Author Topic: Kaspersky Malicious URL Blocked -- Windows Explorer Shuts Down (Read 188228 times)

Peter Jordan · « **on:** May 26, 2012, 07:37:02 PM »

Just recently I have started receiving messages from Kaspersky indicating they have blocked a malicious URL from loading.

The message reads:

C:\\Windows\Explorer.Exe (PID:5084): Loading Object http:/...?worker.php?action=get%5Fscript%5Fhash...containing malicious URL
hXXp://76.191.112.2/scripts/worker.php?action=get %5F scrips %5hash&ver=1.1

Shortly afterwards, Windows Explorer shuts down and they restarts. This cycle repeats itself continuously.

I have conducted full scans using Kaspersky, Malewyrebytes, and Super-Antispyware, none of which detected anything.

A scan using Combofix did find and delete a dll called devil and the problem was remedied until the computer was rebooted at which point the issues recommenced.

Your help would be greatly appreciated.

<Mod Edit> - Malicious IP munged. Please do not intentionally post live links that are infected.

evilfantasy · « **Reply #1 on:** May 26, 2012, 09:21:37 PM »

76.191.112.2 is a dangerous IP addresses such as:

- Attackers who try to spy or remotely control others' computers by means such Microsoft remote terminal, SSH, Telnet or shared desktops.
- Threats for email servers or users: spiders/bots, account hijacking, etc.
- Sites spreading virus, trojans, spyware, etc. or just being used by them to let their authors know that a new computer has been infected.
- Threats for servers: exploits, fake identities/agents, DDoS attackers, etc.
- Port scans, which are the first step towards more dangerous actions.
- Malicious P2P sharers or bad peers who spread malware, inject bad traffic or share fake archives.

http://www.mywot.com/en/scorecard/76.191.112.2

Can you post the ComboFix log please. It can be found in C:\combofix.txt

Peter Jordan · « **Reply #2 on:** May 27, 2012, 05:04:17 AM »

ComboFix 12-05-26.02 - Peter 05/26/2012 7:42.9.2 - x86
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.2814.1857 [GMT -4:00]
Running from: c:\users\Peter\Downloads\ComboFix2.exe
AV: Kaspersky Anti-Virus *Enabled/Updated* {56547CC9-C9B2-849D-8FEF-A496150D6A06}
SP: Kaspersky Anti-Virus *Enabled/Updated* {ED359D2D-EF88-8B13-B55F-9FE46E8A20BB}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\11335636341.dll
.
.
((((((((((((((((((((((((( Files Created from 2012-04-26 to 2012-05-26 )))))))))))))))))))))))))))))))
.
.
2012-05-26 11:54 . 2012-05-26 11:54   --------   d-----w-   c:\users\Peter\AppData\Local\temp
2012-05-26 11:54 . 2012-05-26 11:54   --------   d-----w-   c:\windows\system32\config\systemprofile\AppData\Local\temp
2012-05-26 11:54 . 2012-05-26 11:54   --------   d-----w-   c:\users\Public\AppData\Local\temp
2012-05-26 11:54 . 2012-05-26 11:54   --------   d-----w-   c:\users\Default\AppData\Local\temp
2012-05-25 12:00 . 2012-05-25 12:20   --------   d-----w-   C:\ComboFix2
2012-05-25 11:16 . 2012-05-08 16:40   6737808   ----a-w-   c:\programdata\Microsoft\Windows Defender\Definition Updates\{A98B41E2-3CD0-436E-857D-6C3F85B85985}\mpengine.dll
2012-05-17 11:42 . 2012-05-17 11:42   --------   d-----w-   c:\programdata\RemoteAutomator
2012-05-17 11:42 . 2012-05-17 11:42   --------   d-----w-   c:\program files\RemoteAutomator
2012-05-09 21:01 . 2012-03-30 10:23   1291632   ----a-w-   c:\windows\system32\drivers\tcpip.sys
2012-05-09 21:01 . 2012-03-31 04:29   936960   ----a-w-   c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2012-05-09 21:01 . 2012-03-31 04:30   1221632   ----a-w-   c:\program files\Windows Journal\NBDoc.DLL
2012-05-09 21:01 . 2012-03-31 04:29   989184   ----a-w-   c:\program files\Windows Journal\JNTFiltr.dll
2012-05-09 21:01 . 2012-03-31 04:29   969216   ----a-w-   c:\program files\Windows Journal\JNWDRV.dll
2012-05-09 21:01 . 2012-03-31 04:39   3968368   ----a-w-   c:\windows\system32\ntkrnlpa.exe
2012-05-09 21:01 . 2012-03-31 04:39   3913072   ----a-w-   c:\windows\system32\ntoskrnl.exe
2012-05-09 21:01 . 2012-03-31 02:36   2343424   ----a-w-   c:\windows\system32\win32k.sys
2012-05-09 21:01 . 2012-03-17 07:27   56176   ----a-w-   c:\windows\system32\drivers\partmgr.sys
2012-05-09 21:00 . 2012-03-03 05:31   1077248   ----a-w-   c:\windows\system32\DWrite.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-05-05 10:39 . 2012-03-29 22:59   419488   ----a-w-   c:\windows\system32\FlashPlayerApp.exe
2012-05-05 10:39 . 2011-05-13 13:08   70304   ----a-w-   c:\windows\system32\FlashPlayerCPLApp.cpl
2012-04-09 00:21 . 2010-08-16 11:32   472808   ----a-w-   c:\windows\system32\deployJava1.dll
2012-04-04 19:56 . 2010-12-03 22:19   22344   ----a-w-   c:\windows\system32\drivers\mbam.sys
2012-03-26 14:00 . 2012-04-13 11:20   112056   ----a-w-   c:\windows\system32\acaptuser32.dll
2012-03-01 05:46 . 2012-04-13 01:17   19824   ----a-w-   c:\windows\system32\drivers\fs_rec.sys
2012-03-01 05:37 . 2012-04-13 01:17   172544   ----a-w-   c:\windows\system32\wintrust.dll
2012-03-01 05:33 . 2012-04-13 01:17   159232   ----a-w-   c:\windows\system32\imagehlp.dll
2012-03-01 05:29 . 2012-04-13 01:17   5120   ----a-w-   c:\windows\system32\wmi.dll
2012-02-28 01:18 . 2012-04-13 01:29   1799168   ----a-w-   c:\windows\system32\jscript9.dll
2012-02-28 01:11 . 2012-04-13 01:29   1427456   ----a-w-   c:\windows\system32\inetcpl.cpl
2012-02-28 01:11 . 2012-04-13 01:29   1127424   ----a-w-   c:\windows\system32\wininet.dll
2012-02-28 01:03 . 2012-04-13 01:29   2382848   ----a-w-   c:\windows\system32\mshtml.tlb
2011-02-27 00:14 . 2011-02-27 00:14   7808600   ----a-w-   c:\program files\PowerPack3.exe
2011-02-27 00:13 . 2011-02-27 00:13   5404768   ----a-w-   c:\program files\RegCleaner603.exe
2010-08-19 16:59 . 2010-08-19 16:59   197632   ----a-w-   c:\program files\Common Files\OnlineFilesManager.dll
2012-04-25 16:31 . 2011-03-24 10:59   97208   ----a-w-   c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{64d23501-5195-4224-9446-e2b0fb64e859}"= "c:\program files\HiGames\tbHiGa.dll" [2009-10-27 2325528]
.
[HKEY_CLASSES_ROOT\clsid\{64d23501-5195-4224-9446-e2b0fb64e859}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{64d23501-5195-4224-9446-e2b0fb64e859}]
2009-10-27 15:45   2325528   ----a-w-   c:\program files\HiGames\tbHiGa.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{64d23501-5195-4224-9446-e2b0fb64e859}"= "c:\program files\HiGames\tbHiGa.dll" [2009-10-27 2325528]
"{583F8E79-0A89-4EBA-9DE2-479E57F64506}"= "c:\users\Peter\Documents\AP_Rewards_AutoEARN\aanpb.dll" [2010-04-26 333192]
.
[HKEY_CLASSES_ROOT\clsid\{64d23501-5195-4224-9446-e2b0fb64e859}]
.
[HKEY_CLASSES_ROOT\clsid\{583f8e79-0a89-4eba-9de2-479e57f64506}]
[HKEY_CLASSES_ROOT\Loader.MToolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{E6BDE3C5-7B88-43b4-AB35-8EEEAB2CED76}]
[HKEY_CLASSES_ROOT\Loader.MToolbar]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12   94208   ----a-w-   c:\users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12   94208   ----a-w-   c:\users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12   94208   ----a-w-   c:\users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Online Files]
@="{B82655E9-B81D-4A97-8154-0D84A4C048E4}"
[HKEY_CLASSES_ROOT\CLSID\{B82655E9-B81D-4A97-8154-0D84A4C048E4}]
2010-08-19 16:59   197632   ----a-w-   c:\program files\Common Files\OnlineFilesManager.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Jing"="c:\program files\TechSmith\Jing\Jing.exe" [2012-02-01 2918224]
"aanpm"="c:\users\Peter\Documents\AP_Rewards_AutoEARN\aanpt.exe" [2010-04-26 574856]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2012-02-23 740216]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-07-02 98304]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-08-06 7703072]
"VitaKeyPdtWzd"="c:\program files\Acer Bio Protection\PdtWzd.exe" [2009-08-06 3575808]
"LManager"="c:\program files\Launch Manager\LManager.exe" [2009-08-28 1130504]
"ePower_DMC"="c:\program files\Acer\Empowering Technology\ePower\ePower_DMC.exe" [2009-07-21 421888]
"Acer Assist Launcher"="c:\program files\Acer\Acer Assist\launcher.exe" [2007-11-19 1261568]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"AVP"="c:\program files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe" [2011-03-21 340520]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"Adobe Acrobat Speed Launcher"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" [2012-03-27 40376]
"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [2012-03-26 640440]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"Malwarebytes' Anti-Malware"="c:\program files\NoMoreTime\mbamgui.exe" [2012-04-04 462408]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
SYNND RemoteAutomator.lnk - c:\program files\RemoteAutomator\AppStart.exe [2012-5-17 28480]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"DisableCAD"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\spba]
2009-06-26 17:05   568072   ----a-w-   c:\program files\Common Files\SPBA\homefus2.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\KASPER~1\KASPER~1\mzvkbd3.dll c:\windows\System32\acaptuser32.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages   REG_MULTI_SZ     kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKLM\~\startupfolder\C:^Users^Peter^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^CaptureWiz.lnk]
path=
backup=c:\windows\pss\CaptureWiz.lnk.Startup
backupExtension=.Startup
.
[HKLM\~\startupfolder\C:^Users^Peter^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk]
path=
backup=c:\windows\pss\Dropbox.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\aanpm]
2010-04-26 23:10   574856   ----a-w-   c:\users\Peter\Documents\AP_Rewards_AutoEARN\aanpt.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2012-02-21 01:28   59240   ----a-w-   c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2011-07-28 23:08   1259376   ----a-w-   c:\program files\DivX\DivX Update\DivXUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Garmin Lifetime Updater]
2011-07-28 13:10   1406824   ----a-w-   c:\program files\Garmin\Lifetime Updater\GarminLifetime.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2012-03-06 23:05   421736   ----a-w-   c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware]
2012-04-04 19:56   462408   ----a-w-   c:\program files\NoMoreTime\mbamgui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware (reboot)]
2012-04-04 19:56   981680   ----a-w-   c:\program files\NoMoreTime\mbam.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MobileDocuments]
2012-02-23 16:30   59240   ----a-w-   c:\program files\Common Files\Apple\Internet Services\ubd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2011-07-05 22:36   421888   ----a-w-   c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
2011-01-13 15:41   2424560   ----a-w-   c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrojanScanner]
2010-11-24 20:26   1233856   ----a-w-   c:\program files\Trojan Remover\Trjscan.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
2012-02-23 11:11   740216   ----a-w-   c:\program files\uTorrent\uTorrent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Wisdom-soft ScreenHunter 5.1 Free]
2010-08-08 01:40   5324800   ----a-w-   c:\program files\Wisdom-soft ScreenHunter 5 Free\ScreenHunter.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
R1 SABKUTIL;SABKUTIL;c:\program files\SuperAdBlocker.com\Super Ad Blocker\SABKUTIL.sys

R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-07-02 176128]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-05 257696]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2009-04-08 29472]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [2012-04-25 129976]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4640000]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-06-19 1343400]
R3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 17920]
R4 ETService;Empowering Technology Service;c:\program files\Acer\Empowering Technology\Service\ETService.exe [2009-08-11 24576]
R4 Greg_Service;GRegService;c:\program files\Acer\Registration\GregHSRW.exe [2009-08-28 1150496]
R4 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-06-18 135664]
R4 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2010-06-18 135664]
R4 IGBASVC;EgisTec Service;c:\program files\Acer Bio Protection\BASVC.exe [2009-08-06 3453440]
R4 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2009-06-18 50432]
R4 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2009-06-18 144640]
R4 RS_Service;Raw Socket Service;c:\program files\Acer\Acer VCM\RS_Service.exe [2009-07-10 253952]
R4 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
R4 TeamViewer5;TeamViewer 5;c:\program files\TeamViewer\Version5\TeamViewer_Service.exe [2010-10-19 2011944]
R4 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2009-07-04 240160]
S0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [2009-10-15 36880]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys [2009-09-14 21520]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2010-02-17 12872]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2010-05-10 67656]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 HsfXAudioService;HsfXAudioService;c:\windows\system32\svchost.exe [2009-07-14 20992]
S2 MBAMService;MBAMService;c:\program files\NoMoreTime\mbamservice.exe [2012-04-04 654408]
S2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-04-18 11032]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys [2009-10-02 19472]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-04-04 22344]
S3 O2MDRDR;O2MDRDR;c:\windows\system32\DRIVERS\o2media.sys [2009-05-07 52128]
S3 O2SDRDR;O2SDRDR;c:\windows\system32\DRIVERS\o2sd.sys [2009-05-07 42144]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2009-04-03 27320]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation   REG_MULTI_SZ     SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc SensrSvc Mcx2Svc
HsfXAudioService   REG_MULTI_SZ     HsfXAudioService
HPZ12   REG_MULTI_SZ     Pml Driver HPZ12 Net Driver HPZ12
.
Contents of the 'Scheduled Tasks' folder
.
2012-05-26 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-29 10:39]
.
2012-05-26 c:\windows\Tasks\Final Media Player Update Checker.job
- c:\program files\FinalMediaPlayer\FMPCheckForUpdates.exe [2010-06-29 17:37]
.
2012-05-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-06-18 01:22]
.
2012-05-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-06-18 01:22]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://mls.gsmls.com/member/index.jsp
mStart Page = hxxp://www.comcast.net/
mWindow Title = Windows Internet Explorer provided by Comcast
uInternet Settings,ProxyOverride = *.local
IE: Append to existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert link target to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert link target to existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Free YouTube to Mp3 Converter - c:\users\Peter\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
Trusted Zone: realtytools.com
Trusted Zone: toolkitcma.com
Trusted Zone: toolkitcma2.com
TCP: DhcpNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{E8231A03-DFF0-4AB2-A7B4-7FC36769BFC9}: DhcpNameServer = 75.75.75.75 75.75.76.76
DPF: {0B72CCA4-5F11-11D0-9CB5-0000C0EC9FDB} - hxxp://www2.stlu.com/plugins/Plugin0501.0125/streetnoagent7.cab
DPF: {83AB6E4D-CDD7-11D3-B5E7-00104B9AFF6E} - hxxp://msx.mlxchange.com/5.5.07.24643/Control/IRCSharc.cab
FF - ProfilePath - c:\users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\m4fqy7os.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.yahoo.com/search?ei=UTF-8&fr=ytff-tyc&p=
FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-05-26 07:58:06
ComboFix-quarantined-files.txt 2012-05-26 11:58
ComboFix2.txt 2012-05-26 11:04
ComboFix3.txt 2012-05-25 12:20
ComboFix4.txt 2011-08-05 13:31
ComboFix5.txt 2012-05-26 11:40
.
Pre-Run: 58,943,561,728 bytes free
Post-Run: 58,867,740,672 bytes free
.
- - End Of File - - 535A778FB9CA6625142A2E97D153F3BC

evilfantasy · « **Reply #3 on:** May 27, 2012, 02:48:05 PM »

Are you able to get online with the computer?

If so:

ESET Online Scan

Scan your computer with the ESET FREE Online Virus Scan

* Click the ESET Online Scanner button.

* For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
* Click on the esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop
* Double click on the esetsmartinstaller_enu.exe icon on your desktop.
* Place a check mark next to YES, I accept the Terms of Use.

* Click the Start button.
* Accept any security warnings from your browser.
* Leave the check mark next to Remove found threats and place a check next to Scan archives.
* Click the Start button.
* ESET will then download updates, install, and begin scanning your computer. Please be patient as this can take some time.
* When the scan completes, click List of found threats.
* Next click Export to text file and save the file to your desktop using a name such as ESETScan. Include the contents of this report in your next reply.
* Click the <<Back button then click Finish.

In your next reply please include the ESET Online Scan Log

Peter Jordan · « **Reply #4 on:** May 31, 2012, 06:42:55 AM »

Sorry for the delay but I was only recently able to run a full scan online.

Thanks for your patience.

C:\Users\Peter\AppData\Local\temp\hdF7B7.tmp probably unknown NewHeur_PE virus

evilfantasy · « **Reply #5 on:** May 31, 2012, 12:41:55 PM »

ComboFix- be sure to delete it and download a new copy.

Download ComboFix© by sUBs from one of the below links. Be sure to save it to the Desktop.

Link #1
Link #2

**Note: It is important that it is saved directly to your Desktop

Close any open Web browsers. (Firefox, Internet Explorer, etc) before starting ComboFix.

Temporarily disable your antivirus and any antispyware real time protection before performing a scan. Click this link to see a list of security programs that should be disabled and how to disable them.

Double click combofix.exe & follow the prompts.

When finished ComboFix will produce a log for you.
Post the ComboFix log in your next reply.

Important: Do not mouseclick ComboFix's window while it is running. That may cause it to stall.

Remember to re-enable your antivirus and antispyware protection when ComboFix is complete.

If you have problems with ComboFix usage, see How to use ComboFix

----------

Download DDS from |HERE| or |HERE| and save it to your desktop.

Vista and Windows 7 users right click on dds and select Run as administrator (you will receive a UAC prompt, please allow it)

* XP users Double click on dds to run it.
* If your antivirus or firewall try to block DDS then please allow it to run.
* When finished DDS will open two (2) logs.

1) DDS.txt
2) Attach.txt

* Save both logs to your desktop.
* Please copy and paste the entire contents of both logs in your next reply.

Note: DDS will instruct you to post the Attach.txt log as an attachment.
Please just post it as you would any other log by copy and pasting it into the reply.

----------

Please add all 3 logs in the next reply.

