok
21:12:15.0003 1432   WSDPrintDevice (553f6ccd7c58eb98d4a8fbdaf283d7a9) C:\Windows\system32\DRIVERS\WSDPrint.sys
21:12:15.0125 1432   WSDPrintDevice - ok
21:12:15.0136 1432   WSearch - ok
21:12:15.0338 1432   wuauserv (3026418a50c5b4761befa632cedb7406) C:\Windows\system32\wuaueng.dll
21:12:15.0455 1432   wuauserv - ok
21:12:15.0602 1432   WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys
21:12:15.0673 1432   WudfPf - ok
21:12:15.0704 1432   WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys
21:12:15.0760 1432   WUDFRd - ok
21:12:15.0805 1432   wudfsvc (8d1e1e529a2c9e9b6a85b55a345f7629) C:\Windows\System32\WUDFSvc.dll
21:12:15.0871 1432   wudfsvc - ok
21:12:15.0917 1432   WwanSvc (ff2d745b560f7c71b31f30f4d49f73d2) C:\Windows\System32\wwansvc.dll
21:12:15.0989 1432   WwanSvc - ok
21:12:16.0016 1432   XAudio (894f963be999ba9db5aac3aed55b115d) C:\Windows\system32\DRIVERS\XAudio32.sys
21:12:16.0095 1432   XAudio - ok
21:12:16.0247 1432   YahooAUService (dd0042f0c3b606a6a8b92d49afb18ad6) C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
21:12:16.0319 1432   YahooAUService - ok
21:12:16.0388 1432   MBR (0x1B8) (af00fc1920e1cf861b39b90a4375edf3) \Device\Harddisk0\DR0
21:12:16.0756 1432   \Device\Harddisk0\DR0 - ok
21:12:16.0778 1432   Boot (0x1200) (f6db4357816cb62e20c12650128fa49f) \Device\Harddisk0\DR0\Partition0
21:12:16.0781 1432   \Device\Harddisk0\DR0\Partition0 - ok
21:12:16.0810 1432   Boot (0x1200) (8724746da5f04487e5f43566f61d6ad3) \Device\Harddisk0\DR0\Partition1
21:12:16.0811 1432   \Device\Harddisk0\DR0\Partition1 - ok
21:12:16.0812 1432   ============================================================
21:12:16.0812 1432   Scan finished
21:12:16.0812 1432   ============================================================
21:12:16.0838 5484   Detected object count: 4
21:12:16.0838 5484   Actual detected object count: 4
21:12:20.0638 5484   ETService ( UnsignedFile.Multi.Generic ) - skipped by user
21:12:20.0639 5484   ETService ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:12:20.0644 5484   IGBASVC ( UnsignedFile.Multi.Generic ) - skipped by user
21:12:20.0645 5484   IGBASVC ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:12:20.0649 5484   Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
21:12:20.0649 5484   Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:12:20.0653 5484   RS_Service ( UnsignedFile.Multi.Generic ) - skipped by user
21:12:20.0653 5484   RS_Service ( UnsignedFile.Multi.Generic ) - User select action: Skip

evilfantasy · « **Reply #35 on:** June 02, 2012, 07:17:09 PM »

I'm checking on this. Be back with you ASAP.

Peter Jordan · « **Reply #36 on:** June 03, 2012, 12:01:38 AM »

ESET scan was clean ("no threats detected"). I neglected to save a copy of the log, sorry.

evilfantasy · « **Reply #37 on:** June 03, 2012, 12:47:52 AM »

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:

• Flush DNS
• Report IE Proxy Settings
• Reset IE Proxy Settings
• Report FF Proxy Settings
• Reset FF Proxy Settings
• List content of Hosts
• List IP configuration
• List last 10 Event Viewer log
• List Installed Programs
• List Users, Partitions and Memory size.
• List Minidump Files

Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.

Did this help?

Peter Jordan · « **Reply #38 on:** June 03, 2012, 05:14:02 AM »

No change noted after using

MiniToolBox by Farbar Version: 14-01-2012
Ran by Peter (administrator) on 03-06-2012 at 07:21:16
Microsoft Windows 7 Professional Service Pack 1 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
ProxyServer: :0

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1 localhost

========================= IP Configuration: ================================

Atheros AR5B91 Wireless Network Adapter = Wireless Network Connection (Connected)
Broadcom NetXtreme Gigabit Ethernet = Local Area Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)

# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global

popd
# End of IPv4 configuration

Windows IP Configuration

Host Name . . . . . . . . . . . . : Peter-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : hsd1.nj.comcast.net.

