Please help with Chinese ad at lower right corner

**darbi101** · 2012-10-25, 12:56

Hello,

Please see logs I just ran below. Please note that prior to running these logs today I ran some other stuff on Oct 21 here:
http://forums.spybot.info/showthread.php?t=66939

Sorry for any complications caused. I appreciate your help very much!

DDS (Ver_2012-10-19.01) - NTFS_AMD64
Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_33
Run by Caroline at 18:41:03 on 2012-10-25
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1028.18.3767.2178 [GMT 8:00]
.
AV: Avira Desktop *Enabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Enabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\Sandboxie\SbieSvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\Program Files (x86)\Launch Manager\dsiwmis.exe
C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Acer\Acer Updater\UpdaterService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
C:\Program Files\Acer\Optical Drive Power Management\ODDPWR.exe
C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
C:\Windows\system32\igfxext.exe
C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Common Files\Steam\SteamService.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uDefault_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&m=aspire_5745g&r=27360311a516l0413z1m5v47i1348n
mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&m=aspire_5745g&r=27360311a516l0413z1m5v47i1348n
mDefault_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&m=aspire_5745g&r=27360311a516l0413z1m5v47i1348n
mSearchAssistant = hxxp://www.google.com
mWinlogon: Userinit = userinit.exe
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: McAfee Phishing Filter: {27B4851A-3207-45A2-B947-BE8AFE6163AB} -
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: {776B71E2-B4CC-4C94-BC7C-09103AA690B6} - <orphaned>
BHO: Windows Live ID ??????: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun: [SuiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
mRun: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
mRun: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
mRun: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
mRun: [BackupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
mRun: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
mRun: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
mRun: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [AdobeCS4ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000
IE: Google ????... - <no file>
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105
IE: ????? Bluetooth ??(&B)... - <no file>
IE: ????? Bluetooth ??(&B)... - <no file>
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
LSP: C:\Windows\System32\ASProxy.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{1A5A52B6-E385-48D0-97E7-D8B16808964F} : DHCPNameServer = 5.5.0.1
TCP: Interfaces\{55665180-9FA2-4524-AD96-AA2B44A2B501} : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{F624C962-EE0B-4142-8B3F-7A98B3646F48} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{F624C962-EE0B-4142-8B3F-7A98B3646F48}\2656C6B696E6534376 : DHCPNameServer = 172.16.212.254
TCP: Interfaces\{F624C962-EE0B-4142-8B3F-7A98B3646F48}\3454942435D2149627 : DHCPNameServer = 172.16.0.14 172.16.0.11
TCP: Interfaces\{F624C962-EE0B-4142-8B3F-7A98B3646F48}\47B63336 : DHCPNameServer = 202.145.138.200 168.95.1.1
TCP: Interfaces\{F624C962-EE0B-4142-8B3F-7A98B3646F48}\5413230353 : DHCPNameServer = 192.168.2.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg pku2u livessp
x64-mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&m=aspire_5745g&r=27360311a516l0413z1m5v47i1348n
x64-mDefault_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&m=aspire_5745g&r=27360311a516l0413z1m5v47i1348n
x64-BHO: McAfee Phishing Filter: {27B4851A-3207-45A2-B947-BE8AFE6163AB} -
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE3
x64-Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
x64-Run: [ODDPwr] "C:\Program Files\Acer\Optical Drive Power Management\ODDPwr.exe"
x64-Run: [mwlDaemon] C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [Acer ePower Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Caroline\AppData\Roaming\Mozilla\Firefox\Profiles\kfox4hvu.default\
FF - prefs.js: browser.startup.homepage - www.google.com
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?hl=en&q=
FF - prefs.js: network.proxy.type - 0
FF - plugin: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Caroline\AppData\Roaming\Mozilla\Firefox\Profiles\kfox4hvu.default\extensions\DeviceDetection@logitech.com\plugins\npLogitechDeviceDetection.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll
FF - plugin: C:\Windows\SysWOW64\npdeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
.
============= SERVICES / DRIVERS ===============
.
R1 avkmgr;avkmgr;C:\Windows\System32\drivers\avkmgr.sys [2012-4-2 27760]
R1 mwlPSDFilter;mwlPSDFilter;C:\Windows\System32\drivers\mwlPSDFilter.sys [2009-6-3 22576]
R1 mwlPSDNServ;mwlPSDNServ;C:\Windows\System32\drivers\mwlPSDNserv.sys [2009-6-3 20016]
R1 mwlPSDVDisk;mwlPSDVDisk;C:\Windows\System32\drivers\mwlPSDVDisk.sys [2009-6-3 60464]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\System32\drivers\vwififlt.sys [2009-7-14 59904]
R2 AntiVirSchedulerService;Avira Scheduler;C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2012-4-2 86224]
R2 AntiVirService;Avira Realtime Protection;C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2012-4-2 110032]
R2 avgntflt;avgntflt;C:\Windows\System32\drivers\avgntflt.sys [2012-4-2 98848]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]
R2 DsiWMIService;Dritek WMI Service;C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2010-7-26 321104]
R2 ePowerSvc;Acer ePower Service;C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2011-2-27 868896]
R2 GREGService;GREGService;C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2010-1-8 23584]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-7-26 13336]
R2 NOBU;Norton Online Backup;C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2010-6-2 2804568]
R2 NTI IScheduleSvc;NTI IScheduleSvc;C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2010-6-29 255744]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2010-4-17 144640]
R2 ODDPwrSvc;Acer ODD Power Service;C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe [2010-7-26 171040]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]
R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\System32\drivers\TurboB.sys [2009-11-2 13784]
R2 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-2-27 2320920]
R2 Updater Service;Updater Service;C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2010-7-26 243232]
R3 asvpndrv;Astrill SSL VPN Adapter;C:\Windows\System32\drivers\asvpndrv.sys [2012-10-20 31744]
R3 btwampfl;Bluetooth AMP USB Filter;C:\Windows\System32\drivers\btwampfl.sys [2011-2-27 342056]
R3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2011-2-27 39464]
R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2010-7-26 56344]
R3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2010-7-26 158976]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\Windows\System32\drivers\L1C62x64.sys [2010-7-26 76400]
R3 SbieDrv;SbieDrv;C:\Program Files\Sandboxie\SbieDrv.sys [2011-6-17 154752]
R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2011-10-1 764264]
R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2011-10-1 268648]
R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2011-10-1 25960]
R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2011-10-1 22376]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\System32\drivers\vwifimp.sys [2009-7-14 17920]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-2 250808]
S3 AmUStor;AM USB Stroage Driver;C:\Windows\System32\drivers\AmUStor.sys [2010-6-10 40448]
S3 ASOVPNHelper;Astrill OpenVPN Service;C:\Program Files (x86)\Astrill\ASOvpnSvc.exe [2011-7-21 434928]
S3 ASProxy;ASProxy;C:\Program Files (x86)\Astrill\ASProxy.exe [2011-7-21 1897384]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-3-26 1038088]
S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-10-20 129976]
S3 MWLService;MyWinLocker Service;C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [2010-5-27 305520]
S3 NTIBackupSvc;NTI Backup Now 5 Backup Service;C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2010-4-17 50432]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 TurboBoost;TurboBoost;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2009-11-2 126352]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2011-5-10 51712]
.
=============== File Associations ===============
.
FileExt: .scr: AutoCADScriptFile=C:\Windows\System32\notepad.exe "%1"
FileExt: .txt: Applications\iexplore.exe="C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 [UserChoice]
.
=============== Created Last 30 ================
.
2012-10-22 03:47:03 -------- d-----w- C:\ProgramData\boost_interprocess
2012-10-21 02:30:14 -------- d-----w- C:\Windows\pss
2012-10-20 04:47:45 -------- d-----w- C:\Users\Caroline\AppData\Local\Macromedia
2012-10-20 04:35:00 -------- d-----w- C:\Program Files (x86)\Mozilla Maintenance Service
2012-10-20 04:34:55 626688 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcr80.dll
2012-10-20 04:34:55 588728 ----a-w- C:\Program Files (x86)\Mozilla Firefox\gkmedias.dll
2012-10-20 04:34:55 548864 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcp80.dll
2012-10-20 04:34:55 479232 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcm80.dll
2012-10-20 04:34:55 43960 ----a-w- C:\Program Files (x86)\Mozilla Firefox\mozglue.dll
2012-10-20 04:34:55 157352 ----a-w- C:\Program Files (x86)\Mozilla Firefox\maintenanceservice_installer.exe
2012-10-20 04:34:55 129976 ----a-w- C:\Program Files (x86)\Mozilla Firefox\maintenanceservice.exe
2012-10-20 04:31:13 31744 ----a-w- C:\Windows\System32\drivers\asvpndrv.sys
.
==================== Find3M ====================
.
2012-10-18 06:18:35 73656 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-10-18 06:18:35 696760 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-10-18 06:18:31 10220472 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe
2012-08-27 12:40:28 462760 ----a-w- C:\Windows\System32\ASProxy64.dll
2012-08-27 12:40:26 350632 ----a-w- C:\Windows\SysWow64\ASProxy.dll
.
============= FINISH: 18:41:38.18 ===============

aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-10-25 18:54:12
-----------------------------
18:54:12.535 OS Version: Windows x64 6.1.7600
18:54:12.535 Number of processors: 4 586 0x2505
18:54:12.535 ComputerName: CAROLINE-PC UserName: Caroline
18:54:14.797 Initialize success
18:54:59.367 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
18:54:59.367 Disk 0 Vendor: TOSHIBA_ GN00 Size: 715404MB BusType: 3
18:54:59.383 Disk 0 MBR read successfully
18:54:59.398 Disk 0 MBR scan
18:54:59.398 Disk 0 Windows 7 default MBR code
18:54:59.398 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 13312 MB offset 2048
18:54:59.414 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 27265024
18:54:59.414 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 345600 MB offset 27469824
18:54:59.445 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 356390 MB offset 735258624
18:54:59.461 Disk 0 scanning C:\Windows\system32\drivers
18:55:05.857 Service scanning
18:55:33.625 Modules scanning
18:55:33.625 Disk 0 trace - called modules:
18:55:33.656 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
18:55:34.171 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8005267060]
18:55:34.171 3 CLASSPNP.SYS[fffff88001acd43f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004fc9050]
18:55:34.171 Scan finished successfully
18:56:02.313 Disk 0 MBR has been saved successfully to "C:\Users\Caroline\Desktop\Malware\MBR.dat"
18:56:02.313 The log file has been saved successfully to "C:\Users\Caroline\Desktop\Malware\aswMBR.txt"

**shelf life** · 2012-11-04, 15:53

hi darbi101,

We will get a download to use, its called combofix. Please read through the directions page then apply the directions on your own machine. Post the combofix log in your reply:

Guide to using Combofix

**darbi101** · 2012-11-05, 16:35

Please see combofix log below. Firefox stopped working after combofix, it says server not found, but IE is working. Thanks!