Peter Jordan · « **Reply #6 on:** May 31, 2012, 05:25:07 PM »

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.4.1
Run by Peter at 19:27:42 on 2012-05-31
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.2814.1737 [GMT -4:00]
.
AV: Kaspersky Anti-Virus *Disabled/Updated* {56547CC9-C9B2-849D-8FEF-A496150D6A06}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Kaspersky Anti-Virus *Disabled/Updated* {ED359D2D-EF88-8B13-B55F-9FE46E8A20BB}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Common Files\SPBA\upeksvr.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
c:\Program Files\Acer Bio Protection\CompPtcVUI.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k HsfXAudioService
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\Dwm.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
C:\Windows\system32\taskhost.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Acer Bio Protection\PdtWzd.exe
C:\Windows\System32\alg.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Launch Manager\LManager.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\TechSmith\Jing\Jing.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\sppsvc.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\Explorer.EXE
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\conhost.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://mls.gsmls.com/member/index.jsp/
mStart Page = hxxp://www.comcast.net/
mWindow Title = Windows Internet Explorer provided by Comcast
uInternet Settings,ProxyOverride = *.local
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - c:\program files\divx\divx plus web player\ie\divxhtml5\DivXHTML5.dll
BHO: IEVkbdBHO Class: {59273ab4-e7d3-40f9-a1a8-6fa9cca1862c} - c:\program files\kaspersky lab\kaspersky anti-virus 2010\ievkbd.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\oracle\javafx 2.1 runtime\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\micros~3\office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\oracle\javafx 2.1 runtime\bin\jp2ssv.dll
BHO: FilterBHO Class: {e33cf602-d945-461a-83f0-819f76a199f8} - c:\program files\kaspersky lab\kaspersky anti-virus 2010\klwtbbho.dll
uRun: [Jing] c:\program files\techsmith\jing\Jing.exe
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe -s
mRun: [VitaKeyPdtWzd] "c:\program files\acer bio protection\PdtWzd.exe"
mRun: [LManager] c:\program files\launch manager\LManager.exe
mRun: [ePower_DMC] c:\program files\acer\empowering technology\epower\ePower_DMC.exe
mRun: [Acer Assist Launcher] c:\program files\acer\acer assist\launcher.exe
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [AVP] "c:\program files\kaspersky lab\kaspersky anti-virus 2010\avp.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [BCSSync] "c:\program files\microsoft office\office14\BCSSync.exe" /DelayServices
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: DisableCAD = 1 (0x1)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: Free YouTube to Mp3 Converter - c:\users\peter\appdata\roaming\dvdvideosoftiehelpers\freeyoutubetomp3converter.htm
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
IE: {10954C80-4F0F-11d3-B17C-00C0DFE39736} - c:\program files\acer bio protection\PwdBank.exe
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll
IE: {4248FE82-7FCB-46AC-B270-339F08212110} - {4248FE82-7FCB-46AC-B270-339F08212110} - c:\program files\kaspersky lab\kaspersky anti-virus 2010\klwtbbho.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office11\REFIEBAR.DLL
IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - c:\program files\kaspersky lab\kaspersky anti-virus 2010\klwtbbho.dll
Trusted Zone: realtytools.com
Trusted Zone: toolkitcma.com
Trusted Zone: toolkitcma2.com
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
TCP: DhcpNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{CA7B98B4-C4D7-4F55-B82D-B7BDC61C4E3F} : DhcpNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{CA7B98B4-C4D7-4F55-B82D-B7BDC61C4E3F}\05E4A405 : DhcpNameServer = 192.168.126.1
TCP: Interfaces\{CA7B98B4-C4D7-4F55-B82D-B7BDC61C4E3F}\07E6A607 : DhcpNameServer = 192.168.126.1
TCP: Interfaces\{CA7B98B4-C4D7-4F55-B82D-B7BDC61C4E3F}\876696E696479777966696 : DhcpNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{E8231A03-DFF0-4AB2-A7B4-7FC36769BFC9} : DhcpNameServer = 75.75.75.75 75.75.76.76
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\acer\acer vcm\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
Notify: klogon - c:\windows\system32\klogon.dll
Notify: spba - c:\program files\common files\spba\homefus2.dll
AppInit_DLLs: c:\progra~1\kasper~1\kasper~1\mzvkbd3.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\peter\appdata\roaming\mozilla\firefox\profiles\m4fqy7os.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.yahoo.com/search?ei=UTF-8&fr=ytff-tyc&p=
FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/
FF - plugin: c:\progra~1\micros~3\office14\NPAUTHZ.DLL
FF - plugin: c:\progra~1\micros~3\office14\NPSPWRAP.DLL
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll
FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
FF - plugin: c:\program files\google\update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\plugin2\npdeployJava1.dll
FF - plugin: c:\program files\microsoft silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npstm32.dll
FF - plugin: c:\program files\oracle\javafx 2.1 runtime\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_2_202_235.dll
FF - plugin: c:\windows\system32\npDeployJava1.dll
FF - plugin: c:\windows\system32\npmproxy.dll
.
============= SERVICES / DRIVERS ===============
.
R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [2009-10-14 36880]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\drivers\klim6.sys [2009-9-14 21520]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]
R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-13 48128]
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2011-8-11 116608]
R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common files\adobe\arm\1.0\armsvc.exe [2012-1-3 63928]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-10-23 176128]
R2 HsfXAudioService;HsfXAudioService;c:\windows\system32\svchost.exe -k HsfXAudioService [2009-7-13 20992]
R2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-4-17 11032]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-5-31 260648]
R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\drivers\klmouflt.sys [2009-10-2 19472]
R3 O2MDRDR;O2MDRDR;c:\windows\system32\drivers\o2media.sys [2009-5-7 52128]
R3 O2SDRDR;O2SDRDR;c:\windows\system32\drivers\o2sd.sys [2009-5-7 42144]
R3 usbfilter;AMD USB Filter Driver;c:\windows\system32\drivers\usbfilter.sys [2009-10-23 27320]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\drivers\vwifimp.sys [2009-7-13 14336]
S2 AVP;Kaspersky Anti-Virus;c:\program files\kaspersky lab\kaspersky anti-virus 2010\avp.exe [2009-10-20 340520]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-3-29 257696]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\drivers\btwl2cap.sys [2009-10-23 29472]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-4-25 129976]
S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000]
S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\drivers\VSTAZL3.SYS [2009-7-13 207360]
S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\drivers\VSTDPV3.SYS [2009-7-13 980992]
S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\drivers\VSTCNXT3.SYS [2009-7-13 661504]
S3 StorSvc;Storage Service;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 20992]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-6-20 52224]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-6-19 1343400]
S3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\drivers\WSDPrint.sys [2009-7-13 17920]
S4 ETService;Empowering Technology Service;c:\program files\acer\empowering technology\service\ETService.exe [2009-10-6 24576]
S4 Greg_Service;GRegService;c:\program files\acer\registration\GregHSRW.exe [2009-8-28 1150496]
S4 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-6-17 135664]
S4 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-6-17 135664]
S4 IGBASVC;EgisTec Service;c:\program files\acer bio protection\BASVC.exe [2009-8-5 3453440]
S4 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files\newtech infosystems\nti backup now 5\BackupSvc.exe [2009-6-17 50432]
S4 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files\newtech infosystems\nti backup now 5\SchedulerSvc.exe [2009-6-17 144640]
S4 RS_Service;Raw Socket Service;c:\program files\acer\acer vcm\RS_Service.exe [2009-10-23 253952]
S4 Updater Service;Updater Service;c:\program files\acer\acer updater\UpdaterService.exe [2009-9-24 240160]
.
=============== Created Last 30 ================
.
2012-05-31 23:15:27   --------   d-----w-   c:\users\peter\appdata\local\temp
2012-05-31 23:15:26   --------   d-sh--w-   C:\$RECYCLE.BIN
2012-05-31 22:57:08   --------   d-----w-   C:\ComboFix
2012-05-31 16:43:16   208896   ----a-w-   c:\windows\MBR.exe
2012-05-31 16:43:15   98816   ----a-w-   c:\windows\sed.exe
2012-05-31 16:43:15   518144   ----a-w-   c:\windows\SWREG.exe
2012-05-31 16:43:15   256000   ----a-w-   c:\windows\PEV.exe
2012-05-29 14:24:12   --------   d-----w-   c:\users\peter\appdata\roaming\SUPERAntiSpyware.com
2012-05-29 14:23:51   --------   d-----w-   c:\program files\SUPERAntiSpyware
2012-05-29 11:22:53   6737808   ----a-w-   c:\programdata\microsoft\windows defender\definition updates\{2bae9a0a-5c89-43b5-be19-958e7a4bc1dc}\mpengine.dll
2012-05-28 17:11:10   --------   d-----w-   C:\sh4ldr
2012-05-28 17:09:44   --------   d-----w-   c:\windows\B3CB613C58D34692B2DA8F3EAC6288D4.TMP
2012-05-26 23:36:01   --------   d-----w-   c:\program files\Trend Micro
2012-05-26 22:29:48   --------   d-----w-   c:\program files\Oracle
2012-05-26 22:28:28   772504   ----a-w-   c:\windows\system32\npDeployJava1.dll
2012-05-26 14:21:59   --------   d-----w-   C:\ComboFix29460C
2012-05-26 11:40:37   --------   d-----w-   C:\ComboFix29482C
2012-05-26 11:34:12   --------   d-----w-   C:\ComboFix231802C
2012-05-26 10:47:26   --------   d-----w-   C:\ComboFix21380C
2012-05-25 12:00:58   --------   d-----w-   C:\ComboFix2
2012-05-17 11:42:16   --------   d-----w-   c:\programdata\RemoteAutomator
2012-05-17 11:42:16   --------   d-----w-   c:\program files\RemoteAutomator
2012-05-09 21:01:25   1291632   ----a-w-   c:\windows\system32\drivers\tcpip.sys
2012-05-09 21:01:19   936960   ----a-w-   c:\program files\common files\microsoft shared\ink\journal.dll
2012-05-09 21:01:18   1221632   ----a-w-   c:\program files\windows journal\NBDoc.DLL
2012-05-09 21:01:17   989184   ----a-w-   c:\program files\windows journal\JNTFiltr.dll
2012-05-09 21:01:17   969216   ----a-w-   c:\program files\windows journal\JNWDRV.dll
2012-05-09 21:01:09   3968368   ----a-w-   c:\windows\system32\ntkrnlpa.exe
2012-05-09 21:01:08   3913072   ----a-w-   c:\windows\system32\ntoskrnl.exe
2012-05-09 21:01:08   2343424   ----a-w-   c:\windows\system32\win32k.sys
2012-05-09 21:01:00   56176   ----a-w-   c:\windows\system32\drivers\partmgr.sys
2012-05-09 21:00:59   1077248   ----a-w-   c:\windows\system32\DWrite.dll
.
==================== Find3M ====================
.
2012-05-05 10:39:09   70304   ----a-w-   c:\windows\system32\FlashPlayerCPLApp.cpl
2012-05-05 10:39:09   419488   ----a-w-   c:\windows\system32\FlashPlayerApp.exe
2012-04-04 22:47:02   687504   ----a-w-   c:\windows\system32\deployJava1.dll
2012-03-26 14:00:41   112056   ----a-w-   c:\windows\system32\acaptuser32.dll
2011-02-27 00:14:39   7808600   ----a-w-   c:\program files\PowerPack3.exe
2011-02-27 00:13:20   5404768   ----a-w-   c:\program files\RegCleaner603.exe
2010-08-19 16:59:19   197632   ----a-w-   c:\program files\common files\OnlineFilesManager.dll
.
============= FINISH: 19:29:06.27 ===============

Peter Jordan · « **Reply #7 on:** May 31, 2012, 05:26:22 PM »

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Professional
Boot Device: \Device\HarddiskVolume2
Install Date: 6/17/2010 9:06:52 PM
System Uptime: 5/31/2012 7:19:52 PM (0 hours ago)
.
Motherboard: Acer | | Olan
Processor: AMD Athlon(tm) X2 Dual-Core QL-65 | Socket S1G2 | 2100/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 221 GiB total, 70.599 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: SABKUTIL
Device ID: ROOT\LEGACY_SABKUTIL\0000
Manufacturer:
Name: SABKUTIL
PNP Device ID: ROOT\LEGACY_SABKUTIL\0000
Service: SABKUTIL
.
==== System Restore Points ===================
.
RP535: 5/31/2012 8:17:35 AM - New
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
2007 Microsoft Office system
32 Bit HP CIO Components Installer
7-Zip 9.20
Able2Extract Professional v5.0
AC3Filter ACM AC3/DTS codec (remove only)
Acer Assist
Acer Bio Protection
Acer Crystal Eye Webcam
Acer Empowering Technology
Acer ePower Management
Acer eRecovery Management
Acer GridVista
Acer Registration
Acer ScreenSaver
Acer Updater
Acer VCM
Acrobat.com
Adobe AIR
Adobe Digital Editions
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.3)
Adobe Shockwave Player 11.6
Allok Video Joiner 4.0.1019
AMD USB Filter Driver
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ATI Catalyst Install Manager
Bonjour
Broadcom Gigabit Integrated Controller
Business Contact Manager for Outlook 2007 SP2
CamStudio
Camtasia Studio 7
CaptureWizPro 4.30
Catalyst Control Center - Branding
Catalyst Control Center Core Implementation
Catalyst Control Center Graphics Full Existing
Catalyst Control Center Graphics Full New
Catalyst Control Center Graphics Light
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-core-static
ccc-utility
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
CCleaner
CDex - Open Source Digital Audio CD Extractor
CuratorUtilities
D3DX10
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
DirectVobSub (remove only)
DivX Setup
Dropbox
DVD Flick 1.3.0.7
Easy Video Joiner 5.21
Elite Proxy Switcher 1.10
Email Verifier
Encoder
eSobi v2
EZ MPEG TO AVI Converter 3.00
FastStone Image Viewer 4.2
Final Media Player 2010
Fingerprint Solution
Free Mp3 Wma Converter V 1.9
Free Video to MP3 Converter version 4.0
Free YouTube to MP3 Converter version 3.10.15.1228
Garmin Lifetime Updater
GIMP 2.6.11
Google Update Helper
GoToMeeting 5.1.0.880
HandBrake 0.9.5
HDAUDIO Soft Data Fax Modem with SmartCP
HijackThis 2.0.2
HP Color LaserJet 3600 (02/27/2007 61.063.461.41)
iCloud
Identity Card
ImgBurn
InterVideo WinDVD 8
iTunes
IZArc 4.1.2
Java Auto Updater
Java(TM) 6 Update 31
Java(TM) 7 Update 4
JavaFX 2.1.0
Jing
Junk Mail filter update
K-Lite Codec Pack 6.3.0 (Basic)
Kaspersky Anti-Virus 2010
Kyocera Product Library
LameXP
Learn.com Player (Uninstall Only)
LockHunter version 1.0 beta 3, 32 bit edition
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Application Error Reporting
Microsoft Office 2003 Web Components
Microsoft Office 2007 Primary Interop Assemblies
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint 2010
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional Edition 2003
Microsoft Office Professional Hybrid 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2007
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing (English) 2010
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Small Business Connectivity Components
Microsoft Office Suite Activation Assistant
Microsoft Office Word MUI (English) 2007
Microsoft PowerPoint 2010
Microsoft Silverlight
Microsoft SQL Server 2005
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
Microsoft SQL Server Native Client
Microsoft SQL Server Setup Support Files (English)
Microsoft SQL Server VSS Writer
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ Run Time Lib Setup
mkv2vob
Mozilla Firefox 12.0 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
NTI Backup Now 5
NTI Backup Now Standard
NTI Media Maker 8
NTI Shadow
O2Micro Flash Memory Card Reader Driver
OGA Notifier 2.0.0048.0
OJOsoft DVD AVI Converter Suite
OJOsoft MKV Converter
OJOsoft Total Video Converter
PageOne Curator
Photozig Albums 1.0
QuickTime
Real Alternative 2.0.2
Realtek High Definition Audio Driver
RER Video Converter
Safari
save2pc Light 4.14
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft Excel 2010 (KB2597166) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596880) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2598041) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553096)
Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2598039) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2596917) 32-Bit Edition
Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition
SEO SpyGlass
SliQ Submitter Plus
SPBA 5.8
SUPERAntiSpyware
swMSM
Synaptics Pointing Device Driver
TextPad 5
The Ultimate Troubleshooter
ToolkitCMA
TOP YouTube Downloader V1.0.0
Uninstall 1.0.0.1
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2598290) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
VC80CRTRedist - 8.0.50727.6195
Video mp3 Extractor
VLC media player 1.1.4
Voxware Audio decoder 1.6
Welcome Center
WIDCOMM Bluetooth Software
Win7codecs
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Mail
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Sync
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
WinRAR archiver
WinZip 14.5
Wisdom-soft Set up ScreenHunter 5.1 Free
Yahoo! Software Update
.
==== Event Viewer Messages From Past Week ========
.
5/31/2012 7:22:56 PM, Error: Microsoft-Windows-SharedAccess_NAT [31004] - The DNS proxy agent was unable to allocate 0 bytes of memory. This may indicate that the system is low on virtual memory, or that the memory manager has encountered an internal error.
5/31/2012 7:21:21 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
5/31/2012 7:20:31 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: SABKUTIL
5/31/2012 7:11:47 PM, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
5/30/2012 2:14:54 PM, Error: atapi [11] - The driver detected a controller error on \Device\Ide\IdePort0.
5/29/2012 9:05:49 PM, Error: Microsoft-Windows-SharedAccess_NAT [34001] - The ICS_IPV6 failed to configure IPv6 stack.
5/29/2012 4:28:03 PM, Error: Microsoft-Windows-SharedAccess_NAT [30013] - The DHCP allocator has disabled itself on IP address 192.168.1.104, since the IP address is outside the 192.168.137.0/255.255.255.0 scope from which addresses are being allocated to DHCP clients. To enable the DHCP allocator on this IP address, change the scope to include the IP address, or change the IP address to fall within the scope.
5/28/2012 9:21:15 AM, Error: bowser [8003] - The master browser has received a server announcement from the computer USER-01D72DB4B8 that believes that it is the master browser for the domain on transport NetBT_Tcpip_{CA7B98B4-C4D7-4F55-B82D-B7. The master browser is stopping or an election is being forced.
5/26/2012 7:44:00 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x000000d1 (0x00000000, 0x000000ff, 0x00000008, 0x00000000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 052612-26676-01.
5/26/2012 7:29:17 AM, Error: Service Control Manager [7034] - The AMD External Events Utility service terminated unexpectedly. It has done this 1 time(s).
.
==== End Of File ===========================

Peter Jordan · « **Reply #8 on:** May 31, 2012, 05:27:32 PM »

ComboFix 12-05-31.02 - Peter 05/31/2012 18:58:35.13.2 - x86
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.2814.1741 [GMT -4:00]
Running from: c:\users\Peter\Desktop\ComboFix.exe
AV: Kaspersky Anti-Virus *Disabled/Updated* {56547CC9-C9B2-849D-8FEF-A496150D6A06}
SP: Kaspersky Anti-Virus *Disabled/Updated* {ED359D2D-EF88-8B13-B55F-9FE46E8A20BB}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\drivers\etc\hosts.ics
.
.
((((((((((((((((((((((((( Files Created from 2012-04-28 to 2012-05-31 )))))))))))))))))))))))))))))))
.
.
2012-05-31 23:11 . 2012-05-31 23:11   --------   d-----w-   c:\users\Peter\AppData\Local\temp
2012-05-31 23:11 . 2012-05-31 23:11   --------   d-----w-   c:\windows\system32\config\systemprofile\AppData\Local\temp
2012-05-31 23:11 . 2012-05-31 23:11   --------   d-----w-   c:\users\Public\AppData\Local\temp
2012-05-31 23:11 . 2012-05-31 23:11   --------   d-----w-   c:\users\Default\AppData\Local\temp
2012-05-29 14:24 . 2012-05-29 14:24   --------   d-----w-   c:\users\Peter\AppData\Roaming\SUPERAntiSpyware.com
2012-05-29 14:23 . 2012-05-29 14:24   --------   d-----w-   c:\program files\SUPERAntiSpyware
2012-05-29 11:22 . 2012-05-08 16:40   6737808   ----a-w-   c:\programdata\Microsoft\Windows Defender\Definition Updates\{2BAE9A0A-5C89-43B5-BE19-958E7A4BC1DC}\mpengine.dll
2012-05-28 17:11 . 2012-05-31 11:28   --------   d-----w-   C:\sh4ldr
2012-05-28 17:09 . 2012-05-31 12:10   --------   d-----w-   c:\windows\B3CB613C58D34692B2DA8F3EAC6288D4.TMP
2012-05-26 23:36 . 2012-05-26 23:36   --------   d-----w-   c:\program files\Trend Micro
2012-05-26 22:31 . 2012-05-26 22:31   --------   d-----w-   c:\program files\Common Files\Java
2012-05-26 22:29 . 2012-05-26 22:29   --------   d-----w-   c:\program files\Oracle
2012-05-26 22:28 . 2012-04-04 22:47   772504   ----a-w-   c:\windows\system32\npDeployJava1.dll
2012-05-17 11:42 . 2012-05-26 18:58   --------   d-----w-   c:\program files\RemoteAutomator
2012-05-17 11:42 . 2012-05-26 18:58   --------   d-----w-   c:\programdata\RemoteAutomator
2012-05-09 21:01 . 2012-03-30 10:23   1291632   ----a-w-   c:\windows\system32\drivers\tcpip.sys
2012-05-09 21:01 . 2012-03-31 04:29   936960   ----a-w-   c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2012-05-09 21:01 . 2012-03-31 04:30   1221632   ----a-w-   c:\program files\Windows Journal\NBDoc.DLL
2012-05-09 21:01 . 2012-03-31 04:29   989184   ----a-w-   c:\program files\Windows Journal\JNTFiltr.dll
2012-05-09 21:01 . 2012-03-31 04:29   969216   ----a-w-   c:\program files\Windows Journal\JNWDRV.dll
2012-05-09 21:01 . 2012-03-31 04:39   3968368   ----a-w-   c:\windows\system32\ntkrnlpa.exe
2012-05-09 21:01 . 2012-03-31 04:39   3913072   ----a-w-   c:\windows\system32\ntoskrnl.exe
2012-05-09 21:01 . 2012-03-31 02:36   2343424   ----a-w-   c:\windows\system32\win32k.sys
2012-05-09 21:01 . 2012-03-17 07:27   56176   ----a-w-   c:\windows\system32\drivers\partmgr.sys
2012-05-09 21:00 . 2012-03-03 05:31   1077248   ----a-w-   c:\windows\system32\DWrite.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-05-05 10:39 . 2012-03-29 22:59   419488   ----a-w-   c:\windows\system32\FlashPlayerApp.exe
2012-05-05 10:39 . 2011-05-13 13:08   70304   ----a-w-   c:\windows\system32\FlashPlayerCPLApp.cpl
2012-04-04 22:47 . 2010-08-16 11:32   687504   ----a-w-   c:\windows\system32\deployJava1.dll
2012-03-26 14:00 . 2012-04-13 11:20   112056   ----a-w-   c:\windows\system32\acaptuser32.dll
2011-02-27 00:14 . 2011-02-27 00:14   7808600   ----a-w-   c:\program files\PowerPack3.exe
2011-02-27 00:13 . 2011-02-27 00:13   5404768   ----a-w-   c:\program files\RegCleaner603.exe
2010-08-19 16:59 . 2010-08-19 16:59   197632   ----a-w-   c:\program files\Common Files\OnlineFilesManager.dll
2012-04-25 16:31 . 2011-03-24 10:59   97208   ----a-w-   c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12   94208   ----a-w-   c:\users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12   94208   ----a-w-   c:\users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12   94208   ----a-w-   c:\users\Peter\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Online Files]
@="{B82655E9-B81D-4A97-8154-0D84A4C048E4}"
[HKEY_CLASSES_ROOT\CLSID\{B82655E9-B81D-4A97-8154-0D84A4C048E4}]
2010-08-19 16:59   197632   ----a-w-   c:\program files\Common Files\OnlineFilesManager.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Jing"="c:\program files\TechSmith\Jing\Jing.exe" [2012-02-01 2918224]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2012-05-21 3905920]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-07-02 98304]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-08-06 7703072]
"VitaKeyPdtWzd"="c:\program files\Acer Bio Protection\PdtWzd.exe" [2009-08-06 3575808]
"LManager"="c:\program files\Launch Manager\LManager.exe" [2009-08-28 1130504]
"ePower_DMC"="c:\program files\Acer\Empowering Technology\ePower\ePower_DMC.exe" [2009-07-21 421888]
"Acer Assist Launcher"="c:\program files\Acer\Acer Assist\launcher.exe" [2007-11-19 1261568]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"AVP"="c:\program files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe" [2011-03-21 340520]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"DisableCAD"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\spba]
2009-06-26 17:05   568072   ----a-w-   c:\program files\Common Files\SPBA\homefus2.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\KASPER~1\KASPER~1\mzvkbd3.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages   REG_MULTI_SZ     kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKLM\~\startupfolder\C:^Users^Peter^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^CaptureWiz.lnk]
path=
backup=c:\windows\pss\CaptureWiz.lnk.Startup
backupExtension=.Startup
.
[HKLM\~\startupfolder\C:^Users^Peter^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk]
path=
backup=c:\windows\pss\Dropbox.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2012-02-21 01:28   59240   ----a-w-   c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2011-07-28 23:08   1259376   ----a-w-   c:\program files\DivX\DivX Update\DivXUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Garmin Lifetime Updater]
2011-07-28 13:10   1406824   ----a-w-   c:\program files\Garmin\Lifetime Updater\GarminLifetime.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2012-03-06 23:05   421736   ----a-w-   c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MobileDocuments]
2012-02-23 16:30   59240   ----a-w-   c:\program files\Common Files\Apple\Internet Services\ubd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2011-07-05 22:36   421888   ----a-w-   c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
2012-05-21 20:38   3905920   ----a-w-   c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Wisdom-soft ScreenHunter 5.1 Free]
2010-08-08 01:40   5324800   ----a-w-   c:\program files\Wisdom-soft ScreenHunter 5 Free\ScreenHunter.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
R1 SABKUTIL;SABKUTIL;c:\program files\SuperAdBlocker.com\Super Ad Blocker\SABKUTIL.sys