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : 0A-60-76-2D-2C-DB
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : hsd1.nj.comcast.net.
Description . . . . . . . . . . . : Broadcom NetXtreme Gigabit Ethernet
Physical Address. . . . . . . . . : 00-26-2D-5B-76-65
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : hsd1.nj.comcast.net.
Description . . . . . . . . . . . : Atheros AR5B91 Wireless Network Adapter
Physical Address. . . . . . . . . : 0C-60-76-2D-2C-DB
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::a120:9ca4:f379:bc0d%10(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.102(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Sunday, June 03, 2012 7:14:27 AM
Lease Expires . . . . . . . . . . : Monday, June 04, 2012 7:14:27 AM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 168583286
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-12-73-FC-B8-0C-60-76-2D-2C-DB
DNS Servers . . . . . . . . . . . : 75.75.75.75
75.75.76.76
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.hsd1.nj.comcast.net.:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : hsd1.nj.comcast.net.
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 12:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:185a:25b7:b38a:9686(Preferred)
Link-local IPv6 Address . . . . . : fe80::185a:25b7:b38a:9686%26(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.{08D35869-7729-45CE-9D3C-8922241D989E}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: cdns01.comcast.net
Address: 75.75.75.75

Name: google.com
Addresses: 74.125.226.229
     74.125.226.227
     74.125.226.232
     74.125.226.225
     74.125.226.238
     74.125.226.228
     74.125.226.226
     74.125.226.233
     74.125.226.231
     74.125.226.224
     74.125.226.230

Pinging google.com [74.125.226.192] with 32 bytes of data:
Reply from 74.125.226.192: bytes=32 time=12ms TTL=55
Reply from 74.125.226.192: bytes=32 time=13ms TTL=55

Ping statistics for 74.125.226.192:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 12ms, Maximum = 13ms, Average = 12ms
Server: cdns01.comcast.net
Address: 75.75.75.75

Name: yahoo.com
Addresses: 209.191.122.70
     72.30.38.140
     98.139.183.24

Pinging yahoo.com [209.191.122.70] with 32 bytes of data:
Reply from 209.191.122.70: bytes=32 time=53ms TTL=49
Reply from 209.191.122.70: bytes=32 time=53ms TTL=49

Ping statistics for 209.191.122.70:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 53ms, Maximum = 53ms, Average = 53ms
Server: cdns01.comcast.net
Address: 75.75.75.75

Name: bleepingcomputer.com
Address: 208.43.87.2

Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
14...0a 60 76 2d 2c db ......Microsoft Virtual WiFi Miniport Adapter
11...00 26 2d 5b 76 65 ......Broadcom NetXtreme Gigabit Ethernet
10...0c 60 76 2d 2c db ......Atheros AR5B91 Wireless Network Adapter
1...........................Software Loopback Interface 1
27...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
26...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
46...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.102 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.102 281
192.168.1.102 255.255.255.255 On-link 192.168.1.102 281
192.168.1.255 255.255.255.255 On-link 192.168.1.102 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.102 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.102 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
26 58 ::/0 On-link
1 306 ::1/128 On-link
26 58 2001::/32 On-link
26 306 2001:0:4137:9e76:185a:25b7:b38a:9686/128
On-link
10 281 fe80::/64 On-link
26 306 fe80::/64 On-link
26 306 fe80::185a:25b7:b38a:9686/128
On-link
10 281 fe80::a120:9ca4:f379:bc0d/128
On-link
1 306 ff00::/8 On-link
26 306 ff00::/8 On-link
10 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None

========================= Event log errors: ===============================

Application errors:
==================
Error: (06/03/2012 07:19:21 AM) (Source: Application Error) (User: )
Description: Faulting application name: Explorer.EXE, version: 6.1.7601.17567, time stamp: 0x4d6727a7
Faulting module name: hd438A_module.dat, version: 0.0.0.0, time stamp: 0x4c62a42f
Exception code: 0xc0000005
Fault offset: 0x0000e996
Faulting process id: 0xa78
Faulting application start time: 0xExplorer.EXE0
Faulting application path: Explorer.EXE1
Faulting module path: Explorer.EXE2
Report Id: Explorer.EXE3

