Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Windows Update Error and VERY SLOW COMPUTER


  • Please log in to reply

#1
kenchew

kenchew

    Member

  • Member
  • PipPip
  • 74 posts
Hi,

It all started last week when my computer was having performance problems (i.e. very slow). As though some program is using up memory/processor speed.

1. I ran all the optimization tools using Glary Utilities.
2. Downloaded latest AVG2013 and did a full scan. Windows Defender full scan.
3. Tried Windows Update and some of the updates failed to download. Restarted computer to let some of the updates install, but one of the updates failed and have to revert. Then I tried clicking to check for updates again, but Error code 80000FFFF. Went online and download Microsoft Fix It. But still same problem. So whenever I shut down/restart or boot my computer, the update will try installing. (Now when I click "check for updates", "Windows update cannot currently check for updates because the service is not running. You may need to restart your computer."
4. Tried updating Java but unable to with an error pop up.
5. My PC is still having performance problems and takes a very long time to boot. My computer is still very slow Eg. Takes a long time just to launch and close programs, loading websites, etc.

Hope I am clear enough.

Below is my OTL Logfile. Thank you in advance for your assistance.


OTL logfile created on: 08-Apr-13 11:08:47 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\acer\Downloads
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: dd-MMM-yy

1.93 Gb Total Physical Memory | 0.83 Gb Available Physical Memory | 42.89% Memory free
3.86 Gb Paging File | 1.89 Gb Available in Paging File | 48.99% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 228.88 Gb Total Space | 180.03 Gb Free Space | 78.66% Space Free | Partition Type: NTFS
Drive E: | 224.78 Gb Total Space | 56.10 Gb Free Space | 24.96% Space Free | Partition Type: NTFS

Computer Name: KEN | User Name: acer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013-04-08 23:05:49 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\acer\Downloads\OTL.exe
PRC - [2013-03-31 23:06:30 | 001,219,248 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe
PRC - [2013-03-22 06:50:35 | 001,312,720 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2013-03-13 17:15:00 | 004,394,032 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgui.exe
PRC - [2013-02-27 23:42:12 | 004,937,264 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
PRC - [2013-02-19 04:02:02 | 000,282,624 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
PRC - [2013-01-29 14:29:30 | 000,188,760 | ---- | M] () -- C:\Program Files\IB Updater\ExtensionUpdaterService.exe
PRC - [2010-10-25 14:53:46 | 000,145,920 | ---- | M] (HP) -- C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
PRC - [2010-10-25 14:40:08 | 000,058,936 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\HP\ToolboxFX\bin\HPTLBXFX.exe
PRC - [2009-09-30 20:01:32 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2009-09-30 20:01:30 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2009-09-25 07:42:28 | 000,062,720 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
PRC - [2009-08-28 17:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
PRC - [2009-08-18 17:42:08 | 001,157,128 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
PRC - [2009-08-07 21:29:54 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2009-08-07 21:29:36 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2009-08-05 21:29:42 | 003,567,104 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\Acer Bio Protection\PdtWzd.exe
PRC - [2009-08-05 21:29:42 | 003,449,856 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\Acer Bio Protection\BASVC.exe
PRC - [2009-08-05 21:29:30 | 003,353,088 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\Acer Bio Protection\CompPtcVUI.exe
PRC - [2009-08-04 13:09:34 | 000,199,464 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe
PRC - [2009-07-04 10:47:12 | 000,240,160 | ---- | M] (Acer) -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe
PRC - [2009-06-30 13:39:46 | 001,807,608 | ---- | M] (AuthenTec, Inc.) -- C:\Program Files (x86)\Fingerprint Sensor\AtService.exe
PRC - [2008-07-29 19:29:26 | 000,200,704 | ---- | M] () -- C:\Windows\PLFSetI.exe


========== Modules (No Company Name) ==========

MOD - [2013-03-31 23:06:30 | 001,219,248 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe
MOD - [2013-03-31 23:06:30 | 000,157,360 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\15.0.0\SiteSafety.dll
MOD - [2013-03-22 06:50:33 | 000,390,096 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.43\ppgooglenaclpluginchrome.dll
MOD - [2013-03-22 06:50:32 | 012,662,224 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.43\PepperFlash\pepflashplayer.dll
MOD - [2013-03-22 06:50:31 | 004,050,896 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.43\pdf.dll
MOD - [2013-03-22 06:49:41 | 000,598,480 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.43\libglesv2.dll
MOD - [2013-03-22 06:49:40 | 000,124,368 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.43\libegl.dll
MOD - [2013-03-22 06:49:38 | 001,606,096 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.43\ffmpegsumo.dll
MOD - [2010-10-25 14:36:22 | 000,119,864 | ---- | M] () -- C:\Program Files (x86)\HP\ToolboxFX\bin\NativeUtils.dll
MOD - [2009-07-14 12:56:03 | 011,804,160 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\3871fc2b96345aa6f3be81d9e3c97160\System.Web.ni.dll
MOD - [2009-07-14 12:55:57 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\4bdeb88758dccd625f4703ed77aaf348\System.Runtime.Remoting.ni.dll
MOD - [2009-07-14 12:55:34 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\e71959f4ec6eb386889050ac139835c7\System.ServiceProcess.ni.dll
MOD - [2009-07-14 12:55:32 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\fedf1ba58dced4f0b3f8c457648ceed9\System.Windows.Forms.ni.dll
MOD - [2009-07-14 12:55:32 | 000,310,784 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\d57d865568209a71d63739fa448ed6df\System.Runtime.Serialization.Formatters.Soap.ni.dll
MOD - [2009-07-14 12:55:26 | 001,586,688 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\ead6be8b410d56b5576b10e56af2c180\System.Drawing.ni.dll
MOD - [2009-07-14 12:55:25 | 001,806,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\ebb1a98d5d55d13bbe33034416ee5a1f\System.Deployment.ni.dll
MOD - [2009-07-14 12:55:14 | 003,313,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\c2f9dd7db911053edcaaadf5fefc500a\WindowsBase.ni.dll
MOD - [2009-07-14 12:55:09 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\5dd9f783008543df3e642ff1e99de4e8\System.Xml.ni.dll
MOD - [2009-07-14 12:55:06 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\4b1350e31ff09cc583b34854816d8036\System.Configuration.ni.dll
MOD - [2009-07-14 12:55:05 | 007,949,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\5ba3bf5367fc012300c6566f20cb7f54\System.ni.dll
MOD - [2009-07-14 12:55:00 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\8c1770d45c63cf5c462eeb945ef9aa5d\mscorlib.ni.dll
MOD - [2008-07-29 19:29:26 | 000,200,704 | ---- | M] () -- C:\Windows\PLFSetI.exe


========== Services (SafeList) ==========

SRV:64bit: - [2013-03-04 17:00:56 | 001,316,144 | ---- | M] () [Auto | Running] -- C:\Windows\SysNative\dmwu.exe -- (IBUpdaterService)
SRV:64bit: - [2013-01-29 14:29:30 | 000,188,760 | ---- | M] () [Auto | Running] -- C:\Program Files\IB Updater\ExtensionUpdaterService.exe -- (IB Updater Updater)
SRV:64bit: - [2009-10-30 03:10:02 | 000,844,320 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe -- (ePowerSvc)
SRV:64bit: - [2009-10-02 18:39:44 | 000,873,248 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2009-09-29 17:25:48 | 000,126,392 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
SRV:64bit: - [2009-07-14 09:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009-07-04 10:47:12 | 000,240,160 | ---- | M] (Acer) [Auto | Running] -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe -- (Updater Service)
SRV - [2013-03-31 23:06:30 | 000,990,896 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.0.0\ToolbarUpdater.exe -- (vToolbarUpdater15.0.0)
SRV - [2013-03-21 20:18:40 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013-03-10 21:09:34 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013-02-27 23:42:12 | 004,937,264 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2013-02-19 04:02:02 | 000,282,624 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe -- (avgwd)
SRV - [2012-07-13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011-03-18 08:11:02 | 000,947,528 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service)
SRV - [2011-03-03 21:10:32 | 000,077,944 | ---- | M] (Autodesk) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe -- (Autodesk Licensing Service)
SRV - [2010-10-25 14:53:46 | 000,145,920 | ---- | M] (HP) [Auto | Running] -- C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe -- (HP LaserJet Service)
SRV - [2009-09-30 20:01:32 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2009-09-30 20:01:30 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2009-09-25 07:42:28 | 000,062,720 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Running] -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc)
SRV - [2009-09-10 21:42:46 | 000,305,448 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe -- (MWLService)
SRV - [2009-08-28 17:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe -- (Greg_Service)
SRV - [2009-08-07 21:29:36 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)
SRV - [2009-08-05 21:29:42 | 003,449,856 | ---- | M] (Egis Technology Inc.) [Auto | Running] -- C:\Program Files (x86)\Acer Bio Protection\BASVC.exe -- (IGBASVC)
SRV - [2009-06-30 13:39:46 | 001,807,608 | ---- | M] (AuthenTec, Inc.) [Auto | Running] -- C:\Program Files (x86)\Fingerprint Sensor\AtService.exe -- (ATService)
SRV - [2009-06-11 05:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009-04-29 11:21:18 | 000,436,736 | ---- | M] (Conexant Systems, Inc.) [Auto | Stopped] -- C:\Windows\SysWOW64\XAudio64.dll -- (HsfXAudioService)
SRV - [2007-05-31 10:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007-05-31 10:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013-03-31 23:06:30 | 000,039,768 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp)
DRV:64bit: - [2013-02-26 23:40:46 | 000,246,072 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgidsdrivera.sys -- (AVGIDSDriver)
DRV:64bit: - [2013-02-14 03:52:46 | 000,239,416 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2013-02-08 04:37:56 | 000,116,536 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2013-02-08 04:37:54 | 000,311,096 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\avgloga.sys -- (Avgloga)
DRV:64bit: - [2013-02-08 04:37:50 | 000,071,480 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\avgidsha.sys -- (AVGIDSHA)
DRV:64bit: - [2013-02-08 04:37:42 | 000,206,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2013-02-08 04:37:40 | 000,045,880 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2012-05-17 08:14:58 | 000,093,272 | ---- | M] (Citrix Systems, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ctxusbm.sys -- (ctxusbm)
DRV:64bit: - [2011-02-23 16:50:14 | 000,018,232 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\SmartDefragDriver.sys -- (SmartDefragDriver)
DRV:64bit: - [2011-01-08 15:07:29 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2010-09-08 00:20:50 | 000,009,216 | ---- | M] (SpeedJet Technology INC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SjtWinIo.sys -- (SjtWinIo)
DRV:64bit: - [2009-10-26 04:24:24 | 000,151,040 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2009-10-05 15:49:34 | 006,952,960 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NETw5s64.sys -- (NETw5s64)
DRV:64bit: - [2009-10-05 09:34:00 | 001,542,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009-10-02 08:47:38 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2009-09-29 17:25:50 | 000,012,728 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2009-09-17 12:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:64bit: - [2009-09-03 18:15:26 | 000,292,400 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2009-09-02 09:58:08 | 000,225,280 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2009-08-28 19:15:32 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2009-08-28 19:15:26 | 000,021,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2009-08-21 12:24:04 | 000,084,512 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2009-08-07 21:24:14 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009-07-14 09:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009-07-14 09:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009-07-14 09:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009-07-14 09:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009-07-14 09:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009-07-14 09:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2009-07-14 09:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009-07-14 08:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009-07-14 08:09:50 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2009-07-01 12:46:58 | 000,052,264 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btusbflt.sys -- (btusbflt)
DRV:64bit: - [2009-06-30 14:06:04 | 000,734,720 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ATSwpWDF.sys -- (ATSwpWDF)
DRV:64bit: - [2009-06-11 05:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009-06-11 05:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009-06-11 05:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009-06-11 04:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009-06-11 04:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009-06-11 04:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009-06-11 04:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009-06-07 16:36:46 | 000,317,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a)
DRV:64bit: - [2009-06-02 19:15:30 | 000,060,464 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)
DRV:64bit: - [2009-06-02 19:15:30 | 000,022,576 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)
DRV:64bit: - [2009-06-02 19:15:30 | 000,020,016 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)
DRV:64bit: - [2009-05-05 16:46:08 | 000,018,432 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV:64bit: - [2009-05-05 16:46:08 | 000,016,896 | ---- | M] (NewTech Infosystems Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
DRV:64bit: - [2009-04-29 11:21:08 | 000,010,240 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\XAudio64.sys -- (XAudio)
DRV:64bit: - [2009-04-07 15:33:08 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2009-02-12 22:24:56 | 001,485,824 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CAX_DPV.sys -- (HSF_DPV)
DRV:64bit: - [2009-02-12 22:20:56 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CAXHWAZL.sys -- (CAXHWAZL)
DRV:64bit: - [2009-02-12 22:19:34 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CAX_CNXT.sys -- (winachsf)
DRV:64bit: - [2006-06-18 06:27:24 | 000,017,024 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mdmxsdk.sys -- (mdmxsdk)
DRV - [2009-09-02 09:58:08 | 000,225,280 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV - [2009-07-14 09:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer...e4z175t44j2d253
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer...e4z175t44j2d253
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer...e4z175t44j2d253
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer...e4z175t44j2d253
IE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.co...ng}&rlz=1I7ACAW
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer...e4z175t44j2d253
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer...e4z175t44j2d253
IE - HKCU\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.co...AW_enMY371MY372
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.c...fr&d=2011-10-13 20:45:33&v=14.2.0.1&pid=avg&sg=&sap=dsp&q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://www.google.com.my/"
FF - prefs.js..extensions.enabledAddons: avg%40toolbar:15.0.0.2
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0.2
FF - prefs.js..extensions.enabledItems: [email protected]:2
FF - prefs.js..extensions.enabledItems: 5
FF - prefs.js..extensions.enabledItems: 3
FF - prefs.js..extensions.enabledItems: 1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:10.0.0.1178
FF - prefs.js..extensions.enabledItems: [email protected]:6.011.025.001


FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\15.0.0\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@Citrix.com/npican: C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll (Citrix Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pages.tvunetworks.com/WebPlayer: C:\Program Files (x86)\TVUPlayer\npTVUAx.dll (TVU networks)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.709: C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.709: C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@veetle.com/vbp;version=0.9.17: C:\Program Files (x86)\Veetle\VLCBroadcast\npvbp.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.17: C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.17: C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@octoshape.com/Octoshape Streaming Services,version=1.0: C:\Users\acer\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1008042-0-npoctoshape.dll (Octoshape ApS)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\acer\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\acer\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\PROGRAM FILES\IB UPDATER\FIREFOX [2013-02-28 21:52:20 | 000,000,000 | ---D | M]
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}: C:\PROGRAM FILES\IB UPDATER\FIREFOX [2013-02-28 21:52:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\AVG\AVG10\Toolbar\Firefox\[email protected] [2011-09-17 16:04:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-11-03 23:45:56 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\ProgramData\AVG Secure Search\FireFoxExt\15.0.0.2 [2013-03-31 23:07:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\IB Updater\Firefox [2013-02-28 21:52:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}: C:\Program Files\IB Updater\Firefox [2013-02-28 21:52:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013-03-10 21:09:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013-03-10 21:09:30 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-11-03 23:45:56 | 000,000,000 | ---D | M]

[2010-04-25 21:34:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\acer\AppData\Roaming\mozilla\Extensions
[2010-04-25 21:34:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\acer\AppData\Roaming\mozilla\Extensions\[email protected]
[2012-11-13 14:36:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\acer\AppData\Roaming\mozilla\Firefox\Profiles\uotyg8kr.default\extensions
[2012-11-13 14:36:28 | 000,000,000 | ---D | M] (incredibar.com) -- C:\Users\acer\AppData\Roaming\mozilla\Firefox\Profiles\uotyg8kr.default\extensions\[email protected]
[2010-06-14 22:16:14 | 000,000,000 | ---D | M] (TVU Web Player) -- C:\Users\acer\AppData\Roaming\mozilla\Firefox\Profiles\uotyg8kr.default\extensions\[email protected]
[2013-03-10 21:09:29 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013-03-10 21:09:29 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2013-03-31 23:07:08 | 000,000,000 | ---D | M] (AVG Security Toolbar) -- C:\PROGRAMDATA\AVG SECURE SEARCH\FIREFOXEXT\15.0.0.2
[2013-03-10 21:09:34 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011-02-02 21:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2013-03-31 23:07:09 | 000,003,714 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
[2012-08-31 00:32:05 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2013-02-27 21:30:20 | 000,002,086 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.43\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.43\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.43\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.240.7 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U24 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Windows Genuine Advantage (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npLegitCheckPlugin.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: Octoshape Streaming Services (Enabled) = C:\Users\acer\AppData\Roaming\Mozilla\plugins\npoctoshape.dll
CHR - plugin: Citrix ICA Client (Enabled) = C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll
CHR - plugin: AVG SiteSafety plugin (Enabled) = C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\15.0.0\\npsitesafety.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - plugin: TVU Web Player for FireFox (Enabled) = C:\Program Files (x86)\TVUPlayer\npTVUAx.dll
CHR - plugin: Veetle TV Player (Enabled) = C:\Program Files (x86)\Veetle\Player\npvlc.dll
CHR - plugin: Veetle Broadcaster Plugin (Enabled) = C:\Program Files (x86)\Veetle\VLCBroadcast\npvbp.dll
CHR - plugin: Veetle TV Core (Enabled) = C:\Program Files (x86)\Veetle\plugins\npVeetle.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\acer\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\acer\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - plugin: Octoshape Streaming Services (Enabled) = C:\Users\acer\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1008042-0-npoctoshape.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll
CHR - Extension: Google Docs = C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Gmail = C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2009-06-11 05:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (IB Updater) - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\IB Updater\Extension64.dll ()
O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll File not found
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg64.dll (Google Inc.)
O2 - BHO: (IB Updater) - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\IB Updater\Extension32.dll ()
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll File not found
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Incredibar.com Helper Object) - {6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} - C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\bh\incredibar.dll (Montera Technologeis LTD)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll File not found
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll File not found
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Incredibar Toolbar) - {F9639E4A-801B-4843-AEE3-03D9DA199E77} - C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\incredibarTlbr.dll (Montera Technologeis LTD)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated)
O4:64bit: - HKLM..\Run: [HP LaserJet Professional M1530 MFP Series Fax] C:\Program Files (x86)\HP\Digital Imaging\Fax\Fax Driver 0.6 Base\hppfaxprintersrv.exe (Hewlett-Packard Company)
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [AVG_UI] C:\Program Files (x86)\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [EgisTecLiveUpdate] C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [ToolboxFX] C:\Program Files (x86)\HP\ToolboxFX\bin\HPTLBXFX.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [VitaKeyPdtWzd] C:\Program Files (x86)\Acer Bio Protection\PdtWzd.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG Secure Search\vprot.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O8:64bit: - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: Quick-Launch Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files (x86)\Acer Bio Protection\PwdBank.exe (Egis Technology Inc.)
O9:64bit: - Extra 'Tools' menuitem : Quick-Launch Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files (x86)\Acer Bio Protection\PwdBank.exe (Egis Technology Inc.)
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Quick-Launch Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files (x86)\Acer Bio Protection\PwdBank.exe (Egis Technology Inc.)
O9 - Extra 'Tools' menuitem : Quick-Launch Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files (x86)\Acer Bio Protection\PwdBank.exe (Egis Technology Inc.)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {0F2AAAE3-7E9E-4B64-AB5D-1CA24C6ACB9C} http://pjhontlm.ijm.com/dwa85W.cab (IBM Lotus iNotes 8.5 Control)
O16 - DPF: {1FAF427B-1EE5-43D3-A023-3009142AFCD9} https://ost.maybank2...b/csoex_mbb.cab (CS Order Entry Control (MBB))
O16 - DPF: {1FAF427B-1EE5-43D3-A023-3009142AFCE5} https://www.jupitero...l/csoex_jup.cab (CS Order Entry Control (JUP))
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.aka...vex-2.2.6.0.cab (DLM Control)
O16 - DPF: {5BDBA960-6534-11D3-97C7-00500422B550} http://pjhontlm.ijm..../dolcontrol.cab (LotusDRSControl Class)
O16 - DPF: {5EC2D418-1B2A-40E6-904C-CA8B7ADB3682} https://ost.maybank2...os/Cab/csta.cab (csta Control)
O16 - DPF: {75AA409D-05F9-4F27-BD53-C7339D4B1D0A} http://pjhontlm.ijm.com/dwa85W.cab (IBM Lotus iNotes 8.5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {B9B2EE1A-E314-4338-A305-BE845EACB113} https://www.jupitero...trol2/csw25.cab (CyberStock 250)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0AC9AC26-0800-4191-8EF5-53568EC336FA}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0AC9AC26-0800-4191-8EF5-53568EC336FA}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6AFAE555-7090-4140-BA93-03B528EA7D6A}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll File not found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\15.0.0\ViProtocol.dll ()
O18:64bit: - Protocol\Filter\application/x-ica - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=euc-jp - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=ISO-8859-1 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=MS936 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=MS949 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=MS950 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=UTF8 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=UTF-8 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=euc-jp - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=ISO-8859-1 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=MS936 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=MS949 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=MS950 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=UTF8 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=UTF-8 - No CLSID value found
O18:64bit: - Protocol\Filter\ica - No CLSID value found
O18 - Protocol\Filter\application/x-ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=euc-jp {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=ISO-8859-1 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=MS936 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=MS949 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=MS950 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=UTF8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=UTF-8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=euc-jp {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=ISO-8859-1 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=MS936 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=MS949 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=MS950 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=UTF8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=UTF-8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O20 - AppInit_DLLs: (C:\PROGRA~2\Citrix\ICACLI~1\RSHook.dll) - C:\Program Files (x86)\Citrix\ICA Client\RSHook.dll (Citrix Systems, Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2070-01-01 08:00:00 | 000,000,000 | ---D | M] - C:\AUTOCAD2007_23_0 -- [ NTFS ]
O33 - MountPoints2\{9dbc15b9-82ed-11e0-a5d6-705ab61f7b33}\Shell - "" = AutoRun
O33 - MountPoints2\{9dbc15b9-82ed-11e0-a5d6-705ab61f7b33}\Shell\AutoRun\command - "" = G:\autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013-04-05 20:49:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
[2013-04-05 01:13:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2013-04-04 21:42:37 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2013-04-04 21:11:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\catroot2
[2013-04-02 21:58:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Schweser2013
[2013-03-31 23:20:45 | 000,000,000 | ---D | C] -- C:\Users\acer\AppData\Roaming\AVG2013
[2013-03-31 23:07:11 | 000,000,000 | ---D | C] -- C:\Users\acer\AppData\Roaming\TuneUp Software
[2013-03-31 23:06:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG Secure Search
[2013-03-31 23:03:34 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2013
[2013-03-31 22:56:38 | 000,000,000 | ---D | C] -- C:\Users\acer\AppData\Local\MFAData
[2013-03-31 22:56:38 | 000,000,000 | ---D | C] -- C:\Users\acer\AppData\Local\Avg2013
[2013-03-30 20:22:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2013-03-30 20:22:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2013-03-30 19:39:30 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2013-03-30 19:39:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2013-03-24 21:49:33 | 000,000,000 | ---D | C] -- C:\Users\acer\Desktop\Gamuda
[2013-03-12 21:29:59 | 000,000,000 | ---D | C] -- C:\Users\acer\Desktop\Impairment Mar 2013
[2013-03-10 21:09:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2009-11-03 10:41:42 | 000,036,136 | ---- | C] (Oberon Media) -- C:\ProgramData\FullRemove.exe
[2009-09-24 13:49:22 | 003,686,400 | ---- | C] (Infor) -- C:\Program Files (x86)\Shortcut to IKEA Home Planner.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013-04-08 23:18:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013-04-08 22:52:01 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013-04-08 22:47:40 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013-04-08 22:47:22 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013-04-08 22:27:52 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013-04-08 22:27:18 | 000,000,322 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize.job
[2013-04-08 22:27:17 | 000,000,470 | ---- | M] () -- C:\Windows\tasks\SDMsgUpdate (TE).job
[2013-04-08 22:22:10 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013-04-08 22:22:05 | 1552,969,728 | -HS- | M] () -- C:\hiberfil.sys
[2013-04-07 21:28:06 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-147644820-3438000334-1850527856-1000UA.job
[2013-04-06 11:37:45 | 000,717,892 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013-04-06 11:37:45 | 000,618,264 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013-04-06 11:37:45 | 000,104,546 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013-04-06 00:28:01 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-147644820-3438000334-1850527856-1000Core.job
[2013-04-05 20:49:54 | 000,000,969 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2013.lnk
[2013-04-05 20:43:25 | 000,002,283 | ---- | M] () -- C:\Users\acer\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013-04-05 01:13:58 | 000,002,259 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013-04-04 21:31:18 | 000,007,597 | ---- | M] () -- C:\Users\acer\AppData\Local\Resmon.ResmonCfg
[2013-04-03 23:24:27 | 000,689,664 | ---- | M] () -- C:\Users\acer\Desktop\MicrosoftFixit50202.msi
[2013-04-02 21:58:08 | 000,002,200 | ---- | M] () -- C:\Users\acer\Desktop\SchweserPro Level III 2013.lnk
[2013-03-31 23:06:30 | 000,039,768 | ---- | M] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys
[2013-03-24 21:45:23 | 013,280,982 | ---- | M] () -- C:\Users\acer\Desktop\Gamuda.zip
[2013-03-12 21:22:59 | 001,407,170 | ---- | M] () -- C:\Users\acer\Desktop\Impairment Mar 2013.zip
[2013-03-10 21:44:48 | 000,002,048 | ---- | M] () -- C:\Users\acer\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013-04-05 01:13:58 | 000,002,283 | ---- | C] () -- C:\Users\acer\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013-04-05 01:13:58 | 000,002,259 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013-04-03 23:24:22 | 000,689,664 | ---- | C] () -- C:\Users\acer\Desktop\MicrosoftFixit50202.msi
[2013-04-02 21:58:08 | 000,002,200 | ---- | C] () -- C:\Users\acer\Desktop\SchweserPro Level III 2013.lnk
[2013-03-31 23:07:11 | 000,000,969 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2013.lnk
[2013-03-24 21:45:07 | 013,280,982 | ---- | C] () -- C:\Users\acer\Desktop\Gamuda.zip
[2013-03-12 21:22:54 | 001,407,170 | ---- | C] () -- C:\Users\acer\Desktop\Impairment Mar 2013.zip
[2012-10-20 15:30:20 | 000,038,431 | ---- | C] () -- C:\Users\acer\AppData\Roaming\Comma Separated Values (Windows).ADR
[2012-08-13 22:00:49 | 000,027,520 | ---- | C] () -- C:\Users\acer\AppData\Local\dt.dat
[2012-06-12 20:36:16 | 000,007,597 | ---- | C] () -- C:\Users\acer\AppData\Local\Resmon.ResmonCfg
[2011-12-10 23:37:34 | 000,000,600 | ---- | C] () -- C:\Users\acer\AppData\Roaming\winscp.rnd
[2011-11-03 23:41:34 | 000,169,873 | ---- | C] () -- C:\Windows\hpoins14.dat
[2011-11-03 23:41:34 | 000,001,498 | ---- | C] () -- C:\Windows\hpomdl14.dat
[2010-03-26 22:02:38 | 2725,864,258 | ---- | C] () -- C:\Program Files (x86)\Fallout.3.Full-Rip.Skullptura.rar