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-05 257696]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2009-04-08 29472]
R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys

R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [2012-04-25 129976]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4640000]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-06-19 1343400]
R3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 17920]
R4 ETService;Empowering Technology Service;c:\program files\Acer\Empowering Technology\Service\ETService.exe [2009-08-11 24576]
R4 Greg_Service;GRegService;c:\program files\Acer\Registration\GregHSRW.exe [2009-08-28 1150496]
R4 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-06-18 135664]
R4 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2010-06-18 135664]
R4 IGBASVC;EgisTec Service;c:\program files\Acer Bio Protection\BASVC.exe [2009-08-06 3453440]
R4 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2009-06-18 50432]
R4 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2009-06-18 144640]
R4 RS_Service;Raw Socket Service;c:\program files\Acer\Acer VCM\RS_Service.exe [2009-07-10 253952]
R4 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2009-07-04 240160]
S0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [2009-10-15 36880]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys [2009-09-14 21520]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2011-07-22 12880]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2011-07-12 67664]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [2011-08-11 116608]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-07-02 176128]
S2 HsfXAudioService;HsfXAudioService;c:\windows\system32\svchost.exe [2009-07-14 20992]
S2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-04-18 11032]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys [2009-10-02 19472]
S3 O2MDRDR;O2MDRDR;c:\windows\system32\DRIVERS\o2media.sys [2009-05-07 52128]
S3 O2SDRDR;O2SDRDR;c:\windows\system32\DRIVERS\o2sd.sys [2009-05-07 42144]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2009-04-03 27320]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation   REG_MULTI_SZ     SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc SensrSvc Mcx2Svc
HsfXAudioService   REG_MULTI_SZ     HsfXAudioService
HPZ12   REG_MULTI_SZ     Pml Driver HPZ12 Net Driver HPZ12
.
Contents of the 'Scheduled Tasks' folder
.
2012-05-31 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-29 10:39]
.
2012-05-31 c:\windows\Tasks\Final Media Player Update Checker.job
- c:\program files\FinalMediaPlayer\FMPCheckForUpdates.exe [2010-06-29 17:37]
.
2012-05-31 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-06-18 01:22]
.
2012-05-31 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-06-18 01:22]
.
2012-05-30 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task 60fc887a-e1bc-430b-8168-7cc7eb16481f.job
- c:\program files\SUPERAntiSpyware\SASTask.exe [2011-05-04 17:52]
.
2012-05-31 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task c06bd2ec-6f4c-4c57-9272-dde63d1a23fb.job
- c:\program files\SUPERAntiSpyware\SASTask.exe [2011-05-04 17:52]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://mls.gsmls.com/member/index.jsp/
mStart Page = hxxp://www.comcast.net/
mWindow Title = Windows Internet Explorer provided by Comcast
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Free YouTube to Mp3 Converter - c:\users\Peter\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
Trusted Zone: realtytools.com
Trusted Zone: toolkitcma.com
Trusted Zone: toolkitcma2.com
TCP: DhcpNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{E8231A03-DFF0-4AB2-A7B4-7FC36769BFC9}: DhcpNameServer = 75.75.75.75 75.75.76.76
FF - ProfilePath - c:\users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\m4fqy7os.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.yahoo.com/search?ei=UTF-8&fr=ytff-tyc&p=
FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/
.
- - - - ORPHANS REMOVED - - - -
.
AddRemove-TweakNow PowerPack 2011_is1 - c:\program files\TweakNow PowerPack 2011\unins000.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-05-31 19:15:23
ComboFix-quarantined-files.txt 2012-05-31 23:15
ComboFix2.txt 2012-05-31 17:02
.
Pre-Run: 75,732,156,416 bytes free
Post-Run: 75,668,303,872 bytes free
.
- - End Of File - - 05E4C3665415651A4C88642E1A9BDCAF

evilfantasy · « **Reply #9 on:** May 31, 2012, 05:47:17 PM »

If you already have Malwarebytes be sure to update it before running the scan!

Download Malwarebytes' Anti-Malware (MBAM)

* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to the following:

* Update Malwarebytes' Anti-Malware
* Launch Malwarebytes' Anti-Malware

* Then click Finish
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
* The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
* Copy and Paste the entire report in your next reply.

Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately.

----------

Download TDSSKiller.exe (v2.4.0.0) from Kaspersky Labs and save it to your desktop. <-Important!!!

* Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
Vista/Windows 7 users right-click and select Run As Administrator
* If TDSSKiller does not run, try renaming it.
* To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension
* Click the Start Scan button.
* Do not use the computer during the scan.
* If the scan completes with nothing found, click Close to exit.
* If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
* Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
* A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_14.17.05_ log.txt) will be created and saved to the root directory ( usually Local Disk C ).
* Post this log to your next message.

If needed see the TDSS Rootkit Removing Tool website for detailed instructions on running TDSSkiller.

Peter Jordan · « **Reply #10 on:** May 31, 2012, 07:58:03 PM »

Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Database version: v2012.05.31.08

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Peter :: PETER-PC [administrator]

5/31/2012 9:25:20 PM
mbam-log-2012-05-31 (21-25-20).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 208274
Time elapsed: 7 minute(s), 31 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

Peter Jordan · « **Reply #11 on:** May 31, 2012, 07:59:45 PM »