ComboFix 12-11-05.01 - Caroline 11/05/2012 23:18:48.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1028.18.3767.2414 [GMT 8:00]
Running from: c:\users\Caroline\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\FullRemove.exe
.
.
((((((((((((((((((((((((( Files Created from 2012-10-05 to 2012-11-05 )))))))))))))))))))))))))))))))
.
.
2012-11-05 15:23 . 2012-11-05 15:23 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-10-25 10:53 . 2012-10-25 10:53 -------- d-----w- c:\program files (x86)\Common Files\Java
2012-10-25 10:38 . 2012-10-25 10:38 -------- d-----w- c:\program files (x86)\ERUNT
2012-10-22 03:47 . 2012-11-01 13:48 -------- d-----w- c:\programdata\boost_interprocess
2012-10-20 04:47 . 2012-10-20 04:47 -------- d-----w- c:\users\Caroline\AppData\Local\Macromedia
2012-10-20 04:35 . 2012-10-20 04:35 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
2012-10-20 04:34 . 2012-10-20 04:34 588728 ----a-w- c:\program files (x86)\Mozilla Firefox\gkmedias.dll
2012-10-20 04:34 . 2012-10-20 04:34 626688 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcr80.dll
2012-10-20 04:34 . 2012-10-20 04:34 548864 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcp80.dll
2012-10-20 04:34 . 2012-10-20 04:34 479232 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcm80.dll
2012-10-20 04:34 . 2012-10-20 04:34 43960 ----a-w- c:\program files (x86)\Mozilla Firefox\mozglue.dll
2012-10-20 04:34 . 2012-10-20 04:34 157352 ----a-w- c:\program files (x86)\Mozilla Firefox\maintenanceservice_installer.exe
2012-10-20 04:34 . 2012-10-20 04:34 129976 ----a-w- c:\program files (x86)\Mozilla Firefox\maintenanceservice.exe
2012-10-20 04:31 . 2012-02-29 14:46 31744 ----a-w- c:\windows\system32\drivers\asvpndrv.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-10-18 06:18 . 2012-04-02 04:57 696760 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-10-18 06:18 . 2011-08-25 13:31 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-10-18 06:18 . 2012-04-02 05:40 10220472 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2012-09-24 07:32 . 2012-06-17 01:44 477168 ----a-w- c:\windows\SysWow64\npdeployJava1.dll
2012-09-24 07:32 . 2011-05-30 06:34 473072 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-08-27 12:40 . 2011-07-21 08:47 462760 ----a-w- c:\windows\system32\ASProxy64.dll
2012-08-27 12:40 . 2011-07-21 08:47 350632 ----a-w- c:\windows\SysWow64\ASProxy.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Caroline\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Caroline\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Caroline\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2010-05-27 02:40 120176 ----a-w- c:\program files (x86)\EgisTec MyWinLocker\x86\PSDProtect.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-03-04 284696]
"SuiteTray"="c:\program files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [2010-05-27 337264]
"EgisUpdate"="c:\program files (x86)\EgisTec IPS\EgisUpdate.exe" [2010-03-11 201584]
"EgisTecPMMUpdate"="c:\program files (x86)\EgisTec IPS\PmmUpdate.exe" [2010-03-11 407920]
"Norton Online Backup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2010-06-01 1155928]
"BackupManagerTray"="c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" [2010-06-28 265984]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2010-06-22 968272]
"VirtualCloneDrive"="c:\program files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2011-03-07 89456]
"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2010-06-09 49208]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2012-10-18 348664]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-28 35696]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-09-17 254896]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2010-6-25 1129760]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [x]
R1 ProtectorA;ProtectorA;syswow64\drivers\ProtectorA.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-02-03 2320920]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [2010-06-10 40448]
R3 ASOVPNHelper;Astrill OpenVPN Service;c:\program files (x86)\Astrill\ASOvpnSvc.exe [2012-05-25 434928]
R3 ASProxy;ASProxy;c:\program files (x86)\Astrill\ASProxy.exe [2012-08-27 1897384]
R3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys [2010-06-25 342056]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2010-06-25 39464]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-03-26 1038088]
R3 MWLService;MyWinLocker Service;c:\program files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [2010-05-27 305520]
R3 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2010-04-17 50432]
R3 TurboBoost;TurboBoost;c:\program files\Intel\TurboBoost\TurboBoost.exe [2009-11-02 126352]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2011-05-10 51712]
R3 WatAdminSvc;Windows ??????;c:\windows\system32\Wat\WatAdminSvc.exe [2011-03-26 1255736]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2011-09-16 27760]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [2009-06-03 22576]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [2009-06-03 20016]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [2009-06-03 60464]
S2 AntiVirSchedulerService;Avira Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2012-06-17 86224]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe [2010-06-22 321104]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [2010-06-11 868896]
S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe [2010-01-08 23584]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-04 13336]
S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2010-06-28 255744]
S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2010-04-17 144640]
S2 ODDPwrSvc;Acer ODD Power Service;c:\program files\Acer\Optical Drive Power Management\ODDPWRSvc.exe [2010-04-22 171040]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [2009-11-02 13784]
S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2010-01-28 243232]
S3 asvpndrv;Astrill SSL VPN Adapter;c:\windows\system32\DRIVERS\asvpndrv.sys [2012-02-29 31744]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [2010-02-26 158976]
S3 IntcDAud;Intel(R) ?????;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-02-02 271872]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [2010-05-20 76400]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
.
.
Contents of the 'Scheduled Tasks' folder
.
2012-11-05 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-02 06:18]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Caroline\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Caroline\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Caroline\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Caroline\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2010-05-27 02:42 137584 ----a-w- c:\program files (x86)\EgisTec MyWinLocker\x64\PSDProtect.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-06-22 10920552]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-06-22 2098792]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2010-06-10 324608]
"ODDPwr"="c:\program files\Acer\Optical Drive Power Management\ODDPwr.exe" [2010-04-22 223264]
"mwlDaemon"="c:\program files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe" [2010-05-27 349552]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-06-22 161304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-06-22 386584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-06-22 413208]
"Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2010-06-11 861216]
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
uLocal Page = c:\windows\system32\blank.htm
mDefault_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&m=aspire_5745g&r=27360311a516l0413z1m5v47i1348n
mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&m=aspire_5745g&r=27360311a516l0413z1m5v47i1348n
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
mSearchAssistant = hxxp://www.google.com
IE: Append Link Target to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office14\EXCEL.EXE/3000
IE: Google ????... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
IE: Se&nd to OneNote - c:\progra~2\MICROS~2\Office14\ONBttnIE.dll/105
IE: ????? Bluetooth ??(&B)... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: ????? Bluetooth ??(&B)... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\Caroline\AppData\Roaming\Mozilla\Firefox\Profiles\kfox4hvu.default\
FF - prefs.js: browser.startup.homepage - www.google.com
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?hl=en&q=
FF - prefs.js: network.proxy.type - 0
FF - ExtSQL: 2012-10-25 18:53; {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}; c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
Toolbar-Locked - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-2744286438-2921205913-321846194-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (S-1-5-21-2744286438-2921205913-321846194-1001)
@Denied: (2) (LocalSystem)
"Progid"="ThunderbirdEML"
.
[HKEY_USERS\S-1-5-21-2744286438-2921205913-321846194-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Print\Forms\wQjd|„v *4*x*6* *:\ø[!qŠFh]
"FormKeyword"=hex:48,50,5f,42,4f,52,44,45,52,4c,45,53,53,5f,50,48,4f,54,4f,5f,
34,5f,58,5f,36,5f,49,4e,5f,57,54,3a,48,50,00
"ResourceNameID"="@hpzstwn7.dll,3396"
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\windows\SysWOW64\RunDll32.exe
c:\program files (x86)\Launch Manager\LMworker.exe
.
**************************************************************************
.
Completion time: 2012-11-05 23:28:39 - machine was rebooted
ComboFix-quarantined-files.txt 2012-11-05 15:28
.
Pre-Run: 293,636,284,416 bytes free
Post-Run: 293,695,229,952 bytes free
.
- - End Of File - - DB9865A7CD1BBE0011749CCFCF8E1A6C

**shelf life** · 2012-11-05, 23:24

Firefox stopped working after combofix

did you have FF set up to use a proxy? (Astrill\ASProxy.exe)
Do you see ads in both FireFox and IE, or just one of them?

One more download to get. Its called Tdsskiller:

Download
TDSSkiller.exe to your desktop

Click the icon, then on Change Parameters. Check the option: Detect TDLFS file system, then click ok and Start Scan

Once the scan is done you will find a .txt file in your root drive Local Disk (C) labeled as: TDSSKILLER.2.8.13.0_15.10.2012_17.34.06_log.txt (version,date time)

Please copy/paste the log file in your reply.

**darbi101** · 2012-11-09, 17:24

Please see the following for TDSSkiller log. I also attached images of an error that popped up when I started windows, and another image of an error when I started steam.

I do have astrill set up on my computer. While I use only FF as my browser, I don't know if IE has the same ad popping up because the ads don't always pop up in FF, only occassionally. Since my FF isn't working and I have been using IE for the past 5 min, no ads had popped up yet.