========== ZeroAccess Check ==========

[2009-07-14 12:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2009-07-14 09:41:54 | 014,161,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2009-07-14 09:16:14 | 012,866,560 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 09:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009-07-14 09:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 09:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2010-04-11 12:19:00 | 000,000,000 | -HSD | M] -- C:\Users\acer\AppData\Roaming\.#
[2011-03-03 21:14:50 | 000,000,000 | ---D | M] -- C:\Users\acer\AppData\Roaming\Autodesk
[2013-03-31 23:20:45 | 000,000,000 | ---D | M] -- C:\Users\acer\AppData\Roaming\AVG2013
[2011-01-08 15:12:12 | 000,000,000 | ---D | M] -- C:\Users\acer\AppData\Roaming\DAEMON Tools Lite
[2010-03-20 15:01:38 | 000,000,000 | ---D | M] -- C:\Users\acer\AppData\Roaming\GameConsole
[2011-03-26 13:51:47 | 000,000,000 | ---D | M] -- C:\Users\acer\AppData\Roaming\GlarySoft
[2012-06-15 21:05:32 | 000,000,000 | ---D | M] -- C:\Users\acer\AppData\Roaming\ICAClient
[2011-03-26 12:35:15 | 000,000,000 | ---D | M] -- C:\Users\acer\AppData\Roaming\IObit
[2013-04-04 21:26:59 | 000,000,000 | ---D | M] -- C:\Users\acer\AppData\Roaming\LimeWire
[2011-09-11 15:49:23 | 000,000,000 | ---D | M] -- C:\Users\acer\AppData\Roaming\Mobipocket
[2010-10-09 02:32:33 | 000,000,000 | ---D | M] -- C:\Users\acer\AppData\Roaming\Octoshape
[2011-02-08 15:59:19 | 000,000,000 | ---D | M] -- C:\Users\acer\AppData\Roaming\PCStitch Pro
[2012-02-17 22:41:35 | 000,000,000 | ---D | M] -- C:\Users\acer\AppData\Roaming\PhotoScape
[2010-03-20 15:46:10 | 000,000,000 | ---D | M] -- C:\Users\acer\AppData\Roaming\PlayFirst
[2011-03-30 20:41:03 | 000,000,000 | ---D | M] -- C:\Users\acer\AppData\Roaming\SmartDraw
[2010-09-16 21:43:40 | 000,000,000 | ---D | M] -- C:\Users\acer\AppData\Roaming\SpinTop Games
[2013-03-31 23:07:11 | 000,000,000 | ---D | M] -- C:\Users\acer\AppData\Roaming\TuneUp Software
[2011-06-15 20:53:05 | 000,000,000 | ---D | M] -- C:\Users\acer\AppData\Roaming\Unity
[2013-04-02 23:30:15 | 000,000,000 | ---D | M] -- C:\Users\acer\AppData\Roaming\uTorrent
[2010-03-21 15:30:44 | 000,000,000 | ---D | M] -- C:\Users\acer\AppData\Roaming\ViquaSoft

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 146 bytes -> C:\ProgramData\Temp:AB689DEA
@Alternate Data Stream - 138 bytes -> C:\ProgramData\Temp:5D7E5A8F
@Alternate Data Stream - 133 bytes -> C:\ProgramData\Temp:93DE1838
@Alternate Data Stream - 128 bytes -> C:\ProgramData\Temp:ABE89FFE
@Alternate Data Stream - 124 bytes -> C:\ProgramData\Temp:E1F04E8D
@Alternate Data Stream - 122 bytes -> C:\ProgramData\Temp:444C53BA
@Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:0B9176C0
@Alternate Data Stream - 116 bytes -> C:\ProgramData\Temp:BC359956

< End of report >
  • 0

Advertisements


#2
Jintan

Jintan

    Trusted Helper

  • Malware Removal
  • 904 posts
Hello kenchew,

Some adware loaded there, including AVG Secure Search, which is really just another search hijacker. It also appears you don't have Service Pack 1 installed, which is essential. Click the Start orb, right click Computer, select Properties. Does it shows Service Pack 1 next to Windows 7?

Post back on that, and let's check further before starting repairs.


The system is Windows 7, so when running any of the scan files we use, be sure to right click the file, then select "Run as administrator" to start the scan/tool.

And To make sure you have an accurate view of files there, make sure you can View Hidden Files. Also uncheck "Hide Extensions for Known File Types"



To keep them from interfering with the repairs, be sure to temporarily disable all antivirus/anti-spyware softwares while these steps are being completed. This can usually be done through right clicking the software's Taskbar icons, or accessing each software through Start - Programs. Here are some antivirus disable tips if needed.

-------

Download HijackThis from Here. Then click on the downloaded file, and install HijackThis.

In HijackThis, click Config - Misc Tools - Open Uninstall Manager.

Click on Save List, then save that to a location you can locate again (such as the desktop). Copy/paste the contents of that back here please.

-------

Download RogueKiller from here to your desktop.

Close all open programs
Remember to right click -> run as administrator, and click the downloaded file.
Wen RogueKiller finises it's opening scan, press the Scan button..
A RKreport.txt will be created in the same location as the RogueKiller file.
If the program is blocked, do not hesitate to try several times. If it really does not work (it could happen), rename it to winlogon.exe, and try again.

Please post the contents of the RKreport.txt.
  • 0

#3
kenchew

kenchew

    Member

  • Topic Starter
  • Member
  • PipPip
  • 74 posts
Hi Jintan,

Thanks for your assistance.

1.Nope, there is no Service Pack 1 stated in the properties.
2.I don't think I was successful in disabling my AVG AntiVirus Free Edition 2013. Although I "ok-ed" the temporary disable function, when I right-click the icon on the taskbar it still gives me the option "Temporary Disable AVG Protection". I think it should read "Enable AVG protection" instead, if I have successfully disabled it earlier.

Anyway, these are the list/logs/reports from the programs that you asked me to run. Thanks again for your help! :)

µTorrent
7-Zip 9.13 beta
Acer Arcade Deluxe
Acer Arcade Deluxe
Acer Backup Manager
Acer Bio Protection
Acer Crystal Eye Webcam
Acer ePower Management
Acer eRecovery Management
Acer GameZone Console
Acer GridVista
Acer Registration
Acer ScreenSaver
Acer Updater
Acrobat.com
Adobe AIR
Adobe AIR
Adobe Digital Editions
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader 9.5.4 MUI
Adobe Shockwave Player 11.6
Alice Greenfingers
Amazonia
AuthenTec Fingerprint Software
AutoCAD 2007 - English
Autodesk DWF Viewer
Backup Manager Basic
Chicken Invaders 2
Citrix Authentication Manager
Citrix Receiver
Citrix Receiver (HDX Flash Redirection)
Citrix Receiver Inside
Citrix Receiver(Aero)
Citrix Receiver(DV)
Citrix Receiver(USB)
Compatibility Pack for the 2007 Office system
Dairy Dash
Dream Day First Home
eBay Worldwide
eSobi v2
Facebook Video Calling 1.2.0.287
Farm Frenzy 2
Fingerprint Solution
First Class Flurry
Glary Utilities 2.33.0.1158
Google Chrome
Google Toolbar for Internet Explorer
Google Toolbar for Internet Explorer
Google Update Helper
Granny In Paradise
Heroes of Hellas
HP LaserJet Professional M1530 MFP Series
HP LJ M1530 MFP Series HP Scan
HP Update
HPLaserJetHelp_LearnCenter
I.R.I.S. OCR
Identity Card
IKEA Home Planner
Incredibar Toolbar on IE
Intel® Management Engine Components
Intel® Turbo Boost Technology Driver
Java™ 6 Update 24
Junk Mail filter update
K-Lite Mega Codec Pack 5.8.3
KooBits 4.0
KooBits 4.0
Launch Manager
LimeWire 5.5.8
Math Games Level 1 1.0
Merriam Websters Spell Jam
Microsoft Choice Guard
Microsoft Games for Windows - LIVE
Microsoft Games for Windows - LIVE Redistributable
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft SQL Server Compact 3.5 SP2 for Devices English
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Works
Mobipocket Reader 6.2
Mozilla Firefox 19.0.2 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MyWinLocker
Norton Online Backup
NTI Backup Now 5
NTI Media Maker 8
Online Plug-in
PCStitch 9
Pcsx2 0.9.6
PDFCreator
PhotoScape
plist Editor for Windows 1.0.2
Realtek High Definition Audio Driver
Realtek USB 2.0 Card Reader
SchweserPro Level III 2013
Self-service Plug-in
Skype Toolbars
Skype™ 5.10
Smart Defrag 2
SmartDraw VP
swMSM
TVUPlayer 2.5.3.1
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2768024) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Veetle TV 0.9.17
Visual C++ 8.0 Runtime Setup Package (x64)
Visual Studio 2008 x64 Redistributables
Welcome Center
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Upload Tool
Windows Live Writer
WinRAR archiver
WinSCP 4.3.5
WinWAP 1.3 for Pocket PC 2003
YTD Video Downloader 3.9.5



RogueKiller V8.5.4 [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo...13-roguekiller/
Website : http://tigzy.geeksto...roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7600 ) 64 bits version
Started in : Normal mode
User : acer [Admin rights]
Mode : Scan -- Date : 04/11/2013 21:40:48
| ARK || FAK || MBR |

¤¤¤ Bad processes : 2 ¤¤¤
[SERVICE] IBUpdaterService -- C:\Windows\system32\dmwu.exe [x] -> ERROR [0x41c]
[RESIDUE] dmwu.exe -- C:\Windows\System32\dmwu.exe [x] -> KILLED [TermProc]

¤¤¤ Registry Entries : 8 ¤¤¤
[Services][BLSVC] HKLM\[...]\ControlSet001\Services\IBUpdaterService (C:\Windows\system32\dmwu.exe) -> FOUND
[Services][BLSVC] HKLM\[...]\ControlSet002\Services\IBUpdaterService (C:\Windows\system32\dmwu.exe) -> FOUND
[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND
[HJ] HKLM\[...]\Wow6432Node\System : ConsentPromptBehaviorAdmin (0) -> FOUND
[HJ] HKLM\[...]\System : EnableLUA (0) -> FOUND
[HJ] HKLM\[...]\Wow6432Node\System : EnableLUA (0) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts



¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: WDC WD5000BEVT-22A0RT0 +++++
--- User ---
[MBR] f6e72ddd1af1f32414afdc962ec2b36d
[BSP] 003802b4dea7b4e439fe39005eec8167 : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 63 | Size: 12291 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 25174016 | Size: 100 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 25378816 | Size: 234372 Mo
3 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 505372672 | Size: 230175 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[1]_S_04112013_02d2140.txt >>
RKreport[1]_S_04112013_02d2140.txt
  • 0

#4
Jintan

Jintan

    Trusted Helper

  • Malware Removal
  • 904 posts
Before we continue, AVG doesn't even show as installed. Is it still installed?
  • 0

#5
kenchew

kenchew

    Member

  • Topic Starter
  • Member
  • PipPip
  • 74 posts
It seems to be installed (refer attachments). Or is it due to the message "There are no active components" in the AVG interface?

Attached Thumbnails

  • AVG1.jpg
  • AVG2.jpg

  • 0

#6
Jintan

Jintan

    Trusted Helper

  • Malware Removal
  • 904 posts
Corrupted, most likely.

Go here and download and run the AVG uninstaller. Just select the 2012/13 uninstaller, which should remove any older versions as well. Make sure you have it uninstall everything - it tries to have user's keep it's search hijacker toolbar.

Be sure to reboot after.

---------

Then go here and download windows6.1-KB976932-X64.exe to your desktop, then right click - Run as administrator - and allow it to install. Reboot after.

---------

Run and post a new OTL log please.
  • 0

#7
kenchew

kenchew

    Member

  • Topic Starter
  • Member
  • PipPip
  • 74 posts
Hi Jintan,

I've downloaded and ran AVG Remover(64bit) 2013 first, then AVG Remover(64bit) 2012. It seems to successfully uninstall AVG.
Note: Got a blue screen when rebooting after running AVG Remover (64bit) 2013.

I've downloaded windows6.1-KB976932-X64.exe but was not able to successful install. They prompted me to restart each time. I've restarted 4 times and they still give me the same message (refer attachment).

Anyhow, this is the current OTL log.

OTL logfile created on: 13-Apr-13 10:44:33 PM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\acer\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: dd-MMM-yy

1.93 Gb Total Physical Memory | 1.10 Gb Available Physical Memory | 57.24% Memory free
3.86 Gb Paging File | 2.89 Gb Available in Paging File | 75.04% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 228.88 Gb Total Space | 181.30 Gb Free Space | 79.21% Space Free | Partition Type: NTFS
Drive E: | 224.78 Gb Total Space | 56.10 Gb Free Space | 24.96% Space Free | Partition Type: NTFS

Computer Name: KEN | User Name: acer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013-04-08 23:05:49 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\acer\Desktop\OTL.exe
PRC - [2013-04-07 16:55:02 | 000,015,152 | ---- | M] () -- C:\Windows\SysWOW64\jmdp\stij.exe
PRC - [2013-01-29 14:29:30 | 000,188,760 | ---- | M] () -- C:\Program Files\IB Updater\ExtensionUpdaterService.exe
PRC - [2010-10-25 14:53:46 | 000,145,920 | ---- | M] (HP) -- C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
PRC - [2010-10-25 14:40:08 | 000,058,936 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\HP\ToolboxFX\bin\HPTLBXFX.exe
PRC - [2010-03-15 11:28:23 | 000,045,056 | ---- | M] () -- C:\Program Files (x86)\WinRAR\RarExtLoader.exe
PRC - [2009-09-30 20:01:32 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2009-09-30 20:01:30 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2009-09-25 07:42:28 | 000,062,720 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
PRC - [2009-08-28 17:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
PRC - [2009-08-18 17:42:08 | 001,157,128 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
PRC - [2009-08-07 21:29:54 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2009-08-05 21:29:42 | 003,567,104 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\Acer Bio Protection\PdtWzd.exe
PRC - [2009-08-05 21:29:42 | 003,449,856 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\Acer Bio Protection\BASVC.exe
PRC - [2009-08-05 21:29:30 | 003,353,088 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\Acer Bio Protection\CompPtcVUI.exe
PRC - [2009-08-04 13:09:34 | 000,199,464 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe
PRC - [2009-07-04 10:47:12 | 000,240,160 | ---- | M] (Acer) -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe
PRC - [2009-06-30 13:39:46 | 001,807,608 | ---- | M] (AuthenTec, Inc.) -- C:\Program Files (x86)\Fingerprint Sensor\AtService.exe
PRC - [2008-07-29 19:29:26 | 000,200,704 | ---- | M] () -- C:\Windows\PLFSetI.exe


========== Modules (No Company Name) ==========

MOD - [2013-04-07 16:55:02 | 000,015,152 | ---- | M] () -- C:\Windows\SysWOW64\jmdp\stij.exe
MOD - [2013-04-07 16:54:20 | 000,306,176 | ---- | M] () -- C:\Windows\SysWOW64\jmdp\lmrn.dll
MOD - [2013-02-05 15:25:06 | 000,362,029 | ---- | M] () -- C:\Windows\SysWOW64\jmdp\sqlite3.dll
MOD - [2010-10-25 14:36:22 | 000,119,864 | ---- | M] () -- C:\Program Files (x86)\HP\ToolboxFX\bin\NativeUtils.dll
MOD - [2010-03-15 11:28:23 | 000,045,056 | ---- | M] () -- C:\Program Files (x86)\WinRAR\RarExtLoader.exe
MOD - [2010-03-15 11:28:22 | 000,141,824 | ---- | M] () -- C:\Program Files (x86)\WinRAR\RarExt.dll
MOD - [2009-07-14 12:56:03 | 011,804,160 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\3871fc2b96345aa6f3be81d9e3c97160\System.Web.ni.dll
MOD - [2009-07-14 12:55:57 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\4bdeb88758dccd625f4703ed77aaf348\System.Runtime.Remoting.ni.dll
MOD - [2009-07-14 12:55:34 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\e71959f4ec6eb386889050ac139835c7\System.ServiceProcess.ni.dll
MOD - [2009-07-14 12:55:32 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\fedf1ba58dced4f0b3f8c457648ceed9\System.Windows.Forms.ni.dll
MOD - [2009-07-14 12:55:32 | 000,310,784 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\d57d865568209a71d63739fa448ed6df\System.Runtime.Serialization.Formatters.Soap.ni.dll
MOD - [2009-07-14 12:55:26 | 001,586,688 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\ead6be8b410d56b5576b10e56af2c180\System.Drawing.ni.dll
MOD - [2009-07-14 12:55:25 | 001,806,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\ebb1a98d5d55d13bbe33034416ee5a1f\System.Deployment.ni.dll
MOD - [2009-07-14 12:55:14 | 003,313,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\c2f9dd7db911053edcaaadf5fefc500a\WindowsBase.ni.dll
MOD - [2009-07-14 12:55:09 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\5dd9f783008543df3e642ff1e99de4e8\System.Xml.ni.dll
MOD - [2009-07-14 12:55:06 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\4b1350e31ff09cc583b34854816d8036\System.Configuration.ni.dll
MOD - [2009-07-14 12:55:05 | 007,949,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\5ba3bf5367fc012300c6566f20cb7f54\System.ni.dll
MOD - [2009-07-14 12:55:00 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\8c1770d45c63cf5c462eeb945ef9aa5d\mscorlib.ni.dll
MOD - [2008-07-29 19:29:26 | 000,200,704 | ---- | M] () -- C:\Windows\PLFSetI.exe


========== Services (SafeList) ==========

SRV:64bit: - [2013-04-07 16:54:58 | 001,455,408 | ---- | M] () [Auto | Running] -- C:\Windows\SysNative\dmwu.exe -- (IBUpdaterService)
SRV:64bit: - [2013-01-29 14:29:30 | 000,188,760 | ---- | M] () [Auto | Running] -- C:\Program Files\IB Updater\ExtensionUpdaterService.exe -- (IB Updater Updater)
SRV:64bit: - [2009-10-30 03:10:02 | 000,844,320 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe -- (ePowerSvc)
SRV:64bit: - [2009-10-02 18:39:44 | 000,873,248 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2009-09-29 17:25:48 | 000,126,392 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
SRV:64bit: - [2009-07-14 09:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009-07-04 10:47:12 | 000,240,160 | ---- | M] (Acer) [Auto | Running] -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe -- (Updater Service)
SRV - [2013-03-31 23:06:30 | 000,990,896 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.0.0\ToolbarUpdater.exe -- (vToolbarUpdater15.0.0)
SRV - [2013-03-21 20:18:40 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013-03-10 21:09:34 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012-07-13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011-03-03 21:10:32 | 000,077,944 | ---- | M] (Autodesk) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe -- (Autodesk Licensing Service)
SRV - [2010-10-25 14:53:46 | 000,145,920 | ---- | M] (HP) [Auto | Running] -- C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe -- (HP LaserJet Service)
SRV - [2009-09-30 20:01:32 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2009-09-30 20:01:30 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2009-09-25 07:42:28 | 000,062,720 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Running] -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc)
SRV - [2009-09-10 21:42:46 | 000,305,448 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe -- (MWLService)
SRV - [2009-08-28 17:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe -- (Greg_Service)
SRV - [2009-08-07 21:29:36 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)
SRV - [2009-08-05 21:29:42 | 003,449,856 | ---- | M] (Egis Technology Inc.) [Auto | Running] -- C:\Program Files (x86)\Acer Bio Protection\BASVC.exe -- (IGBASVC)
SRV - [2009-06-30 13:39:46 | 001,807,608 | ---- | M] (AuthenTec, Inc.) [Auto | Running] -- C:\Program Files (x86)\Fingerprint Sensor\AtService.exe -- (ATService)
SRV - [2009-06-11 05:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009-04-29 11:21:18 | 000,436,736 | ---- | M] (Conexant Systems, Inc.) [Auto | Stopped] -- C:\Windows\SysWOW64\XAudio64.dll -- (HsfXAudioService)
SRV - [2007-05-31 10:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007-05-31 10:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013-03-31 23:06:30 | 000,039,768 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp)
DRV:64bit: - [2012-05-17 08:14:58 | 000,093,272 | ---- | M] (Citrix Systems, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ctxusbm.sys -- (ctxusbm)
DRV:64bit: - [2011-02-23 16:50:14 | 000,018,232 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\SmartDefragDriver.sys -- (SmartDefragDriver)
DRV:64bit: - [2011-01-08 15:07:29 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2010-09-08 00:20:50 | 000,009,216 | ---- | M] (SpeedJet Technology INC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SjtWinIo.sys -- (SjtWinIo)
DRV:64bit: - [2009-10-26 04:24:24 | 000,151,040 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2009-10-05 15:49:34 | 006,952,960 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NETw5s64.sys -- (NETw5s64)
DRV:64bit: - [2009-10-05 09:34:00 | 001,542,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009-10-02 08:47:38 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2009-09-29 17:25:50 | 000,012,728 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2009-09-17 12:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:64bit: - [2009-09-03 18:15:26 | 000,292,400 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2009-09-02 09:58:08 | 000,225,280 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2009-08-28 19:15:32 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2009-08-28 19:15:26 | 000,021,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2009-08-21 12:24:04 | 000,084,512 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2009-08-07 21:24:14 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009-07-14 09:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009-07-14 09:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009-07-14 09:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009-07-14 09:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009-07-14 09:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009-07-14 09:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2009-07-14 09:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009-07-14 08:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009-07-14 08:09:50 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2009-07-01 12:46:58 | 000,052,264 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btusbflt.sys -- (btusbflt)
DRV:64bit: - [2009-06-30 14:06:04 | 000,734,720 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ATSwpWDF.sys -- (ATSwpWDF)
DRV:64bit: - [2009-06-11 05:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009-06-11 05:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009-06-11 05:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009-06-11 04:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009-06-11 04:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009-06-11 04:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009-06-11 04:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009-06-07 16:36:46 | 000,317,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a)
DRV:64bit: - [2009-06-02 19:15:30 | 000,060,464 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)
DRV:64bit: - [2009-06-02 19:15:30 | 000,022,576 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)
DRV:64bit: - [2009-06-02 19:15:30 | 000,020,016 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)
DRV:64bit: - [2009-05-05 16:46:08 | 000,018,432 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV:64bit: - [2009-05-05 16:46:08 | 000,016,896 | ---- | M] (NewTech Infosystems Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
DRV:64bit: - [2009-04-29 11:21:08 | 000,010,240 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\XAudio64.sys -- (XAudio)
DRV:64bit: - [2009-04-07 15:33:08 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2009-02-12 22:24:56 | 001,485,824 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CAX_DPV.sys -- (HSF_DPV)
DRV:64bit: - [2009-02-12 22:20:56 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CAXHWAZL.sys -- (CAXHWAZL)
DRV:64bit: - [2009-02-12 22:19:34 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CAX_CNXT.sys -- (winachsf)
DRV:64bit: - [2006-06-18 06:27:24 | 000,017,024 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mdmxsdk.sys -- (mdmxsdk)
DRV - [2009-09-02 09:58:08 | 000,225,280 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV - [2009-07-14 09:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer...e4z175t44j2d253
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer...e4z175t44j2d253
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer...e4z175t44j2d253
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer...e4z175t44j2d253
IE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.co...ng}&rlz=1I7ACAW
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer...e4z175t44j2d253
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer...e4z175t44j2d253
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.co...AW_enMY371MY372
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.c...fr&d=2011-10-13 20:45:33&v=14.2.0.1&pid=avg&sg=&sap=dsp&q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://www.google.com.my/"
FF - prefs.js..extensions.enabledAddons: avg%40toolbar:15.0.0.2
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0.2
FF - prefs.js..extensions.enabledItems: [email protected]:2
FF - prefs.js..extensions.enabledItems: 5
FF - prefs.js..extensions.enabledItems: 3
FF - prefs.js..extensions.enabledItems: 1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:10.0.0.1178
FF - prefs.js..extensions.enabledItems: [email protected]:6.011.025.001


FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\15.0.0\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@Citrix.com/npican: C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll (Citrix Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pages.tvunetworks.com/WebPlayer: C:\Program Files (x86)\TVUPlayer\npTVUAx.dll (TVU networks)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.709: C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.709: C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@veetle.com/vbp;version=0.9.17: C:\Program Files (x86)\Veetle\VLCBroadcast\npvbp.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.17: C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.17: C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@octoshape.com/Octoshape Streaming Services,version=1.0: C:\Users\acer\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1008042-0-npoctoshape.dll (Octoshape ApS)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\acer\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\acer\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\PROGRAM FILES\IB UPDATER\FIREFOX [2013-02-28 21:52:20 | 000,000,000 | ---D | M]
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}: C:\PROGRAM FILES\IB UPDATER\FIREFOX [2013-02-28 21:52:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\AVG\AVG10\Toolbar\Firefox\[email protected]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-11-03 23:45:56 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\ProgramData\AVG Secure Search\FireFoxExt\15.0.0.2 [2013-03-31 23:07:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\IB Updater\Firefox [2013-02-28 21:52:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}: C:\Program Files\IB Updater\Firefox [2013-02-28 21:52:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013-03-10 21:09:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013-03-10 21:09:30 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-11-03 23:45:56 | 000,000,000 | ---D | M]