21:55:33.0773 5604   System windows directory: C:\Windows
21:55:33.0773 5604   Processor architecture: Intel x86
21:55:33.0773 5604   Number of processors: 2
21:55:33.0773 5604   Page size: 0x1000
21:55:33.0773 5604   Boot type: Normal boot
21:55:33.0773 5604   ============================================================
21:55:35.0234 5604   Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
21:55:35.0238 5604   ============================================================
21:55:35.0238 5604   \Device\Harddisk0\DR0:
21:55:35.0239 5604   MBR partitions:
21:55:35.0239 5604   \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1770800, BlocksNum 0x32000
21:55:35.0239 5604   \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x17A2800, BlocksNum 0x1BA22970
21:55:35.0239 5604   ============================================================
21:55:35.0282 5604   C: <-> \Device\Harddisk0\DR0\Partition1
21:55:35.0283 5604   ============================================================
21:55:35.0283 5604   Initialize success
21:55:35.0283 5604   ============================================================
21:56:22.0285 1072   ============================================================
21:56:22.0285 1072   Scan started
21:56:22.0285 1072   Mode: Manual; SigCheck; TDLFS;
21:56:22.0285 1072   ============================================================
21:56:23.0539 1072   !SASCORE (c0393eb99a6c72c6bef9bfc4a72b33a6) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
21:56:23.0743 1072   !SASCORE - ok
21:56:23.0914 1072   1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
21:56:24.0264 1072   1394ohci - ok
21:56:24.0325 1072   ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
21:56:24.0411 1072   ACPI - ok
21:56:24.0427 1072   AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
21:56:24.0551 1072   AcpiPmi - ok
21:56:24.0691 1072   AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
21:56:24.0839 1072   AdobeARMservice - ok
21:56:24.0964 1072   AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
21:56:25.0016 1072   AdobeFlashPlayerUpdateSvc - ok
21:56:25.0073 1072   adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
21:56:25.0108 1072   adp94xx - ok
21:56:25.0136 1072   adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
21:56:25.0169 1072   adpahci - ok
21:56:25.0186 1072   adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
21:56:25.0221 1072   adpu320 - ok
21:56:25.0256 1072   AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\Windows\System32\aelupsvc.dll
21:56:25.0330 1072   AeLookupSvc - ok
21:56:25.0393 1072   AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys
21:56:25.0641 1072   AFD - ok
21:56:25.0676 1072   agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
21:56:25.0761 1072   agp440 - ok
21:56:25.0782 1072   aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
21:56:25.0810 1072   aic78xx - ok
21:56:25.0843 1072   ALG (18a54e132947cd98fea9accc57f98f13) C:\Windows\System32\alg.exe
21:56:25.0974 1072   ALG - ok
21:56:26.0052 1072   aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
21:56:26.0151 1072   aliide - ok
21:56:26.0189 1072   AMD External Events Utility (92543da5bb9775978fdbc1650c24a058) C:\Windows\system32\atiesrxx.exe
21:56:26.0361 1072   AMD External Events Utility - ok
21:56:26.0459 1072   amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
21:56:26.0676 1072   amdagp - ok
21:56:26.0769 1072   amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
21:56:26.0968 1072   amdide - ok
21:56:27.0066 1072   AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
21:56:27.0174 1072   AmdK8 - ok
21:56:27.0193 1072   AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
21:56:27.0223 1072   AmdPPM - ok
21:56:27.0238 1072   amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys
21:56:27.0437 1072   amdsata - ok
21:56:27.0475 1072   amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
21:56:27.0507 1072   amdsbs - ok
21:56:27.0530 1072   amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys
21:56:27.0745 1072   amdxata - ok
21:56:27.0785 1072   AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
21:56:27.0984 1072   AppID - ok
21:56:28.0059 1072   AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\Windows\System32\appidsvc.dll
21:56:28.0112 1072   AppIDSvc - ok
21:56:28.0156 1072   Appinfo (fb1959012294d6ad43e5304df65e3c26) C:\Windows\System32\appinfo.dll
21:56:28.0245 1072   Appinfo - ok
21:56:28.0390 1072   Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
21:56:28.0518 1072   Apple Mobile Device - ok
21:56:28.0635 1072   AppMgmt (a45d184df6a8803da13a0b329517a64a) C:\Windows\System32\appmgmts.dll
21:56:28.0893 1072   AppMgmt - ok
21:56:28.0972 1072   arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
21:56:29.0002 1072   arc - ok
21:56:29.0021 1072   arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
21:56:29.0067 1072   arcsas - ok
21:56:29.0201 1072   aspnet_state (776acefa0ca9df0faa51a5fb2f435705) C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
21:56:29.0620 1072   aspnet_state - ok
21:56:29.0646 1072   AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
21:56:29.0964 1072   AsyncMac - ok
21:56:30.0003 1072   atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
21:56:30.0289 1072   atapi - ok
21:56:30.0415 1072   athr (b01751cc563aecac09bbe36aaa21fbef) C:\Windows\system32\DRIVERS\athr.sys
21:56:30.0618 1072   athr - ok
21:56:30.0773 1072   AtiHdmiService (bb9e7c7f937714f05a4e05c287d6ddff) C:\Windows\system32\drivers\AtiHdmi.sys
21:56:31.0436 1072   AtiHdmiService - ok
21:56:31.0857 1072   atikmdag (632a5be70d168b84f658a82ac8dbbead) C:\Windows\system32\DRIVERS\atikmdag.sys
21:56:32.0054 1072   atikmdag - ok
21:56:32.0286 1072   AtiPcie (b73c832088dd54b55e04ff6f9646ad8c) C:\Windows\system32\DRIVERS\AtiPcie.sys
21:56:32.0351 1072   AtiPcie - ok
21:56:32.0516 1072   AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
21:56:32.0678 1072   AudioEndpointBuilder - ok
21:56:32.0687 1072   Audiosrv (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
21:56:32.0735 1072   Audiosrv - ok
21:56:32.0888 1072   AVP (df9586377384df3808d42090242cc23b) C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe
21:56:32.0960 1072   AVP - ok
21:56:33.0014 1072   AxInstSV (6e30d02aac9cac84f421622e3a2f6178) C:\Windows\System32\AxInstSV.dll
21:56:33.0151 1072   AxInstSV - ok
21:56:33.0283 1072   b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
21:56:33.0366 1072   b06bdrv - ok
21:56:33.0401 1072   b57nd60x (6f41a4c5745bb99f89406f57164f099e) C:\Windows\system32\DRIVERS\b57nd60x.sys
21:56:33.0428 1072   b57nd60x - ok
21:56:33.0532 1072   BcmSqlStartupSvc (6163664c7e9cd110af70180c126c3fdc) C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
21:56:33.0580 1072   BcmSqlStartupSvc - ok
21:56:33.0611 1072   BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:\Windows\System32\bdesvc.dll
21:56:33.0730 1072   BDESVC - ok
21:56:33.0823 1072   Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
21:56:33.0868 1072   Beep - ok
21:56:34.0168 1072   BFE (1e2bac209d184bb851e1a187d8a29136) C:\Windows\System32\bfe.dll
21:56:34.0260 1072   BFE - ok
21:56:34.0316 1072   BITS (e585445d5021971fae10393f0f1c3961) C:\Windows\system32\qmgr.dll
21:56:34.0398 1072   BITS - ok
21:56:34.0414 1072   blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
21:56:34.0465 1072   blbdrive - ok
21:56:34.0607 1072   Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
21:56:34.0653 1072   Bonjour Service - ok
21:56:34.0710 1072   bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys
21:56:34.0995 1072   bowser - ok
21:56:35.0026 1072   BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
21:56:35.0100 1072   BrFiltLo - ok
21:56:35.0128 1072   BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
21:56:35.0155 1072   BrFiltUp - ok
21:56:35.0219 1072   BridgeMP (77361d72a04f18809d0efb6cceb74d4b) C:\Windows\system32\DRIVERS\bridge.sys
21:56:35.0298 1072   BridgeMP - ok
21:56:35.0355 1072   Browser (6e11f33d14d020f58d5e02e4d67dfa19) C:\Windows\System32\browser.dll
21:56:35.0437 1072   Browser - ok
21:56:35.0482 1072   Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
21:56:35.0537 1072   Brserid - ok
21:56:35.0566 1072   BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
21:56:35.0595 1072   BrSerWdm - ok
21:56:35.0613 1072   BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
21:56:35.0642 1072   BrUsbMdm - ok
21:56:35.0652 1072   BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
21:56:35.0680 1072   BrUsbSer - ok
21:56:35.0727 1072   BthEnum (2865a5c8e98c70c605f417908cebb3a4) C:\Windows\system32\drivers\BthEnum.sys
21:56:35.0790 1072   BthEnum - ok
21:56:35.0818 1072   BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
21:56:35.0847 1072   BTHMODEM - ok
21:56:35.0874 1072   BthPan (ad1872e5829e8a2c3b5b4b641c3eab0e) C:\Windows\system32\DRIVERS\bthpan.sys
21:56:35.0996 1072   BthPan - ok
21:56:36.0069 1072   BTHPORT (c2fbf6d271d9a94d839c416bf186ead9) C:\Windows\System32\Drivers\BTHport.sys
21:56:36.0152 1072   BTHPORT - ok
21:56:36.0184 1072   bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\Windows\system32\bthserv.dll
21:56:36.0232 1072   bthserv - ok
21:56:36.0281 1072   BTHUSB (c81e9413a25a439f436b1d4b6a0cf9e9) C:\Windows\System32\Drivers\BTHUSB.sys
21:56:36.0424 1072   BTHUSB - ok
21:56:36.0455 1072   btwaudio (d57d29132efe13a83133d9bd449e0cf1) C:\Windows\system32\drivers\btwaudio.sys
21:56:36.0525 1072   btwaudio - ok
21:56:36.0550 1072   btwavdt (d282c14a69357d0e1bafaecc2ca98c3a) C:\Windows\system32\drivers\btwavdt.sys
21:56:36.0631 1072   btwavdt - ok
21:56:36.0736 1072   btwdins (528aaea4bea415f7dbc30653ef2cdca5) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
21:56:36.0803 1072   btwdins - ok
21:56:36.0828 1072   btwl2cap (aafd7cb76ba61fbb08e302da208c974a) C:\Windows\system32\DRIVERS\btwl2cap.sys
21:56:36.0903 1072   btwl2cap - ok
21:56:36.0915 1072   btwrchid (02eb4d2b05967df2d32f29c84ab1fb17) C:\Windows\system32\DRIVERS\btwrchid.sys
21:56:36.0984 1072   btwrchid - ok
21:56:37.0092 1072   catchme - ok
21:56:37.0138 1072   cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
21:56:37.0207 1072   cdfs - ok
21:56:37.0256 1072   cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\drivers\cdrom.sys
21:56:37.0389 1072   cdrom - ok
21:56:37.0435 1072   CertPropSvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
21:56:37.0524 1072   CertPropSvc - ok
21:56:37.0540 1072   circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
21:56:37.0571 1072   circlass - ok
21:56:37.0614 1072   CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
21:56:37.0644 1072   CLFS - ok
21:56:37.0724 1072   clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:56:37.0763 1072   clr_optimization_v2.0.50727_32 - ok
21:56:37.0839 1072   clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:56:37.0895 1072   clr_optimization_v4.0.30319_32 - ok
21:56:37.0928 1072   CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
21:56:37.0956 1072   CmBatt - ok
21:56:38.0002 1072   cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
21:56:38.0072 1072   cmdide - ok
21:56:38.0141 1072   CNG (6427525d76f61d0c519b008d3680e8e7) C:\Windows\system32\Drivers\cng.sys
21:56:38.0222 1072   CNG - ok
21:56:38.0235 1072   Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
21:56:38.0260 1072   Compbatt - ok
21:56:38.0301 1072   CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys
21:56:38.0488 1072   CompositeBus - ok
21:56:38.0493 1072   COMSysApp - ok
21:56:38.0542 1072   crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
21:56:38.0564 1072   crcdisk - ok
21:56:38.0622 1072   CryptSvc (a585bebf7d054bd9618eda0922d5484a) C:\Windows\system32\cryptsvc.dll
21:56:38.0702 1072   CryptSvc - ok
21:56:38.0771 1072   CSC (3c2177a897b4ca2788c6fb0c3fd81d4b) C:\Windows\system32\drivers\csc.sys
21:56:38.0859 1072   CSC - ok
21:56:38.0912 1072   CscService (15f93b37f6801943360d9eb42485d5d3) C:\Windows\System32\cscsvc.dll
21:56:38.0989 1072   CscService - ok
21:56:39.0029 1072   DcomLaunch (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
21:56:39.0078 1072   DcomLaunch - ok
21:56:39.0120 1072   defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\Windows\System32\defragsvc.dll
21:56:39.0171 1072   defragsvc - ok
21:56:39.0248 1072   DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
21:56:39.0322 1072   DfsC - ok
21:56:39.0371 1072   Dhcp (e9e01eb683c132f7fa27cd607b8a2b63) C:\Windows\system32\dhcpcore.dll
21:56:39.0449 1072   Dhcp - ok
21:56:39.0474 1072   discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
21:56:39.0528 1072   discache - ok
21:56:39.0562 1072   Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
21:56:39.0612 1072   Disk - ok
21:56:39.0645 1072   DKbFltr (c701324c9e0c25dd9d60311bd87fbc84) C:\Windows\system32\DRIVERS\DKbFltr.sys
21:56:39.0727 1072   DKbFltr - ok
21:56:39.0791 1072   Dnscache (33ef4861f19a0736b11314aad9ae28d0) C:\Windows\System32\dnsrslvr.dll
21:56:39.0983 1072   Dnscache - ok
21:56:40.0055 1072   dot3svc (366ba8fb4b7bb7435e3b9eacb3843f67) C:\Windows\System32\dot3svc.dll
21:56:40.0150 1072   dot3svc - ok
21:56:40.0208 1072   DPS (8ec04ca86f1d68da9e11952eb85973d6) C:\Windows\system32\dps.dll
21:56:40.0306 1072   DPS - ok
21:56:40.0331 1072   drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
21:56:40.0361 1072   drmkaud - ok
21:56:40.0403 1072   dwshd - ok
21:56:40.0527 1072   DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
21:56:40.0622 1072   DXGKrnl - ok
21:56:40.0677 1072   EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\Windows\System32\eapsvc.dll
21:56:40.0743 1072   EapHost - ok
21:56:41.0013 1072   ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
21:56:41.0086 1072   ebdrv - ok
21:56:41.0233 1072   EFS (81951f51e318aecc2d68559e47485cc4) C:\Windows\System32\lsass.exe
21:56:41.0362 1072   EFS - ok
21:56:41.0498 1072   ehRecvr (a8c362018efc87beb013ee28f29c0863) C:\Windows\ehome\ehRecvr.exe
21:56:41.0621 1072   ehRecvr - ok
21:56:41.0654 1072   ehSched (d389bff34f80caede417bf9d1507996a) C:\Windows\ehome\ehsched.exe
21:56:41.0749 1072   ehSched - ok
21:56:41.0849 1072   elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
21:56:41.0912 1072   elxstor - ok
21:56:41.0953 1072   ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
21:56:42.0047 1072   ErrDev - ok
21:56:42.0124 1072   esgiguard - ok
21:56:42.0197 1072   ETService (2f6d55dc521c557880116b51925a792a) C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
21:56:42.0253 1072   ETService ( UnsignedFile.Multi.Generic ) - warning
21:56:42.0253 1072   ETService - detected UnsignedFile.Multi.Generic (1)
21:56:42.0317 1072   EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\Windows\system32\es.dll
21:56:42.0385 1072   EventSystem - ok
21:56:42.0427 1072   exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
21:56:42.0475 1072   exfat - ok
21:56:42.0506 1072   fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
21:56:42.0551 1072   fastfat - ok
21:56:42.0645 1072   Fax (967ea5b213e9984cbe270205df37755b) C:\Windows\system32\fxssvc.exe
21:56:42.0753 1072   Fax - ok
21:56:42.0773 1072   fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
21:56:42.0801 1072   fdc - ok
21:56:42.0826 1072   fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\Windows\system32\fdPHost.dll
21:56:42.0875 1072   fdPHost - ok
21:56:42.0892 1072   FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\Windows\system32\fdrespub.dll
21:56:43.0006 1072   FDResPub - ok
21:56:43.0022 1072   FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
21:56:43.0049 1072   FileInfo - ok
21:56:43.0068 1072   Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
21:56:43.0112 1072   Filetrace - ok
21:56:43.0132 1072   flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
21:56:43.0159 1072   flpydisk - ok
21:56:43.0188 1072   FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
21:56:43.0215 1072   FltMgr - ok
21:56:43.0322 1072   FontCache (b3a5ec6b6b6673db7e87c2bcdbddc074) C:\Windows\system32\FntCache.dll
21:56:43.0539 1072   FontCache - ok
21:56:43.0618 1072   FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
21:56:43.0661 1072   FontCache3.0.0.0 - ok
21:56:43.0694 1072   FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
21:56:43.0720 1072   FsDepends - ok
21:56:43.0770 1072   Fs_Rec (7dae5ebcc80e45d3253f4923dc424d05) C:\Windows\system32\drivers\Fs_Rec.sys
21:56:43.0847 1072   Fs_Rec - ok
21:56:43.0910 1072   fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
21:56:43.0993 1072   fvevol - ok
21:56:44.0010 1072   gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
21:56:44.0034 1072   gagp30kx - ok
21:56:44.0078 1072   GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
21:56:44.0099 1072   GEARAspiWDM - ok
21:56:44.0362 1072   gpsvc (e897eaf5ed6ba41e081060c9b447a673) C:\Windows\System32\gpsvc.dll
21:56:44.0464 1072   gpsvc - ok
21:56:44.0619 1072   Greg_Service (816fd5a6f3c2f3d600900096632fc60e) C:\Program Files\Acer\Registration\GregHSRW.exe
21:56:44.0690 1072   Greg_Service - ok
21:56:44.0774 1072   gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
21:56:44.0850 1072   gupdate - ok
21:56:44.0898 1072   gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
21:56:44.0936 1072   gupdatem - ok
21:56:45.0074 1072   hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
21:56:45.0153 1072   hcw85cir - ok
21:56:45.0222 1072   HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys
21:56:45.0331 1072   HdAudAddService - ok
21:56:45.0432 1072   HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys
21:56:45.0553 1072   HDAudBus - ok
21:56:45.0573 1072   HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
21:56:45.0600 1072   HidBatt - ok
21:56:45.0627 1072   HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
21:56:45.0658 1072   HidBth - ok
21:56:45.0668 1072   HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
21:56:45.0699 1072   HidIr - ok
21:56:45.0728 1072   hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\Windows\System32\hidserv.dll
21:56:45.0776 1072   hidserv - ok
21:56:45.0789 1072   HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\DRIVERS\hidusb.sys
21:56:45.0863 1072   HidUsb - ok
21:56:45.0915 1072   hkmsvc (196b4e3f4cccc24af836ce58facbb699) C:\Windows\system32\kmsvc.dll
21:56:45.0994 1072   hkmsvc - ok
21:56:46.0020 1072   HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:\Windows\system32\ListSvc.dll
21:56:46.0142 1072   HomeGroupListener - ok
21:56:46.0237 1072   HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:\Windows\system32\provsvc.dll
21:56:46.0266 1072   HomeGroupProvider - ok
21:56:46.0314 1072   HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
21:56:46.0421 1072   HpSAMD - ok
21:56:46.0468 1072   HsfXAudioService (210388fd8225b02bd83d77628aae64a9) C:\Windows\system32\XAudio32.dll
21:56:46.0630 1072   HsfXAudioService - ok
21:56:46.0787 1072   HSF_DPV (227c3ba25012752bb7450235392c719f) C:\Windows\system32\DRIVERS\HSX_DPV.sys
21:56:46.0921 1072   HSF_DPV - ok
21:56:47.0036 1072   HSXHWAZL (4df5c76302dc2f8f3465966c8426a292) C:\Windows\system32\DRIVERS\HSXHWAZL.sys
21:56:47.0127 1072   HSXHWAZL - ok
21:56:47.0208 1072   HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
21:56:47.0285 1072   HTTP - ok
21:56:47.0333 1072   hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
21:56:47.0408 1072   hwpolicy - ok
21:56:47.0467 1072   i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys
21:56:47.0562 1072   i8042prt - ok
21:56:47.0605 1072   iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys
21:56:47.0681 1072   iaStorV - ok
21:56:47.0842 1072   idsvc (c521d7eb6497bb1af6afa89e322fb43c) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
21:56:47.0918 1072   idsvc - ok
21:56:48.0287 1072   IGBASVC (884243a20eccf90f747854e2f0954719) c:\Program Files\Acer Bio Protection\BASVC.exe
21:56:48.0381 1072   IGBASVC ( UnsignedFile.Multi.Generic ) - warning
21:56:48.0382 1072   IGBASVC - detected UnsignedFile.Multi.Generic (1)
21:56:48.0939 1072   igfx (ad626f6964f4d364d226c39e06872dd3) C:\Windows\system32\DRIVERS\igdkmd32.sys
21:56:49.0047 1072   igfx - ok
21:56:49.0247 1072   iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
21:56:49.0289 1072   iirsp - ok
21:56:49.0546 1072   IKEEXT (f95622f161474511b8d80d6b093aa610) C:\Windows\System32\ikeext.dll
21:56:49.0656 1072   IKEEXT - ok
21:56:49.0687 1072   int15 (58ff11c95c3681c9250914521cb9f036) C:\Windows\system32\drivers\int15.sys
21:56:49.0738 1072   int15 - ok
21:56:49.0943 1072   IntcAzAudAddService (b29e79c67f3779e70ba187e31b639ebc) C:\Windows\system32\drivers\RTKVHDA.sys
21:56:50.0070 1072   IntcAzAudAddService - ok
21:56:50.0220 1072   intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
21:56:50.0344 1072   intelide - ok
21:56:50.0364 1072   intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
21:56:50.0395 1072   intelppm - ok
21:56:50.0446 1072   IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\Windows\system32\ipbusenum.dll
21:56:50.0531 1072   IPBusEnum - ok
21:56:50.0554 1072   IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:56:50.0602 1072   IpFilterDriver - ok
21:56:50.0775 1072   iphlpsvc (4d65a07b795d6674312f879d09aa7663) C:\Windows\System32\iphlpsvc.dll
21:56:50.0854 1072   iphlpsvc - ok
21:56:50.0903 1072   IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
21:56:50.0985 1072   IPMIDRV - ok
21:56:51.0025 1072   IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
21:56:51.0070 1072   IPNAT - ok
21:56:51.0244 1072   iPod Service (ce004777b92dea56fe14ec900d20baa4) C:\Program Files\iPod\bin\iPodService.exe
21:56:51.0283 1072   iPod Service - ok
21:56:51.0291 1072   IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
21:56:51.0360 1072   IRENUM - ok
21:56:51.0397 1072   isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
21:56:51.0469 1072   isapnp - ok
21:56:51.0500 1072   iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
21:56:51.0573 1072   iScsiPrt - ok
21:56:51.0645 1072   IviRegMgr (213822072085b5bbad9af30ab577d817) C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
21:56:51.0680 1072   IviRegMgr - ok
21:56:51.0700 1072   kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
21:56:51.0774 1072   kbdclass - ok
21:56:51.0825 1072   kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\DRIVERS\kbdhid.sys
21:56:51.0900 1072   kbdhid - ok
21:56:51.0944 1072   KeyIso (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
21:56:51.0971 1072   KeyIso - ok
21:56:52.0038 1072   kl1 (ce3958f58547454884e97bda78cd7040) C:\Windows\system32\DRIVERS\kl1.sys
21:56:52.0093 1072   kl1 - ok
21:56:52.0129 1072   klbg (53eedab3f0511321ac3ae8bc968b158c) C:\Windows\system32\drivers\klbg.sys
21:56:52.0181 1072   klbg - ok
21:56:52.0234 1072   KLIF (de6c14fb8438ef932d9f58f269a19b85) C:\Windows\system32\DRIVERS\klif.sys
21:56:52.0286 1072   KLIF - ok
21:56:52.0332 1072   KLIM6 (892cc162dc88ab084c86485879526c59) C:\Windows\system32\DRIVERS\klim6.sys
21:56:52.0386 1072   KLIM6 - ok
21:56:52.0429 1072   klmouflt (aa63a815876a76987b5dbce6af7478e9) C:\Windows\system32\DRIVERS\klmouflt.sys
21:56:52.0480 1072   klmouflt - ok
21:56:52.0526 1072   KSecDD (f4647bb23db9038a7536cf6b68f4207f) C:\Windows\system32\Drivers\ksecdd.sys
21:56:52.0581 1072   KSecDD - ok
21:56:52.0606 1072   KSecPkg (e73cae53bbb72ba26918492c6b4c229d) C:\Windows\system32\Drivers\ksecpkg.sys
21:56:52.0667 1072   KSecPkg - ok
