Advertisement

There's no such thing as a stupid question, but they're the easiest to answer.
Login
Search

Advertisement

Virus & Other Malware Removal Virus & Other Malware Removal
Search Search
Search for:
Tech Support Guy > > >

Solved: Audio ads playing in background, PLEASE HELP!


(!)

qwertyasd's Avatar
qwertyasd qwertyasd is offline
Member with 13 posts.
THREAD STARTER
 
Join Date: Sep 2012
Experience: Beginner
20-Sep-2012, 07:54 PM #1
Audio ads playing in background, PLEASE HELP!
I am literally the most ignorant person you will ever meet when it comes to computers. For a few weeks I have had audio ads playing in the background of my computer whenever the internet is connected, even when there are no windows up. It is driving. me. crazy. I have ran my Norton and nothing shows up, but obviously something is wrong. I was wondering if anyone out there is patient enough to slowly walk me through figuring out how to fix this problem. I would greatly appreciate any and all help!

Thank you!

Last edited by qwertyasd; 20-Sep-2012 at 08:43 PM..
CatByte's Avatar
Malware Removal Specialist with 3,893 posts.
 
Join Date: Feb 2009
22-Sep-2012, 08:20 AM #2
please run the following:

Please download TDSSKiller.zip
  • Extract it to your desktop
  • Double click TDSSKiller.exe
  • when the window opens, click on Change Parameters
  • under ”Additional options”, put a check mark in the box next to “Detect TDLFS File System”
  • click OK
  • Press Start Scan
    • If Malicious objects are found then ensure Cure is selected
    • If TDLFS File System/TDSS File system is found then ensure Cure is selected (if cure is not available, choose skip)
    • Then click Continue > Reboot now
  • Copy and paste the log in your next reply
    • A copy of the log will be saved automatically to the root of the drive (typically C:\)
qwertyasd's Avatar
qwertyasd qwertyasd is offline
Member with 13 posts.
THREAD STARTER
 
Join Date: Sep 2012
Experience: Beginner
22-Sep-2012, 12:22 PM #3
Thank you so much for helping me!

11:11:32.0361 2940 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
11:11:34.0405 2940 ============================================================
11:11:34.0405 2940 Current date / time: 2012/09/22 11:11:34.0405
11:11:34.0405 2940 SystemInfo:
11:11:34.0406 2940
11:11:34.0406 2940 OS Version: 6.1.7600 ServicePack: 0.0
11:11:34.0406 2940 Product type: Workstation
11:11:34.0407 2940 ComputerName: ALISON-PC
11:11:34.0407 2940 UserName: Alison
11:11:34.0407 2940 Windows directory: C:\Windows
11:11:34.0407 2940 System windows directory: C:\Windows
11:11:34.0407 2940 Running under WOW64
11:11:34.0407 2940 Processor architecture: Intel x64
11:11:34.0407 2940 Number of processors: 2
11:11:34.0407 2940 Page size: 0x1000
11:11:34.0407 2940 Boot type: Normal boot
11:11:34.0407 2940 ============================================================
11:11:41.0326 2940 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:11:41.0356 2940 ============================================================
11:11:41.0356 2940 \Device\Harddisk0\DR0:
11:11:41.0366 2940 MBR partitions:
11:11:41.0367 2940 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1C00800, BlocksNum 0x32000
11:11:41.0367 2940 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1C32800, BlocksNum 0x237FB800
11:11:41.0367 2940 ============================================================
11:11:41.0466 2940 C: <-> \Device\Harddisk0\DR0\Partition2
11:11:41.0467 2940 ============================================================
11:11:41.0467 2940 Initialize success
11:11:41.0467 2940 ============================================================
11:12:08.0702 1992 ============================================================
11:12:08.0702 1992 Scan started
11:12:08.0702 1992 Mode: Manual; TDLFS;
11:12:08.0703 1992 ============================================================
11:12:37.0084 1992 ================ Scan system memory ========================
11:12:37.0084 1992 System memory - ok
11:12:37.0084 1992 ================ Scan services =============================
11:12:42.0282 1992 [ 1B00662092F9F9568B995902F0CC40D5 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
11:13:01.0639 1992 1394ohci - ok
11:13:01.0862 1992 [ 6F11E88748CDEFD2F76AA215F97DDFE5 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
11:13:01.0923 1992 ACPI - ok
11:13:02.0108 1992 [ 63B05A0420CE4BF0E4AF6DCC7CADA254 ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
11:13:02.0222 1992 AcpiPmi - ok
11:13:02.0619 1992 [ 62B7936F9036DD6ED36E6A7EFA805DC0 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
11:13:02.0621 1992 AdobeARMservice - ok
11:13:05.0494 1992 [ E12CFCF1DDBFC50948A75E6E38793225 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
11:13:05.0522 1992 AdobeFlashPlayerUpdateSvc - ok
11:13:05.0597 1992 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
11:13:05.0604 1992 adp94xx - ok
11:13:05.0762 1992 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
11:13:05.0840 1992 adpahci - ok
11:13:05.0874 1992 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
11:13:05.0879 1992 adpu320 - ok
11:13:05.0949 1992 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
11:13:05.0951 1992 AeLookupSvc - ok
11:13:06.0015 1992 [ DB9D6C6B2CD95A9CA414D045B627422E ] AFD C:\Windows\system32\drivers\afd.sys
11:13:06.0045 1992 AFD - ok
11:13:06.0093 1992 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
11:13:06.0118 1992 agp440 - ok
11:13:06.0168 1992 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
11:13:06.0191 1992 ALG - ok
11:13:06.0214 1992 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
11:13:06.0217 1992 aliide - ok
11:13:06.0287 1992 [ CA0D6C1390F4B3BAF2A0A69D1A7F8332 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
11:13:06.0289 1992 AMD External Events Utility - ok
11:13:06.0309 1992 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\DRIVERS\amdide.sys
11:13:06.0311 1992 amdide - ok
11:13:06.0342 1992 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
11:13:06.0344 1992 AmdK8 - ok
11:13:08.0139 1992 [ 75E4BACA583AE02C11E9AC8747E2ABE0 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
11:13:08.0493 1992 amdkmdag - ok
11:13:08.0569 1992 [ B765CF4B32F347BE747B21AE22641025 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
11:13:08.0573 1992 amdkmdap - ok
11:13:08.0603 1992 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
11:13:08.0605 1992 AmdPPM - ok
11:13:08.0657 1992 [ EC7EBAB00A4D8448BAB68D1E49B4BEB9 ] amdsata C:\Windows\system32\drivers\amdsata.sys
11:13:08.0676 1992 amdsata - ok
11:13:08.0746 1992 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
11:13:08.0767 1992 amdsbs - ok
11:13:08.0790 1992 [ DB27766102C7BF7E95140A2AA81D042E ] amdxata C:\Windows\system32\drivers\amdxata.sys
11:13:08.0791 1992 amdxata - ok
11:13:08.0828 1992 [ 42FD751B27FA0E9C69BB39F39E409594 ] AppID C:\Windows\system32\drivers\appid.sys
11:13:08.0830 1992 AppID - ok
11:13:08.0953 1992 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
11:13:08.0975 1992 AppIDSvc - ok
11:13:09.0124 1992 [ D065BE66822847B7F127D1F90158376E ] Appinfo C:\Windows\System32\appinfo.dll
11:13:09.0129 1992 Appinfo - ok
11:13:10.0059 1992 [ 7EF47644B74EBE721CC32211D3C35E76 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
11:13:10.0183 1992 Apple Mobile Device - ok
11:13:10.0220 1992 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
11:13:10.0222 1992 arc - ok
11:13:10.0328 1992 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
11:13:10.0360 1992 arcsas - ok
11:13:10.0696 1992 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
11:13:10.0717 1992 AsyncMac - ok
11:13:10.0822 1992 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\DRIVERS\atapi.sys
11:13:10.0823 1992 atapi - ok
11:13:11.0450 1992 [ E642491F64E58CD5BC8FB8B347DCF65F ] athr C:\Windows\system32\DRIVERS\athrx.sys
11:13:11.0561 1992 athr - ok
11:13:11.0823 1992 [ 637E0753BD6DEB8EA5314A5C357EC1A0 ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys
11:13:11.0833 1992 AtiHdmiService - ok
11:13:11.0865 1992 [ E82E61F46D1336447F4DEFF8C074F13E ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie64.sys
11:13:11.0867 1992 AtiPcie - ok
11:13:11.0907 1992 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
11:13:11.0917 1992 AudioEndpointBuilder - ok
11:13:11.0940 1992 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioSrv C:\Windows\System32\Audiosrv.dll
11:13:11.0945 1992 AudioSrv - ok
11:13:12.0120 1992 [ B20B5FA5CA050E9926E4D1DB81501B32 ] AxInstSV C:\Windows\System32\AxInstSV.dll
11:13:12.0168 1992 AxInstSV - ok
11:13:12.0286 1992 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
11:13:12.0329 1992 b06bdrv - ok
11:13:12.0367 1992 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
11:13:12.0372 1992 b57nd60a - ok
11:13:12.0439 1992 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
11:13:12.0484 1992 BDESVC - ok
11:13:12.0535 1992 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
11:13:12.0556 1992 Beep - ok
11:13:12.0761 1992 [ 4992C609A6315671463E30F6512BC022 ] BFE C:\Windows\System32\bfe.dll
11:13:12.0772 1992 BFE - ok
11:13:13.0609 1992 [ A45BE4E091636F6C86D6E4FC945D5A26 ] BHDrvx64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\Definitions\BASHDefs\20120919.001\BHDrvx64.sys
11:13:13.0653 1992 BHDrvx64 - ok
11:13:14.0428 1992 [ 7F0C323FE3DA28AA4AA1BDA3F575707F ] BITS C:\Windows\System32\qmgr.dll
11:13:14.0500 1992 BITS - ok
11:13:14.0708 1992 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
11:13:14.0885 1992 blbdrive - ok
11:13:15.0496 1992 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
11:13:15.0516 1992 Bonjour Service - ok
11:13:15.0588 1992 [ 19D20159708E152267E53B66677A4995 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
11:13:15.0664 1992 bowser - ok
11:13:15.0919 1992 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
11:13:15.0949 1992 BrFiltLo - ok
11:13:16.0083 1992 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
11:13:16.0102 1992 BrFiltUp - ok
11:13:16.0394 1992 [ 6B054C67AAA87843504E8E3C09102009 ] Browser C:\Windows\System32\browser.dll
11:13:16.0413 1992 Browser - ok
11:13:16.0457 1992 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
11:13:16.0569 1992 Brserid - ok
11:13:16.0574 1992 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
11:13:16.0579 1992 BrSerWdm - ok
11:13:16.0585 1992 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
11:13:16.0588 1992 BrUsbMdm - ok
11:13:16.0593 1992 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
11:13:16.0596 1992 BrUsbSer - ok
11:13:16.0602 1992 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
11:13:16.0605 1992 BTHMODEM - ok
11:13:16.0629 1992 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
11:13:16.0631 1992 bthserv - ok
11:13:16.0789 1992 [ 2C6FFCCA37B002AAB3C7C31A6D780A76 ] ccSet_N360 C:\Windows\system32\drivers\N360x64\0603000.00E\ccSetx64.sys
11:13:16.0821 1992 ccSet_N360 - ok
11:13:16.0850 1992 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
11:13:16.0877 1992 cdfs - ok
11:13:17.0052 1992 [ 83D2D75E1EFB81B3450C18131443F7DB ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
11:13:17.0067 1992 cdrom - ok
11:13:17.0186 1992 [ 312E2F82AF11E79906898AC3E3D58A1F ] CertPropSvc C:\Windows\System32\certprop.dll
11:13:17.0188 1992 CertPropSvc - ok
11:13:17.0207 1992 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
11:13:17.0209 1992 circlass - ok
11:13:17.0232 1992 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
11:13:17.0237 1992 CLFS - ok
11:13:17.0310 1992 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:13:17.0336 1992 clr_optimization_v2.0.50727_32 - ok
11:13:17.0396 1992 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:13:17.0457 1992 clr_optimization_v2.0.50727_64 - ok
11:13:18.0755 1992 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:13:18.0983 1992 clr_optimization_v4.0.30319_32 - ok
11:13:19.0040 1992 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
11:13:19.0044 1992 clr_optimization_v4.0.30319_64 - ok
11:13:19.0096 1992 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
11:13:19.0097 1992 CmBatt - ok
11:13:19.0138 1992 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys
11:13:19.0143 1992 cmdide - ok
11:13:19.0553 1992 [ CA7720B73446FDDEC5C69519C1174C98 ] CNG C:\Windows\system32\Drivers\cng.sys
11:13:19.0741 1992 CNG - ok
11:13:20.0040 1992 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
11:13:20.0311 1992 Compbatt - ok
11:13:20.0450 1992 [ F26B3A86F6FA87CA360B879581AB4123 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
11:13:20.0468 1992 CompositeBus - ok
11:13:20.0489 1992 COMSysApp - ok
11:13:20.0537 1992 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
11:13:20.0577 1992 crcdisk - ok
11:13:20.0737 1992 [ F02786B66375292E58C8777082D4396D ] CryptSvc C:\Windows\system32\cryptsvc.dll
11:13:20.0775 1992 CryptSvc - ok
11:13:20.0860 1992 [ 7266972E86890E2B30C0C322E906B027 ] DcomLaunch C:\Windows\system32\rpcss.dll
11:13:20.0868 1992 DcomLaunch - ok
11:13:20.0967 1992 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
11:13:20.0993 1992 defragsvc - ok
11:13:21.0052 1992 [ 9C253CE7311CA60FC11C774692A13208 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
11:13:21.0074 1992 DfsC - ok
11:13:21.0193 1992 [ CE3B9562D997F69B330D181A8875960F ] Dhcp C:\Windows\system32\dhcpcore.dll
11:13:21.0198 1992 Dhcp - ok
11:13:21.0269 1992 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
11:13:21.0270 1992 discache - ok
11:13:21.0298 1992 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
11:13:21.0322 1992 Disk - ok
11:13:21.0448 1992 [ 85CF424C74A1D5EC33533E1DBFF9920A ] Dnscache C:\Windows\System32\dnsrslvr.dll
11:13:21.0477 1992 Dnscache - ok
11:13:21.0761 1992 [ 14452ACDB09B70964C8C21BF80A13ACB ] dot3svc C:\Windows\System32\dot3svc.dll
11:13:22.0310 1992 dot3svc - ok
11:13:23.0050 1992 [ B42ED0320C6E41102FDE0005154849BB ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
11:13:23.0132 1992 Dot4 - ok
11:13:23.0254 1992 [ 85135AD27E79B689335C08167D917CDE ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
11:13:23.0262 1992 Dot4Print - ok
11:13:23.0423 1992 [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
11:13:23.0432 1992 dot4usb - ok
11:13:23.0557 1992 [ 8C2BA6BEA949EE6E68385F5692BAFB94 ] DPS C:\Windows\system32\dps.dll
11:13:23.0600 1992 DPS - ok
11:13:23.0730 1992 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
11:13:23.0747 1992 drmkaud - ok
11:13:24.0505 1992 [ 1FCA854CEDFC2CCD0C22E46EA4EA18F1 ] DsiWMIService C:\Program Files (x86)\Launch Manager\dsiwmis.exe
11:13:24.0513 1992 DsiWMIService - ok
11:13:24.0912 1992 [ 1633B9ABF52784A1331476397A48CBEF ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
11:13:24.0990 1992 DXGKrnl - ok
11:13:25.0087 1992 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
11:13:25.0102 1992 EapHost - ok
11:13:25.0572 1992 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
11:13:25.0910 1992 ebdrv - ok
11:13:26.0416 1992 [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
11:13:26.0424 1992 eeCtrl - ok
11:13:26.0584 1992 [ 156F6159457D0AA7E59B62681B56EB90 ] EFS C:\Windows\System32\lsass.exe
11:13:26.0586 1992 EFS - ok
11:13:26.0864 1992 [ 47C071994C3F649F23D9CD075AC9304A ] ehRecvr C:\Windows\ehome\ehRecvr.exe
11:13:26.0897 1992 ehRecvr - ok
11:13:26.0940 1992 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
11:13:26.0972 1992 ehSched - ok
11:13:27.0022 1992 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
11:13:27.0030 1992 elxstor - ok
11:13:27.0130 1992 [ 3EA2C4F68A782839D97B3C83595575B6 ] ePowerSvc C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
11:13:27.0141 1992 ePowerSvc - ok
11:13:27.0275 1992 [ C5BCCB378D0A896304A3E71BE7215983 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
11:13:27.0295 1992 EraserUtilRebootDrv - ok
11:13:27.0332 1992 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys
11:13:27.0334 1992 ErrDev - ok
11:13:27.0387 1992 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
11:13:27.0392 1992 EventSystem - ok
11:13:27.0442 1992 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
11:13:27.0474 1992 exfat - ok
11:13:27.0545 1992 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
11:13:27.0550 1992 fastfat - ok
11:13:28.0214 1992 [ D607B2F1BEE3992AA6C2C92C0A2F0855 ] Fax C:\Windows\system32\fxssvc.exe
11:13:28.0314 1992 Fax - ok
11:13:28.0407 1992 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
11:13:28.0421 1992 fdc - ok
11:13:28.0479 1992 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
11:13:28.0504 1992 fdPHost - ok
11:13:28.0529 1992 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
11:13:28.0531 1992 FDResPub - ok
11:13:28.0598 1992 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
11:13:28.0614 1992 FileInfo - ok
11:13:28.0629 1992 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
11:13:28.0671 1992 Filetrace - ok
11:13:28.0768 1992 [ BB0667B0171B632B97EA759515476F07 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
11:13:28.0815 1992 FLEXnet Licensing Service - ok
11:13:28.0863 1992 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
11:13:28.0865 1992 flpydisk - ok
11:13:28.0902 1992 [ F7866AF72ABBAF84B1FA5AA195378C59 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
11:13:28.0912 1992 FltMgr - ok
11:13:29.0092 1992 [ CB5E4B9C319E3C6BB363EB7E58A4A051 ] FontCache C:\Windows\system32\FntCache.dll
11:13:29.0115 1992 FontCache - ok
11:13:29.0177 1992 [ 8D89E3131C27FDD6932189CB785E1B7A ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:13:29.0217 1992 FontCache3.0.0.0 - ok
11:13:29.0270 1992 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
11:13:29.0272 1992 FsDepends - ok
11:13:29.0338 1992 [ D3E3F93D67821A2DB2B3D9FAC2DC2064 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
11:13:29.0399 1992 Fs_Rec - ok
11:13:29.0543 1992 [ AE87BA80D0EC3B57126ED2CDC15B24ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
11:13:29.0572 1992 fvevol - ok
11:13:29.0750 1992 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
11:13:29.0768 1992 gagp30kx - ok
11:13:29.0849 1992 [ CE16683CFD11FE70BDE435DDA5EA1FCA ] GameConsoleService C:\Program Files (x86)\Acer Games\Acer Game Console\GameConsoleService.exe
11:13:29.0921 1992 GameConsoleService - ok
11:13:29.0973 1992 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
11:13:29.0975 1992 GEARAspiWDM - ok
11:13:30.0118 1992 [ FE5AB4525BC2EC68B9119A6E5D40128B ] gpsvc C:\Windows\System32\gpsvc.dll
11:13:30.0128 1992 gpsvc - ok
11:13:30.0260 1992 [ 0191DEE9B9EB7902AF2CF4F67301095D ] GREGService C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
11:13:30.0261 1992 GREGService - ok
11:13:30.0313 1992 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
11:13:30.0316 1992 hcw85cir - ok
11:13:30.0518 1992 [ 6410F6F415B2A5A9037224C41DA8BF12 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
11:13:30.0611 1992 HdAudAddService - ok
11:13:30.0676 1992 [ 0A49913402747A0B67DE940FB42CBDBB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
11:13:30.0678 1992 HDAudBus - ok
11:13:30.0730 1992 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
11:13:30.0744 1992 HidBatt - ok
11:13:30.0778 1992 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
11:13:30.0844 1992 HidBth - ok
11:13:30.0912 1992 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
11:13:30.0935 1992 HidIr - ok
11:13:30.0986 1992 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
11:13:30.0991 1992 hidserv - ok
11:13:31.0091 1992 [ B3BF6B5B50006DEF50B66306D99FCF6F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
11:13:31.0151 1992 HidUsb - ok
11:13:31.0186 1992 [ EFA58EDE58DD74388FFD04CB32681518 ] hkmsvc C:\Windows\system32\kmsvc.dll
11:13:31.0189 1992 hkmsvc - ok
11:13:31.0196 1992 [ 046B2673767CA626E2CFB7FDF735E9E8 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
11:13:31.0201 1992 HomeGroupListener - ok
11:13:31.0254 1992 [ 06A7422224D9865A5613710A089987DF ] HomeGroupProvider C:\Windows\system32\provsvc.dll
11:13:31.0261 1992 HomeGroupProvider - ok
11:13:32.0318 1992 [ 0A3C6AA4A9FC38C20BA4EAC2C3351C05 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
11:13:32.0328 1992 hpqcxs08 - ok
11:13:32.0419 1992 [ F3F72A2A86C22610BCA5439FA789DD52 ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
11:13:32.0421 1992 hpqddsvc - ok
11:13:32.0450 1992 [ 0886D440058F203EBA0E1825E4355914 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys
11:13:32.0453 1992 HpSAMD - ok
11:13:32.0534 1992 [ 7F57926169C1B8ABA9274EA7D4B70F18 ] HPSLPSVC C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
11:13:32.0546 1992 HPSLPSVC - ok
11:13:32.0596 1992 [ CEE049CAC4EFA7F4E1E4AD014414A5D4 ] HTTP C:\Windows\system32\drivers\HTTP.sys
11:13:32.0605 1992 HTTP - ok
11:13:32.0617 1992 [ F17766A19145F111856378DF337A5D79 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
11:13:32.0618 1992 hwpolicy - ok
11:13:32.0656 1992 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
11:13:32.0659 1992 i8042prt - ok
11:13:32.0744 1992 [ B75E45C564E944A2657167D197AB29DA ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
11:13:32.0755 1992 iaStorV - ok
11:13:32.0829 1992 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
11:13:32.0858 1992 IDriverT - ok
11:13:32.0916 1992 [ 2F2BE70D3E02B6FA877921AB9516D43C ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
11:13:32.0943 1992 idsvc - ok
11:13:33.0126 1992 [ A48928D4CCA6F8B731989DB08CF2C0AB ] IDSVia64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\Definitions\IPSDefs\20120919.001\IDSvia64.sys
11:13:33.0135 1992 IDSVia64 - ok
11:13:33.0159 1992 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
11:13:33.0161 1992 iirsp - ok
11:13:33.0365 1992 [ C5B4683680DF085B57BC53E5EF34861F ] IKEEXT C:\Windows\System32\ikeext.dll
11:13:33.0377 1992 IKEEXT - ok
11:13:34.0975 1992 [ 235362D403D9D677514649D88DB31914 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
11:13:35.0161 1992 IntcAzAudAddService - ok
11:13:35.0304 1992 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\DRIVERS\intelide.sys
11:13:35.0412 1992 intelide - ok
11:13:35.0686 1992 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
11:13:35.0874 1992 intelppm - ok
11:13:35.0969 1992 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
11:13:36.0006 1992 IPBusEnum - ok
11:13:36.0076 1992 [ 722DD294DF62483CECAAE6E094B4D695 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:13:36.0119 1992 IpFilterDriver - ok
11:13:36.0366 1992 [ F8E058D17363EC580E4B7232778B6CB5 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
11:13:36.0434 1992 iphlpsvc - ok
11:13:36.0476 1992 [ E2B4A4494DB7CB9B89B55CA268C337C5 ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys
11:13:36.0511 1992 IPMIDRV - ok
11:13:36.0712 1992 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
11:13:36.0865 1992 IPNAT - ok
11:13:37.0128 1992 [ 50D6CCC6FF5561F9F56946B3E6164FB8 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
11:13:37.0211 1992 iPod Service - ok
11:13:37.0229 1992 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
11:13:37.0231 1992 IRENUM - ok
11:13:37.0254 1992 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys
11:13:37.0271 1992 isapnp - ok
11:13:37.0290 1992 [ FA4D2557DE56D45B0A346F93564BE6E1 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
11:13:37.0320 1992 iScsiPrt - ok
11:13:37.0373 1992 [ 37E053A2CF8F0082B689ED74106E0CEC ] k57nd60a C:\Windows\system32\DRIVERS\k57nd60a.sys
11:13:37.0381 1992 k57nd60a - ok
11:13:37.0408 1992 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
11:13:37.0410 1992 kbdclass - ok
11:13:37.0540 1992 [ 6DEF98F8541E1B5DCEB2C822A11F7323 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
11:13:37.0698 1992 kbdhid - ok
11:13:37.0788 1992 [ 156F6159457D0AA7E59B62681B56EB90 ] KeyIso C:\Windows\system32\lsass.exe
11:13:37.0789 1992 KeyIso - ok
11:13:37.0915 1992 [ 4F4B5FDE429416877DE7143044582EB5 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
11:13:37.0941 1992 KSecDD - ok
11:13:38.0118 1992 [ 6F40465A44ECDC1731BEFAFEC5BDD03C ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
11:13:38.0122 1992 KSecPkg - ok
11:13:38.0163 1992 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
11:13:38.0164 1992 ksthunk - ok
11:13:38.0202 1992 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
11:13:38.0256 1992 KtmRm - ok
11:13:38.0356 1992 [ 81F1D04D4D0E433099365127375FD501 ] LanmanServer C:\Windows\system32\srvsvc.dll
11:13:38.0360 1992 LanmanServer - ok
11:13:38.0399 1992 [ 27026EAC8818E8A6C00A1CAD2F11D29A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
11:13:38.0402 1992 LanmanWorkstation - ok
11:13:38.0451 1992 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
11:13:38.0453 1992 lltdio - ok
11:13:38.0497 1992 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
11:13:38.0503 1992 lltdsvc - ok
11:13:38.0569 1992 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
11:13:38.0572 1992 lmhosts - ok
11:13:38.0602 1992 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
11:13:38.0606 1992 LSI_FC - ok
11:13:38.0646 1992 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
11:13:38.0649 1992 LSI_SAS - ok
11:13:38.0654 1992 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
11:13:38.0658 1992 LSI_SAS2 - ok
11:13:38.0700 1992 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
11:13:38.0707 1992 LSI_SCSI - ok
11:13:38.0722 1992 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
11:13:38.0725 1992 luafv - ok
11:13:38.0862 1992 [ FD3AD5E1ECDAA94A89D6697F5C5465D6 ] McComponentHostService C:\Program Files (x86)\McAfee Security Scan\2.1.121\McCHSvc.exe
11:13:38.0863 1992 McComponentHostService - ok
11:13:38.0902 1992 mcmscsvc - ok
11:13:38.0937 1992 [ F84C8F1000BC11E3B7B23CBD3BAFF111 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
11:13:38.0973 1992 Mcx2Svc - ok
11:13:39.0011 1992 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
11:13:39.0013 1992 megasas - ok
11:13:39.0038 1992 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
11:13:39.0043 1992 MegaSR - ok
11:13:39.0058 1992 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
11:13:39.0060 1992 MMCSS - ok
11:13:39.0076 1992 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
11:13:39.0078 1992 Modem - ok
11:13:39.0098 1992 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
11:13:39.0099 1992 monitor - ok
11:13:39.0127 1992 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
11:13:39.0129 1992 mouclass - ok
11:13:39.0166 1992 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
11:13:39.0215 1992 mouhid - ok
11:13:39.0272 1992 [ 791AF66C4D0E7C90A3646066386FB571 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
11:13:39.0273 1992 mountmgr - ok
11:13:39.0324 1992 [ 609D1D87649ECC19796F4D76D4C15CEA ] mpio C:\Windows\system32\DRIVERS\mpio.sys
11:13:39.0327 1992 mpio - ok
11:13:39.0451 1992 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
11:13:39.0488 1992 mpsdrv - ok
11:13:39.0884 1992 [ AECAB449567D1846DAD63ECE49E893E3 ] MpsSvc C:\Windows\system32\mpssvc.dll
11:13:39.0943 1992 MpsSvc - ok
11:13:39.0995 1992 [ 30524261BB51D96D6FCBAC20C810183C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
11:13:39.0999 1992 MRxDAV - ok
11:13:40.0237 1992 [ 040D62A9D8AD28922632137ACDD984F2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
11:13:40.0292 1992 mrxsmb - ok
11:13:40.0440 1992 [ F0067552F8F9B33D7C59403AB808A3CB ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:13:40.0473 1992 mrxsmb10 - ok
11:13:40.0518 1992 [ 3C142D31DE9F2F193218A53FE2632051 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:13:40.0540 1992 mrxsmb20 - ok
11:13:40.0580 1992 [ 5C37497276E3B3A5488B23A326A754B7 ] msahci C:\Windows\system32\DRIVERS\msahci.sys
11:13:40.0582 1992 msahci - ok
11:13:40.0597 1992 [ 8D27B597229AED79430FB9DB3BCBFBD0 ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys
11:13:40.0600 1992 msdsm - ok
11:13:40.0621 1992 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
11:13:40.0626 1992 MSDTC - ok
11:13:40.0665 1992 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
11:13:40.0672 1992 Msfs - ok
11:13:40.0699 1992 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
11:13:40.0701 1992 mshidkmdf - ok
11:13:40.0721 1992 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys
11:13:40.0722 1992 msisadrv - ok
11:13:40.0765 1992 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
11:13:40.0770 1992 MSiSCSI - ok
11:13:40.0775 1992 msiserver - ok
11:13:40.0812 1992 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
11:13:40.0834 1992 MSKSSRV - ok
11:13:40.0876 1992 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
11:13:40.0878 1992 MSPCLOCK - ok
11:13:40.0897 1992 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
11:13:40.0899 1992 MSPQM - ok
11:13:40.0921 1992 [ 89CB141AA8616D8C6A4610FA26C60964 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
11:13:40.0926 1992 MsRPC - ok
11:13:40.0944 1992 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
11:13:40.0945 1992 mssmbios - ok
11:13:40.0970 1992 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
11:13:40.0972 1992 MSTEE - ok
11:13:40.0991 1992 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
11:13:40.0993 1992 MTConfig - ok
11:13:41.0012 1992 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
11:13:41.0014 1992 Mup - ok
11:13:41.0044 1992 [ 6FFECC25B39DC7652A0CEC0ADA9DB589 ] mwlPSDFilter C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
11:13:41.0067 1992 mwlPSDFilter - ok
11:13:41.0094 1992 [ 0BEFE32CA56D6EE89D58175725596A85 ] mwlPSDNServ C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
11:13:41.0097 1992 mwlPSDNServ - ok
11:13:41.0110 1992 [ D43BC633B8660463E446E28E14A51262 ] mwlPSDVDisk C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
11:13:41.0112 1992 mwlPSDVDisk - ok
11:13:41.0173 1992 [ 3E5E20817259F7328C8F3BE5421F35B9 ] MWLService C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe
11:13:41.0178 1992 MWLService - ok
11:13:41.0307 1992 [ F2840DBFE9322F35557219AE82CC4597 ] N360 C:\Program Files (x86)\Norton 360\Engine\6.3.0.14\ccSvcHst.exe
11:13:41.0309 1992 N360 - ok
11:13:41.0345 1992 [ 4987E079A4530FA737A128BE54B63B12 ] napagent C:\Windows\system32\qagentRT.dll
11:13:41.0351 1992 napagent - ok
11:13:41.0458 1992 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
11:13:41.0486 1992 NativeWifiP - ok
11:13:41.0640 1992 [ C58D8A669D6551F616D90244BD2C2D4F ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\Definitions\VirusDefs\20120920.002\ENG64.SYS
11:13:41.0642 1992 NAVENG - ok
11:13:41.0739 1992 [ A3DBDB412ADFA5882DD6843B11FE0828 ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\Definitions\VirusDefs\20120920.002\EX64.SYS
11:13:41.0858 1992 NAVEX15 - ok
11:13:41.0915 1992 [ CAD515DBD07D082BB317D9928CE8962C ] NDIS C:\Windows\system32\drivers\ndis.sys
11:13:41.0926 1992 NDIS - ok
11:13:41.0944 1992 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
11:13:41.0947 1992 NdisCap - ok
11:13:42.0009 1992 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
11:13:42.0010 1992 NdisTapi - ok
11:13:42.0071 1992 [ F105BA1E22BF1F2EE8F005D4305E4BEC ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
11:13:42.0074 1992 Ndisuio - ok
11:13:42.0121 1992 [ 557DFAB9CA1FCB036AC77564C010DAD3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
11:13:42.0124 1992 NdisWan - ok
11:13:42.0174 1992 [ 659B74FB74B86228D6338D643CD3E3CF ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
11:13:42.0185 1992 NDProxy - ok
11:13:42.0302 1992 [ D5AC41AE382738483FAFFBD7E373D49A ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
11:13:42.0303 1992 Net Driver HPZ12 - ok
11:13:42.0323 1992 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
11:13:42.0324 1992 NetBIOS - ok
11:13:42.0397 1992 [ 9162B273A44AB9DCE5B44362731D062A ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
11:13:42.0400 1992 NetBT - ok
11:13:42.0434 1992 [ 156F6159457D0AA7E59B62681B56EB90 ] Netlogon C:\Windows\system32\lsass.exe
11:13:42.0437 1992 Netlogon - ok
11:13:42.0478 1992 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
11:13:42.0483 1992 Netman - ok
11:13:42.0540 1992 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
11:13:42.0547 1992 netprofm - ok
11:13:42.0584 1992 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
11:13:42.0588 1992 NetTcpPortSharing - ok
11:13:42.0616 1992 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
11:13:42.0618 1992 nfrd960 - ok
11:13:42.0708 1992 [ D9A0CE66046D6EFA0C61BAA885CBA0A8 ] NlaSvc C:\Windows\System32\nlasvc.dll
11:13:42.0713 1992 NlaSvc - ok
11:13:43.0180 1992 [ 5839A8027D6D324A7CD494051A96628C ] NOBU C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
11:13:43.0239 1992 NOBU - ok
11:13:43.0270 1992 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
11:13:43.0287 1992 Npfs - ok
11:13:43.0365 1992 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
11:13:43.0367 1992 nsi - ok
11:13:43.0479 1992 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
11:13:43.0486 1992 nsiproxy - ok
11:13:43.0912 1992 [ 378E0E0DFEA67D98AE6EA53ADBBD76BC ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
11:13:43.0933 1992 Ntfs - ok
11:13:44.0058 1992 [ 6FD534EDE2905D3C3257CFDD881F9705 ] NTI IScheduleSvc C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
11:13:44.0108 1992 NTI IScheduleSvc - ok
11:13:44.0269 1992 [ EE3BA1024594D5D09E314F206B94069E ] NTIDrvr C:\Windows\system32\drivers\NTIDrvr.sys
11:13:44.0367 1992 NTIDrvr - ok
11:13:44.0380 1992 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
11:13:44.0381 1992 Null - ok
11:13:44.0408 1992 [ A4D9C9A608A97F59307C2F2600EDC6A4 ] nvraid C:\Windows\system32\drivers\nvraid.sys
11:13:44.0412 1992 nvraid - ok
11:13:44.0429 1992 [ 6C1D5F70E7A6A3FD1C90D840EDC048B9 ] nvstor C:\Windows\system32\drivers\nvstor.sys
11:13:44.0433 1992 nvstor - ok
11:13:44.0510 1992 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys
11:13:44.0515 1992 nv_agp - ok
11:13:44.0520 1992 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
11:13:44.0523 1992 ohci1394 - ok
11:13:44.0660 1992 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:13:44.0775 1992 ose - ok
11:13:44.0991 1992 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
11:13:45.0170 1992 osppsvc - ok
11:13:45.0214 1992 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
11:13:45.0220 1992 p2pimsvc - ok
11:13:45.0240 1992 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
11:13:45.0272 1992 p2psvc - ok
11:13:45.0308 1992 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
11:13:45.0311 1992 Parport - ok
11:13:45.0367 1992 [ 90061B1ACFE8CCAA5345750FFE08D8B8 ] partmgr C:\Windows\system32\drivers\partmgr.sys
11:13:45.0414 1992 partmgr - ok
11:13:45.0459 1992 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
11:13:45.0662 1992 PcaSvc - ok
11:13:45.0719 1992 [ F36F6504009F2FB0DFD1B17A116AD74B ] pci C:\Windows\system32\DRIVERS\pci.sys
11:13:45.0724 1992 pci - ok
11:13:45.0744 1992 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\DRIVERS\pciide.sys
11:13:45.0748 1992 pciide - ok
11:13:45.0777 1992 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
11:13:45.0801 1992 pcmcia - ok
11:13:45.0831 1992 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
11:13:45.0833 1992 pcw - ok
11:13:45.0861 1992 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
11:13:45.0871 1992 PEAUTH - ok
11:13:45.0977 1992 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
11:13:46.0008 1992 PerfHost - ok
11:13:46.0107 1992 [ 557E9A86F65F0DE18C9B6751DFE9D3F1 ] pla C:\Windows\system32\pla.dll
11:13:46.0145 1992 pla - ok
11:13:46.0241 1992 [ 98B1721B8718164293B9701B98C52D77 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
11:13:46.0248 1992 PlugPlay - ok
11:13:46.0311 1992 [ 37F6046CDC630442D7DC087501FF6FC6 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
11:13:46.0314 1992 Pml Driver HPZ12 - ok
11:13:46.0334 1992 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
11:13:46.0336 1992 PNRPAutoReg - ok
11:13:46.0358 1992 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
11:13:46.0361 1992 PNRPsvc - ok
11:13:46.0485 1992 [ 166EB40D1F5B47E615DE3D0FFFE5F243 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
11:13:46.0492 1992 PolicyAgent - ok
11:13:46.0520 1992 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
11:13:46.0523 1992 Power - ok
11:13:46.0557 1992 [ 27CC19E81BA5E3403C48302127BDA717 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
11:13:46.0560 1992 PptpMiniport - ok
11:13:46.0582 1992 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
11:13:46.0600 1992 Processor - ok
11:13:46.0650 1992 [ 97293447431311C06703368AD0F6C4BE ] ProfSvc C:\Windows\system32\profsvc.dll
11:13:46.0654 1992 ProfSvc - ok
11:13:46.0668 1992 [ 156F6159457D0AA7E59B62681B56EB90 ] ProtectedStorage C:\Windows\system32\lsass.exe
11:13:46.0669 1992 ProtectedStorage - ok
11:13:46.0734 1992 [ EE992183BD8EAEFD9973F352E587A299 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
11:13:46.0737 1992 Psched - ok
11:13:46.0779 1992 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
11:13:46.0797 1992 ql2300 - ok
11:13:46.0804 1992 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
11:13:46.0807 1992 ql40xx - ok
11:13:46.0849 1992 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
11:13:46.0861 1992 QWAVE - ok
11:13:46.0886 1992 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
11:13:46.0888 1992 QWAVEdrv - ok
11:13:46.0924 1992 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
11:13:46.0929 1992 RasAcd - ok
11:13:46.0989 1992 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
11:13:46.0991 1992 RasAgileVpn - ok
11:13:46.0998 1992 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
11:13:47.0043 1992 RasAuto - ok
11:13:47.0076 1992 [ 87A6E852A22991580D6D39ADC4790463 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
11:13:47.0079 1992 Rasl2tp - ok
11:13:47.0111 1992 [ 47394ED3D16D053F5906EFE5AB51CC83 ] RasMan C:\Windows\System32\rasmans.dll
11:13:47.0118 1992 RasMan - ok
11:13:47.0136 1992 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
11:13:47.0139 1992 RasPppoe - ok
11:13:47.0153 1992 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
11:13:47.0155 1992 RasSstp - ok
11:13:47.0187 1992 [ 3BAC8142102C15D59A87757C1D41DCE5 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
11:13:47.0192 1992 rdbss - ok
11:13:47.0214 1992 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
11:13:47.0217 1992 rdpbus - ok
11:13:47.0235 1992 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
11:13:47.0236 1992 RDPCDD - ok
11:13:47.0265 1992 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
11:13:47.0266 1992 RDPENCDD - ok
11:13:47.0319 1992 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
11:13:47.0320 1992 RDPREFMP - ok
11:13:47.0363 1992 [ 447DE7E3DEA39D422C1504F245B668B1 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
11:13:47.0393 1992 RDPWD - ok
11:13:47.0578 1992 [ 634B9A2181D98F15941236886164EC8B ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
11:13:47.0609 1992 rdyboost - ok
11:13:47.0707 1992 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
11:13:47.0710 1992 RemoteAccess - ok
11:13:47.0778 1992 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
11:13:47.0802 1992 RemoteRegistry - ok
11:13:47.0846 1992 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
11:13:47.0850 1992 RpcEptMapper - ok
11:13:47.0902 1992 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
11:13:47.0911 1992 RpcLocator - ok
11:13:47.0973 1992 [ 7266972E86890E2B30C0C322E906B027 ] RpcSs C:\Windows\system32\rpcss.dll
11:13:47.0978 1992 RpcSs - ok
11:13:48.0002 1992 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
11:13:48.0004 1992 rspndr - ok
11:13:48.0044 1992 [ 763AE0C6D9DF4C24B7E2C26036A8188A ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
11:13:48.0071 1992 RSUSBSTOR - ok
11:13:48.0111 1992 [ 156F6159457D0AA7E59B62681B56EB90 ] SamSs C:\Windows\system32\lsass.exe
11:13:48.0112 1992 SamSs - ok
11:13:48.0127 1992 [ E3BBB89983DAF5622C1D50CF49F28227 ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys
11:13:48.0130 1992 sbp2port - ok
11:13:48.0197 1992 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
11:13:48.0245 1992 SCardSvr - ok
11:13:48.0276 1992 [ C94DA20C7E3BA1DCA269BC8460D98387 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
11:13:48.0277 1992 scfilter - ok
11:13:48.0395 1992 [ 624D0F5FF99428BB90A5B8A4123E918E ] Schedule C:\Windows\system32\schedsvc.dll
11:13:48.0413 1992 Schedule - ok
11:13:48.0454 1992 [ 312E2F82AF11E79906898AC3E3D58A1F ] SCPolicySvc C:\Windows\System32\certprop.dll
11:13:48.0455 1992 SCPolicySvc - ok
11:13:48.0529 1992 [ 765A27C3279CE11D14CB9E4F5869FCA5 ] SDRSVC C:\Windows\System32\SDRSVC.dll
11:13:48.0533 1992 SDRSVC - ok
11:13:48.0571 1992 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
11:13:48.0573 1992 secdrv - ok
11:13:48.0580 1992 [ 463B386EBC70F98DA5DFF85F7E654346 ] seclogon C:\Windows\system32\seclogon.dll
11:13:48.0583 1992 seclogon - ok
11:13:48.0603 1992 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
11:13:48.0606 1992 SENS - ok
11:13:48.0612 1992 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
11:13:48.0688 1992 SensrSvc - ok
11:13:48.0743 1992 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
11:13:48.0755 1992 Serenum - ok
11:13:48.0760 1992 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
11:13:48.0769 1992 Serial - ok
11:13:48.0809 1992 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
11:13:48.0838 1992 sermouse - ok
11:13:48.0895 1992 [ C3BC61CE47FF6F4E88AB8A3B429A36AF ] SessionEnv C:\Windows\system32\sessenv.dll
11:13:48.0898 1992 SessionEnv - ok
11:13:49.0004 1992 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
11:13:49.0017 1992 sffdisk - ok
11:13:49.0022 1992 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\DRIVERS\sffp_mmc.sys
11:13:49.0029 1992 sffp_mmc - ok
11:13:49.0036 1992 [ 178298F767FE638C9FEDCBDEF58BB5E4 ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
11:13:49.0043 1992 sffp_sd - ok
11:13:49.0052 1992 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
11:13:49.0059 1992 sfloppy - ok
11:13:49.0143 1992 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
11:13:49.0148 1992 SharedAccess - ok
11:13:49.0173 1992 [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF ] ShellHWDetection C:\Windows\System32\shsvcs.dll
11:13:49.0179 1992 ShellHWDetection - ok
11:13:49.0205 1992 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
11:13:49.0207 1992 SiSRaid2 - ok
11:13:49.0216 1992 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
11:13:49.0218 1992 SiSRaid4 - ok
11:13:49.0332 1992 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
11:13:49.0335 1992 SkypeUpdate - ok
11:13:49.0363 1992 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
11:13:49.0367 1992 Smb - ok
11:13:49.0467 1992 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
11:13:49.0470 1992 SNMPTRAP - ok
11:13:49.0498 1992 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
11:13:49.0542 1992 spldr - ok
11:13:49.0614 1992 [ 567977DC43CC13C4C35ED7084C0B84D5 ] Spooler C:\Windows\System32\spoolsv.exe
11:13:49.0622 1992 Spooler - ok
11:13:49.0868 1992 [ 913D843498553A1BC8F8DBAD6358E49F ] sppsvc C:\Windows\system32\sppsvc.exe
11:13:50.0000 1992 sppsvc - ok
11:13:50.0051 1992 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
11:13:50.0054 1992 sppuinotify - ok
11:13:50.0732 1992 [ 891793E00432FA055CF040605C260E49 ] SRTSP C:\Windows\System32\Drivers\N360x64\0603000.00E\SRTSP64.SYS
11:13:50.0764 1992 SRTSP - ok
11:13:50.0923 1992 [ 1CB7BB3B0561FB5ECFE37F7731E8BF3E ] SRTSPX C:\Windows\system32\drivers\N360x64\0603000.00E\SRTSPX64.SYS
11:13:51.0060 1992 SRTSPX - ok
11:13:51.0190 1992 [ 2408C0366D96BCDF63E8F1C78E4A29C5 ] srv C:\Windows\system32\DRIVERS\srv.sys
11:13:51.0221 1992 srv - ok
11:13:51.0275 1992 [ 76548F7B818881B47D8D1AE1BE9C11F8 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
11:13:51.0281 1992 srv2 - ok
11:13:51.0298 1992 [ 0AF6E19D39C70844C5CAA8FB0183C36E ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
11:13:51.0301 1992 srvnet - ok
11:13:51.0430 1992 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
11:13:51.0480 1992 SSDPSRV - ok
11:13:51.0568 1992 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
11:13:51.0574 1992 SstpSvc - ok
11:13:51.0622 1992 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
11:13:51.0625 1992 stexstor - ok
11:13:51.0687 1992 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
11:13:51.0707 1992 StillCam - ok
11:13:51.0909 1992 [ 52D0E33B681BD0F33FDC08812FEE4F7D ] stisvc C:\Windows\System32\wiaservc.dll
11:13:51.0949 1992 stisvc - ok
11:13:52.0009 1992 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
11:13:52.0039 1992 swenum - ok
11:13:52.0143 1992 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
11:13:52.0201 1992 swprv - ok
11:13:52.0432 1992 [ 8B2430762099598DA40686F754632EFD ] SymDS C:\Windows\system32\drivers\N360x64\0603000.00E\SYMDS64.SYS
11:13:52.0439 1992 SymDS - ok
11:13:52.0756 1992 [ 5CB7F2FD7E30A0F52F93574BFC3A8041 ] SymEFA C:\Windows\system32\drivers\N360x64\0603000.00E\SYMEFA64.SYS
11:13:52.0882 1992 SymEFA - ok
11:13:53.0134 1992 [ 898BB48C797483420DF523B2BBC1ECDB ] SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
11:13:53.0295 1992 SymEvent - ok
11:13:53.0727 1992 [ 5013A76CAAA1D7CF1C55214B490B4E35 ] SymIRON C:\Windows\system32\drivers\N360x64\0603000.00E\Ironx64.SYS
11:13:53.0980 1992 SymIRON - ok
11:13:54.0638 1992 [ 3911BD0E68C010E5438A87706ABBE9AB ] SymNetS C:\Windows\System32\Drivers\N360x64\0603000.00E\SYMNETS.SYS
11:13:54.0643 1992 SymNetS - ok
11:13:54.0925 1992 [ 064A2530A4A7C7CEC1BE6A1945645BE4 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
11:13:55.0063 1992 SynTP - ok
11:13:55.0739 1992 [ 3C1284516A62078FB68F768DE4F1A7BE ] SysMain C:\Windows\system32\sysmain.dll
11:13:56.0052 1992 SysMain - ok
11:13:56.0099 1992 [ 238935C3CF2854886DC7CBB2A0E2CC66 ] TabletInputService C:\Windows\System32\TabSvc.dll
11:13:56.0127 1992 TabletInputService - ok
11:13:56.0427 1992 [ 884264AC597B690C5707C89723BB8E7B ] TapiSrv C:\Windows\System32\tapisrv.dll
11:13:56.0503 1992 TapiSrv - ok
11:13:56.0541 1992 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
11:13:56.0543 1992 TBS - ok
11:13:57.0084 1992 [ 624C5B3AA4C99B3184BB922D9ECE3FF0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
11:13:57.0154 1992 Tcpip - ok
11:13:57.0341 1992 [ 624C5B3AA4C99B3184BB922D9ECE3FF0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
11:13:57.0356 1992 TCPIP6 - ok
11:13:57.0397 1992 [ 76D078AF6F587B162D50210F761EB9ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
11:13:57.0404 1992 tcpipreg - ok
11:13:57.0497 1992 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
11:13:57.0580 1992 TDPIPE - ok
11:13:57.0753 1992 [ 7518F7BCFD4B308ABC9192BACAF6C970 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
11:13:57.0834 1992 TDTCP - ok
11:13:57.0979 1992 [ 079125C4B17B01FCAEEBCE0BCB290C0F ] tdx C:\Windows\system32\DRIVERS\tdx.sys
11:13:57.0985 1992 tdx - ok
11:13:58.0036 1992 [ C448651339196C0E869A355171875522 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
11:13:58.0039 1992 TermDD - ok
11:13:58.0594 1992 [ 0F05EC2887BFE197AD82A13287D2F404 ] TermService C:\Windows\System32\termsrv.dll
11:13:58.0604 1992 TermService - ok
11:13:58.0650 1992 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
11:13:58.0734 1992 Themes - ok
11:13:58.0794 1992 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
11:13:58.0796 1992 THREADORDER - ok
11:13:58.0858 1992 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
11:13:58.0996 1992 TrkWks - ok
11:13:59.0148 1992 [ 840F7FB849F5887A49BA18C13B2DA920 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
11:13:59.0173 1992 TrustedInstaller - ok
11:13:59.0377 1992 [ 61B96C26131E37B24E93327A0BD1FB95 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
11:13:59.0403 1992 tssecsrv - ok
11:13:59.0734 1992 [ 3836171A2CDF3AF8EF10856DB9835A70 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
11:13:59.0775 1992 tunnel - ok
11:13:59.0819 1992 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
11:14:00.0034 1992 uagp35 - ok
11:14:00.0161 1992 [ A17D5E1A6DF4EAB0A480F2C490DE4C9D ] UBHelper C:\Windows\system32\drivers\UBHelper.sys
11:14:00.0354 1992 UBHelper - ok
11:14:00.0451 1992 [ D47BAEAD86C65D4F4069D7CE0A4EDCEB ] udfs C:\Windows\system32\DRIVERS\udfs.sys
11:14:00.0462 1992 udfs - ok
11:14:00.0643 1992 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
11:14:00.0743 1992 UI0Detect - ok
11:14:00.0920 1992 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys
11:14:00.0930 1992 uliagpkx - ok
11:14:00.0970 1992 [ EAB6C35E62B1B0DB0D1B48B671D3A117 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
11:14:00.0973 1992 umbus - ok
11:14:00.0998 1992 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
11:14:01.0018 1992 UmPass - ok
11:14:01.0166 1992 [ F9EC9ACD504D823D9B9CA98A4F8D3CA2 ] Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
11:14:01.0173 1992 Updater Service - ok
11:14:01.0325 1992 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
11:14:01.0346 1992 upnphost - ok
11:14:01.0384 1992 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
11:14:01.0422 1992 USBAAPL64 - ok
11:14:01.0521 1992 [ 537A4E03D7103C12D42DFD8FFDB5BDC9 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
11:14:01.0525 1992 usbccgp - ok
11:14:01.0579 1992 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
11:14:01.0584 1992 usbcir - ok
11:14:01.0632 1992 [ FBB21EBE49F6D560DB37AC25FBC68E66 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
11:14:01.0633 1992 usbehci - ok
11:14:01.0707 1992 [ 2C780746DC44A28FE67004DC58173F05 ] usbfilter C:\Windows\system32\DRIVERS\usbfilter.sys
11:14:01.0729 1992 usbfilter - ok
11:14:01.0790 1992 [ 6B7A8A99C4A459E73C286A6763EA24CC ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
11:14:01.0814 1992 usbhub - ok
11:14:01.0860 1992 [ 8C88AA7617B4CBC2E4BED61D26B33A27 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
11:14:01.0862 1992 usbohci - ok
11:14:01.0892 1992 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
11:14:01.0895 1992 usbprint - ok
11:14:01.0950 1992 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
11:14:01.0980 1992 usbscan - ok
11:14:02.0042 1992 [ F39983647BC1F3E6100778DDFE9DCE29 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:14:02.0068 1992 USBSTOR - ok
11:14:02.0143 1992 [ 0B5B3B2DF3FD1709618ACFA50B8392B0 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
11:14:02.0169 1992 usbuhci - ok
11:14:02.0229 1992 [ 7CB8C573C6E4A2714402CC0A36EAB4FE ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
11:14:02.0232 1992 usbvideo - ok
11:14:02.0319 1992 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
11:14:02.0321 1992 UxSms - ok
11:14:02.0356 1992 [ 156F6159457D0AA7E59B62681B56EB90 ] VaultSvc C:\Windows\system32\lsass.exe
11:14:02.0358 1992 VaultSvc - ok
11:14:02.0398 1992 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys
11:14:02.0399 1992 vdrvroot - ok
11:14:02.0430 1992 [ 44D73E0BBC1D3C8981304BA15135C2F2 ] vds C:\Windows\System32\vds.exe
11:14:02.0467 1992 vds - ok
11:14:02.0502 1992 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
11:14:02.0504 1992 vga - ok
11:14:02.0534 1992 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
11:14:02.0537 1992 VgaSave - ok
11:14:02.0560 1992 [ C82E748660F62A242B2DFAC1442F22A4 ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys
11:14:02.0565 1992 vhdmp - ok
11:14:02.0598 1992 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\DRIVERS\viaide.sys
11:14:02.0601 1992 viaide - ok
11:14:02.0655 1992 [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3 ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys
11:14:02.0662 1992 volmgr - ok
11:14:02.0739 1992 [ 99B0CBB569CA79ACAED8C91461D765FB ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
11:14:02.0744 1992 volmgrx - ok
11:14:02.0809 1992 [ 58F82EED8CA24B461441F9C3E4F0BF5C ] volsnap C:\Windows\system32\DRIVERS\volsnap.sys
11:14:02.0865 1992 volsnap - ok
11:14:02.0912 1992 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
11:14:02.0915 1992 vsmraid - ok
11:14:03.0055 1992 [ 787898BF9FB6D7BD87A36E2D95C899BA ] VSS C:\Windows\system32\vssvc.exe
11:14:03.0083 1992 VSS - ok
11:14:03.0117 1992 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
11:14:03.0120 1992 vwifibus - ok
11:14:03.0155 1992 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
11:14:03.0179 1992 vwififlt - ok
11:14:03.0255 1992 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
11:14:03.0262 1992 W32Time - ok
11:14:03.0312 1992 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
11:14:03.0328 1992 WacomPen - ok
11:14:03.0360 1992 [ 47CA49400643EFFD3F1C9A27E1D69324 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
11:14:03.0362 1992 WANARP - ok
11:14:03.0370 1992 [ 47CA49400643EFFD3F1C9A27E1D69324 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
11:14:03.0371 1992 Wanarpv6 - ok
11:14:03.0573 1992 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
11:14:03.0596 1992 WatAdminSvc - ok
11:14:03.0668 1992 [ 5AB1BB85BD8B5089CC5D64200DEDAE68 ] wbengine C:\Windows\system32\wbengine.exe
11:14:03.0740 1992 wbengine - ok
11:14:03.0774 1992 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
11:14:03.0798 1992 WbioSrvc - ok
11:14:03.0901 1992 [ DD1BAE8EBFC653824D29CCF8C9054D68 ] wcncsvc C:\Windows\System32\wcncsvc.dll
11:14:04.0059 1992 wcncsvc - ok
11:14:04.0187 1992 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
11:14:04.0261 1992 WcsPlugInService - ok
11:14:04.0337 1992 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
11:14:04.0441 1992 Wd - ok
11:14:04.0566 1992 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
11:14:04.0625 1992 Wdf01000 - ok
11:14:04.0642 1992 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
11:14:04.0645 1992 WdiServiceHost - ok
11:14:04.0674 1992 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
11:14:04.0676 1992 WdiSystemHost - ok
11:14:04.0718 1992 [ 733006127F235BE7C35354EBEE7B9A7B ] WebClient C:\Windows\System32\webclnt.dll
11:14:04.0771 1992 WebClient - ok
11:14:04.0799 1992 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
11:14:04.0804 1992 Wecsvc - ok
11:14:04.0871 1992 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
11:14:04.0873 1992 wercplsupport - ok
11:14:04.0917 1992 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
11:14:04.0920 1992 WerSvc - ok
11:14:04.0953 1992 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
11:14:04.0954 1992 WfpLwf - ok
11:14:04.0967 1992 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
11:14:04.0969 1992 WIMMount - ok
11:14:04.0988 1992 WinDefend - ok
11:14:04.0995 1992 WinHttpAutoProxySvc - ok
11:14:05.0115 1992 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
11:14:05.0119 1992 Winmgmt - ok
11:14:05.0189 1992 [ 41FBB751936B387F9179E7F03A74FE29 ] WinRM C:\Windows\system32\WsmSvc.dll
11:14:05.0214 1992 WinRM - ok
11:14:05.0263 1992 [ 817EAFF5D38674EDD7713B9DFB8E9791 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
11:14:05.0285 1992 WinUsb - ok
11:14:05.0345 1992 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
11:14:05.0357 1992 Wlansvc - ok
11:14:05.0385 1992 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
11:14:05.0386 1992 WmiAcpi - ok
11:14:05.0410 1992 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
11:14:05.0413 1992 wmiApSrv - ok
11:14:05.0430 1992 WMPNetworkSvc - ok
11:14:05.0475 1992 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
11:14:05.0479 1992 WPCSvc - ok
11:14:05.0536 1992 [ 2E57DDF2880A7E52E76F41C7E96D327B ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
11:14:05.0556 1992 WPDBusEnum - ok
11:14:05.0612 1992 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
11:14:05.0614 1992 ws2ifsl - ok
11:14:05.0673 1992 [ 8F9F3969933C02DA96EB0F84576DB43E ] wscsvc C:\Windows\System32\wscsvc.dll
11:14:05.0696 1992 wscsvc - ok
11:14:05.0700 1992 WSearch - ok
11:14:05.0810 1992 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
11:14:05.0841 1992 wuauserv - ok
11:14:05.0902 1992 [ 7CADC74271DD6461C452C271B30BD378 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
11:14:05.0919 1992 WudfPf - ok
11:14:05.0958 1992 [ 3B197AF0FFF08AA66B6B2241CA538D64 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
11:14:05.0961 1992 WUDFRd - ok
11:14:05.0988 1992 [ B551D6637AA0E132C18AC6E504F7B79B ] wudfsvc C:\Windows\System32\WUDFSvc.dll
11:14:06.0016 1992 wudfsvc - ok
11:14:06.0143 1992 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
11:14:06.0199 1992 WwanSvc - ok
11:14:06.0253 1992 ================ Scan global ===============================
11:14:06.0278 1992 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
11:14:06.0423 1992 [ 0CB6EBF4B461A6043353C570BD72A1E1 ] C:\Windows\system32\winsrv.dll
11:14:06.0478 1992 [ 0CB6EBF4B461A6043353C570BD72A1E1 ] C:\Windows\system32\winsrv.dll
11:14:06.0528 1992 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
11:14:06.0656 1992 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
11:14:06.0681 1992 [Global] - ok
11:14:06.0682 1992 ================ Scan MBR ==================================
11:14:06.0712 1992 [ 0F84F2562620C40D8A3E1908C8075675 ] \Device\Harddisk0\DR0
11:14:06.0729 1992 Suspicious mbr (Forged): \Device\Harddisk0\DR0
11:14:06.0794 1992 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - infected
11:14:06.0794 1992 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.b (0)
11:14:06.0989 1992 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
11:14:06.0989 1992 \Device\Harddisk0\DR0 - detected TDSS File System (1)
11:14:06.0990 1992 ================ Scan VBR ==================================
11:14:07.0018 1992 [ 1BAB794E0AF6BCD89C7E496312BE5D0F ] \Device\Harddisk0\DR0\Partition1
11:14:07.0020 1992 \Device\Harddisk0\DR0\Partition1 - ok
11:14:07.0063 1992 [ F06F733C9DE5ABB665C1699F481233D8 ] \Device\Harddisk0\DR0\Partition2
11:14:07.0089 1992 \Device\Harddisk0\DR0\Partition2 - ok
11:14:07.0090 1992 ============================================================
11:14:07.0090 1992 Scan finished
11:14:07.0090 1992 ============================================================
11:14:07.0110 5672 Detected object count: 2
11:14:07.0110 5672 Actual detected object count: 2
11:14:58.0143 5672 \Device\Harddisk0\DR0\# - copied to quarantine
11:14:58.0146 5672 \Device\Harddisk0\DR0 - copied to quarantine
11:14:58.0961 5672 \Device\Harddisk0\DR0\TDLFS\ph.dll - copied to quarantine
11:14:58.0964 5672 \Device\Harddisk0\DR0\TDLFS\phx.dll - copied to quarantine
11:14:58.0968 5672 \Device\Harddisk0\DR0\TDLFS\sub.dll - copied to quarantine
11:14:58.0973 5672 \Device\Harddisk0\DR0\TDLFS\subx.dll - copied to quarantine
11:14:59.0698 5672 \Device\Harddisk0\DR0\TDLFS\phd - copied to quarantine
11:14:59.0733 5672 \Device\Harddisk0\DR0\TDLFS\phdx - copied to quarantine
11:14:59.0735 5672 \Device\Harddisk0\DR0\TDLFS\phs - copied to quarantine
11:14:59.0738 5672 \Device\Harddisk0\DR0\TDLFS\phdata - copied to quarantine
11:14:59.0810 5672 \Device\Harddisk0\DR0\TDLFS\phld - copied to quarantine
11:14:59.0815 5672 \Device\Harddisk0\DR0\TDLFS\phln - copied to quarantine
11:14:59.0819 5672 \Device\Harddisk0\DR0\TDLFS\phlx - copied to quarantine
11:14:59.0873 5672 \Device\Harddisk0\DR0\TDLFS\phm - copied to quarantine
11:14:59.0938 5672 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - will be cured on reboot
11:14:59.0939 5672 \Device\Harddisk0\DR0 - ok
11:15:00.0981 5672 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - User select action: Cure
11:15:00.0982 5672 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
11:15:00.0982 5672 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
11:15:16.0402 5300 Deinitialize success
CatByte's Avatar
Malware Removal Specialist with 3,893 posts.
 
Join Date: Feb 2009
22-Sep-2012, 12:30 PM #4
Please run the following:

Refer to the ComboFix User's Guide
  1. Download ComboFix from the following location:

    Link

    * IMPORTANT !!! Place ComboFix.exe on your Desktop
  2. Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with ComboFix.
    You can get help on disabling your protection programs here
  3. Double click on ComboFix.exe & follow the prompts.
  4. Your desktop may go blank. This is normal. It will return when ComboFix is done. ComboFix may reboot your machine. This is normal.
  5. When finished, it shall produce a log for you. Post that log in your next reply

    Note:
    Do not mouseclick combofix's window whilst it's running. That may cause it to stall.


    ---------------------------------------------------------------------------------------------
  6. Ensure your AntiVirus and AntiSpyware applications are re-enabled.

    ---------------------------------------------------------------------------------------------

NOTE: If you encounter a message "illegal operation attempted on registry key that has been marked for deletion" and no programs will run - please just reboot and that will resolve that error.
qwertyasd's Avatar
qwertyasd qwertyasd is offline
Member with 13 posts.
THREAD STARTER
 
Join Date: Sep 2012
Experience: Beginner
22-Sep-2012, 01:45 PM #5
I'm writing this reply from my iPod because when the ComboFix restarted my computer it didn't show me a log. Instead a lot of little windows were open with the message "The procedure entry point RtlCopyContext could not be located in the dynamic link library ntdll.dll."

The windows were titled
mwlDaemon.exe
PLFSetl.exe
Skype.exe
hpqtra08.exe
NkMonitor.exe

Then when I tried to open the web, same message but titled for
chrome.exe
iexplore.exe
CatByte's Avatar
Malware Removal Specialist with 3,893 posts.
 
Join Date: Feb 2009
22-Sep-2012, 01:58 PM #6
Please restore the computer to a point before ComboFix was ran
  • Restart the computer > tap F8 repeatedly to boot into the Advanced Boot Options screen
  • Select Repair your computer and press Enter
  • Select your keyboard language preferences and click on Next
  • Select your user name and type in the password, and then click on OK (if there is no password set, just hit enter)
  • On the System Recovery Options menu you will get the following options:
    • Startup Repair
    • System Restore
    • System Image Recovery
    • Windows Memory Diagnostic
    • Command Prompt
  • Select System Restore, click on the Next button
  • Select a restore point in the list of restore points available(choose the closest restore point prior to when the issues began)
  • NOTE: Check the Show other restore points box to see any restore points (older) that may not be listed there.
  • your computer should now restore to the chosen restore point
qwertyasd's Avatar
qwertyasd qwertyasd is offline
Member with 13 posts.
THREAD STARTER
 
Join Date: Sep 2012
Experience: Beginner
22-Sep-2012, 02:04 PM #7
It's currently restoring. Once it restarts, will I need to repeat the things you had me do before the ComboFix?
CatByte's Avatar
Malware Removal Specialist with 3,893 posts.
 
Join Date: Feb 2009
22-Sep-2012, 02:21 PM #8
yes, please re-run TDSSKiller just to make certain the rootkit wasn't restored
qwertyasd's Avatar
qwertyasd qwertyasd is offline
Member with 13 posts.
THREAD STARTER
 
Join Date: Sep 2012
Experience: Beginner
22-Sep-2012, 02:29 PM #9
The first time didn't work so I picked a restore point from 9/17. It had the same message:
System Restore did not complete successfully. Your computer's system files and settings were not changed.
Details:
An unspecified error occurred during System Restore. (0x800700b7)

I am now trying to run a restore point from 9/6, the furthest I can go back. If this doesn't work, what can I do? I got this computer from my sister and she never made a recovery CD when the computer was new.
CatByte's Avatar
Malware Removal Specialist with 3,893 posts.
 
Join Date: Feb 2009
22-Sep-2012, 02:30 PM #10
try rebooting it normally and let me know if you still have the same behaviour
qwertyasd's Avatar
qwertyasd qwertyasd is offline
Member with 13 posts.
THREAD STARTER
 
Join Date: Sep 2012
Experience: Beginner
22-Sep-2012, 03:03 PM #11
My computer has been restored to 9/6 and I downloaded the TDSSKiller, but my report was different this time:


13:59:34.0508 5116 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
13:59:34.0985 5116 ============================================================
13:59:34.0985 5116 Current date / time: 2012/09/22 13:59:34.0985
13:59:34.0985 5116 SystemInfo:
13:59:34.0985 5116
13:59:34.0985 5116 OS Version: 6.1.7600 ServicePack: 0.0
13:59:34.0985 5116 Product type: Workstation
13:59:34.0985 5116 ComputerName: ALISON-PC
13:59:34.0986 5116 UserName: Alison
13:59:34.0986 5116 Windows directory: C:\Windows
13:59:34.0986 5116 System windows directory: C:\Windows
13:59:34.0986 5116 Running under WOW64
13:59:34.0986 5116 Processor architecture: Intel x64
13:59:34.0986 5116 Number of processors: 2
13:59:34.0986 5116 Page size: 0x1000
13:59:34.0986 5116 Boot type: Normal boot
13:59:34.0986 5116 ============================================================
13:59:36.0817 5116 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:59:36.0826 5116 ============================================================
13:59:36.0826 5116 \Device\Harddisk0\DR0:
13:59:36.0826 5116 MBR partitions:
13:59:36.0827 5116 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1C00800, BlocksNum 0x32000
13:59:36.0827 5116 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1C32800, BlocksNum 0x237FB800
13:59:36.0827 5116 ============================================================
13:59:36.0845 5116 C: <-> \Device\Harddisk0\DR0\Partition2
13:59:36.0845 5116 ============================================================
13:59:36.0845 5116 Initialize success
13:59:36.0845 5116 ============================================================
13:59:59.0085 1528 ============================================================
13:59:59.0085 1528 Scan started
13:59:59.0085 1528 Mode: Manual; TDLFS;
13:59:59.0085 1528 ============================================================
14:00:00.0320 1528 ================ Scan system memory ========================
14:00:00.0320 1528 System memory - ok
14:00:00.0320 1528 ================ Scan services =============================
14:00:00.0663 1528 [ 1B00662092F9F9568B995902F0CC40D5 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
14:00:00.0679 1528 1394ohci - ok
14:00:00.0741 1528 [ 6F11E88748CDEFD2F76AA215F97DDFE5 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
14:00:00.0741 1528 ACPI - ok
14:00:00.0804 1528 [ 63B05A0420CE4BF0E4AF6DCC7CADA254 ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
14:00:00.0804 1528 AcpiPmi - ok
14:00:00.0975 1528 [ 62B7936F9036DD6ED36E6A7EFA805DC0 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
14:00:00.0975 1528 AdobeARMservice - ok
14:00:01.0178 1528 [ E12CFCF1DDBFC50948A75E6E38793225 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
14:00:01.0194 1528 AdobeFlashPlayerUpdateSvc - ok
14:00:01.0318 1528 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
14:00:01.0334 1528 adp94xx - ok
14:00:01.0552 1528 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
14:00:01.0630 1528 adpahci - ok
14:00:01.0755 1528 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
14:00:01.0802 1528 adpu320 - ok
14:00:01.0896 1528 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
14:00:01.0896 1528 AeLookupSvc - ok
14:00:02.0098 1528 [ DB9D6C6B2CD95A9CA414D045B627422E ] AFD C:\Windows\system32\drivers\afd.sys
14:00:02.0145 1528 AFD - ok
14:00:02.0208 1528 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
14:00:02.0301 1528 agp440 - ok
14:00:02.0332 1528 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
14:00:02.0332 1528 ALG - ok
14:00:02.0332 1528 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
14:00:02.0332 1528 aliide - ok
14:00:02.0442 1528 [ CA0D6C1390F4B3BAF2A0A69D1A7F8332 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
14:00:02.0473 1528 AMD External Events Utility - ok
14:00:02.0535 1528 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\DRIVERS\amdide.sys
14:00:02.0535 1528 amdide - ok
14:00:02.0582 1528 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
14:00:02.0582 1528 AmdK8 - ok
14:00:03.0237 1528 [ 75E4BACA583AE02C11E9AC8747E2ABE0 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
14:00:03.0580 1528 amdkmdag - ok
14:00:03.0799 1528 [ B765CF4B32F347BE747B21AE22641025 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
14:00:03.0908 1528 amdkmdap - ok
14:00:04.0111 1528 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
14:00:04.0126 1528 AmdPPM - ok
14:00:04.0236 1528 [ EC7EBAB00A4D8448BAB68D1E49B4BEB9 ] amdsata C:\Windows\system32\drivers\amdsata.sys
14:00:04.0236 1528 amdsata - ok
14:00:04.0251 1528 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
14:00:04.0267 1528 amdsbs - ok
14:00:04.0282 1528 [ DB27766102C7BF7E95140A2AA81D042E ] amdxata C:\Windows\system32\drivers\amdxata.sys
14:00:04.0282 1528 amdxata - ok
14:00:04.0360 1528 [ 42FD751B27FA0E9C69BB39F39E409594 ] AppID C:\Windows\system32\drivers\appid.sys
14:00:04.0360 1528 AppID - ok
14:00:04.0454 1528 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
14:00:04.0454 1528 AppIDSvc - ok
14:00:04.0516 1528 [ D065BE66822847B7F127D1F90158376E ] Appinfo C:\Windows\System32\appinfo.dll
14:00:04.0532 1528 Appinfo - ok
14:00:04.0626 1528 [ 7EF47644B74EBE721CC32211D3C35E76 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
14:00:04.0626 1528 Apple Mobile Device - ok
14:00:04.0672 1528 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
14:00:04.0672 1528 arc - ok
14:00:04.0735 1528 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
14:00:04.0735 1528 arcsas - ok
14:00:04.0782 1528 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
14:00:04.0782 1528 AsyncMac - ok
14:00:04.0844 1528 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\DRIVERS\atapi.sys
14:00:04.0844 1528 atapi - ok
14:00:04.0969 1528 [ E642491F64E58CD5BC8FB8B347DCF65F ] athr C:\Windows\system32\DRIVERS\athrx.sys
14:00:05.0000 1528 athr - ok
14:00:05.0125 1528 [ 637E0753BD6DEB8EA5314A5C357EC1A0 ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys
14:00:05.0125 1528 AtiHdmiService - ok
14:00:05.0187 1528 [ E82E61F46D1336447F4DEFF8C074F13E ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie64.sys
14:00:05.0187 1528 AtiPcie - ok
14:00:05.0328 1528 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:00:05.0343 1528 AudioEndpointBuilder - ok
14:00:05.0359 1528 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioSrv C:\Windows\System32\Audiosrv.dll
14:00:05.0359 1528 AudioSrv - ok
14:00:05.0421 1528 [ B20B5FA5CA050E9926E4D1DB81501B32 ] AxInstSV C:\Windows\System32\AxInstSV.dll
14:00:05.0421 1528 AxInstSV - ok
14:00:05.0499 1528 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
14:00:05.0499 1528 b06bdrv - ok
14:00:05.0577 1528 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
14:00:05.0577 1528 b57nd60a - ok
14:00:05.0624 1528 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
14:00:05.0624 1528 BDESVC - ok
14:00:05.0686 1528 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
14:00:05.0686 1528 Beep - ok
14:00:05.0764 1528 [ 4992C609A6315671463E30F6512BC022 ] BFE C:\Windows\System32\bfe.dll
14:00:05.0764 1528 BFE - ok
14:00:06.0201 1528 [ C8AB71A5102D0FC103F6DFC750005137 ] BHDrvx64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\Definitions\BASHDefs\20120823.007\BHDrvx64.sys
14:00:06.0232 1528 BHDrvx64 - ok
14:00:06.0279 1528 [ 7F0C323FE3DA28AA4AA1BDA3F575707F ] BITS C:\Windows\System32\qmgr.dll
14:00:06.0295 1528 BITS - ok
14:00:06.0373 1528 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
14:00:06.0404 1528 blbdrive - ok
14:00:06.0529 1528 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
14:00:06.0544 1528 Bonjour Service - ok
14:00:06.0607 1528 [ 19D20159708E152267E53B66677A4995 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
14:00:06.0607 1528 bowser - ok
14:00:06.0638 1528 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
14:00:06.0638 1528 BrFiltLo - ok
14:00:06.0669 1528 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
14:00:06.0669 1528 BrFiltUp - ok
14:00:06.0716 1528 [ 6B054C67AAA87843504E8E3C09102009 ] Browser C:\Windows\System32\browser.dll
14:00:06.0732 1528 Browser - ok
14:00:06.0778 1528 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
14:00:06.0778 1528 Brserid - ok
14:00:06.0794 1528 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
14:00:06.0794 1528 BrSerWdm - ok
14:00:06.0794 1528 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
14:00:06.0810 1528 BrUsbMdm - ok
14:00:06.0810 1528 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
14:00:06.0810 1528 BrUsbSer - ok
14:00:06.0810 1528 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
14:00:06.0810 1528 BTHMODEM - ok
14:00:06.0872 1528 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
14:00:06.0872 1528 bthserv - ok
14:00:07.0028 1528 [ 2C6FFCCA37B002AAB3C7C31A6D780A76 ] ccSet_N360 C:\Windows\system32\drivers\N360x64\0603000.00E\ccSetx64.sys
14:00:07.0028 1528 ccSet_N360 - ok
14:00:07.0075 1528 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
14:00:07.0090 1528 cdfs - ok
14:00:07.0184 1528 [ 83D2D75E1EFB81B3450C18131443F7DB ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
14:00:07.0184 1528 cdrom - ok
14:00:07.0293 1528 [ 312E2F82AF11E79906898AC3E3D58A1F ] CertPropSvc C:\Windows\System32\certprop.dll
14:00:07.0309 1528 CertPropSvc - ok
14:00:07.0371 1528 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
14:00:07.0371 1528 circlass - ok
14:00:07.0387 1528 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
14:00:07.0387 1528 CLFS - ok
14:00:07.0465 1528 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:00:07.0465 1528 clr_optimization_v2.0.50727_32 - ok
14:00:07.0527 1528 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:00:07.0527 1528 clr_optimization_v2.0.50727_64 - ok
14:00:07.0605 1528 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:00:07.0621 1528 clr_optimization_v4.0.30319_32 - ok
14:00:07.0652 1528 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:00:07.0652 1528 clr_optimization_v4.0.30319_64 - ok
14:00:07.0714 1528 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
14:00:07.0714 1528 CmBatt - ok
14:00:07.0746 1528 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys
14:00:07.0746 1528 cmdide - ok
14:00:07.0792 1528 [ CA7720B73446FDDEC5C69519C1174C98 ] CNG C:\Windows\system32\Drivers\cng.sys
14:00:07.0808 1528 CNG - ok
14:00:07.0870 1528 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
14:00:07.0870 1528 Compbatt - ok
14:00:07.0886 1528 [ F26B3A86F6FA87CA360B879581AB4123 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
14:00:07.0886 1528 CompositeBus - ok
14:00:07.0917 1528 COMSysApp - ok
14:00:07.0948 1528 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
14:00:07.0948 1528 crcdisk - ok
14:00:08.0026 1528 [ F02786B66375292E58C8777082D4396D ] CryptSvc C:\Windows\system32\cryptsvc.dll
14:00:08.0026 1528 CryptSvc - ok
14:00:08.0089 1528 [ 7266972E86890E2B30C0C322E906B027 ] DcomLaunch C:\Windows\system32\rpcss.dll
14:00:08.0104 1528 DcomLaunch - ok
14:00:08.0198 1528 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
14:00:08.0214 1528 defragsvc - ok
14:00:08.0276 1528 [ 9C253CE7311CA60FC11C774692A13208 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
14:00:08.0276 1528 DfsC - ok
14:00:08.0338 1528 [ CE3B9562D997F69B330D181A8875960F ] Dhcp C:\Windows\system32\dhcpcore.dll
14:00:08.0354 1528 Dhcp - ok
14:00:08.0370 1528 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
14:00:08.0370 1528 discache - ok
14:00:08.0448 1528 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
14:00:08.0448 1528 Disk - ok
14:00:08.0479 1528 [ 85CF424C74A1D5EC33533E1DBFF9920A ] Dnscache C:\Windows\System32\dnsrslvr.dll
14:00:08.0479 1528 Dnscache - ok
14:00:08.0557 1528 [ 14452ACDB09B70964C8C21BF80A13ACB ] dot3svc C:\Windows\System32\dot3svc.dll
14:00:08.0572 1528 dot3svc - ok
14:00:08.0666 1528 [ B42ED0320C6E41102FDE0005154849BB ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
14:00:08.0666 1528 Dot4 - ok
14:00:08.0728 1528 [ 85135AD27E79B689335C08167D917CDE ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
14:00:08.0728 1528 Dot4Print - ok
14:00:08.0791 1528 [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
14:00:08.0806 1528 dot4usb - ok
14:00:08.0838 1528 [ 8C2BA6BEA949EE6E68385F5692BAFB94 ] DPS C:\Windows\system32\dps.dll
14:00:08.0838 1528 DPS - ok
14:00:08.0916 1528 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
14:00:08.0916 1528 drmkaud - ok
14:00:09.0009 1528 [ 1FCA854CEDFC2CCD0C22E46EA4EA18F1 ] DsiWMIService C:\Program Files (x86)\Launch Manager\dsiwmis.exe
14:00:09.0009 1528 DsiWMIService - ok
14:00:09.0181 1528 [ 1633B9ABF52784A1331476397A48CBEF ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
14:00:09.0243 1528 DXGKrnl - ok
14:00:09.0540 1528 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
14:00:09.0618 1528 EapHost - ok
14:00:09.0758 1528 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
14:00:09.0836 1528 ebdrv - ok
14:00:09.0976 1528 [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
14:00:09.0992 1528 eeCtrl - ok
14:00:10.0039 1528 [ 156F6159457D0AA7E59B62681B56EB90 ] EFS C:\Windows\System32\lsass.exe
14:00:10.0054 1528 EFS - ok
14:00:10.0148 1528 [ 47C071994C3F649F23D9CD075AC9304A ] ehRecvr C:\Windows\ehome\ehRecvr.exe
14:00:10.0164 1528 ehRecvr - ok
14:00:10.0179 1528 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
14:00:10.0179 1528 ehSched - ok
14:00:10.0211 1528 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
14:00:10.0227 1528 elxstor - ok
14:00:10.0352 1528 [ 3EA2C4F68A782839D97B3C83595575B6 ] ePowerSvc C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
14:00:10.0352 1528 ePowerSvc - ok
14:00:10.0383 1528 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys
14:00:10.0399 1528 ErrDev - ok
14:00:10.0508 1528 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
14:00:10.0508 1528 EventSystem - ok
14:00:10.0555 1528 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
14:00:10.0555 1528 exfat - ok
14:00:10.0633 1528 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
14:00:10.0633 1528 fastfat - ok
14:00:10.0726 1528 [ D607B2F1BEE3992AA6C2C92C0A2F0855 ] Fax C:\Windows\system32\fxssvc.exe
14:00:10.0742 1528 Fax - ok
14:00:10.0789 1528 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
14:00:10.0804 1528 fdc - ok
14:00:10.0851 1528 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
14:00:10.0867 1528 fdPHost - ok
14:00:10.0913 1528 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
14:00:10.0913 1528 FDResPub - ok
14:00:10.0945 1528 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
14:00:10.0945 1528 FileInfo - ok
14:00:10.0960 1528 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
14:00:10.0960 1528 Filetrace - ok
14:00:11.0054 1528 [ BB0667B0171B632B97EA759515476F07 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
14:00:11.0069 1528 FLEXnet Licensing Service - ok
14:00:11.0101 1528 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
14:00:11.0101 1528 flpydisk - ok
14:00:11.0179 1528 [ F7866AF72ABBAF84B1FA5AA195378C59 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
14:00:11.0179 1528 FltMgr - ok
14:00:11.0241 1528 [ CB5E4B9C319E3C6BB363EB7E58A4A051 ] FontCache C:\Windows\system32\FntCache.dll
14:00:11.0257 1528 FontCache - ok
14:00:11.0303 1528 [ 8D89E3131C27FDD6932189CB785E1B7A ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:00:11.0303 1528 FontCache3.0.0.0 - ok
14:00:11.0350 1528 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
14:00:11.0350 1528 FsDepends - ok
14:00:11.0413 1528 [ D3E3F93D67821A2DB2B3D9FAC2DC2064 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
14:00:11.0428 1528 Fs_Rec - ok
14:00:11.0506 1528 [ AE87BA80D0EC3B57126ED2CDC15B24ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
14:00:11.0506 1528 fvevol - ok
14:00:11.0522 1528 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
14:00:11.0537 1528 gagp30kx - ok
14:00:11.0600 1528 [ CE16683CFD11FE70BDE435DDA5EA1FCA ] GameConsoleService C:\Program Files (x86)\Acer Games\Acer Game Console\GameConsoleService.exe
14:00:11.0615 1528 GameConsoleService - ok
14:00:11.0678 1528 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
14:00:11.0678 1528 GEARAspiWDM - ok
14:00:11.0740 1528 [ FE5AB4525BC2EC68B9119A6E5D40128B ] gpsvc C:\Windows\System32\gpsvc.dll
14:00:11.0756 1528 gpsvc - ok
14:00:11.0803 1528 [ 0191DEE9B9EB7902AF2CF4F67301095D ] GREGService C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
14:00:11.0803 1528 GREGService - ok
14:00:11.0834 1528 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
14:00:11.0834 1528 hcw85cir - ok
14:00:11.0881 1528 [ 6410F6F415B2A5A9037224C41DA8BF12 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:00:11.0896 1528 HdAudAddService - ok
14:00:11.0943 1528 [ 0A49913402747A0B67DE940FB42CBDBB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
14:00:11.0943 1528 HDAudBus - ok
14:00:11.0990 1528 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
14:00:11.0990 1528 HidBatt - ok
14:00:12.0037 1528 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
14:00:12.0037 1528 HidBth - ok
14:00:12.0052 1528 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
14:00:12.0052 1528 HidIr - ok
14:00:12.0115 1528 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
14:00:12.0115 1528 hidserv - ok
14:00:12.0193 1528 [ B3BF6B5B50006DEF50B66306D99FCF6F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
14:00:12.0193 1528 HidUsb - ok
14:00:12.0208 1528 [ EFA58EDE58DD74388FFD04CB32681518 ] hkmsvc C:\Windows\system32\kmsvc.dll
14:00:12.0208 1528 hkmsvc - ok
14:00:12.0224 1528 [ 046B2673767CA626E2CFB7FDF735E9E8 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
14:00:12.0224 1528 HomeGroupListener - ok
14:00:12.0239 1528 [ 06A7422224D9865A5613710A089987DF ] HomeGroupProvider C:\Windows\system32\provsvc.dll
14:00:12.0255 1528 HomeGroupProvider - ok
14:00:12.0458 1528 [ 0A3C6AA4A9FC38C20BA4EAC2C3351C05 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
14:00:12.0458 1528 hpqcxs08 - ok
14:00:12.0536 1528 [ F3F72A2A86C22610BCA5439FA789DD52 ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
14:00:12.0551 1528 hpqddsvc - ok
14:00:12.0614 1528 [ 0886D440058F203EBA0E1825E4355914 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys
14:00:12.0614 1528 HpSAMD - ok
14:00:12.0754 1528 [ 7F57926169C1B8ABA9274EA7D4B70F18 ] HPSLPSVC C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
14:00:12.0754 1528 HPSLPSVC - ok
14:00:12.0832 1528 [ CEE049CAC4EFA7F4E1E4AD014414A5D4 ] HTTP C:\Windows\system32\drivers\HTTP.sys
14:00:12.0848 1528 HTTP - ok
14:00:12.0910 1528 [ F17766A19145F111856378DF337A5D79 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
14:00:12.0910 1528 hwpolicy - ok
14:00:13.0019 1528 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
14:00:13.0019 1528 i8042prt - ok
14:00:13.0113 1528 [ B75E45C564E944A2657167D197AB29DA ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
14:00:13.0129 1528 iaStorV - ok
14:00:13.0238 1528 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
14:00:13.0238 1528 IDriverT - ok
14:00:13.0300 1528 [ 2F2BE70D3E02B6FA877921AB9516D43C ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:00:13.0316 1528 idsvc - ok
14:00:13.0472 1528 [ A48928D4CCA6F8B731989DB08CF2C0AB ] IDSVia64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\Definitions\IPSDefs\20120901.001\IDSvia64.sys
14:00:13.0487 1528 IDSVia64 - ok
14:00:13.0565 1528 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
14:00:13.0597 1528 iirsp - ok
14:00:13.0753 1528 [ C5B4683680DF085B57BC53E5EF34861F ] IKEEXT C:\Windows\System32\ikeext.dll
14:00:13.0768 1528 IKEEXT - ok
14:00:13.0877 1528 [ 235362D403D9D677514649D88DB31914 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
14:00:13.0909 1528 IntcAzAudAddService - ok
14:00:13.0924 1528 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\DRIVERS\intelide.sys
14:00:13.0924 1528 intelide - ok
14:00:13.0987 1528 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
14:00:13.0987 1528 intelppm - ok
14:00:14.0065 1528 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
14:00:14.0096 1528 IPBusEnum - ok
14:00:14.0127 1528 [ 722DD294DF62483CECAAE6E094B4D695 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:00:14.0127 1528 IpFilterDriver - ok
14:00:14.0158 1528 [ F8E058D17363EC580E4B7232778B6CB5 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
14:00:14.0174 1528 iphlpsvc - ok
14:00:14.0174 1528 [ E2B4A4494DB7CB9B89B55CA268C337C5 ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys
14:00:14.0174 1528 IPMIDRV - ok
14:00:14.0189 1528 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
14:00:14.0189 1528 IPNAT - ok
14:00:14.0345 1528 [ 50D6CCC6FF5561F9F56946B3E6164FB8 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
14:00:14.0361 1528 iPod Service - ok
14:00:14.0470 1528 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
14:00:14.0470 1528 IRENUM - ok
14:00:14.0486 1528 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys
14:00:14.0486 1528 isapnp - ok
14:00:14.0548 1528 [ FA4D2557DE56D45B0A346F93564BE6E1 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
14:00:14.0548 1528 iScsiPrt - ok
14:00:14.0782 1528 [ 37E053A2CF8F0082B689ED74106E0CEC ] k57nd60a C:\Windows\system32\DRIVERS\k57nd60a.sys
14:00:14.0813 1528 k57nd60a - ok
14:00:14.0845 1528 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
14:00:14.0860 1528 kbdclass - ok
14:00:15.0001 1528 [ 6DEF98F8541E1B5DCEB2C822A11F7323 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
14:00:15.0016 1528 kbdhid - ok
14:00:15.0016 1528 [ 156F6159457D0AA7E59B62681B56EB90 ] KeyIso C:\Windows\system32\lsass.exe
14:00:15.0032 1528 KeyIso - ok
14:00:15.0079 1528 [ 4F4B5FDE429416877DE7143044582EB5 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
14:00:15.0079 1528 KSecDD - ok
14:00:15.0141 1528 [ 6F40465A44ECDC1731BEFAFEC5BDD03C ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
14:00:15.0141 1528 KSecPkg - ok
14:00:15.0172 1528 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
14:00:15.0188 1528 ksthunk - ok
14:00:15.0235 1528 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
14:00:15.0250 1528 KtmRm - ok
14:00:15.0328 1528 [ 81F1D04D4D0E433099365127375FD501 ] LanmanServer C:\Windows\system32\srvsvc.dll
14:00:15.0344 1528 LanmanServer - ok
14:00:15.0375 1528 [ 27026EAC8818E8A6C00A1CAD2F11D29A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:00:15.0375 1528 LanmanWorkstation - ok
14:00:15.0437 1528 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
14:00:15.0437 1528 lltdio - ok
14:00:15.0469 1528 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
14:00:15.0469 1528 lltdsvc - ok
14:00:15.0515 1528 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
14:00:15.0515 1528 lmhosts - ok
14:00:15.0578 1528 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
14:00:15.0578 1528 LSI_FC - ok
14:00:15.0640 1528 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
14:00:15.0656 1528 LSI_SAS - ok
14:00:15.0656 1528 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
14:00:15.0656 1528 LSI_SAS2 - ok
14:00:15.0687 1528 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
14:00:15.0687 1528 LSI_SCSI - ok
14:00:15.0703 1528 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
14:00:15.0703 1528 luafv - ok
14:00:15.0812 1528 mcmscsvc - ok
14:00:15.0827 1528 [ F84C8F1000BC11E3B7B23CBD3BAFF111 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
14:00:15.0827 1528 Mcx2Svc - ok
14:00:15.0874 1528 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
14:00:15.0890 1528 megasas - ok
14:00:15.0921 1528 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
14:00:15.0921 1528 MegaSR - ok
14:00:15.0999 1528 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
14:00:15.0999 1528 MMCSS - ok
14:00:16.0046 1528 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
14:00:16.0046 1528 Modem - ok
14:00:16.0093 1528 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
14:00:16.0108 1528 monitor - ok
14:00:16.0155 1528 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
14:00:16.0155 1528 mouclass - ok
14:00:16.0217 1528 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
14:00:16.0233 1528 mouhid - ok
14:00:16.0280 1528 [ 791AF66C4D0E7C90A3646066386FB571 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
14:00:16.0280 1528 mountmgr - ok
14:00:16.0311 1528 [ 609D1D87649ECC19796F4D76D4C15CEA ] mpio C:\Windows\system32\DRIVERS\mpio.sys
14:00:16.0311 1528 mpio - ok
14:00:16.0358 1528 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
14:00:16.0358 1528 mpsdrv - ok
14:00:16.0467 1528 [ AECAB449567D1846DAD63ECE49E893E3 ] MpsSvc C:\Windows\system32\mpssvc.dll
14:00:16.0483 1528 MpsSvc - ok
14:00:16.0498 1528 [ 30524261BB51D96D6FCBAC20C810183C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
14:00:16.0498 1528 MRxDAV - ok
14:00:16.0561 1528 [ 040D62A9D8AD28922632137ACDD984F2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
14:00:16.0561 1528 mrxsmb - ok
14:00:16.0623 1528 [ F0067552F8F9B33D7C59403AB808A3CB ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:00:16.0639 1528 mrxsmb10 - ok
14:00:16.0748 1528 [ 3C142D31DE9F2F193218A53FE2632051 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:00:16.0748 1528 mrxsmb20 - ok
14:00:16.0810 1528 [ 5C37497276E3B3A5488B23A326A754B7 ] msahci C:\Windows\system32\DRIVERS\msahci.sys
14:00:16.0810 1528 msahci - ok
14:00:16.0873 1528 [ 8D27B597229AED79430FB9DB3BCBFBD0 ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys
14:00:16.0873 1528 msdsm - ok
14:00:16.0919 1528 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
14:00:16.0919 1528 MSDTC - ok
14:00:16.0966 1528 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
14:00:16.0966 1528 Msfs - ok
14:00:16.0982 1528 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
14:00:16.0982 1528 mshidkmdf - ok
14:00:17.0029 1528 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys
14:00:17.0029 1528 msisadrv - ok
14:00:17.0075 1528 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
14:00:17.0075 1528 MSiSCSI - ok
14:00:17.0091 1528 msiserver - ok
14:00:17.0138 1528 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
14:00:17.0138 1528 MSKSSRV - ok
14:00:17.0185 1528 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
14:00:17.0185 1528 MSPCLOCK - ok
14:00:17.0216 1528 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
14:00:17.0216 1528 MSPQM - ok
14:00:17.0232 1528 [ 89CB141AA8616D8C6A4610FA26C60964 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
14:00:17.0232 1528 MsRPC - ok
14:00:17.0263 1528 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
14:00:17.0263 1528 mssmbios - ok
14:00:17.0263 1528 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
14:00:17.0263 1528 MSTEE - ok
14:00:17.0278 1528 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
14:00:17.0278 1528 MTConfig - ok
14:00:17.0325 1528 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
14:00:17.0325 1528 Mup - ok
14:00:17.0356 1528 [ 6FFECC25B39DC7652A0CEC0ADA9DB589 ] mwlPSDFilter C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
14:00:17.0356 1528 mwlPSDFilter - ok
14:00:17.0372 1528 [ 0BEFE32CA56D6EE89D58175725596A85 ] mwlPSDNServ C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
14:00:17.0372 1528 mwlPSDNServ - ok
14:00:17.0372 1528 [ D43BC633B8660463E446E28E14A51262 ] mwlPSDVDisk C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
14:00:17.0372 1528 mwlPSDVDisk - ok
14:00:17.0481 1528 [ 3E5E20817259F7328C8F3BE5421F35B9 ] MWLService C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe
14:00:17.0481 1528 MWLService - ok
14:00:17.0700 1528 [ F2840DBFE9322F35557219AE82CC4597 ] N360 C:\Program Files (x86)\Norton 360\Engine\6.3.0.14\ccSvcHst.exe
14:00:17.0700 1528 N360 - ok
14:00:17.0809 1528 [ 4987E079A4530FA737A128BE54B63B12 ] napagent C:\Windows\system32\qagentRT.dll
14:00:17.0824 1528 napagent - ok
14:00:17.0902 1528 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
14:00:17.0918 1528 NativeWifiP - ok
14:00:18.0012 1528 [ 149A9AD81BB327E892FA1ACB77722442 ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\Definitions\VirusDefs\20120905.002\ENG64.SYS
14:00:18.0043 1528 NAVENG - ok
14:00:18.0136 1528 [ 4AF8750E71B549FEC5F6D1D01398CA69 ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\Definitions\VirusDefs\20120905.002\EX64.SYS
14:00:18.0246 1528 NAVEX15 - ok
14:00:18.0308 1528 [ CAD515DBD07D082BB317D9928CE8962C ] NDIS C:\Windows\system32\drivers\ndis.sys
14:00:18.0324 1528 NDIS - ok
14:00:18.0386 1528 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
14:00:18.0433 1528 NdisCap - ok
14:00:18.0495 1528 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
14:00:18.0495 1528 NdisTapi - ok
14:00:18.0542 1528 [ F105BA1E22BF1F2EE8F005D4305E4BEC ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
14:00:18.0542 1528 Ndisuio - ok
14:00:18.0573 1528 [ 557DFAB9CA1FCB036AC77564C010DAD3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
14:00:18.0589 1528 NdisWan - ok
14:00:18.0636 1528 [ 659B74FB74B86228D6338D643CD3E3CF ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
14:00:18.0636 1528 NDProxy - ok
14:00:18.0776 1528 [ D5AC41AE382738483FAFFBD7E373D49A ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
14:00:18.0792 1528 Net Driver HPZ12 - ok
14:00:18.0854 1528 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
14:00:18.0854 1528 NetBIOS - ok
14:00:18.0901 1528 [ 9162B273A44AB9DCE5B44362731D062A ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
14:00:18.0901 1528 NetBT - ok
14:00:18.0916 1528 [ 156F6159457D0AA7E59B62681B56EB90 ] Netlogon C:\Windows\system32\lsass.exe
14:00:18.0916 1528 Netlogon - ok
14:00:18.0963 1528 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
14:00:18.0979 1528 Netman - ok
14:00:19.0026 1528 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
14:00:19.0026 1528 netprofm - ok
14:00:19.0057 1528 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:00:19.0057 1528 NetTcpPortSharing - ok
14:00:19.0088 1528 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
14:00:19.0104 1528 nfrd960 - ok
14:00:19.0166 1528 [ D9A0CE66046D6EFA0C61BAA885CBA0A8 ] NlaSvc C:\Windows\System32\nlasvc.dll
14:00:19.0166 1528 NlaSvc - ok
14:00:19.0650 1528 [ 5839A8027D6D324A7CD494051A96628C ] NOBU C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
14:00:19.0712 1528 NOBU - ok
14:00:19.0743 1528 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
14:00:19.0759 1528 Npfs - ok
14:00:19.0774 1528 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
14:00:19.0774 1528 nsi - ok
14:00:19.0806 1528 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
14:00:19.0806 1528 nsiproxy - ok
14:00:19.0884 1528 [ 378E0E0DFEA67D98AE6EA53ADBBD76BC ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
14:00:19.0899 1528 Ntfs - ok
14:00:19.0946 1528 [ 6FD534EDE2905D3C3257CFDD881F9705 ] NTI IScheduleSvc C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
14:00:19.0946 1528 NTI IScheduleSvc - ok
14:00:19.0993 1528 [ EE3BA1024594D5D09E314F206B94069E ] NTIDrvr C:\Windows\system32\drivers\NTIDrvr.sys
14:00:19.0993 1528 NTIDrvr - ok
14:00:20.0008 1528 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
14:00:20.0024 1528 Null - ok
14:00:20.0336 1528 [ A4D9C9A608A97F59307C2F2600EDC6A4 ] nvraid C:\Windows\system32\drivers\nvraid.sys
14:00:20.0336 1528 nvraid - ok
14:00:20.0398 1528 [ 6C1D5F70E7A6A3FD1C90D840EDC048B9 ] nvstor C:\Windows\system32\drivers\nvstor.sys
14:00:20.0476 1528 nvstor - ok
14:00:20.0617 1528 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys
14:00:20.0632 1528 nv_agp - ok
14:00:20.0632 1528 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
14:00:20.0632 1528 ohci1394 - ok
14:00:20.0726 1528 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:00:20.0726 1528 ose - ok
14:00:21.0007 1528 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
14:00:21.0288 1528 osppsvc - ok
14:00:21.0319 1528 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
14:00:21.0334 1528 p2pimsvc - ok
14:00:21.0381 1528 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
14:00:21.0397 1528 p2psvc - ok
14:00:21.0428 1528 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
14:00:21.0428 1528 Parport - ok
14:00:21.0475 1528 [ 90061B1ACFE8CCAA5345750FFE08D8B8 ] partmgr C:\Windows\system32\drivers\partmgr.sys
14:00:21.0475 1528 partmgr - ok
14:00:21.0506 1528 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
14:00:21.0506 1528 PcaSvc - ok
14:00:21.0537 1528 [ F36F6504009F2FB0DFD1B17A116AD74B ] pci C:\Windows\system32\DRIVERS\pci.sys
14:00:21.0537 1528 pci - ok
14:00:21.0553 1528 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\DRIVERS\pciide.sys
14:00:21.0553 1528 pciide - ok
14:00:21.0568 1528 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
14:00:21.0568 1528 pcmcia - ok
14:00:21.0584 1528 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
14:00:21.0584 1528 pcw - ok
14:00:21.0615 1528 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
14:00:21.0615 1528 PEAUTH - ok
14:00:21.0709 1528 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
14:00:21.0709 1528 PerfHost - ok
14:00:21.0787 1528 [ 557E9A86F65F0DE18C9B6751DFE9D3F1 ] pla C:\Windows\system32\pla.dll
14:00:21.0802 1528 pla - ok
14:00:21.0896 1528 [ 98B1721B8718164293B9701B98C52D77 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
14:00:21.0912 1528 PlugPlay - ok
14:00:21.0990 1528 [ 37F6046CDC630442D7DC087501FF6FC6 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
14:00:21.0990 1528 Pml Driver HPZ12 - ok
14:00:22.0036 1528 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
14:00:22.0036 1528 PNRPAutoReg - ok
14:00:22.0068 1528 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
14:00:22.0083 1528 PNRPsvc - ok
14:00:22.0161 1528 [ 166EB40D1F5B47E615DE3D0FFFE5F243 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
14:00:22.0161 1528 PolicyAgent - ok
14:00:22.0224 1528 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
14:00:22.0239 1528 Power - ok
14:00:22.0317 1528 [ 27CC19E81BA5E3403C48302127BDA717 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
14:00:22.0317 1528 PptpMiniport - ok
14:00:22.0348 1528 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
14:00:22.0364 1528 Processor - ok
14:00:22.0489 1528 [ 97293447431311C06703368AD0F6C4BE ] ProfSvc C:\Windows\system32\profsvc.dll
14:00:22.0504 1528 ProfSvc - ok
14:00:22.0520 1528 [ 156F6159457D0AA7E59B62681B56EB90 ] ProtectedStorage C:\Windows\system32\lsass.exe
14:00:22.0520 1528 ProtectedStorage - ok
14:00:22.0614 1528 [ EE992183BD8EAEFD9973F352E587A299 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
14:00:22.0614 1528 Psched - ok
14:00:22.0770 1528 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
14:00:22.0801 1528 ql2300 - ok
14:00:22.0848 1528 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
14:00:22.0879 1528 ql40xx - ok
14:00:22.0972 1528 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
14:00:22.0988 1528 QWAVE - ok
14:00:23.0050 1528 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
14:00:23.0082 1528 QWAVEdrv - ok
14:00:23.0097 1528 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
14:00:23.0113 1528 RasAcd - ok
14:00:23.0222 1528 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
14:00:23.0222 1528 RasAgileVpn - ok
14:00:23.0269 1528 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
14:00:23.0269 1528 RasAuto - ok
14:00:23.0409 1528 [ 87A6E852A22991580D6D39ADC4790463 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
14:00:23.0425 1528 Rasl2tp - ok
14:00:23.0472 1528 [ 47394ED3D16D053F5906EFE5AB51CC83 ] RasMan C:\Windows\System32\rasmans.dll
14:00:23.0487 1528 RasMan - ok
14:00:23.0534 1528 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
14:00:23.0565 1528 RasPppoe - ok
14:00:23.0659 1528 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
14:00:23.0659 1528 RasSstp - ok
14:00:23.0706 1528 [ 3BAC8142102C15D59A87757C1D41DCE5 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
14:00:23.0706 1528 rdbss - ok
14:00:23.0752 1528 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
14:00:23.0752 1528 rdpbus - ok
14:00:23.0768 1528 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
14:00:23.0768 1528 RDPCDD - ok
14:00:23.0862 1528 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
14:00:23.0862 1528 RDPENCDD - ok
14:00:23.0940 1528 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
14:00:23.0940 1528 RDPREFMP - ok
14:00:24.0018 1528 [ 447DE7E3DEA39D422C1504F245B668B1 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
14:00:24.0049 1528 RDPWD - ok
14:00:24.0174 1528 [ 634B9A2181D98F15941236886164EC8B ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
14:00:24.0205 1528 rdyboost - ok
14:00:24.0298 1528 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
14:00:24.0330 1528 RemoteAccess - ok
14:00:24.0392 1528 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
14:00:24.0408 1528 RemoteRegistry - ok
14:00:24.0501 1528 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
14:00:24.0517 1528 RpcEptMapper - ok
14:00:24.0548 1528 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
14:00:24.0564 1528 RpcLocator - ok
14:00:24.0626 1528 [ 7266972E86890E2B30C0C322E906B027 ] RpcSs C:\Windows\system32\rpcss.dll
14:00:24.0642 1528 RpcSs - ok
14:00:24.0720 1528 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
14:00:24.0720 1528 rspndr - ok
14:00:24.0922 1528 [ 763AE0C6D9DF4C24B7E2C26036A8188A ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
14:00:24.0938 1528 RSUSBSTOR - ok
14:00:24.0954 1528 [ 156F6159457D0AA7E59B62681B56EB90 ] SamSs C:\Windows\system32\lsass.exe
14:00:24.0954 1528 SamSs - ok
14:00:25.0000 1528 [ E3BBB89983DAF5622C1D50CF49F28227 ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys
14:00:25.0016 1528 sbp2port - ok
14:00:25.0110 1528 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
14:00:25.0110 1528 SCardSvr - ok
14:00:25.0188 1528 [ C94DA20C7E3BA1DCA269BC8460D98387 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
14:00:25.0188 1528 scfilter - ok
14:00:25.0375 1528 [ 624D0F5FF99428BB90A5B8A4123E918E ] Schedule C:\Windows\system32\schedsvc.dll
14:00:25.0500 1528 Schedule - ok
14:00:25.0562 1528 [ 312E2F82AF11E79906898AC3E3D58A1F ] SCPolicySvc C:\Windows\System32\certprop.dll
14:00:25.0562 1528 SCPolicySvc - ok
14:00:25.0687 1528 [ 765A27C3279CE11D14CB9E4F5869FCA5 ] SDRSVC C:\Windows\System32\SDRSVC.dll
14:00:25.0843 1528 SDRSVC - ok
14:00:25.0999 1528 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
14:00:25.0999 1528 secdrv - ok
14:00:26.0030 1528 [ 463B386EBC70F98DA5DFF85F7E654346 ] seclogon C:\Windows\system32\seclogon.dll
14:00:26.0046 1528 seclogon - ok
14:00:26.0077 1528 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
14:00:26.0092 1528 SENS - ok
14:00:26.0139 1528 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
14:00:26.0139 1528 SensrSvc - ok
14:00:26.0170 1528 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
14:00:26.0170 1528 Serenum - ok
14:00:26.0248 1528 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
14:00:26.0248 1528 Serial - ok
14:00:26.0326 1528 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
14:00:26.0342 1528 sermouse - ok
14:00:26.0451 1528 [ C3BC61CE47FF6F4E88AB8A3B429A36AF ] SessionEnv C:\Windows\system32\sessenv.dll
14:00:26.0467 1528 SessionEnv - ok
14:00:26.0498 1528 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
14:00:26.0529 1528 sffdisk - ok
14:00:26.0560 1528 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\DRIVERS\sffp_mmc.sys
14:00:26.0560 1528 sffp_mmc - ok
14:00:26.0576 1528 [ 178298F767FE638C9FEDCBDEF58BB5E4 ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
14:00:26.0576 1528 sffp_sd - ok
14:00:26.0592 1528 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
14:00:26.0592 1528 sfloppy - ok
14:00:26.0638 1528 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
14:00:26.0654 1528 SharedAccess - ok
14:00:26.0748 1528 [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:00:26.0763 1528 ShellHWDetection - ok
14:00:26.0857 1528 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
14:00:26.0872 1528 SiSRaid2 - ok
14:00:26.0888 1528 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
14:00:26.0888 1528 SiSRaid4 - ok
14:00:27.0231 1528 [ 6128E98EAAED364ED1A32708D2FD22CB ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
14:00:27.0278 1528 SkypeUpdate - ok
14:00:27.0372 1528 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
14:00:27.0372 1528 Smb - ok
14:00:27.0481 1528 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
14:00:27.0512 1528 SNMPTRAP - ok
14:00:27.0559 1528 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
14:00:27.0559 1528 spldr - ok
14:00:27.0668 1528 [ 567977DC43CC13C4C35ED7084C0B84D5 ] Spooler C:\Windows\System32\spoolsv.exe
14:00:27.0699 1528 Spooler - ok
14:00:28.0620 1528 [ 913D843498553A1BC8F8DBAD6358E49F ] sppsvc C:\Windows\system32\sppsvc.exe
14:00:28.0635 1528 sppsvc - ok
14:00:28.0713 1528 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
14:00:28.0713 1528 sppuinotify - ok
14:00:29.0290 1528 [ 891793E00432FA055CF040605C260E49 ] SRTSP C:\Windows\System32\Drivers\N360x64\0603000.00E\SRTSP64.SYS
14:00:29.0306 1528 SRTSP - ok
14:00:29.0368 1528 [ 1CB7BB3B0561FB5ECFE37F7731E8BF3E ] SRTSPX C:\Windows\system32\drivers\N360x64\0603000.00E\SRTSPX64.SYS
14:00:29.0384 1528 SRTSPX - ok
14:00:29.0462 1528 [ 2408C0366D96BCDF63E8F1C78E4A29C5 ] srv C:\Windows\system32\DRIVERS\srv.sys
14:00:29.0478 1528 srv - ok
14:00:29.0556 1528 [ 76548F7B818881B47D8D1AE1BE9C11F8 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
14:00:29.0556 1528 srv2 - ok
14:00:29.0634 1528 [ 0AF6E19D39C70844C5CAA8FB0183C36E ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
14:00:29.0634 1528 srvnet - ok
14:00:29.0758 1528 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
14:00:29.0774 1528 SSDPSRV - ok
14:00:29.0836 1528 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
14:00:29.0836 1528 SstpSvc - ok
14:00:29.0899 1528 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
14:00:29.0914 1528 stexstor - ok
14:00:30.0008 1528 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
14:00:30.0024 1528 StillCam - ok
14:00:30.0164 1528 [ 52D0E33B681BD0F33FDC08812FEE4F7D ] stisvc C:\Windows\System32\wiaservc.dll
14:00:30.0180 1528 stisvc - ok
14:00:30.0211 1528 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
14:00:30.0226 1528 swenum - ok
14:00:30.0336 1528 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
14:00:30.0351 1528 swprv - ok
14:00:31.0209 1528 [ 8B2430762099598DA40686F754632EFD ] SymDS C:\Windows\system32\drivers\N360x64\0603000.00E\SYMDS64.SYS
14:00:31.0240 1528 SymDS - ok
14:00:31.0724 1528 [ 5CB7F2FD7E30A0F52F93574BFC3A8041 ] SymEFA C:\Windows\system32\drivers\N360x64\0603000.00E\SYMEFA64.SYS
14:00:31.0802 1528 SymEFA - ok
14:00:32.0020 1528 [ 898BB48C797483420DF523B2BBC1ECDB ] SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
14:00:32.0052 1528 SymEvent - ok
14:00:32.0254 1528 [ 5013A76CAAA1D7CF1C55214B490B4E35 ] SymIRON C:\Windows\system32\drivers\N360x64\0603000.00E\Ironx64.SYS
14:00:32.0254 1528 SymIRON - ok
14:00:32.0488 1528 [ 3911BD0E68C010E5438A87706ABBE9AB ] SymNetS C:\Windows\System32\Drivers\N360x64\0603000.00E\SYMNETS.SYS
14:00:32.0504 1528 SymNetS - ok
14:00:32.0660 1528 [ 064A2530A4A7C7CEC1BE6A1945645BE4 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
14:00:32.0676 1528 SynTP - ok
14:00:33.0003 1528 [ 3C1284516A62078FB68F768DE4F1A7BE ] SysMain C:\Windows\system32\sysmain.dll
14:00:33.0097 1528 SysMain - ok
14:00:33.0144 1528 [ 238935C3CF2854886DC7CBB2A0E2CC66 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:00:33.0159 1528 TabletInputService - ok
14:00:33.0175 1528 [ 884264AC597B690C5707C89723BB8E7B ] TapiSrv C:\Windows\System32\tapisrv.dll
14:00:33.0190 1528 TapiSrv - ok
14:00:33.0206 1528 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
14:00:33.0222 1528 TBS - ok
14:00:33.0471 1528 [ 624C5B3AA4C99B3184BB922D9ECE3FF0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
14:00:33.0549 1528 Tcpip - ok
14:00:33.0705 1528 [ 624C5B3AA4C99B3184BB922D9ECE3FF0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
14:00:33.0721 1528 TCPIP6 - ok
14:00:33.0752 1528 [ 76D078AF6F587B162D50210F761EB9ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
14:00:33.0783 1528 tcpipreg - ok
14:00:33.0814 1528 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
14:00:33.0830 1528 TDPIPE - ok
14:00:33.0892 1528 [ 7518F7BCFD4B308ABC9192BACAF6C970 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
14:00:33.0908 1528 TDTCP - ok
14:00:33.0970 1528 [ 079125C4B17B01FCAEEBCE0BCB290C0F ] tdx C:\Windows\system32\DRIVERS\tdx.sys
14:00:33.0986 1528 tdx - ok
14:00:33.0986 1528 [ C448651339196C0E869A355171875522 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
14:00:34.0002 1528 TermDD - ok
14:00:34.0080 1528 [ 0F05EC2887BFE197AD82A13287D2F404 ] TermService C:\Windows\System32\termsrv.dll
14:00:34.0095 1528 TermService - ok
14:00:34.0126 1528 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
14:00:34.0142 1528 Themes - ok
14:00:34.0189 1528 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
14:00:34.0189 1528 THREADORDER - ok
14:00:34.0267 1528 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
14:00:34.0329 1528 TrkWks - ok
14:00:34.0454 1528 [ 840F7FB849F5887A49BA18C13B2DA920 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:00:34.0454 1528 TrustedInstaller - ok
14:00:34.0516 1528 [ 61B96C26131E37B24E93327A0BD1FB95 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
14:00:34.0532 1528 tssecsrv - ok
14:00:34.0641 1528 [ 3836171A2CDF3AF8EF10856DB9835A70 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
14:00:34.0641 1528 tunnel - ok
14:00:34.0719 1528 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
14:00:34.0735 1528 uagp35 - ok
14:00:34.0797 1528 [ A17D5E1A6DF4EAB0A480F2C490DE4C9D ] UBHelper C:\Windows\system32\drivers\UBHelper.sys
14:00:34.0797 1528 UBHelper - ok
14:00:34.0828 1528 [ D47BAEAD86C65D4F4069D7CE0A4EDCEB ] udfs C:\Windows\system32\DRIVERS\udfs.sys
14:00:34.0828 1528 udfs - ok
14:00:34.0891 1528 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
14:00:34.0891 1528 UI0Detect - ok
14:00:34.0953 1528 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys
14:00:34.0953 1528 uliagpkx - ok
14:00:35.0000 1528 [ EAB6C35E62B1B0DB0D1B48B671D3A117 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
14:00:35.0000 1528 umbus - ok
14:00:35.0016 1528 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
14:00:35.0016 1528 UmPass - ok
14:00:35.0109 1528 [ F9EC9ACD504D823D9B9CA98A4F8D3CA2 ] Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
14:00:35.0125 1528 Updater Service - ok
14:00:35.0203 1528 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
14:00:35.0218 1528 upnphost - ok
14:00:35.0328 1528 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
14:00:35.0343 1528 USBAAPL64 - ok
14:00:35.0406 1528 [ 537A4E03D7103C12D42DFD8FFDB5BDC9 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
14:00:35.0437 1528 usbccgp - ok
14:00:35.0499 1528 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
14:00:35.0515 1528 usbcir - ok
14:00:35.0562 1528 [ FBB21EBE49F6D560DB37AC25FBC68E66 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
14:00:35.0562 1528 usbehci - ok
14:00:35.0686 1528 [ 2C780746DC44A28FE67004DC58173F05 ] usbfilter C:\Windows\system32\DRIVERS\usbfilter.sys
14:00:35.0686 1528 usbfilter - ok
14:00:35.0858 1528 [ 6B7A8A99C4A459E73C286A6763EA24CC ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
14:00:35.0874 1528 usbhub - ok
14:00:35.0905 1528 [ 8C88AA7617B4CBC2E4BED61D26B33A27 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
14:00:35.0920 1528 usbohci - ok
14:00:35.0998 1528 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
14:00:36.0045 1528 usbprint - ok
14:00:36.0170 1528 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
14:00:36.0201 1528 usbscan - ok
14:00:36.0248 1528 [ F39983647BC1F3E6100778DDFE9DCE29 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:00:36.0248 1528 USBSTOR - ok
14:00:36.0310 1528 [ 0B5B3B2DF3FD1709618ACFA50B8392B0 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
14:00:36.0326 1528 usbuhci - ok
14:00:36.0420 1528 [ 7CB8C573C6E4A2714402CC0A36EAB4FE ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
14:00:36.0435 1528 usbvideo - ok
14:00:36.0482 1528 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
14:00:36.0513 1528 UxSms - ok
14:00:36.0560 1528 [ 156F6159457D0AA7E59B62681B56EB90 ] VaultSvc C:\Windows\system32\lsass.exe
14:00:36.0560 1528 VaultSvc - ok
14:00:36.0638 1528 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys
14:00:36.0654 1528 vdrvroot - ok
14:00:37.0262 1528 [ 44D73E0BBC1D3C8981304BA15135C2F2 ] vds C:\Windows\System32\vds.exe
14:00:37.0340 1528 vds - ok
14:00:37.0434 1528 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
14:00:37.0480 1528 vga - ok
14:00:37.0558 1528 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
14:00:37.0668 1528 VgaSave - ok
14:00:37.0668 1528 [ C82E748660F62A242B2DFAC1442F22A4 ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys
14:00:37.0761 1528 vhdmp - ok
14:00:37.0761 1528 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\DRIVERS\viaide.sys
14:00:37.0777 1528 viaide - ok
14:00:37.0824 1528 [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3 ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys
14:00:37.0839 1528 volmgr - ok
14:00:37.0948 1528 [ 99B0CBB569CA79ACAED8C91461D765FB ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
14:00:37.0980 1528 volmgrx - ok
14:00:38.0089 1528 [ 58F82EED8CA24B461441F9C3E4F0BF5C ] volsnap C:\Windows\system32\DRIVERS\volsnap.sys
14:00:38.0120 1528 volsnap - ok
14:00:38.0198 1528 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
14:00:38.0214 1528 vsmraid - ok
14:00:38.0666 1528 [ 787898BF9FB6D7BD87A36E2D95C899BA ] VSS C:\Windows\system32\vssvc.exe
14:00:38.0744 1528 VSS - ok
14:00:38.0791 1528 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
14:00:38.0806 1528 vwifibus - ok
14:00:38.0962 1528 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
14:00:38.0962 1528 vwififlt - ok
14:00:39.0025 1528 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
14:00:39.0040 1528 W32Time - ok
14:00:39.0072 1528 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
14:00:39.0072 1528 WacomPen - ok
14:00:39.0212 1528 [ 47CA49400643EFFD3F1C9A27E1D69324 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
14:00:39.0212 1528 WANARP - ok
14:00:39.0274 1528 [ 47CA49400643EFFD3F1C9A27E1D69324 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
14:00:39.0274 1528 Wanarpv6 - ok
14:00:39.0462 1528 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
14:00:39.0477 1528 WatAdminSvc - ok
14:00:39.0586 1528 [ 5AB1BB85BD8B5089CC5D64200DEDAE68 ] wbengine C:\Windows\system32\wbengine.exe
14:00:39.0680 1528 wbengine - ok
14:00:39.0696 1528 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
14:00:39.0696 1528 WbioSrvc - ok
14:00:39.0883 1528 [ DD1BAE8EBFC653824D29CCF8C9054D68 ] wcncsvc C:\Windows\System32\wcncsvc.dll
14:00:39.0898 1528 wcncsvc - ok
14:00:39.0961 1528 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:00:39.0976 1528 WcsPlugInService - ok
14:00:40.0054 1528 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
14:00:40.0054 1528 Wd - ok
14:00:40.0132 1528 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
14:00:40.0148 1528 Wdf01000 - ok
14:00:40.0226 1528 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
14:00:40.0257 1528 WdiServiceHost - ok
14:00:40.0257 1528 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
14:00:40.0273 1528 WdiSystemHost - ok
14:00:40.0351 1528 [ 733006127F235BE7C35354EBEE7B9A7B ] WebClient C:\Windows\System32\webclnt.dll
14:00:40.0366 1528 WebClient - ok
14:00:40.0476 1528 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
14:00:40.0491 1528 Wecsvc - ok
14:00:40.0569 1528 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
14:00:40.0585 1528 wercplsupport - ok
14:00:40.0647 1528 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
14:00:40.0663 1528 WerSvc - ok
14:00:40.0741 1528 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
14:00:40.0756 1528 WfpLwf - ok
14:00:40.0819 1528 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
14:00:40.0819 1528 WIMMount - ok
14:00:40.0866 1528 WinDefend - ok
14:00:40.0881 1528 WinHttpAutoProxySvc - ok
14:00:41.0022 1528 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
14:00:41.0022 1528 Winmgmt - ok
14:00:41.0162 1528 [ 41FBB751936B387F9179E7F03A74FE29 ] WinRM C:\Windows\system32\WsmSvc.dll
14:00:41.0224 1528 WinRM - ok
14:00:41.0302 1528 [ 817EAFF5D38674EDD7713B9DFB8E9791 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
14:00:41.0318 1528 WinUsb - ok
14:00:41.0396 1528 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
14:00:41.0443 1528 Wlansvc - ok
14:00:41.0505 1528 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
14:00:41.0505 1528 WmiAcpi - ok
14:00:41.0552 1528 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
14:00:41.0552 1528 wmiApSrv - ok
14:00:41.0583 1528 WMPNetworkSvc - ok
14:00:41.0614 1528 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
14:00:41.0630 1528 WPCSvc - ok
14:00:41.0646 1528 [ 2E57DDF2880A7E52E76F41C7E96D327B ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
14:00:41.0646 1528 WPDBusEnum - ok
14:00:41.0677 1528 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
14:00:41.0692 1528 ws2ifsl - ok
14:00:41.0708 1528 [ 8F9F3969933C02DA96EB0F84576DB43E ] wscsvc C:\Windows\System32\wscsvc.dll
14:00:41.0708 1528 wscsvc - ok
14:00:41.0724 1528 WSearch - ok
14:00:42.0145 1528 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
14:00:42.0254 1528 wuauserv - ok
14:00:42.0285 1528 [ 7CADC74271DD6461C452C271B30BD378 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
14:00:42.0316 1528 WudfPf - ok
14:00:42.0410 1528 [ 3B197AF0FFF08AA66B6B2241CA538D64 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
14:00:42.0426 1528 WUDFRd - ok
14:00:42.0519 1528 [ B551D6637AA0E132C18AC6E504F7B79B ] wudfsvc C:\Windows\System32\WUDFSvc.dll
14:00:42.0519 1528 wudfsvc - ok
14:00:42.0597 1528 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
14:00:42.0613 1528 WwanSvc - ok
14:00:42.0691 1528 ================ Scan global ===============================
14:00:42.0738 1528 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
14:00:42.0925 1528 [ 0CB6EBF4B461A6043353C570BD72A1E1 ] C:\Windows\system32\winsrv.dll
14:00:42.0956 1528 [ 0CB6EBF4B461A6043353C570BD72A1E1 ] C:\Windows\system32\winsrv.dll
14:00:43.0003 1528 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
14:00:43.0081 1528 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
14:00:43.0096 1528 [Global] - ok
14:00:43.0096 1528 ================ Scan MBR ==================================
14:00:43.0143 1528 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
14:00:44.0048 1528 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
14:00:44.0048 1528 \Device\Harddisk0\DR0 - detected TDSS File System (1)
14:00:44.0048 1528 ================ Scan VBR ==================================
14:00:44.0079 1528 [ 1BAB794E0AF6BCD89C7E496312BE5D0F ] \Device\Harddisk0\DR0\Partition1
14:00:44.0095 1528 \Device\Harddisk0\DR0\Partition1 - ok
14:00:44.0110 1528 [ F06F733C9DE5ABB665C1699F481233D8 ] \Device\Harddisk0\DR0\Partition2
14:00:44.0110 1528 \Device\Harddisk0\DR0\Partition2 - ok
14:00:44.0110 1528 ============================================================
14:00:44.0110 1528 Scan finished
14:00:44.0110 1528 ============================================================
14:00:44.0142 4920 Detected object count: 1
14:00:44.0142 4920 Actual detected object count: 1
14:00:58.0650 4920 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
14:00:58.0650 4920 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
CatByte's Avatar
Malware Removal Specialist with 3,893 posts.
 