Error: (06/03/2012 07:16:47 AM) (Source: Application Error) (User: )
Description: Faulting application name: Explorer.EXE, version: 6.1.7601.17567, time stamp: 0x4d6727a7
Faulting module name: hd438A_module.dat, version: 0.0.0.0, time stamp: 0x4c62a42f
Exception code: 0xc0000005
Fault offset: 0x0000e996
Faulting process id: 0x8c8
Faulting application start time: 0xExplorer.EXE0
Faulting application path: Explorer.EXE1
Faulting module path: Explorer.EXE2
Report Id: Explorer.EXE3

Error: (06/03/2012 02:22:28 AM) (Source: Application Error) (User: )
Description: Faulting application name: Explorer.exe, version: 6.1.7601.17567, time stamp: 0x4d6727a7
Faulting module name: hd438A_module.dat, version: 0.0.0.0, time stamp: 0x4c62a42f
Exception code: 0xc0000005
Fault offset: 0x0000e996
Faulting process id: 0x177c
Faulting application start time: 0xExplorer.exe0
Faulting application path: Explorer.exe1
Faulting module path: Explorer.exe2
Report Id: Explorer.exe3

Error: (06/03/2012 02:19:55 AM) (Source: Application Error) (User: )
Description: Faulting application name: Explorer.exe, version: 6.1.7601.17567, time stamp: 0x4d6727a7
Faulting module name: hd438A_module.dat, version: 0.0.0.0, time stamp: 0x4c62a42f
Exception code: 0xc0000005
Fault offset: 0x0000e996
Faulting process id: 0x8c8
Faulting application start time: 0xExplorer.exe0
Faulting application path: Explorer.exe1
Faulting module path: Explorer.exe2
Report Id: Explorer.exe3

Error: (06/03/2012 02:17:22 AM) (Source: Application Error) (User: )
Description: Faulting application name: Explorer.exe, version: 6.1.7601.17567, time stamp: 0x4d6727a7
Faulting module name: hd438A_module.dat, version: 0.0.0.0, time stamp: 0x4c62a42f
Exception code: 0xc0000005
Fault offset: 0x0000e996
Faulting process id: 0xc08
Faulting application start time: 0xExplorer.exe0
Faulting application path: Explorer.exe1
Faulting module path: Explorer.exe2
Report Id: Explorer.exe3

Error: (06/03/2012 02:14:48 AM) (Source: Application Error) (User: )
Description: Faulting application name: Explorer.exe, version: 6.1.7601.17567, time stamp: 0x4d6727a7
Faulting module name: hd438A_module.dat, version: 0.0.0.0, time stamp: 0x4c62a42f
Exception code: 0xc0000005
Fault offset: 0x0000e996
Faulting process id: 0x14e0
Faulting application start time: 0xExplorer.exe0
Faulting application path: Explorer.exe1
Faulting module path: Explorer.exe2
Report Id: Explorer.exe3

Error: (06/03/2012 02:12:15 AM) (Source: Application Error) (User: )
Description: Faulting application name: Explorer.exe, version: 6.1.7601.17567, time stamp: 0x4d6727a7
Faulting module name: hd438A_module.dat, version: 0.0.0.0, time stamp: 0x4c62a42f
Exception code: 0xc0000005
Fault offset: 0x0000e996
Faulting process id: 0xca8
Faulting application start time: 0xExplorer.exe0
Faulting application path: Explorer.exe1
Faulting module path: Explorer.exe2
Report Id: Explorer.exe3

Error: (06/03/2012 02:09:53 AM) (Source: Application Error) (User: )
Description: Faulting application name: Explorer.exe, version: 6.1.7601.17567, time stamp: 0x4d6727a7
Faulting module name: hd438A_module.dat, version: 0.0.0.0, time stamp: 0x4c62a42f
Exception code: 0xc0000005
Fault offset: 0x0000e996
Faulting process id: 0x1564
Faulting application start time: 0xExplorer.exe0
Faulting application path: Explorer.exe1
Faulting module path: Explorer.exe2
Report Id: Explorer.exe3