21:56:52.0712 1072   KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\Windows\system32\msdtckrm.dll
21:56:52.0765 1072   KtmRm - ok
21:56:52.0791 1072   L1E (8c804b1ffad1efa952b747e8285c3b76) C:\Windows\system32\DRIVERS\L1E62x86.sys
21:56:52.0818 1072   L1E - ok
21:56:52.0894 1072   LanmanServer (d64af876d53eca3668bb97b51b4e70ab) C:\Windows\System32\srvsvc.dll
21:56:52.0963 1072   LanmanServer - ok
21:56:53.0015 1072   LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:\Windows\System32\wkssvc.dll
21:56:53.0083 1072   LanmanWorkstation - ok
21:56:53.0106 1072   lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
21:56:53.0151 1072   lltdio - ok
21:56:53.0186 1072   lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\Windows\System32\lltdsvc.dll
21:56:53.0234 1072   lltdsvc - ok
21:56:53.0251 1072   lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:\Windows\System32\lmhsvc.dll
21:56:53.0296 1072   lmhosts - ok
21:56:53.0332 1072   LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
21:56:53.0357 1072   LSI_FC - ok
21:56:53.0372 1072   LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
21:56:53.0401 1072   LSI_SAS - ok
21:56:53.0420 1072   LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
21:56:53.0446 1072   LSI_SAS2 - ok
21:56:53.0463 1072   LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
21:56:53.0488 1072   LSI_SCSI - ok
21:56:53.0509 1072   luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
21:56:53.0554 1072   luafv - ok
21:56:53.0633 1072   Mcx2Svc (bfb9ee8ee977efe85d1a3105abef6dd1) C:\Windows\system32\Mcx2Svc.dll
21:56:53.0785 1072   Mcx2Svc - ok
21:56:53.0805 1072   mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys
21:56:53.0986 1072   mdmxsdk - ok
21:56:54.0024 1072   megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
21:56:54.0068 1072   megasas - ok
21:56:54.0104 1072   MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
21:56:54.0131 1072   MegaSR - ok
21:56:54.0238 1072   Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
21:56:54.0261 1072   Microsoft Office Groove Audit Service - ok
21:56:54.0294 1072   MMCSS (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
21:56:54.0340 1072   MMCSS - ok
21:56:54.0358 1072   Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
21:56:54.0401 1072   Modem - ok
21:56:54.0420 1072   monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
21:56:54.0450 1072   monitor - ok
21:56:54.0486 1072   mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\drivers\mouclass.sys
21:56:54.0558 1072   mouclass - ok
21:56:54.0679 1072   mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
21:56:54.0729 1072   mouhid - ok
21:56:54.0914 1072   mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
21:56:54.0991 1072   mountmgr - ok
21:56:55.0073 1072   MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
21:56:55.0219 1072   MozillaMaintenance - ok
21:56:55.0328 1072   mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
21:56:55.0441 1072   mpio - ok
21:56:55.0475 1072   mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
21:56:55.0519 1072   mpsdrv - ok
21:56:55.0606 1072   MpsSvc (9835584e999d25004e1ee8e5f3e3b881) C:\Windows\system32\mpssvc.dll
21:56:55.0708 1072   MpsSvc - ok
21:56:55.0758 1072   MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
21:56:55.0830 1072   MRxDAV - ok
21:56:55.0886 1072   mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys
21:56:56.0103 1072   mrxsmb - ok
21:56:56.0164 1072   mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:56:56.0262 1072   mrxsmb10 - ok
21:56:56.0287 1072   mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:56:56.0426 1072   mrxsmb20 - ok
21:56:56.0516 1072   msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys
21:56:56.0588 1072   msahci - ok
21:56:56.0645 1072   msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys
21:56:56.0742 1072   msdsm - ok
21:56:56.0776 1072   MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:\Windows\System32\msdtc.exe
21:56:56.0850 1072   MSDTC - ok
21:56:56.0876 1072   Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
21:56:56.0922 1072   Msfs - ok
21:56:56.0937 1072   mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
21:56:56.0981 1072   mshidkmdf - ok
21:56:56.0995 1072   msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
21:56:57.0065 1072   msisadrv - ok
21:56:57.0104 1072   MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:\Windows\system32\iscsiexe.dll
21:56:57.0167 1072   MSiSCSI - ok
21:56:57.0175 1072   msiserver - ok
21:56:57.0191 1072   MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
21:56:57.0241 1072   MSKSSRV - ok
21:56:57.0249 1072   MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
21:56:57.0297 1072   MSPCLOCK - ok
21:56:57.0305 1072   MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
21:56:57.0366 1072   MSPQM - ok
21:56:57.0391 1072   MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
21:56:57.0420 1072   MsRPC - ok
21:56:57.0471 1072   mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys
21:56:57.0591 1072   mssmbios - ok
21:56:57.0668 1072   MSSQL$MSSMLBIZ - ok
21:56:57.0744 1072   MSSQLServerADHelper (1d89eb4e2a99cabd4e81225f4f4c4b25) c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe
21:56:57.0953 1072   MSSQLServerADHelper - ok
21:56:58.0008 1072   MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
21:56:58.0052 1072   MSTEE - ok
21:56:58.0061 1072   MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
21:56:58.0092 1072   MTConfig - ok
21:56:58.0116 1072   Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
21:56:58.0142 1072   Mup - ok
21:56:58.0206 1072   napagent (61d57a5d7c6d9afe10e77dae6e1b445e) C:\Windows\system32\qagentRT.dll
21:56:58.0288 1072   napagent - ok
21:56:58.0325 1072   NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
21:56:58.0360 1072   NativeWifiP - ok
21:56:58.0420 1072   NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys
21:56:58.0496 1072   NDIS - ok
21:56:58.0515 1072   NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
21:56:58.0561 1072   NdisCap - ok
21:56:58.0581 1072   NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
21:56:58.0624 1072   NdisTapi - ok
21:56:58.0664 1072   Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys
21:56:58.0709 1072   Ndisuio - ok
21:56:58.0758 1072   NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys
21:56:58.0803 1072   NdisWan - ok
21:56:58.0853 1072   NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
21:56:58.0923 1072   NDProxy - ok
21:56:58.0976 1072   Net Driver HPZ12 (90eb97c8dbf11bb0016c51946ac5ecd6) C:\Windows\system32\HPZinw12.dll
21:56:59.0005 1072   Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
21:56:59.0005 1072   Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
21:56:59.0043 1072   NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
21:56:59.0088 1072   NetBIOS - ok
21:56:59.0141 1072   NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys
21:56:59.0218 1072   NetBT - ok
21:56:59.0256 1072   Netlogon (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
21:56:59.0285 1072   Netlogon - ok
21:56:59.0339 1072   Netman (7cccfca7510684768da22092d1fa4db2) C:\Windows\System32\netman.dll
21:56:59.0391 1072   Netman - ok
21:56:59.0521 1072   NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
21:56:59.0568 1072   NetMsmqActivator - ok
21:56:59.0575 1072   NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
21:56:59.0599 1072   NetPipeActivator - ok
21:56:59.0629 1072   netprofm (8c338238c16777a802d6a9211eb2ba50) C:\Windows\System32\netprofm.dll
21:56:59.0680 1072   netprofm - ok
21:56:59.0687 1072   NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
21:56:59.0714 1072   NetTcpActivator - ok
21:56:59.0721 1072   NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
21:56:59.0748 1072   NetTcpPortSharing - ok
21:56:59.0780 1072   nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
21:56:59.0806 1072   nfrd960 - ok
21:56:59.0874 1072   NlaSvc (912084381d30d8b89ec4e293053f4710) C:\Windows\System32\nlasvc.dll
21:56:59.0968 1072   NlaSvc - ok
21:56:59.0988 1072   Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
21:57:00.0033 1072   Npfs - ok
21:57:00.0069 1072   nsi (ba387e955e890c8a88306d9b8d06bf17) C:\Windows\system32\nsisvc.dll
21:57:00.0125 1072   nsi - ok
21:57:00.0154 1072   nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
21:57:00.0199 1072   nsiproxy - ok
21:57:00.0360 1072   Ntfs (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys
21:57:00.0528 1072   Ntfs - ok
21:57:00.0687 1072   NTIBackupSvc (fd324cce1d4d5bb5af65f8e55b462c7e) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
21:57:00.0758 1072   NTIBackupSvc - ok
21:57:00.0888 1072   NTIDrvr (6dcaa65f49ef3b97a5cffc0cb5de1c2f) C:\Windows\system32\drivers\NTIDrvr.sys
21:57:00.0956 1072   NTIDrvr - ok
21:57:00.0995 1072   NTISchedulerSvc (3f6268a2ec33cd38cf75c880af8ded42) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
21:57:01.0057 1072   NTISchedulerSvc - ok
21:57:01.0097 1072   Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
21:57:01.0152 1072   Null - ok
21:57:01.0211 1072   nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys
21:57:01.0354 1072   nvraid - ok
21:57:01.0390 1072   nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys
21:57:01.0526 1072   nvstor - ok
21:57:01.0609 1072   nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys
21:57:01.0728 1072   nv_agp - ok
21:57:01.0788 1072   O2FLASH (d955d5de998db2476bf0892be3a96c26) C:\Windows\system32\DRIVERS\o2flash.exe
21:57:01.0957 1072   O2FLASH - ok
21:57:02.0000 1072   O2MDRDR (922046f114ac0c1b2484bcdd5ca43c07) C:\Windows\system32\DRIVERS\o2media.sys
21:57:02.0070 1072   O2MDRDR - ok
21:57:02.0087 1072   O2SDRDR (51c368f577513feb59ed70b45e930076) C:\Windows\system32\DRIVERS\o2sd.sys
21:57:02.0163 1072   O2SDRDR - ok
21:57:02.0301 1072   odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
21:57:02.0332 1072   odserv - ok
21:57:02.0378 1072   ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
21:57:02.0454 1072   ohci1394 - ok
21:57:02.0504 1072   ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:57:02.0530 1072   ose - ok
21:57:03.0004 1072   osppsvc (358a9cca612c68eb2f07ddad4ce1d8d7) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
21:57:03.0143 1072   osppsvc - ok
21:57:03.0331 1072   p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
21:57:03.0477 1072   p2pimsvc - ok
21:57:03.0511 1072   p2psvc (59c3ddd501e39e006dac31bf55150d91) C:\Windows\system32\p2psvc.dll
21:57:03.0553 1072   p2psvc - ok
21:57:03.0606 1072   Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
21:57:03.0653 1072   Parport - ok
21:57:03.0697 1072   partmgr (3f34a1b4c5f6475f320c275e63afce9b) C:\Windows\system32\drivers\partmgr.sys
21:57:03.0735 1072   partmgr - ok
21:57:03.0756 1072   Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
21:57:03.0785 1072   Parvdm - ok
21:57:03.0816 1072   PcaSvc (358ab7956d3160000726574083dfc8a6) C:\Windows\System32\pcasvc.dll
21:57:03.0854 1072   PcaSvc - ok
21:57:03.0911 1072   pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
21:57:03.0997 1072   pci - ok
21:57:04.0025 1072   pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
21:57:04.0096 1072   pciide - ok
21:57:04.0138 1072   pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
21:57:04.0191 1072   pcmcia - ok
21:57:04.0218 1072   pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
21:57:04.0255 1072   pcw - ok
21:57:04.0311 1072   PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
21:57:04.0373 1072   PEAUTH - ok
21:57:04.0465 1072   PeerDistSvc (af4d64d2a57b9772cf3801950b8058a6) C:\Windows\system32\peerdistsvc.dll
21:57:04.0591 1072   PeerDistSvc - ok
21:57:04.0794 1072   pgfilter - ok
21:57:05.0150 1072   pla (414bba67a3ded1d28437eb66aeb8a720) C:\Windows\system32\pla.dll
21:57:05.0247 1072   pla - ok
21:57:05.0420 1072   PlugPlay (ec7bc28d207da09e79b3e9faf8b232ca) C:\Windows\system32\umpnpmgr.dll
21:57:05.0684 1072   PlugPlay - ok
21:57:05.0745 1072   Pml Driver HPZ12 (75cf9de0a67af916ed591743dfb69694) C:\Windows\system32\HPZipm12.dll
21:57:05.0852 1072   Pml Driver HPZ12 - ok
21:57:05.0880 1072   PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) C:\Windows\system32\pnrpauto.dll
21:57:05.0915 1072   PNRPAutoReg - ok
21:57:05.0952 1072   PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
21:57:05.0985 1072   PNRPsvc - ok
21:57:06.0062 1072   PolicyAgent (53946b69ba0836bd95b03759530c81ec) C:\Windows\System32\ipsecsvc.dll
21:57:06.0151 1072   PolicyAgent - ok
21:57:06.0211 1072   Power (f87d30e72e03d579a5199ccb3831d6ea) C:\Windows\system32\umpo.dll
21:57:06.0297 1072   Power - ok
21:57:06.0363 1072   PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
21:57:06.0429 1072   PptpMiniport - ok
21:57:06.0448 1072   Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
21:57:06.0476 1072   Processor - ok
21:57:06.0504 1072   ProfSvc (43ca4ccc22d52fb58e8988f0198851d0) C:\Windows\system32\profsvc.dll
21:57:06.0576 1072   ProfSvc - ok
21:57:06.0623 1072   ProtectedStorage (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
21:57:06.0669 1072   ProtectedStorage - ok
21:57:06.0695 1072   Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
21:57:06.0742 1072   Psched - ok
21:57:06.0818 1072   PSI_SVC_2 (a6a7ad767bf5141665f5c675f671b3e1) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
21:57:06.0869 1072   PSI_SVC_2 - ok
21:57:06.0984 1072   ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
21:57:07.0059 1072   ql2300 - ok
21:57:07.0219 1072   ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
21:57:07.0266 1072   ql40xx - ok
21:57:07.0320 1072   QWAVE (31ac809e7707eb580b2bdb760390765a) C:\Windows\system32\qwave.dll
21:57:07.0367 1072   QWAVE - ok
21:57:07.0392 1072   QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
21:57:07.0427 1072   QWAVEdrv - ok
21:57:07.0442 1072   RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
21:57:07.0487 1072   RasAcd - ok
21:57:07.0519 1072   RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
21:57:07.0579 1072   RasAgileVpn - ok
21:57:07.0601 1072   RasAuto (a60f1839849c0c00739787fd5ec03f13) C:\Windows\System32\rasauto.dll
21:57:07.0698 1072   RasAuto - ok
21:57:07.0733 1072   Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
21:57:07.0793 1072   Rasl2tp - ok
21:57:07.0868 1072   RasMan (cb9e04dc05eacf5b9a36ca276d475006) C:\Windows\System32\rasmans.dll
21:57:07.0940 1072   RasMan - ok
21:57:07.0971 1072   RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
21:57:08.0033 1072   RasPppoe - ok
21:57:08.0054 1072   RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
21:57:08.0112 1072   RasSstp - ok
21:57:08.0144 1072   rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
21:57:08.0213 1072   rdbss - ok
21:57:08.0233 1072   rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
21:57:08.0277 1072   rdpbus - ok
21:57:08.0322 1072   RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
21:57:08.0396 1072   RDPCDD - ok
21:57:08.0456 1072   RDPDR (b973fcfc50dc1434e1970a146f7e3885) C:\Windows\system32\drivers\rdpdr.sys
21:57:08.0610 1072   RDPDR - ok
21:57:08.0677 1072   RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
21:57:08.0747 1072   RDPENCDD - ok
21:57:08.0784 1072   RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
21:57:08.0826 1072   RDPREFMP - ok
21:57:08.0891 1072   RDPWD (244c83332f44589ae98fc347f11b2693) C:\Windows\system32\drivers\RDPWD.sys
21:57:08.0946 1072   RDPWD - ok
21:57:09.0008 1072   rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
21:57:09.0061 1072   rdyboost - ok
21:57:09.0092 1072   regi (001b4278407f4303efc902a2b16f2453) C:\Windows\system32\drivers\regi.sys
21:57:09.0161 1072   regi - ok
21:57:09.0210 1072   RemoteAccess (7b5e1419717fac363a31cc302895217a) C:\Windows\System32\mprdim.dll
21:57:09.0301 1072   RemoteAccess - ok
21:57:09.0342 1072   RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) C:\Windows\system32\regsvc.dll
21:57:09.0400 1072   RemoteRegistry - ok
21:57:09.0440 1072   RFCOMM (cb928d9e6daf51879dd6ba8d02f01321) C:\Windows\system32\DRIVERS\rfcomm.sys
21:57:09.0558 1072   RFCOMM - ok
21:57:09.0587 1072   RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) C:\Windows\System32\RpcEpMap.dll
21:57:09.0641 1072   RpcEptMapper - ok
21:57:09.0658 1072   RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) C:\Windows\system32\locator.exe
21:57:09.0750 1072   RpcLocator - ok
21:57:09.0967 1072   RpcSs (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
21:57:10.0017 1072   RpcSs - ok
21:57:10.0064 1072   rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
21:57:10.0126 1072   rspndr - ok
21:57:10.0224 1072   RS_Service (b5a4b7d779cf4070df408de18bd33b02) C:\Program Files\Acer\Acer VCM\RS_Service.exe
21:57:10.0264 1072   RS_Service ( UnsignedFile.Multi.Generic ) - warning
21:57:10.0264 1072   RS_Service - detected UnsignedFile.Multi.Generic (1)
21:57:10.0306 1072   s3cap (7fa7f2e249a5dcbb7970630e15e1f482) C:\Windows\system32\drivers\vms3cap.sys
21:57:10.0459 1072   s3cap - ok
21:57:10.0519 1072   SABKUTIL - ok
21:57:10.0556 1072   SABProcEnum - ok
21:57:10.0600 1072   SamSs (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
21:57:10.0629 1072   SamSs - ok
21:57:10.0745 1072   SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
21:57:10.0793 1072   SASDIFSV - ok
21:57:10.0817 1072   SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
21:57:10.0847 1072   SASKUTIL - ok
21:57:10.0903 1072   sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
21:57:11.0010 1072   sbp2port - ok
21:57:11.0048 1072   SCardSvr (8fc518ffe9519c2631d37515a68009c4) C:\Windows\System32\SCardSvr.dll
21:57:11.0101 1072   SCardSvr - ok
21:57:11.0143 1072   scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
21:57:11.0188 1072   scfilter - ok
21:57:11.0294 1072   Schedule (a04bb13f8a72f8b6e8b4071723e4e336) C:\Windows\system32\schedsvc.dll
21:57:11.0386 1072   Schedule - ok
21:57:11.0436 1072   SCPolicySvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
21:57:11.0507 1072   SCPolicySvc - ok
21:57:11.0554 1072   sdbus (0328be1c7f1cba23848179f8762e391c) C:\Windows\system32\drivers\sdbus.sys
21:57:11.0644 1072   sdbus - ok
21:57:11.0669 1072   SDRSVC (08236c4bce5edd0a0318a438af28e0f7) C:\Windows\System32\SDRSVC.dll
21:57:11.0762 1072   SDRSVC - ok
21:57:11.0924 1072   secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
21:57:11.0997 1072   secdrv - ok
21:57:12.0034 1072   seclogon (a59b3a4442c52060cc7a85293aa3546f) C:\Windows\system32\seclogon.dll
21:57:12.0095 1072   seclogon - ok
21:57:12.0126 1072   SENS (dcb7fcdcc97f87360f75d77425b81737) C:\Windows\system32\sens.dll
21:57:12.0176 1072   SENS - ok
21:57:12.0200 1072   SensrSvc (50087fe1ee447009c9cc2997b90de53f) C:\Windows\system32\sensrsvc.dll
21:57:12.0274 1072   SensrSvc - ok
21:57:12.0294 1072   Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
21:57:12.0321 1072   Serenum - ok
21:57:12.0345 1072   Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
21:57:12.0375 1072   Serial - ok
21:57:12.0430 1072   sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
21:57:12.0527 1072   sermouse - ok
21:57:12.0594 1072   SessionEnv (4ae380f39a0032eab7dd953030b26d28) C:\Windows\system32\sessenv.dll
21:57:12.0682 1072   SessionEnv - ok
21:57:12.0726 1072   sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
21:57:12.0828 1072   sffdisk - ok
21:57:12.0846 1072   sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
21:57:12.0920 1072   sffp_mmc - ok
21:57:12.0930 1072   sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys
21:57:13.0019 1072   sffp_sd - ok
21:57:13.0047 1072   sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
21:57:13.0074 1072   sfloppy - ok
21:57:13.0167 1072   SharedAccess (d1a079a0de2ea524513b6930c24527a2) C:\Windows\System32\ipnathlp.dll
21:57:13.0224 1072   SharedAccess - ok
21:57:13.0285 1072   ShellHWDetection (414da952a35bf5d50192e28263b40577) C:\Windows\System32\shsvcs.dll
21:57:13.0403 1072   ShellHWDetection - ok
21:57:13.0447 1072   sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
21:57:13.0573 1072   sisagp - ok
21:57:13.0603 1072   SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
21:57:13.0632 1072   SiSRaid2 - ok
21:57:13.0662 1072   SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
21:57:13.0689 1072   SiSRaid4 - ok
21:57:13.0710 1072   Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
21:57:13.0760 1072   Smb - ok
21:57:13.0828 1072   SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) C:\Windows\System32\snmptrap.exe
21:57:13.0860 1072   SNMPTRAP - ok
21:57:13.0887 1072   spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
21:57:13.0914 1072   spldr - ok
21:57:13.0984 1072   Spooler (866a43013535dc8587c258e43579c764) C:\Windows\System32\spoolsv.exe
21:57:14.0078 1072   Spooler - ok
21:57:14.0361 1072   sppsvc (cf87a1de791347e75b98885214ced2b8) C:\Windows\system32\sppsvc.exe
21:57:14.0493 1072   sppsvc - ok
21:57:14.0710 1072   sppuinotify (b0180b20b065d89232a78a40fe56eaa6) C:\Windows\system32\sppuinotify.dll
21:57:14.0786 1072   sppuinotify - ok
21:57:14.0903 1072   SQLBrowser (86ebd8b1f23e743aad21f4d5b4d40985) c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
21:57:15.0037 1072   SQLBrowser - ok
21:57:15.0055 1072   SQLWriter (d89083c4eb02daca8f944b0e05e57f9d) c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
21:57:15.0092 1072   SQLWriter - ok
21:57:15.0347 1072   srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys
21:57:15.0532 1072   srv - ok
21:57:15.0599 1072   srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys
21:57:15.0759 1072   srv2 - ok
21:57:15.0815 1072   SrvHsfHDA (e00fdfaff025e94f9821153750c35a6d) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
21:57:15.0881 1072   SrvHsfHDA - ok
21:57:15.0970 1072   SrvHsfV92 (ceb4e3b6890e1e42dca6694d9e59e1a0) C:\Windows\system32\DRIVERS\VSTDPV3.SYS
21:57:16.0052 1072   SrvHsfV92 - ok
21:57:16.0128 1072   SrvHsfWinac (bc0c7ea89194c299f051c24119000e17) C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
21:57:16.0204 1072   SrvHsfWinac - ok
21:57:16.0254 1072   srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys
21:57:16.0394 1072   srvnet - ok
21:57:16.0512 1072   SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) C:\Windows\System32\ssdpsrv.dll
21:57:16.0588 1072   SSDPSRV - ok
21:57:16.0622 1072   SstpSvc (d318f23be45d5e3a107469eb64815b50) C:\Windows\system32\sstpsvc.dll
21:57:16.0672 1072   SstpSvc - ok
21:57:16.0708 1072   stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
21:57:16.0733 1072   stexstor - ok
21:57:16.0804 1072   StiSvc (e1fb3706030fb4578a0d72c2fc3689e4) C:\Windows\System32\wiaservc.dll
21:57:16.0916 1072   StiSvc - ok
21:57:16.0967 1072   storflt (472af0311073dceceaa8fa18ba2bdf89) C:\Windows\system32\drivers\vmstorfl.sys
21:57:17.0076 1072   storflt - ok
21:57:17.0203 1072   StorSvc (0bf669f0a910beda4a32258d363af2a5) C:\Windows\system32\storsvc.dll
21:57:17.0340 1072   StorSvc - ok
21:57:17.0360 1072   storvsc (dcaffd62259e0bdb433dd67b5bb37619) C:\Windows\system32\drivers\storvsc.sys
21:57:17.0464 1072   storvsc - ok
21:57:17.0485 1072   swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys
21:57:17.0599 1072   swenum - ok
21:57:17.0648 1072   swprv (a28bd92df340e57b024ba433165d34d7) C:\Windows\System32\swprv.dll
21:57:17.0717 1072   swprv - ok
21:57:17.0762 1072   SynTP (47183e3520c88fadd5b0c87d57040da5) C:\Windows\system3