[2010-04-25 21:34:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\acer\AppData\Roaming\mozilla\Extensions
[2010-04-25 21:34:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\acer\AppData\Roaming\mozilla\Extensions\[email protected]
[2012-11-13 14:36:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\acer\AppData\Roaming\mozilla\Firefox\Profiles\uotyg8kr.default\extensions
[2012-11-13 14:36:28 | 000,000,000 | ---D | M] (incredibar.com) -- C:\Users\acer\AppData\Roaming\mozilla\Firefox\Profiles\uotyg8kr.default\extensions\[email protected]
[2010-06-14 22:16:14 | 000,000,000 | ---D | M] (TVU Web Player) -- C:\Users\acer\AppData\Roaming\mozilla\Firefox\Profiles\uotyg8kr.default\extensions\[email protected]
[2013-04-13 20:45:24 | 000,002,120 | ---- | M] () -- C:\Users\acer\AppData\Roaming\mozilla\firefox\profiles\uotyg8kr.default\searchplugins\MyStart Search.xml
[2013-03-10 21:09:29 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013-03-10 21:09:29 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2013-03-31 23:07:08 | 000,000,000 | ---D | M] (AVG Security Toolbar) -- C:\PROGRAMDATA\AVG SECURE SEARCH\FIREFOXEXT\15.0.0.2
[2013-03-10 21:09:34 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011-02-02 21:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2012-08-31 00:32:05 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2013-02-27 21:30:20 | 000,002,086 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.240.7 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U24 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Windows Genuine Advantage (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npLegitCheckPlugin.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: Octoshape Streaming Services (Enabled) = C:\Users\acer\AppData\Roaming\Mozilla\plugins\npoctoshape.dll
CHR - plugin: Citrix ICA Client (Enabled) = C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll
CHR - plugin: AVG SiteSafety plugin (Enabled) = C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\15.0.0\\npsitesafety.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - plugin: TVU Web Player for FireFox (Enabled) = C:\Program Files (x86)\TVUPlayer\npTVUAx.dll
CHR - plugin: Veetle TV Player (Enabled) = C:\Program Files (x86)\Veetle\Player\npvlc.dll
CHR - plugin: Veetle Broadcaster Plugin (Enabled) = C:\Program Files (x86)\Veetle\VLCBroadcast\npvbp.dll
CHR - plugin: Veetle TV Core (Enabled) = C:\Program Files (x86)\Veetle\plugins\npVeetle.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\acer\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\acer\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - plugin: Octoshape Streaming Services (Enabled) = C:\Users\acer\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1008042-0-npoctoshape.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll
CHR - Extension: Google Docs = C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: YouTube = C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Gmail = C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2009-06-11 05:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (IB Updater) - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\IB Updater\Extension64.dll ()
O2:64bit: - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg64.dll (Google Inc.)
O2 - BHO: (IB Updater) - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\IB Updater\Extension32.dll ()
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Incredibar.com Helper Object) - {6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} - C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\bh\incredibar.dll (Montera Technologeis LTD)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll File not found
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll File not found
O3 - HKLM\..\Toolbar: (Incredibar Toolbar) - {F9639E4A-801B-4843-AEE3-03D9DA199E77} - C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\incredibarTlbr.dll (Montera Technologeis LTD)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated)
O4:64bit: - HKLM..\Run: [HP LaserJet Professional M1530 MFP Series Fax] C:\Program Files (x86)\HP\Digital Imaging\Fax\Fax Driver 0.6 Base\hppfaxprintersrv.exe (Hewlett-Packard Company)
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [EgisTecLiveUpdate] C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [ToolboxFX] C:\Program Files (x86)\HP\ToolboxFX\bin\HPTLBXFX.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [VitaKeyPdtWzd] C:\Program Files (x86)\Acer Bio Protection\PdtWzd.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe" File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O8:64bit: - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: Quick-Launch Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files (x86)\Acer Bio Protection\PwdBank.exe (Egis Technology Inc.)
O9:64bit: - Extra 'Tools' menuitem : Quick-Launch Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files (x86)\Acer Bio Protection\PwdBank.exe (Egis Technology Inc.)
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Quick-Launch Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files (x86)\Acer Bio Protection\PwdBank.exe (Egis Technology Inc.)
O9 - Extra 'Tools' menuitem : Quick-Launch Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files (x86)\Acer Bio Protection\PwdBank.exe (Egis Technology Inc.)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {0F2AAAE3-7E9E-4B64-AB5D-1CA24C6ACB9C} http://pjhontlm.ijm.com/dwa85W.cab (IBM Lotus iNotes 8.5 Control)
O16 - DPF: {1FAF427B-1EE5-43D3-A023-3009142AFCD9} https://ost.maybank2...b/csoex_mbb.cab (CS Order Entry Control (MBB))
O16 - DPF: {1FAF427B-1EE5-43D3-A023-3009142AFCE5} https://www.jupitero...l/csoex_jup.cab (CS Order Entry Control (JUP))
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.aka...vex-2.2.6.0.cab (DLM Control)
O16 - DPF: {5BDBA960-6534-11D3-97C7-00500422B550} http://pjhontlm.ijm..../dolcontrol.cab (LotusDRSControl Class)
O16 - DPF: {5EC2D418-1B2A-40E6-904C-CA8B7ADB3682} https://ost.maybank2...os/Cab/csta.cab (csta Control)
O16 - DPF: {75AA409D-05F9-4F27-BD53-C7339D4B1D0A} http://pjhontlm.ijm.com/dwa85W.cab (IBM Lotus iNotes 8.5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {B9B2EE1A-E314-4338-A305-BE845EACB113} https://www.jupitero...trol2/csw25.cab (CyberStock 250)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0AC9AC26-0800-4191-8EF5-53568EC336FA}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0AC9AC26-0800-4191-8EF5-53568EC336FA}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6AFAE555-7090-4140-BA93-03B528EA7D6A}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\15.0.0\ViProtocol.dll ()
O18:64bit: - Protocol\Filter\application/x-ica - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=euc-jp - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=ISO-8859-1 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=MS936 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=MS949 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=MS950 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=UTF8 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=UTF-8 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=euc-jp - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=ISO-8859-1 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=MS936 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=MS949 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=MS950 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=UTF8 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=UTF-8 - No CLSID value found
O18:64bit: - Protocol\Filter\ica - No CLSID value found
O18 - Protocol\Filter\application/x-ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=euc-jp {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=ISO-8859-1 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=MS936 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=MS949 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=MS950 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=UTF8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=UTF-8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=euc-jp {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=ISO-8859-1 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=MS936 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=MS949 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=MS950 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=UTF8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=UTF-8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O20 - AppInit_DLLs: (C:\PROGRA~2\Citrix\ICACLI~1\RSHook.dll) - C:\Program Files (x86)\Citrix\ICA Client\RSHook.dll (Citrix Systems, Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2070-01-01 08:00:00 | 000,000,000 | ---D | M] - C:\AUTOCAD2007_23_0 -- [ NTFS ]
O33 - MountPoints2\{9dbc15b9-82ed-11e0-a5d6-705ab61f7b33}\Shell - "" = AutoRun
O33 - MountPoints2\{9dbc15b9-82ed-11e0-a5d6-705ab61f7b33}\Shell\AutoRun\command - "" = G:\autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013-04-13 20:37:59 | 000,000,000 | ---D | C] -- C:\4b81525c2779cdd84a549a3d
[2013-04-13 20:10:49 | 000,000,000 | ---D | C] -- C:\4d0a8400addbb88b308194f33b31
[2013-04-13 16:22:08 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\EventProviders
[2013-04-13 09:59:49 | 000,000,000 | ---D | C] -- C:\Users\acer\AppData\Local\Avg2013
[2013-04-11 21:44:29 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\jmdp
[2013-04-11 21:44:07 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\ARFC
[2013-04-11 21:39:36 | 000,000,000 | ---D | C] -- C:\Users\acer\Desktop\RK_Quarantine
[2013-04-11 10:14:31 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\acer\Desktop\HijackThis.exe
[2013-04-08 23:05:12 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\acer\Desktop\OTL.exe
[2013-04-05 01:13:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2013-04-04 21:42:37 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2013-04-04 21:11:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\catroot2
[2013-04-02 21:58:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Schweser2013
[2013-03-31 23:07:11 | 000,000,000 | ---D | C] -- C:\Users\acer\AppData\Roaming\TuneUp Software
[2013-03-31 23:03:34 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2013
[2013-03-31 22:56:38 | 000,000,000 | ---D | C] -- C:\Users\acer\AppData\Local\MFAData
[2013-03-30 20:22:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2013-03-30 20:22:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2013-03-30 19:39:30 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2013-03-30 19:39:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2013-03-24 21:49:33 | 000,000,000 | ---D | C] -- C:\Users\acer\Desktop\Gamuda
[2009-11-03 10:41:42 | 000,036,136 | ---- | C] (Oberon Media) -- C:\ProgramData\FullRemove.exe
[2009-09-24 13:49:22 | 003,686,400 | ---- | C] (Infor) -- C:\Program Files (x86)\Shortcut to IKEA Home Planner.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013-04-13 22:53:55 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013-04-13 22:43:47 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013-04-13 22:43:44 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013-04-13 22:37:27 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013-04-13 22:36:50 | 000,000,470 | ---- | M] () -- C:\Windows\tasks\SDMsgUpdate (TE).job
[2013-04-13 22:36:48 | 000,000,322 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize.job
[2013-04-13 22:30:51 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013-04-13 22:30:35 | 1552,969,728 | -HS- | M] () -- C:\hiberfil.sys
[2013-04-13 22:18:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013-04-13 21:28:02 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-147644820-3438000334-1850527856-1000UA.job
[2013-04-13 21:25:41 | 000,035,978 | ---- | M] () -- C:\Users\acer\Desktop\Unsucessful.jpg
[2013-04-13 09:55:59 | 362,238,302 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013-04-13 09:26:51 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-147644820-3438000334-1850527856-1000Core.job
[2013-04-12 19:31:48 | 000,135,815 | ---- | M] () -- C:\Users\acer\Desktop\AVG2.jpg
[2013-04-12 19:28:31 | 000,051,994 | ---- | M] () -- C:\Users\acer\Desktop\AVG1.jpg
[2013-04-11 21:30:31 | 000,816,128 | ---- | M] () -- C:\Users\acer\Desktop\RogueKiller.exe
[2013-04-11 21:18:32 | 000,717,892 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013-04-11 21:18:32 | 000,618,264 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013-04-11 21:18:32 | 000,104,546 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013-04-11 21:07:08 | 000,002,187 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013-04-11 10:15:02 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\acer\Desktop\HijackThis.exe
[2013-04-08 23:05:49 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\acer\Desktop\OTL.exe
[2013-04-07 16:54:58 | 001,455,408 | ---- | M] () -- C:\Windows\SysNative\dmwu.exe
[2013-04-07 16:53:48 | 000,033,792 | ---- | M] (IncrediMail, Ltd.) -- C:\Windows\SysNative\ImHttpComm.dll
[2013-04-05 20:43:25 | 000,002,283 | ---- | M] () -- C:\Users\acer\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013-04-04 21:31:18 | 000,007,597 | ---- | M] () -- C:\Users\acer\AppData\Local\Resmon.ResmonCfg
[2013-04-03 23:24:27 | 000,689,664 | ---- | M] () -- C:\Users\acer\Desktop\MicrosoftFixit50202.msi
[2013-04-02 21:58:08 | 000,002,200 | ---- | M] () -- C:\Users\acer\Desktop\SchweserPro Level III 2013.lnk
[2013-03-31 23:06:30 | 000,039,768 | ---- | M] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys
[2013-03-24 21:45:23 | 013,280,982 | ---- | M] () -- C:\Users\acer\Desktop\Gamuda.zip
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013-04-13 21:25:41 | 000,035,978 | ---- | C] () -- C:\Users\acer\Desktop\Unsucessful.jpg
[2013-04-12 19:31:48 | 000,135,815 | ---- | C] () -- C:\Users\acer\Desktop\AVG2.jpg
[2013-04-12 19:28:23 | 000,051,994 | ---- | C] () -- C:\Users\acer\Desktop\AVG1.jpg
[2013-04-11 21:30:02 | 000,816,128 | ---- | C] () -- C:\Users\acer\Desktop\RogueKiller.exe
[2013-04-05 01:13:58 | 000,002,283 | ---- | C] () -- C:\Users\acer\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013-04-05 01:13:58 | 000,002,187 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013-04-03 23:24:22 | 000,689,664 | ---- | C] () -- C:\Users\acer\Desktop\MicrosoftFixit50202.msi
[2013-04-02 21:58:08 | 000,002,200 | ---- | C] () -- C:\Users\acer\Desktop\SchweserPro Level III 2013.lnk
[2013-03-24 21:45:07 | 013,280,982 | ---- | C] () -- C:\Users\acer\Desktop\Gamuda.zip
[2012-10-20 15:30:20 | 000,038,431 | ---- | C] () -- C:\Users\acer\AppData\Roaming\Comma Separated Values (Windows).ADR
[2012-08-13 22:00:49 | 000,027,520 | ---- | C] () -- C:\Users\acer\AppData\Local\dt.dat
[2012-06-12 20:36:16 | 000,007,597 | ---- | C] () -- C:\Users\acer\AppData\Local\Resmon.ResmonCfg
[2011-12-10 23:37:34 | 000,000,600 | ---- | C] () -- C:\Users\acer\AppData\Roaming\winscp.rnd
[2011-11-03 23:41:34 | 000,169,873 | ---- | C] () -- C:\Windows\hpoins14.dat
[2011-11-03 23:41:34 | 000,001,498 | ---- | C] () -- C:\Windows\hpomdl14.dat
[2010-03-26 22:02:38 | 2725,864,258 | ---- | C] () -- C:\Program Files (x86)\Fallout.3.Full-Rip.Skullptura.rar

========== ZeroAccess Check ==========

[2009-07-14 12:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2009-07-14 09:41:54 | 014,161,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2009-07-14 09:16:14 | 012,866,560 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 09:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009-07-14 09:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 09:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2010-04-11 12:19:00 | 000,000,000 | -HSD | M] -- C:\Users\acer\AppData\Roaming\.#
[2011-03-03 21:14:50 | 000,000,000 | ---D | M] -- C:\Users\acer\AppData\Roaming\Autodesk
[2011-01-08 15:12:12 | 000,000,000 | ---D | M] -- C:\Users\acer\AppData\Roaming\DAEMON Tools Lite
[2010-03-20 15:01:38 | 000,000,000 | ---D | M] -- C:\Users\acer\AppData\Roaming\GameConsole
[2011-03-26 13:51:47 | 000,000,000 | ---D | M] -- C:\Users\acer\AppData\Roaming\GlarySoft
[2012-06-15 21:05:32 | 000,000,000 | ---D | M] -- C:\Users\acer\AppData\Roaming\ICAClient
[2011-03-26 12:35:15 | 000,000,000 | ---D | M] -- C:\Users\acer\AppData\Roaming\IObit
[2013-04-04 21:26:59 | 000,000,000 | ---D | M] -- C:\Users\acer\AppData\Roaming\LimeWire
[2011-09-11 15:49:23 | 000,000,000 | ---D | M] -- C:\Users\acer\AppData\Roaming\Mobipocket
[2010-10-09 02:32:33 | 000,000,000 | ---D | M] -- C:\Users\acer\AppData\Roaming\Octoshape
[2011-02-08 15:59:19 | 000,000,000 | ---D | M] -- C:\Users\acer\AppData\Roaming\PCStitch Pro
[2012-02-17 22:41:35 | 000,000,000 | ---D | M] -- C:\Users\acer\AppData\Roaming\PhotoScape
[2010-03-20 15:46:10 | 000,000,000 | ---D | M] -- C:\Users\acer\AppData\Roaming\PlayFirst
[2011-03-30 20:41:03 | 000,000,000 | ---D | M] -- C:\Users\acer\AppData\Roaming\SmartDraw
[2010-09-16 21:43:40 | 000,000,000 | ---D | M] -- C:\Users\acer\AppData\Roaming\SpinTop Games
[2013-03-31 23:07:11 | 000,000,000 | ---D | M] -- C:\Users\acer\AppData\Roaming\TuneUp Software
[2011-06-15 20:53:05 | 000,000,000 | ---D | M] -- C:\Users\acer\AppData\Roaming\Unity
[2013-04-02 23:30:15 | 000,000,000 | ---D | M] -- C:\Users\acer\AppData\Roaming\uTorrent
[2010-03-21 15:30:44 | 000,000,000 | ---D | M] -- C:\Users\acer\AppData\Roaming\ViquaSoft

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 146 bytes -> C:\ProgramData\Temp:AB689DEA
@Alternate Data Stream - 138 bytes -> C:\ProgramData\Temp:5D7E5A8F
@Alternate Data Stream - 133 bytes -> C:\ProgramData\Temp:93DE1838
@Alternate Data Stream - 128 bytes -> C:\ProgramData\Temp:ABE89FFE
@Alternate Data Stream - 124 bytes -> C:\ProgramData\Temp:E1F04E8D
@Alternate Data Stream - 122 bytes -> C:\ProgramData\Temp:444C53BA
@Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:0B9176C0
@Alternate Data Stream - 116 bytes -> C:\ProgramData\Temp:BC359956

< End of report >

Attached Thumbnails

  • Unsucessful.jpg

  • 0

#8
Jintan

Jintan

    Trusted Helper

  • Malware Removal
  • 904 posts
Must be infected.


Be sure to continue to temporarily disable any protective software when running the scan tools we use here.

Click here and download Kaspersky's TDSSKiller to your desktop, but as you download it, rename it to larry.com then click that file to run TDSSKiller.

In the display that opens click Start scan. Once that completes, follow any prompts to act on anything it located, including as reboot (Reboot Now) if requested.
When the scan completes it will create a log file on your C drive.

Similar in name to this:

C:\TDSSKiller.2.2.0_20.12.2009_15.31.43_log.txt

Your copy will be different - some of those numbers will reflect the date/time it was just run by you there.

Copy/paste those contents back here please. If it does locate malware, but does not prompt for a reboot, go ahead and do reboot.
  • 0

#9
kenchew

kenchew

    Member

  • Topic Starter
  • Member
  • PipPip
  • 74 posts
Found this during the scan.

So what action should I take? "Skip", "Copy to quarantine" or "Delete"? I think default action is set to "skip".

I selected "Skip" and this is the log.