Error: (06/03/2012 01:15:32 AM) (Source: Application Error) (User: )
Description: Faulting application name: Explorer.exe, version: 6.1.7601.17567, time stamp: 0x4d6727a7
Faulting module name: hd438A_module.dat, version: 0.0.0.0, time stamp: 0x4c62a42f
Exception code: 0xc0000005
Fault offset: 0x0000e996
Faulting process id: 0x6a0
Faulting application start time: 0xExplorer.exe0
Faulting application path: Explorer.exe1
Faulting module path: Explorer.exe2
Report Id: Explorer.exe3

Error: (06/02/2012 11:33:16 PM) (Source: Application Error) (User: )
Description: Faulting application name: Explorer.exe, version: 6.1.7601.17567, time stamp: 0x4d6727a7
Faulting module name: hd438A_module.dat, version: 0.0.0.0, time stamp: 0x4c62a42f
Exception code: 0xc0000005
Fault offset: 0x0000e996
Faulting process id: 0xf50
Faulting application start time: 0xExplorer.exe0
Faulting application path: Explorer.exe1
Faulting module path: Explorer.exe2
Report Id: Explorer.exe3

System errors:
=============
Error: (06/03/2012 07:15:33 AM) (Source: DCOM) (User: SYSTEM)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (06/03/2012 07:14:47 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
SABKUTIL

Error: (06/03/2012 07:14:24 AM) (Source: EventLog) (User: )
Description: The previous system shutdown at 7:12:38 AM on ?6/?3/?2012 was unexpected.

Error: (06/03/2012 07:12:10 AM) (Source: atapi) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort0.

Error: (06/03/2012 07:12:10 AM) (Source: atapi) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort0.

Error: (06/03/2012 07:12:10 AM) (Source: atapi) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort0.

Error: (06/03/2012 06:52:39 AM) (Source: atapi) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort0.

Error: (06/03/2012 06:18:35 AM) (Source: atapi) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort0.

Error: (06/03/2012 05:44:08 AM) (Source: atapi) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort0.

Error: (06/03/2012 05:08:36 AM) (Source: atapi) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort0.

Microsoft Office Sessions:
=========================
Error: (12/18/2011 06:53:38 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 23270 seconds with 840 seconds of active time. This session ended with a crash.

Error: (11/25/2011 00:05:00 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 3552 seconds with 0 seconds of active time. This session ended with a crash.

Error: (03/26/2011 11:23:40 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 6164 seconds with 720 seconds of active time. This session ended with a crash.

Error: (06/20/2010 11:50:39 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6500.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 213 seconds with 180 seconds of active time. This session ended with a crash.

Error: (06/20/2010 11:46:09 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6500.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1577 seconds with 1440 seconds of active time. This session ended with a crash.

=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
2007 Microsoft Office system (Version: 12.0.6612.1000)
32 Bit HP CIO Components Installer (Version: 7.1.5)
7-Zip 9.20
Able2Extract Professional v5.0
AC3Filter ACM AC3/DTS codec (remove only)
Acer Assist
Acer Bio Protection (Version: 6.2.48)
Acer Crystal Eye Webcam (Version: 5.2.7.1)
Acer Empowering Technology (Version: 3.0.3016)
Acer ePower Management (Version: 3.0.3019)
Acer eRecovery Management (Version: 4.05.3003)
Acer GridVista (Version: 3.01.0730)
Acer Registration (Version: 1.02.3006)
Acer ScreenSaver (Version: 1.1.0812)
Acer Updater (Version: 1.01.3014)
Acer VCM (Version: 4.05.3000)
Acrobat.com (Version: 1.6.65)
Adobe AIR (Version: 3.2.0.2070)
Adobe Digital Editions
Adobe Flash Player 11 ActiveX (Version: 11.2.202.235)
Adobe Flash Player 11 Plugin (Version: 11.2.202.235)
Adobe Reader X (10.1.3) (Version: 10.1.3)
Adobe Shockwave Player 11.6 (Version: 11.6.4.634)
Allok Video Joiner 4.0.1019
AMD USB Filter Driver (Version: 1.0.11.86)
Apple Application Support (Version: 2.1.7)
Apple Mobile Device Support (Version: 5.1.1.4)
Apple Software Update (Version: 2.1.3.127)
ATI Catalyst Install Manager (Version: 3.0.732.0)
Bonjour (Version: 3.0.0.10)
Broadcom Gigabit Integrated Controller (Version: 12.24.02)
Business Contact Manager for Outlook 2007 SP2 (Version: 3.0.8619.1)
CamStudio
Camtasia Studio 7 (Version: 7.0.0)
CaptureWizPro 4.30
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Core Implementation (Version: 2009.0702.1239.20840)
Catalyst Control Center Graphics Full Existing (Version: 2009.0702.1239.20840)
Catalyst Control Center Graphics Full New (Version: 2009.0702.1239.20840)
Catalyst Control Center Graphics Light (Version: 2009.0702.1239.20840)
Catalyst Control Center InstallProxy (Version: 2009.0702.1239.20840)
Catalyst Control Center Localization All (Version: 2009.0702.1239.20840)
ccc-core-static (Version: 2009.0702.1239.20840)
ccc-utility (Version: 2009.0702.1239.20840)
CCC Help Chinese Standard (Version: 2009.0702.1238.20840)
CCC Help Chinese Traditional (Version: 2009.0702.1238.20840)
CCC Help Czech (Version: 2009.0702.1238.20840)
CCC Help Danish (Version: 2009.0702.1238.20840)
CCC Help Dutch (Version: 2009.0702.1238.20840)
CCC Help English (Version: 2009.0702.1238.20840)
CCC Help Finnish (Version: 2009.0702.1238.20840)
CCC Help French (Version: 2009.0702.1238.20840)
CCC Help German (Version: 2009.0702.1238.20840)
CCC Help Greek (Version: 2009.0702.1238.20840)
CCC Help Hungarian (Version: 2009.0702.1238.20840)
CCC Help Italian (Version: 2009.0702.1238.20840)
CCC Help Japanese (Version: 2009.0702.1238.20840)
CCC Help Korean (Version: 2009.0702.1238.20840)
CCC Help Norwegian (Version: 2009.0702.1238.20840)
CCC Help Polish (Version: 2009.0702.1238.20840)
CCC Help Portuguese (Version: 2009.0702.1238.20840)
CCC Help Russian (Version: 2009.0702.1238.20840)
CCC Help Spanish (Version: 2009.0702.1238.20840)
CCC Help Swedish (Version: 2009.0702.1238.20840)
CCC Help Thai (Version: 2009.0702.1238.20840)
CCC Help Turkish (Version: 2009.0702.1238.20840)
CCleaner (Version: 3.19)
CDex - Open Source Digital Audio CD Extractor (Version: 1.70.4.2009)
CuratorUtilities (Version: 0.0.0)
D3DX10 (Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
DirectVobSub (remove only)
DivX Setup (Version: 2.6.1.