evilfantasy · « **Reply #12 on:** May 31, 2012, 08:42:16 PM »

It looks like the bottom part of the TDSS log is cut off?

Peter Jordan · « **Reply #13 on:** May 31, 2012, 09:00:55 PM »

21:55:33.0254 5604   TDSS rootkit removing tool 2.7.36.0 May 21 2012 16:40:16
21:55:33.0771 5604   ============================================================
21:55:33.0771 5604   Current date / time: 2012/05/31 21:55:33.0771
21:55:33.0771 5604   SystemInfo:
21:55:33.0771 5604
21:55:33.0771 5604   OS Version: 6.1.7601 ServicePack: 1.0
21:55:33.0771 5604   Product type: Workstation
21:55:33.0772 5604   ComputerName: PETER-PC
21:55:33.0772 5604   UserName: Peter
21:55:33.0772 5604   Windows directory: C:\Windows
21:55:33.0773 5604   System windows directory: C:\Windows
21:55:33.0773 5604   Processor architecture: Intel x86
21:55:33.0773 5604   Number of processors: 2
21:55:33.0773 5604   Page size: 0x1000
21:55:33.0773 5604   Boot type: Normal boot
21:55:33.0773 5604   ============================================================
21:55:35.0234 5604   Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
21:55:35.0238 5604   ============================================================
21:55:35.0238 5604   \Device\Harddisk0\DR0:
21:55:35.0239 5604   MBR partitions:
21:55:35.0239 5604   \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1770800, BlocksNum 0x32000
21:55:35.0239 5604   \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x17A2800, BlocksNum 0x1BA22970
21:55:35.0239 5604   ============================================================
21:55:35.0282 5604   C: <-> \Device\Harddisk0\DR0\Partition1
21:55:35.0283 5604   ============================================================
21:55:35.0283 5604   Initialize success
21:55:35.0283 5604   ============================================================
21:56:22.0285 1072   ============================================================
21:56:22.0285 1072   Scan started
21:56:22.0285 1072   Mode: Manual; SigCheck; TDLFS;
21:56:22.0285 1072   ============================================================
21:56:23.0539 1072   !SASCORE (c0393eb99a6c72c6bef9bfc4a72b33a6) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
21:56:23.0743 1072   !SASCORE - ok
21:56:23.0914 1072   1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
21:56:24.0264 1072   1394ohci - ok
21:56:24.0325 1072   ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
21:56:24.0411 1072   ACPI - ok
21:56:24.0427 1072   AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
21:56:24.0551 1072   AcpiPmi - ok
21:56:24.0691 1072   AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
21:56:24.0839 1072   AdobeARMservice - ok
21:56:24.0964 1072   AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
21:56:25.0016 1072   AdobeFlashPlayerUpdateSvc - ok
21:56:25.0073 1072   adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
21:56:25.0108 1072   adp94xx - ok
21:56:25.0136 1072   adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
21:56:25.0169 1072   adpahci - ok
21:56:25.0186 1072   adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
21:56:25.0221 1072   adpu320 - ok
21:56:25.0256 1072   AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\Windows\System32\aelupsvc.dll
21:56:25.0330 1072   AeLookupSvc - ok
21:56:25.0393 1072   AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys
21:56:25.0641 1072   AFD - ok
21:56:25.0676 1072   agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
21:56:25.0761 1072   agp440 - ok
21:56:25.0782 1072   aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
21:56:25.0810 1072   aic78xx - ok
21:56:25.0843 1072   ALG (18a54e132947cd98fea9accc57f98f13) C:\Windows\System32\alg.exe
21:56:25.0974 1072   ALG - ok
21:56:26.0052 1072   aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
21:56:26.0151 1072   aliide - ok
21:56:26.0189 1072   AMD External Events Utility (92543da5bb9775978fdbc1650c24a058) C:\Windows\system32\atiesrxx.exe
21:56:26.0361 1072   AMD External Events Utility - ok
21:56:26.0459 1072   amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
21:56:26.0676 1072   amdagp - ok
21:56:26.0769 1072   amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
21:56:26.0968 1072   amdide - ok
21:56:27.0066 1072   AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
21:56:27.0174 1072   AmdK8 - ok
21:56:27.0193 1072   AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
21:56:27.0223 1072   AmdPPM - ok
21:56:27.0238 1072   amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys
21:56:27.0437 1072   amdsata - ok
21:56:27.0475 1072   amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
21:56:27.0507 1072   amdsbs - ok
21:56:27.0530 1072   amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys
21:56:27.0745 1072   amdxata - ok
21:56:27.0785 1072   AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
21:56:27.0984 1072   AppID - ok
21:56:28.0059 1072   AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\Windows\System32\appidsvc.dll
21:56:28.0112 1072   AppIDSvc - ok
21:56:28.0156 1072   Appinfo (fb1959012294d6ad43e5304df65e3c26) C:\Windows\System32\appinfo.dll
21:56:28.0245 1072   Appinfo - ok
21:56:28.0390 1072   Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
21:56:28.0518 1072   Apple Mobile Device - ok
21:56:28.0635 1072   AppMgmt (a45d184df6a8803da13a0b329517a64a) C:\Windows\System32\appmgmts.dll
21:56:28.0893 1072   AppMgmt - ok
21:56:28.0972 1072   arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
21:56:29.0002 1072   arc - ok
21:56:29.0021 1072   arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
21:56:29.0067 1072   arcsas - ok
21:56:29.0201 1072   aspnet_state (776acefa0ca9df0faa51a5fb2f435705) C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
21:56:29.0620 1072   aspnet_state - ok
21:56:29.0646 1072   AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
21:56:29.0964 1072   AsyncMac - ok
21:56:30.0003 1072   atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
21:56:30.0289 1072   atapi - ok
21:56:30.0415 1072   athr (b01751cc563aecac09bbe36aaa21fbef) C:\Windows\system32\DRIVERS\athr.sys
21:56:30.0618 1072   athr - ok
21:56:30.0773 1072   AtiHdmiService (bb9e7c7f937714f05a4e05c287d6ddff) C:\Windows\system32\drivers\AtiHdmi.sys
21:56:31.0436 1072   AtiHdmiService - ok
21:56:31.0857 1072   atikmdag (632a5be70d168b84f658a82ac8dbbead) C:\Windows\system32\DRIVERS\atikmdag.sys
21:56:32.0054 1072   atikmdag - ok
21:56:32.0286 1072   AtiPcie (b73c832088dd54b55e04ff6f9646ad8c) C:\Windows\system32\DRIVERS\AtiPcie.sys
21:56:32.0351 1072   AtiPcie - ok
21:56:32.0516 1072   AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
21:56:32.0678 1072   AudioEndpointBuilder - ok
21:56:32.0687 1072   Audiosrv (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
21:56:32.0735 1072   Audiosrv - ok
21:56:32.0888 1072   AVP (df9586377384df3808d42090242cc23b) C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe
21:56:32.0960 1072   AVP - ok
21:56:33.0014 1072   AxInstSV (6e30d02aac9cac84f421622e3a2f6178) C:\Windows\System32\AxInstSV.dll
21:56:33.0151 1072   AxInstSV - ok
21:56:33.0283 1072   b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
21:56:33.0366 1072   b06bdrv - ok
21:56:33.0401 1072   b57nd60x (6f41a4c5745bb99f89406f57164f099e) C:\Windows\system32\DRIVERS\b57nd60x.sys
21:56:33.0428 1072   b57nd60x - ok
21:56:33.0532 1072   BcmSqlStartupSvc (6163664c7e9cd110af70180c126c3fdc) C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
21:56:33.0580 1072   BcmSqlStartupSvc - ok
21:56:33.0611 1072   BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:\Windows\System32\bdesvc.dll
21:56:33.0730 1072   BDESVC - ok
21:56:33.0823 1072   Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
21:56:33.0868 1072   Beep - ok
21:56:34.0168 1072   BFE (1e2bac209d184bb851e1a187d8a29136) C:\Windows\System32\bfe.dll
21:56:34.0260 1072   BFE - ok
21:56:34.0316 1072   BITS (e585445d5021971fae10393f0f1c3961) C:\Windows\system32\qmgr.dll
21:56:34.0398 1072   BITS - ok
21:56:34.0414 1072   blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
21:56:34.0465 1072   blbdrive - ok
21:56:34.0607 1072   Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
21:56:34.0653 1072   Bonjour Service - ok
21:56:34.0710 1072   bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys
21:56:34.0995 1072   bowser - ok
21:56:35.0026 1072   BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
21:56:35.0100 1072   BrFiltLo - ok
21:56:35.0128 1072   BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
21:56:35.0155 1072   BrFiltUp - ok
21:56:35.0219 1072   BridgeMP (77361d72a04f18809d0efb6cceb74d4b) C:\Windows\system32\DRIVERS\bridge.sys
21:56:35.0298 1072   BridgeMP - ok
21:56:35.0355 1072   Browser (6e11f33d14d020f58d5e02e4d67dfa19) C:\Windows\System32\browser.dll
21:56:35.0437 1072   Browser - ok
21:56:35.0482 1072   Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
21:56:35.0537 1072   Brserid - ok
21:56:35.0566 1072   BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
21:56:35.0595 1072   BrSerWdm - ok
21:56:35.0613 1072   BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
21:56:35.0642 1072   BrUsbMdm - ok
21:56:35.0652 1072   BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
21:56:35.0680 1072   BrUsbSer - ok
21:56:35.0727 1072   BthEnum (2865a5c8e98c70c605f417908cebb3a4) C:\Windows\system32\drivers\BthEnum.sys
21:56:35.0790 1072   BthEnum - ok
21:56:35.0818 1072   BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
21:56:35.0847 1072   BTHMODEM - ok
21:56:35.0874 1072   BthPan (ad1872e5829e8a2c3b5b4b641c3eab0e) C:\Windows\system32\DRIVERS\bthpan.sys
21:56:35.0996 1072   BthPan - ok
21:56:36.0069 1072   BTHPORT (c2fbf6d271d9a94d839c416bf186ead9) C:\Windows\System32\Drivers\BTHport.sys
21:56:36.0152 1072   BTHPORT - ok
21:56:36.0184 1072   bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\Windows\system32\bthserv.dll
21:56:36.0232 1072   bthserv - ok
21:56:36.0281 1072   BTHUSB (c81e9413a25a439f436b1d4b6a0cf9e9) C:\Windows\System32\Drivers\BTHUSB.sys
21:56:36.0424 1072   BTHUSB - ok
21:56:36.0455 1072   btwaudio (d57d29132efe13a83133d9bd449e0cf1) C:\Windows\system32\drivers\btwaudio.sys
21:56:36.0525 1072   btwaudio - ok
21:56:36.0550 1072   btwavdt (d282c14a69357d0e1bafaecc2ca98c3a) C:\Windows\system32\drivers\btwavdt.sys
21:56:36.0631 1072   btwavdt - ok
21:56:36.0736 1072   btwdins (528aaea4bea415f7dbc30653ef2cdca5) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
21:56:36.0803 1072   btwdins - ok
21:56:36.0828 1072   btwl2cap (aafd7cb76ba61fbb08e302da208c974a) C:\Windows\system32\DRIVERS\btwl2cap.sys
21:56:36.0903 1072   btwl2cap - ok
21:56:36.0915 1072   btwrchid (02eb4d2b05967df2d32f29c84ab1fb17) C:\Windows\system32\DRIVERS\btwrchid.sys
21:56:36.0984 1072   btwrchid - ok
21:56:37.0092 1072   catchme - ok
21:56:37.0138 1072   cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
21:56:37.0207 1072   cdfs - ok
21:56:37.0256 1072   cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\drivers\cdrom.sys
21:56:37.0389 1072   cdrom - ok
21:56:37.0435 1072   CertPropSvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
21:56:37.0524 1072   CertPropSvc - ok
21:56:37.0540 1072   circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
21:56:37.0571 1072   circlass - ok
21:56:37.0614 1072   CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
21:56:37.0644 1072   CLFS - ok
21:56:37.0724 1072   clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:56:37.0763 1072   clr_optimization_v2.0.50727_32 - ok
21:56:37.0839 1072   clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:56:37.0895 1072   clr_optimization_v4.0.30319_32 - ok
21:56:37.0928 1072   CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
21:56:37.0956 1072   CmBatt - ok
21:56:38.0002 1072   cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
21:56:38.0072 1072   cmdide - ok
21:56:38.0141 1072   CNG (6427525d76f61d0c519b008d3680e8e7) C:\Windows\system32\Drivers\cng.sys
21:56:38.0222 1072   CNG - ok
21:56:38.0235 1072   Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
21:56:38.0260 1072   Compbatt - ok
21:56:38.0301 1072   CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys
21:56:38.0488 1072   CompositeBus - ok
21:56:38.0493 1072   COMSysApp - ok
21:56:38.0542 1072   crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
21:56:38.0564 1072   crcdisk - ok
21:56:38.0622 1072   CryptSvc (a585bebf7d054bd9618eda0922d5484a) C:\Windows\system32\cryptsvc.dll
21:56:38.0702 1072   CryptSvc - ok
21:56:38.0771 1072   CSC (3c2177a897b4ca2788c6fb0c3fd81d4b) C:\Windows\system32\drivers\csc.sys
21:56:38.0859 1072   CSC - ok
21:56:38.0912 1072   CscService (15f93b37f6801943360d9eb42485d5d3) C:\Windows\System32\cscsvc.dll
21:56:38.0989 1072   CscService - ok
21:56:39.0029 1072   DcomLaunch (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
21:56:39.0078 1072   DcomLaunch - ok
21:56:39.0120 1072   defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\Windows\System32\defragsvc.dll
21:56:39.0171 1072   defragsvc - ok
21:56:39.0248 1072   DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
21:56:39.0322 1072   DfsC - ok
21:56:39.0371 1072   Dhcp (e9e01eb683c132f7fa27cd607b8a2b63) C:\Windows\system32\dhcpcore.dll
21:56:39.0449 1072   Dhcp - ok
21:56:39.0474 1072   discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
21:56:39.0528 1072   discache - ok
21:56:39.0562 1072   Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
21:56:39.0612 1072   Disk - ok
21:56:39.0645 1072   DKbFltr (c701324c9e0c25dd9d60311bd87fbc84) C:\Windows\system32\DRIVERS\DKbFltr.sys
21:56:39.0727 1072   DKbFltr - ok
21:56:39.0791 1072   Dnscache (33ef4861f19a0736b11314aad9ae28d0) C:\Windows\System32\dnsrslvr.dll
21:56:39.0983 1072   Dnscache - ok
21:56:40.0055 1072   dot3svc (366ba8fb4b7bb7435e3b9eacb3843f67) C:\Windows\System32\dot3svc.dll
21:56:40.0150 1072   dot3svc - ok
21:56:40.0208 1072   DPS (8ec04ca86f1d68da9e11952eb85973d6) C:\Windows\system32\dps.dll
21:56:40.0306 1072   DPS - ok
21:56:40.0331 1072   drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
21:56:40.0361 1072   drmkaud - ok
21:56:40.0403 1072   dwshd - ok
21:56:40.0527 1072   DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
21:56:40.0622 1072   DXGKrnl - ok
21:56:40.0677 1072   EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\Windows\System32\eapsvc.dll
21:56:40.0743 1072   EapHost - ok
21:56:41.0013 1072   ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
21:56:41.0086 1072   ebdrv - ok
21:56:41.0233 1072   EFS (81951f51e318aecc2d68559e47485cc4) C:\Windows\System32\lsass.exe
21:56:41.0362 1072   EFS - ok
21:56:41.0498 1072   ehRecvr (a8c362018efc87beb013ee28f29c0863) C:\Windows\ehome\ehRecvr.exe
21:56:41.0621 1072   ehRecvr - ok
21:56:41.0654 1072   ehSched (d389bff34f80caede417bf9d1507996a) C:\Windows\ehome\ehsched.exe
21:56:41.0749 1072   ehSched - ok
21:56:41.0849 1072   elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
21:56:41.0912 1072   elxstor - ok
21:56:41.0953 1072   ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
21:56:42.0047 1072   ErrDev - ok
21:56:42.0124 1072   esgiguard - ok
21:56:42.0197 1072   ETService (2f6d55dc521c557880116b51925a792a) C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
21:56:42.0253 1072   ETService ( UnsignedFile.Multi.Generic ) - warning
21:56:42.0253 1072   ETService - detected UnsignedFile.Multi.Generic (1)
21:56:42.0317 1072   EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\Windows\system32\es.dll
21:56:42.0385 1072   EventSystem - ok
21:56:42.0427 1072   exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
21:56:42.0475 1072   exfat - ok
21:56:42.0506 1072   fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
21:56:42.0551 1072   fastfat - ok
21:56:42.0645 1072   Fax (967ea5b213e9984cbe270205df37755b) C:\Windows\system32\fxssvc.exe
21:56:42.0753 1072   Fax - ok
21:56:42.0773 1072   fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
21:56:42.0801 1072   fdc - ok
21:56:42.0826 1072   fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\Windows\system32\fdPHost.dll
21:56:42.0875 1072   fdPHost - ok
21:56:42.0892 1072   FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\Windows\system32\fdrespub.dll
21:56:43.0006 1072   FDResPub - ok
21:56:43.0022 1072   FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
21:56:43.0049 1072   FileInfo - ok
21:56:43.0068 1072   Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
21:56:43.0112 1072   Filetrace - ok
21:56:43.0132 1072   flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
21:56:43.0159 1072   flpydisk - ok
21:56:43.0188 1072   FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
21:56:43.0215 1072   FltMgr - ok
21:56:43.0322 1072   FontCache (b3a5ec6b6b6673db7e87c2bcdbddc074) C:\Windows\system32\FntCache.dll
21:56:43.0539 1072   FontCache - ok
21:56:43.0618 1072   FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
21:56:43.0661 1072   FontCache3.0.0.0 - ok
21:56:43.0694 1072   FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
21:56:43.0720 1072   FsDepends - ok
21:56:43.0770 1072   Fs_Rec (7dae5ebcc80e45d3253f4923dc424d05) C:\Windows\system32\drivers\Fs_Rec.sys
21:56:43.0847 1072   Fs_Rec - ok
21:56:43.0910 1072   fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
21:56:43.0993 1072   fvevol - ok
21:56:44.0010 1072   gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
21:56:44.0034 1072   gagp30kx - ok
21:56:44.0078 1072   GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
21:56:44.0099 1072   GEARAspiWDM - ok
21:56:44.0362 1072   gpsvc (e897eaf5ed6ba41e081060c9b447a673) C:\Windows\System32\gpsvc.dll
21:56:44.0464 1072   gpsvc - ok
21:56:44.0619 1072   Greg_Service (816fd5a6f3c2f3d600900096632fc60e) C:\Program Files\Acer\Registration\GregHSRW.exe
21:56:44.0690 1072   Greg_Service - ok
21:56:44.0774 1072   gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
21:56:44.0850 1072   gupdate - ok
21:56:44.0898 1072   gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
21:56:44.0936 1072   gupdatem - ok
21:56:45.0074 1072   hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
21:56:45.0153 1072   hcw85cir - ok
21:56:45.0222 1072   HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys
21:56:45.0331 1072   HdAudAddService - ok
21:56:45.0432 1072   HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys
21:56:45.0553 1072   HDAudBus - ok
21:56:45.0573 1072   HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
21:56:45.0600 1072   HidBatt - ok
21:56:45.0627 1072   HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
21:56:45.0658 1072   HidBth - ok
21:56:45.0668 1072   HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
21:56:45.0699 1072   HidIr - ok
21:56:45.0728 1072   hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\Windows\System32\hidserv.dll
21:56:45.0776 1072   hidserv - ok
21:56:45.0789 1072   HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\DRIVERS\hidusb.sys
21:56:45.0863 1072   HidUsb - ok
21:56:45.0915 1072   hkmsvc (196b4e3f4cccc24af836ce58facbb699) C:\Windows\system32\kmsvc.dll
21:56:45.0994 1072   hkmsvc - ok
21:56:46.0020 1072   HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:\Windows\system32\ListSvc.dll
21:56:46.0142 1072   HomeGroupListener - ok
21:56:46.0237 1072   HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:\Windows\system32\provsvc.dll
21:56:46.0266 1072   HomeGroupProvider - ok
21:56:46.0314 1072   HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
21:56:46.0421 1072   HpSAMD - ok
21:56:46.0468 1072   HsfXAudioService (210388fd8225b02bd83d77628aae64a9) C:\Windows\system32\XAudio32.dll
21:56:46.0630 1072   HsfXAudioService - ok
21:56:46.0787 1072   HSF_DPV (227c3ba25012752bb7450235392c719f) C:\Windows\system32\DRIVERS\HSX_DPV.sys
21:56:46.0921 1072   HSF_DPV - ok
21:56:47.0036 1072   HSXHWAZL (4df5c76302dc2f8f3465966c8426a292) C:\Windows\system32\DRIVERS\HSXHWAZL.sys
21:56:47.0127 1072   HSXHWAZL - ok
21:56:47.0208 1072   HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
21:56:47.0285 1072   HTTP - ok
21:56:47.0333 1072   hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
21:56:47.0408 1072   hwpolicy - ok
21:56:47.0467 1072   i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys
21:56:47.0562 1072   i8042prt - ok
21:56:47.0605 1072   iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys
21:56:47.0681 1072   iaStorV - ok
21:56:47.0842 1072   idsvc (c521d7eb6497bb1af6afa89e322fb43c) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
21:56:47.0918 1072   idsvc - ok
21:56:48.0287 1072   IGBASVC (884243a20eccf90f747854e2f0954719) c:\Program Files\Acer Bio Protection\BASVC.exe
21:56:48.0381 1072   IGBASVC ( UnsignedFile.Multi.Generic ) - warning
21:56:48.0382 1072   IGBASVC - detected UnsignedFile.Multi.Generic (1)
21:56:48.0939 1072   igfx (ad626f6964f4d364d226c39e06872dd3) C:\Windows\system32\DRIVERS\igdkmd32.sys
21:56:49.0047 1072   igfx - ok
21:56:49.0247 1072   iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
21:56:49.0289 1072   iirsp - ok
21:56:49.0546 1072   IKEEXT (f95622f161474511b8d80d6b093aa610) C:\Windows\System32\ikeext.dll
21:56:49.0656 1072   IKEEXT - ok
21:56:49.0687 1072   int15 (58ff11c95c3681c9250914521cb9f036) C:\Windows\system32\drivers\int15.sys
21:56:49.0738 1072   int15 - ok
21:56:49.0943 1072   IntcAzAudAddService (b29e79c67f3779e70ba187e31b639ebc) C:\Windows\system32\drivers\RTKVHDA.sys
21:56:50.0070 1072   IntcAzAudAddService - ok
21:56:50.0220 1072   intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
21:56:50.0344 1072   intelide - ok
21:56:50.0364 1072   intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
21:56:50.0395 1072   intelppm - ok
21:56:50.0446 1072   IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\Windows\system32\ipbusenum.dll
21:56:50.0531 1072   IPBusEnum - ok
21:56:50.0554 1072   IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:56:50.0602 1072   IpFilterDriver - ok
21:56:50.0775 1072   iphlpsvc (4d65a07b795d6674312f879d09aa7663) C:\Windows\System32\iphlpsvc.dll
21:56:50.0854 1072   iphlpsvc - ok
21:56:50.0903 1072   IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
21:56:50.0985 1072   IPMIDRV - ok
21:56:51.0025 1072   IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
21:56:51.0070 1072   IPNAT - ok
21:56:51.0244 1072   iPod Service (ce004777b92dea56fe14ec900d20baa4) C:\Program Files\iPod\bin\iPodService.exe
21:56:51.0283 1072   iPod Service - ok
21:56:51.0291 1072   IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
21:56:51.0360 1072   IRENUM - ok
21:56:51.0397 1072   isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
21:56:51.0469 1072   isapnp - ok
21:56:51.0500 1072   iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
21:56:51.0573 1072   iScsiPrt - ok
21:56:51.0645 1072   IviRegMgr (213822072085b5bbad9af30ab577d817) C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
21:56:51.0680 1072   IviRegMgr - ok
21:56:51.0700 1072   kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
21:56:51.0774 1072   kbdclass - ok
21:56:51.0825 1072   kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\DRIVERS\kbdhid.sys
21:56:51.0900 1072   kbdhid - ok
21:56:51.0944 1072   KeyIso (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
21:56:51.0971 1072   KeyIso - ok
21:56:52.0038 1072   kl1 (ce3958f58547454884e97bda78cd7040) C:\Windows\system32\DRIVERS\kl1.sys
21:56:52.0093 1072   kl1 - ok
21:56:52.0129 1072   klbg (53eedab3f0511321ac3ae8bc968b158c) C:\Windows\system32\drivers\klbg.sys
21:56:52.0181 1072   klbg - ok
21:56:52.0234 1072   KLIF (de6c14fb8438ef932d9f58f269a19b85) C:\Windows\system32\DRIVERS\klif.sys
21:56:52.0286 1072   KLIF - ok