21:17:11.0782 3404 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
21:17:12.0811 3404 ============================================================
21:17:12.0811 3404 Current date / time: 2013/04/14 21:17:12.0811
21:17:12.0811 3404 SystemInfo:
21:17:12.0811 3404
21:17:12.0811 3404 OS Version: 6.1.7600 ServicePack: 0.0
21:17:12.0811 3404 Product type: Workstation
21:17:12.0811 3404 ComputerName: KEN
21:17:12.0811 3404 UserName: acer
21:17:12.0811 3404 Windows directory: C:\Windows
21:17:12.0811 3404 System windows directory: C:\Windows
21:17:12.0811 3404 Running under WOW64
21:17:12.0811 3404 Processor architecture: Intel x64
21:17:12.0811 3404 Number of processors: 4
21:17:12.0811 3404 Page size: 0x1000
21:17:12.0811 3404 Boot type: Normal boot
21:17:12.0811 3404 ============================================================
21:17:13.0279 3404 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:17:13.0295 3404 ============================================================
21:17:13.0295 3404 \Device\Harddisk0\DR0:
21:17:13.0295 3404 MBR partitions:
21:17:13.0295 3404 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1802000, BlocksNum 0x32000
21:17:13.0295 3404 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1834000, BlocksNum 0x1C9C2000
21:17:13.0310 3404 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x1E1F6800, BlocksNum 0x1C18F000
21:17:13.0310 3404 ============================================================
21:17:13.0357 3404 C: <-> \Device\Harddisk0\DR0\Partition2
21:17:13.0576 3404 E: <-> \Device\Harddisk0\DR0\Partition3
21:17:13.0576 3404 ============================================================
21:17:13.0576 3404 Initialize success
21:17:13.0576 3404 ============================================================
21:17:21.0797 0764 ============================================================
21:17:21.0797 0764 Scan started
21:17:21.0797 0764 Mode: Manual;
21:17:21.0797 0764 ============================================================
21:17:22.0031 0764 ================ Scan system memory ========================
21:17:22.0031 0764 System memory - ok
21:17:22.0031 0764 ================ Scan services =============================
21:17:22.0171 0764 [ 1B00662092F9F9568B995902F0CC40D5 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
21:17:22.0187 0764 1394ohci - ok
21:17:22.0202 0764 [ 6F11E88748CDEFD2F76AA215F97DDFE5 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
21:17:22.0218 0764 ACPI - ok
21:17:22.0218 0764 [ 63B05A0420CE4BF0E4AF6DCC7CADA254 ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
21:17:22.0234 0764 AcpiPmi - ok
21:17:22.0358 0764 [ EA856F4A46320389D1899B2CAA7BF40F ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:17:22.0358 0764 AdobeFlashPlayerUpdateSvc - ok
21:17:22.0405 0764 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
21:17:22.0421 0764 adp94xx - ok
21:17:22.0436 0764 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
21:17:22.0436 0764 adpahci - ok
21:17:22.0452 0764 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
21:17:22.0468 0764 adpu320 - ok
21:17:22.0499 0764 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
21:17:22.0499 0764 AeLookupSvc - ok
21:17:22.0530 0764 [ B9384E03479D2506BC924C16A3DB87BC ] AFD C:\Windows\system32\drivers\afd.sys
21:17:22.0530 0764 AFD - ok
21:17:22.0561 0764 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
21:17:22.0561 0764 agp440 - ok
21:17:22.0592 0764 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
21:17:22.0608 0764 ALG - ok
21:17:22.0608 0764 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
21:17:22.0608 0764 aliide - ok
21:17:22.0624 0764 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\DRIVERS\amdide.sys
21:17:22.0624 0764 amdide - ok
21:17:22.0655 0764 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
21:17:22.0655 0764 AmdK8 - ok
21:17:22.0670 0764 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
21:17:22.0670 0764 AmdPPM - ok
21:17:22.0686 0764 [ 7A4B413614C055935567CF88A9734D38 ] amdsata C:\Windows\system32\DRIVERS\amdsata.sys
21:17:22.0686 0764 amdsata - ok
21:17:22.0717 0764 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
21:17:22.0717 0764 amdsbs - ok
21:17:22.0748 0764 [ B4AD0CACBAB298671DD6F6EF7E20679D ] amdxata C:\Windows\system32\DRIVERS\amdxata.sys
21:17:22.0748 0764 amdxata - ok
21:17:22.0764 0764 [ 42FD751B27FA0E9C69BB39F39E409594 ] AppID C:\Windows\system32\drivers\appid.sys
21:17:22.0764 0764 AppID - ok
21:17:22.0795 0764 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
21:17:22.0795 0764 AppIDSvc - ok
21:17:22.0811 0764 [ D065BE66822847B7F127D1F90158376E ] Appinfo C:\Windows\System32\appinfo.dll
21:17:22.0811 0764 Appinfo - ok
21:17:22.0826 0764 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
21:17:22.0826 0764 arc - ok
21:17:22.0873 0764 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
21:17:22.0873 0764 arcsas - ok
21:17:22.0889 0764 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
21:17:22.0889 0764 AsyncMac - ok
21:17:22.0904 0764 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\DRIVERS\atapi.sys
21:17:22.0904 0764 atapi - ok
21:17:22.0982 0764 [ 0ACC06FCF46F64ED4F11E57EE461C1F4 ] athr C:\Windows\system32\DRIVERS\athrx.sys
21:17:23.0045 0764 athr - ok
21:17:23.0170 0764 [ 61298563754EEEA48E027769F50B596D ] ATService C:\Program Files (x86)\Fingerprint Sensor\AtService.exe
21:17:23.0232 0764 ATService - ok
21:17:23.0263 0764 [ BA1BBD0E8EF9892A57586DD47049C632 ] ATSwpWDF C:\Windows\system32\Drivers\ATSwpWDF.sys
21:17:23.0263 0764 ATSwpWDF - ok
21:17:23.0310 0764 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:17:23.0326 0764 AudioEndpointBuilder - ok
21:17:23.0341 0764 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioSrv C:\Windows\System32\Audiosrv.dll
21:17:23.0341 0764 AudioSrv - ok
21:17:23.0435 0764 [ 32A5DEFDDC3562BF89D73586F5915B34 ] Autodesk Licensing Service C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe
21:17:23.0450 0764 Autodesk Licensing Service - ok
21:17:23.0466 0764 [ 76DCA54A83A34CCBBBDCE7ADA01E0068 ] avgtp C:\Windows\system32\drivers\avgtpx64.sys
21:17:23.0466 0764 avgtp - ok
21:17:23.0497 0764 [ B20B5FA5CA050E9926E4D1DB81501B32 ] AxInstSV C:\Windows\System32\AxInstSV.dll
21:17:23.0497 0764 AxInstSV - ok
21:17:23.0544 0764 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
21:17:23.0544 0764 b06bdrv - ok
21:17:23.0560 0764 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
21:17:23.0575 0764 b57nd60a - ok
21:17:23.0606 0764 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
21:17:23.0606 0764 BDESVC - ok
21:17:23.0622 0764 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
21:17:23.0622 0764 Beep - ok
21:17:23.0653 0764 [ 4992C609A6315671463E30F6512BC022 ] BFE C:\Windows\System32\bfe.dll
21:17:23.0669 0764 BFE - ok
21:17:23.0731 0764 [ 7F0C323FE3DA28AA4AA1BDA3F575707F ] BITS C:\Windows\System32\qmgr.dll
21:17:23.0762 0764 BITS - ok
21:17:23.0778 0764 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
21:17:23.0778 0764 blbdrive - ok
21:17:23.0794 0764 [ 91CE0D3DC57DD377E690A2D324022B08 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
21:17:23.0794 0764 bowser - ok
21:17:23.0825 0764 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
21:17:23.0840 0764 BrFiltLo - ok
21:17:23.0856 0764 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
21:17:23.0856 0764 BrFiltUp - ok
21:17:23.0887 0764 [ 94FBC06F294D58D02361918418F996E3 ] Browser C:\Windows\System32\browser.dll
21:17:23.0887 0764 Browser - ok
21:17:23.0918 0764 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
21:17:23.0918 0764 Brserid - ok
21:17:23.0934 0764 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
21:17:23.0934 0764 BrSerWdm - ok
21:17:23.0965 0764 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
21:17:23.0965 0764 BrUsbMdm - ok
21:17:23.0981 0764 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
21:17:23.0981 0764 BrUsbSer - ok
21:17:24.0012 0764 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
21:17:24.0012 0764 BthEnum - ok
21:17:24.0028 0764 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
21:17:24.0028 0764 BTHMODEM - ok
21:17:24.0043 0764 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
21:17:24.0043 0764 BthPan - ok
21:17:24.0074 0764 [ A51FA9D0E85D5ADABEF72E67F386309C ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
21:17:24.0090 0764 BTHPORT - ok
21:17:24.0121 0764 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
21:17:24.0121 0764 bthserv - ok
21:17:24.0137 0764 [ F740B9A16B2C06700F2130E19986BF3B ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
21:17:24.0137 0764 BTHUSB - ok
21:17:24.0168 0764 [ 6E04458E98DAF28826482E41A7A62DF5 ] btusbflt C:\Windows\system32\drivers\btusbflt.sys
21:17:24.0168 0764 btusbflt - ok
21:17:24.0199 0764 [ AF838D8029AE7C27470862D63FA54D24 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
21:17:24.0199 0764 btwaudio - ok
21:17:24.0215 0764 [ 5C849BD7C78791C5CEE9F4651D7FE38D ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
21:17:24.0215 0764 btwavdt - ok
21:17:24.0293 0764 [ DCF8D8F1F87743509D9C0207CB28637D ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
21:17:24.0340 0764 btwdins - ok
21:17:24.0355 0764 [ 6149301DC3F81D6F9667A3FBAC410975 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
21:17:24.0355 0764 btwl2cap - ok
21:17:24.0386 0764 [ 3E1991AFA851A36DC978B0A1B0535C8B ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
21:17:24.0386 0764 btwrchid - ok
21:17:24.0433 0764 [ D1787E11C6A0078DDEAF8CF3EE2AB293 ] CAXHWAZL C:\Windows\system32\DRIVERS\CAXHWAZL.sys
21:17:24.0433 0764 CAXHWAZL - ok
21:17:24.0449 0764 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
21:17:24.0449 0764 cdfs - ok
21:17:24.0496 0764 [ 83D2D75E1EFB81B3450C18131443F7DB ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
21:17:24.0496 0764 cdrom - ok
21:17:24.0527 0764 [ 312E2F82AF11E79906898AC3E3D58A1F ] CertPropSvc C:\Windows\System32\certprop.dll
21:17:24.0527 0764 CertPropSvc - ok
21:17:24.0542 0764 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
21:17:24.0542 0764 circlass - ok
21:17:24.0558 0764 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
21:17:24.0574 0764 CLFS - ok
21:17:24.0652 0764 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:17:24.0652 0764 clr_optimization_v2.0.50727_32 - ok
21:17:24.0714 0764 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:17:24.0714 0764 clr_optimization_v2.0.50727_64 - ok
21:17:24.0745 0764 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
21:17:24.0761 0764 CmBatt - ok
21:17:24.0776 0764 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys
21:17:24.0776 0764 cmdide - ok
21:17:24.0808 0764 [ F95FD4CB7DA00BA2A63CE9F6B5C053E1 ] CNG C:\Windows\system32\Drivers\cng.sys
21:17:24.0808 0764 CNG - ok
21:17:24.0823 0764 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
21:17:24.0823 0764 Compbatt - ok
21:17:24.0839 0764 [ F26B3A86F6FA87CA360B879581AB4123 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
21:17:24.0839 0764 CompositeBus - ok
21:17:24.0854 0764 COMSysApp - ok
21:17:24.0854 0764 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
21:17:24.0854 0764 crcdisk - ok
21:17:24.0901 0764 [ 8C57411B66282C01533CB776F98AD384 ] CryptSvc C:\Windows\system32\cryptsvc.dll
21:17:24.0901 0764 CryptSvc - ok
21:17:24.0932 0764 [ F02D7FD231AF76C69A8F09C619DEE384 ] ctxusbm C:\Windows\system32\DRIVERS\ctxusbm.sys
21:17:24.0932 0764 ctxusbm - ok
21:17:24.0979 0764 [ 7266972E86890E2B30C0C322E906B027 ] DcomLaunch C:\Windows\system32\rpcss.dll
21:17:24.0979 0764 DcomLaunch - ok
21:17:25.0026 0764 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
21:17:25.0026 0764 defragsvc - ok
21:17:25.0042 0764 [ 3F1DC527070ACB87E40AFE46EF6DA749 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
21:17:25.0057 0764 DfsC - ok
21:17:25.0073 0764 [ CE3B9562D997F69B330D181A8875960F ] Dhcp C:\Windows\system32\dhcpcore.dll
21:17:25.0073 0764 Dhcp - ok
21:17:25.0104 0764 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
21:17:25.0104 0764 discache - ok
21:17:25.0120 0764 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
21:17:25.0120 0764 Disk - ok
21:17:25.0182 0764 [ D5BCB77BE83CF99F508943945D46343D ] DKbFltr C:\Windows\syswow64\Drivers\DKbFltr.sys
21:17:25.0182 0764 DKbFltr - ok
21:17:25.0213 0764 [ 676108C4E3AA6F6B34633748BD0BEBD9 ] Dnscache C:\Windows\System32\dnsrslvr.dll
21:17:25.0213 0764 Dnscache - ok
21:17:25.0244 0764 [ 14452ACDB09B70964C8C21BF80A13ACB ] dot3svc C:\Windows\System32\dot3svc.dll
21:17:25.0244 0764 dot3svc - ok
21:17:25.0291 0764 [ B42ED0320C6E41102FDE0005154849BB ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
21:17:25.0291 0764 Dot4 - ok
21:17:25.0322 0764 [ 85135AD27E79B689335C08167D917CDE ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
21:17:25.0322 0764 Dot4Print - ok
21:17:25.0369 0764 [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
21:17:25.0369 0764 dot4usb - ok
21:17:25.0400 0764 [ 8C2BA6BEA949EE6E68385F5692BAFB94 ] DPS C:\Windows\system32\dps.dll
21:17:25.0400 0764 DPS - ok
21:17:25.0432 0764 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
21:17:25.0432 0764 drmkaud - ok
21:17:25.0478 0764 [ EBCE0B0924835F635F620D19F0529DCE ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
21:17:25.0510 0764 DXGKrnl - ok
21:17:25.0541 0764 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
21:17:25.0541 0764 EapHost - ok
21:17:25.0634 0764 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
21:17:25.0775 0764 ebdrv - ok
21:17:25.0806 0764 [ 0793F40B9B8A1BDD266296409DBD91EA ] EFS C:\Windows\System32\lsass.exe
21:17:25.0806 0764 EFS - ok
21:17:25.0884 0764 [ B91D81B3B54A54CCAFC03733DBC2E29E ] ehRecvr C:\Windows\ehome\ehRecvr.exe
21:17:25.0884 0764 ehRecvr - ok
21:17:25.0915 0764 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
21:17:25.0931 0764 ehSched - ok
21:17:25.0962 0764 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
21:17:25.0978 0764 elxstor - ok
21:17:26.0056 0764 [ 8E910F796F5F30281CDD24ABA47DDEA2 ] ePowerSvc C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
21:17:26.0087 0764 ePowerSvc - ok
21:17:26.0118 0764 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys
21:17:26.0118 0764 ErrDev - ok
21:17:26.0180 0764 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
21:17:26.0180 0764 EventSystem - ok
21:17:26.0227 0764 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
21:17:26.0227 0764 exfat - ok
21:17:26.0243 0764 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
21:17:26.0258 0764 fastfat - ok
21:17:26.0274 0764 [ D607B2F1BEE3992AA6C2C92C0A2F0855 ] Fax C:\Windows\system32\fxssvc.exe
21:17:26.0290 0764 Fax - ok
21:17:26.0321 0764 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
21:17:26.0321 0764 fdc - ok
21:17:26.0352 0764 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
21:17:26.0352 0764 fdPHost - ok
21:17:26.0368 0764 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
21:17:26.0368 0764 FDResPub - ok
21:17:26.0383 0764 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
21:17:26.0383 0764 FileInfo - ok
21:17:26.0383 0764 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
21:17:26.0399 0764 Filetrace - ok
21:17:26.0399 0764 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
21:17:26.0399 0764 flpydisk - ok
21:17:26.0414 0764 [ F7866AF72ABBAF84B1FA5AA195378C59 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
21:17:26.0414 0764 FltMgr - ok
21:17:26.0477 0764 [ 8AC4CB4EA61E41009FAE9AE7B2B5DA3A ] FontCache C:\Windows\system32\FntCache.dll
21:17:26.0508 0764 FontCache - ok
21:17:26.0586 0764 [ 8D89E3131C27FDD6932189CB785E1B7A ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:17:26.0586 0764 FontCache3.0.0.0 - ok
21:17:26.0617 0764 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
21:17:26.0617 0764 FsDepends - ok
21:17:26.0633 0764 [ E95EF8547DE20CF0603557C0CF7A9462 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
21:17:26.0633 0764 Fs_Rec - ok
21:17:26.0664 0764 [ B8B2A6E1558F8F5DE5CE431C5B2C7B09 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
21:17:26.0664 0764 fvevol - ok
21:17:26.0680 0764 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
21:17:26.0695 0764 gagp30kx - ok
21:17:26.0726 0764 [ FE5AB4525BC2EC68B9119A6E5D40128B ] gpsvc C:\Windows\System32\gpsvc.dll
21:17:26.0758 0764 gpsvc - ok
21:17:26.0836 0764 [ 816FD5A6F3C2F3D600900096632FC60E ] Greg_Service C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
21:17:26.0882 0764 Greg_Service - ok
21:17:26.0945 0764 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:17:26.0945 0764 gupdate - ok
21:17:26.0945 0764 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:17:26.0945 0764 gupdatem - ok
21:17:26.0976 0764 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
21:17:26.0992 0764 gusvc - ok
21:17:27.0023 0764 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
21:17:27.0023 0764 hcw85cir - ok
21:17:27.0054 0764 [ 6410F6F415B2A5A9037224C41DA8BF12 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:17:27.0054 0764 HdAudAddService - ok
21:17:27.0070 0764 [ 0A49913402747A0B67DE940FB42CBDBB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
21:17:27.0070 0764 HDAudBus - ok
21:17:27.0101 0764 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
21:17:27.0101 0764 HECIx64 - ok
21:17:27.0116 0764 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
21:17:27.0132 0764 HidBatt - ok
21:17:27.0148 0764 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
21:17:27.0148 0764 HidBth - ok
21:17:27.0179 0764 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
21:17:27.0179 0764 HidIr - ok
21:17:27.0210 0764 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
21:17:27.0210 0764 hidserv - ok
21:17:27.0226 0764 [ B3BF6B5B50006DEF50B66306D99FCF6F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
21:17:27.0226 0764 HidUsb - ok
21:17:27.0241 0764 [ EFA58EDE58DD74388FFD04CB32681518 ] hkmsvc C:\Windows\system32\kmsvc.dll
21:17:27.0257 0764 hkmsvc - ok
21:17:27.0272 0764 [ 046B2673767CA626E2CFB7FDF735E9E8 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:17:27.0272 0764 HomeGroupListener - ok
21:17:27.0304 0764 [ 06A7422224D9865A5613710A089987DF ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:17:27.0319 0764 HomeGroupProvider - ok
21:17:27.0397 0764 [ D1E9CB573A9EDF7BE12E9C57F32E97F7 ] HP LaserJet Service C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
21:17:27.0413 0764 HP LaserJet Service - ok
21:17:27.0522 0764 [ 1DAE5C46D42B02A6D5862E1482EFB390 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
21:17:27.0522 0764 hpqcxs08 - ok
21:17:27.0538 0764 [ 99E8EEF42FE2F4AF29B08C3355DD7685 ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
21:17:27.0538 0764 hpqddsvc - ok
21:17:27.0569 0764 [ 0886D440058F203EBA0E1825E4355914 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys
21:17:27.0569 0764 HpSAMD - ok
21:17:27.0600 0764 [ 447256D1C026654C5CD3CC17E7B20631 ] HsfXAudioService C:\Windows\SysWOW64\XAudio64.dll
21:17:27.0616 0764 HsfXAudioService - ok
21:17:27.0662 0764 [ 26C5D00321937E49B6BC91029947D094 ] HSF_DPV C:\Windows\system32\DRIVERS\CAX_DPV.sys
21:17:27.0725 0764 HSF_DPV - ok
21:17:27.0772 0764 [ CEE049CAC4EFA7F4E1E4AD014414A5D4 ] HTTP C:\Windows\system32\drivers\HTTP.sys
21:17:27.0772 0764 HTTP - ok
21:17:27.0787 0764 [ F17766A19145F111856378DF337A5D79 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
21:17:27.0787 0764 hwpolicy - ok
21:17:27.0834 0764 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
21:17:27.0834 0764 i8042prt - ok
21:17:27.0881 0764 [ 0E899D0DB39617AA0B2F992E7E95B5EB ] IAANTMON C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
21:17:27.0896 0764 IAANTMON - ok
21:17:27.0928 0764 [ BBB3B6DF1ABB0FE35802EDE85CC1C011 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
21:17:27.0928 0764 iaStor - ok
21:17:27.0974 0764 [ D83EFB6FD45DF9D55E9A1AFC63640D50 ] iaStorV C:\Windows\system32\DRIVERS\iaStorV.sys
21:17:27.0990 0764 iaStorV - ok
21:17:28.0052 0764 [ 2B794D16EA8D5A8BBFC2E066E855D790 ] IB Updater Updater C:\Program Files\IB Updater\ExtensionUpdaterService.exe
21:17:28.0052 0764 IB Updater Updater - ok
21:17:28.0130 0764 [ F85EB9654B4C771470CD13A0A170D3B9 ] IBUpdaterService C:\Windows\system32\dmwu.exe
21:17:28.0177 0764 IBUpdaterService - ok
21:17:28.0240 0764 [ 2F2BE70D3E02B6FA877921AB9516D43C ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:17:28.0271 0764 idsvc - ok
21:17:28.0396 0764 [ C7C5728E8562F4C69C4CC84C1DAA3365 ] IGBASVC C:\Program Files (x86)\Acer Bio Protection\BASVC.exe
21:17:28.0505 0764 IGBASVC - ok
21:17:28.0536 0764 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
21:17:28.0536 0764 iirsp - ok
21:17:28.0583 0764 [ C5B4683680DF085B57BC53E5EF34861F ] IKEEXT C:\Windows\System32\ikeext.dll
21:17:28.0614 0764 IKEEXT - ok
21:17:28.0645 0764 [ 4FF8A2082D78255D2EB169F986BCC981 ] Impcd C:\Windows\system32\DRIVERS\Impcd.sys
21:17:28.0645 0764 Impcd - ok
21:17:28.0723 0764 [ D45DD81112A179255A06E030F818BAE8 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
21:17:28.0801 0764 IntcAzAudAddService - ok
21:17:28.0817 0764 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\DRIVERS\intelide.sys
21:17:28.0817 0764 intelide - ok
21:17:28.0864 0764 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
21:17:28.0864 0764 intelppm - ok
21:17:28.0895 0764 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
21:17:28.0895 0764 IPBusEnum - ok
21:17:28.0895 0764 [ 722DD294DF62483CECAAE6E094B4D695 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:17:28.0910 0764 IpFilterDriver - ok
21:17:28.0926 0764 [ F8E058D17363EC580E4B7232778B6CB5 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
21:17:28.0942 0764 iphlpsvc - ok
21:17:28.0957 0764 [ E2B4A4494DB7CB9B89B55CA268C337C5 ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys
21:17:28.0957 0764 IPMIDRV - ok
21:17:28.0973 0764 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
21:17:28.0973 0764 IPNAT - ok
21:17:28.0973 0764 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
21:17:28.0988 0764 IRENUM - ok
21:17:28.0988 0764 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys
21:17:29.0004 0764 isapnp - ok
21:17:29.0020 0764 [ FA4D2557DE56D45B0A346F93564BE6E1 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
21:17:29.0020 0764 iScsiPrt - ok
21:17:29.0051 0764 [ 08DD34F74D65E1C8F238565570952630 ] k57nd60a C:\Windows\system32\DRIVERS\k57nd60a.sys
21:17:29.0051 0764 k57nd60a - ok
21:17:29.0082 0764 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
21:17:29.0082 0764 kbdclass - ok
21:17:29.0113 0764 [ 6DEF98F8541E1B5DCEB2C822A11F7323 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
21:17:29.0113 0764 kbdhid - ok
21:17:29.0129 0764 [ 0793F40B9B8A1BDD266296409DBD91EA ] KeyIso C:\Windows\system32\lsass.exe
21:17:29.0129 0764 KeyIso - ok
21:17:29.0144 0764 [ E8B6FCC9C83535C67F835D407620BD27 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
21:17:29.0160 0764 KSecDD - ok
21:17:29.0160 0764 [ BBE1BF6D9B661C354D4857D5FADB943B ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
21:17:29.0176 0764 KSecPkg - ok
21:17:29.0191 0764 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
21:17:29.0191 0764 ksthunk - ok
21:17:29.0238 0764 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
21:17:29.0254 0764 KtmRm - ok
21:17:29.0285 0764 [ C926920B8978DE6ACFE9E15C709E9B57 ] LanmanServer C:\Windows\system32\srvsvc.dll
21:17:29.0285 0764 LanmanServer - ok
21:17:29.0332 0764 [ 27026EAC8818E8A6C00A1CAD2F11D29A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:17:29.0332 0764 LanmanWorkstation - ok
21:17:29.0347 0764 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
21:17:29.0347 0764 lltdio - ok
21:17:29.0378 0764 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
21:17:29.0378 0764 lltdsvc - ok
21:17:29.0394 0764 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
21:17:29.0394 0764 lmhosts - ok
21:17:29.0456 0764 [ 7485FBCEF9136F530953575E2977859D ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
21:17:29.0456 0764 LMS - ok
21:17:29.0488 0764 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
21:17:29.0488 0764 LSI_FC - ok
21:17:29.0519 0764 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
21:17:29.0519 0764 LSI_SAS - ok
21:17:29.0534 0764 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
21:17:29.0534 0764 LSI_SAS2 - ok
21:17:29.0534 0764 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
21:17:29.0550 0764 LSI_SCSI - ok
21:17:29.0566 0764 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
21:17:29.0566 0764 luafv - ok
21:17:29.0597 0764 [ F84C8F1000BC11E3B7B23CBD3BAFF111 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
21:17:29.0597 0764 Mcx2Svc - ok
21:17:29.0628 0764 [ E4F44EC214B3E381E1FC844A02926666 ] mdmxsdk C:\Windows\system32\DRIVERS\mdmxsdk.sys
21:17:29.0628 0764 mdmxsdk - ok
21:17:29.0644 0764 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
21:17:29.0659 0764 megasas - ok
21:17:29.0675 0764 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
21:17:29.0675 0764 MegaSR - ok
21:17:29.0753 0764 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
21:17:29.0753 0764 Microsoft Office Groove Audit Service - ok
21:17:29.0784 0764 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
21:17:29.0784 0764 MMCSS - ok
21:17:29.0800 0764 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
21:17:29.0800 0764 Modem - ok
21:17:29.0846 0764 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
21:17:29.0846 0764 monitor - ok
21:17:29.0862 0764 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
21:17:29.0862 0764 mouclass - ok
21:17:29.0878 0764 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
21:17:29.0878 0764 mouhid - ok
21:17:29.0893 0764 [ 791AF66C4D0E7C90A3646066386FB571 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
21:17:29.0893 0764 mountmgr - ok
21:17:29.0956 0764 [ 8A7C8F4C713E70D73946833D76B77035 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
21:17:29.0956 0764 MozillaMaintenance - ok
21:17:29.0971 0764 [ 609D1D87649ECC19796F4D76D4C15CEA ] mpio C:\Windows\system32\DRIVERS\mpio.sys
21:17:29.0987 0764 mpio - ok
21:17:29.0987 0764 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
21:17:30.0002 0764 mpsdrv - ok
21:17:30.0034 0764 [ AECAB449567D1846DAD63ECE49E893E3 ] MpsSvc C:\Windows\system32\mpssvc.dll
21:17:30.0065 0764 MpsSvc - ok
21:17:30.0112 0764 [ 30524261BB51D96D6FCBAC20C810183C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
21:17:30.0112 0764 MRxDAV - ok
21:17:30.0158 0764 [ AB5892797C4114640BA333949568DE8C ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
21:17:30.0158 0764 mrxsmb - ok
21:17:30.0190 0764 [ 81A38F7AEEB265634B05AE5F3F29FBC4 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:17:30.0190 0764 mrxsmb10 - ok
21:17:30.0205 0764 [ 6B2D5FEF385828B6E485C1C90AFB8195 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:17:30.0221 0764 mrxsmb20 - ok
21:17:30.0236 0764 [ 5C37497276E3B3A5488B23A326A754B7 ] msahci C:\Windows\system32\DRIVERS\msahci.sys
21:17:30.0236 0764 msahci - ok
21:17:30.0252 0764 [ 8D27B597229AED79430FB9DB3BCBFBD0 ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys
21:17:30.0268 0764 msdsm - ok
21:17:30.0283 0764 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
21:17:30.0299 0764 MSDTC - ok
21:17:30.0314 0764 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
21:17:30.0314 0764 Msfs - ok
21:17:30.0330 0764 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
21:17:30.0346 0764 mshidkmdf - ok
21:17:30.0361 0764 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys
21:17:30.0361 0764 msisadrv - ok
21:17:30.0392 0764 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
21:17:30.0392 0764 MSiSCSI - ok
21:17:30.0392 0764 msiserver - ok
21:17:30.0408 0764 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
21:17:30.0424 0764 MSKSSRV - ok
21:17:30.0455 0764 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
21:17:30.0455 0764 MSPCLOCK - ok
21:17:30.0470 0764 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
21:17:30.0470 0764 MSPQM - ok
21:17:30.0486 0764 [ 89CB141AA8616D8C6A4610FA26C60964 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
21:17:30.0502 0764 MsRPC - ok
21:17:30.0517 0764 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
21:17:30.0517 0764 mssmbios - ok
21:17:30.0533 0764 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
21:17:30.0533 0764 MSTEE - ok
21:17:30.0548 0764 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
21:17:30.0548 0764 MTConfig - ok
21:17:30.0564 0764 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
21:17:30.0564 0764 Mup - ok
21:17:30.0595 0764 [ 6FFECC25B39DC7652A0CEC0ADA9DB589 ] mwlPSDFilter C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
21:17:30.0595 0764 mwlPSDFilter - ok
21:17:30.0611 0764 [ 0BEFE32CA56D6EE89D58175725596A85 ] mwlPSDNServ C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