00:14:31.0228 0920 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
00:14:31.0228 0920 ============================================================
00:14:31.0228 0920 Current date / time: 2012/11/10 00:14:31.0228
00:14:31.0228 0920 SystemInfo:
00:14:31.0228 0920
00:14:31.0228 0920 OS Version: 6.1.7600 ServicePack: 0.0
00:14:31.0228 0920 Product type: Workstation
00:14:31.0228 0920 ComputerName: CAROLINE-PC
00:14:31.0228 0920 UserName: Caroline
00:14:31.0228 0920 Windows directory: C:\Windows
00:14:31.0228 0920 System windows directory: C:\Windows
00:14:31.0228 0920 Running under WOW64
00:14:31.0228 0920 Processor architecture: Intel x64
00:14:31.0228 0920 Number of processors: 4
00:14:31.0228 0920 Page size: 0x1000
00:14:31.0228 0920 Boot type: Normal boot
00:14:31.0228 0920 ============================================================
00:14:31.0821 0920 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
00:14:31.0821 0920 ============================================================
00:14:31.0821 0920 \Device\Harddisk0\DR0:
00:14:31.0821 0920 MBR partitions:
00:14:31.0821 0920 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1A00800, BlocksNum 0x32000
00:14:31.0821 0920 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1A32800, BlocksNum 0x2A300000
00:14:31.0821 0920 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x2BD32800, BlocksNum 0x2B813000
00:14:31.0821 0920 ============================================================
00:14:31.0837 0920 C: <-> \Device\Harddisk0\DR0\Partition2
00:14:31.0930 0920 D: <-> \Device\Harddisk0\DR0\Partition3
00:14:31.0946 0920 ============================================================
00:14:31.0946 0920 Initialize success
00:14:31.0946 0920 ============================================================
00:14:50.0993 5376 ============================================================
00:14:50.0993 5376 Scan started
00:14:50.0993 5376 Mode: Manual; TDLFS;
00:14:50.0993 5376 ============================================================
00:14:51.0212 5376 ================ Scan system memory ========================
00:14:51.0212 5376 System memory - ok
00:14:51.0212 5376 ================ Scan services =============================
00:14:51.0399 5376 [ 1B00662092F9F9568B995902F0CC40D5 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
00:14:51.0415 5376 1394ohci - ok
00:14:51.0430 5376 [ 6F11E88748CDEFD2F76AA215F97DDFE5 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
00:14:51.0446 5376 ACPI - ok
00:14:51.0461 5376 [ 63B05A0420CE4BF0E4AF6DCC7CADA254 ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
00:14:51.0477 5376 AcpiPmi - ok
00:14:51.0524 5376 [ 2F0683FD2DF1D92E891CACA14B45A8C1 ] adfs C:\Windows\system32\drivers\adfs.sys
00:14:51.0539 5376 adfs - ok
00:14:51.0695 5376 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
00:14:51.0695 5376 AdobeFlashPlayerUpdateSvc - ok
00:14:51.0742 5376 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
00:14:51.0758 5376 adp94xx - ok
00:14:51.0789 5376 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
00:14:51.0789 5376 adpahci - ok
00:14:51.0820 5376 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
00:14:51.0836 5376 adpu320 - ok
00:14:51.0867 5376 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
00:14:51.0867 5376 AeLookupSvc - ok
00:14:51.0914 5376 [ DB9D6C6B2CD95A9CA414D045B627422E ] AFD C:\Windows\system32\drivers\afd.sys
00:14:51.0929 5376 AFD - ok
00:14:51.0961 5376 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
00:14:51.0961 5376 agp440 - ok
00:14:51.0992 5376 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
00:14:51.0992 5376 ALG - ok
00:14:52.0023 5376 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
00:14:52.0039 5376 aliide - ok
00:14:52.0039 5376 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\DRIVERS\amdide.sys
00:14:52.0039 5376 amdide - ok
00:14:52.0085 5376 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
00:14:52.0085 5376 AmdK8 - ok
00:14:52.0101 5376 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
00:14:52.0117 5376 AmdPPM - ok
00:14:52.0163 5376 [ EC7EBAB00A4D8448BAB68D1E49B4BEB9 ] amdsata C:\Windows\system32\drivers\amdsata.sys
00:14:52.0163 5376 amdsata - ok
00:14:52.0179 5376 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
00:14:52.0195 5376 amdsbs - ok
00:14:52.0210 5376 [ DB27766102C7BF7E95140A2AA81D042E ] amdxata C:\Windows\system32\drivers\amdxata.sys
00:14:52.0210 5376 amdxata - ok
00:14:52.0226 5376 [ 391887990CDAA83DE5C56C3FDE966DA1 ] AmUStor C:\Windows\system32\drivers\AmUStor.SYS
00:14:52.0241 5376 AmUStor - ok
00:14:52.0351 5376 [ 0A1CC583E8147004E4AD4625D7FBF88C ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
00:14:52.0351 5376 AntiVirSchedulerService - ok
00:14:52.0397 5376 [ C9A36EF935ACED86AEDF93E97E606911 ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
00:14:52.0397 5376 AntiVirService - ok
00:14:52.0444 5376 [ 42FD751B27FA0E9C69BB39F39E409594 ] AppID C:\Windows\system32\drivers\appid.sys
00:14:52.0444 5376 AppID - ok
00:14:52.0475 5376 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
00:14:52.0475 5376 AppIDSvc - ok
00:14:52.0491 5376 [ D065BE66822847B7F127D1F90158376E ] Appinfo C:\Windows\System32\appinfo.dll
00:14:52.0507 5376 Appinfo - ok
00:14:52.0585 5376 [ 20F6F19FE9E753F2780DC2FA083AD597 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
00:14:52.0585 5376 Apple Mobile Device - ok
00:14:52.0631 5376 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
00:14:52.0631 5376 arc - ok
00:14:52.0647 5376 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
00:14:52.0663 5376 arcsas - ok
00:14:52.0725 5376 [ 54AB80D7F53E0C228A3F0FDB167DC83E ] ASOVPNHelper C:\Program Files (x86)\Astrill\ASOvpnSvc.exe
00:14:52.0741 5376 ASOVPNHelper - ok
00:14:52.0803 5376 [ B999348422E23247119D08B2E7DF6179 ] ASProxy C:\Program Files (x86)\Astrill\ASProxy.exe
00:14:52.0834 5376 ASProxy - ok
00:14:52.0881 5376 [ 28ACE90CB457888AB4C664E4B0AA950D ] asvpndrv C:\Windows\system32\DRIVERS\asvpndrv.sys
00:14:52.0881 5376 asvpndrv - ok
00:14:52.0912 5376 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
00:14:52.0912 5376 AsyncMac - ok
00:14:52.0959 5376 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\DRIVERS\atapi.sys
00:14:52.0959 5376 atapi - ok
00:14:53.0006 5376 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
00:14:53.0006 5376 AudioEndpointBuilder - ok
00:14:53.0006 5376 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioSrv C:\Windows\System32\Audiosrv.dll
00:14:53.0021 5376 AudioSrv - ok
00:14:53.0068 5376 [ 26E38B5A58C6C55FAFBC563EEDDB0867 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
00:14:53.0084 5376 avgntflt - ok
00:14:53.0115 5376 [ 9D1F00BEFF84CBBF46D7F052BC7E0565 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
00:14:53.0115 5376 avipbb - ok
00:14:53.0131 5376 [ 248DB59FC86DE44D2779F4C7FB1A567D ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
00:14:53.0146 5376 avkmgr - ok
00:14:53.0177 5376 [ B20B5FA5CA050E9926E4D1DB81501B32 ] AxInstSV C:\Windows\System32\AxInstSV.dll
00:14:53.0177 5376 AxInstSV - ok
00:14:53.0224 5376 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
00:14:53.0240 5376 b06bdrv - ok
00:14:53.0255 5376 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
00:14:53.0271 5376 b57nd60a - ok
00:14:53.0365 5376 [ 2D659B569A76CDB83B815675A80D7096 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
00:14:53.0380 5376 BCM43XX - ok
00:14:53.0411 5376 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
00:14:53.0427 5376 BDESVC - ok
00:14:53.0458 5376 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
00:14:53.0458 5376 Beep - ok
00:14:53.0505 5376 [ 4992C609A6315671463E30F6512BC022 ] BFE C:\Windows\System32\bfe.dll
00:14:53.0521 5376 BFE - ok
00:14:53.0567 5376 [ 7F0C323FE3DA28AA4AA1BDA3F575707F ] BITS C:\Windows\system32\qmgr.dll
00:14:53.0567 5376 BITS - ok
00:14:53.0599 5376 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
00:14:53.0599 5376 blbdrive - ok
00:14:53.0661 5376 [ F2060A34C8A75BC24A9222EB4F8C07BD ] Bonjour Service C:\Program Files (x86)\Bonjour\mDNSResponder.exe
00:14:53.0661 5376 Bonjour Service - ok
00:14:53.0723 5376 [ 19D20159708E152267E53B66677A4995 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
00:14:53.0723 5376 bowser - ok
00:14:53.0755 5376 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
00:14:53.0755 5376 BrFiltLo - ok
00:14:53.0770 5376 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
00:14:53.0770 5376 BrFiltUp - ok
00:14:53.0817 5376 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
00:14:53.0817 5376 BridgeMP - ok
00:14:53.0848 5376 [ 94FBC06F294D58D02361918418F996E3 ] Browser C:\Windows\System32\browser.dll
00:14:53.0864 5376 Browser - ok
00:14:53.0879 5376 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
00:14:53.0895 5376 Brserid - ok
00:14:53.0911 5376 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
00:14:53.0911 5376 BrSerWdm - ok
00:14:53.0926 5376 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
00:14:53.0926 5376 BrUsbMdm - ok
00:14:53.0926 5376 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
00:14:53.0926 5376 BrUsbSer - ok
00:14:53.0973 5376 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
00:14:53.0973 5376 BthEnum - ok
00:14:54.0004 5376 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
00:14:54.0004 5376 BTHMODEM - ok
00:14:54.0035 5376 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
00:14:54.0051 5376 BthPan - ok
00:14:54.0082 5376 [ 21084CEB85280468C9ACA3C805C0F8CF ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
00:14:54.0098 5376 BTHPORT - ok
00:14:54.0129 5376 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
00:14:54.0129 5376 bthserv - ok
00:14:54.0176 5376 [ 8504842634DD144C075B6B0C982CCEC4 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
00:14:54.0176 5376 BTHUSB - ok
00:14:54.0223 5376 [ 73A1C54749FE4F0019241E36C796AB86 ] btwampfl C:\Windows\system32\drivers\btwampfl.sys
00:14:54.0223 5376 btwampfl - ok
00:14:54.0254 5376 [ 1872074ED0A3FB22E3F1E3197B984BFA ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
00:14:54.0254 5376 btwaudio - ok
00:14:54.0301 5376 [ 691CF076C33AB1C3A5B2FD5450300733 ] btwavdt C:\Windows\system32\DRIVERS\btwavdt.sys
00:14:54.0301 5376 btwavdt - ok
00:14:54.0379 5376 [ 4E6AC6475EF653BDFFDA67A74B9591D8 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
00:14:54.0379 5376 btwdins - ok
00:14:54.0410 5376 [ 07096D2BC22CCB6CEA5A532DF0BE8A75 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
00:14:54.0410 5376 btwl2cap - ok
00:14:54.0441 5376 [ C9273B20DEC8CE38DBCE5D29DE63C907 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
00:14:54.0441 5376 btwrchid - ok
00:14:54.0472 5376 catchme - ok
00:14:54.0503 5376 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
00:14:54.0503 5376 cdfs - ok
00:14:54.0550 5376 [ 83D2D75E1EFB81B3450C18131443F7DB ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
00:14:54.0566 5376 cdrom - ok
00:14:54.0597 5376 [ 312E2F82AF11E79906898AC3E3D58A1F ] CertPropSvc C:\Windows\System32\certprop.dll
00:14:54.0597 5376 CertPropSvc - ok
00:14:54.0613 5376 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
00:14:54.0628 5376 circlass - ok
00:14:54.0659 5376 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
00:14:54.0675 5376 CLFS - ok
00:14:54.0753 5376 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
00:14:54.0753 5376 clr_optimization_v2.0.50727_32 - ok
00:14:54.0800 5376 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
00:14:54.0800 5376 clr_optimization_v2.0.50727_64 - ok
00:14:54.0862 5376 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
00:14:54.0893 5376 clr_optimization_v4.0.30319_32 - ok
00:14:54.0925 5376 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
00:14:54.0925 5376 clr_optimization_v4.0.30319_64 - ok
00:14:54.0956 5376 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
00:14:54.0956 5376 CmBatt - ok
00:14:54.0971 5376 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys
00:14:54.0971 5376 cmdide - ok
00:14:55.0018 5376 [ 937BEB186A735ACA91D717044A49D17E ] CNG C:\Windows\system32\Drivers\cng.sys
00:14:55.0034 5376 CNG - ok
00:14:55.0065 5376 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
00:14:55.0081 5376 Compbatt - ok
00:14:55.0112 5376 [ F26B3A86F6FA87CA360B879581AB4123 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
00:14:55.0112 5376 CompositeBus - ok
00:14:55.0127 5376 COMSysApp - ok
00:14:55.0143 5376 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
00:14:55.0143 5376 crcdisk - ok
00:14:55.0174 5376 [ 8C57411B66282C01533CB776F98AD384 ] CryptSvc C:\Windows\system32\cryptsvc.dll
00:14:55.0190 5376 CryptSvc - ok