21:56:52.0332 1072   KLIM6 (892cc162dc88ab084c86485879526c59) C:\Windows\system32\DRIVERS\klim6.sys
21:56:52.0386 1072   KLIM6 - ok
21:56:52.0429 1072   klmouflt (aa63a815876a76987b5dbce6af7478e9) C:\Windows\system32\DRIVERS\klmouflt.sys
21:56:52.0480 1072   klmouflt - ok
21:56:52.0526 1072   KSecDD (f4647bb23db9038a7536cf6b68f4207f) C:\Windows\system32\Drivers\ksecdd.sys
21:56:52.0581 1072   KSecDD - ok
21:56:52.0606 1072   KSecPkg (e73cae53bbb72ba26918492c6b4c229d) C:\Windows\system32\Drivers\ksecpkg.sys
21:56:52.0667 1072   KSecPkg - ok
21:56:52.0712 1072   KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\Windows\system32\msdtckrm.dll
21:56:52.0765 1072   KtmRm - ok
21:56:52.0791 1072   L1E (8c804b1ffad1efa952b747e8285c3b76) C:\Windows\system32\DRIVERS\L1E62x86.sys
21:56:52.0818 1072   L1E - ok
21:56:52.0894 1072   LanmanServer (d64af876d53eca3668bb97b51b4e70ab) C:\Windows\System32\srvsvc.dll
21:56:52.0963 1072   LanmanServer - ok
21:56:53.0015 1072   LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:\Windows\System32\wkssvc.dll
21:56:53.0083 1072   LanmanWorkstation - ok
21:56:53.0106 1072   lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
21:56:53.0151 1072   lltdio - ok
21:56:53.0186 1072   lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\Windows\System32\lltdsvc.dll
21:56:53.0234 1072   lltdsvc - ok
21:56:53.0251 1072   lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:\Windows\System32\lmhsvc.dll
21:56:53.0296 1072   lmhosts - ok
21:56:53.0332 1072   LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
21:56:53.0357 1072   LSI_FC - ok
21:56:53.0372 1072   LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
21:56:53.0401 1072   LSI_SAS - ok
21:56:53.0420 1072   LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
21:56:53.0446 1072   LSI_SAS2 - ok
21:56:53.0463 1072   LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
21:56:53.0488 1072   LSI_SCSI - ok
21:56:53.0509 1072   luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
21:56:53.0554 1072   luafv - ok
21:56:53.0633 1072   Mcx2Svc (bfb9ee8ee977efe85d1a3105abef6dd1) C:\Windows\system32\Mcx2Svc.dll
21:56:53.0785 1072   Mcx2Svc - ok
21:56:53.0805 1072   mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys
21:56:53.0986 1072   mdmxsdk - ok
21:56:54.0024 1072   megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
21:56:54.0068 1072   megasas - ok
21:56:54.0104 1072   MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
21:56:54.0131 1072   MegaSR - ok
21:56:54.0238 1072   Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
21:56:54.0261 1072   Microsoft Office Groove Audit Service - ok
21:56:54.0294 1072   MMCSS (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
21:56:54.0340 1072   MMCSS - ok
21:56:54.0358 1072   Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
21:56:54.0401 1072   Modem - ok
21:56:54.0420 1072   monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
21:56:54.0450 1072   monitor - ok
21:56:54.0486 1072   mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\drivers\mouclass.sys
21:56:54.0558 1072   mouclass - ok
21:56:54.0679 1072   mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
21:56:54.0729 1072   mouhid - ok
21:56:54.0914 1072   mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
21:56:54.0991 1072   mountmgr - ok
21:56:55.0073 1072   MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
21:56:55.0219 1072   MozillaMaintenance - ok
21:56:55.0328 1072   mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
21:56:55.0441 1072   mpio - ok
21:56:55.0475 1072   mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
21:56:55.0519 1072   mpsdrv - ok
21:56:55.0606 1072   MpsSvc (9835584e999d25004e1ee8e5f3e3b881) C:\Windows\system32\mpssvc.dll
21:56:55.0708 1072   MpsSvc - ok
21:56:55.0758 1072   MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
21:56:55.0830 1072   MRxDAV - ok
21:56:55.0886 1072   mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys
21:56:56.0103 1072   mrxsmb - ok
21:56:56.0164 1072   mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:56:56.0262 1072   mrxsmb10 - ok
21:56:56.0287 1072   mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:56:56.0426 1072   mrxsmb20 - ok
21:56:56.0516 1072   msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys
21:56:56.0588 1072   msahci - ok
21:56:56.0645 1072   msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys
21:56:56.0742 1072   msdsm - ok
21:56:56.0776 1072   MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:\Windows\System32\msdtc.exe
21:56:56.0850 1072   MSDTC - ok
21:56:56.0876 1072   Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
21:56:56.0922 1072   Msfs - ok
21:56:56.0937 1072   mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
21:56:56.0981 1072   mshidkmdf - ok
21:56:56.0995 1072   msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
21:56:57.0065 1072   msisadrv - ok
21:56:57.0104 1072   MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:\Windows\system32\iscsiexe.dll
21:56:57.0167 1072   MSiSCSI - ok
21:56:57.0175 1072   msiserver - ok
21:56:57.0191 1072   MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
21:56:57.0241 1072   MSKSSRV - ok
21:56:57.0249 1072   MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
21:56:57.0297 1072   MSPCLOCK - ok
21:56:57.0305 1072   MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
21:56:57.0366 1072   MSPQM - ok
21:56:57.0391 1072   MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
21:56:57.0420 1072   MsRPC - ok
21:56:57.0471 1072   mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys
21:56:57.0591 1072   mssmbios - ok
21:56:57.0668 1072   MSSQL$MSSMLBIZ - ok
21:56:57.0744 1072   MSSQLServerADHelper (1d89eb4e2a99cabd4e81225f4f4c4b25) c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe
21:56:57.0953 1072   MSSQLServerADHelper - ok
21:56:58.0008 1072   MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
21:56:58.0052 1072   MSTEE - ok
21:56:58.0061 1072   MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
21:56:58.0092 1072   MTConfig - ok
21:56:58.0116 1072   Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
21:56:58.0142 1072   Mup - ok
21:56:58.0206 1072   napagent (61d57a5d7c6d9afe10e77dae6e1b445e) C:\Windows\system32\qagentRT.dll
21:56:58.0288 1072   napagent - ok
21:56:58.0325 1072   NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
21:56:58.0360 1072   NativeWifiP - ok
21:56:58.0420 1072   NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys
21:56:58.0496 1072   NDIS - ok
21:56:58.0515 1072   NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
21:56:58.0561 1072   NdisCap - ok
21:56:58.0581 1072   NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
21:56:58.0624 1072   NdisTapi - ok
21:56:58.0664 1072   Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys
21:56:58.0709 1072   Ndisuio - ok
21:56:58.0758 1072   NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys
21:56:58.0803 1072   NdisWan - ok
21:56:58.0853 1072   NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
21:56:58.0923 1072   NDProxy - ok
21:56:58.0976 1072   Net Driver HPZ12 (90eb97c8dbf11bb0016c51946ac5ecd6) C:\Windows\system32\HPZinw12.dll
21:56:59.0005 1072   Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
21:56:59.0005 1072   Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
21:56:59.0043 1072   NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
21:56:59.0088 1072   NetBIOS - ok
21:56:59.0141 1072   NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys
21:56:59.0218 1072   NetBT - ok
21:56:59.0256 1072   Netlogon (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
21:56:59.0285 1072   Netlogon - ok
21:56:59.0339 1072   Netman (7cccfca7510684768da22092d1fa4db2) C:\Windows\System32\netman.dll
21:56:59.0391 1072   Netman - ok
21:56:59.0521 1072   NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
21:56:59.0568 1072   NetMsmqActivator - ok
21:56:59.0575 1072   NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
21:56:59.0599 1072   NetPipeActivator - ok
21:56:59.0629 1072   netprofm (8c338238c16777a802d6a9211eb2ba50) C:\Windows\System32\netprofm.dll
21:56:59.0680 1072   netprofm - ok
21:56:59.0687 1072   NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
21:56:59.0714 1072   NetTcpActivator - ok
21:56:59.0721 1072   NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
21:56:59.0748 1072   NetTcpPortSharing - ok
21:56:59.0780 1072   nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
21:56:59.0806 1072   nfrd960 - ok
21:56:59.0874 1072   NlaSvc (912084381d30d8b89ec4e293053f4710) C:\Windows\System32\nlasvc.dll
21:56:59.0968 1072   NlaSvc - ok
21:56:59.0988 1072   Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
21:57:00.0033 1072   Npfs - ok
21:57:00.0069 1072   nsi (ba387e955e890c8a88306d9b8d06bf17) C:\Windows\system32\nsisvc.dll
21:57:00.0125 1072   nsi - ok
21:57:00.0154 1072   nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
21:57:00.0199 1072   nsiproxy - ok
21:57:00.0360 1072   Ntfs (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys
21:57:00.0528 1072   Ntfs - ok
21:57:00.0687 1072   NTIBackupSvc (fd324cce1d4d5bb5af65f8e55b462c7e) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
21:57:00.0758 1072   NTIBackupSvc - ok
21:57:00.0888 1072   NTIDrvr (6dcaa65f49ef3b97a5cffc0cb5de1c2f) C:\Windows\system32\drivers\NTIDrvr.sys
21:57:00.0956 1072   NTIDrvr - ok
21:57:00.0995 1072   NTISchedulerSvc (3f6268a2ec33cd38cf75c880af8ded42) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
21:57:01.0057 1072   NTISchedulerSvc - ok
21:57:01.0097 1072   Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
21:57:01.0152 1072   Null - ok
21:57:01.0211 1072   nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys
21:57:01.0354 1072   nvraid - ok
21:57:01.0390 1072   nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys
21:57:01.0526 1072   nvstor - ok
21:57:01.0609 1072   nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys
21:57:01.0728 1072   nv_agp - ok
21:57:01.0788 1072   O2FLASH (d955d5de998db2476bf0892be3a96c26) C:\Windows\system32\DRIVERS\o2flash.exe
21:57:01.0957 1072   O2FLASH - ok
21:57:02.0000 1072   O2MDRDR (922046f114ac0c1b2484bcdd5ca43c07) C:\Windows\system32\DRIVERS\o2media.sys
21:57:02.0070 1072   O2MDRDR - ok
21:57:02.0087 1072   O2SDRDR (51c368f577513feb59ed70b45e930076) C:\Windows\system32\DRIVERS\o2sd.sys
21:57:02.0163 1072   O2SDRDR - ok
21:57:02.0301 1072   odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
21:57:02.0332 1072   odserv - ok
21:57:02.0378 1072   ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
21:57:02.0454 1072   ohci1394 - ok
21:57:02.0504 1072   ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:57:02.0530 1072   ose - ok
21:57:03.0004 1072   osppsvc (358a9cca612c68eb2f07ddad4ce1d8d7) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
21:57:03.0143 1072   osppsvc - ok
21:57:03.0331 1072   p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
21:57:03.0477 1072   p2pimsvc - ok
21:57:03.0511 1072   p2psvc (59c3ddd501e39e006dac31bf55150d91) C:\Windows\system32\p2psvc.dll
21:57:03.0553 1072   p2psvc - ok
21:57:03.0606 1072   Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
21:57:03.0653 1072   Parport - ok
21:57:03.0697 1072   partmgr (3f34a1b4c5f6475f320c275e63afce9b) C:\Windows\system32\drivers\partmgr.sys
21:57:03.0735 1072   partmgr - ok
21:57:03.0756 1072   Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
21:57:03.0785 1072   Parvdm - ok
21:57:03.0816 1072   PcaSvc (358ab7956d3160000726574083dfc8a6) C:\Windows\System32\pcasvc.dll
21:57:03.0854 1072   PcaSvc - ok
21:57:03.0911 1072   pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
21:57:03.0997 1072   pci - ok
21:57:04.0025 1072   pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
21:57:04.0096 1072   pciide - ok
21:57:04.0138 1072   pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
21:57:04.0191 1072   pcmcia - ok
21:57:04.0218 1072   pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
21:57:04.0255 1072   pcw - ok
21:57:04.0311 1072   PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
21:57:04.0373 1072   PEAUTH - ok
21:57:04.0465 1072   PeerDistSvc (af4d64d2a57b9772cf3801950b8058a6) C:\Windows\system32\peerdistsvc.dll
21:57:04.0591 1072   PeerDistSvc - ok
21:57:04.0794 1072   pgfilter - ok
21:57:05.0150 1072   pla (414bba67a3ded1d28437eb66aeb8a720) C:\Windows\system32\pla.dll
21:57:05.0247 1072   pla - ok
21:57:05.0420 1072   PlugPlay (ec7bc28d207da09e79b3e9faf8b232ca) C:\Windows\system32\umpnpmgr.dll
21:57:05.0684 1072   PlugPlay - ok
21:57:05.0745 1072   Pml Driver HPZ12 (75cf9de0a67af916ed591743dfb69694) C:\Windows\system32\HPZipm12.dll
21:57:05.0852 1072   Pml Driver HPZ12 - ok
21:57:05.0880 1072   PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) C:\Windows\system32\pnrpauto.dll
21:57:05.0915 1072   PNRPAutoReg - ok
21:57:05.0952 1072   PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
21:57:05.0985 1072   PNRPsvc - ok
21:57:06.0062 1072   PolicyAgent (53946b69ba0836bd95b03759530c81ec) C:\Windows\System32\ipsecsvc.dll
21:57:06.0151 1072   PolicyAgent - ok
21:57:06.0211 1072   Power (f87d30e72e03d579a5199ccb3831d6ea) C:\Windows\system32\umpo.dll
21:57:06.0297 1072   Power - ok
21:57:06.0363 1072   PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
21:57:06.0429 1072   PptpMiniport - ok
21:57:06.0448 1072   Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
21:57:06.0476 1072   Processor - ok
21:57:06.0504 1072   ProfSvc (43ca4ccc22d52fb58e8988f0198851d0) C:\Windows\system32\profsvc.dll
21:57:06.0576 1072   ProfSvc - ok
21:57:06.0623 1072   ProtectedStorage (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
21:57:06.0669 1072   ProtectedStorage - ok
21:57:06.0695 1072   Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
21:57:06.0742 1072   Psched - ok
21:57:06.0818 1072   PSI_SVC_2 (a6a7ad767bf5141665f5c675f671b3e1) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
21:57:06.0869 1072   PSI_SVC_2 - ok
21:57:06.0984 1072   ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
21:57:07.0059 1072   ql2300 - ok
21:57:07.0219 1072   ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
21:57:07.0266 1072   ql40xx - ok
21:57:07.0320 1072   QWAVE (31ac809e7707eb580b2bdb760390765a) C:\Windows\system32\qwave.dll
21:57:07.0367 1072   QWAVE - ok
21:57:07.0392 1072   QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
21:57:07.0427 1072   QWAVEdrv - ok
21:57:07.0442 1072   RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
21:57:07.0487 1072   RasAcd - ok
21:57:07.0519 1072   RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
21:57:07.0579 1072   RasAgileVpn - ok
21:57:07.0601 1072   RasAuto (a60f1839849c0c00739787fd5ec03f13) C:\Windows\System32\rasauto.dll
21:57:07.0698 1072   RasAuto - ok
21:57:07.0733 1072   Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
21:57:07.0793 1072   Rasl2tp - ok
21:57:07.0868 1072   RasMan (cb9e04dc05eacf5b9a36ca276d475006) C:\Windows\System32\rasmans.dll
21:57:07.0940 1072   RasMan - ok
21:57:07.0971 1072   RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
21:57:08.0033 1072   RasPppoe - ok
21:57:08.0054 1072   RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
21:57:08.0112 1072   RasSstp - ok
21:57:08.0144 1072   rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
21:57:08.0213 1072   rdbss - ok
21:57:08.0233 1072   rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
21:57:08.0277 1072   rdpbus - ok
21:57:08.0322 1072   RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
21:57:08.0396 1072   RDPCDD - ok
21:57:08.0456 1072   RDPDR (b973fcfc50dc1434e1970a146f7e3885) C:\Windows\system32\drivers\rdpdr.sys
21:57:08.0610 1072   RDPDR - ok
21:57:08.0677 1072   RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
21:57:08.0747 1072   RDPENCDD - ok
21:57:08.0784 1072   RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
21:57:08.0826 1072   RDPREFMP - ok
21:57:08.0891 1072   RDPWD (244c83332f44589ae98fc347f11b2693) C:\Windows\system32\drivers\RDPWD.sys
21:57:08.0946 1072   RDPWD - ok
21:57:09.0008 1072   rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
21:57:09.0061 1072   rdyboost - ok
21:57:09.0092 1072   regi (001b4278407f4303efc902a2b16f2453) C:\Windows\system32\drivers\regi.sys
21:57:09.0161 1072   regi - ok
21:57:09.0210 1072   RemoteAccess (7b5e1419717fac363a31cc302895217a) C:\Windows\System32\mprdim.dll
21:57:09.0301 1072   RemoteAccess - ok
21:57:09.0342 1072   RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) C:\Windows\system32\regsvc.dll
21:57:09.0400 1072   RemoteRegistry - ok
21:57:09.0440 1072   RFCOMM (cb928d9e6daf51879dd6ba8d02f01321) C:\Windows\system32\DRIVERS\rfcomm.sys
21:57:09.0558 1072   RFCOMM - ok
21:57:09.0587 1072   RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) C:\Windows\System32\RpcEpMap.dll
21:57:09.0641 1072   RpcEptMapper - ok
21:57:09.0658 1072   RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) C:\Windows\system32\locator.exe
21:57:09.0750 1072   RpcLocator - ok
21:57:09.0967 1072   RpcSs (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
21:57:10.0017 1072   RpcSs - ok
21:57:10.0064 1072   rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
21:57:10.0126 1072   rspndr - ok
21:57:10.0224 1072   RS_Service (b5a4b7d779cf4070df408de18bd33b02) C:\Program Files\Acer\Acer VCM\RS_Service.exe
21:57:10.0264 1072   RS_Service ( UnsignedFile.Multi.Generic ) - warning
21:57:10.0264 1072   RS_Service - detected UnsignedFile.Multi.Generic (1)
21:57:10.0306 1072   s3cap (7fa7f2e249a5dcbb7970630e15e1f482) C:\Windows\system32\drivers\vms3cap.sys
21:57:10.0459 1072   s3cap - ok
21:57:10.0519 1072   SABKUTIL - ok
21:57:10.0556 1072   SABProcEnum - ok
21:57:10.0600 1072   SamSs (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
21:57:10.0629 1072   SamSs - ok
21:57:10.0745 1072   SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
21:57:10.0793 1072   SASDIFSV - ok
21:57:10.0817 1072   SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
21:57:10.0847 1072   SASKUTIL - ok
21:57:10.0903 1072   sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
21:57:11.0010 1072   sbp2port - ok
21:57:11.0048 1072   SCardSvr (8fc518ffe9519c2631d37515a68009c4) C:\Windows\System32\SCardSvr.dll
21:57:11.0101 1072   SCardSvr - ok
21:57:11.0143 1072   scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
21:57:11.0188 1072   scfilter - ok
21:57:11.0294 1072   Schedule (a04bb13f8a72f8b6e8b4071723e4e336) C:\Windows\system32\schedsvc.dll
21:57:11.0386 1072   Schedule - ok
21:57:11.0436 1072   SCPolicySvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
21:57:11.0507 1072   SCPolicySvc - ok
21:57:11.0554 1072   sdbus (0328be1c7f1cba23848179f8762e391c) C:\Windows\system32\drivers\sdbus.sys
21:57:11.0644 1072   sdbus - ok
21:57:11.0669 1072   SDRSVC (08236c4bce5edd0a0318a438af28e0f7) C:\Windows\System32\SDRSVC.dll
21:57:11.0762 1072   SDRSVC - ok
21:57:11.0924 1072   secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
21:57:11.0997 1072   secdrv - ok
21:57:12.0034 1072   seclogon (a59b3a4442c52060cc7a85293aa3546f) C:\Windows\system32\seclogon.dll
21:57:12.0095 1072   seclogon - ok
21:57:12.0126 1072   SENS (dcb7fcdcc97f87360f75d77425b81737) C:\Windows\system32\sens.dll
21:57:12.0176 1072   SENS - ok
21:57:12.0200 1072   SensrSvc (50087fe1ee447009c9cc2997b90de53f) C:\Windows\system32\sensrsvc.dll
21:57:12.0274 1072   SensrSvc - ok
21:57:12.0294 1072   Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
21:57:12.0321 1072   Serenum - ok
21:57:12.0345 1072   Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
21:57:12.0375 1072   Serial - ok
21:57:12.0430 1072   sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
21:57:12.0527 1072   sermouse - ok
21:57:12.0594 1072   SessionEnv (4ae380f39a0032eab7dd953030b26d28) C:\Windows\system32\sessenv.dll
21:57:12.0682 1072   SessionEnv - ok
21:57:12.0726 1072   sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
21:57:12.0828 1072   sffdisk - ok
21:57:12.0846 1072   sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
21:57:12.0920 1072   sffp_mmc - ok
21:57:12.0930 1072   sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys
21:57:13.0019 1072   sffp_sd - ok
21:57:13.0047 1072   sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
21:57:13.0074 1072   sfloppy - ok
21:57:13.0167 1072   SharedAccess (d1a079a0de2ea524513b6930c24527a2) C:\Windows\System32\ipnathlp.dll
21:57:13.0224 1072   SharedAccess - ok
21:57:13.0285 1072   ShellHWDetection (414da952a35bf5d50192e28263b40577) C:\Windows\System32\shsvcs.dll
21:57:13.0403 1072   ShellHWDetection - ok
21:57:13.0447 1072   sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
21:57:13.0573 1072   sisagp - ok
21:57:13.0603 1072   SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
21:57:13.0632 1072   SiSRaid2 - ok
21:57:13.0662 1072   SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
21:57:13.0689 1072   SiSRaid4 - ok
21:57:13.0710 1072   Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
21:57:13.0760 1072   Smb - ok
21:57:13.0828 1072   SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) C:\Windows\System32\snmptrap.exe
21:57:13.0860 1072   SNMPTRAP - ok
21:57:13.0887 1072   spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
21:57:13.0914 1072   spldr - ok
21:57:13.0984 1072   Spooler (866a43013535dc8587c258e43579c764) C:\Windows\System32\spoolsv.exe
21:57:14.0078 1072   Spooler - ok
21:57:14.0361 1072   sppsvc (cf87a1de791347e75b98885214ced2b8) C:\Windows\system32\sppsvc.exe
21:57:14.0493 1072   sppsvc - ok
21:57:14.0710 1072   sppuinotify (b0180b20b065d89232a78a40fe56eaa6) C:\Windows\system32\sppuinotify.dll
21:57:14.0786 1072   sppuinotify - ok
21:57:14.0903 1072   SQLBrowser (86ebd8b1f23e743aad21f4d5b4d40985) c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
21:57:15.0037 1072   SQLBrowser - ok
21:57:15.0055 1072   SQLWriter (d89083c4eb02daca8f944b0e05e57f9d) c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
21:57:15.0092 1072   SQLWriter - ok
21:57:15.0347 1072   srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys
21:57:15.0532 1072   srv - ok
21:57:15.0599 1072   srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys
21:57:15.0759 1072   srv2 - ok
21:57:15.0815 1072   SrvHsfHDA (e00fdfaff025e94f9821153750c35a6d) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
21:57:15.0881 1072   SrvHsfHDA - ok
21:57:15.0970 1072   SrvHsfV92 (ceb4e3b6890e1e42dca6694d9e59e1a0) C:\Windows\system32\DRIVERS\VSTDPV3.SYS
21:57:16.0052 1072   SrvHsfV92 - ok
21:57:16.0128 1072   SrvHsfWinac (bc0c7ea89194c299f051c24119000e17) C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
21:57:16.0204 1072   SrvHsfWinac - ok
21:57:16.0254 1072   srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys
21:57:16.0394 1072   srvnet - ok
21:57:16.0512 1072   SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) C:\Windows\System32\ssdpsrv.dll
21:57:16.0588 1072   SSDPSRV - ok
21:57:16.0622 1072   SstpSvc (d318f23be45d5e3a107469eb64815b50) C:\Windows\system32\sstpsvc.dll
21:57:16.0672 1072   SstpSvc - ok
21:57:16.0708 1072   stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
21:57:16.0733 1072   stexstor - ok
21:57:16.0804 1072   StiSvc (e1fb3706030fb4578a0d72c2fc3689e4) C:\Windows\System32\wiaservc.dll
21:57:16.0916 1072   StiSvc - ok
21:57:16.0967 1072   storflt (472af0311073dceceaa8fa18ba2bdf89) C:\Windows\system32\drivers\vmstorfl.sys
21:57:17.0076 1072   storflt - ok
21:57:17.0203 1072   StorSvc (0bf669f0a910beda4a32258d363af2a5) C:\Windows\system32\storsvc.dll
21:57:17.0340 1072   StorSvc - ok
21:57:17.0360 1072   storvsc (dcaffd62259e0bdb433