Dropbox (Version: 1.1.35)
DVD Flick 1.3.0.7 (Version: 1.3.0.7)
Easy Video Joiner 5.21
Elite Proxy Switcher 1.10
Email Verifier
Email Verifier (Version: 6.2)
Encoder (Version: 1.0.0)
eSobi v2 (Version: 2.0.4.000274)
EZ MPEG TO AVI Converter 3.00
FastStone Image Viewer 4.2 (Version: 4.2)
Final Media Player 2010
Fingerprint Solution (Version: 6.1.48.0)
Free Mp3 Wma Converter V 1.9 (Version: 1.9.0.0)
Free Video to MP3 Converter version 4.0
Free YouTube to MP3 Converter version 3.10.15.1228
Garmin Lifetime Updater (Version: 2.0.4)
GIMP 2.6.11 (Version: 2.6.11)
Google Update Helper (Version: 1.3.21.111)
GoToMeeting 5.1.0.880 (Version: 5.1.0.880)
HandBrake 0.9.5 (Version: 0.9.5)
HDAUDIO Soft Data Fax Modem with SmartCP (Version: 7.80.4.55)
HijackThis 2.0.2 (Version: 2.0.2)
HP Color LaserJet 3600 (02/27/2007 61.063.461.41) (Version: 02/27/2007 61.063.461.41)
iCloud (Version: 1.1.0.40)
Identity Card (Version: 1.00.3001)
ImgBurn (Version: 2.5.1.0)
InterVideo WinDVD 8 (Version: 8.5.10.39)
iTunes (Version: 10.6.0.40)
IZArc 4.1.2 (Version: 4.1.2)
Java Auto Updater (Version: 2.1.6.0)
Java(TM) 6 Update 31 (Version: 6.0.310)
Java(TM) 7 Update 4 (Version: 7.0.40)
JavaFX 2.1.0 (Version: 2.1.0)
Jing (Version: 2.6.12032.1)
Junk Mail filter update (Version: 15.4.3502.0922)
K-Lite Codec Pack 6.3.0 (Basic) (Version: 6.3.0)
Kaspersky Anti-Virus 2010 (Version: 9.0.0.736)
Kyocera Product Library (Version: 2.0.0713)
LameXP
Learn.com Player (Uninstall Only)
LockHunter version 1.0 beta 3, 32 bit edition
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Office 2003 Web Components (Version: 11.0.8173.0)
Microsoft Office 2007 Primary Interop Assemblies (Version: 12.0.4518.1014)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Professional Edition 2003 (Version: 11.0.8173.0)
Microsoft Office Professional Hybrid 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Small Business Connectivity Components (Version: 2.0.7024.0)
Microsoft Office Suite Activation Assistant (Version: 2.9)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft PowerPoint 2010 (Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft SQL Server 2005 Express Edition (MSSMLBIZ) (Version: 9.4.5000.00)
Microsoft SQL Server Native Client (Version: 9.00.5000.00)
Microsoft SQL Server Setup Support Files (English) (Version: 9.00.5000.00)
Microsoft SQL Server VSS Writer (Version: 9.00.5000.00)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ Run Time Lib Setup (Version: 1.0.0)
mkv2vob (Version: 2.4.9)
Mozilla Firefox 12.0 (x86 en-US) (Version: 12.0)
Mozilla Maintenance Service (Version: 12.0)
MSVCRT (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
NTI Backup Now 5 (Version: 5.1.2.627)
NTI Backup Now Standard (Version: 5.1.2.627)
NTI Media Maker 8 (Version: 8.0.12.6619)
NTI Shadow (Version: 3.7.6.56)
O2Micro Flash Memory Card Reader Driver (Version: 3.31.02)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0)
OJOsoft DVD AVI Converter Suite (Version: 2.7.5.0412)
OJOsoft MKV Converter (Version: 2.7.5.0412)
OJOsoft Total Video Converter (Version: 2.5.1.1121)
OJOsoft Total Video Converter (Version: 2.7.5.0412)
PageOne Curator (Version: 1.2.4)
Photozig Albums 1.0
QuickTime (Version: 7.70.80.34)
Real Alternative 2.0.2 (Version: 2.0.2)
Realtek High Definition Audio Driver (Version: 6.0.1.5911)
RER Video Converter (Version: 3.7.5.0412)
Safari (Version: 5.34.54.16)
save2pc Light 4.14
SEO SpyGlass
SliQ Submitter Plus (Version: 2.20.0)
SPBA 5.8 (Version: 5.8.2.5652)
SUPERAntiSpyware (Version: 5.0.1150)
swMSM (Version: 12.0.0.1)
Synaptics Pointing Device Driver (Version: 13.2.2.0)
TextPad 5 (Version: 5.3.1)
The Ultimate Troubleshooter
ToolkitCMA
TOP YouTube Downloader V1.0.0
TweakNow PowerPack 2011 (Version: 3.0.1)
Uninstall 1.0.0.1
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2598290) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
Video mp3 Extractor
VLC media player 1.1.4 (Version: 1.1.4)
Voxware Audio decoder 1.6 (Version: 1.6.0)
WebEx
Welcome Center (Version: 1.00.3005)
WIDCOMM Bluetooth Software (Version: 6.2.0.9700)
Win7codecs (Version: 2.5.4)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3502.0922)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Sync (Version: 14.0.8064.206)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3502.0922)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
WinRAR archiver
WinZip 14.5 (Version: 14.5.9095)
Wisdom-soft Set up ScreenHunter 5.1 Free
Yahoo! Software Update

========================= Memory info: ===================================

Percentage of memory in use: 36%
Total physical RAM: 2814.36 MB
Available physical RAM: 1773.12 MB
Total Pagefile: 5627 MB
Available Pagefile: 4217.57 MB
Total Virtual: 2047.88 MB
Available Virtual: 1940.11 MB

========================= Partitions: =====================================

1 Drive c: (ACER) (Fixed) (Total:221.07 GB) (Free:71.73 GB) NTFS

========================= Users: ========================================

User accounts for \\PETER-PC

Administrator Guest Peter

========================= Minidump Files ==================================

No minidump file found

**** End of log ****

Peter Jordan · « **Reply #39 on:** June 03, 2012, 09:01:19 AM »

One update...

