Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Unable to turn on windows firewalls


  • Please log in to reply
9 replies to this topic

#1 icemaxwell

icemaxwell

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:03:59 PM

Posted 09 January 2013 - 03:14 AM

I got a virus several months ago. I had been trying to turn on my windows firewall or allow a program through windows firewall but it says "Due to an unidentified problem, Windows cannot display Windows firewall settings." It gave me more problems when i tried to update the settings and it says "Windows Firewall was unable to make the requested updates."

please help me
thanks

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:59 PM

Posted 09 January 2013 - 08:20 AM

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

#3 icemaxwell

icemaxwell
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:03:59 PM

Posted 12 January 2013 - 01:50 AM

Farbar Service Scanner Version: 05-01-2013
Ran by xxxx (administrator) on 11-01-2013 at 22:48:53
Running from "C:\Users\xxxx\Documents\Desktop\Downloads\Downloads"
Windows Vista ™ Home Premium Service Pack 2 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Attempt to access Google IP returned error. Google IP is offline
Attempt to access Google.com returned error: Google.com is offline
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.

MpsSvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking LEGACY_MpsSvc: ATTENTION!=====> Unable to open LEGACY_MpsSvc\0000 registry key. The key does not exist.

bfe Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking LEGACY_bfe: ATTENTION!=====> Unable to open LEGACY_bfe\0000 registry key. The key does not exist.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============
wscsvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking LEGACY_wscsvc: ATTENTION!=====> Unable to open LEGACY_wscsvc\0000 registry key. The key does not exist.


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============
Checking Start type of iphlpsvc: ATTENTION!=====> Unable to open iphlpsvc registry key. The service key does not exist.
Checking ImagePath of iphlpsvc: ATTENTION!=====> Unable to open iphlpsvc registry key. The service key does not exist.
Checking ServiceDll of iphlpsvc: ATTENTION!=====> Unable to open iphlpsvc registry key. The service key does not exist.


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcsvc.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\ipnathlp.dll => MD5 is legit
C:\Windows\system32\iphlpsvc.dll => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****


Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.