00:14:55.0283 5376 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
00:14:55.0283 5376 cvhsvc - ok
00:14:55.0330 5376 [ 7266972E86890E2B30C0C322E906B027 ] DcomLaunch C:\Windows\system32\rpcss.dll
00:14:55.0346 5376 DcomLaunch - ok
00:14:55.0377 5376 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
00:14:55.0393 5376 defragsvc - ok
00:14:55.0408 5376 [ 9C253CE7311CA60FC11C774692A13208 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
00:14:55.0424 5376 DfsC - ok
00:14:55.0455 5376 [ CE3B9562D997F69B330D181A8875960F ] Dhcp C:\Windows\system32\dhcpcore.dll
00:14:55.0455 5376 Dhcp - ok
00:14:55.0486 5376 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
00:14:55.0502 5376 discache - ok
00:14:55.0533 5376 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
00:14:55.0533 5376 Disk - ok
00:14:55.0564 5376 [ 85CF424C74A1D5EC33533E1DBFF9920A ] Dnscache C:\Windows\System32\dnsrslvr.dll
00:14:55.0564 5376 Dnscache - ok
00:14:55.0580 5376 [ 14452ACDB09B70964C8C21BF80A13ACB ] dot3svc C:\Windows\System32\dot3svc.dll
00:14:55.0595 5376 dot3svc - ok
00:14:55.0611 5376 [ 8C2BA6BEA949EE6E68385F5692BAFB94 ] DPS C:\Windows\system32\dps.dll
00:14:55.0611 5376 DPS - ok
00:14:55.0642 5376 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
00:14:55.0642 5376 drmkaud - ok
00:14:55.0720 5376 [ 1FCA854CEDFC2CCD0C22E46EA4EA18F1 ] DsiWMIService C:\Program Files (x86)\Launch Manager\dsiwmis.exe
00:14:55.0720 5376 DsiWMIService - ok
00:14:55.0751 5376 [ EBCE0B0924835F635F620D19F0529DCE ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
00:14:55.0767 5376 DXGKrnl - ok
00:14:55.0798 5376 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
00:14:55.0798 5376 EapHost - ok
00:14:55.0876 5376 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
00:14:55.0907 5376 ebdrv - ok
00:14:55.0954 5376 [ 156F6159457D0AA7E59B62681B56EB90 ] EFS C:\Windows\System32\lsass.exe
00:14:55.0954 5376 EFS - ok
00:14:56.0017 5376 [ 47C071994C3F649F23D9CD075AC9304A ] ehRecvr C:\Windows\ehome\ehRecvr.exe
00:14:56.0032 5376 ehRecvr - ok
00:14:56.0063 5376 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
00:14:56.0063 5376 ehSched - ok
00:14:56.0110 5376 [ A05FC7ECA0966EBB70E4D17B855A853B ] ElbyCDIO C:\Windows\system32\Drivers\ElbyCDIO.sys
00:14:56.0110 5376 ElbyCDIO - ok
00:14:56.0157 5376 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
00:14:56.0173 5376 elxstor - ok
00:14:56.0235 5376 [ 3EA2C4F68A782839D97B3C83595575B6 ] ePowerSvc C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
00:14:56.0235 5376 ePowerSvc - ok
00:14:56.0251 5376 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys
00:14:56.0266 5376 ErrDev - ok
00:14:56.0297 5376 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
00:14:56.0313 5376 EventSystem - ok
00:14:56.0344 5376 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
00:14:56.0344 5376 exfat - ok
00:14:56.0360 5376 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
00:14:56.0375 5376 fastfat - ok
00:14:56.0422 5376 [ D607B2F1BEE3992AA6C2C92C0A2F0855 ] Fax C:\Windows\system32\fxssvc.exe
00:14:56.0422 5376 Fax - ok
00:14:56.0469 5376 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
00:14:56.0469 5376 fdc - ok
00:14:56.0485 5376 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
00:14:56.0485 5376 fdPHost - ok
00:14:56.0500 5376 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
00:14:56.0500 5376 FDResPub - ok
00:14:56.0531 5376 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
00:14:56.0531 5376 FileInfo - ok
00:14:56.0547 5376 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
00:14:56.0563 5376 Filetrace - ok
00:14:56.0609 5376 [ 1C3FB052A0BB72EDAED90785C34D6EED ] FLEXnet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
00:14:56.0625 5376 FLEXnet Licensing Service 64 - ok
00:14:56.0672 5376 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
00:14:56.0672 5376 flpydisk - ok
00:14:56.0687 5376 [ F7866AF72ABBAF84B1FA5AA195378C59 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
00:14:56.0687 5376 FltMgr - ok
00:14:56.0734 5376 [ 8AC4CB4EA61E41009FAE9AE7B2B5DA3A ] FontCache C:\Windows\system32\FntCache.dll
00:14:56.0734 5376 FontCache - ok
00:14:56.0781 5376 [ 8D89E3131C27FDD6932189CB785E1B7A ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
00:14:56.0797 5376 FontCache3.0.0.0 - ok
00:14:56.0812 5376 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
00:14:56.0828 5376 FsDepends - ok
00:14:56.0828 5376 [ E95EF8547DE20CF0603557C0CF7A9462 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
00:14:56.0843 5376 Fs_Rec - ok
00:14:56.0875 5376 [ AE87BA80D0EC3B57126ED2CDC15B24ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
00:14:56.0890 5376 fvevol - ok
00:14:56.0921 5376 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
00:14:56.0921 5376 gagp30kx - ok
00:14:56.0953 5376 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
00:14:56.0953 5376 GEARAspiWDM - ok
00:14:56.0984 5376 [ FE5AB4525BC2EC68B9119A6E5D40128B ] gpsvc C:\Windows\System32\gpsvc.dll
00:14:56.0999 5376 gpsvc - ok
00:14:57.0062 5376 [ 0191DEE9B9EB7902AF2CF4F67301095D ] GREGService C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
00:14:57.0062 5376 GREGService - ok
00:14:57.0093 5376 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
00:14:57.0093 5376 hcw85cir - ok
00:14:57.0140 5376 [ 6410F6F415B2A5A9037224C41DA8BF12 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
00:14:57.0140 5376 HdAudAddService - ok
00:14:57.0171 5376 [ 0A49913402747A0B67DE940FB42CBDBB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
00:14:57.0171 5376 HDAudBus - ok
00:14:57.0202 5376 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
00:14:57.0218 5376 HECIx64 - ok
00:14:57.0233 5376 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
00:14:57.0233 5376 HidBatt - ok
00:14:57.0249 5376 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
00:14:57.0249 5376 HidBth - ok
00:14:57.0280 5376 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
00:14:57.0280 5376 HidIr - ok
00:14:57.0311 5376 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
00:14:57.0311 5376 hidserv - ok
00:14:57.0358 5376 [ B3BF6B5B50006DEF50B66306D99FCF6F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
00:14:57.0358 5376 HidUsb - ok
00:14:57.0374 5376 [ EFA58EDE58DD74388FFD04CB32681518 ] hkmsvc C:\Windows\system32\kmsvc.dll
00:14:57.0374 5376 hkmsvc - ok
00:14:57.0389 5376 [ 046B2673767CA626E2CFB7FDF735E9E8 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
00:14:57.0405 5376 HomeGroupListener - ok
00:14:57.0421 5376 [ 06A7422224D9865A5613710A089987DF ] HomeGroupProvider C:\Windows\system32\provsvc.dll
00:14:57.0436 5376 HomeGroupProvider - ok
00:14:57.0483 5376 [ 0886D440058F203EBA0E1825E4355914 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys
00:14:57.0483 5376 HpSAMD - ok
00:14:57.0514 5376 [ CEE049CAC4EFA7F4E1E4AD014414A5D4 ] HTTP C:\Windows\system32\drivers\HTTP.sys
00:14:57.0530 5376 HTTP - ok
00:14:57.0545 5376 [ F17766A19145F111856378DF337A5D79 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
00:14:57.0545 5376 hwpolicy - ok
00:14:57.0577 5376 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
00:14:57.0592 5376 i8042prt - ok
00:14:57.0623 5376 [ ABBF174CB394F5C437410A788B7E404A ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
00:14:57.0623 5376 iaStor - ok
00:14:57.0670 5376 [ 31A0E93CDF29007D6C6FFFB632F375ED ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
00:14:57.0670 5376 IAStorDataMgrSvc - ok
00:14:57.0701 5376 [ B75E45C564E944A2657167D197AB29DA ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
00:14:57.0717 5376 iaStorV - ok
00:14:57.0764 5376 [ 2F2BE70D3E02B6FA877921AB9516D43C ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
00:14:57.0795 5376 idsvc - ok
00:14:57.0967 5376 [ 2A22AB054F4630D2EF4BAB2853F6D5F6 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
00:14:58.0138 5376 igfx - ok
00:14:58.0185 5376 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
00:14:58.0201 5376 iirsp - ok
00:14:58.0232 5376 [ C5B4683680DF085B57BC53E5EF34861F ] IKEEXT C:\Windows\System32\ikeext.dll
00:14:58.0232 5376 IKEEXT - ok
00:14:58.0263 5376 [ DD587A55390ED2295BCE6D36AD567DA9 ] Impcd C:\Windows\system32\DRIVERS\Impcd.sys
00:14:58.0279 5376 Impcd - ok
00:14:58.0341 5376 [ 235362D403D9D677514649D88DB31914 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
00:14:58.0357 5376 IntcAzAudAddService - ok
00:14:58.0388 5376 [ 58CF58DEE26C909BD6F977B61D246295 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
00:14:58.0403 5376 IntcDAud - ok
00:14:58.0419 5376 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\DRIVERS\intelide.sys
00:14:58.0435 5376 intelide - ok
00:14:58.0450 5376 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
00:14:58.0450 5376 intelppm - ok
00:14:58.0481 5376 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
00:14:58.0481 5376 IPBusEnum - ok
00:14:58.0497 5376 [ 722DD294DF62483CECAAE6E094B4D695 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
00:14:58.0513 5376 IpFilterDriver - ok
00:14:58.0528 5376 [ F8E058D17363EC580E4B7232778B6CB5 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
00:14:58.0544 5376 iphlpsvc - ok
00:14:58.0544 5376 [ E2B4A4494DB7CB9B89B55CA268C337C5 ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys
00:14:58.0544 5376 IPMIDRV - ok
00:14:58.0559 5376 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
00:14:58.0559 5376 IPNAT - ok
00:14:58.0606 5376 [ D38469601B72D2DA4F847FC642174E21 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
00:14:58.0622 5376 iPod Service - ok
00:14:58.0653 5376 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
00:14:58.0653 5376 IRENUM - ok
00:14:58.0684 5376 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys
00:14:58.0684 5376 isapnp - ok
00:14:58.0700 5376 [ FA4D2557DE56D45B0A346F93564BE6E1 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
00:14:58.0715 5376 iScsiPrt - ok
00:14:58.0731 5376 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
00:14:58.0747 5376 kbdclass - ok
00:14:58.0778 5376 [ 6DEF98F8541E1B5DCEB2C822A11F7323 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
00:14:58.0778 5376 kbdhid - ok
00:14:58.0809 5376 [ 156F6159457D0AA7E59B62681B56EB90 ] KeyIso C:\Windows\system32\lsass.exe
00:14:58.0809 5376 KeyIso - ok
00:14:58.0809 5376 [ 16C1B906FC5EAD84769F90B736B6BF0E ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
00:14:58.0825 5376 KSecDD - ok
00:14:58.0856 5376 [ 0B711550C56444879D71C7DAABDA6C83 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
00:14:58.0856 5376 KSecPkg - ok
00:14:58.0871 5376 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
00:14:58.0871 5376 ksthunk - ok
00:14:58.0903 5376 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
00:14:58.0918 5376 KtmRm - ok
00:14:58.0965 5376 [ 0EB28A5F9BD82F0357A77FF11722763F ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys
00:14:58.0965 5376 L1C - ok
00:14:58.0996 5376 [ 81F1D04D4D0E433099365127375FD501 ] LanmanServer C:\Windows\System32\srvsvc.dll
00:14:59.0012 5376 LanmanServer - ok
00:14:59.0043 5376 [ 27026EAC8818E8A6C00A1CAD2F11D29A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
00:14:59.0043 5376 LanmanWorkstation - ok
00:14:59.0090 5376 [ 1074C77A47835E03C15BF92452F9A750 ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys
00:14:59.0090 5376 LHidFilt - ok
00:14:59.0137 5376 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
00:14:59.0137 5376 lltdio - ok
00:14:59.0183 5376 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
00:14:59.0183 5376 lltdsvc - ok
00:14:59.0215 5376 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
00:14:59.0215 5376 lmhosts - ok
00:14:59.0246 5376 [ 96999C364C649E2866A268F7420A304A ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys
00:14:59.0246 5376 LMouFilt - ok
00:14:59.0308 5376 [ 85C7497997BA8B7C1728B12199616747 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
00:14:59.0308 5376 LMS - ok
00:14:59.0339 5376 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
00:14:59.0339 5376 LSI_FC - ok
00:14:59.0355 5376 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
00:14:59.0355 5376 LSI_SAS - ok
00:14:59.0371 5376 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
00:14:59.0371 5376 LSI_SAS2 - ok
00:14:59.0386 5376 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
00:14:59.0402 5376 LSI_SCSI - ok
00:14:59.0433 5376 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
00:14:59.0433 5376 luafv - ok
00:14:59.0449 5376 [ F84C8F1000BC11E3B7B23CBD3BAFF111 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
00:14:59.0464 5376 Mcx2Svc - ok
00:14:59.0480 5376 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
00:14:59.0495 5376 megasas - ok