Realized the version of KP I have is 2010 and updated to 2012. Upon doing so, while I still received the malicious URL mssgs, WE no longer shut down. I let the computer run for another hour and again, warning messages appeared by were no longer followed by WE stopping and re-starting.

I wondered if this would continue after rebooting the computer, but unfortunately it did not and it reverted back to the old cycle of URL mssg followed by WE shut down/restart.

Not sure if this is significant or provided any further clues as to where the problem lies, but thought I would pass it along.

Thanks,
Peter

Peter Jordan · « **Reply #40 on:** June 03, 2012, 11:40:53 AM »

Should I take any action with these 4 files detected by Kaspersky tdsskiller? Or are they safe?

13:47:07.0850 4004   Detected object count: 4
13:47:07.0850 4004   Actual detected object count: 4
13:47:37.0470 4004   ETService ( UnsignedFile.Multi.Generic ) - skipped by user
13:47:37.0470 4004   ETService ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:47:37.0471 4004   IGBASVC ( UnsignedFile.Multi.Generic ) - skipped by user
13:47:37.0471 4004   IGBASVC ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:47:37.0474 4004   Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
13:47:37.0474 4004   Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:47:37.0478 4004   RS_Service ( UnsignedFile.Multi.Generic ) - skipped by user
13:47:37.0478 4004   RS_Service ( UnsignedFile.Multi.Generic ) - User select action: Skip

evilfantasy · « **Reply #41 on:** June 03, 2012, 01:59:14 PM »

Quote from: Peter Jordan on June 03, 2012, 11:40:53 AM

Should I take any action with these 4 files detected by Kaspersky tdsskiller? Or are they safe?

That is normal.

Try to start Firefox in Safe Mode and see if it still happens.

How to start Firefox in Safe Mode

You can start Firefox in Safe Mode by holding down the shift key while starting Firefox.

Peter Jordan · « **Reply #42 on:** June 03, 2012, 04:41:14 PM »

Doesn't occur in Safe Mode.

By the way, occurs now whether I use IE or Firefox.

Hope that helps.

Peter

Peter Jordan · « **Reply #43 on:** June 04, 2012, 12:02:10 PM »

Anything else that can be done?

evilfantasy · « **Reply #44 on:** June 04, 2012, 04:07:32 PM »

Run a scan with MGtools and attach the log please. Using MGtools

Computer Hope Forum

News:

Author Topic: Kaspersky Malicious URL Blocked -- Windows Explorer Shuts Down (Read 189216 times)

Peter Jordan

Re: Kaspersky Malicious URL Blocked -- Windows Explorer Shuts Down

evilfantasy

Re: Kaspersky Malicious URL Blocked -- Windows Explorer Shuts Down

Peter Jordan

Re: Kaspersky Malicious URL Blocked -- Windows Explorer Shuts Down

evilfantasy

Re: Kaspersky Malicious URL Blocked -- Windows Explorer Shuts Down

Peter Jordan

Re: Kaspersky Malicious URL Blocked -- Windows Explorer Shuts Down

evilfantasy

Re: Kaspersky Malicious URL Blocked -- Windows Explorer Shuts Down

Peter Jordan

Re: Kaspersky Malicious URL Blocked -- Windows Explorer Shuts Down

evilfantasy

Re: Kaspersky Malicious URL Blocked -- Windows Explorer Shuts Down

Peter Jordan

Re: Kaspersky Malicious URL Blocked -- Windows Explorer Shuts Down

Peter Jordan

Re: Kaspersky Malicious URL Blocked -- Windows Explorer Shuts Down

Peter Jordan

Re: Kaspersky Malicious URL Blocked -- Windows Explorer Shuts Down

evilfantasy

Re: Kaspersky Malicious URL Blocked -- Windows Explorer Shuts Down

Peter Jordan

Re: Kaspersky Malicious URL Blocked -- Windows Explorer Shuts Down

Peter Jordan

Re: Kaspersky Malicious URL Blocked -- Windows Explorer Shuts Down

evilfantasy

Re: Kaspersky Malicious URL Blocked -- Windows Explorer Shuts Down