#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:59 PM

Posted 12 January 2013 - 02:06 AM

Lets check for malware before fixing it

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#5 icemaxwell

icemaxwell
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:03:59 PM

Posted 12 January 2013 - 05:22 AM

Log from tdsskiller

23:18:36.0692 5184 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
23:18:37.0466 5184 ============================================================
23:18:37.0466 5184 Current date / time: 2013/01/11 23:18:37.0466
23:18:37.0466 5184 SystemInfo:
23:18:37.0466 5184
23:18:37.0466 5184 OS Version: 6.0.6002 ServicePack: 2.0
23:18:37.0466 5184 Product type: Workstation
23:18:37.0466 5184 ComputerName: xxxx-PC
23:18:37.0466 5184 UserName: xxxx
23:18:37.0466 5184 Windows directory: C:\Windows
23:18:37.0466 5184 System windows directory: C:\Windows
23:18:37.0467 5184 Processor architecture: Intel x86
23:18:37.0467 5184 Number of processors: 2
23:18:37.0467 5184 Page size: 0x1000
23:18:37.0467 5184 Boot type: Normal boot
23:18:37.0467 5184 ============================================================
23:18:39.0932 5184 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
23:18:39.0934 5184 ============================================================
23:18:39.0934 5184 \Device\Harddisk0\DR0:
23:18:39.0934 5184 MBR partitions:
23:18:39.0934 5184 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1388800, BlocksNum 0x8B4A800
23:18:39.0934 5184 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x9ED3000, BlocksNum 0x8B46000
23:18:39.0934 5184 ============================================================
23:18:40.0006 5184 C: <-> \Device\Harddisk0\DR0\Partition1
23:18:40.0112 5184 D: <-> \Device\Harddisk0\DR0\Partition2
23:18:40.0112 5184 ============================================================
23:18:40.0112 5184 Initialize success
23:18:40.0112 5184 ============================================================
23:18:43.0010 7648 ============================================================
23:18:43.0010 7648 Scan started
23:18:43.0010 7648 Mode: Manual;
23:18:43.0010 7648 ============================================================
23:18:43.0738 7648 ================ Scan system memory ========================
23:18:43.0739 7648 System memory - ok
23:18:43.0739 7648 ================ Scan services =============================
23:18:43.0753 7648 .dtsoftbus01 - ok
23:18:44.0037 7648 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys
23:18:44.0096 7648 ACPI - ok
23:18:44.0235 7648 [ A09A61CFDE15E5A67701EA812CE3F43F ] Ad-Aware Service C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe
23:18:44.0258 7648 Ad-Aware Service - ok
23:18:44.0360 7648 [ 62B7936F9036DD6ED36E6A7EFA805DC0 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
23:18:44.0362 7648 AdobeARMservice - ok
23:18:44.0409 7648 [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
23:18:44.0418 7648 adp94xx - ok
23:18:44.0447 7648 [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci C:\Windows\system32\drivers\adpahci.sys
23:18:44.0453 7648 adpahci - ok
23:18:44.0475 7648 [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
23:18:44.0478 7648 adpu160m - ok
23:18:44.0497 7648 [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
23:18:44.0501 7648 adpu320 - ok
23:18:44.0542 7648 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
23:18:44.0544 7648 AeLookupSvc - ok
23:18:44.0618 7648 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys
23:18:44.0620 7648 AFD - ok
23:18:44.0653 7648 [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440 C:\Windows\system32\drivers\agp440.sys
23:18:44.0655 7648 agp440 - ok
23:18:44.0672 7648 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
23:18:44.0674 7648 aic78xx - ok
23:18:44.0693 7648 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
23:18:44.0695 7648 ALG - ok
23:18:44.0713 7648 [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide C:\Windows\system32\drivers\aliide.sys
23:18:44.0715 7648 aliide - ok
23:18:44.0733 7648 [ C47344BC706E5F0B9DCE369516661578 ] amdagp C:\Windows\system32\drivers\amdagp.sys
23:18:44.0735 7648 amdagp - ok
23:18:44.0755 7648 [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide C:\Windows\system32\drivers\amdide.sys
23:18:44.0756 7648 amdide - ok
23:18:44.0774 7648 [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
23:18:44.0776 7648 AmdK7 - ok
23:18:44.0800 7648 [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
23:18:44.0802 7648 AmdK8 - ok
23:18:44.0835 7648 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
23:18:44.0836 7648 Appinfo - ok
23:18:44.0865 7648 [ 5D2888182FB46632511ACEE92FDAD522 ] arc C:\Windows\system32\drivers\arc.sys
23:18:44.0868 7648 arc - ok
23:18:44.0916 7648 [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas C:\Windows\system32\drivers\arcsas.sys
23:18:44.0918 7648 arcsas - ok
23:18:44.0934 7648 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
23:18:44.0935 7648 AsyncMac - ok
23:18:44.0971 7648 [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi C:\Windows\system32\drivers\atapi.sys
23:18:44.0971 7648 atapi - ok
23:18:45.0025 7648 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
23:18:45.0031 7648 AudioEndpointBuilder - ok
23:18:45.0040 7648 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll
23:18:45.0043 7648 Audiosrv - ok
23:18:45.0082 7648 [ D30B785AB801A0E2B0AD922D66F971F3 ] Avgfwfd C:\Windows\system32\DRIVERS\avgfwd6x.sys
23:18:45.0084 7648 Avgfwfd - ok
23:18:45.0091 7648 AVGIDSDrivervtx - ok
23:18:45.0125 7648 [ AB37408508B9754E657EC3A7D8AF9E5C ] AVGIDSErHrvtx C:\Windows\system32\Drivers\AVGIDSvx.sys
23:18:45.0126 7648 AVGIDSErHrvtx - ok
23:18:45.0131 7648 AVGIDSFiltervtx - ok
23:18:45.0138 7648 AVGIDSShimvtx - ok
23:18:45.0219 7648 [ 57D83B82117C2DDB9D7E9AEA691CEDFC ] avgtp C:\Windows\system32\drivers\avgtpx86.sys
23:18:45.0324 7648 avgtp - ok
23:18:45.0455 7648 [ AA6B367CA7DA571DFC3374EC137D87A5 ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
23:18:45.0498 7648 b57nd60x - ok
23:18:45.0618 7648 [ 6163664C7E9CD110AF70180C126C3FDC ] BcmSqlStartupSvc C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
23:18:45.0621 7648 BcmSqlStartupSvc - ok
23:18:45.0636 7648 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
23:18:45.0637 7648 Beep - ok
23:18:45.0703 7648 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\System32\qmgr.dll
23:18:45.0710 7648 BITS - ok
23:18:45.0742 7648 [ D4DF28447741FD3D953526E33A617397 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
23:18:45.0744 7648 blbdrive - ok
23:18:45.0793 7648 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys
23:18:45.0795 7648 bowser - ok
23:18:45.0820 7648 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
23:18:45.0821 7648 BrFiltLo - ok
23:18:45.0842 7648 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
23:18:45.0844 7648 BrFiltUp - ok
23:18:45.0878 7648 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
23:18:45.0881 7648 Browser - ok
23:18:45.0903 7648 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
23:18:45.0906 7648 Brserid - ok
23:18:45.0924 7648 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
23:18:45.0926 7648 BrSerWdm - ok
23:18:45.0945 7648 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
23:18:45.0946 7648 BrUsbMdm - ok
23:18:45.0984 7648 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
23:18:45.0985 7648 BrUsbSer - ok
23:18:46.0011 7648 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
23:18:46.0013 7648 BTHMODEM - ok
23:18:46.0046 7648 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
23:18:46.0048 7648 cdfs - ok
23:18:46.0090 7648 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
23:18:46.0093 7648 cdrom - ok
23:18:46.0136 7648 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll
23:18:46.0138 7648 CertPropSvc - ok
23:18:46.0161 7648 [ E5D4133F37219DBCFE102BC61072589D ] circlass C:\Windows\system32\drivers\circlass.sys
23:18:46.0163 7648 circlass - ok
23:18:46.0232 7648 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys
23:18:46.0238 7648 CLFS - ok
23:18:46.0328 7648 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:18:46.0331 7648 clr_optimization_v2.0.50727_32 - ok
23:18:46.0410 7648 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:18:46.0413 7648 clr_optimization_v4.0.30319_32 - ok
23:18:46.0430 7648 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
23:18:46.0431 7648 CmBatt - ok
23:18:46.0451 7648 [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide C:\Windows\system32\drivers\cmdide.sys
23:18:46.0452 7648 cmdide - ok
23:18:46.0484 7648 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
23:18:46.0485 7648 Compbatt - ok
23:18:46.0492 7648 COMSysApp - ok
23:18:46.0501 7648 [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
23:18:46.0503 7648 crcdisk - ok
23:18:46.0518 7648 [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe C:\Windows\system32\drivers\crusoe.sys
23:18:46.0521 7648 Crusoe - ok
23:18:46.0578 7648 [ F1E8C34892336D33EDDCDFE44E474F64 ] CryptSvc C:\Windows\system32\cryptsvc.dll
23:18:46.0579 7648 CryptSvc - ok
23:18:46.0654 7648 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll
23:18:46.0661 7648 DcomLaunch - ok
23:18:46.0716 7648 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
23:18:46.0719 7648 DfsC - ok
23:18:46.0819 7648 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe
23:18:46.0884 7648 DFSR - ok
23:18:46.0933 7648 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll
23:18:46.0936 7648 Dhcp - ok
23:18:46.0986 7648 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys
23:18:46.0988 7648 disk - ok
23:18:47.0024 7648 [ 73BAF270D24FE726B9CD7F80BB17A23D ] DKbFltr C:\Windows\system32\DRIVERS\DKbFltr.sys
23:18:47.0026 7648 DKbFltr - ok
23:18:47.0052 7648 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll
23:18:47.0054 7648 Dnscache - ok
23:18:47.0081 7648 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll
23:18:47.0085 7648 dot3svc - ok
23:18:47.0123 7648 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
23:18:47.0127 7648 DPS - ok
23:18:47.0153 7648 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
23:18:47.0154 7648 drmkaud - ok
23:18:47.0200 7648 [ 555E54AC2F601A8821CEF58961653991 ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
23:18:47.0205 7648 dtsoftbus01 - ok
23:18:47.0273 7648 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
23:18:47.0285 7648 DXGKrnl - ok
23:18:47.0325 7648 [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
23:18:47.0328 7648 E1G60 - ok
23:18:47.0335 7648 EagleNT - ok
23:18:47.0388 7648 [ 94D11B43F5F8F9D557BC677A8FC7C113 ] EagleXNt C:\Windows\system32\drivers\EagleXNt.sys
23:18:47.0398 7648 EagleXNt - ok
23:18:47.0424 7648 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
23:18:47.0426 7648 EapHost - ok
23:18:47.0468 7648 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys
23:18:47.0471 7648 Ecache - ok
23:18:47.0580 7648 [ 668DCA122FFC7F10BECA6055E15FFABD ] eDataSecurity Service C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
23:18:47.0590 7648 eDataSecurity Service - ok
23:18:47.0625 7648 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
23:18:47.0631 7648 ehRecvr - ok
23:18:47.0650 7648 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
23:18:47.0652 7648 ehSched - ok
23:18:47.0665 7648 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
23:18:47.0667 7648 ehstart - ok
23:18:47.0703 7648 [ E28516FED46251119ADDAF4CF33BA401 ] eLockService C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
23:18:47.0738 7648 eLockService - ok
23:18:47.0782 7648 [ 23B62471681A124889978F6295B3F4C6 ] elxstor C:\Windows\system32\drivers\elxstor.sys
23:18:47.0789 7648 elxstor - ok
23:18:47.0859 7648 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
23:18:47.0870 7648 EMDMgmt - ok
23:18:47.0919 7648 [ 44E8E86CEEB0D9F0F934B5EDC21E0444 ] eNet Service C:\Acer\Empowering Technology\eNet\eNet Service.exe
23:18:48.0112 7648 eNet Service - ok
23:18:48.0166 7648 [ 59FCCAF915BA89DD98CADF08DA91AFEE ] eRecoveryService C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
23:18:48.0193 7648 eRecoveryService - ok
23:18:48.0233 7648 [ 3DB974F3935483555D7148663F726C61 ] ErrDev C:\Windows\system32\drivers\errdev.sys
23:18:48.0234 7648 ErrDev - ok
23:18:48.0274 7648 [ A9745687A57CDD71237915859ABA8DAC ] eSettingsService C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
23:18:48.0292 7648 eSettingsService - ok
23:18:48.0361 7648 esgiguard - ok
23:18:48.0442 7648 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll
23:18:48.0446 7648 EventSystem - ok
23:18:48.0564 7648 [ 54B6E150BFF4A47EB0D204119D262E46 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
23:18:48.0580 7648 EvtEng - ok
23:18:48.0624 7648 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys
23:18:48.0627 7648 exfat - ok
23:18:48.0664 7648 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys
23:18:48.0667 7648 fastfat - ok
23:18:48.0694 7648 [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
23:18:48.0695 7648 fdc - ok
23:18:48.0726 7648 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
23:18:48.0728 7648 fdPHost - ok
23:18:48.0742 7648 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
23:18:48.0744 7648 FDResPub - ok
23:18:48.0770 7648 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
23:18:48.0772 7648 FileInfo - ok
23:18:48.0796 7648 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
23:18:48.0797 7648 Filetrace - ok
23:18:48.0819 7648 [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
23:18:48.0820 7648 flpydisk - ok
23:18:48.0861 7648 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
23:18:48.0865 7648 FltMgr - ok
23:18:48.0929 7648 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32\FntCache.dll
23:18:48.0945 7648 FontCache - ok
23:18:49.0022 7648 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
23:18:49.0024 7648 FontCache3.0.0.0 - ok
23:18:49.0067 7648 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
23:18:49.0068 7648 Fs_Rec - ok
23:18:49.0102 7648 [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
23:18:49.0104 7648 gagp30kx - ok
23:18:49.0149 7648 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll
23:18:49.0160 7648 gpsvc - ok
23:18:49.0289 7648 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
23:18:49.0291 7648 gupdate - ok
23:18:49.0301 7648 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
23:18:49.0303 7648 gupdatem - ok
23:18:49.0328 7648 [ 00127E2E527ED8DE07F3B5AC59028317 ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
23:18:49.0333 7648 gusvc - ok
23:18:49.0424 7648 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
23:18:49.0437 7648 HdAudAddService - ok
23:18:49.0512 7648 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
23:18:49.0536 7648 HDAudBus - ok
23:18:49.0570 7648 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
23:18:49.0571 7648 HidBth - ok
23:18:49.0602 7648 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
23:18:49.0614 7648 HidIr - ok
23:18:49.0654 7648 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\system32\hidserv.dll
23:18:49.0656 7648 hidserv - ok
23:18:49.0695 7648 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
23:18:49.0696 7648 HidUsb - ok
23:18:49.0724 7648 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
23:18:49.0728 7648 hkmsvc - ok
23:18:49.0756 7648 [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
23:18:49.0758 7648 HpCISSs - ok
23:18:49.0833 7648 [ 46D67209550973257601A533E2AC5785 ] HSFHWAZL C:\Windows\system32\DRIVERS\VSTAZL3.SYS
23:18:49.0838 7648 HSFHWAZL - ok
23:18:49.0894 7648 [ EC36F1D542ED4252390D446BF6D4DFD0 ] HSF_DPV C:\Windows\system32\DRIVERS\VSTDPV3.SYS
23:18:49.0913 7648 HSF_DPV - ok
23:18:49.0919 7648 HSXHWAZL - ok
23:18:49.0964 7648 [ F870AA3E254628EBEAFE754108D664DE ] HTTP C:\Windows\system32\drivers\HTTP.sys
23:18:49.0972 7648 HTTP - ok
23:18:50.0001 7648 [ C6B032D69650985468160FC9937CF5B4 ] i2omp C:\Windows\system32\drivers\i2omp.sys
23:18:50.0002 7648 i2omp - ok
23:18:50.0020 7648 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
23:18:50.0022 7648 i8042prt - ok
23:18:50.0090 7648 [ 72B53E9C8924949DEC8F3799BCBA2251 ] IAANTMON C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
23:18:50.0109 7648 IAANTMON - ok
23:18:50.0133 7648 [ E5A0034847537EAEE3C00349D5C34C5F ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
23:18:50.0156 7648 iaStor - ok
23:18:50.0194 7648 [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
23:18:50.0199 7648 iaStorV - ok
23:18:50.0500 7648 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