Peter Jordan · « **Reply #14 on:** May 31, 2012, 09:04:19 PM »

22:13:15.0323 4984   storvsc - ok
22:13:15.0383 4984   swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys
22:13:15.0495 4984   swenum - ok
22:13:15.0566 4984   swprv (a28bd92df340e57b024ba433165d34d7) C:\Windows\System32\swprv.dll
22:13:15.0650 4984   swprv - ok
22:13:15.0706 4984   SynTP (47183e3520c88fadd5b0c87d57040da5) C:\Windows\system32\DRIVERS\SynTP.sys
22:13:15.0808 4984   SynTP - ok
22:13:16.0004 4984   SysMain (36650d618ca34c9d357dfd3d89b2c56f) C:\Windows\system32\sysmain.dll
22:13:16.0141 4984   SysMain - ok
22:13:16.0188 4984   TabletInputService (763fecdc3d30c815fe72dd57936c6cd1) C:\Windows\System32\TabSvc.dll
22:13:16.0304 4984   TabletInputService - ok
22:13:16.0395 4984   TapiSrv (613bf4820361543956909043a265c6ac) C:\Windows\System32\tapisrv.dll
22:13:16.0556 4984   TapiSrv - ok
22:13:16.0599 4984   TBS (b799d9fdb26111737f58288d8dc172d9) C:\Windows\System32\tbssvc.dll
22:13:16.0664 4984   TBS - ok
22:13:16.0842 4984   Tcpip (7fa2e0f8b072bd04b77b421480b6cc22) C:\Windows\system32\drivers\tcpip.sys
22:13:16.0925 4984   Tcpip - ok
22:13:17.0180 4984   TCPIP6 (7fa2e0f8b072bd04b77b421480b6cc22) C:\Windows\system32\DRIVERS\tcpip.sys
22:13:17.0230 4984   TCPIP6 - ok
22:13:17.0431 4984   tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys
22:13:17.0529 4984   tcpipreg - ok
22:13:17.0593 4984   TcUsb (51d4e3f5d221539c0a4a186a27c09ad7) C:\Windows\system32\Drivers\tcusb.sys
22:13:17.0694 4984   TcUsb - ok
22:13:17.0734 4984   TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys
22:13:17.0844 4984   TDPIPE - ok
22:13:17.0907 4984   TDTCP (2c2c5afe7ee4f620d69c23c0617651a8) C:\Windows\system32\drivers\tdtcp.sys
22:13:18.0004 4984   TDTCP - ok
22:13:18.0053 4984   tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys
22:13:18.0149 4984   tdx - ok
22:13:18.0221 4984   TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys
22:13:18.0369 4984   TermDD - ok
22:13:18.0473 4984   TermService (382c804c92811be57829d8e550a900e2) C:\Windows\System32\termsrv.dll
22:13:18.0601 4984   TermService - ok
22:13:18.0661 4984   Themes (42fb6afd6b79d9fe07381609172e7ca4) C:\Windows\system32\themeservice.dll
22:13:18.0707 4984   Themes - ok
22:13:18.0791 4984   THREADORDER (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
22:13:18.0850 4984   THREADORDER - ok
22:13:18.0909 4984   TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) C:\Windows\System32\trkwks.dll
22:13:18.0962 4984   TrkWks - ok
22:13:19.0057 4984   TrustedInstaller (2c49b175aee1d4364b91b531417fe583) C:\Windows\servicing\TrustedInstaller.exe
22:13:19.0184 4984   TrustedInstaller - ok
22:13:19.0223 4984   tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys
22:13:19.0355 4984   tssecsrv - ok
22:13:19.0445 4984   TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys
22:13:19.0607 4984   TsUsbFlt - ok
22:13:19.0685 4984   tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys
22:13:19.0840 4984   tunnel - ok
22:13:19.0902 4984   uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
22:13:20.0014 4984   uagp35 - ok
22:13:20.0046 4984   UBHelper (d79c0b9bb011218b93705cbf77fa3e5e) C:\Windows\system32\drivers\UBHelper.sys
22:13:20.0117 4984   UBHelper - ok
22:13:20.0184 4984   udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys
22:13:20.0314 4984   udfs - ok
22:13:20.0370 4984   UI0Detect (8344fd4fce927880aa1aa7681d4927e5) C:\Windows\system32\UI0Detect.exe
22:13:20.0503 4984   UI0Detect - ok
22:13:20.0548 4984   uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
22:13:20.0753 4984   uliagpkx - ok
22:13:20.0818 4984   umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\DRIVERS\umbus.sys
22:13:21.0006 4984   umbus - ok
22:13:21.0035 4984   UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
22:13:21.0192 4984   UmPass - ok
22:13:21.0258 4984   UmRdpService (409994a8eaceee4e328749c0353527a0) C:\Windows\System32\umrdp.dll
22:13:21.0385 4984   UmRdpService - ok
22:13:21.0503 4984   Updater Service (70dde3a86dbeb1d6c3c30ad687b1877a) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
22:13:21.0570 4984   Updater Service - ok
22:13:21.0623 4984   upnphost (833fbb672460efce8011d262175fad33) C:\Windows\System32\upnphost.dll
22:13:21.0684 4984   upnphost - ok
22:13:21.0741 4984   USBAAPL (eafe1e00739afe6c51487a050e772e17) C:\Windows\system32\Drivers\usbaapl.sys
22:13:21.0916 4984   USBAAPL - ok
22:13:21.0993 4984   usbaudio (1d9f2bd026e8e2d45033a4df3f16b78c) C:\Windows\system32\drivers\usbaudio.sys
22:13:22.0123 4984   usbaudio - ok
22:13:22.0154 4984   usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\DRIVERS\usbccgp.sys
22:13:22.0409 4984   usbccgp - ok
22:13:22.0432 4984   usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
22:13:22.0576 4984   usbcir - ok
22:13:22.0606 4984   usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\DRIVERS\usbehci.sys
22:13:22.0741 4984   usbehci - ok
22:13:22.0779 4984   usbfilter (0150b06d3e73f6c27afcb963fd931820) C:\Windows\system32\DRIVERS\usbfilter.sys
22:13:22.0877 4984   usbfilter - ok
22:13:22.0922 4984   usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys
22:13:23.0049 4984   usbhub - ok
22:13:23.0111 4984   usbohci (e185d44fac515a18d9deddc23c2cdf44) C:\Windows\system32\DRIVERS\usbohci.sys
22:13:23.0167 4984   usbohci - ok
22:13:23.0210 4984   usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
22:13:23.0306 4984   usbprint - ok
22:13:23.0325 4984   USBSTOR (f991ab9cc6b908db552166768176896a) C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:13:23.0509 4984   USBSTOR - ok
22:13:23.0568 4984   usbuhci (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\drivers\usbuhci.sys
22:13:23.0719 4984   usbuhci - ok
22:13:23.0904 4984   usbvideo (45f4e7bf43db40a6c6b4d92c76cbc3f2) C:\Windows\System32\Drivers\usbvideo.sys
22:13:24.0065 4984   usbvideo - ok
22:13:24.0126 4984   UxSms (081e6e1c91aec36758902a9f727cd23c) C:\Windows\System32\uxsms.dll
22:13:24.0175 4984   UxSms - ok
22:13:24.0221 4984   VaultSvc (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
22:13:24.0252 4984   VaultSvc - ok
22:13:24.0318 4984   vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
22:13:24.0436 4984   vdrvroot - ok
22:13:24.0547 4984   vds (c3cd30495687c2a2f66a65ca6fd89be9) C:\Windows\System32\vds.exe
22:13:24.0724 4984   vds - ok
22:13:24.0760 4984   vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
22:13:24.0912 4984   vga - ok
22:13:24.0938 4984   VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
22:13:25.0108 4984   VgaSave - ok
22:13:25.0161 4984   vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys
22:13:25.0388 4984   vhdmp - ok
22:13:25.0445 4984   viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
22:13:25.0637 4984   viaagp - ok
22:13:25.0678 4984   ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
22:13:25.0853 4984   ViaC7 - ok
22:13:25.0883 4984   viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
22:13:26.0002 4984   viaide - ok
22:13:26.0094 4984   vmbus (c2f2911156fdc7817c52829c86da494e) C:\Windows\system32\drivers\vmbus.sys
22:13:26.0234 4984   vmbus - ok
22:13:26.0251 4984   VMBusHID (d4d77455211e204f370d08f4963063ce) C:\Windows\system32\drivers\VMBusHID.sys
22:13:26.0398 4984   VMBusHID - ok
22:13:26.0460 4984   volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys
22:13:26.0575 4984   volmgr - ok
22:13:26.0625 4984   volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
22:13:26.0724 4984   volmgrx - ok
22:13:26.0809 4984   volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys
22:13:26.0955 4984   volsnap - ok
22:13:26.0999 4984   vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
22:13:27.0100 4984   vsmraid - ok
22:13:27.0259 4984   VSS (209a3b1901b83aeb8527ed211cce9e4c) C:\Windows\system32\vssvc.exe
22:13:27.0416 4984   VSS - ok
22:13:27.0499 4984   vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\system32\DRIVERS\vwifibus.sys
22:13:27.0610 4984   vwifibus - ok
22:13:27.0633 4984   vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\Windows\system32\DRIVERS\vwififlt.sys
22:13:27.0734 4984   vwififlt - ok
22:13:27.0789 4984   vwifimp (a3f04cbea6c2a10e6cb01f8b47611882) C:\Windows\system32\DRIVERS\vwifimp.sys
22:13:27.0883 4984   vwifimp - ok
22:13:27.0951 4984   W32Time (55187fd710e27d5095d10a472c8baf1c) C:\Windows\system32\w32time.dll
22:13:28.0044 4984   W32Time - ok
22:13:28.0095 4984   WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
22:13:28.0186 4984   WacomPen - ok
22:13:28.0255 4984   WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
22:13:28.0349 4984   WANARP - ok
22:13:28.0358 4984   Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
22:13:28.0407 4984   Wanarpv6 - ok
22:13:28.0589 4984   WatAdminSvc (353a04c273ec58475d8633e75ccd5604) C:\Windows\system32\Wat\WatAdminSvc.exe
22:13:28.0665 4984   WatAdminSvc - ok
22:13:28.0977 4984   wbengine (691e3285e53dca558e1a84667f13e15a) C:\Windows\system32\wbengine.exe
22:13:29.0162 4984   wbengine - ok
22:13:29.0222 4984   WbioSrvc (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\Windows\System32\wbiosrvc.dll
22:13:29.0302 4984   WbioSrvc - ok
22:13:29.0378 4984   wcncsvc (34eee0dfaadb4f691d6d5308a51315dc) C:\Windows\System32\wcncsvc.dll
22:13:29.0556 4984   wcncsvc - ok
22:13:29.0589 4984   WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\Windows\System32\WcsPlugInService.dll
22:13:29.0739 4984   WcsPlugInService - ok
22:13:29.0801 4984   Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
22:13:29.0955 4984   Wd - ok
22:13:30.0019 4984   Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
22:13:30.0099 4984   Wdf01000 - ok
22:13:30.0133 4984   WdiServiceHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
22:13:30.0251 4984   WdiServiceHost - ok
22:13:30.0263 4984   WdiSystemHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
22:13:30.0298 4984   WdiSystemHost - ok
22:13:30.0357 4984   WebClient (a9d880f97530d5b8fee278923349929d) C:\Windows\System32\webclnt.dll
22:13:30.0461 4984   WebClient - ok
22:13:30.0489 4984   Wecsvc (760f0afe937a77cff27153206534f275) C:\Windows\system32\wecsvc.dll
22:13:30.0545 4984   Wecsvc - ok
22:13:30.0570 4984   wercplsupport (ac804569bb2364fb6017370258a4091b) C:\Windows\System32\wercplsupport.dll
22:13:30.0620 4984   wercplsupport - ok
22:13:30.0662 4984   WerSvc (08e420d873e4fd85241ee2421b02c4a4) C:\Windows\System32\WerSvc.dll
22:13:30.0715 4984   WerSvc - ok
22:13:30.0754 4984   WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
22:13:30.0842 4984   WfpLwf - ok
22:13:30.0862 4984   WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
22:13:30.0936 4984   WIMMount - ok
22:13:31.0002 4984   winachsf (8b976d4ca270110111df4f313da0e6e8) C:\Windows\system32\DRIVERS\HSX_CNXT.sys
22:13:31.0161 4984   winachsf - ok
22:13:31.0305 4984   WinDefend (3fae8f94296001c32eab62cd7d82e0fd) C:\Program Files\Windows Defender\mpsvc.dll
22:13:31.0394 4984   WinDefend - ok
22:13:31.0423 4984   WinHttpAutoProxySvc - ok
22:13:31.0650 4984   Winmgmt (f62e510b6ad4c21eb9fe8668ed251826) C:\Windows\system32\wbem\WMIsvc.dll
22:13:31.0711 4984   Winmgmt - ok
22:13:31.0852 4984   WinRM (1b91cd34ea3a90ab6a4ef0550174f4cc) C:\Windows\system32\WsmSvc.dll
22:13:31.0962 4984   WinRM - ok
22:13:32.0083 4984   WinUsb (a67e5f9a400f3bd1be3d80613b45f708) C:\Windows\system32\DRIVERS\WinUsb.sys
22:13:32.0171 4984   WinUsb - ok
22:13:32.0291 4984   Wlansvc (16935c98ff639d185086a3529b1f2067) C:\Windows\System32\wlansvc.dll
22:13:32.0351 4984   Wlansvc - ok
22:13:32.0667 4984   wlidsvc (0a70f4022ec2e14c159efc4f69aa2477) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
22:13:32.0753 4984   wlidsvc - ok
22:13:32.0927 4984   WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys
22:13:33.0028 4984   WmiAcpi - ok
22:13:33.0109 4984   wmiApSrv (6eb6b66517b048d87dc1856ddf1f4c3f) C:\Windows\system32\wbem\WmiApSrv.exe
22:13:33.0229 4984   wmiApSrv - ok
22:13:33.0413 4984   WMPNetworkSvc (3b40d3a61aa8c21b88ae57c58ab3122e) C:\Program Files\Windows Media Player\wmpnetwk.exe
22:13:33.0629 4984   WMPNetworkSvc - ok
22:13:33.0742 4984   WPCSvc (a2f0ec770a92f2b3f9de6d518e11409c) C:\Windows\System32\wpcsvc.dll
22:13:33.0868 4984   WPCSvc - ok
22:13:33.0935 4984   WPDBusEnum (aa53356d60af47eacc85bc617a4f3f66) C:\Windows\system32\wpdbusenum.dll
22:13:34.0045 4984   WPDBusEnum - ok
22:13:34.0254 4984   ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
22:13:34.0360 4984   ws2ifsl - ok
22:13:34.0390 4984   wscsvc (6f5d49efe0e7164e03ae773a3fe25340) C:\Windows\system32\wscsvc.dll
22:13:34.0429 4984   wscsvc - ok
22:13:34.0495 4984   WSDPrintDevice (553f6ccd7c58eb98d4a8fbdaf283d7a9) C:\Windows\system32\DRIVERS\WSDPrint.sys
22:13:34.0656 4984   WSDPrintDevice - ok
22:13:34.0668 4984   WSearch - ok
22:13:34.0911 4984   wuauserv (3026418a50c5b4761befa632cedb7406) C:\Windows\system32\wuaueng.dll
22:13:35.0030 4984   wuauserv - ok
22:13:35.0195 4984   WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys
22:13:35.0335 4984   WudfPf - ok
22:13:35.0374 4984   WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys
22:13:35.0460 4984   WUDFRd - ok
22:13:35.0520 4984   wudfsvc (8d1e1e529a2c9e9b6a85b55a345f7629) C:\Windows\System32\WUDFSvc.dll
22:13:35.0645 4984   wudfsvc - ok
22:13:35.0698 4984   WwanSvc (ff2d745b560f7c71b31f30f4d49f73d2) C:\Windows\System32\wwansvc.dll
22:13:35.0761 4984   WwanSvc - ok
22:13:35.0796 4984   XAudio (894f963be999ba9db5aac3aed55b115d) C:\Windows\system32\DRIVERS\XAudio32.sys
22:13:35.0869 4984   XAudio - ok
22:13:36.0022 4984   YahooAUService (dd0042f0c3b606a6a8b92d49afb18ad6) C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
22:13:36.0099 4984   YahooAUService - ok
22:13:36.0158 4984   MBR (0x1B8) (6fc6f9186c07bca94e140f63bfe6e9b4) \Device\Harddisk0\DR0
22:13:39.0553 4984   \Device\Harddisk0\DR0 - ok
22:13:39.0587 4984   Boot (0x1200) (f6db4357816cb62e20c12650128fa49f) \Device\Harddisk0\DR0\Partition0
22:13:39.0590 4984   \Device\Harddisk0\DR0\Partition0 - ok
22:13:39.0612 4984   Boot (0x1200) (8724746da5f04487e5f43566f61d6ad3) \Device\Harddisk0\DR0\Partition1
22:13:39.0615 4984   \Device\Harddisk0\DR0\Partition1 - ok
22:13:39.0616 4984   ============================================================
22:13:39.0616 4984   Scan finished
22:13:39.0616 4984   ============================================================
22:13:39.0640 5312   Detected object count: 0
22:13:39.0640 5312   Actual detected object count: 0
22:13:45.0411 5400   Deinitialize success

Computer Hope Forum

News:

Author Topic: Kaspersky Malicious URL Blocked -- Windows Explorer Shuts Down (Read 188228 times)

Peter Jordan

Kaspersky Malicious URL Blocked -- Windows Explorer Shuts Down

evilfantasy

Re: Kaspersky Malicious URL Blocked -- Windows Explorer Shuts Down

Peter Jordan

Re: Kaspersky Malicious URL Blocked -- Windows Explorer Shuts Down

evilfantasy

Re: Kaspersky Malicious URL Blocked -- Windows Explorer Shuts Down

Peter Jordan

Re: Kaspersky Malicious URL Blocked -- Windows Explorer Shuts Down

evilfantasy

Re: Kaspersky Malicious URL Blocked -- Windows Explorer Shuts Down

Peter Jordan

Re: Kaspersky Malicious URL Blocked -- Windows Explorer Shuts Down

Peter Jordan

Re: Kaspersky Malicious URL Blocked -- Windows Explorer Shuts Down

Peter Jordan

Re: Kaspersky Malicious URL Blocked -- Windows Explorer Shuts Down

evilfantasy

Re: Kaspersky Malicious URL Blocked -- Windows Explorer Shuts Down

Peter Jordan

Re: Kaspersky Malicious URL Blocked -- Windows Explorer Shuts Down

Peter Jordan

Re: Kaspersky Malicious URL Blocked -- Windows Explorer Shuts Down

evilfantasy

Re: Kaspersky Malicious URL Blocked -- Windows Explorer Shuts Down

Peter Jordan

Re: Kaspersky Malicious URL Blocked -- Windows Explorer Shuts Down

Peter Jordan

Re: Kaspersky Malicious URL Blocked -- Windows Explorer Shuts Down