21:17:30.0611 0764 mwlPSDNServ - ok
21:17:30.0626 0764 [ D43BC633B8660463E446E28E14A51262 ] mwlPSDVDisk C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
21:17:30.0626 0764 mwlPSDVDisk - ok
21:17:30.0689 0764 [ 2F139207F618EC2933830227EEFFDDB4 ] MWLService C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe
21:17:30.0704 0764 MWLService - ok
21:17:30.0736 0764 [ 4987E079A4530FA737A128BE54B63B12 ] napagent C:\Windows\system32\qagentRT.dll
21:17:30.0751 0764 napagent - ok
21:17:30.0782 0764 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
21:17:30.0782 0764 NativeWifiP - ok
21:17:30.0814 0764 [ CAD515DBD07D082BB317D9928CE8962C ] NDIS C:\Windows\system32\drivers\ndis.sys
21:17:30.0829 0764 NDIS - ok
21:17:30.0845 0764 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
21:17:30.0845 0764 NdisCap - ok
21:17:30.0876 0764 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
21:17:30.0876 0764 NdisTapi - ok
21:17:30.0892 0764 [ F105BA1E22BF1F2EE8F005D4305E4BEC ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
21:17:30.0907 0764 Ndisuio - ok
21:17:30.0923 0764 [ 557DFAB9CA1FCB036AC77564C010DAD3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
21:17:30.0923 0764 NdisWan - ok
21:17:30.0923 0764 [ 659B74FB74B86228D6338D643CD3E3CF ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
21:17:30.0938 0764 NDProxy - ok
21:17:30.0970 0764 [ 2334DC48997BA203B794DF3EE70521DB ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
21:17:30.0970 0764 Net Driver HPZ12 - ok
21:17:30.0985 0764 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
21:17:30.0985 0764 NetBIOS - ok
21:17:31.0032 0764 [ 9162B273A44AB9DCE5B44362731D062A ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
21:17:31.0032 0764 NetBT - ok
21:17:31.0048 0764 [ 0793F40B9B8A1BDD266296409DBD91EA ] Netlogon C:\Windows\system32\lsass.exe
21:17:31.0048 0764 Netlogon - ok
21:17:31.0094 0764 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
21:17:31.0094 0764 Netman - ok
21:17:31.0126 0764 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
21:17:31.0126 0764 netprofm - ok
21:17:31.0157 0764 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
21:17:31.0157 0764 NetTcpPortSharing - ok
21:17:31.0328 0764 [ 4D85A450EDEF10C38882182753A49AAE ] NETw5s64 C:\Windows\system32\DRIVERS\NETw5s64.sys
21:17:31.0484 0764 NETw5s64 - ok
21:17:31.0531 0764 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
21:17:31.0531 0764 nfrd960 - ok
21:17:31.0562 0764 [ D9A0CE66046D6EFA0C61BAA885CBA0A8 ] NlaSvc C:\Windows\System32\nlasvc.dll
21:17:31.0562 0764 NlaSvc - ok
21:17:31.0578 0764 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
21:17:31.0578 0764 Npfs - ok
21:17:31.0594 0764 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
21:17:31.0609 0764 nsi - ok
21:17:31.0625 0764 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
21:17:31.0625 0764 nsiproxy - ok
21:17:31.0687 0764 [ 356698A13C4630D5B31C37378D469196 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
21:17:31.0734 0764 Ntfs - ok
21:17:31.0812 0764 [ 14E66F603FB187713AEB02AD3B0390CF ] NTI IScheduleSvc C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
21:17:31.0812 0764 NTI IScheduleSvc - ok
21:17:31.0843 0764 [ FD324CCE1D4D5BB5AF65F8E55B462C7E ] NTIBackupSvc C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
21:17:31.0843 0764 NTIBackupSvc - ok
21:17:31.0874 0764 [ 64DDD0DEE976302F4BD93E5EFCC2F013 ] NTIDrvr C:\Windows\system32\drivers\NTIDrvr.sys
21:17:31.0874 0764 NTIDrvr - ok
21:17:31.0906 0764 [ 3F6268A2EC33CD38CF75C880AF8DED42 ] NTISchedulerSvc C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
21:17:31.0952 0764 NTISchedulerSvc - ok
21:17:31.0968 0764 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
21:17:31.0968 0764 Null - ok
21:17:31.0984 0764 [ AD37248BD442D41C9A896E53EB8A85EE ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
21:17:31.0984 0764 NVHDA - ok
21:17:32.0264 0764 [ 97ED52F0D3D390BCE24BD0E41D268FAC ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
21:17:32.0545 0764 nvlddmkm - ok
21:17:32.0592 0764 [ 3E38712941E9BB4DDBEE00AFFE3FED3D ] nvraid C:\Windows\system32\DRIVERS\nvraid.sys
21:17:32.0592 0764 nvraid - ok
21:17:32.0608 0764 [ 477DC4D6DEB99BE37084C9AC6D013DA1 ] nvstor C:\Windows\system32\DRIVERS\nvstor.sys
21:17:32.0608 0764 nvstor - ok
21:17:32.0639 0764 [ AE32A5FEFFD0AE5DBC1F2A9DD43D86C6 ] nvsvc C:\Windows\system32\nvvsvc.exe
21:17:32.0654 0764 nvsvc - ok
21:17:32.0670 0764 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys
21:17:32.0670 0764 nv_agp - ok
21:17:32.0748 0764 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
21:17:32.0764 0764 odserv - ok
21:17:32.0779 0764 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
21:17:32.0779 0764 ohci1394 - ok
21:17:32.0810 0764 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:17:32.0810 0764 ose - ok
21:17:32.0842 0764 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
21:17:32.0857 0764 p2pimsvc - ok
21:17:32.0888 0764 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
21:17:32.0904 0764 p2psvc - ok
21:17:32.0935 0764 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
21:17:32.0935 0764 Parport - ok
21:17:32.0951 0764 [ 7DAA117143316C4A1537E074A5A9EAF0 ] partmgr C:\Windows\system32\drivers\partmgr.sys
21:17:32.0951 0764 partmgr - ok
21:17:32.0966 0764 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
21:17:32.0982 0764 PcaSvc - ok
21:17:32.0998 0764 [ F36F6504009F2FB0DFD1B17A116AD74B ] pci C:\Windows\system32\DRIVERS\pci.sys
21:17:32.0998 0764 pci - ok
21:17:33.0029 0764 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\DRIVERS\pciide.sys
21:17:33.0029 0764 pciide - ok
21:17:33.0060 0764 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
21:17:33.0060 0764 pcmcia - ok
21:17:33.0076 0764 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
21:17:33.0076 0764 pcw - ok
21:17:33.0107 0764 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
21:17:33.0107 0764 PEAUTH - ok
21:17:33.0200 0764 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
21:17:33.0200 0764 PerfHost - ok
21:17:33.0278 0764 [ 557E9A86F65F0DE18C9B6751DFE9D3F1 ] pla C:\Windows\system32\pla.dll
21:17:33.0341 0764 pla - ok
21:17:33.0388 0764 [ 23157D583244400E1D7FBAEE2E4B31B7 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
21:17:33.0388 0764 PlugPlay - ok
21:17:33.0419 0764 [ AC78DF349F0E4CFB8B667C0CFFF83CCE ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
21:17:33.0419 0764 Pml Driver HPZ12 - ok
21:17:33.0434 0764 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
21:17:33.0434 0764 PNRPAutoReg - ok
21:17:33.0450 0764 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
21:17:33.0466 0764 PNRPsvc - ok
21:17:33.0512 0764 [ 166EB40D1F5B47E615DE3D0FFFE5F243 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
21:17:33.0512 0764 PolicyAgent - ok
21:17:33.0575 0764 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
21:17:33.0575 0764 Power - ok
21:17:33.0606 0764 [ 27CC19E81BA5E3403C48302127BDA717 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
21:17:33.0606 0764 PptpMiniport - ok
21:17:33.0637 0764 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
21:17:33.0637 0764 Processor - ok
21:17:33.0668 0764 [ F381975E1F4346DE875CB07339CE8D3A ] ProfSvc C:\Windows\system32\profsvc.dll
21:17:33.0668 0764 ProfSvc - ok
21:17:33.0684 0764 [ 0793F40B9B8A1BDD266296409DBD91EA ] ProtectedStorage C:\Windows\system32\lsass.exe
21:17:33.0684 0764 ProtectedStorage - ok
21:17:33.0715 0764 [ EE992183BD8EAEFD9973F352E587A299 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
21:17:33.0715 0764 Psched - ok
21:17:33.0762 0764 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
21:17:33.0809 0764 ql2300 - ok
21:17:33.0840 0764 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
21:17:33.0840 0764 ql40xx - ok
21:17:33.0871 0764 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
21:17:33.0871 0764 QWAVE - ok
21:17:33.0887 0764 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
21:17:33.0902 0764 QWAVEdrv - ok
21:17:33.0949 0764 [ A55E7D0D873B2C97585B3B5926AC6ADE ] RapiMgr C:\Windows\WindowsMobile\rapimgr.dll
21:17:33.0949 0764 RapiMgr - ok
21:17:33.0965 0764 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
21:17:33.0965 0764 RasAcd - ok
21:17:33.0996 0764 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
21:17:33.0996 0764 RasAgileVpn - ok
21:17:34.0027 0764 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
21:17:34.0027 0764 RasAuto - ok
21:17:34.0058 0764 [ 87A6E852A22991580D6D39ADC4790463 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
21:17:34.0058 0764 Rasl2tp - ok
21:17:34.0074 0764 [ 47394ED3D16D053F5906EFE5AB51CC83 ] RasMan C:\Windows\System32\rasmans.dll
21:17:34.0090 0764 RasMan - ok
21:17:34.0105 0764 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
21:17:34.0105 0764 RasPppoe - ok
21:17:34.0121 0764 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
21:17:34.0121 0764 RasSstp - ok
21:17:34.0152 0764 [ 3BAC8142102C15D59A87757C1D41DCE5 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
21:17:34.0152 0764 rdbss - ok
21:17:34.0168 0764 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
21:17:34.0168 0764 rdpbus - ok
21:17:34.0199 0764 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
21:17:34.0199 0764 RDPCDD - ok
21:17:34.0214 0764 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
21:17:34.0230 0764 RDPENCDD - ok
21:17:34.0230 0764 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
21:17:34.0230 0764 RDPREFMP - ok
21:17:34.0261 0764 [ 8A3E6BEA1C53EA6177FE2B6EBA2C80D7 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
21:17:34.0261 0764 RDPWD - ok
21:17:34.0277 0764 [ 634B9A2181D98F15941236886164EC8B ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
21:17:34.0277 0764 rdyboost - ok
21:17:34.0324 0764 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
21:17:34.0324 0764 RemoteAccess - ok
21:17:34.0370 0764 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
21:17:34.0370 0764 RemoteRegistry - ok
21:17:34.0402 0764 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
21:17:34.0402 0764 RFCOMM - ok
21:17:34.0417 0764 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
21:17:34.0433 0764 RpcEptMapper - ok
21:17:34.0464 0764 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
21:17:34.0464 0764 RpcLocator - ok
21:17:34.0495 0764 [ 7266972E86890E2B30C0C322E906B027 ] RpcSs C:\Windows\system32\rpcss.dll
21:17:34.0511 0764 RpcSs - ok
21:17:34.0526 0764 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
21:17:34.0526 0764 rspndr - ok
21:17:34.0573 0764 [ DB30AA4DAA0D492FA5D7717D8181FFA1 ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
21:17:34.0573 0764 RSUSBSTOR - ok
21:17:34.0589 0764 [ 0793F40B9B8A1BDD266296409DBD91EA ] SamSs C:\Windows\system32\lsass.exe
21:17:34.0589 0764 SamSs - ok
21:17:34.0604 0764 [ E3BBB89983DAF5622C1D50CF49F28227 ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys
21:17:34.0604 0764 sbp2port - ok
21:17:34.0636 0764 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
21:17:34.0651 0764 SCardSvr - ok
21:17:34.0682 0764 [ C94DA20C7E3BA1DCA269BC8460D98387 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
21:17:34.0682 0764 scfilter - ok
21:17:34.0714 0764 [ EC56B171F85C7E855E7B0588AC503EEA ] Schedule C:\Windows\system32\schedsvc.dll
21:17:34.0760 0764 Schedule - ok
21:17:34.0792 0764 [ 312E2F82AF11E79906898AC3E3D58A1F ] SCPolicySvc C:\Windows\System32\certprop.dll
21:17:34.0792 0764 SCPolicySvc - ok
21:17:34.0807 0764 [ 765A27C3279CE11D14CB9E4F5869FCA5 ] SDRSVC C:\Windows\System32\SDRSVC.dll
21:17:34.0823 0764 SDRSVC - ok
21:17:34.0854 0764 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
21:17:34.0854 0764 secdrv - ok
21:17:34.0854 0764 [ 463B386EBC70F98DA5DFF85F7E654346 ] seclogon C:\Windows\system32\seclogon.dll
21:17:34.0854 0764 seclogon - ok
21:17:34.0870 0764 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
21:17:34.0870 0764 SENS - ok
21:17:34.0885 0764 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
21:17:34.0901 0764 SensrSvc - ok
21:17:34.0916 0764 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
21:17:34.0916 0764 Serenum - ok
21:17:34.0932 0764 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
21:17:34.0932 0764 Serial - ok
21:17:34.0948 0764 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
21:17:34.0948 0764 sermouse - ok
21:17:34.0979 0764 [ C3BC61CE47FF6F4E88AB8A3B429A36AF ] SessionEnv C:\Windows\system32\sessenv.dll
21:17:34.0979 0764 SessionEnv - ok
21:17:34.0994 0764 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
21:17:34.0994 0764 sffdisk - ok
21:17:35.0010 0764 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\DRIVERS\sffp_mmc.sys
21:17:35.0010 0764 sffp_mmc - ok
21:17:35.0026 0764 [ 5588B8C6193EB1522490C122EB94DFFA ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
21:17:35.0026 0764 sffp_sd - ok
21:17:35.0041 0764 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
21:17:35.0041 0764 sfloppy - ok
21:17:35.0088 0764 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
21:17:35.0088 0764 SharedAccess - ok
21:17:35.0119 0764 [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:17:35.0119 0764 ShellHWDetection - ok
21:17:35.0166 0764 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
21:17:35.0166 0764 SiSRaid2 - ok
21:17:35.0182 0764 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
21:17:35.0182 0764 SiSRaid4 - ok
21:17:35.0213 0764 [ C44D3179D9EFEBD26572A9DC6DD759DE ] SjtWinIo C:\Windows\system32\DRIVERS\SjtWinIo.sys
21:17:35.0213 0764 SjtWinIo - ok
21:17:35.0291 0764 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
21:17:35.0306 0764 SkypeUpdate - ok
21:17:35.0322 0764 [ 94CE7845AF6A2065B829E0126CD56236 ] SmartDefragDriver C:\Windows\system32\Drivers\SmartDefragDriver.sys
21:17:35.0338 0764 SmartDefragDriver - ok
21:17:35.0369 0764 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
21:17:35.0369 0764 Smb - ok
21:17:35.0416 0764 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
21:17:35.0416 0764 SNMPTRAP - ok
21:17:35.0462 0764 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
21:17:35.0462 0764 spldr - ok
21:17:35.0478 0764 [ 89E8550C5862999FCF482EA562B0E98E ] Spooler C:\Windows\System32\spoolsv.exe
21:17:35.0494 0764 Spooler - ok
21:17:35.0603 0764 [ 913D843498553A1BC8F8DBAD6358E49F ] sppsvc C:\Windows\system32\sppsvc.exe
21:17:35.0712 0764 sppsvc - ok
21:17:35.0743 0764 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
21:17:35.0743 0764 sppuinotify - ok
21:17:35.0790 0764 [ 602884696850C86434530790B110E8EB ] sptd C:\Windows\system32\Drivers\sptd.sys
21:17:35.0790 0764 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 602884696850C86434530790B110E8EB
21:17:35.0790 0764 sptd ( LockedFile.Multi.Generic ) - warning
21:17:35.0790 0764 sptd - detected LockedFile.Multi.Generic (1)
21:17:35.0821 0764 [ 37C3ABC2338010E110D2A6A3930F3149 ] srv C:\Windows\system32\DRIVERS\srv.sys
21:17:35.0837 0764 srv - ok
21:17:35.0868 0764 [ F773D2ED090B7BAA1C1A034F3CA476C8 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
21:17:35.0884 0764 srv2 - ok
21:17:35.0915 0764 [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS
21:17:35.0915 0764 SrvHsfHDA - ok
21:17:35.0977 0764 [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS
21:17:36.0024 0764 SrvHsfV92 - ok
21:17:36.0055 0764 [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
21:17:36.0071 0764 SrvHsfWinac - ok
21:17:36.0102 0764 [ CCE32BB223E9FF55D241099A858FA889 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
21:17:36.0102 0764 srvnet - ok
21:17:36.0149 0764 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
21:17:36.0149 0764 SSDPSRV - ok
21:17:36.0164 0764 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
21:17:36.0180 0764 SstpSvc - ok
21:17:36.0180 0764 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
21:17:36.0196 0764 stexstor - ok
21:17:36.0211 0764 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
21:17:36.0211 0764 StillCam - ok
21:17:36.0258 0764 [ 52D0E33B681BD0F33FDC08812FEE4F7D ] stisvc C:\Windows\System32\wiaservc.dll
21:17:36.0274 0764 stisvc - ok
21:17:36.0320 0764 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
21:17:36.0320 0764 swenum - ok
21:17:36.0352 0764 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
21:17:36.0367 0764 swprv - ok
21:17:36.0398 0764 [ 5AEEC2BB8065B563ADBC88CA22588953 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
21:17:36.0398 0764 SynTP - ok
21:17:36.0476 0764 [ 3C1284516A62078FB68F768DE4F1A7BE ] SysMain C:\Windows\system32\sysmain.dll
21:17:36.0539 0764 SysMain - ok
21:17:36.0570 0764 [ 238935C3CF2854886DC7CBB2A0E2CC66 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:17:36.0570 0764 TabletInputService - ok
21:17:36.0601 0764 [ 884264AC597B690C5707C89723BB8E7B ] TapiSrv C:\Windows\System32\tapisrv.dll
21:17:36.0617 0764 TapiSrv - ok
21:17:36.0632 0764 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
21:17:36.0632 0764 TBS - ok
21:17:36.0695 0764 [ 912107716BAB424C7870E8E6AF5E07E1 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
21:17:36.0773 0764 Tcpip - ok
21:17:36.0820 0764 [ 912107716BAB424C7870E8E6AF5E07E1 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
21:17:36.0835 0764 TCPIP6 - ok
21:17:36.0851 0764 [ 76D078AF6F587B162D50210F761EB9ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
21:17:36.0851 0764 tcpipreg - ok
21:17:36.0882 0764 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
21:17:36.0882 0764 TDPIPE - ok
21:17:36.0898 0764 [ E4245BDA3190A582D55ED09E137401A9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
21:17:36.0898 0764 TDTCP - ok
21:17:36.0913 0764 [ 079125C4B17B01FCAEEBCE0BCB290C0F ] tdx C:\Windows\system32\DRIVERS\tdx.sys
21:17:36.0929 0764 tdx - ok
21:17:36.0944 0764 [ C448651339196C0E869A355171875522 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
21:17:36.0944 0764 TermDD - ok
21:17:36.0991 0764 [ 0F05EC2887BFE197AD82A13287D2F404 ] TermService C:\Windows\System32\termsrv.dll
21:17:36.0991 0764 TermService - ok
21:17:37.0007 0764 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
21:17:37.0007 0764 Themes - ok
21:17:37.0038 0764 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
21:17:37.0038 0764 THREADORDER - ok
21:17:37.0054 0764 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
21:17:37.0069 0764 TrkWks - ok
21:17:37.0116 0764 [ 840F7FB849F5887A49BA18C13B2DA920 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:17:37.0116 0764 TrustedInstaller - ok
21:17:37.0132 0764 [ 61B96C26131E37B24E93327A0BD1FB95 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
21:17:37.0132 0764 tssecsrv - ok
21:17:37.0147 0764 [ 3836171A2CDF3AF8EF10856DB9835A70 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
21:17:37.0147 0764 tunnel - ok
21:17:37.0178 0764 [ 53FF5F00EAB07E329ABE48AE3DE4F5D7 ] TurboB C:\Windows\system32\DRIVERS\TurboB.sys
21:17:37.0178 0764 TurboB - ok
21:17:37.0225 0764 [ B670DF651F00194434ADC6B326743709 ] TurboBoost C:\Program Files\Intel\TurboBoost\TurboBoost.exe
21:17:37.0225 0764 TurboBoost - ok
21:17:37.0241 0764 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
21:17:37.0241 0764 uagp35 - ok
21:17:37.0272 0764 [ 2E22C1FD397A5A9FFEF55E9D1FC96C00 ] UBHelper C:\Windows\system32\drivers\UBHelper.sys
21:17:37.0272 0764 UBHelper - ok
21:17:37.0303 0764 [ D47BAEAD86C65D4F4069D7CE0A4EDCEB ] udfs C:\Windows\system32\DRIVERS\udfs.sys
21:17:37.0303 0764 udfs - ok
21:17:37.0334 0764 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
21:17:37.0334 0764 UI0Detect - ok
21:17:37.0350 0764 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys
21:17:37.0350 0764 uliagpkx - ok
21:17:37.0366 0764 [ EAB6C35E62B1B0DB0D1B48B671D3A117 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
21:17:37.0366 0764 umbus - ok
21:17:37.0366 0764 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
21:17:37.0381 0764 UmPass - ok
21:17:37.0475 0764 [ 765F2DD351BA064F657751D8D75E58C0 ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
21:17:37.0553 0764 UNS - ok
21:17:37.0646 0764 [ 70DDE3A86DBEB1D6C3C30AD687B1877A ] Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
21:17:37.0646 0764 Updater Service - ok
21:17:37.0693 0764 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
21:17:37.0693 0764 upnphost - ok
21:17:37.0724 0764 [ B26AFB54A534D634523C4FB66765B026 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
21:17:37.0724 0764 usbccgp - ok
21:17:37.0740 0764 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
21:17:37.0740 0764 usbcir - ok
21:17:37.0771 0764 [ 2EA4AFF7BE7EB4632E3AA8595B0803B5 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
21:17:37.0771 0764 usbehci - ok
21:17:37.0802 0764 [ 4C9042B8DF86C1E8E6240C218B99B39B ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
21:17:37.0802 0764 usbhub - ok
21:17:37.0818 0764 [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
21:17:37.0818 0764 usbohci - ok
21:17:37.0834 0764 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
21:17:37.0834 0764 usbprint - ok
21:17:37.0865 0764 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
21:17:37.0865 0764 usbscan - ok
21:17:37.0880 0764 [ 080D3820DA6C046BE82FC8B45A893E83 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:17:37.0880 0764 USBSTOR - ok
21:17:37.0912 0764 [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
21:17:37.0912 0764 usbuhci - ok
21:17:37.0943 0764 [ D501E12614B00A3252073101D6A1A74B ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
21:17:37.0943 0764 usbvideo - ok
21:17:37.0974 0764 [ 70D05EE263568A742D14E1876DF80532 ] usb_rndisx C:\Windows\system32\DRIVERS\usb8023x.sys
21:17:37.0974 0764 usb_rndisx - ok
21:17:38.0021 0764 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
21:17:38.0021 0764 UxSms - ok
21:17:38.0036 0764 [ 0793F40B9B8A1BDD266296409DBD91EA ] VaultSvc C:\Windows\system32\lsass.exe
21:17:38.0036 0764 VaultSvc - ok
21:17:38.0068 0764 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys
21:17:38.0068 0764 vdrvroot - ok
21:17:38.0083 0764 [ 44D73E0BBC1D3C8981304BA15135C2F2 ] vds C:\Windows\System32\vds.exe
21:17:38.0099 0764 vds - ok
21:17:38.0114 0764 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
21:17:38.0130 0764 vga - ok
21:17:38.0130 0764 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
21:17:38.0130 0764 VgaSave - ok
21:17:38.0146 0764 [ C82E748660F62A242B2DFAC1442F22A4 ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys
21:17:38.0161 0764 vhdmp - ok
21:17:38.0177 0764 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\DRIVERS\viaide.sys
21:17:38.0177 0764 viaide - ok
21:17:38.0192 0764 [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3 ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys
21:17:38.0192 0764 volmgr - ok
21:17:38.0224 0764 [ 99B0CBB569CA79ACAED8C91461D765FB ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
21:17:38.0224 0764 volmgrx - ok
21:17:38.0239 0764 [ 58F82EED8CA24B461441F9C3E4F0BF5C ] volsnap C:\Windows\system32\DRIVERS\volsnap.sys
21:17:38.0239 0764 volsnap - ok
21:17:38.0270 0764 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
21:17:38.0270 0764 vsmraid - ok
21:17:38.0333 0764 [ 787898BF9FB6D7BD87A36E2D95C899BA ] VSS C:\Windows\system32\vssvc.exe
21:17:38.0395 0764 VSS - ok
21:17:38.0473 0764 [ E2CA898E105C3F2B62DB130F28C73322 ] vToolbarUpdater15.0.0 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.0.0\ToolbarUpdater.exe
21:17:38.0520 0764 vToolbarUpdater15.0.0 - ok
21:17:38.0536 0764 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
21:17:38.0536 0764 vwifibus - ok
21:17:38.0551 0764 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
21:17:38.0551 0764 vwififlt - ok
21:17:38.0567 0764 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
21:17:38.0567 0764 vwifimp - ok
21:17:38.0614 0764 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
21:17:38.0614 0764 W32Time - ok
21:17:38.0660 0764 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
21:17:38.0660 0764 WacomPen - ok
21:17:38.0676 0764 [ 47CA49400643EFFD3F1C9A27E1D69324 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
21:17:38.0692 0764 WANARP - ok
21:17:38.0692 0764 [ 47CA49400643EFFD3F1C9A27E1D69324 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
21:17:38.0692 0764 Wanarpv6 - ok
21:17:38.0754 0764 [ 5AB1BB85BD8B5089CC5D64200DEDAE68 ] wbengine C:\Windows\system32\wbengine.exe
21:17:38.0785 0764 wbengine - ok
21:17:38.0816 0764 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
21:17:38.0816 0764 WbioSrvc - ok
21:17:38.0848 0764 [ 8BDA6DB43AA54E8BB5E0794541DDC209 ] WcesComm C:\Windows\WindowsMobile\wcescomm.dll
21:17:38.0848 0764 WcesComm - ok
21:17:38.0879 0764 [ 8321C2CA3B62B61B293CDA3451984468 ] wcncsvc C:\Windows\System32\wcncsvc.dll
21:17:38.0879 0764 wcncsvc - ok
21:17:38.0910 0764 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:17:38.0910 0764 WcsPlugInService - ok
21:17:38.0926 0764 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
21:17:38.0941 0764 Wd - ok
21:17:38.0957 0764 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
21:17:38.0972 0764 Wdf01000 - ok
21:17:38.0988 0764 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
21:17:38.0988 0764 WdiServiceHost - ok
21:17:39.0004 0764 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
21:17:39.0004 0764 WdiSystemHost - ok
21:17:39.0019 0764 [ 8A438CBB8C032A0C798B0C642FFBE572 ] WebClient C:\Windows\System32\webclnt.dll
21:17:39.0019 0764 WebClient - ok
21:17:39.0050 0764 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
21:17:39.0050 0764 Wecsvc - ok
21:17:39.0066 0764 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
21:17:39.0066 0764 wercplsupport - ok
21:17:39.0082 0764 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
21:17:39.0082 0764 WerSvc - ok
21:17:39.0097 0764 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
21:17:39.0097 0764 WfpLwf - ok
21:17:39.0113 0764 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
21:17:39.0113 0764 WIMMount - ok
21:17:39.0175 0764 [ A6EA7A3FC4B00F48535B506DB1E86EFD ] winachsf C:\Windows\system32\DRIVERS\CAX_CNXT.sys
21:17:39.0191 0764 winachsf - ok
21:17:39.0222 0764 WinDefend - ok
21:17:39.0238 0764 WinHttpAutoProxySvc - ok
21:17:39.0300 0764 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
21:17:39.0300 0764 Winmgmt - ok
21:17:39.0378 0764 [ 41FBB751936B387F9179E7F03A74FE29 ] WinRM C:\Windows\system32\WsmSvc.dll
21:17:39.0440 0764 WinRM - ok
21:17:39.0487 0764 [ 817EAFF5D38674EDD7713B9DFB8E9791 ] WINUSB C:\Windows\system32\DRIVERS\WinUSB.SYS
21:17:39.0487 0764 WINUSB - ok
21:17:39.0534 0764 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
21:17:39.0550 0764 Wlansvc - ok
21:17:39.0581 0764 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
21:17:39.0581 0764 WmiAcpi - ok
21:17:39.0612 0764 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
21:17:39.0612 0764 wmiApSrv - ok
21:17:39.0659 0764 WMPNetworkSvc - ok
21:17:39.0690 0764 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
21:17:39.0690 0764 WPCSvc - ok
21:17:39.0706 0764 [ 2E57DDF2880A7E52E76F41C7E96D327B ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
21:17:39.0706 0764 WPDBusEnum - ok
21:17:39.0737 0764 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
21:17:39.0737 0764 ws2ifsl - ok
21:17:39.0737 0764 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
21:17:39.0752 0764 wscsvc - ok
21:17:39.0752 0764 WSearch - ok
21:17:39.0846 0764 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
21:17:39.0924 0764 wuauserv - ok
21:17:39.0955 0764 [ 7CADC74271DD6461C452C271B30BD378 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
21:17:39.0955 0764 WudfPf - ok
21:17:39.0971 0764 [ 3B197AF0FFF08AA66B6B2241CA538D64 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
21:17:39.0971 0764 WUDFRd - ok
21:17:40.0002 0764 [ B551D6637AA0E132C18AC6E504F7B79B ] wudfsvc C:\Windows\System32\WUDFSvc.dll
21:17:40.0002 0764 wudfsvc - ok
21:17:40.0033 0764 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
21:17:40.0033 0764 WwanSvc - ok
21:17:40.0064 0764 [ E8F3FA126A06F8E7088F63757112A186 ] XAudio C:\Windows\system32\DRIVERS\XAudio64.sys
21:17:40.0064 0764 XAudio - ok
21:17:40.0096 0764 ================ Scan global ===============================
21:17:40.0158 0764 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
21:17:40.0189 0764 [ 457B44AB6D502E55F64A867D4F35C76C ] C:\Windows\system32\winsrv.dll
21:17:40.0205 0764 [ 457B44AB6D502E55F64A867D4F35C76C ] C:\Windows\system32\winsrv.dll
21:17:40.0236 0764 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
21:17:40.0267 0764 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
21:17:40.0267 0764 [Global] - ok
21:17:40.0283 0764 ================ Scan MBR ==================================
21:17:40.0298 0764 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
21:17:40.0610 0764 \Device\Harddisk0\DR0 - ok
21:17:40.0610 0764 ================ Scan VBR ==================================