**darbi101** · 2012-11-09, 17:24

00:14:59.0511 5376 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
00:14:59.0511 5376 MegaSR - ok
00:14:59.0542 5376 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
00:14:59.0542 5376 MMCSS - ok
00:14:59.0542 5376 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
00:14:59.0558 5376 Modem - ok
00:14:59.0573 5376 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
00:14:59.0573 5376 monitor - ok
00:14:59.0605 5376 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
00:14:59.0605 5376 mouclass - ok
00:14:59.0620 5376 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
00:14:59.0620 5376 mouhid - ok
00:14:59.0667 5376 [ 791AF66C4D0E7C90A3646066386FB571 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
00:14:59.0667 5376 mountmgr - ok
00:14:59.0729 5376 [ 96AA8BA23142CC8E2B30F3CAE0C80254 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
00:14:59.0729 5376 MozillaMaintenance - ok
00:14:59.0745 5376 [ 609D1D87649ECC19796F4D76D4C15CEA ] mpio C:\Windows\system32\DRIVERS\mpio.sys
00:14:59.0761 5376 mpio - ok
00:14:59.0776 5376 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
00:14:59.0776 5376 mpsdrv - ok
00:14:59.0823 5376 [ AECAB449567D1846DAD63ECE49E893E3 ] MpsSvc C:\Windows\system32\mpssvc.dll
00:14:59.0839 5376 MpsSvc - ok
00:14:59.0839 5376 [ 30524261BB51D96D6FCBAC20C810183C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
00:14:59.0854 5376 MRxDAV - ok
00:14:59.0885 5376 [ 040D62A9D8AD28922632137ACDD984F2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
00:14:59.0885 5376 mrxsmb - ok
00:14:59.0917 5376 [ F0067552F8F9B33D7C59403AB808A3CB ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
00:14:59.0917 5376 mrxsmb10 - ok
00:14:59.0948 5376 [ 3C142D31DE9F2F193218A53FE2632051 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
00:14:59.0948 5376 mrxsmb20 - ok
00:14:59.0963 5376 [ 5C37497276E3B3A5488B23A326A754B7 ] msahci C:\Windows\system32\DRIVERS\msahci.sys
00:14:59.0979 5376 msahci - ok
00:14:59.0995 5376 [ 8D27B597229AED79430FB9DB3BCBFBD0 ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys
00:14:59.0995 5376 msdsm - ok
00:15:00.0010 5376 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
00:15:00.0026 5376 MSDTC - ok
00:15:00.0041 5376 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
00:15:00.0041 5376 Msfs - ok
00:15:00.0073 5376 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
00:15:00.0073 5376 mshidkmdf - ok
00:15:00.0088 5376 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys
00:15:00.0088 5376 msisadrv - ok
00:15:00.0119 5376 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
00:15:00.0119 5376 MSiSCSI - ok
00:15:00.0135 5376 msiserver - ok
00:15:00.0166 5376 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
00:15:00.0166 5376 MSKSSRV - ok
00:15:00.0182 5376 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
00:15:00.0182 5376 MSPCLOCK - ok
00:15:00.0197 5376 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
00:15:00.0197 5376 MSPQM - ok
00:15:00.0229 5376 [ 89CB141AA8616D8C6A4610FA26C60964 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
00:15:00.0229 5376 MsRPC - ok
00:15:00.0260 5376 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
00:15:00.0260 5376 mssmbios - ok
00:15:00.0275 5376 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
00:15:00.0275 5376 MSTEE - ok
00:15:00.0307 5376 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
00:15:00.0307 5376 MTConfig - ok
00:15:00.0322 5376 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
00:15:00.0322 5376 Mup - ok
00:15:00.0353 5376 [ 6FFECC25B39DC7652A0CEC0ADA9DB589 ] mwlPSDFilter C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
00:15:00.0353 5376 mwlPSDFilter - ok
00:15:00.0353 5376 [ 0BEFE32CA56D6EE89D58175725596A85 ] mwlPSDNServ C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
00:15:00.0369 5376 mwlPSDNServ - ok
00:15:00.0369 5376 [ D43BC633B8660463E446E28E14A51262 ] mwlPSDVDisk C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
00:15:00.0385 5376 mwlPSDVDisk - ok
00:15:00.0431 5376 [ 3E5E20817259F7328C8F3BE5421F35B9 ] MWLService C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe
00:15:00.0431 5376 MWLService - ok
00:15:00.0463 5376 [ 4987E079A4530FA737A128BE54B63B12 ] napagent C:\Windows\system32\qagentRT.dll
00:15:00.0463 5376 napagent - ok
00:15:00.0494 5376 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
00:15:00.0509 5376 NativeWifiP - ok
00:15:00.0541 5376 [ CAD515DBD07D082BB317D9928CE8962C ] NDIS C:\Windows\system32\drivers\ndis.sys
00:15:00.0541 5376 NDIS - ok
00:15:00.0556 5376 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
00:15:00.0556 5376 NdisCap - ok
00:15:00.0572 5376 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
00:15:00.0587 5376 NdisTapi - ok
00:15:00.0619 5376 [ F105BA1E22BF1F2EE8F005D4305E4BEC ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
00:15:00.0619 5376 Ndisuio - ok
00:15:00.0634 5376 [ 557DFAB9CA1FCB036AC77564C010DAD3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
00:15:00.0650 5376 NdisWan - ok
00:15:00.0650 5376 [ 659B74FB74B86228D6338D643CD3E3CF ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
00:15:00.0665 5376 NDProxy - ok
00:15:00.0712 5376 [ 2C723E42FC8D7B0209492828F921FB50 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
00:15:00.0712 5376 Net Driver HPZ12 - ok
00:15:00.0743 5376 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
00:15:00.0743 5376 NetBIOS - ok
00:15:00.0775 5376 [ 9162B273A44AB9DCE5B44362731D062A ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
00:15:00.0775 5376 NetBT - ok
00:15:00.0806 5376 [ 156F6159457D0AA7E59B62681B56EB90 ] Netlogon C:\Windows\system32\lsass.exe
00:15:00.0806 5376 Netlogon - ok
00:15:00.0853 5376 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
00:15:00.0853 5376 Netman - ok
00:15:00.0884 5376 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
00:15:00.0884 5376 netprofm - ok
00:15:00.0915 5376 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
00:15:00.0915 5376 NetTcpPortSharing - ok
00:15:00.0946 5376 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
00:15:00.0962 5376 nfrd960 - ok
00:15:00.0993 5376 [ D9A0CE66046D6EFA0C61BAA885CBA0A8 ] NlaSvc C:\Windows\System32\nlasvc.dll
00:15:00.0993 5376 NlaSvc - ok
00:15:01.0087 5376 [ 5839A8027D6D324A7CD494051A96628C ] NOBU C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
00:15:01.0102 5376 NOBU - ok
00:15:01.0118 5376 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
00:15:01.0133 5376 Npfs - ok
00:15:01.0149 5376 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
00:15:01.0149 5376 nsi - ok
00:15:01.0180 5376 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
00:15:01.0180 5376 nsiproxy - ok
00:15:01.0243 5376 [ 378E0E0DFEA67D98AE6EA53ADBBD76BC ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
00:15:01.0258 5376 Ntfs - ok
00:15:01.0305 5376 [ 9A308FCDCCA98A15B6F62D36A272160E ] NTI IScheduleSvc C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
00:15:01.0321 5376 NTI IScheduleSvc - ok
00:15:01.0352 5376 [ 28C59F594044CBF8598B18C927097091 ] NTIBackupSvc C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
00:15:01.0367 5376 NTIBackupSvc - ok
00:15:01.0399 5376 [ 710263B44C1D1AEE07525A53401FBE48 ] NTIDrvr C:\Windows\system32\drivers\NTIDrvr.sys
00:15:01.0399 5376 NTIDrvr - ok
00:15:01.0414 5376 [ B8D903B2894FF9AFBD99CA51C35590D7 ] NTISchedulerSvc C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
00:15:01.0445 5376 NTISchedulerSvc - ok
00:15:01.0461 5376 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
00:15:01.0461 5376 Null - ok
00:15:01.0492 5376 nvlddmkm - ok
00:15:01.0492 5376 nvpciflt - ok
00:15:01.0523 5376 [ A4D9C9A608A97F59307C2F2600EDC6A4 ] nvraid C:\Windows\system32\drivers\nvraid.sys
00:15:01.0523 5376 nvraid - ok
00:15:01.0555 5376 [ 6C1D5F70E7A6A3FD1C90D840EDC048B9 ] nvstor C:\Windows\system32\drivers\nvstor.sys
00:15:01.0555 5376 nvstor - ok
00:15:01.0570 5376 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys
00:15:01.0586 5376 nv_agp - ok
00:15:01.0664 5376 [ BA7DAC1B8A86D9402C3E04E1FCAA600D ] ODDPwrSvc C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe
00:15:01.0664 5376 ODDPwrSvc - ok
00:15:01.0679 5376 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
00:15:01.0695 5376 ohci1394 - ok
00:15:01.0726 5376 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
00:15:01.0742 5376 ose - ok
00:15:01.0898 5376 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
00:15:02.0069 5376 osppsvc - ok
00:15:02.0101 5376 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
00:15:02.0101 5376 p2pimsvc - ok
00:15:02.0116 5376 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
00:15:02.0132 5376 p2psvc - ok
00:15:02.0163 5376 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
00:15:02.0163 5376 Parport - ok
00:15:02.0179 5376 [ 7DAA117143316C4A1537E074A5A9EAF0 ] partmgr C:\Windows\system32\drivers\partmgr.sys
00:15:02.0179 5376 partmgr - ok
00:15:02.0210 5376 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
00:15:02.0210 5376 PcaSvc - ok
00:15:02.0225 5376 [ F36F6504009F2FB0DFD1B17A116AD74B ] pci C:\Windows\system32\DRIVERS\pci.sys
00:15:02.0241 5376 pci - ok
00:15:02.0257 5376 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\DRIVERS\pciide.sys
00:15:02.0257 5376 pciide - ok
00:15:02.0288 5376 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
00:15:02.0303 5376 pcmcia - ok
00:15:02.0319 5376 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
00:15:02.0319 5376 pcw - ok
00:15:02.0335 5376 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
00:15:02.0350 5376 PEAUTH - ok
00:15:02.0413 5376 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
00:15:02.0413 5376 PerfHost - ok
00:15:02.0459 5376 [ 557E9A86F65F0DE18C9B6751DFE9D3F1 ] pla C:\Windows\system32\pla.dll
00:15:02.0491 5376 pla - ok
00:15:02.0537 5376 [ 98B1721B8718164293B9701B98C52D77 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
00:15:02.0537 5376 PlugPlay - ok
00:15:02.0584 5376 [ 171E6D91A20AAC8D02172A64E82CE90B ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
00:15:02.0584 5376 Pml Driver HPZ12 - ok
00:15:02.0600 5376 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
00:15:02.0615 5376 PNRPAutoReg - ok
00:15:02.0631 5376 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
00:15:02.0631 5376 PNRPsvc - ok
00:15:02.0662 5376 [ 166EB40D1F5B47E615DE3D0FFFE5F243 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
00:15:02.0678 5376 PolicyAgent - ok
00:15:02.0709 5376 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
00:15:02.0709 5376 Power - ok
00:15:02.0740 5376 [ 27CC19E81BA5E3403C48302127BDA717 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
00:15:02.0740 5376 PptpMiniport - ok
00:15:02.0756 5376 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
00:15:02.0756 5376 Processor - ok
00:15:02.0787 5376 [ F381975E1F4346DE875CB07339CE8D3A ] ProfSvc C:\Windows\system32\profsvc.dll
00:15:02.0787 5376 ProfSvc - ok
00:15:02.0803 5376 [ 156F6159457D0AA7E59B62681B56EB90 ] ProtectedStorage C:\Windows\system32\lsass.exe
00:15:02.0803 5376 ProtectedStorage - ok
00:15:02.0881 5376 [ F4DD1A2904FC616E2CC603B4DBCD1B29 ] ProtectorA C:\Windows\syswow64\drivers\ProtectorA.sys
00:15:02.0881 5376 ProtectorA - ok
00:15:02.0912 5376 [ EE992183BD8EAEFD9973F352E587A299 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
00:15:02.0912 5376 Psched - ok
00:15:02.0959 5376 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
00:15:02.0974 5376 ql2300 - ok
00:15:02.0990 5376 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
00:15:03.0005 5376 ql40xx - ok
00:15:03.0037 5376 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
00:15:03.0037 5376 QWAVE - ok
00:15:03.0052 5376 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
00:15:03.0052 5376 QWAVEdrv - ok
00:15:03.0083 5376 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
00:15:03.0083 5376 RasAcd - ok
00:15:03.0115 5376 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
00:15:03.0130 5376 RasAgileVpn - ok
00:15:03.0161 5376 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
00:15:03.0161 5376 RasAuto - ok
00:15:03.0177 5376 [ 87A6E852A22991580D6D39ADC4790463 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
00:15:03.0193 5376 Rasl2tp - ok
00:15:03.0208 5376 [ 47394ED3D16D053F5906EFE5AB51CC83 ] RasMan C:\Windows\System32\rasmans.dll
00:15:03.0208 5376 RasMan - ok
00:15:03.0239 5376 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
00:15:03.0239 5376 RasPppoe - ok
00:15:03.0271 5376 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
00:15:03.0271 5376 RasSstp - ok
00:15:03.0286 5376 [ 3BAC8142102C15D59A87757C1D41DCE5 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
00:15:03.0302 5376 rdbss - ok
00:15:03.0317 5376 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
00:15:03.0317 5376 rdpbus - ok
00:15:03.0349 5376 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
00:15:03.0349 5376 RDPCDD - ok
00:15:03.0364 5376 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
00:15:03.0364 5376 RDPENCDD - ok
00:15:03.0364 5376 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
00:15:03.0364 5376 RDPREFMP - ok
00:15:03.0411 5376 [ 074AC702D8B8B660B0E1371555995386 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
00:15:03.0411 5376 RDPWD - ok
00:15:03.0458 5376 [ 634B9A2181D98F15941236886164EC8B ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
00:15:03.0458 5376 rdyboost - ok
00:15:03.0489 5376 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
00:15:03.0505 5376 RemoteAccess - ok
00:15:03.0520 5376 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
00:15:03.0536 5376 RemoteRegistry - ok
00:15:03.0551 5376 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
00:15:03.0567 5376 RFCOMM - ok
00:15:03.0567 5376 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
00:15:03.0583 5376 RpcEptMapper - ok
00:15:03.0598 5376 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
00:15:03.0598 5376 RpcLocator - ok
00:15:03.0629 5376 [ 7266972E86890E2B30C0C322E906B027 ] RpcSs C:\Windows\System32\rpcss.dll
00:15:03.0629 5376 RpcSs - ok
00:15:03.0661 5376 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
00:15:03.0661 5376 rspndr - ok
00:15:03.0676 5376 [ 156F6159457D0AA7E59B62681B56EB90 ] SamSs C:\Windows\system32\lsass.exe
00:15:03.0676 5376 SamSs - ok
00:15:03.0754 5376 [ E6C0EA194B4A98F6645502A52359E0AC ] SbieDrv C:\Program Files\Sandboxie\SbieDrv.sys
00:15:03.0754 5376 SbieDrv - ok
00:15:03.0770 5376 [ B435855D3A6B221574000792B615B8EA ] SbieSvc C:\Program Files\Sandboxie\SbieSvc.exe
00:15:03.0770 5376 SbieSvc - ok
00:15:03.0801 5376 [ E3BBB89983DAF5622C1D50CF49F28227 ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys
00:15:03.0817 5376 sbp2port - ok
00:15:03.0848 5376 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
00:15:03.0863 5376 SCardSvr - ok
00:15:03.0863 5376 [ C94DA20C7E3BA1DCA269BC8460D98387 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
00:15:03.0879 5376 scfilter - ok
00:15:03.0910 5376 [ 624D0F5FF99428BB90A5B8A4123E918E ] Schedule C:\Windows\system32\schedsvc.dll
00:15:03.0926 5376 Schedule - ok
00:15:03.0957 5376 [ 312E2F82AF11E79906898AC3E3D58A1F ] SCPolicySvc C:\Windows\System32\certprop.dll
00:15:03.0957 5376 SCPolicySvc - ok
00:15:03.0973 5376 [ 765A27C3279CE11D14CB9E4F5869FCA5 ] SDRSVC C:\Windows\System32\SDRSVC.dll
00:15:03.0988 5376 SDRSVC - ok
00:15:04.0004 5376 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
00:15:04.0004 5376 secdrv - ok
00:15:04.0019 5376 [ 463B386EBC70F98DA5DFF85F7E654346 ] seclogon C:\Windows\system32\seclogon.dll
00:15:04.0035 5376 seclogon - ok
00:15:04.0051 5376 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
00:15:04.0051 5376 SENS - ok
00:15:04.0082 5376 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
00:15:04.0097 5376 SensrSvc - ok
00:15:04.0129 5376 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
00:15:04.0144 5376 Serenum - ok
00:15:04.0160 5376 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
00:15:04.0175 5376 Serial - ok
00:15:04.0191 5376 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
00:15:04.0191 5376 sermouse - ok
00:15:04.0238 5376 [ C3BC61CE47FF6F4E88AB8A3B429A36AF ] SessionEnv C:\Windows\system32\sessenv.dll
00:15:04.0238 5376 SessionEnv - ok
00:15:04.0253 5376 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
00:15:04.0253 5376 sffdisk - ok
00:15:04.0285 5376 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\DRIVERS\sffp_mmc.sys
00:15:04.0285 5376 sffp_mmc - ok
00:15:04.0300 5376 [ 178298F767FE638C9FEDCBDEF58BB5E4 ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
00:15:04.0300 5376 sffp_sd - ok
00:15:04.0331 5376 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
00:15:04.0331 5376 sfloppy - ok
00:15:04.0378 5376 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
00:15:04.0394 5376 Sftfs - ok
00:15:04.0441 5376 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
00:15:04.0456 5376 sftlist - ok
00:15:04.0487 5376 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
00:15:04.0487 5376 Sftplay - ok
00:15:04.0503 5376 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
00:15:04.0503 5376 Sftredir - ok
00:15:04.0534 5376 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
00:15:04.0534 5376 Sftvol - ok
00:15:04.0550 5376 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
00:15:04.0550 5376 sftvsa - ok
00:15:04.0597 5376 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
00:15:04.0612 5376 SharedAccess - ok
00:15:04.0643 5376 [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF ] ShellHWDetection C:\Windows\System32\shsvcs.dll
00:15:04.0659 5376 ShellHWDetection - ok
00:15:04.0675 5376 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
00:15:04.0690 5376 SiSRaid2 - ok
00:15:04.0721 5376 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
00:15:04.0721 5376 SiSRaid4 - ok
00:15:04.0737 5376 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
00:15:04.0753 5376 Smb - ok
00:15:04.0784 5376 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
00:15:04.0784 5376 SNMPTRAP - ok
00:15:04.0799 5376 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
00:15:04.0815 5376 spldr - ok
00:15:04.0846 5376 [ F8E1FA03CB70D54A9892AC88B91D1E7B ] Spooler C:\Windows\System32\spoolsv.exe
00:15:04.0862 5376 Spooler - ok
00:15:04.0924 5376 [ 913D843498553A1BC8F8DBAD6358E49F ] sppsvc C:\Windows\system32\sppsvc.exe
00:15:04.0955 5376 sppsvc - ok
00:15:04.0987 5376 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
00:15:04.0987 5376 sppuinotify - ok
00:15:05.0018 5376 [ 2408C0366D96BCDF63E8F1C78E4A29C5 ] srv C:\Windows\system32\DRIVERS\srv.sys
00:15:05.0033 5376 srv - ok
00:15:05.0049 5376 [ 76548F7B818881B47D8D1AE1BE9C11F8 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
00:15:05.0065 5376 srv2 - ok
00:15:05.0080 5376 [ 0AF6E19D39C70844C5CAA8FB0183C36E ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
00:15:05.0080 5376 srvnet - ok
00:15:05.0127 5376 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
00:15:05.0127 5376 SSDPSRV - ok
00:15:05.0143 5376 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
00:15:05.0143 5376 SstpSvc - ok
00:15:05.0174 5376 Steam Client Service - ok
00:15:05.0189 5376 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
00:15:05.0205 5376 stexstor - ok
00:15:05.0221 5376 [ 52D0E33B681BD0F33FDC08812FEE4F7D ] stisvc C:\Windows\System32\wiaservc.dll
00:15:05.0236 5376 stisvc - ok
00:15:05.0252 5376 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
00:15:05.0252 5376 swenum - ok
00:15:05.0283 5376 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
00:15:05.0299 5376 swprv - ok
00:15:05.0345 5376 [ 868DFB220A18312A12CEF01BA9AC069B ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
00:15:05.0345 5376 SynTP - ok
00:15:05.0377 5376 [ 3C1284516A62078FB68F768DE4F1A7BE ] SysMain C:\Windows\system32\sysmain.dll
00:15:05.0392 5376 SysMain - ok
00:15:05.0423 5376 [ 238935C3CF2854886DC7CBB2A0E2CC66 ] TabletInputService C:\Windows\System32\TabSvc.dll
00:15:05.0423 5376 TabletInputService - ok
00:15:05.0470 5376 [ 3B73C849B41FB20D77B0E553214061A5 ] tap0901 C:\Windows\system32\DRIVERS\tap0901.sys
00:15:05.0470 5376 tap0901 - ok
00:15:05.0486 5376 [ 884264AC597B690C5707C89723BB8E7B ] TapiSrv C:\Windows\System32\tapisrv.dll
00:15:05.0486 5376 TapiSrv - ok
00:15:05.0501 5376 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
00:15:05.0501 5376 TBS - ok
00:15:05.0548 5376 [ F18F56EFC0BFB9C87BA01C37B27F4DA5 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
00:15:05.0579 5376 Tcpip - ok
00:15:05.0626 5376 [ F18F56EFC0BFB9C87BA01C37B27F4DA5 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
00:15:05.0626 5376 TCPIP6 - ok
00:15:05.0642 5376 [ 76D078AF6F587B162D50210F761EB9ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
00:15:05.0642 5376 tcpipreg - ok
00:15:05.0657 5376 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
00:15:05.0673 5376 TDPIPE - ok
00:15:05.0689 5376 [ 7518F7BCFD4B308ABC9192BACAF6C970 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
00:15:05.0689 5376 TDTCP - ok
00:15:05.0720 5376 [ 079125C4B17B01FCAEEBCE0BCB290C0F ] tdx C:\Windows\system32\DRIVERS\tdx.sys
00:15:05.0720 5376 tdx - ok
00:15:05.0735 5376 [ C448651339196C0E869A355171875522 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
00:15:05.0735 5376 TermDD - ok
00:15:05.0767 5376 [ 0F05EC2887BFE197AD82A13287D2F404 ] TermService C:\Windows\System32\termsrv.dll
00:15:05.0782 5376 TermService - ok
00:15:05.0813 5376 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
00:15:05.0813 5376 Themes - ok
00:15:05.0845 5376 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
00:15:05.0845 5376 THREADORDER - ok
00:15:05.0876 5376 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
00:15:05.0876 5376 TrkWks - ok
00:15:05.0923 5376 [ 840F7FB849F5887A49BA18C13B2DA920 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
00:15:05.0923 5376 TrustedInstaller - ok
00:15:05.0954 5376 [ 61B96C26131E37B24E93327A0BD1FB95 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
00:15:05.0954 5376 tssecsrv - ok
00:15:06.0001 5376 [ 3836171A2CDF3AF8EF10856DB9835A70 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
00:15:06.0001 5376 tunnel - ok
00:15:06.0047 5376 [ 825E7A1F48FB8BCFBA27C178AAB4E275 ] TurboB C:\Windows\system32\DRIVERS\TurboB.sys
00:15:06.0047 5376 TurboB - ok
00:15:06.0110 5376 [ B206BE1174D5964D49A56BB6C4E0524A ] TurboBoost C:\Program Files\Intel\TurboBoost\TurboBoost.exe
00:15:06.0110 5376 TurboBoost - ok
00:15:06.0125 5376 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
00:15:06.0125 5376 uagp35 - ok
00:15:06.0157 5376 [ 40079B0B801C5432BA435B5AD61CE6E3 ] UBHelper C:\Windows\system32\drivers\UBHelper.sys
00:15:06.0157 5376 UBHelper - ok
00:15:06.0188 5376 [ D47BAEAD86C65D4F4069D7CE0A4EDCEB ] udfs C:\Windows\system32\DRIVERS\udfs.sys
00:15:06.0203 5376 udfs - ok
00:15:06.0219 5376 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
00:15:06.0219 5376 UI0Detect - ok
00:15:06.0250 5376 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys
00:15:06.0250 5376 uliagpkx - ok
00:15:06.0281 5376 [ EAB6C35E62B1B0DB0D1B48B671D3A117 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
00:15:06.0281 5376 umbus - ok
00:15:06.0297 5376 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
00:15:06.0297 5376 UmPass - ok
00:15:06.0437 5376 [ 4735B3050C0D6F9DC571451298C54FA0 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
00:15:06.0453 5376 UNS - ok
00:15:06.0500 5376 [ F9EC9ACD504D823D9B9CA98A4F8D3CA2 ] Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
00:15:06.0500 5376 Updater Service - ok
00:15:06.0531 5376 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
00:15:06.0531 5376 upnphost - ok
00:15:06.0562 5376 [ AA33FC47ED58C34E6E9261E4F850B7EB ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
00:15:06.0562 5376 USBAAPL64 - ok
00:15:06.0593 5376 [ 537A4E03D7103C12D42DFD8FFDB5BDC9 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
00:15:06.0593 5376 usbccgp - ok
00:15:06.0640 5376 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
00:15:06.0640 5376 usbcir - ok
00:15:06.0656 5376 [ FBB21EBE49F6D560DB37AC25FBC68E66 ] usbehci C:\Windows\system32\drivers\usbehci.sys
00:15:06.0671 5376 usbehci - ok
00:15:06.0687 5376 [ 6B7A8A99C4A459E73C286A6763EA24CC ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
00:15:06.0703 5376 usbhub - ok
00:15:06.0718 5376 [ 8C88AA7617B4CBC2E4BED61D26B33A27 ] usbohci C:\Windows\system32\drivers\usbohci.sys
00:15:06.0718 5376 usbohci - ok
00:15:06.0765 5376 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
00:15:06.0765 5376 usbprint - ok
00:15:06.0781 5376 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
00:15:06.0781 5376 usbscan - ok
00:15:06.0796 5376 [ F39983647BC1F3E6100778DDFE9DCE29 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
00:15:06.0812 5376 USBSTOR - ok
00:15:06.0827 5376 [ 0B5B3B2DF3FD1709618ACFA50B8392B0 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
00:15:06.0843 5376 usbuhci - ok
00:15:06.0890 5376 [ 7CB8C573C6E4A2714402CC0A36EAB4FE ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
00:15:06.0890 5376 usbvideo - ok
00:15:06.0921 5376 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
00:15:06.0921 5376 UxSms - ok
00:15:06.0937 5376 [ 156F6159457D0AA7E59B62681B56EB90 ] VaultSvc C:\Windows\system32\lsass.exe
00:15:06.0937 5376 VaultSvc - ok
00:15:06.0952 5376 [ FD911873C0BB6945FA38C16E9A2B58F9 ] VClone C:\Windows\system32\DRIVERS\VClone.sys
00:15:06.0952 5376 VClone - ok
00:15:06.0983 5376 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys
00:15:06.0983 5376 vdrvroot - ok
00:15:07.0015 5376 [ 44D73E0BBC1D3C8981304BA15135C2F2 ] vds C:\Windows\System32\vds.exe
00:15:07.0015 5376 vds - ok
00:15:07.0030 5376 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
00:15:07.0030 5376 vga - ok
00:15:07.0046 5376 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
00:15:07.0046 5376 VgaSave - ok
00:15:07.0077 5376 [ C82E748660F62A242B2DFAC1442F22A4 ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys
00:15:07.0077 5376 vhdmp - ok
00:15:07.0093 5376 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\DRIVERS\viaide.sys
00:15:07.0108 5376 viaide - ok
00:15:07.0124 5376 [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3 ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys
00:15:07.0139 5376 volmgr - ok
00:15:07.0155 5376 [ 99B0CBB569CA79ACAED8C91461D765FB ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
00:15:07.0171 5376 volmgrx - ok
00:15:07.0171 5376 [ 58F82EED8CA24B461441F9C3E4F0BF5C ] volsnap C:\Windows\system32\DRIVERS\volsnap.sys
00:15:07.0186 5376 volsnap - ok
00:15:07.0202 5376 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
00:15:07.0217 5376 vsmraid - ok
00:15:07.0249 5376 [ 787898BF9FB6D7BD87A36E2D95C899BA ] VSS C:\Windows\system32\vssvc.exe
00:15:07.0264 5376 VSS - ok
00:15:07.0295 5376 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
00:15:07.0295 5376 vwifibus - ok
00:15:07.0311 5376 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
00:15:07.0311 5376 vwififlt - ok
00:15:07.0327 5376 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
00:15:07.0327 5376 vwifimp - ok
00:15:07.0342 5376 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
00:15:07.0358 5376 W32Time - ok
00:15:07.0373 5376 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
00:15:07.0389 5376 WacomPen - ok
00:15:07.0405 5376 [ 47CA49400643EFFD3F1C9A27E1D69324 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
00:15:07.0420 5376 WANARP - ok
00:15:07.0420 5376 [ 47CA49400643EFFD3F1C9A27E1D69324 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
00:15:07.0420 5376 Wanarpv6 - ok
00:15:07.0467 5376 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
00:15:07.0498 5376 WatAdminSvc - ok
00:15:07.0529 5376 [ 5AB1BB85BD8B5089CC5D64200DEDAE68 ] wbengine C:\Windows\system32\wbengine.exe
00:15:07.0545 5376 wbengine - ok
00:15:07.0561 5376 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
00:15:07.0576 5376 WbioSrvc - ok
00:15:07.0607 5376 [ DD1BAE8EBFC653824D29CCF8C9054D68 ] wcncsvc C:\Windows\System32\wcncsvc.dll
00:15:07.0623 5376 wcncsvc - ok
00:15:07.0639 5376 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
00:15:07.0639 5376 WcsPlugInService - ok
00:15:07.0670 5376 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
00:15:07.0670 5376 Wd - ok
00:15:07.0685 5376 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
00:15:07.0701 5376 Wdf01000 - ok
00:15:07.0732 5376 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
00:15:07.0732 5376 WdiServiceHost - ok
00:15:07.0732 5376 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
00:15:07.0732 5376 WdiSystemHost - ok
00:15:07.0763 5376 [ 733006127F235BE7C35354EBEE7B9A7B ] WebClient C:\Windows\System32\webclnt.dll
00:15:07.0779 5376 WebClient - ok
00:15:07.0810 5376 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
00:15:07.0810 5376 Wecsvc - ok
00:15:07.0826 5376 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
00:15:07.0841 5376 wercplsupport - ok
00:15:07.0873 5376 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
00:15:07.0873 5376 WerSvc - ok
00:15:07.0904 5376 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
00:15:07.0904 5376 WfpLwf - ok
00:15:07.0935 5376 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
00:15:07.0935 5376 WIMMount - ok
00:15:07.0966 5376 WinDefend - ok
00:15:07.0966 5376 WinHttpAutoProxySvc - ok
00:15:08.0013 5376 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
00:15:08.0013 5376 Winmgmt - ok
00:15:08.0060 5376 [ 41FBB751936B387F9179E7F03A74FE29 ] WinRM C:\Windows\system32\WsmSvc.dll
00:15:08.0091 5376 WinRM - ok
00:15:08.0138 5376 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
00:15:08.0138 5376 Wlansvc - ok
00:15:08.0231 5376 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
00:15:08.0247 5376 wlidsvc - ok
00:15:08.0278 5376 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
00:15:08.0278 5376 WmiAcpi - ok
00:15:08.0294 5376 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
00:15:08.0309 5376 wmiApSrv - ok
00:15:08.0325 5376 WMPNetworkSvc - ok
00:15:08.0341 5376 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
00:15:08.0356 5376 WPCSvc - ok
00:15:08.0372 5376 [ 2E57DDF2880A7E52E76F41C7E96D327B ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
00:15:08.0387 5376 WPDBusEnum - ok
00:15:08.0403 5376 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
00:15:08.0403 5376 ws2ifsl - ok
00:15:08.0434 5376 [ 8F9F3969933C02DA96EB0F84576DB43E ] wscsvc C:\Windows\system32\wscsvc.dll
00:15:08.0434 5376 wscsvc - ok
00:15:08.0450 5376 WSearch - ok
00:15:08.0497 5376 [ 38340204A2D0228F1E87740FC5E554A7 ] wuauserv C:\Windows\system32\wuaueng.dll
00:15:08.0512 5376 wuauserv - ok
00:15:08.0528 5376 [ 7CADC74271DD6461C452C271B30BD378 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
00:15:08.0528 5376 WudfPf - ok
00:15:08.0559 5376 [ 3B197AF0FFF08AA66B6B2241CA538D64 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
00:15:08.0575 5376 WUDFRd - ok
00:15:08.0606 5376 [ B551D6637AA0E132C18AC6E504F7B79B ] wudfsvc C:\Windows\System32\WUDFSvc.dll
00:15:08.0606 5376 wudfsvc - ok
00:15:08.0621 5376 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
00:15:08.0637 5376 WwanSvc - ok
00:15:08.0653 5376 ================ Scan global ===============================
00:15:08.0668 5376 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
00:15:08.0699 5376 [ 0CB6EBF4B461A6043353C570BD72A1E1 ] C:\Windows\system32\winsrv.dll
00:15:08.0699 5376 [ 0CB6EBF4B461A6043353C570BD72A1E1 ] C:\Windows\system32\winsrv.dll
00:15:08.0715 5376 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
00:15:08.0746 5376 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
00:15:08.0746 5376 [Global] - ok
00:15:08.0762 5376 ================ Scan MBR ==================================
00:15:08.0777 5376 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
00:15:09.0760 5376 \Device\Harddisk0\DR0 - ok
00:15:09.0760 5376 ================ Scan VBR ==================================
00:15:09.0791 5376 [ DE888190F4BCC567777A1722CFF12B37 ] \Device\Harddisk0\DR0\Partition1
00:15:09.0791 5376 \Device\Harddisk0\DR0\Partition1 - ok
00:15:09.0791 5376 [ 058B7BE8E4105C66AAD4C0B28FF6FD96 ] \Device\Harddisk0\DR0\Partition2
00:15:09.0807 5376 \Device\Harddisk0\DR0\Partition2 - ok
00:15:09.0901 5376 [ 707411B8EDEFDCA9CDF8085DC8E535CD ] \Device\Harddisk0\DR0\Partition3
00:15:09.0901 5376 \Device\Harddisk0\DR0\Partition3 - ok
00:15:09.0901 5376 ============================================================
00:15:09.0901 5376 Scan finished
00:15:09.0901 5376 ============================================================
00:15:09.0901 5148 Detected object count: 0
00:15:09.0901 5148 Actual detected object count: 0
00:16:41.0735 0236 Deinitialize success