23:18:50.0546 7648 idsvc - ok
23:18:50.0682 7648 [ 9378D57E2B96C0A185D844770AD49948 ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
23:18:50.0756 7648 igfx - ok
23:18:50.0773 7648 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
23:18:50.0775 7648 iirsp - ok
23:18:50.0879 7648 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll
23:18:50.0921 7648 IKEEXT - ok
23:18:50.0950 7648 [ C6E5276C00EBDEB096BB5EF4B797D1B6 ] int15 C:\Windows\system32\drivers\int15.sys
23:18:50.0952 7648 int15 - ok
23:18:51.0037 7648 [ B795745F7E51AA20D46753EC5A811ACA ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
23:18:51.0103 7648 IntcAzAudAddService - ok
23:18:51.0113 7648 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\drivers\intelide.sys
23:18:51.0115 7648 intelide - ok
23:18:51.0129 7648 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
23:18:51.0131 7648 intelppm - ok
23:18:51.0152 7648 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
23:18:51.0155 7648 IPBusEnum - ok
23:18:51.0192 7648 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:18:51.0215 7648 IpFilterDriver - ok
23:18:51.0221 7648 IpInIp - ok
23:18:51.0242 7648 [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
23:18:51.0245 7648 IPMIDRV - ok
23:18:51.0270 7648 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
23:18:51.0275 7648 IPNAT - ok
23:18:51.0292 7648 [ E50A95179211B12946F7E035D60AF560 ] irda C:\Windows\system32\DRIVERS\irda.sys
23:18:51.0295 7648 irda - ok
23:18:51.0311 7648 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
23:18:51.0312 7648 IRENUM - ok
23:18:51.0329 7648 [ CBB0D940221A281BCFEAEA695BD1CDA5 ] Irmon C:\Windows\System32\irmon.dll
23:18:51.0331 7648 Irmon - ok
23:18:51.0356 7648 [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp C:\Windows\system32\drivers\isapnp.sys
23:18:51.0358 7648 isapnp - ok
23:18:51.0416 7648 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
23:18:51.0422 7648 iScsiPrt - ok
23:18:51.0446 7648 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
23:18:51.0448 7648 iteatapi - ok
23:18:51.0468 7648 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
23:18:51.0470 7648 iteraid - ok
23:18:51.0497 7648 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
23:18:51.0500 7648 kbdclass - ok
23:18:51.0517 7648 [ 18247836959BA67E3511B62846B9C2E0 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
23:18:51.0519 7648 kbdhid - ok
23:18:51.0545 7648 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe
23:18:51.0547 7648 KeyIso - ok
23:18:51.0593 7648 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
23:18:51.0602 7648 KSecDD - ok
23:18:51.0640 7648 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
23:18:51.0649 7648 KtmRm - ok
23:18:51.0677 7648 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\system32\srvsvc.dll
23:18:51.0683 7648 LanmanServer - ok
23:18:51.0739 7648 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
23:18:51.0747 7648 LanmanWorkstation - ok
23:18:51.0795 7648 [ 793FF718477345CD5D232C50BED1E452 ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
23:18:51.0797 7648 LightScribeService - ok
23:18:51.0825 7648 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
23:18:51.0859 7648 lltdio - ok
23:18:51.0891 7648 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
23:18:51.0897 7648 lltdsvc - ok
23:18:51.0922 7648 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
23:18:51.0924 7648 lmhosts - ok
23:18:51.0945 7648 [ C7E15E82879BF3235B559563D4185365 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
23:18:51.0947 7648 LSI_FC - ok
23:18:51.0956 7648 [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
23:18:51.0959 7648 LSI_SAS - ok
23:18:51.0972 7648 [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
23:18:51.0975 7648 LSI_SCSI - ok
23:18:52.0013 7648 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
23:18:52.0016 7648 luafv - ok
23:18:52.0033 7648 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
23:18:52.0037 7648 Mcx2Svc - ok
23:18:52.0042 7648 mdmxsdk - ok
23:18:52.0053 7648 [ 0001CE609D66632FA17B84705F658879 ] megasas C:\Windows\system32\drivers\megasas.sys
23:18:52.0054 7648 megasas - ok
23:18:52.0082 7648 [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR C:\Windows\system32\drivers\megasr.sys
23:18:52.0090 7648 MegaSR - ok
23:18:52.0134 7648 [ 41FE2F288E05A6C8AB85DD56770FFBAD ] mferkdk C:\Windows\system32\drivers\mferkdk.sys
23:18:52.0152 7648 mferkdk - ok
23:18:52.0205 7648 [ 096B52EA918AA909BA5903D79E129005 ] mfesmfk C:\Windows\system32\drivers\mfesmfk.sys
23:18:52.0206 7648 mfesmfk - ok
23:18:52.0240 7648 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
23:18:52.0243 7648 MMCSS - ok
23:18:52.0269 7648 MobilityService - ok
23:18:52.0320 7648 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
23:18:52.0341 7648 Modem - ok
23:18:52.0371 7648 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
23:18:52.0372 7648 monitor - ok
23:18:52.0391 7648 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
23:18:52.0392 7648 mouclass - ok
23:18:52.0406 7648 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
23:18:52.0408 7648 mouhid - ok
23:18:52.0425 7648 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
23:18:52.0427 7648 MountMgr - ok
23:18:52.0492 7648 [ EE728AF83850DDAD9A3FCAC0AAB3AD97 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
23:18:52.0509 7648 MpFilter - ok
23:18:52.0534 7648 [ 511D011289755DD9F9A7579FB0B064E6 ] mpio C:\Windows\system32\drivers\mpio.sys
23:18:52.0537 7648 mpio - ok
23:18:52.0709 7648 [ A69630D039C38018689190234F866D77 ] MpKsl1e43cbc4 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{622754C4-DBEE-441E-A4DC-44B167920598}\MpKsl1e43cbc4.sys
23:18:52.0709 7648 MpKsl1e43cbc4 - ok
23:18:52.0762 7648 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
23:18:52.0763 7648 mpsdrv - ok
23:18:52.0799 7648 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
23:18:52.0817 7648 Mraid35x - ok
23:18:52.0849 7648 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
23:18:52.0852 7648 MRxDAV - ok
23:18:52.0915 7648 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
23:18:52.0918 7648 mrxsmb - ok
23:18:52.0966 7648 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:18:52.0987 7648 mrxsmb10 - ok
23:18:52.0994 7648 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:18:52.0997 7648 mrxsmb20 - ok
23:18:53.0047 7648 [ 28023E86F17001F7CD9B15A5BC9AE07D ] msahci C:\Windows\system32\drivers\msahci.sys
23:18:53.0062 7648 msahci - ok
23:18:53.0087 7648 [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm C:\Windows\system32\drivers\msdsm.sys
23:18:53.0090 7648 msdsm - ok
23:18:53.0111 7648 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
23:18:53.0115 7648 MSDTC - ok
23:18:53.0154 7648 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
23:18:53.0156 7648 Msfs - ok
23:18:53.0161 7648 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
23:18:53.0163 7648 msisadrv - ok
23:18:53.0207 7648 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
23:18:53.0211 7648 MSiSCSI - ok
23:18:53.0216 7648 msiserver - ok
23:18:53.0248 7648 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
23:18:53.0250 7648 MSKSSRV - ok
23:18:53.0319 7648 [ E077FCA2A7E79FB9BF67D3E30B5CE593 ] MsMpSvc C:\Program Files\Microsoft Security Client\MsMpEng.exe
23:18:53.0335 7648 MsMpSvc - ok
23:18:53.0353 7648 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
23:18:53.0354 7648 MSPCLOCK - ok
23:18:53.0372 7648 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
23:18:53.0374 7648 MSPQM - ok
23:18:53.0422 7648 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
23:18:53.0426 7648 MsRPC - ok
23:18:53.0474 7648 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
23:18:53.0494 7648 mssmbios - ok
23:18:53.0548 7648 MSSQL$MSSMLBIZ - ok
23:18:53.0680 7648 [ 1D89EB4E2A99CABD4E81225F4F4C4B25 ] MSSQLServerADHelper C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe
23:18:53.0682 7648 MSSQLServerADHelper - ok
23:18:53.0701 7648 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
23:18:53.0702 7648 MSTEE - ok
23:18:53.0739 7648 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys
23:18:53.0754 7648 Mup - ok
23:18:53.0793 7648 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll
23:18:53.0849 7648 napagent - ok
23:18:53.0924 7648 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
23:18:53.0974 7648 NativeWifiP - ok
23:18:54.0074 7648 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys
23:18:54.0130 7648 NDIS - ok
23:18:54.0153 7648 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
23:18:54.0154 7648 NdisTapi - ok
23:18:54.0163 7648 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
23:18:54.0164 7648 Ndisuio - ok
23:18:54.0209 7648 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
23:18:54.0212 7648 NdisWan - ok
23:18:54.0223 7648 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
23:18:54.0225 7648 NDProxy - ok
23:18:54.0240 7648 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
23:18:54.0242 7648 NetBIOS - ok
23:18:54.0277 7648 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
23:18:54.0281 7648 netbt - ok
23:18:54.0289 7648 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe
23:18:54.0291 7648 Netlogon - ok
23:18:54.0350 7648 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
23:18:54.0358 7648 Netman - ok
23:18:54.0372 7648 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
23:18:54.0379 7648 netprofm - ok
23:18:54.0422 7648 [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
23:18:54.0425 7648 NetTcpPortSharing - ok
23:18:54.0527 7648 [ 35D5458D9A1B26B2005ABFFBF4C1C5E7 ] NETw3v32 C:\Windows\system32\DRIVERS\NETw3v32.sys
23:18:54.0616 7648 NETw3v32 - ok
23:18:54.0781 7648 [ 38D720E0C8B0ECB9A019980265679798 ] NETw4v32 C:\Windows\system32\DRIVERS\NETw4v32.sys
23:18:55.0013 7648 NETw4v32 - ok
23:18:55.0294 7648 [ 8DE67BD902095A13329FD82C85A1FA09 ] NETw5v32 C:\Windows\system32\DRIVERS\NETw5v32.sys
23:18:55.0404 7648 NETw5v32 - ok
23:18:55.0427 7648 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
23:18:55.0448 7648 nfrd960 - ok
23:18:55.0499 7648 [ 2CD24A6AF497D0E9B9BF3DA924ED05E6 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
23:18:55.0502 7648 NisDrv - ok
23:18:55.0546 7648 [ 3B846434055F80D9E89D0742F3ADAD34 ] NisSrv C:\Program Files\Microsoft Security Client\NisSrv.exe
23:18:55.0551 7648 NisSrv - ok
23:18:55.0585 7648 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
23:18:55.0590 7648 NlaSvc - ok
23:18:55.0640 7648 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys
23:18:55.0684 7648 Npfs - ok
23:18:55.0712 7648 [ 6D8D2E5652FC2442C810C5D8BE784148 ] NSCIRDA C:\Windows\system32\DRIVERS\nscirda.sys
23:18:55.0724 7648 NSCIRDA - ok
23:18:55.0771 7648 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
23:18:55.0774 7648 nsi - ok
23:18:55.0834 7648 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
23:18:55.0835 7648 nsiproxy - ok
23:18:55.0981 7648 [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
23:18:56.0012 7648 Ntfs - ok
23:18:56.0023 7648 [ 7F1C1F78D709C4A54CBB46EDE7E0B48D ] NTIDrvr C:\Windows\system32\DRIVERS\NTIDrvr.sys
23:18:56.0037 7648 NTIDrvr - ok
23:18:56.0056 7648 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
23:18:56.0057 7648 ntrigdigi - ok
23:18:56.0077 7648 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
23:18:56.0079 7648 Null - ok
23:18:56.0098 7648 [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid C:\Windows\system32\drivers\nvraid.sys
23:18:56.0101 7648 nvraid - ok
23:18:56.0115 7648 [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor C:\Windows\system32\drivers\nvstor.sys
23:18:56.0117 7648 nvstor - ok
23:18:56.0140 7648 [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
23:18:56.0143 7648 nv_agp - ok
23:18:56.0148 7648 NwlnkFlt - ok
23:18:56.0153 7648 NwlnkFwd - ok
23:18:56.0267 7648 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
23:18:56.0288 7648 odserv - ok
23:18:56.0327 7648 [ 6F310E890D46E246E0E261A63D9B36B4 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
23:18:56.0329 7648 ohci1394 - ok
23:18:56.0358 7648 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:18:56.0360 7648 ose - ok
23:18:56.0481 7648 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll
23:18:56.0496 7648 p2pimsvc - ok
23:18:56.0512 7648 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll
23:18:56.0519 7648 p2psvc - ok
23:18:56.0550 7648 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
23:18:56.0562 7648 Parport - ok
23:18:56.0606 7648 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys
23:18:56.0608 7648 partmgr - ok
23:18:56.0632 7648 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
23:18:56.0633 7648 Parvdm - ok
23:18:56.0664 7648 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
23:18:56.0667 7648 PcaSvc - ok
23:18:56.0706 7648 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys
23:18:56.0709 7648 pci - ok
23:18:56.0728 7648 [ FC175F5DDAB666D7F4D17449A547626F ] pciide C:\Windows\system32\drivers\pciide.sys
23:18:56.0730 7648 pciide - ok
23:18:56.0752 7648 [ 3BB2244F343B610C29C98035504C9B75 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
23:18:56.0756 7648 pcmcia - ok
23:18:56.0815 7648 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
23:18:56.0831 7648 PEAUTH - ok
23:18:56.0920 7648 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
23:18:56.0952 7648 pla - ok
23:18:57.0003 7648 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
23:18:57.0011 7648 PlugPlay - ok
23:18:57.0048 7648 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
23:18:57.0056 7648 PNRPAutoReg - ok
23:18:57.0070 7648 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll
23:18:57.0077 7648 PNRPsvc - ok
23:18:57.0118 7648 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
23:18:57.0127 7648 PolicyAgent - ok
23:18:57.0170 7648 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
23:18:57.0203 7648 PptpMiniport - ok
23:18:57.0229 7648 [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor C:\Windows\system32\drivers\processr.sys
23:18:57.0231 7648 Processor - ok
23:18:57.0273 7648 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll
23:18:57.0279 7648 ProfSvc - ok
23:18:57.0313 7648 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
23:18:57.0315 7648 ProtectedStorage - ok
23:18:57.0353 7648 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys
23:18:57.0356 7648 PSched - ok
23:18:57.0378 7648 [ 18DE162F9B83079C24CD96F59292F5ED ] PSDFilter C:\Windows\system32\DRIVERS\psdfilter.sys
23:18:57.0379 7648 PSDFilter - ok
23:18:57.0391 7648 [ BC1457A28E76AB3106D43802AC22A627 ] PSDNServ C:\Windows\system32\DRIVERS\PSDNServ.sys
23:18:57.0393 7648 PSDNServ - ok
23:18:57.0406 7648 [ AC151E5B0943304E368C98EC78B5FC4F ] psdvdisk C:\Windows\system32\DRIVERS\PSDVdisk.sys
23:18:57.0408 7648 psdvdisk - ok
23:18:57.0493 7648 [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
23:18:57.0550 7648 ql2300 - ok
23:18:57.0571 7648 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
23:18:57.0574 7648 ql40xx - ok
23:18:57.0619 7648 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
23:18:57.0626 7648 QWAVE - ok
23:18:57.0641 7648 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
23:18:57.0643 7648 QWAVEdrv - ok
23:18:57.0660 7648 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
23:18:57.0662 7648 RasAcd - ok
23:18:57.0682 7648 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
23:18:57.0687 7648 RasAuto - ok
23:18:57.0702 7648 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
23:18:57.0705 7648 Rasl2tp - ok
23:18:57.0747 7648 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll
23:18:57.0754 7648 RasMan - ok
23:18:57.0767 7648 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
23:18:57.0769 7648 RasPppoe - ok
23:18:57.0776 7648 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
23:18:57.0779 7648 RasSstp - ok
23:18:57.0812 7648 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
23:18:57.0818 7648 rdbss - ok
23:18:57.0848 7648 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
23:18:57.0849 7648 RDPCDD - ok
23:18:57.0878 7648 [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
23:18:57.0883 7648 rdpdr - ok
23:18:57.0889 7648 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
23:18:57.0890 7648 RDPENCDD - ok
23:18:57.0926 7648 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
23:18:57.0930 7648 RDPWD - ok
23:18:58.0017 7648 [ 3FF45B7F17D5837216ABAE652CC61540 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
23:18:58.0162 7648 RegSrvc - ok
23:18:58.0188 7648 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