21:17:40.0610 0764 [ 50F213633E06E8F8099A60EF354270D8 ] \Device\Harddisk0\DR0\Partition1
21:17:40.0610 0764 \Device\Harddisk0\DR0\Partition1 - ok
21:17:40.0626 0764 [ DC4A1ED4EDDD1E1679B955495A36BB61 ] \Device\Harddisk0\DR0\Partition2
21:17:40.0626 0764 \Device\Harddisk0\DR0\Partition2 - ok
21:17:40.0657 0764 [ F5DCFDD6763858E1948FF3DAD891EEDE ] \Device\Harddisk0\DR0\Partition3
21:17:40.0657 0764 \Device\Harddisk0\DR0\Partition3 - ok
21:17:40.0657 0764 ============================================================
21:17:40.0657 0764 Scan finished
21:17:40.0657 0764 ============================================================
21:17:40.0673 2296 Detected object count: 1
21:17:40.0673 2296 Actual detected object count: 1
21:19:57.0719 2296 sptd ( LockedFile.Multi.Generic ) - skipped by user
21:19:57.0719 2296 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
21:20:30.0308 4080 ============================================================
21:20:30.0308 4080 Scan started
21:20:30.0308 4080 Mode: Manual;
21:20:30.0308 4080 ============================================================
21:20:30.0479 4080 ================ Scan system memory ========================
21:20:30.0479 4080 System memory - ok
21:20:30.0479 4080 ================ Scan services =============================
21:20:30.0651 4080 [ 1B00662092F9F9568B995902F0CC40D5 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
21:20:30.0666 4080 1394ohci - ok
21:20:30.0682 4080 [ 6F11E88748CDEFD2F76AA215F97DDFE5 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
21:20:30.0698 4080 ACPI - ok
21:20:30.0713 4080 [ 63B05A0420CE4BF0E4AF6DCC7CADA254 ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
21:20:30.0713 4080 AcpiPmi - ok
21:20:30.0838 4080 [ EA856F4A46320389D1899B2CAA7BF40F ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:20:30.0838 4080 AdobeFlashPlayerUpdateSvc - ok
21:20:30.0869 4080 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
21:20:30.0869 4080 adp94xx - ok
21:20:30.0900 4080 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
21:20:30.0900 4080 adpahci - ok
21:20:30.0916 4080 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
21:20:30.0916 4080 adpu320 - ok
21:20:30.0963 4080 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
21:20:30.0963 4080 AeLookupSvc - ok
21:20:30.0978 4080 [ B9384E03479D2506BC924C16A3DB87BC ] AFD C:\Windows\system32\drivers\afd.sys
21:20:30.0994 4080 AFD - ok
21:20:31.0010 4080 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
21:20:31.0010 4080 agp440 - ok
21:20:31.0025 4080 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
21:20:31.0025 4080 ALG - ok
21:20:31.0041 4080 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
21:20:31.0041 4080 aliide - ok
21:20:31.0041 4080 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\DRIVERS\amdide.sys
21:20:31.0041 4080 amdide - ok
21:20:31.0056 4080 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
21:20:31.0056 4080 AmdK8 - ok
21:20:31.0072 4080 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
21:20:31.0088 4080 AmdPPM - ok
21:20:31.0103 4080 [ 7A4B413614C055935567CF88A9734D38 ] amdsata C:\Windows\system32\DRIVERS\amdsata.sys
21:20:31.0103 4080 amdsata - ok
21:20:31.0119 4080 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
21:20:31.0119 4080 amdsbs - ok
21:20:31.0150 4080 [ B4AD0CACBAB298671DD6F6EF7E20679D ] amdxata C:\Windows\system32\DRIVERS\amdxata.sys
21:20:31.0150 4080 amdxata - ok
21:20:31.0166 4080 [ 42FD751B27FA0E9C69BB39F39E409594 ] AppID C:\Windows\system32\drivers\appid.sys
21:20:31.0166 4080 AppID - ok
21:20:31.0197 4080 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
21:20:31.0197 4080 AppIDSvc - ok
21:20:31.0212 4080 [ D065BE66822847B7F127D1F90158376E ] Appinfo C:\Windows\System32\appinfo.dll
21:20:31.0212 4080 Appinfo - ok
21:20:31.0228 4080 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
21:20:31.0228 4080 arc - ok
21:20:31.0244 4080 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
21:20:31.0244 4080 arcsas - ok
21:20:31.0259 4080 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
21:20:31.0259 4080 AsyncMac - ok
21:20:31.0275 4080 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\DRIVERS\atapi.sys
21:20:31.0275 4080 atapi - ok
21:20:31.0353 4080 [ 0ACC06FCF46F64ED4F11E57EE461C1F4 ] athr C:\Windows\system32\DRIVERS\athrx.sys
21:20:31.0368 4080 athr - ok
21:20:31.0478 4080 [ 61298563754EEEA48E027769F50B596D ] ATService C:\Program Files (x86)\Fingerprint Sensor\AtService.exe
21:20:31.0493 4080 ATService - ok
21:20:31.0509 4080 [ BA1BBD0E8EF9892A57586DD47049C632 ] ATSwpWDF C:\Windows\system32\Drivers\ATSwpWDF.sys
21:20:31.0509 4080 ATSwpWDF - ok
21:20:31.0556 4080 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:20:31.0556 4080 AudioEndpointBuilder - ok
21:20:31.0587 4080 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioSrv C:\Windows\System32\Audiosrv.dll
21:20:31.0587 4080 AudioSrv - ok
21:20:31.0665 4080 [ 32A5DEFDDC3562BF89D73586F5915B34 ] Autodesk Licensing Service C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe
21:20:31.0665 4080 Autodesk Licensing Service - ok
21:20:31.0696 4080 [ 76DCA54A83A34CCBBBDCE7ADA01E0068 ] avgtp C:\Windows\system32\drivers\avgtpx64.sys
21:20:31.0696 4080 avgtp - ok
21:20:31.0712 4080 [ B20B5FA5CA050E9926E4D1DB81501B32 ] AxInstSV C:\Windows\System32\AxInstSV.dll
21:20:31.0712 4080 AxInstSV - ok
21:20:31.0758 4080 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
21:20:31.0758 4080 b06bdrv - ok
21:20:31.0774 4080 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
21:20:31.0790 4080 b57nd60a - ok
21:20:31.0805 4080 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
21:20:31.0805 4080 BDESVC - ok
21:20:31.0821 4080 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
21:20:31.0821 4080 Beep - ok
21:20:31.0852 4080 [ 4992C609A6315671463E30F6512BC022 ] BFE C:\Windows\System32\bfe.dll
21:20:31.0852 4080 BFE - ok
21:20:31.0914 4080 [ 7F0C323FE3DA28AA4AA1BDA3F575707F ] BITS C:\Windows\System32\qmgr.dll
21:20:31.0930 4080 BITS - ok
21:20:31.0946 4080 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
21:20:31.0946 4080 blbdrive - ok
21:20:31.0961 4080 [ 91CE0D3DC57DD377E690A2D324022B08 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
21:20:31.0961 4080 bowser - ok
21:20:31.0992 4080 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
21:20:31.0992 4080 BrFiltLo - ok
21:20:32.0024 4080 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
21:20:32.0024 4080 BrFiltUp - ok
21:20:32.0055 4080 [ 94FBC06F294D58D02361918418F996E3 ] Browser C:\Windows\System32\browser.dll
21:20:32.0055 4080 Browser - ok
21:20:32.0070 4080 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
21:20:32.0086 4080 Brserid - ok
21:20:32.0102 4080 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
21:20:32.0102 4080 BrSerWdm - ok
21:20:32.0117 4080 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
21:20:32.0117 4080 BrUsbMdm - ok
21:20:32.0133 4080 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
21:20:32.0148 4080 BrUsbSer - ok
21:20:32.0180 4080 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
21:20:32.0180 4080 BthEnum - ok
21:20:32.0180 4080 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
21:20:32.0180 4080 BTHMODEM - ok
21:20:32.0211 4080 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
21:20:32.0211 4080 BthPan - ok
21:20:32.0226 4080 [ A51FA9D0E85D5ADABEF72E67F386309C ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
21:20:32.0226 4080 BTHPORT - ok
21:20:32.0258 4080 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
21:20:32.0258 4080 bthserv - ok
21:20:32.0273 4080 [ F740B9A16B2C06700F2130E19986BF3B ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
21:20:32.0273 4080 BTHUSB - ok
21:20:32.0304 4080 [ 6E04458E98DAF28826482E41A7A62DF5 ] btusbflt C:\Windows\system32\drivers\btusbflt.sys
21:20:32.0304 4080 btusbflt - ok
21:20:32.0336 4080 [ AF838D8029AE7C27470862D63FA54D24 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
21:20:32.0336 4080 btwaudio - ok
21:20:32.0367 4080 [ 5C849BD7C78791C5CEE9F4651D7FE38D ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
21:20:32.0367 4080 btwavdt - ok
21:20:32.0445 4080 [ DCF8D8F1F87743509D9C0207CB28637D ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
21:20:32.0460 4080 btwdins - ok
21:20:32.0460 4080 [ 6149301DC3F81D6F9667A3FBAC410975 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
21:20:32.0460 4080 btwl2cap - ok
21:20:32.0476 4080 [ 3E1991AFA851A36DC978B0A1B0535C8B ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
21:20:32.0476 4080 btwrchid - ok
21:20:32.0507 4080 [ D1787E11C6A0078DDEAF8CF3EE2AB293 ] CAXHWAZL C:\Windows\system32\DRIVERS\CAXHWAZL.sys
21:20:32.0507 4080 CAXHWAZL - ok
21:20:32.0523 4080 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
21:20:32.0523 4080 cdfs - ok
21:20:32.0554 4080 [ 83D2D75E1EFB81B3450C18131443F7DB ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
21:20:32.0554 4080 cdrom - ok
21:20:32.0585 4080 [ 312E2F82AF11E79906898AC3E3D58A1F ] CertPropSvc C:\Windows\System32\certprop.dll
21:20:32.0585 4080 CertPropSvc - ok
21:20:32.0585 4080 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
21:20:32.0585 4080 circlass - ok
21:20:32.0601 4080 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
21:20:32.0601 4080 CLFS - ok
21:20:32.0694 4080 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:20:32.0694 4080 clr_optimization_v2.0.50727_32 - ok
21:20:32.0757 4080 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:20:32.0757 4080 clr_optimization_v2.0.50727_64 - ok
21:20:32.0788 4080 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
21:20:32.0788 4080 CmBatt - ok
21:20:32.0819 4080 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys
21:20:32.0819 4080 cmdide - ok
21:20:32.0835 4080 [ F95FD4CB7DA00BA2A63CE9F6B5C053E1 ] CNG C:\Windows\system32\Drivers\cng.sys
21:20:32.0850 4080 CNG - ok
21:20:32.0866 4080 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
21:20:32.0866 4080 Compbatt - ok
21:20:32.0882 4080 [ F26B3A86F6FA87CA360B879581AB4123 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
21:20:32.0882 4080 CompositeBus - ok
21:20:32.0882 4080 COMSysApp - ok
21:20:32.0897 4080 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
21:20:32.0897 4080 crcdisk - ok
21:20:32.0960 4080 [ 8C57411B66282C01533CB776F98AD384 ] CryptSvc C:\Windows\system32\cryptsvc.dll
21:20:32.0960 4080 CryptSvc - ok
21:20:32.0991 4080 [ F02D7FD231AF76C69A8F09C619DEE384 ] ctxusbm C:\Windows\system32\DRIVERS\ctxusbm.sys
21:20:32.0991 4080 ctxusbm - ok
21:20:33.0038 4080 [ 7266972E86890E2B30C0C322E906B027 ] DcomLaunch C:\Windows\system32\rpcss.dll
21:20:33.0038 4080 DcomLaunch - ok
21:20:33.0069 4080 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
21:20:33.0069 4080 defragsvc - ok
21:20:33.0084 4080 [ 3F1DC527070ACB87E40AFE46EF6DA749 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
21:20:33.0084 4080 DfsC - ok
21:20:33.0100 4080 [ CE3B9562D997F69B330D181A8875960F ] Dhcp C:\Windows\system32\dhcpcore.dll
21:20:33.0116 4080 Dhcp - ok
21:20:33.0131 4080 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
21:20:33.0131 4080 discache - ok
21:20:33.0147 4080 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
21:20:33.0147 4080 Disk - ok
21:20:33.0194 4080 [ D5BCB77BE83CF99F508943945D46343D ] DKbFltr C:\Windows\syswow64\Drivers\DKbFltr.sys
21:20:33.0194 4080 DKbFltr - ok
21:20:33.0225 4080 [ 676108C4E3AA6F6B34633748BD0BEBD9 ] Dnscache C:\Windows\System32\dnsrslvr.dll
21:20:33.0240 4080 Dnscache - ok
21:20:33.0256 4080 [ 14452ACDB09B70964C8C21BF80A13ACB ] dot3svc C:\Windows\System32\dot3svc.dll
21:20:33.0256 4080 dot3svc - ok
21:20:33.0303 4080 [ B42ED0320C6E41102FDE0005154849BB ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
21:20:33.0303 4080 Dot4 - ok
21:20:33.0334 4080 [ 85135AD27E79B689335C08167D917CDE ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
21:20:33.0334 4080 Dot4Print - ok
21:20:33.0365 4080 [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
21:20:33.0365 4080 dot4usb - ok
21:20:33.0396 4080 [ 8C2BA6BEA949EE6E68385F5692BAFB94 ] DPS C:\Windows\system32\dps.dll
21:20:33.0396 4080 DPS - ok
21:20:33.0428 4080 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
21:20:33.0428 4080 drmkaud - ok
21:20:33.0474 4080 [ EBCE0B0924835F635F620D19F0529DCE ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
21:20:33.0474 4080 DXGKrnl - ok
21:20:33.0521 4080 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
21:20:33.0521 4080 EapHost - ok
21:20:33.0615 4080 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
21:20:33.0630 4080 ebdrv - ok
21:20:33.0662 4080 [ 0793F40B9B8A1BDD266296409DBD91EA ] EFS C:\Windows\System32\lsass.exe
21:20:33.0662 4080 EFS - ok
21:20:33.0708 4080 [ B91D81B3B54A54CCAFC03733DBC2E29E ] ehRecvr C:\Windows\ehome\ehRecvr.exe
21:20:33.0724 4080 ehRecvr - ok
21:20:33.0740 4080 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
21:20:33.0740 4080 ehSched - ok
21:20:33.0771 4080 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
21:20:33.0786 4080 elxstor - ok
21:20:33.0833 4080 [ 8E910F796F5F30281CDD24ABA47DDEA2 ] ePowerSvc C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
21:20:33.0849 4080 ePowerSvc - ok
21:20:33.0864 4080 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys
21:20:33.0864 4080 ErrDev - ok
21:20:33.0911 4080 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
21:20:33.0911 4080 EventSystem - ok
21:20:33.0958 4080 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
21:20:33.0958 4080 exfat - ok
21:20:33.0974 4080 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
21:20:33.0974 4080 fastfat - ok
21:20:34.0005 4080 [ D607B2F1BEE3992AA6C2C92C0A2F0855 ] Fax C:\Windows\system32\fxssvc.exe
21:20:34.0005 4080 Fax - ok
21:20:34.0020 4080 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
21:20:34.0020 4080 fdc - ok
21:20:34.0036 4080 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
21:20:34.0036 4080 fdPHost - ok
21:20:34.0052 4080 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
21:20:34.0052 4080 FDResPub - ok
21:20:34.0067 4080 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
21:20:34.0067 4080 FileInfo - ok
21:20:34.0083 4080 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
21:20:34.0083 4080 Filetrace - ok
21:20:34.0098 4080 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
21:20:34.0098 4080 flpydisk - ok
21:20:34.0114 4080 [ F7866AF72ABBAF84B1FA5AA195378C59 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
21:20:34.0114 4080 FltMgr - ok
21:20:34.0161 4080 [ 8AC4CB4EA61E41009FAE9AE7B2B5DA3A ] FontCache C:\Windows\system32\FntCache.dll
21:20:34.0176 4080 FontCache - ok
21:20:34.0223 4080 [ 8D89E3131C27FDD6932189CB785E1B7A ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:20:34.0223 4080 FontCache3.0.0.0 - ok
21:20:34.0254 4080 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
21:20:34.0254 4080 FsDepends - ok
21:20:34.0270 4080 [ E95EF8547DE20CF0603557C0CF7A9462 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
21:20:34.0270 4080 Fs_Rec - ok
21:20:34.0286 4080 [ B8B2A6E1558F8F5DE5CE431C5B2C7B09 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
21:20:34.0301 4080 fvevol - ok
21:20:34.0317 4080 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
21:20:34.0317 4080 gagp30kx - ok
21:20:34.0348 4080 [ FE5AB4525BC2EC68B9119A6E5D40128B ] gpsvc C:\Windows\System32\gpsvc.dll
21:20:34.0364 4080 gpsvc - ok
21:20:34.0442 4080 [ 816FD5A6F3C2F3D600900096632FC60E ] Greg_Service C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
21:20:34.0442 4080 Greg_Service - ok
21:20:34.0520 4080 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:20:34.0520 4080 gupdate - ok
21:20:34.0535 4080 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:20:34.0535 4080 gupdatem - ok
21:20:34.0566 4080 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
21:20:34.0566 4080 gusvc - ok
21:20:34.0598 4080 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
21:20:34.0598 4080 hcw85cir - ok
21:20:34.0613 4080 [ 6410F6F415B2A5A9037224C41DA8BF12 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:20:34.0629 4080 HdAudAddService - ok
21:20:34.0644 4080 [ 0A49913402747A0B67DE940FB42CBDBB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
21:20:34.0644 4080 HDAudBus - ok
21:20:34.0676 4080 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
21:20:34.0676 4080 HECIx64 - ok
21:20:34.0691 4080 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
21:20:34.0691 4080 HidBatt - ok
21:20:34.0691 4080 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
21:20:34.0691 4080 HidBth - ok
21:20:34.0707 4080 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
21:20:34.0707 4080 HidIr - ok
21:20:34.0738 4080 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
21:20:34.0738 4080 hidserv - ok
21:20:34.0754 4080 [ B3BF6B5B50006DEF50B66306D99FCF6F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
21:20:34.0754 4080 HidUsb - ok
21:20:34.0769 4080 [ EFA58EDE58DD74388FFD04CB32681518 ] hkmsvc C:\Windows\system32\kmsvc.dll
21:20:34.0769 4080 hkmsvc - ok
21:20:34.0800 4080 [ 046B2673767CA626E2CFB7FDF735E9E8 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:20:34.0800 4080 HomeGroupListener - ok
21:20:34.0832 4080 [ 06A7422224D9865A5613710A089987DF ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:20:34.0832 4080 HomeGroupProvider - ok
21:20:34.0894 4080 [ D1E9CB573A9EDF7BE12E9C57F32E97F7 ] HP LaserJet Service C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
21:20:34.0894 4080 HP LaserJet Service - ok
21:20:35.0003 4080 [ 1DAE5C46D42B02A6D5862E1482EFB390 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
21:20:35.0019 4080 hpqcxs08 - ok
21:20:35.0034 4080 [ 99E8EEF42FE2F4AF29B08C3355DD7685 ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
21:20:35.0034 4080 hpqddsvc - ok
21:20:35.0066 4080 [ 0886D440058F203EBA0E1825E4355914 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys
21:20:35.0066 4080 HpSAMD - ok
21:20:35.0097 4080 [ 447256D1C026654C5CD3CC17E7B20631 ] HsfXAudioService C:\Windows\SysWOW64\XAudio64.dll
21:20:35.0097 4080 HsfXAudioService - ok
21:20:35.0144 4080 [ 26C5D00321937E49B6BC91029947D094 ] HSF_DPV C:\Windows\system32\DRIVERS\CAX_DPV.sys
21:20:35.0159 4080 HSF_DPV - ok
21:20:35.0190 4080 [ CEE049CAC4EFA7F4E1E4AD014414A5D4 ] HTTP C:\Windows\system32\drivers\HTTP.sys
21:20:35.0190 4080 HTTP - ok
21:20:35.0206 4080 [ F17766A19145F111856378DF337A5D79 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
21:20:35.0206 4080 hwpolicy - ok
21:20:35.0253 4080 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
21:20:35.0253 4080 i8042prt - ok
21:20:35.0315 4080 [ 0E899D0DB39617AA0B2F992E7E95B5EB ] IAANTMON C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
21:20:35.0315 4080 IAANTMON - ok
21:20:35.0346 4080 [ BBB3B6DF1ABB0FE35802EDE85CC1C011 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
21:20:35.0346 4080 iaStor - ok
21:20:35.0378 4080 [ D83EFB6FD45DF9D55E9A1AFC63640D50 ] iaStorV C:\Windows\system32\DRIVERS\iaStorV.sys
21:20:35.0393 4080 iaStorV - ok
21:20:35.0456 4080 [ 2B794D16EA8D5A8BBFC2E066E855D790 ] IB Updater Updater C:\Program Files\IB Updater\ExtensionUpdaterService.exe
21:20:35.0456 4080 IB Updater Updater - ok
21:20:35.0534 4080 [ F85EB9654B4C771470CD13A0A170D3B9 ] IBUpdaterService C:\Windows\system32\dmwu.exe
21:20:35.0549 4080 IBUpdaterService - ok
21:20:35.0612 4080 [ 2F2BE70D3E02B6FA877921AB9516D43C ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:20:35.0612 4080 idsvc - ok
21:20:35.0736 4080 [ C7C5728E8562F4C69C4CC84C1DAA3365 ] IGBASVC C:\Program Files (x86)\Acer Bio Protection\BASVC.exe
21:20:35.0768 4080 IGBASVC - ok
21:20:35.0783 4080 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
21:20:35.0783 4080 iirsp - ok
21:20:35.0830 4080 [ C5B4683680DF085B57BC53E5EF34861F ] IKEEXT C:\Windows\System32\ikeext.dll
21:20:35.0846 4080 IKEEXT - ok
21:20:35.0877 4080 [ 4FF8A2082D78255D2EB169F986BCC981 ] Impcd C:\Windows\system32\DRIVERS\Impcd.sys
21:20:35.0877 4080 Impcd - ok
21:20:35.0955 4080 [ D45DD81112A179255A06E030F818BAE8 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
21:20:35.0970 4080 IntcAzAudAddService - ok
21:20:35.0986 4080 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\DRIVERS\intelide.sys
21:20:35.0986 4080 intelide - ok
21:20:36.0002 4080 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
21:20:36.0002 4080 intelppm - ok
21:20:36.0033 4080 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
21:20:36.0033 4080 IPBusEnum - ok
21:20:36.0048 4080 [ 722DD294DF62483CECAAE6E094B4D695 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:20:36.0048 4080 IpFilterDriver - ok
21:20:36.0064 4080 [ F8E058D17363EC580E4B7232778B6CB5 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
21:20:36.0080 4080 iphlpsvc - ok
21:20:36.0080 4080 [ E2B4A4494DB7CB9B89B55CA268C337C5 ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys
21:20:36.0080 4080 IPMIDRV - ok
21:20:36.0095 4080 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
21:20:36.0095 4080 IPNAT - ok
21:20:36.0111 4080 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
21:20:36.0111 4080 IRENUM - ok
21:20:36.0126 4080 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys
21:20:36.0126 4080 isapnp - ok
21:20:36.0142 4080 [ FA4D2557DE56D45B0A346F93564BE6E1 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
21:20:36.0142 4080 iScsiPrt - ok
21:20:36.0173 4080 [ 08DD34F74D65E1C8F238565570952630 ] k57nd60a C:\Windows\system32\DRIVERS\k57nd60a.sys
21:20:36.0173 4080 k57nd60a - ok
21:20:36.0204 4080 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
21:20:36.0204 4080 kbdclass - ok
21:20:36.0236 4080 [ 6DEF98F8541E1B5DCEB2C822A11F7323 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
21:20:36.0236 4080 kbdhid - ok
21:20:36.0251 4080 [ 0793F40B9B8A1BDD266296409DBD91EA ] KeyIso C:\Windows\system32\lsass.exe
21:20:36.0251 4080 KeyIso - ok
21:20:36.0282 4080 [ E8B6FCC9C83535C67F835D407620BD27 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
21:20:36.0282 4080 KSecDD - ok
21:20:36.0298 4080 [ BBE1BF6D9B661C354D4857D5FADB943B ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
21:20:36.0298 4080 KSecPkg - ok
21:20:36.0314 4080 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
21:20:36.0314 4080 ksthunk - ok
21:20:36.0360 4080 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
21:20:36.0360 4080 KtmRm - ok
21:20:36.0407 4080 [ C926920B8978DE6ACFE9E15C709E9B57 ] LanmanServer C:\Windows\system32\srvsvc.dll
21:20:36.0407 4080 LanmanServer - ok
21:20:36.0438 4080 [ 27026EAC8818E8A6C00A1CAD2F11D29A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:20:36.0438 4080 LanmanWorkstation - ok
21:20:36.0454 4080 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
21:20:36.0454 4080 lltdio - ok
21:20:36.0485 4080 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
21:20:36.0501 4080 lltdsvc - ok
21:20:36.0516 4080 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
21:20:36.0516 4080 lmhosts - ok
21:20:36.0579 4080 [ 7485FBCEF9136F530953575E2977859D ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
21:20:36.0579 4080 LMS - ok
21:20:36.0610 4080 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
21:20:36.0626 4080 LSI_FC - ok
21:20:36.0641 4080 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
21:20:36.0641 4080 LSI_SAS - ok
21:20:36.0657 4080 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
21:20:36.0657 4080 LSI_SAS2 - ok
21:20:36.0672 4080 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
21:20:36.0672 4080 LSI_SCSI - ok
21:20:36.0688 4080 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
21:20:36.0688 4080 luafv - ok
21:20:36.0719 4080 [ F84C8F1000BC11E3B7B23CBD3BAFF111 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
21:20:36.0735 4080 Mcx2Svc - ok
21:20:36.0750 4080 [ E4F44EC214B3E381E1FC844A02926666 ] mdmxsdk C:\Windows\system32\DRIVERS\mdmxsdk.sys
21:20:36.0750 4080 mdmxsdk - ok
21:20:36.0782 4080 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
21:20:36.0782 4080 megasas - ok
21:20:36.0797 4080 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
21:20:36.0797 4080 MegaSR - ok
21:20:36.0875 4080 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
21:20:36.0875 4080 Microsoft Office Groove Audit Service - ok
21:20:36.0906 4080 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
21:20:36.0906 4080 MMCSS - ok
21:20:36.0922 4080 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
21:20:36.0922 4080 Modem - ok
21:20:36.0953 4080 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
21:20:36.0953 4080 monitor - ok
21:20:36.0953 4080 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
21:20:36.0953 4080 mouclass - ok
21:20:36.0969 4080 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
21:20:36.0969 4080 mouhid - ok
21:20:36.0984 4080 [ 791AF66C4D0E7C90A3646066386FB571 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
21:20:36.0984 4080 mountmgr - ok
21:20:37.0047 4080 [ 8A7C8F4C713E70D73946833D76B77035 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
21:20:37.0047 4080 MozillaMaintenance - ok
21:20:37.0078 4080 [ 609D1D87649ECC19796F4D76D4C15CEA ] mpio C:\Windows\system32\DRIVERS\mpio.sys
21:20:37.0078 4080 mpio - ok
21:20:37.0094 4080 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
21:20:37.0094 4080 mpsdrv - ok
21:20:37.0140 4080 [ AECAB449567D1846DAD63ECE49E893E3 ] MpsSvc C:\Windows\system32\mpssvc.dll
21:20:37.0140 4080 MpsSvc - ok
21:20:37.0187 4080 [ 30524261BB51D96D6FCBAC20C810183C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
21:20:37.0187 4080 MRxDAV - ok
21:20:37.0218 4080 [ AB5892797C4114640BA333949568DE8C ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
21:20:37.0218 4080 mrxsmb - ok
21:20:37.0250 4080 [ 81A38F7AEEB265634B05AE5F3F29FBC4 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:20:37.0250 4080 mrxsmb10 - ok
21:20:37.0265 4080 [ 6B2D5FEF385828B6E485C1C90AFB8195 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:20:37.0281 4080 mrxsmb20 - ok
21:20:37.0296 4080 [ 5C37497276E3B3A5488B23A326A754B7 ] msahci C:\Windows\system32\DRIVERS\msahci.sys
21:20:37.0296 4080 msahci - ok
21:20:37.0312 4080 [ 8D27B597229AED79430FB9DB3BCBFBD0 ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys
21:20:37.0312 4080 msdsm - ok
21:20:37.0343 4080 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
21:20:37.0359 4080 MSDTC - ok
21:20:37.0374 4080 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
21:20:37.0374 4080 Msfs - ok
21:20:37.0390 4080 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
21:20:37.0390 4080 mshidkmdf - ok
21:20:37.0406 4080 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys
21:20:37.0406 4080 msisadrv - ok
21:20:37.0437 4080 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
21:20:37.0437 4080 MSiSCSI - ok
21:20:37.0452 4080 msiserver - ok
21:20:37.0468 4080 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
21:20:37.0468 4080 MSKSSRV - ok
21:20:37.0499 4080 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
21:20:37.0499 4080 MSPCLOCK - ok
21:20:37.0515 4080 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
21:20:37.0515 4080 MSPQM - ok
21:20:37.0546 4080 [ 89CB141AA8616D8C6A4610FA26C60964 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
21:20:37.0546 4080 MsRPC - ok
21:20:37.0562 4080 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
21:20:37.0562 4080 mssmbios - ok
21:20:37.0577 4080 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
21:20:37.0577 4080 MSTEE - ok
21:20:37.0593 4080 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
21:20:37.0593 4080 MTConfig - ok
21:20:37.0608 4080 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
21:20:37.0608 4080 Mup - ok
21:20:37.0640 4080 [ 6FFECC25B39DC7652A0CEC0ADA9DB589 ] mwlPSDFilter C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
21:20:37.0640 4080 mwlPSDFilter - ok
21:20:37.0655 4080 [ 0BEFE32CA56D6EE89D58175725596A85 ] mwlPSDNServ C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
21:20:37.0655 4080 mwlPSDNServ - ok
21:20:37.0671 4080 [ D43BC633B8660463E446E28E14A51262 ] mwlPSDVDisk C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
21:20:37.0686 4080 mwlPSDVDisk - ok
21:20:37.0733 4080 [ 2F139207F618EC2933830227EEFFDDB4 ] MWLService C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe
21:20:37.0733 4080 MWLService - ok
21:20:37.0780 4080 [ 4987E079A4530FA737A128BE54B63B12 ] napagent C:\Windows\system32\qagentRT.dll
21:20:37.0780 4080 napagent - ok
21:20:37.0811 4080 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
21:20:37.0827 4080 NativeWifiP - ok
21:20:37.0858 4080 [ CAD515DBD07D082BB317D9928CE8962C ] NDIS C:\Windows\system32\drivers\ndis.sys
21:20:37.0858 4080 NDIS - ok
21:20:37.0889 4080 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
21:20:37.0889 4080 NdisCap - ok
21:20:37.0920 4080 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
21:20:37.0920 4080 NdisTapi - ok