**shelf life** · 2012-11-10, 22:18

Those screen shots you posted just look like software errors. One obviously related to the Steam application. Do you get the errors a lot of time?

The reason i asked about the proxy is because combofix may have removed the proxy setting in Firefox that Asproxy set up when you installed it. If you reinstall the software or make any changes manually then Firefox will work again if its related to the proxy. We could also restore the changes combofix made.
The tdsskiller log looks ok. We will get another download which you can keep and use as a antimalware app. Its called Malwarebytes:

Please download the free version of Malwarebytes to your desktop.

Double-click mbam-setup.exe and follow the prompts to install the program.

Be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.

If an update is found, it will download and install the latest version.

Once the program has loaded, select Perform FULL SCAN, then click Scan.
When the scan is complete, click OK, then Show Results to view the results.

Be sure that everything is checked, and click *Remove Selected.*

*A restart of your computer may be required to remove some items. If prompted please restart your computer to complete the fix.*

When completed, a log will open in Notepad. Please save it to a convenient location. The log can also be opened by going to Start > All Programs > Malwarebytes' Anti-Malware > Logs > log-date.txt
Post the log in your reply.
NOTE: The free version must be updated manually.

**darbi101** · 2012-11-11, 14:08

I have never seen those errors before. I have uninstalled and reinstalled Firefox but it still does not work. I also realized that my antivirus (Avira) would not update, it feels like all my softwares can't update at the moment. Astrill also would not launch.

I downloaded the Malwarebytes software, but the software failed to update. I attached an image of the error when I tried to update. The version I have now is v2012.09.29.05. I ran the scan anyway, please see below.

Thanks for the help.

Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Database version: v2012.09.29.05

Windows 7 x64 NTFS
Internet Explorer 8.0.7600.16385
Caroline :: CAROLINE-PC [administrator]

11/11/2012 8:12:42 PM
mbam-log-2012-11-11 (20-12-42).txt

Scan type: Full scan (C:\|D:\|Q:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 343568
Time elapsed: 52 minute(s), 35 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

**shelf life** · 2012-11-11, 22:33

We will get two more downloads to use:

Please download aswmbr.exe to your desktop.

Right click the icon and run as admin
For the question: Would you like to download latest Avast! virus definitions?" Click YES to download the additional files, next
Click the "Scan" button to start scan.
Once the scan is done click the"Save log", save it to your desktop and post it in your next reply.

If the additional files don't download just go to the scan step.

Download minitoolbox to your desktop. Right click and run as admin

Check the following boxes:

Report IE Proxy Settings
Report FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs

Click Go and post the result. Will create a text file on your desktop

**darbi101** · 2012-11-12, 11:50

aswMBR did not update.

aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2012-11-12 18:46:06
-----------------------------
18:46:06.085 OS Version: Windows x64 6.1.7600
18:46:06.085 Number of processors: 4 586 0x2505
18:46:06.085 ComputerName: CAROLINE-PC UserName: Caroline
18:46:07.021 Initialize success
18:46:11.258 AVAST engine download error: 0
18:46:11.258 AVAST engine error: 10107
18:46:32.599 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
18:46:32.599 Disk 0 Vendor: TOSHIBA_ GN00 Size: 715404MB BusType: 3
18:46:32.630 Disk 0 MBR read successfully
18:46:32.630 Disk 0 MBR scan
18:46:32.630 Disk 0 Windows 7 default MBR code
18:46:32.646 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 13312 MB offset 2048
18:46:32.661 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 27265024
18:46:32.677 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 345600 MB offset 27469824
18:46:32.692 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 356390 MB offset 735258624
18:46:32.724 Disk 0 scanning C:\Windows\system32\drivers
18:46:40.446 Service scanning
18:47:09.306 Modules scanning
18:47:09.306 Disk 0 trace - called modules:
18:47:09.321 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
18:47:09.337 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8005268060]
18:47:09.337 3 CLASSPNP.SYS[fffff88001aee43f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004f90050]
18:47:09.337 Scan finished successfully
18:47:32.456 Disk 0 MBR has been saved successfully to "C:\Users\Caroline\Desktop\MBR.dat"
18:47:32.472 The log file has been saved successfully to "C:\Users\Caroline\Desktop\aswMBR.txt"

MiniToolBox by Farbar Version: 10-11-2012 02
Ran by Caroline (administrator) on 12-11-2012 at 18:48:46
Windows 7 Home Premium (X64)
Boot Mode: Normal
***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

========================= FF Proxy Settings: ==============================

"network.proxy.type", 0
========================= Hosts content: =================================

127.0.0.1 localhost

========================= IP Configuration: ================================

Broadcom 802.11n ??? = ?????? (Connected)
Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.20) = ???? (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = ?????? 2 (Media disconnected)
?? NSHHTTP.DLL ??????? InitHelperDll ??,???? 10107

# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
set subinterface interface=?0) subinterface=ethernet_13 mtu=1477

popd
# End of IPv4 configuration

Windows IP Configuration

Host Name . . . . . . . . . . . . : Caroline-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter ????* 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Astrill SSL VPN Adapter
Physical Address. . . . . . . . . : 00-FF-09-80-59-E3
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter ?????? 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : 4C-0F-6E-61-D7-5E
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter ??????:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Broadcom 802.11n ???
Physical Address. . . . . . . . . : 4C-0F-6E-61-D7-5E
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::a833:d834:5f9a:e3c0%12(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.0.111(Preferred)
Subnet Mask . . . . . . . . . . . : 0.0.0.0
Lease Obtained. . . . . . . . . . : Monday, November 12, 2012 6:42:14 PM
Lease Expires . . . . . . . . . . : Tuesday, November 13, 2012 6:42:16 PM
Default Gateway . . . . . . . . . : 192.168.0.1
DHCP Server . . . . . . . . . . . : 192.168.0.1
DHCPv6 IAID . . . . . . . . . . . : 390860654
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-FB-8B-E7-60-EB-69-4B-BC-19
DNS Servers . . . . . . . . . . . : 192.168.0.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter ????:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : Belkin
Description . . . . . . . . . . . : Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.20)
Physical Address. . . . . . . . . : 60-EB-69-4B-BC-19
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{A1570363-2474-4627-9269-0759B3798908}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{F624C962-EE0B-4142-8B3F-7A98B3646F48}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.Belkin:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{098059E3-73B5-40D5-A18C-EF9E1C860723}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6ab8:18e7:2b52:3f57:ff90(Preferred)
Link-local IPv6 Address . . . . . : fe80::18e7:2b52:3f57:ff90%15(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: UnKnown
Address: NULL

Unable to initialize Windows Sockets interface. General failure.
Server: UnKnown
Address: NULL

Unable to initialize Windows Sockets interface. General failure.
Unable to initialize Windows Sockets interface. General failure.
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [51712] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\wshbth.dll [35840] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [152864] (Apple Inc.)
Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 10 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 12 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 13 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 14 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 15 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70144] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [46592] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [193824] (Apple Inc.)
x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 10 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (11/12/2012 06:42:57 PM) (Source: Application Error) (User: )
Description: ?????????: PMMdatamgr.exe,??: 3.1.212.0,????: 0x4bfd07df
???????: sysenv.dll,??: 3.1.212.0,????: 0x4bfd07c8
?????: 0x40000015
????: 0x0002085c
??????????: 0x1064
???????????: 0xPMMdatamgr.exe0
?????????: PMMdatamgr.exe1
???????: PMMdatamgr.exe2
?????: PMMdatamgr.exe3

Error: (11/11/2012 06:41:39 PM) (Source: Application Error) (User: )
Description: ?????????: PMMdatamgr.exe,??: 3.1.212.0,????: 0x4bfd07df
???????: sysenv.dll,??: 3.1.212.0,????: 0x4bfd07c8
?????: 0x40000015
????: 0x0002085c
??????????: 0xd6c
???????????: 0xPMMdatamgr.exe0
?????????: PMMdatamgr.exe1
???????: PMMdatamgr.exe2
?????: PMMdatamgr.exe3

Error: (11/09/2012 11:54:53 PM) (Source: Application Error) (User: )
Description: ?????????: PMMdatamgr.exe,??: 3.1.212.0,????: 0x4bfd07df
???????: sysenv.dll,??: 3.1.212.0,????: 0x4bfd07c8
?????: 0x40000015
????: 0x0002085c
??????????: 0xf4c
???????????: 0xPMMdatamgr.exe0
?????????: PMMdatamgr.exe1
???????: PMMdatamgr.exe2
?????: PMMdatamgr.exe3

Error: (10/29/2012 11:56:13 PM) (Source: Application Error) (User: )
Description: ?????????: CivilizationV_DX11.exe,??: 1.0.1.705,????: 0x4febeef5
???????: CivilizationV_DX11.exe,??: 1.0.1.705,????: 0x4febeef5
?????: 0xc0000005
????: 0x00371462
??????????: 0x1700
???????????: 0xCivilizationV_DX11.exe0
?????????: CivilizationV_DX11.exe1
???????: CivilizationV_DX11.exe2
?????: CivilizationV_DX11.exe3

Error: (10/29/2012 00:20:27 AM) (Source: Application Error) (User: )
Description: ?????????: CivilizationV_DX11.exe,??: 1.0.1.705,????: 0x4febeef5
???????: CivilizationV_DX11.exe,??: 1.0.1.705,????: 0x4febeef5
?????: 0xc0000005
????: 0x00371462
??????????: 0x1694
???????????: 0xCivilizationV_DX11.exe0
?????????: CivilizationV_DX11.exe1
???????: CivilizationV_DX11.exe2
?????: CivilizationV_DX11.exe3

Error: (10/26/2012 02:04:43 PM) (Source: SideBySide) (User: )
Description: "assemblyIdentity1" ??????????????????? "assemblyIdentity2" ?? assemblyIdentity3 ??????
?? "assemblyIdentity" ?? "version" ?? "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" ????