23:18:58.0192 7648 RemoteAccess - ok
23:18:58.0233 7648 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll
23:18:58.0238 7648 RemoteRegistry - ok
23:18:58.0262 7648 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
23:18:58.0265 7648 RpcLocator - ok
23:18:58.0298 7648 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\system32\rpcss.dll
23:18:58.0306 7648 RpcSs - ok
23:18:58.0316 7648 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
23:18:58.0318 7648 rspndr - ok
23:18:58.0323 7648 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe
23:18:58.0325 7648 SamSs - ok
23:18:58.0523 7648 [ 99FC1599F89A80216E41175B8CA44D89 ] SBAMSvc C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe
23:18:58.0619 7648 SBAMSvc - ok
23:18:58.0661 7648 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
23:18:58.0664 7648 sbp2port - ok
23:18:58.0715 7648 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll
23:18:58.0720 7648 SCardSvr - ok
23:18:58.0778 7648 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll
23:18:58.0792 7648 Schedule - ok
23:18:58.0836 7648 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll
23:18:58.0837 7648 SCPolicySvc - ok
23:18:58.0880 7648 [ 8F36B54688C31EED4580129040C6A3D3 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
23:18:58.0883 7648 sdbus - ok
23:18:58.0918 7648 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
23:18:58.0921 7648 SDRSVC - ok
23:18:58.0938 7648 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
23:18:58.0939 7648 secdrv - ok
23:18:58.0956 7648 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
23:18:58.0959 7648 seclogon - ok
23:18:58.0968 7648 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\System32\sens.dll
23:18:58.0971 7648 SENS - ok
23:18:59.0004 7648 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys
23:18:59.0006 7648 Serenum - ok
23:18:59.0022 7648 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
23:18:59.0025 7648 Serial - ok
23:18:59.0037 7648 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
23:18:59.0039 7648 sermouse - ok
23:18:59.0089 7648 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
23:18:59.0093 7648 SessionEnv - ok
23:18:59.0117 7648 [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
23:18:59.0119 7648 sffdisk - ok
23:18:59.0143 7648 [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
23:18:59.0147 7648 sffp_mmc - ok
23:18:59.0171 7648 [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
23:18:59.0172 7648 sffp_sd - ok
23:18:59.0187 7648 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
23:18:59.0188 7648 sfloppy - ok
23:18:59.0224 7648 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
23:18:59.0227 7648 SharedAccess - ok
23:18:59.0300 7648 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
23:18:59.0310 7648 ShellHWDetection - ok
23:18:59.0334 7648 [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp C:\Windows\system32\drivers\sisagp.sys
23:18:59.0336 7648 sisagp - ok
23:18:59.0370 7648 [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
23:18:59.0375 7648 SiSRaid2 - ok
23:18:59.0398 7648 [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
23:18:59.0401 7648 SiSRaid4 - ok
23:18:59.0440 7648 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
23:18:59.0445 7648 SkypeUpdate - ok
23:18:59.0616 7648 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe
23:18:59.0714 7648 slsvc - ok
23:18:59.0760 7648 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
23:18:59.0765 7648 SLUINotify - ok
23:18:59.0797 7648 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
23:18:59.0800 7648 SNMPTRAP - ok
23:18:59.0880 7648 [ 0302BC619D4A723317E7F8EB0C362BD3 ] SNP2UVC C:\Windows\system32\DRIVERS\snp2uvc.sys
23:18:59.0913 7648 SNP2UVC - ok
23:18:59.0945 7648 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
23:18:59.0947 7648 spldr - ok
23:18:59.0988 7648 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe
23:18:59.0994 7648 Spooler - ok
23:19:00.0030 7648 [ 86EBD8B1F23E743AAD21F4D5B4D40985 ] SQLBrowser C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
23:19:00.0035 7648 SQLBrowser - ok
23:19:00.0070 7648 [ D89083C4EB02DACA8F944B0E05E57F9D ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
23:19:00.0072 7648 SQLWriter - ok
23:19:00.0124 7648 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys
23:19:00.0130 7648 srv - ok
23:19:00.0181 7648 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
23:19:00.0185 7648 srv2 - ok
23:19:00.0208 7648 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
23:19:00.0211 7648 srvnet - ok
23:19:00.0238 7648 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
23:19:00.0244 7648 SSDPSRV - ok
23:19:00.0280 7648 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
23:19:00.0285 7648 SstpSvc - ok
23:19:00.0355 7648 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll
23:19:00.0366 7648 stisvc - ok
23:19:00.0401 7648 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
23:19:00.0403 7648 swenum - ok
23:19:00.0465 7648 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll
23:19:00.0470 7648 swprv - ok
23:19:00.0495 7648 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
23:19:00.0497 7648 Symc8xx - ok
23:19:00.0512 7648 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
23:19:00.0514 7648 Sym_hi - ok
23:19:00.0527 7648 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
23:19:00.0529 7648 Sym_u3 - ok
23:19:00.0551 7648 [ C5F25D490D0915732508FD421BF76D93 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
23:19:00.0556 7648 SynTP - ok
23:19:00.0622 7648 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll
23:19:00.0636 7648 SysMain - ok
23:19:00.0661 7648 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
23:19:00.0666 7648 TabletInputService - ok
23:19:00.0706 7648 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll
23:19:00.0714 7648 TapiSrv - ok
23:19:00.0734 7648 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
23:19:00.0739 7648 TBS - ok
23:19:00.0800 7648 [ EE7E10BED85C312C1D5D30C435BDDA9F ] Tcpip C:\Windows\system32\drivers\tcpip.sys
23:19:00.0807 7648 Tcpip - ok
23:19:00.0830 7648 [ EE7E10BED85C312C1D5D30C435BDDA9F ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
23:19:00.0838 7648 Tcpip6 - ok
23:19:00.0857 7648 [ 2C2D4CFF5E09C73908F9B5AF49A51365 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
23:19:00.0859 7648 tcpipreg - ok
23:19:00.0894 7648 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
23:19:00.0929 7648 TDPIPE - ok
23:19:00.0983 7648 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
23:19:00.0994 7648 TDTCP - ok
23:19:01.0067 7648 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
23:19:01.0068 7648 tdx - ok
23:19:01.0223 7648 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
23:19:01.0225 7648 TermDD - ok
23:19:01.0255 7648 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll
23:19:01.0266 7648 TermService - ok
23:19:01.0289 7648 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll
23:19:01.0294 7648 Themes - ok
23:19:01.0329 7648 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
23:19:01.0331 7648 THREADORDER - ok
23:19:01.0401 7648 [ 78213F01CE781F93180BEF5EB5B3AD81 ] tifm21 C:\Windows\system32\drivers\tifm21.sys
23:19:01.0418 7648 tifm21 - ok
23:19:01.0451 7648 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
23:19:01.0456 7648 TrkWks - ok
23:19:01.0519 7648 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
23:19:01.0520 7648 TrustedInstaller - ok
23:19:01.0544 7648 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
23:19:01.0546 7648 tssecsrv - ok
23:19:01.0568 7648 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
23:19:01.0569 7648 tunmp - ok
23:19:01.0607 7648 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
23:19:01.0609 7648 tunnel - ok
23:19:01.0639 7648 [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35 C:\Windows\system32\drivers\uagp35.sys
23:19:01.0641 7648 uagp35 - ok
23:19:01.0689 7648 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
23:19:01.0694 7648 udfs - ok
23:19:01.0727 7648 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
23:19:01.0731 7648 UI0Detect - ok
23:19:01.0755 7648 [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
23:19:01.0757 7648 uliagpkx - ok
23:19:01.0778 7648 [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci C:\Windows\system32\drivers\uliahci.sys
23:19:01.0783 7648 uliahci - ok
23:19:01.0819 7648 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
23:19:01.0822 7648 UlSata - ok
23:19:01.0846 7648 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
23:19:01.0849 7648 ulsata2 - ok
23:19:01.0868 7648 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
23:19:01.0870 7648 umbus - ok
23:19:01.0888 7648 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
23:19:01.0896 7648 upnphost - ok
23:19:01.0924 7648 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
23:19:01.0927 7648 usbccgp - ok
23:19:01.0950 7648 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
23:19:01.0996 7648 usbcir - ok
23:19:02.0020 7648 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
23:19:02.0021 7648 usbehci - ok
23:19:02.0045 7648 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
23:19:02.0050 7648 usbhub - ok
23:19:02.0078 7648 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys
23:19:02.0080 7648 usbohci - ok
23:19:02.0115 7648 [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
23:19:02.0117 7648 usbprint - ok
23:19:02.0154 7648 [ A508C9BD8724980512136B039BBA65E9 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
23:19:02.0155 7648 usbscan - ok
23:19:02.0170 7648 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
23:19:02.0172 7648 USBSTOR - ok
23:19:02.0189 7648 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
23:19:02.0191 7648 usbuhci - ok
23:19:02.0211 7648 [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
23:19:02.0215 7648 usbvideo - ok
23:19:02.0276 7648 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll
23:19:02.0281 7648 UxSms - ok
23:19:02.0338 7648 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe
23:19:02.0349 7648 vds - ok
23:19:02.0391 7648 [ 87B06E1F30B749A114F74622D013F8D4 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
23:19:02.0393 7648 vga - ok
23:19:02.0413 7648 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
23:19:02.0415 7648 VgaSave - ok
23:19:02.0436 7648 [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp C:\Windows\system32\drivers\viaagp.sys
23:19:02.0438 7648 viaagp - ok
23:19:02.0453 7648 [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7 C:\Windows\system32\drivers\viac7.sys
23:19:02.0455 7648 ViaC7 - ok
23:19:02.0467 7648 [ AADF5587A4063F52C2C3FED7887426FC ] viaide C:\Windows\system32\drivers\viaide.sys
23:19:02.0468 7648 viaide - ok
23:19:02.0483 7648 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
23:19:02.0486 7648 volmgr - ok
23:19:02.0533 7648 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
23:19:02.0539 7648 volmgrx - ok
23:19:02.0582 7648 [ 786DB5771F05EF300390399F626BF30A ] volsnap C:\Windows\system32\drivers\volsnap.sys
23:19:02.0587 7648 volsnap - ok
23:19:02.0622 7648 [ 587253E09325E6BF226B299774B728A9 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
23:19:02.0625 7648 vsmraid - ok
23:19:02.0701 7648 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe
23:19:02.0712 7648 VSS - ok
23:19:02.0825 7648 [ 7D110D645030C05A06C3CD08D1E47D0A ] vToolbarUpdater13.2.0 C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe
23:19:02.0831 7648 vToolbarUpdater13.2.0 - ok
23:19:02.0877 7648 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll
23:19:02.0885 7648 W32Time - ok
23:19:02.0932 7648 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
23:19:02.0933 7648 WacomPen - ok
23:19:02.0952 7648 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
23:19:02.0954 7648 Wanarp - ok
23:19:02.0958 7648 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
23:19:02.0959 7648 Wanarpv6 - ok
23:19:03.0007 7648 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll
23:19:03.0016 7648 wcncsvc - ok
23:19:03.0041 7648 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
23:19:03.0045 7648 WcsPlugInService - ok
23:19:03.0063 7648 [ 78FE9542363F297B18C027B2D7E7C07F ] Wd C:\Windows\system32\drivers\wd.sys
23:19:03.0065 7648 Wd - ok
23:19:03.0117 7648 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
23:19:03.0128 7648 Wdf01000 - ok
23:19:03.0153 7648 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
23:19:03.0158 7648 WdiServiceHost - ok
23:19:03.0163 7648 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
23:19:03.0167 7648 WdiSystemHost - ok
23:19:03.0217 7648 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll
23:19:03.0224 7648 WebClient - ok
23:19:03.0279 7648 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll
23:19:03.0285 7648 Wecsvc - ok
23:19:03.0327 7648 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
23:19:03.0332 7648 wercplsupport - ok
23:19:03.0375 7648 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll
23:19:03.0380 7648 WerSvc - ok
23:19:03.0412 7648 [ 5C7BDCF5864DB00323FE2D90FA26A8A2 ] winachsf C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
23:19:03.0425 7648 winachsf - ok
23:19:03.0432 7648 WinHttpAutoProxySvc - ok
23:19:03.0478 7648 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
23:19:03.0480 7648 Winmgmt - ok
23:19:03.0558 7648 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll
23:19:03.0584 7648 WinRM - ok
23:19:03.0659 7648 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll
23:19:03.0672 7648 Wlansvc - ok
23:19:03.0793 7648 [ FB01D4AE207B9EFDBABFC55DC95C7E31 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
23:19:03.0826 7648 wlidsvc - ok
23:19:03.0844 7648 [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
23:19:03.0846 7648 WmiAcpi - ok
23:19:03.0887 7648 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
23:19:03.0889 7648 wmiApSrv - ok
23:19:03.0956 7648 [ C8F8AAC50B5B0BF821AB7D7126056B30 ] WMIService C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
23:19:03.0991 7648 WMIService - ok
23:19:04.0048 7648 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
23:19:04.0065 7648 WMPNetworkSvc - ok
23:19:04.0106 7648 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll
23:19:04.0113 7648 WPCSvc - ok
23:19:04.0159 7648 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
23:19:04.0164 7648 WPDBusEnum - ok
23:19:04.0198 7648 [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
23:19:04.0200 7648 WpdUsb - ok
23:19:04.0332 7648 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
23:19:04.0346 7648 WPFFontCache_v0400 - ok
23:19:04.0374 7648 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
23:19:04.0376 7648 ws2ifsl - ok
23:19:04.0384 7648 WSearch - ok
23:19:04.0431 7648 [ 2584DF81CC9F7E7BD3545691106F8CAE ] WSVD C:\Windows\system32\drivers\WSVD.sys
23:19:04.0466 7648 WSVD - ok
23:19:04.0556 7648 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
23:19:04.0575 7648 wuauserv - ok
23:19:04.0627 7648 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
23:19:04.0629 7648 WudfPf - ok
23:19:04.0651 7648 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
23:19:04.0655 7648 WUDFRd - ok
23:19:04.0687 7648 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
23:19:04.0692 7648 wudfsvc - ok
23:19:04.0700 7648 ================ Scan global ===============================
23:19:04.0761 7648 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
23:19:04.0792 7648 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
23:19:04.0811 7648 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
23:19:04.0867 7648 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
23:19:04.0874 7648 [Global] - ok
23:19:04.0877 7648 ================ Scan MBR ==================================
23:19:04.0888 7648 [ 6FC6F9186C07BCA94E140F63BFE6E9B4 ] \Device\Harddisk0\DR0
23:19:08.0202 7648 \Device\Harddisk0\DR0 - ok
23:19:08.0203 7648 ================ Scan VBR ==================================
23:19:08.0206 7648 [ 627BF9746E6CA173F7BD2E6BAF6A13CF ] \Device\Harddisk0\DR0\Partition1
23:19:08.0208 7648 \Device\Harddisk0\DR0\Partition1 - ok
23:19:08.0232 7648 [ 40BB6C028A031D26034FBCE81C23CD6F ] \Device\Harddisk0\DR0\Partition2
23:19:08.0234 7648 \Device\Harddisk0\DR0\Partition2 - ok
23:19:08.0234 7648 ============================================================
23:19:08.0234 7648 Scan finished
23:19:08.0234 7648 ============================================================
23:19:08.0251 3672 Detected object count: 0
23:19:08.0251 3672 Actual detected object count: 0





Log from aswMBR

aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2013-01-11 23:23:03
-----------------------------
23:23:03.751 OS Version: Windows 6.0.6002 Service Pack 2
23:23:03.751 Number of processors: 2 586 0xF0D
23:23:03.752 ComputerName: xxxx-PC UserName: xxxx
23:23:30.632 Initialize success
23:23:50.790 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-3
23:23:50.794 Disk 0 Vendor: Hitachi_HTS542516K9SA00 BBCOC31P Size: 152627MB BusType: 3
23:23:50.814 Disk 0 MBR read successfully
23:23:50.818 Disk 0 MBR scan
23:23:50.822 Disk 0 unknown MBR code
23:23:50.834 Disk 0 Partition 1 00 27 Hidden NTFS WinRE MSDOS5.0 10000 MB offset

2048
23:23:50.850 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 71317 MB offset

20482048
23:23:50.869 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 71308 MB offset

166539264
23:23:50.877 Disk 0 scanning sectors +312578048
23:23:50.944 Disk 0 scanning C:\Windows\system32\drivers
23:24:00.173 Service scanning
23:24:01.369 Service .dtsoftbus01 \* **LOCKED** 123
23:24:11.490 Service MpKsl1e43cbc4 C:\ProgramData\Microsoft\Microsoft

Antimalware\Definition Updates\{622754C4-DBEE-441E-A4DC-44B167920598}\MpKsl1e43cbc4.sys

**LOCKED** 32
23:24:26.662 Modules scanning
23:24:39.389 Disk 0 trace - called modules:
23:24:39.424 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll ataport.SYS

intelide.sys PCIIDEX.SYS atapi.sys
23:24:39.434 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x862ee330]
23:24:39.444 3 CLASSPNP.SYS[8b1a08b3] -> nt!IofCallDriver -> [0x857514d8]
23:24:39.453 5 acpi.sys[8069e6bc] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-3

[0x861b1b98]
23:24:39.463 Scan finished successfully
23:24:54.491 Disk 0 MBR has been saved successfully to

"C:\Users\xxxx\Documents\Desktop\MBR.dat"
23:24:54.597 The log file has been saved successfully to

"C:\Users\xxxx\Documents\Desktop\aswMBR.txt"


Log from ESET online scanner

C:\Users\All Users\Tarma Installer\{C049526F-B3EB-4151-9B11-B11F00F53A96}\_Setupx.dll a variant of Win32/Adware.Yontoo.B application unable to clean
C:\ProgramData\Tarma Installer\{C049526F-B3EB-4151-9B11-B11F00F53A96}\_Setupx.dll a variant of Win32/Adware.Yontoo.B application cleaned by deleting - quarantined



Lets check for malware before fixing it

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply



#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:59 PM

Posted 12 January 2013 - 08:52 AM

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.


Run the services repair tool

http://kb.eset.com/library/ESET/KB%20Team%20Only/Malware/ServicesRepair.exe

Run Farbar service scanner again and post the new log


Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

#7 icemaxwell

icemaxwell
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:03:59 PM

Posted 17 January 2013 - 07:35 AM

Sorry, it took me a while to reply to your post. I had been out of city.

here are the results of the scans

Malwarebytes

Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Database version: v2013.01.16.02

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 8.0.6001.19393
xxxx :: xxxx-PC [administrator]

1/16/2013 2:28:20 AM
mbam-log-2013-01-16 (02-28-20).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 498609
Time elapsed: 4 hour(s), 43 minute(s), 10 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)




mini toolbox


*There are IP information that I am not confidence of posting in this forum. I hope this will help.


Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

Catalog5 02 C:\Windows\system32\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

Catalog5 06 C:\Windows\System32\winrnr.dll [19968] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 27 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================

System errors:
=============

Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
Date: 2013-01-17 04:12:25.949
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\NisDrvWFP.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-01-17 04:12:25.707
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\NisDrvWFP.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-01-17 04:12:25.470
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\NisDrvWFP.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-01-17 04:12:25.184
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\NisDrvWFP.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-01-16 06:43:50.654
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\NisDrvWFP.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-01-16 06:43:50.198
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\NisDrvWFP.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-01-16 06:43:49.733
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\NisDrvWFP.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-01-16 06:43:49.279
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\NisDrvWFP.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-01-16 06:43:48.827
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\NisDrvWFP.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-01-16 06:43:48.253
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\NisDrvWFP.sys because the set of per-page image hashes could not be found on the system.


=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
µTorrent (Version: 3.0.0)
2007 Microsoft Office system (Version: 12.0.6612.1000)
7-Zip 4.65
Acer Assist
Acer Crystal Eye Webcam (Version: 2.0.4)
Acer Crystal Eye Webcam Video Class Camera (Version: 5.8.32.500-1.0)
Acer eDataSecurity Management (Version: 2.8.4354)
Acer eLock Management (Version: 2.5.4302)
Acer Empowering Technology (Version: 2.5.4301)
Acer eNet Management (Version: 2.6.4303)
Acer ePower Management (Version: 2.5.4309)
Acer ePresentation Management (Version: 2.5.4300)
Acer eSettings Management (Version: 2.5.4302)
Acer GridVista (Version: 2.72.317)
Acer Mobility Center Plug-In (Version: 1.0.4301)
Acer Registration
Acer ScreenSaver (Version: 2.11.20071207)
Activation Assistant for the 2007 Microsoft Office suites
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0)
Ad-Aware Antivirus (Version: 10.4.49.4168)
Ad-Aware Security Add-on (Version: 2.2.0.18)
Adobe Flash Player 11 Plugin (Version: 11.4.402.278)
Adobe Flash Player ActiveX (Version: 9.0.115.0)
Adobe Reader X (10.1.3) (Version: 10.1.3)
Adobe Shockwave Player 11.5 (Version: 11.5.7.609)
Apple Application Support (Version: 1.2.1)
Apple Software Update (Version: 2.1.1.116)
AVG Security Toolbar (Version: 13.2.0.5)
AviSynth 2.5
Broadcom Gigabit Integrated Controller (Version: 10.50.08)
Business Contact Manager for Outlook 2007 SP2 (Version: 3.0.8619.1)
D3DX10 (Version: 15.4.2368.0902)
DAEMON Tools Lite (Version: 4.40.2.0131)
DjVu Solo 3.1
Easy Video Splitter 1.28
ESET Online Scanner v3
ExtractNow
GOM Player
Google Chrome (Version: 24.0.1312.52)
Google Talk Plugin (Version: 3.10.2.10212)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Update Helper (Version: 1.3.21.129)
Hybrid Downloader 1,0,2,6 (Version: 1,0,2,6)
Intel PROSet Wireless
Intel® Graphics Media Accelerator Driver
Intel® Matrix Storage Manager
Intel® PROSet/Wireless WiFi Software (Version: 12.02.0000)
Java Auto Updater (Version: 2.0.6.1)
Java™ 6 Update 29 (Version: 6.0.290)
Java™ SE Development Kit 6 Update 13 (Version: 1.6.0.130)
JavaFX™ 1.2 SDK (Version: 1.2.1)
K-Lite Codec Pack 5.3.0 (Basic) (Version: 5.3.0)
Launch Manager
League of Legends (Version: 1.3)
LightScribe 1.4.142.1 (Version: 1.4.142.1)
Malwarebytes Anti-Malware version 1.70.0.1100 (Version: 1.70.0.1100)
MATLAB R2009b (Version: 7.9)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Office 2003 Web Components (Version: 11.0.8173.0)
Microsoft Office 2007 Primary Interop Assemblies (Version: 12.0.4518.1014)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Professional Hybrid 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Small Business Connectivity Components (Version: 2.0.7024.0)
Microsoft Office Word 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Security Client (Version: 4.1.0522.0)
Microsoft Security Essentials (Version: 4.1.522.0)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005
Microsoft SQL Server 2005 Express Edition (MSSMLBIZ) (Version: 9.4.5000.00)
Microsoft SQL Server 2008 Management Objects (Version: 10.0.1600.22)
Microsoft SQL Server Native Client (Version: 9.00.5000.00)
Microsoft SQL Server Setup Support Files (English) (Version: 9.00.5000.00)
Microsoft SQL Server VSS Writer (Version: 9.00.5000.00)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Express Edition with SP1 - ENU
Microsoft Visual C++ 2008 Express Edition with SP1 - ENU (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries (Version: 6.1.5288.17011)
Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for .NET Framework - enu (Version: 3.5.30729)
Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Win32 (Version: 6.1.5295.17011)
MSVCRT (Version: 15.4.2862.0708)
NTI Backup NOW! 4.7 (Version: 1.00.0000)
NTI CD & DVD-Maker (Version: 7)
NTI Shadow (Version: 3.7.6.37)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0)
OpenOffice.org 3.1 (Version: 3.1.9420)
PowerDVD (Version: 7.32.3704d.0)
QuickTime (Version: 7.66.71.0)
Ragnarok Online (Version: 13.2.2)
Realtek High Definition Audio Driver (Version: 6.0.1.5543)
Segoe UI (Version: 15.4.2271.0615)
Skype™ 5.10 (Version: 5.10.116)
SQL Server System CLR Types (Version: 10.0.1600.22)
Subversion (Version: 1.6.4)
Synaptics Pointing Device Driver (Version: 10.0.15.0)
System Requirements Lab for Intel (Version: 4.5.3.0)
TeamSpeak 3 Client (Version: 3.0.6)
Texas Instruments PCIxx21/x515/xx12 drivers. (Version: 2.00.0002)
TIPCI (Version: 2.00.0002)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2760586) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Ventrilo Client (Version: 3.0.8)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Yahoo! Detect

========================= Memory info: ===================================

Percentage of memory in use: 56%
Total physical RAM: 3061.68 MB
Available physical RAM: 1321.85 MB
Total Pagefile: 6325.62 MB
Available Pagefile: 4291.23 MB
Total Virtual: 2047.88 MB
Available Virtual: 1950.61 MB

========================= Partitions: =====================================

1 Drive c: (ACER) (Fixed) (Total:69.65 GB) (Free:8.28 GB) NTFS
2 Drive d: (DATA) (Fixed) (Total:69.64 GB) (Free:58.8 GB) NTFS

========================= Users: ========================================

User accounts for \\xxxx-PC

Administrator xxxx Guest

========================= Restore Points ==================================

16-01-2013 16:06:10 Scheduled Checkpoint

**** End of log ****


Farbar service scanner


Farbar Service Scanner Version: 05-01-2013
Ran by xxxx (administrator) on 17-01-2013 at 03:44:01
Running from "C:\Users\xxxx\Documents\Desktop\Downloads\Downloads"
Windows Vista ™ Home Premium Service Pack 2 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Attempt to access Google IP returned error. Google IP is offline
Attempt to access Google.com returned error: Google.com is offline
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.

MpsSvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking LEGACY_MpsSvc: ATTENTION!=====> Unable to open LEGACY_MpsSvc\0000 registry key. The key does not exist.

bfe Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking LEGACY_bfe: ATTENTION!=====> Unable to open LEGACY_bfe\0000 registry key. The key does not exist.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============
wscsvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking LEGACY_wscsvc: ATTENTION!=====> Unable to open LEGACY_wscsvc\0000 registry key. The key does not exist.


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============
Checking Start type of iphlpsvc: ATTENTION!=====> Unable to open iphlpsvc registry key. The service key does not exist.
Checking ImagePath of iphlpsvc: ATTENTION!=====> Unable to open iphlpsvc registry key. The service key does not exist.
Checking ServiceDll of iphlpsvc: ATTENTION!=====> Unable to open iphlpsvc registry key. The service key does not exist.


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcsvc.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\ipnathlp.dll => MD5 is legit
C:\Windows\system32\iphlpsvc.dll => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****



adware cleaner

aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2013-01-11 23:23:03
-----------------------------
23:23:03.751 OS Version: Windows 6.0.6002 Service Pack 2
23:23:03.751 Number of processors: 2 586 0xF0D
23:23:03.752 ComputerName: xxxx-PC UserName: xxxx
23:23:30.632 Initialize success
23:23:50.790 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-3
23:23:50.794 Disk 0 Vendor: Hitachi_HTS542516K9SA00 BBCOC31P Size: 152627MB BusType: 3
23:23:50.814 Disk 0 MBR read successfully
23:23:50.818 Disk 0 MBR scan
23:23:50.822 Disk 0 unknown MBR code
23:23:50.834 Disk 0 Partition 1 00 27 Hidden NTFS WinRE MSDOS5.0 10000 MB offset 2048
23:23:50.850 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 71317 MB offset 20482048
23:23:50.869 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 71308 MB offset 166539264
23:23:50.877 Disk 0 scanning sectors +312578048
23:23:50.944 Disk 0 scanning C:\Windows\system32\drivers
23:24:00.173 Service scanning
23:24:01.369 Service .dtsoftbus01 \* **LOCKED** 123
23:24:11.490 Service MpKsl1e43cbc4 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{622754C4-DBEE-441E-A4DC-44B167920598}\MpKsl1e43cbc4.sys **LOCKED** 32
23:24:26.662 Modules scanning
23:24:39.389 Disk 0 trace - called modules:
23:24:39.424 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll ataport.SYS intelide.sys PCIIDEX.SYS atapi.sys
23:24:39.434 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x862ee330]
23:24:39.444 3 CLASSPNP.SYS[8b1a08b3] -> nt!IofCallDriver -> [0x857514d8]
23:24:39.453 5 acpi.sys[8069e6bc] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-3[0x861b1b98]
23:24:39.463 Scan finished successfully
23:24:54.491 Disk 0 MBR has been saved successfully to "C:\Users\xxxx\Documents\Desktop\MBR.dat"
23:24:54.597 The log file has been saved successfully to "C:\Users\xxxx\Documents\Desktop\aswMBR.txt"


Junkware removal tool

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.4.3 (01.15.2013:1)
OS: Windows Vista ™ Home Premium x86
Ran by xxxx on Thu 01/17/2013 at 4:06:02.45
Blog: http://thisisudax.blogspot.com
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully deleted: [Registry Value] hkey_local_machine\software\microsoft\windows\currentversion\run\\searchprotection
Successfully deleted: [Registry Value] hkey_current_user\software\microsoft\internet explorer\urlsearchhooks\\{6c97a91e-4524-4019-86af-2aa2d567bf5c}
Successfully deleted: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\toolbar\\{6c97a91e-4524-4019-86af-2aa2d567bf5c}
Successfully deleted: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\toolbar\\{95b7759c-8c7f-4bf1-b163-73684a933233}
Successfully deleted: [Registry Value] hkey_current_user\software\microsoft\internet explorer\toolbar\webbrowser\\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
Successfully repaired: [Registry Value] hkey_current_user\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_users\.default\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_users\s-1-5-18\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_users\s-1-5-19\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_users\s-1-5-20\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_users\S-1-5-21-1887067282-62145402-3325052684-1003\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_current_user\software\microsoft\internet explorer\searchscopes\\DefaultScope
Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\searchscopes\\DefaultScope
Successfully repaired: [Registry Value] hkey_users\.default\software\microsoft\internet explorer\searchscopes\\DefaultScope
Successfully repaired: [Registry Value] hkey_users\s-1-5-18\software\microsoft\internet explorer\searchscopes\\DefaultScope
Successfully repaired: [Registry Value] hkey_users\s-1-5-19\software\microsoft\internet explorer\searchscopes\\DefaultScope
Successfully repaired: [Registry Value] hkey_users\s-1-5-20\software\microsoft\internet explorer\searchscopes\\DefaultScope
Successfully repaired: [Registry Value] hkey_users\S-1-5-21-1887067282-62145402-3325052684-1003\software\microsoft\internet explorer\searchscopes\\DefaultScope
Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}\\DisplayName
Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}\\URL



~~~ Registry Keys

Successfully deleted: [Registry Key] hkey_current_user\software\conduit
Successfully deleted: [Registry Key] hkey_local_machine\software\conduit
Successfully deleted: [Registry Key] hkey_local_machine\software\tarma installer
Successfully deleted: [Registry Key] hkey_current_user\software\zugo
Successfully deleted: [Registry Key] hkey_current_user\software\appdatalow\software\pricegong
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\appid\scripthelper.exe
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\appid\viprotocol.dll
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\protocols\handler\viprotocol
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\s
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\scripthelper.scripthelperapi
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\scripthelper.scripthelperapi.1
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\viprotocol.viprotocolole
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\viprotocol.viprotocolole.1
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{02478d38-c3f9-4efb-9b51-7695eca05670}
Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\internet explorer\searchscopes\{3bd44f0e-0596-4008-aee0-45d47e3a8f0e}
Successfully deleted: [Registry Key] hkey_classes_root\clsid\{6c97a91e-4524-4019-86af-2aa2d567bf5c}
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{6c97a91e-4524-4019-86af-2aa2d567bf5c}
Successfully deleted: [Registry Key] hkey_classes_root\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}
Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\internet explorer\searchscopes\{95b7759c-8c7f-4bf1-b163-73684a933233}
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{95b7759c-8c7f-4bf1-b163-73684a933233}
Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\internet explorer\searchscopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\blekko toolbars"
Failed to delete: [Folder] "C:\ProgramData\search protection"
Successfully deleted: [Folder] "C:\ProgramData\tarma installer"
Failed to delete: [Folder] "C:\ProgramData\application data\search protection"
Successfully deleted: [Folder] "C:\Users\xxxx\AppData\Roaming\blekko"
Successfully deleted: [Folder] "C:\Users\xxxx\appdata\local\adawarebp"
Successfully deleted: [Folder] "C:\Users\xxxx\appdata\local\conduit"
Successfully deleted: [Folder] "C:\Users\xxxx\appdata\local\searchcom_001"
Successfully deleted: [Folder] "C:\Users\xxxx\appdata\locallow\adawaretb"
Successfully deleted: [Folder] "C:\Users\xxxx\appdata\locallow\conduit"
Successfully deleted: [Folder] "C:\Users\xxxx\appdata\locallow\pricegong"
Successfully deleted: [Folder] "C:\Program Files\adawaretb"



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Thu 01/17/2013 at 4:10:17.49
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


After running Service Repair, Farbar gives this log.

Farbar Service Scanner Version: 05-01-2013
Ran by xxxx (administrator) on 17-01-2013 at 04:02:17
Running from "C:\Users\xxxx\Documents\Desktop\Downloads\Downloads"
Windows Vista ™ Home Premium Service Pack 2 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Attempt to access Google IP returned error. Google IP is offline
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is OK.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcsvc.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\ipnathlp.dll => MD5 is legit
C:\Windows\system32\iphlpsvc.dll => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****



RKILL

it says "no threat" and I could not find any log


Autoruns

"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms" "" "" ""
+ "rdpclip" "" "" "File not found: rdpclip"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Acer Assist Launcher" "Acer Assist Launcher" "Acer Inc." "c:\program files\acer\acer assist\launcher.exe"
+ "Acer Product Registration" "Acer Product Registration" "Leader Technologies" "c:\program files\acer\acer registration\ace1.exe"
+ "Ad-Aware Antivirus" "Ad-Aware Antivirus Launcher" "Lavasoft Limited" "c:\program files\ad-aware antivirus\adawarelauncher.exe"
+ "Ad-Aware Browsing Protection" "Ad-Aware Browsing Protection and Anti-Phishing" "Lavasoft" "c:\programdata\ad-aware browsing protection\adawarebp.exe"
+ "Adobe ARM" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files\common files\adobe\arm\1.0\adobearm.exe"
+ "eDataSecurity Loader" "Acer eDataSecurity Management Loader" "Egis Incorporated" "c:\acer\empowering technology\edatasecurity\x86\edsloader.exe"
+ "Google Quick Search Box" "Google Quick Search Box" "Google Inc." "c:\program files\google\quick search box\googlequicksearchbox.exe"
+ "HotKeysCmds" "hkcmd Module" "Intel Corporation" "c:\windows\system32\hkcmd.exe"
+ "IAAnotif" "Event Monitor User Notification Tool" "Intel Corporation" "c:\program files\intel\intel matrix storage manager\iaanotif.exe"
+ "IgfxTray" "igfxTray Module" "Intel Corporation" "c:\windows\system32\igfxtray.exe"
+ "LanguageShortcut" "Language Application" "" "c:\program files\cyberlink\powerdvd\language\language.exe"
+ "LManager" "Acer Launch Manager Keyboard Application" "Dritek System Inc." "c:\program files\launch manager\lmanager.exe"
+ "Malwarebytes Anti-Malware (reboot)" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbam.exe"
+ "MSC" "Microsoft Security Client User Interface" "Microsoft Corporation" "c:\program files\microsoft security client\msseces.exe"
+ "Persistence" "persistence Module" "Intel Corporation" "c:\windows\system32\igfxpers.exe"
+ "PLFSetI" "DefaultSettingEXE MFC Application" "" "c:\windows\plfseti.exe"
+ "PLFSetL" "DefaultSettingEXE" "sonix" "c:\windows\plfsetl.exe"
+ "QuickTime Task" "QuickTime Task" "Apple Inc." "c:\program files\quicktime\qttask.exe"
+ "RemoteControl" "PowerDVD RC Service" "Cyberlink Corp." "c:\program files\cyberlink\powerdvd\pdvdserv.exe"
+ "ROC_ROC_JULY_P1" "" "" "File not found: C:\Program Files\AVG Secure Search\ROC_ROC_JULY_P1.exe"
+ "RtHDVCpl" "HD Audio Control Panel" "Realtek Semiconductor" "c:\windows\rthdvcpl.exe"
+ "Skytel" "Realtek Voice Manager" "Realtek Semiconductor Corp." "c:\windows\skytel.exe"
+ "SunJavaUpdateSched" "Java™ Update Scheduler" "Sun Microsystems, Inc." "c:\program files\common files\java\java update\jusched.exe"
+ "SynTPStart" "Synaptics Pointing Device starter" "Synaptics, Inc." "c:\program files\synaptics\syntp\syntpstart.exe"
+ "vProt" "VProtect Application" "" "c:\program files\avg secure search\vprot.exe"
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "Empowering Technology Launcher.lnk" "Acer eAP Launch Tool" "Acer Inc." "c:\acer\empowering technology\eaplauncher.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Google Chrome" "Google Chrome" "Google Inc." "c:\program files\google\chrome\application\24.0.1312.52\installer\setup.exe"
+ "Microsoft Windows Mail 7" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "DAEMON Tools Lite" "DAEMON Tools Lite" "DT Soft Ltd" "c:\program files\daemon tools lite\dtlite.exe"
+ "Google Update" "Google Installer" "Google Inc." "c:\users\xxxx\appdata\local\google\update\googleupdate.exe"
+ "ISUSPM" "InstallShield Update Service Update Manager" "Macrovision Corporation" "c:\program files\common files\installshield\updateservice\isuspm.exe"
+ "msnmsgr" "Windows Live Messenger" "Microsoft Corporation" "c:\program files\windows live\messenger\msnmsgr.exe"
+ "Sidebar" "Windows Sidebar" "Microsoft Corporation" "c:\program files\windows sidebar\sidebar.exe"
+ "swg" "GoogleToolbarNotifier" "Google Inc." "c:\program files\google\googletoolbarnotifier\googletoolbarnotifier.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "text/xml" "Microsoft Office XML MIME Filter" "Microsoft Corporation" "c:\program files\common files\microsoft shared\office12\msoxmlmf.dll"
"HKLM\SOFTWARE\Classes\Protocols\Handler" "" "" ""
+ "livecall" "Windows Live Messenger Protocol Handler Module" "Microsoft Corporation" "c:\program files\windows live\messenger\msgrapp.dll"
+ "ms-help" "Microsoft® Help Data Services Module" "Microsoft Corporation" "c:\program files\common files\microsoft shared\help\hxds.dll"
+ "msnim" "Windows Live Messenger Protocol Handler Module" "Microsoft Corporation" "c:\program files\windows live\messenger\msgrapp.dll"
+ "mso-offdap11" "Microsoft Office Web Components 2003" "Microsoft Corporation" "c:\program files\common files\microsoft shared\web components\11\owc11.dll"
+ "skype4com" "Skype for COM API" "Skype Technologies" "c:\program files\common files\skype\skype4com.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "7-Zip" "7-Zip Shell Extension" "Igor Pavlov" "c:\program files\7-zip\7-zip.dll"
+ "EDSshellExt" "Acer eDataSecurity Management Explorer Shell Extension" "Egis Incorporated." "c:\acer\empowering technology\edatasecurity\x86\edsshellext.dll"
+ "EPP" "Microsoft Security Client Shell Extension" "Microsoft Corporation" "c:\program files\microsoft security client\shellext.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "AdAwareContextMenu" "Ad-Aware Antivirus Shell Extension" "Lavasoft Limited" "c:\program files\ad-aware antivirus\adawareshellextension.dll"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "7-Zip" "7-Zip Shell Extension" "Igor Pavlov" "c:\program files\7-zip\7-zip.dll"
+ "EDSshellExt" "Acer eDataSecurity Management Explorer Shell Extension" "Egis Incorporated." "c:\acer\empowering technology\edatasecurity\x86\edsshellext.dll"
+ "EPP" "Microsoft Security Client Shell Extension" "Microsoft Corporation" "c:\program files\microsoft security client\shellext.dll"
"HKLM\Software\Classes\Directory\Shellex\DragDropHandlers" "" "" ""
+ "7-Zip" "7-Zip Shell Extension" "Igor Pavlov" "c:\program files\7-zip\7-zip.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "igfxcui" "igfxpph Module" "Intel Corporation" "c:\windows\system32\igfxpph.dll"
"HKLM\Software\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files\common files\adobe\acrobat\activex\pdfshell.dll"
+ "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" "" "Sun Microsystems, Inc." "c:\program files\openoffice.org 3\basis\program\shlxthdl\shlxthdl.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "Google Dictionary Compression sdch" "Fast Search" "Google Inc." "c:\program files\google\google toolbar\component\fastsearch_b7c5ac242193bb3e.dll"
+ "Google Toolbar Helper" "Google Toolbar" "Google Inc." "c:\program files\google\google toolbar\googletoolbar_32.dll"
+ "Google Toolbar Notifier BHO" "GoogleToolbarNotifier" "Google Inc." "c:\program files\google\googletoolbarnotifier\5.6.5612.1312\swg.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files\java\jre6\bin\jp2ssv.dll"
+ "Shareaza Web Download Hook" "Shareaza Web Download Hook" "Shareaza Development Team" "c:\program files\shareaza\razawebhook32.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "Acer eDataSecurity Management" "Acer eDataSecurity Management Explorer Toolbar" "Egis Incorporated." "c:\acer\empowering technology\edatasecurity\x86\edstoolbar.dll"
+ "Google Toolbar" "Google Toolbar" "Google Inc." "c:\program files\google\google toolbar\googletoolbar_32.dll"
"Task Scheduler" "" "" ""
+ "\Ad-Aware Antivirus Scheduled Scan" "Ad-Aware Antivirus Launcher" "Lavasoft Limited" "c:\program files\ad-aware antivirus\adawarelauncher.exe"
+ "\Ad-Aware Update (Weekly)" "" "" "File not found: C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe"
+ "\ErrorEND" "" "" "File not found: C:\Program Files\ErrorEND\ErrorEND.exe"
+ "\GoogleUpdateTaskMachineCore" "Google Installer" "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "\GoogleUpdateTaskMachineUA" "Google Installer" "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "\GoogleUpdateTaskUserS-1-5-21-1887067282-62145402-3325052684-1003Core" "Google Installer" "Google Inc." "c:\users\xxxx\appdata\local\google\update\googleupdate.exe"
+ "\GoogleUpdateTaskUserS-1-5-21-1887067282-62145402-3325052684-1003UA" "Google Installer" "Google Inc." "c:\users\xxxx\appdata\local\google\update\googleupdate.exe"
+ "\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan" "Microsoft Malware Protection Command Line Utility" "Microsoft Corporation" "c:\program files\microsoft security client\mpcmdrun.exe"
+ "\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task" "Windows Live Social Object Extractor Engine" "Microsoft Corporation" "c:\program files\windows live\soxe\wlsoxe.dll"
+ "\Microsoft\Windows\Wired\GatherWiredInfo" "" "" "c:\windows\system32\gatherwiredinfo.vbs"
+ "\Microsoft\Windows\Wireless\GatherWirelessInfo" "" "" "c:\windows\system32\gatherwirelessinfo.vbs"
+ "\RealUpgradeLogonTaskS-1-5-21-1887067282-62145402-3325052684-1003" "" "" "File not found: C:\Program Files\Real\RealUpgrade\RealUpgrade.exe"
+ "\RealUpgradeScheduledTaskS-1-5-21-1887067282-62145402-3325052684-1003" "" "" "File not found: C:\Program Files\Real\RealUpgrade\RealUpgrade.exe"
+ "\RunAsStdUser Task for VeohWebPlayer" "" "" "File not found: C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe"
+ "\winupd" "" "" "File not found: C:\Users\xxxx\AppData\Local\Temp:winupd.exe"
+ "\{0467C611-442E-4FE4-8BB1-EFD43C13EE6F}" "Skype " "Skype Technologies S.A." "c:\program files\skype\phone\skype.exe"
+ "\{06D2A63F-990A-46AE-AD1E-3484442972CB}" "Skype " "Skype Technologies S.A." "c:\program files\skype\phone\skype.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "Ad-Aware Service" "Ad-Aware Service" "Lavasoft Limited" "c:\program files\ad-aware antivirus\adawareservice.exe"
+ "AdobeARMservice" "Adobe Acrobat Updater keeps your Adobe software up to date." "Adobe Systems Incorporated" "c:\program files\common files\adobe\arm\1.0\armsvc.exe"
+ "BcmSqlStartupSvc" "Controls the start of the Business Contact Manager SQL Server instance (MSSMLBIZ)." "Microsoft Corporation" "c:\program files\microsoft small business\business contact manager\bcmsqlstartupsvc.exe"
+ "eDataSecurity Service" "eDataSecurity Service" "Egis Incorporated" "c:\acer\empowering technology\edatasecurity\x86\edsservice.exe"
+ "eLockService" "Acer eLock Management Service" "Acer Inc." "c:\acer\empowering technology\elock\service\elockserv.exe"
+ "eNet Service" "Acer eNet Management Service" "Acer Inc." "c:\acer\empowering technology\enet\enet service.exe"
+ "eRecoveryService" "Acer eRecovery Management" "Acer Inc." "c:\acer\empowering technology\erecovery\erecoveryservice.exe"
+ "eSettingsService" "Acer eSettings Management Service" "" "c:\acer\empowering technology\esettings\service\capuserv.exe"
+ "EvtEng" "Manages the event trace messages for all the Intel® PROSet/Wireless Software components." "Intel® Corporation" "c:\program files\intel\wifi\bin\evteng.exe"
+ "gupdate" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "gupdatem" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "gusvc" "Google Updater keeps your Google software up to date. If Google Updater Service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work." "Google" "c:\program files\google\common\google updater\googleupdaterservice.exe"
+ "IAANTMON" "RAID Monitor" "Intel Corporation" "c:\program files\intel\intel matrix storage manager\iaantmon.exe"
+ "LightScribeService" "Used by the LightScribe software components to support 3rd party disc labeling applications using the LightScribe COM Application Programming Interface (LSCAPI). This service needs to run for LightScribe direct disc labeling to work." "Hewlett-Packard Company" "c:\program files\common files\lightscribe\lssrvc.exe"
+ "MobilityService" "app" "" "c:\acer\mobility center\mobilityservice.exe"
+ "MsMpSvc" "Helps protect users from malware and other potentially unwanted software" "Microsoft Corporation" "c:\program files\microsoft security client\msmpeng.exe"
+ "MSSQL$MSSMLBIZ" "Provides storage, processing and controlled access of data and rapid transaction processing." "Microsoft Corporation" "c:\program files\microsoft sql server\mssql.1\mssql\binn\sqlservr.exe"
+ "NisSrv" "Helps guard against intrusion attempts targeting known and newly discovered vulnerabilities in network protocols" "Microsoft Corporation" "c:\program files\microsoft security client\nissrv.exe"
+ "odserv" "Run portions of Microsoft Office Diagnostics." "Microsoft Corporation" "c:\program files\common files\microsoft shared\office12\odserv.exe"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files\common files\microsoft shared\source engine\ose.exe"
+ "RegSrvc" "Provides registry access to all Intel® PROSet/Wireless Software components" "Intel® Corporation" "c:\program files\common files\intel\wirelesscommon\regsrvc.exe"
+ "SBAMSvc" "Manages your antispyware and antivirus application" "GFI Software" "c:\program files\ad-aware antivirus\sbamsvc.exe"
+ "SkypeUpdate" "Enables the detection, download and installation of updates for Skype." "Skype Technologies" "c:\program files\skype\updater\updater.exe"
+ "SQLBrowser" "Provides SQL Server connection information to client computers." "Microsoft Corporation" "c:\program files\microsoft sql server\90\shared\sqlbrowser.exe"
+ "SQLWriter" "Provides the interface to backup/restore Microsoft SQL server through the Windows VSS infrastructure." "Microsoft Corporation" "c:\program files\microsoft sql server\90\shared\sqlwriter.exe"
+ "vToolbarUpdater13.2.0" "ToolbarU Application" "" "c:\program files\common files\avg secure search\vtoolbarupdater\13.2.0\toolbarupdater.exe"
+ "WinDefend" "Scan your computer for unwanted software, schedule scans, and get the latest unwanted software definitions." "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll"
+ "wlidsvc" "Enables Windows Live ID authentication." "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidsvc.exe"
+ "WMIService" "Acer ePower Management Service" "acer" "c:\acer\empowering technology\epower\epowersvc.exe"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ ".dtsoftbus01" "" "" "File not found: \*"
+ "Avgfwfd" "AVG network filter driver" "AVG Technologies CZ, s.r.o." "c:\windows\system32\drivers\avgfwd6x.sys"
+ "AVGIDSDrivervtx" "" "" "File not found: C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_Vista\AVGIDSDriver.sys"
+ "AVGIDSErHrvtx" "IDS Application Activity Monitor Helper Driver." "AVG Technologies " "c:\windows\system32\drivers\avgidsvx.sys"
+ "AVGIDSFiltervtx" "" "" "File not found: C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_Vista\AVGIDSFilter.sys"
+ "AVGIDSShimvtx" "" "" "File not found: C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_Vista\AVGIDSShim.sys"
+ "avgtp" "" "AVG Technologies" "c:\windows\system32\drivers\avgtpx86.sys"
+ "b57nd60x" "Broadcom NetXtreme Gigabit Ethernet NDIS6.0 Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60x.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "DKbFltr" "Dritek PS2 Keyboard Filter Driver" "Dritek System Inc." "c:\windows\system32\drivers\dkbfltr.sys"
+ "dtsoftbus01" "DAEMON Tools Virtual Bus Driver" "DT Soft Ltd" "c:\windows\system32\drivers\dtsoftbus01.sys"
+ "E1G60" "Intel® PRO/1000 Adapter NDIS 6 deserialized driver" "Intel Corporation" "c:\windows\system32\drivers\e1g60i32.sys"
+ "EagleNT" "" "" "File not found: C:\Windows\system32\drivers\EagleNT.sys"
+ "EagleXNt" "AhnLab HackShield Driver" "AhnLab, Inc." "c:\windows\system32\drivers\eaglexnt.sys"
+ "esgiguard" "" "" "File not found: C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys"
+ "HSF_DPV" "HSF_DP driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\vstdpv3.sys"
+ "HSFHWAZL" "HSF_HWAZL WDM driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\vstazl3.sys"
+ "HSXHWAZL" "" "" "File not found: system32\DRIVERS\HSXHWAZL.sys"
+ "iaStor" "Intel Matrix Storage Manager driver - ia32" "Intel Corporation" "c:\windows\system32\drivers\iastor.sys"
+ "igfx" "Intel Graphics Kernel Mode Driver" "Intel Corporation" "c:\windows\system32\drivers\igdkmd32.sys"
+ "int15" "Acer int15 service" "Acer, Inc." "c:\windows\system32\drivers\int15.sys"
+ "IntcAzAudAddService" "Realtek® High Definition Audio Function Driver" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtkvhda.sys"
+ "IpInIp" "IP in IP Tunnel Driver" "" "File not found: system32\DRIVERS\ipinip.sys"
+ "mdmxsdk" "" "" "File not found: system32\DRIVERS\mdmxsdk.sys"
+ "mferkdk" "VSCore Code Analysis Driver" "McAfee, Inc." "c:\windows\system32\drivers\mferkdk.sys"
+ "mfesmfk" "System Monitor Filter Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfesmfk.sys"
+ "MpKsl3a3bc696" "KSLDriver" "Microsoft Corporation" "c:\programdata\microsoft\microsoft antimalware\definition updates\{32e779dc-6451-4157-ac98-76f925bef438}\mpksl3a3bc696.sys"
+ "NETw3v32" "Intel® Wireless WiFi Link Driver" "Intel Corporation" "c:\windows\system32\drivers\netw3v32.sys"
+ "NETw4v32" "Intel® Wireless WiFi Link Driver" "Intel Corporation" "c:\windows\system32\drivers\netw4v32.sys"
+ "NETw5v32" "Intel® Wireless WiFi Link Driver" "Intel Corporation" "c:\windows\system32\drivers\netw5v32.sys"
+ "NSCIRDA" "NSC Fast Infrared Driver." "National Semiconductor Corporation" "c:\windows\system32\drivers\nscirda.sys"
+ "NTIDrvr" "NTI CD-ROM Filter Driver" "NewTech Infosystems, Inc." "c:\windows\system32\drivers\ntidrvr.sys"
+ "NwlnkFlt" "IPX Traffic Filter Driver" "" "File not found: system32\DRIVERS\nwlnkflt.sys"
+ "NwlnkFwd" "IPX Traffic Forwarder Driver" "" "File not found: system32\DRIVERS\nwlnkfwd.sys"
+ "PSDFilter" "PSDFilter Filter Driver" "Egis Incorporated" "c:\windows\system32\drivers\psdfilter.sys"
+ "PSDNServ" "PSDNServ Driver" "Egis Incorporated" "c:\windows\system32\drivers\psdnserv.sys"
+ "psdvdisk" "PSDVdisk Driver" "Egis Incorporated" "c:\windows\system32\drivers\psdvdisk.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "SNP2UVC" "UVC Camera Streaming Driver" "" "c:\windows\system32\drivers\snp2uvc.sys"
+ "SynTP" "Synaptics Touchpad Driver" "Synaptics, Inc." "c:\windows\system32\drivers\syntp.sys"
+ "tifm21" "tifm21.sys" "Texas Instruments" "c:\windows\system32\drivers\tifm21.sys"
+ "winachsf" "HSF_CNXT driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\vstcnxt3.sys"
+ "WSVD" "Wasay virtual disk driver" "Wasay" "c:\windows\system32\drivers\wsvd.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\system32\iccvid.dll"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "9x8Resize" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Allocator Fix" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Bitmap" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Capture ASF Writer" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "CyberLink Audio Decoder" "CyberLink Audio Decoder Filter" "CyberLink Corp." "c:\program files\cyberlink\powerdvd\audiofilter\claud.ax"
+ "CyberLink Audio Effect (PDVD7)" "CyberLink Audio Effect Filter" "CyberLink Corporation" "c:\program files\cyberlink\powerdvd\audiofilter\claudfx.ax"
+ "CyberLink Audio Spectrum Analyzer (PDVD7)" "CLAudSpa.ax" "CyberLink Corp." "c:\program files\cyberlink\powerdvd\audiofilter\claudspa.ax"
+ "CyberLink Audio Wizard" "CyberLink Audio Wizard Filter" "CyberLink Corp." "c:\program files\cyberlink\powerdvd\audiofilter\claudwizard.ax"
+ "CyberLink AudioCD Filter (PDVD7)" "CyberLink AudioCD Filter" "CyberLink Corp." "c:\program files\cyberlink\powerdvd\audiofilter\claudiocd.ax"
+ "CyberLink Demux (PDVD7)" "MPEG-2 Dempltiplexer" "CyberLink Corp." "c:\program files\cyberlink\powerdvd\navfilter\cldemuxer.ax"
+ "CyberLink DVD Navigator (PDVD7)" "CyberLink DVD Navigation Filter" "CyberLink Corp." "c:\program files\cyberlink\powerdvd\navfilter\clnavx.ax"
+ "CyberLink Line21 Decoder (PDVD7.x)" "CyberLink Line21 Decoder Filter" "CyberLink Corp." "c:\program files\cyberlink\powerdvd\videofilter\clline21.ax"
+ "CyberLink MPEG-4 Splitter (PDVD7)" "CyberLink MPEG-4 Splitter" "CyberLink Corp." "c:\program files\cyberlink\powerdvd\navfilter\clm4splt.ax"
+ "Cyberlink SubTitle Importor" "CLSubTitle.ax" "CyberLink Corp." "c:\program files\cyberlink\powerdvd\videofilter\clsubtitle.ax"
+ "CyberLink TimeStretch Filter (PDVD7)" "CLAuTS.ax" "CyberLink Corp." "c:\program files\cyberlink\powerdvd\audiofilter\clauts.ax"
+ "CyberLink Video/SP Decoder (PDVD7)" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files\cyberlink\powerdvd\videofilter\clvsd.ax"
+ "DirectVobSub" "VobSub & TextSub filter for DirectShow/VirtualDub/Avisynth" "Gabest" "c:\program files\k-lite codec pack\filters\vsfilter.dll"
+ "DirectVobSub (auto-loading version)" "VobSub & TextSub filter for DirectShow/VirtualDub/Avisynth" "Gabest" "c:\program files\k-lite codec pack\filters\vsfilter.dll"
+ "ffdshow Audio Decoder" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\k-lite codec pack\ffdshow\ffdshow.ax"
+ "ffdshow Audio Processor" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\k-lite codec pack\ffdshow\ffdshow.ax"
+ "ffdshow raw video filter" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\k-lite codec pack\ffdshow\ffdshow.ax"
+ "ffdshow subtitles filter" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\k-lite codec pack\ffdshow\ffdshow.ax"
+ "ffdshow Video Decoder" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\k-lite codec pack\ffdshow\ffdshow.ax"
+ "Frame Eater" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Gretech ASF Source Filter" "" "" "c:\program files\gretech\gomplayer\gsfu.ax"
+ "Gretech AsfEx Source Filter" "" "" "c:\program files\gretech\gomplayer\gsfu.ax"
+ "Gretech Audio Filter" "" "" "c:\program files\gretech\gomplayer\gaf.ax"
+ "Gretech AVI Source Filter" "" "" "c:\program files\gretech\gomplayer\gsfu.ax"
+ "Gretech FLV Source Filter" "" "" "c:\program files\gretech\gomplayer\gsfu.ax"
+ "Gretech MKV Source Filter" "" "" "c:\program files\gretech\gomplayer\gsfu.ax"
+ "Gretech MP4 Source Filter" "" "" "c:\program files\gretech\gomplayer\gsfu.ax"
+ "Gretech MPEG Source Filter" "" "" "c:\program files\gretech\gomplayer\gsfu.ax"
+ "Gretech Network(AVI) Filter" "" "" "c:\program files\gretech\gomplayer\gnf.ax"
+ "Gretech Network(FLV) Filter" "" "" "c:\program files\gretech\gomplayer\gnf.ax"
+ "Gretech Network(GOM) Filter" "" "" "c:\program files\gretech\gomplayer\gnf.ax"
+ "Gretech Network(OGG) Filter" "" "" "c:\program files\gretech\gomplayer\gnf.ax"
+ "Gretech Network(SHOUTcast) Filter" "" "" "c:\program files\gretech\gomplayer\gnf.ax"
+ "Gretech OGG Source Filter" "" "" "c:\program files\gretech\gomplayer\gsfu.ax"
+ "Gretech Theora Source Filter" "" "" "c:\program files\gretech\gomplayer\gsfu.ax"
+ "Gretech Video Filter" "" "" "c:\program files\gretech\gomplayer\gvf.ax"
+ "Haali Matroska Muxer" "Haali Media Splitter" "" "c:\program files\k-lite codec pack\filters\haali\splitter.ax"
+ "Haali Media Splitter" "Haali Media Splitter" "" "c:\program files\k-lite codec pack\filters\haali\splitter.ax"
+ "Haali Media Splitter (AR)" "Haali Media Splitter" "" "c:\program files\k-lite codec pack\filters\haali\splitter.ax"
+ "Haali Simple Media Splitter" "Haali Media Splitter" "" "c:\program files\k-lite codec pack\filters\haali\splitter.ax"
+ "Haali Video Renderer" "" "" "c:\program files\k-lite codec pack\filters\haali\dxr.dll"
+ "Haali Video Sink" "Haali Media Splitter" "" "c:\program files\k-lite codec pack\filters\haali\splitter.ax"
+ "Honestech VCD/SVCD Encoder" "honest technology, VCD/SVCD encoder" "honest technology" "c:\windows\system32\htvcdsvcd.ax"
+ "MPC - FLV Source (Gabest)" "FLV Splitter" "Gabest" "c:\program files\k-lite codec pack\filters\flvsplitter.ax"
+ "MPC - FLV Splitter (Gabest)" "FLV Splitter" "Gabest" "c:\program files\k-lite codec pack\filters\flvsplitter.ax"
+ "MPC - MP4 Source" "MP4 Splitter" "Gabest" "c:\program files\k-lite codec pack\filters\mp4splitter.ax"
+ "MPC - MP4 Splitter" "MP4 Splitter" "Gabest" "c:\program files\k-lite codec pack\filters\mp4splitter.ax"
+ "MPC - MPEG4 Video Source" "MP4 Splitter" "Gabest" "c:\program files\k-lite codec pack\filters\mp4splitter.ax"
+ "MPC - MPEG4 Video Splitter" "MP4 Splitter" "Gabest" "c:\program files\k-lite codec pack\filters\mp4splitter.ax"
+ "Multiple File Output" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "muvee HXImage Filter" "HXImage Filter for muvee autoProducer" "muvee Technologies Pte Ltd" "c:\program files\common files\muvee technologies\030625\hximagefilter.ax"
+ "muvee Music Analyser" "Music Analyser Filter for muvee autoProducer" "muvee Technologies Pte Ltd" "c:\program files\common files\muvee technologies\030625\mvmanalyse.ax"
+ "muvee Video Analyser" "Video Analyser Filter for muvee autoProducer" "muvee Technologies Pte Ltd" "c:\program files\common files\muvee technologies\030625\mvvanalyse.ax"
+ "Proxy Sink" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Proxy Source" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Record Queue" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "ShotDetect" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Stetch" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WM VIH2 Fix" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Audio Analyzer" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Black Frame Generator" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT DV Extract Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT FormatConversion" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Import Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Interlacer" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Log Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT MuxDeMux Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Sample Info Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Switch Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Virtual Renderer" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Virtual Source" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Volume" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
"HKLM\System\CurrentControlSet\Control\Session Manager\BootExecute" "" "" ""
+ "C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync" "" "" "File not found: C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync"
+ "C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart" "" "" "File not found: C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" "" "" ""
+ "igfxcui" "igfxdev Module" "Intel Corporation" "c:\windows\system32\igfxdev.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "LIDIL hpzlllhn" "LanguageMonitor" "Hewlett-Packard Company" "c:\windows\system32\hpzlllhn.dll"
"C:\Users\xxxx\AppData\Local\Microsoft\Windows Sidebar\Settings.ini" "" "" ""


Thanks for your time :). please let me know the next step.




Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.


Run the services repair tool

http://kb.eset.com/library/ESET/KB%20Team%20Only/Malware/ServicesRepair.exe

Run Farbar service scanner again and post the new log


Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here



#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:59 PM

Posted 17 January 2013 - 09:21 AM

That looks good

Remove temporary and junk files

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode


Create a new restore point

Follow this guide to turn off and turn on your restore points

XP- http://support.microsoft.com/kb/310405

Vista & windows 7- http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Turn off your system restore-It deletes old infected restore points

Turn on system restore and create a new restore point

Update JAVA and Flash player

Uninstall old version of java from control panel-Add or remove programs.Download the latest version from here

http://java.com/en/

Update your flash player

Antivirus recommendations

Update your antivirus frequently.Two free antivirus that i would suggest are

Microsoft security essentials or Avast.You can select either one of them.

If you have a paid one,make sure to update it frequently.Do not use multiple security softwares.

Informative guides that could prevent you from being infected again

How did I get infected?

http://www.bleepingcomputer.com/forums/topic2520.html

Best Practices for Safe Computing - Prevention of Malware Infection

http://www.bleepingcomputer.com/forums/topic407147.html

Simple and easy ways to keep your computer safe and secure on the Internet

http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/

Safe surfing :)

#9 icemaxwell

icemaxwell
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:03:59 PM

Posted 17 January 2013 - 03:33 PM

thank you, now my firewall is working. I really appreciated your help.

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:59 PM

Posted 17 January 2013 - 03:33 PM

You're most welcome :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users