21:20:37.0936 4080 [ F105BA1E22BF1F2EE8F005D4305E4BEC ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
21:20:37.0936 4080 Ndisuio - ok
21:20:37.0952 4080 [ 557DFAB9CA1FCB036AC77564C010DAD3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
21:20:37.0952 4080 NdisWan - ok
21:20:37.0967 4080 [ 659B74FB74B86228D6338D643CD3E3CF ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
21:20:37.0967 4080 NDProxy - ok
21:20:37.0998 4080 [ 2334DC48997BA203B794DF3EE70521DB ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
21:20:37.0998 4080 Net Driver HPZ12 - ok
21:20:38.0030 4080 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
21:20:38.0030 4080 NetBIOS - ok
21:20:38.0045 4080 [ 9162B273A44AB9DCE5B44362731D062A ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
21:20:38.0045 4080 NetBT - ok
21:20:38.0061 4080 [ 0793F40B9B8A1BDD266296409DBD91EA ] Netlogon C:\Windows\system32\lsass.exe
21:20:38.0061 4080 Netlogon - ok
21:20:38.0076 4080 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
21:20:38.0092 4080 Netman - ok
21:20:38.0108 4080 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
21:20:38.0108 4080 netprofm - ok
21:20:38.0123 4080 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
21:20:38.0123 4080 NetTcpPortSharing - ok
21:20:38.0310 4080 [ 4D85A450EDEF10C38882182753A49AAE ] NETw5s64 C:\Windows\system32\DRIVERS\NETw5s64.sys
21:20:38.0357 4080 NETw5s64 - ok
21:20:38.0404 4080 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
21:20:38.0404 4080 nfrd960 - ok
21:20:38.0435 4080 [ D9A0CE66046D6EFA0C61BAA885CBA0A8 ] NlaSvc C:\Windows\System32\nlasvc.dll
21:20:38.0435 4080 NlaSvc - ok
21:20:38.0451 4080 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
21:20:38.0451 4080 Npfs - ok
21:20:38.0466 4080 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
21:20:38.0466 4080 nsi - ok
21:20:38.0466 4080 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
21:20:38.0466 4080 nsiproxy - ok
21:20:38.0513 4080 [ 356698A13C4630D5B31C37378D469196 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
21:20:38.0529 4080 Ntfs - ok
21:20:38.0591 4080 [ 14E66F603FB187713AEB02AD3B0390CF ] NTI IScheduleSvc C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
21:20:38.0591 4080 NTI IScheduleSvc - ok
21:20:38.0638 4080 [ FD324CCE1D4D5BB5AF65F8E55B462C7E ] NTIBackupSvc C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
21:20:38.0638 4080 NTIBackupSvc - ok
21:20:38.0669 4080 [ 64DDD0DEE976302F4BD93E5EFCC2F013 ] NTIDrvr C:\Windows\system32\drivers\NTIDrvr.sys
21:20:38.0669 4080 NTIDrvr - ok
21:20:38.0700 4080 [ 3F6268A2EC33CD38CF75C880AF8DED42 ] NTISchedulerSvc C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
21:20:38.0700 4080 NTISchedulerSvc - ok
21:20:38.0716 4080 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
21:20:38.0732 4080 Null - ok
21:20:38.0747 4080 [ AD37248BD442D41C9A896E53EB8A85EE ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
21:20:38.0747 4080 NVHDA - ok
21:20:39.0044 4080 [ 97ED52F0D3D390BCE24BD0E41D268FAC ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
21:20:39.0090 4080 nvlddmkm - ok
21:20:39.0137 4080 [ 3E38712941E9BB4DDBEE00AFFE3FED3D ] nvraid C:\Windows\system32\DRIVERS\nvraid.sys
21:20:39.0137 4080 nvraid - ok
21:20:39.0153 4080 [ 477DC4D6DEB99BE37084C9AC6D013DA1 ] nvstor C:\Windows\system32\DRIVERS\nvstor.sys
21:20:39.0153 4080 nvstor - ok
21:20:39.0200 4080 [ AE32A5FEFFD0AE5DBC1F2A9DD43D86C6 ] nvsvc C:\Windows\system32\nvvsvc.exe
21:20:39.0200 4080 nvsvc - ok
21:20:39.0215 4080 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys
21:20:39.0215 4080 nv_agp - ok
21:20:39.0309 4080 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
21:20:39.0309 4080 odserv - ok
21:20:39.0340 4080 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
21:20:39.0340 4080 ohci1394 - ok
21:20:39.0371 4080 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:20:39.0371 4080 ose - ok
21:20:39.0402 4080 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
21:20:39.0402 4080 p2pimsvc - ok
21:20:39.0449 4080 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
21:20:39.0465 4080 p2psvc - ok
21:20:39.0496 4080 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
21:20:39.0496 4080 Parport - ok
21:20:39.0512 4080 [ 7DAA117143316C4A1537E074A5A9EAF0 ] partmgr C:\Windows\system32\drivers\partmgr.sys
21:20:39.0512 4080 partmgr - ok
21:20:39.0527 4080 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
21:20:39.0527 4080 PcaSvc - ok
21:20:39.0543 4080 [ F36F6504009F2FB0DFD1B17A116AD74B ] pci C:\Windows\system32\DRIVERS\pci.sys
21:20:39.0543 4080 pci - ok
21:20:39.0574 4080 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\DRIVERS\pciide.sys
21:20:39.0574 4080 pciide - ok
21:20:39.0605 4080 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
21:20:39.0605 4080 pcmcia - ok
21:20:39.0621 4080 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
21:20:39.0621 4080 pcw - ok
21:20:39.0652 4080 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
21:20:39.0652 4080 PEAUTH - ok
21:20:39.0761 4080 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
21:20:39.0761 4080 PerfHost - ok
21:20:39.0839 4080 [ 557E9A86F65F0DE18C9B6751DFE9D3F1 ] pla C:\Windows\system32\pla.dll
21:20:39.0855 4080 pla - ok
21:20:39.0870 4080 [ 23157D583244400E1D7FBAEE2E4B31B7 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
21:20:39.0870 4080 PlugPlay - ok
21:20:39.0886 4080 [ AC78DF349F0E4CFB8B667C0CFFF83CCE ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
21:20:39.0886 4080 Pml Driver HPZ12 - ok
21:20:39.0902 4080 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
21:20:39.0902 4080 PNRPAutoReg - ok
21:20:39.0917 4080 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
21:20:39.0917 4080 PNRPsvc - ok
21:20:39.0964 4080 [ 166EB40D1F5B47E615DE3D0FFFE5F243 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
21:20:39.0964 4080 PolicyAgent - ok
21:20:39.0995 4080 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
21:20:39.0995 4080 Power - ok
21:20:40.0026 4080 [ 27CC19E81BA5E3403C48302127BDA717 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
21:20:40.0026 4080 PptpMiniport - ok
21:20:40.0058 4080 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
21:20:40.0058 4080 Processor - ok
21:20:40.0089 4080 [ F381975E1F4346DE875CB07339CE8D3A ] ProfSvc C:\Windows\system32\profsvc.dll
21:20:40.0089 4080 ProfSvc - ok
21:20:40.0104 4080 [ 0793F40B9B8A1BDD266296409DBD91EA ] ProtectedStorage C:\Windows\system32\lsass.exe
21:20:40.0104 4080 ProtectedStorage - ok
21:20:40.0120 4080 [ EE992183BD8EAEFD9973F352E587A299 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
21:20:40.0120 4080 Psched - ok
21:20:40.0167 4080 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
21:20:40.0182 4080 ql2300 - ok
21:20:40.0198 4080 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
21:20:40.0198 4080 ql40xx - ok
21:20:40.0229 4080 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
21:20:40.0229 4080 QWAVE - ok
21:20:40.0260 4080 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
21:20:40.0260 4080 QWAVEdrv - ok
21:20:40.0307 4080 [ A55E7D0D873B2C97585B3B5926AC6ADE ] RapiMgr C:\Windows\WindowsMobile\rapimgr.dll
21:20:40.0307 4080 RapiMgr - ok
21:20:40.0323 4080 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
21:20:40.0323 4080 RasAcd - ok
21:20:40.0354 4080 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
21:20:40.0354 4080 RasAgileVpn - ok
21:20:40.0401 4080 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
21:20:40.0401 4080 RasAuto - ok
21:20:40.0432 4080 [ 87A6E852A22991580D6D39ADC4790463 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
21:20:40.0432 4080 Rasl2tp - ok
21:20:40.0448 4080 [ 47394ED3D16D053F5906EFE5AB51CC83 ] RasMan C:\Windows\System32\rasmans.dll
21:20:40.0448 4080 RasMan - ok
21:20:40.0463 4080 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
21:20:40.0463 4080 RasPppoe - ok
21:20:40.0479 4080 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
21:20:40.0479 4080 RasSstp - ok
21:20:40.0494 4080 [ 3BAC8142102C15D59A87757C1D41DCE5 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
21:20:40.0494 4080 rdbss - ok
21:20:40.0510 4080 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
21:20:40.0510 4080 rdpbus - ok
21:20:40.0526 4080 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
21:20:40.0526 4080 RDPCDD - ok
21:20:40.0541 4080 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
21:20:40.0541 4080 RDPENCDD - ok
21:20:40.0541 4080 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
21:20:40.0541 4080 RDPREFMP - ok
21:20:40.0572 4080 [ 8A3E6BEA1C53EA6177FE2B6EBA2C80D7 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
21:20:40.0572 4080 RDPWD - ok
21:20:40.0588 4080 [ 634B9A2181D98F15941236886164EC8B ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
21:20:40.0588 4080 rdyboost - ok
21:20:40.0604 4080 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
21:20:40.0619 4080 RemoteAccess - ok
21:20:40.0650 4080 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
21:20:40.0650 4080 RemoteRegistry - ok
21:20:40.0666 4080 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
21:20:40.0666 4080 RFCOMM - ok
21:20:40.0697 4080 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
21:20:40.0697 4080 RpcEptMapper - ok
21:20:40.0713 4080 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
21:20:40.0713 4080 RpcLocator - ok
21:20:40.0744 4080 [ 7266972E86890E2B30C0C322E906B027 ] RpcSs C:\Windows\system32\rpcss.dll
21:20:40.0744 4080 RpcSs - ok
21:20:40.0760 4080 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
21:20:40.0760 4080 rspndr - ok
21:20:40.0806 4080 [ DB30AA4DAA0D492FA5D7717D8181FFA1 ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
21:20:40.0806 4080 RSUSBSTOR - ok
21:20:40.0822 4080 [ 0793F40B9B8A1BDD266296409DBD91EA ] SamSs C:\Windows\system32\lsass.exe
21:20:40.0822 4080 SamSs - ok
21:20:40.0838 4080 [ E3BBB89983DAF5622C1D50CF49F28227 ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys
21:20:40.0838 4080 sbp2port - ok
21:20:40.0884 4080 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
21:20:40.0884 4080 SCardSvr - ok
21:20:40.0900 4080 [ C94DA20C7E3BA1DCA269BC8460D98387 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
21:20:40.0900 4080 scfilter - ok
21:20:40.0931 4080 [ EC56B171F85C7E855E7B0588AC503EEA ] Schedule C:\Windows\system32\schedsvc.dll
21:20:40.0947 4080 Schedule - ok
21:20:40.0962 4080 [ 312E2F82AF11E79906898AC3E3D58A1F ] SCPolicySvc C:\Windows\System32\certprop.dll
21:20:40.0962 4080 SCPolicySvc - ok
21:20:40.0978 4080 [ 765A27C3279CE11D14CB9E4F5869FCA5 ] SDRSVC C:\Windows\System32\SDRSVC.dll
21:20:40.0994 4080 SDRSVC - ok
21:20:40.0994 4080 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
21:20:40.0994 4080 secdrv - ok
21:20:41.0009 4080 [ 463B386EBC70F98DA5DFF85F7E654346 ] seclogon C:\Windows\system32\seclogon.dll
21:20:41.0009 4080 seclogon - ok
21:20:41.0025 4080 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
21:20:41.0025 4080 SENS - ok
21:20:41.0040 4080 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
21:20:41.0040 4080 SensrSvc - ok
21:20:41.0056 4080 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
21:20:41.0056 4080 Serenum - ok
21:20:41.0087 4080 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
21:20:41.0087 4080 Serial - ok
21:20:41.0103 4080 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
21:20:41.0103 4080 sermouse - ok
21:20:41.0118 4080 [ C3BC61CE47FF6F4E88AB8A3B429A36AF ] SessionEnv C:\Windows\system32\sessenv.dll
21:20:41.0134 4080 SessionEnv - ok
21:20:41.0150 4080 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
21:20:41.0150 4080 sffdisk - ok
21:20:41.0165 4080 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\DRIVERS\sffp_mmc.sys
21:20:41.0165 4080 sffp_mmc - ok
21:20:41.0165 4080 [ 5588B8C6193EB1522490C122EB94DFFA ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
21:20:41.0181 4080 sffp_sd - ok
21:20:41.0181 4080 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
21:20:41.0196 4080 sfloppy - ok
21:20:41.0228 4080 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
21:20:41.0243 4080 SharedAccess - ok
21:20:41.0274 4080 [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:20:41.0290 4080 ShellHWDetection - ok
21:20:41.0321 4080 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
21:20:41.0321 4080 SiSRaid2 - ok
21:20:41.0337 4080 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
21:20:41.0337 4080 SiSRaid4 - ok
21:20:41.0368 4080 [ C44D3179D9EFEBD26572A9DC6DD759DE ] SjtWinIo C:\Windows\system32\DRIVERS\SjtWinIo.sys
21:20:41.0368 4080 SjtWinIo - ok
21:20:41.0430 4080 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
21:20:41.0430 4080 SkypeUpdate - ok
21:20:41.0462 4080 [ 94CE7845AF6A2065B829E0126CD56236 ] SmartDefragDriver C:\Windows\system32\Drivers\SmartDefragDriver.sys
21:20:41.0462 4080 SmartDefragDriver - ok
21:20:41.0493 4080 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
21:20:41.0493 4080 Smb - ok
21:20:41.0540 4080 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
21:20:41.0540 4080 SNMPTRAP - ok
21:20:41.0555 4080 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
21:20:41.0555 4080 spldr - ok
21:20:41.0586 4080 [ 89E8550C5862999FCF482EA562B0E98E ] Spooler C:\Windows\System32\spoolsv.exe
21:20:41.0602 4080 Spooler - ok
21:20:41.0711 4080 [ 913D843498553A1BC8F8DBAD6358E49F ] sppsvc C:\Windows\system32\sppsvc.exe
21:20:41.0727 4080 sppsvc - ok
21:20:41.0742 4080 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
21:20:41.0742 4080 sppuinotify - ok
21:20:41.0789 4080 [ 602884696850C86434530790B110E8EB ] sptd C:\Windows\system32\Drivers\sptd.sys
21:20:41.0789 4080 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 602884696850C86434530790B110E8EB
21:20:41.0789 4080 sptd ( LockedFile.Multi.Generic ) - warning
21:20:41.0789 4080 sptd - detected LockedFile.Multi.Generic (1)
21:20:41.0836 4080 [ 37C3ABC2338010E110D2A6A3930F3149 ] srv C:\Windows\system32\DRIVERS\srv.sys
21:20:41.0836 4080 srv - ok
21:20:41.0867 4080 [ F773D2ED090B7BAA1C1A034F3CA476C8 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
21:20:41.0883 4080 srv2 - ok
21:20:41.0898 4080 [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS
21:20:41.0898 4080 SrvHsfHDA - ok
21:20:41.0945 4080 [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS
21:20:41.0961 4080 SrvHsfV92 - ok
21:20:41.0992 4080 [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
21:20:41.0992 4080 SrvHsfWinac - ok
21:20:42.0023 4080 [ CCE32BB223E9FF55D241099A858FA889 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
21:20:42.0023 4080 srvnet - ok
21:20:42.0070 4080 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
21:20:42.0070 4080 SSDPSRV - ok
21:20:42.0086 4080 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
21:20:42.0086 4080 SstpSvc - ok
21:20:42.0101 4080 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
21:20:42.0101 4080 stexstor - ok
21:20:42.0132 4080 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
21:20:42.0132 4080 StillCam - ok
21:20:42.0164 4080 [ 52D0E33B681BD0F33FDC08812FEE4F7D ] stisvc C:\Windows\System32\wiaservc.dll
21:20:42.0179 4080 stisvc - ok
21:20:42.0210 4080 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
21:20:42.0210 4080 swenum - ok
21:20:42.0242 4080 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
21:20:42.0257 4080 swprv - ok
21:20:42.0288 4080 [ 5AEEC2BB8065B563ADBC88CA22588953 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
21:20:42.0288 4080 SynTP - ok
21:20:42.0351 4080 [ 3C1284516A62078FB68F768DE4F1A7BE ] SysMain C:\Windows\system32\sysmain.dll
21:20:42.0366 4080 SysMain - ok
21:20:42.0382 4080 [ 238935C3CF2854886DC7CBB2A0E2CC66 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:20:42.0382 4080 TabletInputService - ok
21:20:42.0413 4080 [ 884264AC597B690C5707C89723BB8E7B ] TapiSrv C:\Windows\System32\tapisrv.dll
21:20:42.0413 4080 TapiSrv - ok
21:20:42.0413 4080 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
21:20:42.0413 4080 TBS - ok
21:20:42.0491 4080 [ 912107716BAB424C7870E8E6AF5E07E1 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
21:20:42.0507 4080 Tcpip - ok
21:20:42.0569 4080 [ 912107716BAB424C7870E8E6AF5E07E1 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
21:20:42.0585 4080 TCPIP6 - ok
21:20:42.0600 4080 [ 76D078AF6F587B162D50210F761EB9ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
21:20:42.0600 4080 tcpipreg - ok
21:20:42.0632 4080 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
21:20:42.0632 4080 TDPIPE - ok
21:20:42.0647 4080 [ E4245BDA3190A582D55ED09E137401A9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
21:20:42.0647 4080 TDTCP - ok
21:20:42.0663 4080 [ 079125C4B17B01FCAEEBCE0BCB290C0F ] tdx C:\Windows\system32\DRIVERS\tdx.sys
21:20:42.0678 4080 tdx - ok
21:20:42.0694 4080 [ C448651339196C0E869A355171875522 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
21:20:42.0694 4080 TermDD - ok
21:20:42.0725 4080 [ 0F05EC2887BFE197AD82A13287D2F404 ] TermService C:\Windows\System32\termsrv.dll
21:20:42.0741 4080 TermService - ok
21:20:42.0756 4080 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
21:20:42.0756 4080 Themes - ok
21:20:42.0788 4080 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
21:20:42.0788 4080 THREADORDER - ok
21:20:42.0803 4080 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
21:20:42.0803 4080 TrkWks - ok
21:20:42.0866 4080 [ 840F7FB849F5887A49BA18C13B2DA920 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:20:42.0866 4080 TrustedInstaller - ok
21:20:42.0912 4080 [ 61B96C26131E37B24E93327A0BD1FB95 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
21:20:42.0912 4080 tssecsrv - ok
21:20:42.0928 4080 [ 3836171A2CDF3AF8EF10856DB9835A70 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
21:20:42.0928 4080 tunnel - ok
21:20:42.0975 4080 [ 53FF5F00EAB07E329ABE48AE3DE4F5D7 ] TurboB C:\Windows\system32\DRIVERS\TurboB.sys
21:20:42.0975 4080 TurboB - ok
21:20:43.0022 4080 [ B670DF651F00194434ADC6B326743709 ] TurboBoost C:\Program Files\Intel\TurboBoost\TurboBoost.exe
21:20:43.0022 4080 TurboBoost - ok
21:20:43.0053 4080 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
21:20:43.0053 4080 uagp35 - ok
21:20:43.0100 4080 [ 2E22C1FD397A5A9FFEF55E9D1FC96C00 ] UBHelper C:\Windows\system32\drivers\UBHelper.sys
21:20:43.0100 4080 UBHelper - ok
21:20:43.0131 4080 [ D47BAEAD86C65D4F4069D7CE0A4EDCEB ] udfs C:\Windows\system32\DRIVERS\udfs.sys
21:20:43.0131 4080 udfs - ok
21:20:43.0162 4080 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
21:20:43.0162 4080 UI0Detect - ok
21:20:43.0209 4080 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys
21:20:43.0209 4080 uliagpkx - ok
21:20:43.0224 4080 [ EAB6C35E62B1B0DB0D1B48B671D3A117 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
21:20:43.0224 4080 umbus - ok
21:20:43.0256 4080 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
21:20:43.0256 4080 UmPass - ok
21:20:43.0380 4080 [ 765F2DD351BA064F657751D8D75E58C0 ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
21:20:43.0396 4080 UNS - ok
21:20:43.0458 4080 [ 70DDE3A86DBEB1D6C3C30AD687B1877A ] Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
21:20:43.0458 4080 Updater Service - ok
21:20:43.0505 4080 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
21:20:43.0505 4080 upnphost - ok
21:20:43.0536 4080 [ B26AFB54A534D634523C4FB66765B026 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
21:20:43.0536 4080 usbccgp - ok
21:20:43.0552 4080 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
21:20:43.0552 4080 usbcir - ok
21:20:43.0583 4080 [ 2EA4AFF7BE7EB4632E3AA8595B0803B5 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
21:20:43.0583 4080 usbehci - ok
21:20:43.0614 4080 [ 4C9042B8DF86C1E8E6240C218B99B39B ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
21:20:43.0614 4080 usbhub - ok
21:20:43.0630 4080 [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
21:20:43.0630 4080 usbohci - ok
21:20:43.0646 4080 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
21:20:43.0646 4080 usbprint - ok
21:20:43.0677 4080 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
21:20:43.0677 4080 usbscan - ok
21:20:43.0708 4080 [ 080D3820DA6C046BE82FC8B45A893E83 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:20:43.0708 4080 USBSTOR - ok
21:20:43.0724 4080 [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
21:20:43.0724 4080 usbuhci - ok
21:20:43.0755 4080 [ D501E12614B00A3252073101D6A1A74B ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
21:20:43.0755 4080 usbvideo - ok
21:20:43.0786 4080 [ 70D05EE263568A742D14E1876DF80532 ] usb_rndisx C:\Windows\system32\DRIVERS\usb8023x.sys
21:20:43.0786 4080 usb_rndisx - ok
21:20:43.0817 4080 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
21:20:43.0817 4080 UxSms - ok
21:20:43.0833 4080 [ 0793F40B9B8A1BDD266296409DBD91EA ] VaultSvc C:\Windows\system32\lsass.exe
21:20:43.0833 4080 VaultSvc - ok
21:20:43.0864 4080 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys
21:20:43.0864 4080 vdrvroot - ok
21:20:43.0880 4080 [ 44D73E0BBC1D3C8981304BA15135C2F2 ] vds C:\Windows\System32\vds.exe
21:20:43.0895 4080 vds - ok
21:20:43.0911 4080 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
21:20:43.0911 4080 vga - ok
21:20:43.0926 4080 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
21:20:43.0926 4080 VgaSave - ok
21:20:43.0942 4080 [ C82E748660F62A242B2DFAC1442F22A4 ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys
21:20:43.0942 4080 vhdmp - ok
21:20:43.0958 4080 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\DRIVERS\viaide.sys
21:20:43.0958 4080 viaide - ok
21:20:43.0989 4080 [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3 ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys
21:20:43.0989 4080 volmgr - ok
21:20:44.0004 4080 [ 99B0CBB569CA79ACAED8C91461D765FB ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
21:20:44.0004 4080 volmgrx - ok
21:20:44.0004 4080 [ 58F82EED8CA24B461441F9C3E4F0BF5C ] volsnap C:\Windows\system32\DRIVERS\volsnap.sys
21:20:44.0004 4080 volsnap - ok
21:20:44.0036 4080 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
21:20:44.0036 4080 vsmraid - ok
21:20:44.0114 4080 [ 787898BF9FB6D7BD87A36E2D95C899BA ] VSS C:\Windows\system32\vssvc.exe
21:20:44.0129 4080 VSS - ok
21:20:44.0207 4080 [ E2CA898E105C3F2B62DB130F28C73322 ] vToolbarUpdater15.0.0 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.0.0\ToolbarUpdater.exe
21:20:44.0207 4080 vToolbarUpdater15.0.0 - ok
21:20:44.0238 4080 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
21:20:44.0238 4080 vwifibus - ok
21:20:44.0254 4080 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
21:20:44.0254 4080 vwififlt - ok
21:20:44.0270 4080 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
21:20:44.0270 4080 vwifimp - ok
21:20:44.0316 4080 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
21:20:44.0316 4080 W32Time - ok
21:20:44.0348 4080 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
21:20:44.0348 4080 WacomPen - ok
21:20:44.0363 4080 [ 47CA49400643EFFD3F1C9A27E1D69324 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
21:20:44.0363 4080 WANARP - ok
21:20:44.0379 4080 [ 47CA49400643EFFD3F1C9A27E1D69324 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
21:20:44.0379 4080 Wanarpv6 - ok
21:20:44.0410 4080 [ 5AB1BB85BD8B5089CC5D64200DEDAE68 ] wbengine C:\Windows\system32\wbengine.exe
21:20:44.0426 4080 wbengine - ok
21:20:44.0441 4080 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
21:20:44.0457 4080 WbioSrvc - ok
21:20:44.0488 4080 [ 8BDA6DB43AA54E8BB5E0794541DDC209 ] WcesComm C:\Windows\WindowsMobile\wcescomm.dll
21:20:44.0488 4080 WcesComm - ok
21:20:44.0504 4080 [ 8321C2CA3B62B61B293CDA3451984468 ] wcncsvc C:\Windows\System32\wcncsvc.dll
21:20:44.0504 4080 wcncsvc - ok
21:20:44.0535 4080 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:20:44.0535 4080 WcsPlugInService - ok
21:20:44.0566 4080 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
21:20:44.0566 4080 Wd - ok
21:20:44.0597 4080 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
21:20:44.0597 4080 Wdf01000 - ok
21:20:44.0613 4080 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
21:20:44.0613 4080 WdiServiceHost - ok
21:20:44.0613 4080 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
21:20:44.0613 4080 WdiSystemHost - ok
21:20:44.0644 4080 [ 8A438CBB8C032A0C798B0C642FFBE572 ] WebClient C:\Windows\System32\webclnt.dll
21:20:44.0644 4080 WebClient - ok
21:20:44.0660 4080 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
21:20:44.0660 4080 Wecsvc - ok
21:20:44.0675 4080 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
21:20:44.0691 4080 wercplsupport - ok
21:20:44.0691 4080 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
21:20:44.0691 4080 WerSvc - ok
21:20:44.0706 4080 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
21:20:44.0706 4080 WfpLwf - ok
21:20:44.0738 4080 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
21:20:44.0738 4080 WIMMount - ok
21:20:44.0784 4080 [ A6EA7A3FC4B00F48535B506DB1E86EFD ] winachsf C:\Windows\system32\DRIVERS\CAX_CNXT.sys
21:20:44.0784 4080 winachsf - ok
21:20:44.0816 4080 WinDefend - ok
21:20:44.0831 4080 WinHttpAutoProxySvc - ok
21:20:44.0894 4080 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
21:20:44.0894 4080 Winmgmt - ok
21:20:44.0987 4080 [ 41FBB751936B387F9179E7F03A74FE29 ] WinRM C:\Windows\system32\WsmSvc.dll
21:20:45.0003 4080 WinRM - ok
21:20:45.0034 4080 [ 817EAFF5D38674EDD7713B9DFB8E9791 ] WINUSB C:\Windows\system32\DRIVERS\WinUSB.SYS
21:20:45.0034 4080 WINUSB - ok
21:20:45.0096 4080 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
21:20:45.0096 4080 Wlansvc - ok
21:20:45.0128 4080 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
21:20:45.0128 4080 WmiAcpi - ok
21:20:45.0159 4080 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
21:20:45.0159 4080 wmiApSrv - ok
21:20:45.0190 4080 WMPNetworkSvc - ok
21:20:45.0206 4080 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
21:20:45.0206 4080 WPCSvc - ok
21:20:45.0221 4080 [ 2E57DDF2880A7E52E76F41C7E96D327B ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
21:20:45.0221 4080 WPDBusEnum - ok
21:20:45.0252 4080 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
21:20:45.0252 4080 ws2ifsl - ok
21:20:45.0252 4080 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
21:20:45.0268 4080 wscsvc - ok
21:20:45.0268 4080 WSearch - ok
21:20:45.0362 4080 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
21:20:45.0377 4080 wuauserv - ok
21:20:45.0408 4080 [ 7CADC74271DD6461C452C271B30BD378 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
21:20:45.0408 4080 WudfPf - ok
21:20:45.0440 4080 [ 3B197AF0FFF08AA66B6B2241CA538D64 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
21:20:45.0440 4080 WUDFRd - ok
21:20:45.0471 4080 [ B551D6637AA0E132C18AC6E504F7B79B ] wudfsvc C:\Windows\System32\WUDFSvc.dll
21:20:45.0471 4080 wudfsvc - ok
21:20:45.0486 4080 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
21:20:45.0486 4080 WwanSvc - ok
21:20:45.0518 4080 [ E8F3FA126A06F8E7088F63757112A186 ] XAudio C:\Windows\system32\DRIVERS\XAudio64.sys
21:20:45.0518 4080 XAudio - ok
21:20:45.0564 4080 ================ Scan global ===============================
21:20:45.0611 4080 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
21:20:45.0642 4080 [ 457B44AB6D502E55F64A867D4F35C76C ] C:\Windows\system32\winsrv.dll
21:20:45.0658 4080 [ 457B44AB6D502E55F64A867D4F35C76C ] C:\Windows\system32\winsrv.dll
21:20:45.0689 4080 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
21:20:45.0720 4080 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
21:20:45.0720 4080 [Global] - ok
21:20:45.0720 4080 ================ Scan MBR ==================================
21:20:45.0736 4080 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
21:20:46.0048 4080 \Device\Harddisk0\DR0 - ok
21:20:46.0048 4080 ================ Scan VBR ==================================
21:20:46.0048 4080 [ 50F213633E06E8F8099A60EF354270D8 ] \Device\Harddisk0\DR0\Partition1
21:20:46.0048 4080 \Device\Harddisk0\DR0\Partition1 - ok
21:20:46.0064 4080 [ DC4A1ED4EDDD1E1679B955495A36BB61 ] \Device\Harddisk0\DR0\Partition2
21:20:46.0064 4080 \Device\Harddisk0\DR0\Partition2 - ok
21:20:46.0095 4080 [ F5DCFDD6763858E1948FF3DAD891EEDE ] \Device\Harddisk0\DR0\Partition3
21:20:46.0095 4080 \Device\Harddisk0\DR0\Partition3 - ok
21:20:46.0095 4080 ============================================================
21:20:46.0095 4080 Scan finished
21:20:46.0095 4080 ============================================================
21:20:46.0110 2956 Detected object count: 1
21:20:46.0110 2956 Actual detected object count: 1
21:20:54.0363 2956 sptd ( LockedFile.Multi.Generic ) - skipped by user
21:20:54.0363 2956 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
21:20:58.0497 2184 Deinitialize success