Error: (10/26/2012 01:29:19 PM) (Source: SideBySide) (User: )
Description: "assemblyIdentity1" ??????????????????? "assemblyIdentity2" ?? assemblyIdentity3 ??????
?? "assemblyIdentity" ?? "version" ?? "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" ????

Error: (10/24/2012 02:42:56 PM) (Source: CVHSVC) (User: )
Description: ????
(Patch task for {90140011-0066-0404-0000-0000000FF1CE}): DownloadLatest Failed: ????

Error: (10/23/2012 06:19:33 PM) (Source: Application Error) (User: )
Description: ?????????: CivilizationV_DX11.exe,??: 1.0.1.705,????: 0x4febeef5
???????: CivilizationV_DX11.exe,??: 1.0.1.705,????: 0x4febeef5
?????: 0xc0000005
????: 0x00371462
??????????: 0xd28
???????????: 0xCivilizationV_DX11.exe0
?????????: CivilizationV_DX11.exe1
???????: CivilizationV_DX11.exe2
?????: CivilizationV_DX11.exe3

Error: (10/23/2012 11:01:06 AM) (Source: SideBySide) (User: )
Description: "assemblyIdentity1" ??????????????????? "assemblyIdentity2" ?? assemblyIdentity3 ??????
?? "assemblyIdentity" ?? "version" ?? "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" ????

System errors:
=============
Error: (11/12/2012 06:46:07 PM) (Source: BROWSER) (User: )
Description: ???????????? \Device\NetBT_Tcpip_{F624C962-EE0B-4142-8B3F-7A98B3646F48} ??????????
??????????

Error: (11/12/2012 06:44:54 PM) (Source: Service Control Manager) (User: )
Description: Intel(R) Management & Security Application User Notification Service ????? Intel(R) Management and Security Application Local Management Service ???????????????:
%%1053

Error: (11/12/2012 06:44:54 PM) (Source: Service Control Manager) (User: )
Description: Intel(R) Management and Security Application Local Management Service ??????,??????:
%%1053

Error: (11/12/2012 06:44:54 PM) (Source: Service Control Manager) (User: )
Description: ?? Intel(R) Management and Security Application Local Management Service ????????? (30000 ??)?

Error: (11/12/2012 06:42:50 PM) (Source: Service Control Manager) (User: )
Description: ???????????????????:
ProtectorA

Error: (11/12/2012 06:42:17 PM) (Source: Service Control Manager) (User: )
Description: Intel(R) Management and Security Application Local Management Service ??????,??????:
%%1053

Error: (11/12/2012 06:42:17 PM) (Source: Service Control Manager) (User: )
Description: ?? Intel(R) Management and Security Application Local Management Service ????????? (30000 ??)?

Error: (11/12/2012 06:42:16 PM) (Source: Service Control Manager) (User: )
Description: Bonjour Service ?????????? %%10107 ????

Error: (11/11/2012 09:58:55 PM) (Source: Service Control Manager) (User: )
Description: ?? NTI IScheduleSvc ???????????? (30000 ??)?

Error: (11/11/2012 09:58:24 PM) (Source: Service Control Manager) (User: )
Description: ?? NTI IScheduleSvc ???????????? (30000 ??)?

Microsoft Office Sessions:
=========================
Error: (11/12/2012 06:42:57 PM) (Source: Application Error)(User: )
Description: PMMdatamgr.exe3.1.212.04bfd07dfsysenv.dll3.1.212.04bfd07c8400000150002085c106401cdc0c272ad5c8eC:\Program Files (x86)\EgisTec MyWinLocker\x86\PMMdatamgr.exeC:\Program Files (x86)\EgisTec MyWinLocker\x86\sysenv.dllb828cf13-2cb5-11e2-b4d7-60eb694bbc19

Error: (11/11/2012 06:41:39 PM) (Source: Application Error)(User: )
Description: PMMdatamgr.exe3.1.212.04bfd07dfsysenv.dll3.1.212.04bfd07c8400000150002085cd6c01cdbff913414b58C:\Program Files (x86)\EgisTec MyWinLocker\x86\PMMdatamgr.exeC:\Program Files (x86)\EgisTec MyWinLocker\x86\sysenv.dll5f86c828-2bec-11e2-ab62-60eb694bbc19

Error: (11/09/2012 11:54:53 PM) (Source: Application Error)(User: )
Description: PMMdatamgr.exe3.1.212.04bfd07dfsysenv.dll3.1.212.04bfd07c8400000150002085cf4c01cdbe927b50437fC:\Program Files (x86)\EgisTec MyWinLocker\x86\PMMdatamgr.exeC:\Program Files (x86)\EgisTec MyWinLocker\x86\sysenv.dllcc9e250b-2a85-11e2-aabc-60eb694bbc19

Error: (10/29/2012 11:56:13 PM) (Source: Application Error)(User: )
Description: CivilizationV_DX11.exe1.0.1.7054febeef5CivilizationV_DX11.exe1.0.1.7054febeef5c000000500371462170001cdb5e38e641fd4C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization V\CivilizationV_DX11.exeC:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization V\CivilizationV_DX11.exe29d6989e-21e1-11e2-92fe-60eb694bbc19

Error: (10/29/2012 00:20:27 AM) (Source: Application Error)(User: )
Description: CivilizationV_DX11.exe1.0.1.7054febeef5CivilizationV_DX11.exe1.0.1.7054febeef5c000000500371462169401cdb50e9abdef0bC:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization V\CivilizationV_DX11.exeC:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization V\CivilizationV_DX11.exe61a1ac26-211b-11e2-9a54-60eb694bbc19

Error: (10/26/2012 02:04:43 PM) (Source: SideBySide)(User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3

Error: (10/26/2012 01:29:19 PM) (Source: SideBySide)(User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3

Error: (10/24/2012 02:42:56 PM) (Source: CVHSVC)(User: )
Description: (Patch task for {90140011-0066-0404-0000-0000000FF1CE}): DownloadLatest Failed: ????

Error: (10/23/2012 06:19:33 PM) (Source: Application Error)(User: )
Description: CivilizationV_DX11.exe1.0.1.7054febeef5CivilizationV_DX11.exe1.0.1.7054febeef5c000000500371462d2801cdb0c0f5cffe3cC:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization V\CivilizationV_DX11.exeC:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization V\CivilizationV_DX11.exe232c2909-1cfb-11e2-8b10-60eb694bbc19

Error: (10/23/2012 11:01:06 AM) (Source: SideBySide)(User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3

CodeIntegrity Errors:
===================================
Date: 2012-11-12 18:42:03.671
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\SysWOW64\drivers\ProtectorA.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-11-12 18:42:03.640
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\SysWOW64\drivers\ProtectorA.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-11-11 20:01:10.797
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\SysWOW64\drivers\ProtectorA.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-11-11 20:01:10.782
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\SysWOW64\drivers\ProtectorA.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-11-11 19:57:35.296
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\SysWOW64\drivers\ProtectorA.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-11-11 19:57:35.281
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\SysWOW64\drivers\ProtectorA.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-11-11 18:40:52.827
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\SysWOW64\drivers\ProtectorA.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-11-11 18:40:52.796
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\SysWOW64\drivers\ProtectorA.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-11-10 00:17:26.030
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\SysWOW64\drivers\ProtectorA.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-11-10 00:17:25.998
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\SysWOW64\drivers\ProtectorA.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

=========================== Installed Programs ============================

ÖÐ¹úÒøÐÐÍøÉÏÒøÐÐ°²È«¿Ø¼þ 1.5
µTorrent (Version: 2.2.1)
64 Bit HP CIO Components Installer (Version: 8.2.2)
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
Acer Backup Manager (Version: 2.0.0.68)
Acer Crystal Eye webcam (Version: 1.0.3.7)
Acer ePower Management (Version: 5.00.3005)
Acer eRecovery Management (Version: 4.05.3013)
Acer Registration (Version: 1.03.3003)
Acer ScreenSaver (Version: 1.1.0120.2010)
Acer Updater (Version: 1.02.3001)
Adobe Flash Player 11 ActiveX (Version: 11.4.402.287)
Adobe Flash Player 11 Plugin (Version: 11.4.402.287)
Adobe Reader 9.1 MUI (Version: 9.1.0)
Alcor Micro USB Card Reader (Version: 1.9.17.06019)
Apple Application Support (Version: 1.5.2)
Apple Mobile Device Support (Version: 3.4.1.2)
Apple Software Update (Version: 2.1.3.127)
Astrill
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (Version: 1.0.0.31)
AutoCAD 2010 - English (Version: 18.0.55.0)
AutoCAD 2010 Language Pack - English (Version: 18.0.55.0)
Avira Free Antivirus (Version: 12.0.0.1199)
Backup Manager Basic (Version: 2.0.0.68)
BOCNET Security Applet 1.5
Bonjour (Version: 2.0.5.0)
D3DX10 (Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dropbox (Version: 1.4.7)
eReg (Version: 1.20.138.34)
ERUNT 1.1j
Google SketchUp Pro 8 (Version: 3.0.3117)
HP Deskjet 1000 J110 series ?? (Version: 140.0.65.65)
HP Deskjet 1000 J110 series ?????? (Version: 22.50.231.0)
HP Update (Version: 5.002.006.003)
Identity Card (Version: 1.00.3003)
Intel(R) Control Center (Version: 1.2.1.1007)
Intel(R) Graphics Media Accelerator Driver (Version: 8.15.10.2119)
Intel(R) Management Engine Components (Version: 6.0.0.1179)
Intel(R) Rapid Storage Technology (Version: 9.6.0.1014)
Intel(R) Turbo Boost ????? (Version: 1.0.186.6)
iTunes (Version: 10.3.1.55)
Java Auto Updater (Version: 2.0.7.2)
Java(TM) 6 Update 37 (Version: 6.0.370)
JDownloader 0.9 (Version: 0.9)
Junk Mail filter update (Version: 15.4.3502.0922)
Launch Manager (Version: 4.0.12)
Malwarebytes Anti-Malware version 1.65.1.1000 (Version: 1.65.1.1000)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile ???????? (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile CHT Language Pack (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office ???? 2010 (Version: 14.0.4763.1000)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Home and Student 2010 (Version: 14.0.4763.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.4763.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.4763.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.4763.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Single Image 2010 (Version: 14.0.4763.1000)
Microsoft Office Starter 2010 - ?? (??) (Version: 14.0.4763.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Silverlight (Version: 4.1.10111.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Mozilla Firefox 16.0.2 (x86 en-US) (Version: 16.0.2)
Mozilla Maintenance Service (Version: 16.0.2)
Mozilla Thunderbird (7.0) (Version: 7.0 (en-US))
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MyWinLocker (Version: 3.1.212.0)
MyWinLocker Suite (Version: 3.1.212.0)
Norton Online Backup (Version: 2.1.17869)
NTI Backup Now 5 (Version: 5.1.2.630)
NTI Backup Now Standard (Version: 5.1.2.630)
NTI Media Maker 8 (Version: 8.0.12.6636)
NVIDIA Install Application (Version: 2.270.54.0)
NVIDIA PhysX (Version: 9.10.0514)
NVIDIA PhysX ???? 9.10.0514 (Version: 9.10.0514)
Optical Drive Power Management (Version: 1.01.3007)
QuickTime (Version: 7.69.80.9)
Realtek High Definition Audio Driver (Version: 6.0.1.6141)
Sandboxie 3.56 (64-bit)
Shredder (Version: 2.0.8.3)
Sid Meier's Civilization V
Steam (Version: 1.0.0.0)
Synaptics Pointing Device Driver (Version: 15.0.18.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft Excel 2010 (KB2553439) 32-Bit Edition
Update for Microsoft Office 2010 (KB2202188)
Update for Microsoft Office 2010 (KB2413186)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2523113)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553323) 32-Bit Edition
Update for Microsoft Outlook Social Connector (KB2583935)
VirtualCloneDrive
VLC media player 1.1.11 (Version: 1.1.11)
Welcome Center (Version: 1.02.3002)
WIDCOMM Bluetooth Software (Version: 6.3.0.6000)
Windows Live ??? (Version: 15.4.3502.0922)
Windows Live ??? (Version: 15.4.3538.0513)
Windows Live ???? (Version: 15.4.3502.0922)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3538.0513)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
WinHTTrack Website Copier 3.44-1 (x64) (Version: 3.44.1)
WinRAR 4.00 (64-bit) (Version: 4.00.0)

**** End of log ****

Thread: Please help with Chinese ad at lower right corner

Thread Tools

Display

Please help with Chinese ad at lower right corner

Posting Permissions