Join Date: Feb 2009
22-Sep-2012, 03:33 PM #12
OK, that's good, the rootkit wasn't restored.

please run the following:

Download AdwCleaner from here and save it to your desktop.
  • Run AdwCleaner and select Delete
  • Once done it will ask to reboot, allow the reboot
  • On reboot a log will be produced, please attach the content of the log to your next reply


NEXT

  • Download RogueKiller and save it to your desktop.
  • Quit all other programs
  • Start RogueKiller.exe
  • Wait until the Prescan has finished ...
  • Click on Scan
  • Wait for the end of the scan
  • A report will be created on your desktop.
  • Click on the Delete button
  • Next click on the ShortcutsFix
  • another report will be created on your desktop.

Please post: All RKreport.txt text files located on your desktop.
qwertyasd's Avatar
qwertyasd qwertyasd is offline
Member with 13 posts.
THREAD STARTER
 
Join Date: Sep 2012
Experience: Beginner
22-Sep-2012, 03:59 PM #13
# AdwCleaner v2.002 - Logfile created 09/22/2012 at 14:40:39
# Updated 16/09/2012 by Xplode
# Operating system : Windows 7 Home Premium (64 bits)
# User : Alison - ALISON-PC
# Boot Mode : Normal
# Running from : C:\Users\Alison\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\ProgramData\Partner
Folder Deleted : C:\Users\Alison\AppData\Local\APN
Folder Deleted : C:\Users\Alison\AppData\Local\Conduit
Folder Deleted : C:\Users\Alison\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Alison\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\Alison\AppData\Roaming\OpenCandy

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\Ask&Record
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT1060933
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

Restored : [HKCU\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKCU\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.ask.com/?o=10148&l=dis&tb=FWV5 --> hxxp://www.google.com

-\\ Google Chrome v21.0.1180.89

File : C:\Users\Alison\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [2099 octets] - [22/09/2012 14:40:21]
AdwCleaner[S1].txt - [2590 octets] - [22/09/2012 14:40:39]

########## EOF - C:\AdwCleaner[S1].txt - [2650 octets] ##########





RogueKiller V8.0.4 [09/19/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files...3-roguekiller/
Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7600 ) 64 bits version
Started in : Normal mode
User : Alison [Admin rights]
Mode : Scan -- Date : 09/22/2012 14:50:41

Bad processes : 0

Registry Entries : 4
[RUN][BLACKLIST DLL] HKUS\S-1-5-19[...]\Run : Microsoft (rundll32.exe "C:\Windows\system32\config\systemprofile\AppData\Local\Temp\Microsoft\lfat gg.dll",CreateInstance) -> FOUND
[RUN][BLACKLIST DLL] HKUS\S-1-5-20[...]\Run : Microsoft (rundll32.exe "C:\Windows\system32\config\systemprofile\AppData\Local\Temp\Microsoft\lfat gg.dll",CreateInstance) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

Particular Files / Folders:
[ZeroAccess][FOLDER] L : C:\Windows\Installer\{8ce72873-0a81-9ded-27d8-39409e2d1488}\L --> FOUND

Driver : [NOT LOADED]

Infection : ZeroAccess

HOSTS File:
--> C:\Windows\system32\drivers\etc\hosts



MBR Check:

+++++ PhysicalDrive0: Hitachi HTS545032B9A300 ATA Device +++++
--- User ---
[MBR] f4c6b991cfe9e873a31a7f6911108406
[BSP] ba95d67444dc1b7915b83288fea1c6a4 : Windows 7 MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 14336 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 29362176 | Size: 100 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 29566976 | Size: 290807 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[1].txt >>
RKreport[1].txt





RogueKiller V8.0.4 [09/19/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files...3-roguekiller/
Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7600 ) 64 bits version
Started in : Normal mode
User : Alison [Admin rights]
Mode : Shortcuts HJfix -- Date : 09/22/2012 14:58:54

Bad processes : 0

Driver : [NOT LOADED]

File attributes restored:
Desktop: Success 1 / Fail 0
Quick launch: Success 1 / Fail 0
Programs: Success 7 / Fail 0
Start menu: Success 1 / Fail 0
User folder: Success 226 / Fail 0
My documents: Success 4 / Fail 4
My favorites: Success 6 / Fail 0
My pictures: Success 0 / Fail 0
My music: Success 70 / Fail 0
My videos: Success 0 / Fail 0
Local drives: Success 91 / Fail 0
Backup: [NOT FOUND]

Drives:
[C:] \Device\HarddiskVolume3 -- 0x3 --> Restored
[D:] \Device\CdRom0 -- 0x5 --> Skipped

Infection :

Finished : << RKreport[2].txt >>
RKreport[1].txt ; RKreport[2].txt
CatByte's Avatar
Malware Removal Specialist with 3,893 posts.
 
Join Date: Feb 2009
22-Sep-2012, 04:05 PM #14
Please do the following:

Please download Malwarebytes Anti-Malware
  • Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish, so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected. <-- very important
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.

Extra Note:If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately.



NEXT


Go here to run an online scanner from ESET.
  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the activeX control to install
  • Click Start
  • Make sure that the option Remove found threats is unticked and the Scan Archives option is ticked.
  • Click on Advanced Settings, ensure the options Scan for potentially unwanted applications, Scan for potentially unsafe applications, and Enable Anti-Stealth Technology are ticked.
  • Click Scan
  • Wait for the scan to finish
  • When the scan completes, press the LIST OF THREATS FOUND button
  • Press EXPORT TO TEXT FILE , name the file ESETSCAN and save it to your desktop
  • Include the contents of this report in your next reply.
  • Press the BACK button.
  • Press Finish
qwertyasd's Avatar
qwertyasd qwertyasd is offline
Member with 13 posts.
THREAD STARTER
 
Join Date: Sep 2012
Experience: Beginner
22-Sep-2012, 04:23 PM #15
Malwarebytes Anti-Malware (Trial) 1.65.0.1400
www.malwarebytes.org

Database version: v2012.09.22.06

Windows 7 x64 NTFS
Internet Explorer 9.0.8112.16421
Alison :: ALISON-PC [administrator]

Protection: Enabled

9/22/2012 3:14:48 PM
mbam-log-2012-09-22 (15-14-48).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 206101
Time elapsed: 3 minute(s), 23 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Windows\svchost.exe (Trojan.Agent) -> Quarantined and deleted successfully.

Then a window popped up that said "Malwarebytes Anti-Malware
[Shell_NotifyIcon] Failed to perform desired action. Error Code: 5."
I'm restarting now then will complete the rest of your message.
As Seen On

BBC, Reader's Digest, PC Magazine, Today Show, Money Magazine
WELCOME TO TECH SUPPORT GUY!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.


(clock)
THIS THREAD HAS EXPIRED.
Are you having the same problem? We have volunteers ready to answer your question, but first you'll have to join for free. Need help getting started? Check out our Welcome Guide.

Search Tech Support Guy

Find the solution to your
computer problem!




Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools


WELCOME
You Are Using: Server ID
Trusted Website Back to the Top ↑