Attached Thumbnails

  • kapersky.jpg

  • 0

#10
Jintan

Jintan

    Trusted Helper

  • Malware Removal
  • 904 posts
Click X to close it. It located Daemon Tools rootkit. Maybe it is blocking the update though.

Go to Start - All Programs, locate either Alcohol and/or Daemon Tools, click the Uninstall option. Reboot after, and try the update again please.
  • 0

Advertisements


#11
kenchew

kenchew

    Member

  • Topic Starter
  • Member
  • PipPip
  • 74 posts
Uninstalled Daemon Tools (had to go into C:\Program Files (x86) to locate the uninstaller, Daemon Tools folder in the All Programs list was empty).

After rebooting, tried the Windows Service Pack update , and again they gave me the same message.

Then I run Kaspersky's TDSSKiller (larry.com) and again they found the same threat that I've posted earlier.
  • 0

#12
Jintan

Jintan

    Trusted Helper

  • Malware Removal
  • 904 posts
Uninstalling Daemon doesn't always uninstall the rootkit component, which is what TDSSKiller is picking up.

Go here and download the most current copy of the SPTD installer (latest I think is still SPTDinst-v183-x64.exe). Then click the downloaded file to start the installer. When the option appears select Uninstall, and allow the tool to uninstall SPTD from your system. Be sure to reboot after to complete the removal of the SPTD settings.

---------

Then do the following:

@ECHO OFF
if exist winkey.txt del winkey.txt 
REG QUERY "HKEY_LOCAL_MACHINE\COMPONENTS" > winkey.txt 
notepad winkey.txt
Open Notepad (Start Search, type notepad and press Enter).

Copy/paste the above text (inside the Code box) into the open Notepad text box, then save this to your desktop as "cfgcheck.bat"

Be sure to include the "" quotes in the name. Then click on cfgcheck.bat. When the scan completes a textbox will open - copy/paste those contents back here please.
  • 0

#13
kenchew

kenchew

    Member

  • Topic Starter
  • Member
  • PipPip
  • 74 posts
Uninstalled SPTD.

Then, I followed the instructions for the cfgcheck.bat scan. But an error appeared (Refer image).

Attached Thumbnails

  • Error.jpg

  • 0

#14
Jintan

Jintan

    Trusted Helper

  • Malware Removal
  • 904 posts
Let's shift gears then, based on that AVG uninstall leading to a BSOD. Suggests malware involvement.

Be sure to continue to temporarily disable any protective software when running the scan tools we use here.


Download ComboFix.exe from here to your desktop, then click that to run that scan. Agree to any warnings you might receive.


A caution - do not touch your mouse/keyboard until the scan has completed. The scan will temporarily disable your desktop, and if interrupted may leave your desktop disabled. If this occurs, please reboot to restore the desktop.

Allow the scan to run. When completed a text window will appear - please copy/paste the contents back here. This log can also be found at C:\ComboFix.txt.
  • 0

#15
kenchew

kenchew

    Member

  • Topic Starter
  • Member
  • PipPip
  • 74 posts
Here's the log. For your info, the whole process took about 2 hours. :wacko:

ComboFix 13-04-17.01 - acer 17-Apr-13 19:38:08.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.1975.1031 [GMT 8:00]
Running from: c:\users\acer\Desktop\ComboFix.exe
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Acer Bio Protection\PwdFilterV64.dll
c:\program files (x86)\Common Files\Acer GameZone online.ico
c:\program files (x86)\Incredibar.com
c:\program files (x86)\Incredibar.com\incredibar\1.5.11.14\bh\inCRedibar.dll
c:\program files (x86)\Incredibar.com\incredibar\1.5.11.14\incredibarApp.dll
c:\program files (x86)\Incredibar.com\incredibar\1.5.11.14\incredibarEng.dll
c:\program files (x86)\Incredibar.com\incredibar\1.5.11.14\incredibarsrv.exe
c:\program files (x86)\Incredibar.com\incredibar\1.5.11.14\incredibarTlbr.dll
c:\program files (x86)\Incredibar.com\incredibar\1.5.11.14\uninstall.exe
c:\users\acer\AppData\Roaming\.#
c:\users\acer\AppData\Roaming\.#\[email protected]@2132770.###
c:\users\acer\AppData\Roaming\.#\[email protected]@21327A0.###
c:\users\acer\AppData\Roaming\.#\[email protected]@2E2770.###
c:\users\acer\AppData\Roaming\.#\[email protected]@2E27A0.###
c:\users\acer\AppData\Roaming\.#\[email protected]@20F2770.###
c:\users\acer\AppData\Roaming\.#\[email protected]@20F27A0.###
.
.
((((((((((((((((((((((((( Files Created from 2013-03-17 to 2013-04-17 )))))))))))))))))))))))))))))))
.
.
2013-04-17 13:14 . 2013-04-17 13:14 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-04-13 12:37 . 2013-04-13 12:38 -------- d-----w- C:\4b81525c2779cdd84a549a3d
2013-04-13 12:10 . 2013-04-13 12:10 -------- d-----w- C:\4d0a8400addbb88b308194f33b31
2013-04-13 08:22 . 2013-04-13 08:22 -------- d-----w- c:\windows\system32\EventProviders
2013-04-13 01:59 . 2013-04-13 01:59 -------- d-----w- c:\users\acer\AppData\Local\Avg2013
2013-04-11 13:44 . 2013-04-11 13:44 -------- d-----w- c:\windows\SysWow64\jmdp
2013-04-11 13:44 . 2013-04-11 13:44 -------- d-----w- c:\windows\SysWow64\ARFC
2013-04-04 13:11 . 2013-04-13 13:03 -------- d-----w- c:\windows\system32\catroot2
2013-04-02 13:58 . 2013-04-02 13:58 -------- d-----w- c:\program files (x86)\Schweser2013
2013-03-31 15:07 . 2013-03-31 15:07 -------- d-----w- c:\users\acer\AppData\Roaming\TuneUp Software
2013-03-31 15:03 . 2013-04-13 01:50 -------- d-----w- c:\programdata\AVG2013
2013-03-31 14:56 . 2013-03-31 14:56 -------- d-----w- c:\users\acer\AppData\Local\MFAData
2013-03-30 12:22 . 2013-03-30 12:22 -------- d-----w- c:\program files (x86)\Common Files\Skype
2013-03-30 11:39 . 2013-03-30 11:39 -------- d-----w- c:\program files\Microsoft Silverlight
2013-03-30 11:39 . 2013-03-30 11:39 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
2013-03-30 10:33 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2013-03-30 10:33 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe
2013-03-30 10:33 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll
2013-03-30 10:33 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll
2013-03-30 10:26 . 2012-06-02 07:19 186752 ----a-w- c:\windows\system32\wuwebv.dll
2013-03-30 10:26 . 2012-06-02 07:15 36864 ----a-w- c:\windows\system32\wuapp.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-04-07 10:46 . 2013-04-07 10:46 76232 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{46A4C8A1-CCAF-4E0F-A743-B31F4705DD1E}\offreg.dll
2013-04-07 08:54 . 2012-11-13 06:35 1455408 ----a-w- c:\windows\system32\dmwu.exe
2013-04-07 08:53 . 2012-11-13 06:35 33792 ----a-w- c:\windows\system32\ImHttpComm.dll
2013-03-31 15:06 . 2012-08-30 16:30 39768 ----a-w- c:\windows\system32\drivers\avgtpx64.sys
2013-03-21 12:18 . 2012-04-07 04:35 693976 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-03-21 12:18 . 2011-06-12 04:40 73432 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-03-18 21:50 . 2013-04-07 10:41 9311288 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{46A4C8A1-CCAF-4E0F-A743-B31F4705DD1E}\mpengine.dll
2013-03-11 17:10 . 2010-03-22 13:36 282744 ------w- c:\windows\system32\MpSigStub.exe
2013-03-04 08:07 . 2012-11-13 06:36 829264 ----a-w- c:\windows\system32\msvcr100.dll
2013-03-04 08:07 . 2012-11-13 06:36 608080 ----a-w- c:\windows\system32\msvcp100.dll
2013-03-04 06:53 . 2010-03-22 12:51 72013344 ----a-w- c:\windows\system32\MRT.exe
2007-11-19 05:31 . 2009-09-24 05:49 3686400 ----a-w- c:\program files (x86)\Shortcut to IKEA Home Planner.lnk
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{336D0C35-8A85-403a-B9D2-65C292C39087}]
2013-01-29 06:29 170840 ----a-w- c:\program files\IB Updater\Extension32.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2009-09-10 13:41 120104 ----a-w- c:\program files (x86)\EgisTec\MyWinLocker 3\x86\PSDProtect.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"EgisTecLiveUpdate"="c:\program files (x86)\EgisTec Egis Software Update\EgisUpdate.exe" [2009-08-04 199464]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-12-19 41208]
"VitaKeyPdtWzd"="c:\program files (x86)\Acer Bio Protection\PdtWzd.exe" [2009-08-05 3567104]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2009-08-18 1157128]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]
"hpqSRMon"="c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528]
"ToolboxFX"="c:\program files (x86)\HP\ToolboxFX\bin\HPTLBXFX.exe" [2010-10-25 58936]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2010-06-09 49208]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-10-2 1082144]
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-9-20 270336]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~2\Citrix\ICACLI~1\RSHook.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer5"=wdmaud.drv
.
R2 HsfXAudioService;HsfXAudioService;c:\windows\system32\svchost.exe [2009-07-14 27136]
R2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2009-09-24 62720]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
R2 vToolbarUpdater15.0.0;vToolbarUpdater15.0.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.0.0\ToolbarUpdater.exe [2013-03-31 990896]
R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [2009-07-01 52264]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 35104]
R3 MWLService;MyWinLocker Service;c:\program files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [2009-09-10 305448]
R3 NETw5s64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETw5s64.sys [2009-10-05 6952960]
R3 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2009-06-18 50432]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2009-09-02 225280]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
R3 TurboBoost;TurboBoost;c:\program files\Intel\TurboBoost\TurboBoost.exe [2009-09-29 126392]
R4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys [x]
S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys [2011-02-23 18232]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys [2013-03-31 39768]
S1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\DRIVERS\ctxusbm.sys [2012-05-17 93272]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [2009-06-02 22576]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [2009-06-02 20016]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [2009-06-02 60464]
S2 ATService;AuthenTec Fingerprint Service;c:\program files (x86)\Fingerprint Sensor\AtService.exe [2009-06-30 1807608]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [2009-10-29 844320]
S2 Greg_Service;GRegService;c:\program files (x86)\Acer\Registration\GregHSRW.exe [2009-08-28 1150496]
S2 HP LaserJet Service;HP LaserJet Service;c:\program files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [2010-10-25 145920]
S2 IB Updater Updater;IB Updater Updater;c:\program files\IB Updater\ExtensionUpdaterService.exe [2013-01-29 188760]
S2 IBUpdaterService;IBUpdaterService;c:\windows\system32\dmwu.exe [2013-04-07 1455408]
S2 IGBASVC;EgisTec Service;c:\program files (x86)\Acer Bio Protection\BASVC.exe [2009-08-05 3449856]
S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2009-06-18 144640]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [2009-09-29 12728]
S2 UNS;Intel® Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2009-09-30 2320920]
S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2009-07-04 240160]
S3 ATSwpWDF;AuthenTec TruePrint USB WDF Driver;c:\windows\system32\Drivers\ATSwpWDF.sys [2009-06-30 734720]
S3 CAXHWAZL;CAXHWAZL;c:\windows\system32\DRIVERS\CAXHWAZL.sys [2009-02-12 292864]
S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [2009-10-25 151040]
S3 k57nd60a;Broadcom NetLink ™ Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [2009-06-07 317480]
S3 SjtWinIo;SJT I/O Driver;c:\windows\system32\DRIVERS\SjtWinIo.sys [2010-09-07 9216]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-04-11 13:04 1642448 ----a-w- c:\program files (x86)\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-04-17 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-07 12:18]
.
2013-04-13 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-147644820-3438000334-1850527856-1000Core.job
- c:\users\acer\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-12-07 16:23]
.
2013-04-17 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-147644820-3438000334-1850527856-1000UA.job
- c:\users\acer\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-12-07 16:23]
.
2013-04-17 c:\windows\Tasks\GlaryInitialize.job
- c:\program files (x86)\Glary Utilities\initialize.exe [2011-03-26 09:24]
.
2013-04-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-03-20 07:13]
.
2013-04-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-03-20 07:13]
.
2013-04-17 c:\windows\Tasks\SDMsgUpdate (TE).job
- c:\progra~2\SMARTD~1\Messages\SDNotify.exe [2011-03-30 17:29]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2009-09-10 13:44 137512 ----a-w- c:\program files (x86)\EgisTec\MyWinLocker 3\x64\PSDProtect.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-08-07 186904]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-10-13 8224800]
"Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2009-10-29 822816]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-10-31 16407656]
"PLFSetI"="c:\windows\PLFSetI.exe" [2008-07-29 200704]
"HP LaserJet Professional M1530 MFP Series Fax"="c:\program files (x86)\HP\Digital Imaging\Fax\Fax Driver 0.6 Base\hppfaxprintersrv.exe" [2010-08-24 3706424]
.
------- Supplementary Scan -------
.
uStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&m=aspire_4740&r=27360310q445l04e4z175t44j2d253
uLocal Page = c:\windows\system32\blank.htm
mDefault_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&m=aspire_4740&r=27360310q445l04e4z175t44j2d253
mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&m=aspire_4740&r=27360310q445l04e4z175t44j2d253
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{0AC9AC26-0800-4191-8EF5-53568EC336FA}: NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{0AC9AC26-0800-4191-8EF5-53568EC336FA}\14E64627F696461405: NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{0AC9AC26-0800-4191-8EF5-53568EC336FA}\3686567753531363: NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{0AC9AC26-0800-4191-8EF5-53568EC336FA}\37B6B6F6869383: NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{0AC9AC26-0800-4191-8EF5-53568EC336FA}\7596D264960225F657475627: NameServer = 8.8.8.8,8.8.4.4
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\15.0.0\ViProtocol.dll
DPF: {0F2AAAE3-7E9E-4B64-AB5D-1CA24C6ACB9C} - hxxp://pjhontlm.ijm.com/dwa85W.cab
DPF: {1FAF427B-1EE5-43D3-A023-3009142AFCD9} - hxxps://ost.maybank2u.com.my/MBBWecos/Cab/csoex_mbb.cab
DPF: {1FAF427B-1EE5-43D3-A023-3009142AFCE5} - hxxps://www.jupiteronline.com.my/jssbecos/control/csoex_jup.cab
DPF: {5BDBA960-6534-11D3-97C7-00500422B550} - hxxp://pjhontlm.ijm.com/download/dolcontrol.cab
DPF: {5EC2D418-1B2A-40E6-904C-CA8B7ADB3682} - hxxps://ost.maybank2u.com.my/MBBWecos/Cab/csta.cab
DPF: {B9B2EE1A-E314-4338-A305-BE845EACB113} - hxxps://www.jupiteronline.com.my/jssbecos/control2/csw25.cab
FF - ProfilePath - c:\users\acer\AppData\Roaming\Mozilla\Firefox\Profiles\uotyg8kr.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com.my/
FF - ExtSQL: 2013-02-28 21:52; {FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}; c:\program files\IB Updater\Firefox
FF - ExtSQL: 2013-03-31 23:07; [email protected]; c:\programdata\AVG Secure Search\FireFoxExt\15.0.0.2
FF - ExtSQL: !HIDDEN! 2011-11-03 23:45; [email protected]; c:\program files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF - user.js: extensions.incredibar_i.newTab - false
FF - user.js: extensions.incredibar_i.tlbrSrchUrl - hxxp://mystart.Incredibar.com/?a=6OyU2YRCSg&loc=IB_TB&i=26&search=
FF - user.js: extensions.incredibar_i.id - 9a60c0af0000000000000617c4e5f359
FF - user.js: extensions.incredibar_i.instlDay - 15657
FF - user.js: extensions.incredibar_i.vrsn - 1.5.11.14
FF - user.js: extensions.incredibar_i.vrsni - 1.5.11.14
FF - user.js: extensions.incredibar_i.vrsnTs - 1.5.11.1414:36
FF - user.js: extensions.incredibar_i.prtnrId - Incredibar
FF - user.js: extensions.incredibar_i.prdct - incredibar
FF - user.js: extensions.incredibar_i.aflt - orgnl
FF - user.js: extensions.incredibar_i.smplGrp - none
FF - user.js: extensions.incredibar_i.tlbrId - base
FF - user.js: extensions.incredibar_i.instlRef -
FF - user.js: extensions.incredibar_i.dfltLng -
FF - user.js: extensions.incredibar_i.excTlbr - false
FF - user.js: extensions.incredibar_i.ms_url_id -
FF - user.js: extensions.incredibar_i.upn2 - 6OyU2YRCSg
FF - user.js: extensions.incredibar_i.upn2n - 92262442998256532
FF - user.js: extensions.incredibar_i.productid - 26
FF - user.js: extensions.incredibar_i.installerproductid - 26
FF - user.js: extensions.incredibar_i.did - 10665
FF - user.js: extensions.incredibar_i.ppd -
.
- - - - ORPHANS REMOVED - - - -
.
BHO-{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} - c:\program files (x86)\Incredibar.com\incredibar\1.5.11.14\bh\incredibar.dll
BHO-{95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files (x86)\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll
Toolbar-Locked - (no file)
Toolbar-{95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files (x86)\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll
Toolbar-{F9639E4A-801B-4843-AEE3-03D9DA199E77} - c:\program files (x86)\Incredibar.com\incredibar\1.5.11.14\incredibarTlbr.dll
Wow6432Node-HKLM-Run-vProt - c:\program files (x86)\AVG Secure Search\vprot.exe
SafeBoot-mcmscsvc
SafeBoot-MCODS
Toolbar-Locked - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-incredibar - c:\program files (x86)\Incredibar.com\incredibar\1.5.11.14\uninstall.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_180_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_180_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Acer Bio Protection\CompPtcVUI.exe
c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
c:\windows\SysWOW64\jmdp\stij.exe
c:\program files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
c:\program files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
c:\program files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
.
**************************************************************************
.
Completion time: 2013-04-17 22:06:05 - machine was rebooted
ComboFix-quarantined-files.txt 2013-04-17 14:06
.
Pre-Run: 194,502,176,768 bytes free
Post-Run: 195,730,915,328 bytes free
.
- - End Of File - - 2F1F469247CB63509D07EE28E3AF12EB
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP