Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

New Here Need Help

Started by cbunch1234 , Jan 20 2013 12:51 AM

Please log in to reply

4 replies to this topic

#1 cbunch1234

New Member

Members
4 posts

Posted 20 January 2013 - 12:51 AM

Ok I will be so happy if someone can help me, but I am not very computer smart, so some of what I have seen on here is a bit out of my league. I am not sure how to post the log things. But on to my problem, I have windows 7 laptop, and now it has started when I go to google or other search engines it does not take me to the right page when I click on something. Also sometimes when I type in a web address in Internet explorer it doesn't go to the right place either. Also I have ran the Tddskiller thing and it found nothing, also the spyware thing and it found nothing, I have tried several and only one of them found anything and they said they got rid of it, but it is still going on. Also things popup now that normally did not. I also have AVG antivirus on my computer it has been on it for ever. I will try and answer any questions you have that i am capable of. I am ready to throw the computer out the window. It wouldn't be so bad but I do online college courses and this is even effecting my mircosoft word so I can not do any homework. PLEASE HELP. If I did not read enough before I posted this I am very sorry.

Thanks Tracy

BC Ads
BleepingComputer.com

#2 narenxp

Forum Addict

BC Advisor
16,365 posts

Gender:Male
Location:India

Posted 20 January 2013 - 01:06 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 cbunch1234

New Member

Members
4 posts

Posted 20 January 2013 - 03:09 PM

11:26:45.0853 4228 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
11:26:46.0375 4228 ============================================================
11:26:46.0375 4228 Current date / time: 2013/01/20 11:26:46.0375
11:26:46.0375 4228 SystemInfo:
11:26:46.0376 4228
11:26:46.0376 4228 OS Version: 6.1.7601 ServicePack: 1.0
11:26:46.0376 4228 Product type: Workstation
11:26:46.0376 4228 ComputerName: TRACY-PC
11:26:46.0376 4228 UserName: Tracy
11:26:46.0376 4228 Windows directory: C:\Windows
11:26:46.0376 4228 System windows directory: C:\Windows
11:26:46.0376 4228 Running under WOW64
11:26:46.0376 4228 Processor architecture: Intel x64
11:26:46.0376 4228 Number of processors: 2
11:26:46.0376 4228 Page size: 0x1000
11:26:46.0376 4228 Boot type: Normal boot
11:26:46.0376 4228 ============================================================
11:26:46.0796 4228 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:26:46.0801 4228 ============================================================
11:26:46.0801 4228 \Device\Harddisk0\DR0:
11:26:46.0801 4228 MBR partitions:
11:26:46.0801 4228 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1A03C22, BlocksNum 0x32FCD
11:26:46.0801 4228 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1A36BEF, BlocksNum 0x239F76C1
11:26:46.0801 4228 ============================================================
11:26:46.0821 4228 C: <-> \Device\Harddisk0\DR0\Partition2
11:26:46.0821 4228 ============================================================
11:26:46.0821 4228 Initialize success
11:26:46.0821 4228 ============================================================
11:26:50.0835 5812 ============================================================
11:26:50.0835 5812 Scan started
11:26:50.0835 5812 Mode: Manual;
11:26:50.0835 5812 ============================================================
11:26:51.0337 5812 ================ Scan system memory ========================
11:26:51.0337 5812 System memory - ok
11:26:51.0338 5812 ================ Scan services =============================
11:26:51.0558 5812 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
11:26:51.0563 5812 1394ohci - ok
11:26:51.0611 5812 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
11:26:51.0617 5812 ACPI - ok
11:26:51.0660 5812 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
11:26:51.0662 5812 AcpiPmi - ok
11:26:51.0789 5812 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
11:26:51.0792 5812 AdobeFlashPlayerUpdateSvc - ok
11:26:51.0867 5812 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
11:26:51.0876 5812 adp94xx - ok
11:26:51.0911 5812 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
11:26:51.0917 5812 adpahci - ok
11:26:51.0949 5812 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
11:26:51.0952 5812 adpu320 - ok
11:26:51.0973 5812 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
11:26:51.0974 5812 AeLookupSvc - ok
11:26:52.0038 5812 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
11:26:52.0047 5812 AFD - ok
11:26:52.0096 5812 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
11:26:52.0098 5812 agp440 - ok
11:26:52.0144 5812 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
11:26:52.0147 5812 ALG - ok
11:26:52.0198 5812 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
11:26:52.0200 5812 aliide - ok
11:26:52.0218 5812 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
11:26:52.0220 5812 amdide - ok
11:26:52.0268 5812 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
11:26:52.0270 5812 AmdK8 - ok
11:26:52.0294 5812 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
11:26:52.0297 5812 AmdPPM - ok
11:26:52.0347 5812 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
11:26:52.0350 5812 amdsata - ok
11:26:52.0393 5812 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
11:26:52.0398 5812 amdsbs - ok
11:26:52.0439 5812 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
11:26:52.0440 5812 amdxata - ok
11:26:52.0497 5812 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
11:26:52.0500 5812 AppID - ok
11:26:52.0535 5812 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
11:26:52.0537 5812 AppIDSvc - ok
11:26:52.0588 5812 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
11:26:52.0591 5812 Appinfo - ok
11:26:52.0645 5812 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
11:26:52.0648 5812 arc - ok
11:26:52.0662 5812 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
11:26:52.0665 5812 arcsas - ok
11:26:52.0693 5812 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
11:26:52.0695 5812 AsyncMac - ok
11:26:52.0745 5812 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
11:26:52.0747 5812 atapi - ok
11:26:52.0815 5812 [ 5074CCA8927D5ED5D102EC48BB771E3F ] athr C:\Windows\system32\DRIVERS\athrx.sys
11:26:52.0831 5812 athr - ok
11:26:52.0898 5812 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
11:26:52.0909 5812 AudioEndpointBuilder - ok
11:26:52.0923 5812 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
11:26:52.0927 5812 AudioSrv - ok
11:26:53.0189 5812 [ 4AFC14AFA58878FAA1D249E7E90EA54B ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
11:26:53.0317 5812 AVGIDSAgent - ok
11:26:53.0393 5812 [ 388056EBD5FE6718FE669078DBE37897 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdrivera.sys
11:26:53.0395 5812 AVGIDSDriver - ok
11:26:53.0472 5812 [ 550E981747D6A6C55078C77346FFC2C6 ] AVGIDSHA C:\Windows\system32\DRIVERS\avgidsha.sys
11:26:53.0474 5812 AVGIDSHA - ok
11:26:53.0514 5812 [ 5989592A91A17587799792A81E1541D4 ] Avgldx64 C:\Windows\system32\DRIVERS\avgldx64.sys
11:26:53.0516 5812 Avgldx64 - ok
11:26:53.0595 5812 [ 3FC43AA02545FCDDC22817829114DEC8 ] Avgloga C:\Windows\system32\DRIVERS\avgloga.sys
11:26:53.0599 5812 Avgloga - ok
11:26:53.0638 5812 [ 841C40C193889730848849AC220D9242 ] Avgmfx64 C:\Windows\system32\DRIVERS\avgmfx64.sys
11:26:53.0640 5812 Avgmfx64 - ok
11:26:53.0671 5812 [ FE4F444DBE4BBBDFD8FECF49398DEFC7 ] Avgrkx64 C:\Windows\system32\DRIVERS\avgrkx64.sys
11:26:53.0672 5812 Avgrkx64 - ok
11:26:53.0701 5812 [ 6E634525613D48A1D1657FB21F21F3B2 ] Avgtdia C:\Windows\system32\DRIVERS\avgtdia.sys
11:26:53.0704 5812 Avgtdia - ok
11:26:53.0748 5812 [ 371428CF0F71934CB0F2344823ADFA32 ] avgtp C:\Windows\system32\drivers\avgtpx64.sys
11:26:53.0750 5812 avgtp - ok
11:26:53.0785 5812 [ 6B72E1E329C4E98C6B6FDD2D265E3BA3 ] avgwd C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
11:26:53.0788 5812 avgwd - ok
11:26:53.0842 5812 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
11:26:53.0845 5812 AxInstSV - ok
11:26:53.0912 5812 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
11:26:53.0920 5812 b06bdrv - ok
11:26:53.0994 5812 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
11:26:53.0999 5812 b57nd60a - ok
11:26:54.0052 5812 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
11:26:54.0055 5812 BDESVC - ok
11:26:54.0120 5812 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
11:26:54.0122 5812 Beep - ok
11:26:54.0198 5812 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
11:26:54.0215 5812 BFE - ok
11:26:54.0258 5812 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
11:26:54.0279 5812 BITS - ok
11:26:54.0332 5812 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
11:26:54.0335 5812 blbdrive - ok
11:26:54.0399 5812 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
11:26:54.0402 5812 bowser - ok
11:26:54.0443 5812 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
11:26:54.0445 5812 BrFiltLo - ok
11:26:54.0452 5812 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
11:26:54.0455 5812 BrFiltUp - ok
11:26:54.0508 5812 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
11:26:54.0511 5812 Browser - ok
11:26:54.0537 5812 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
11:26:54.0542 5812 Brserid - ok
11:26:54.0588 5812 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
11:26:54.0590 5812 BrSerWdm - ok
11:26:54.0618 5812 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
11:26:54.0629 5812 BrUsbMdm - ok
11:26:54.0635 5812 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
11:26:54.0638 5812 BrUsbSer - ok
11:26:54.0668 5812 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
11:26:54.0671 5812 BTHMODEM - ok
11:26:54.0705 5812 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
11:26:54.0707 5812 bthserv - ok
11:26:54.0738 5812 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
11:26:54.0740 5812 cdfs - ok
11:26:54.0802 5812 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
11:26:54.0804 5812 cdrom - ok
11:26:54.0865 5812 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
11:26:54.0867 5812 CertPropSvc - ok
11:26:54.0924 5812 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
11:26:54.0927 5812 circlass - ok
11:26:54.0968 5812 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
11:26:54.0974 5812 CLFS - ok
11:26:55.0071 5812 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:26:55.0074 5812 clr_optimization_v2.0.50727_32 - ok
11:26:55.0134 5812 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:26:55.0137 5812 clr_optimization_v2.0.50727_64 - ok
11:26:55.0238 5812 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:26:55.0241 5812 clr_optimization_v4.0.30319_32 - ok
11:26:55.0277 5812 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
11:26:55.0280 5812 clr_optimization_v4.0.30319_64 - ok
11:26:55.0332 5812 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
11:26:55.0334 5812 CmBatt - ok
11:26:55.0373 5812 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
11:26:55.0375 5812 cmdide - ok
11:26:55.0411 5812 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
11:26:55.0418 5812 CNG - ok
11:26:55.0482 5812 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
11:26:55.0483 5812 Compbatt - ok
11:26:55.0538 5812 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
11:26:55.0540 5812 CompositeBus - ok
11:26:55.0557 5812 COMSysApp - ok
11:26:55.0585 5812 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
11:26:55.0588 5812 crcdisk - ok
11:26:55.0642 5812 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
11:26:55.0647 5812 CryptSvc - ok
11:26:55.0694 5812 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
11:26:55.0702 5812 DcomLaunch - ok
11:26:55.0764 5812 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
11:26:55.0770 5812 defragsvc - ok
11:26:55.0824 5812 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
11:26:55.0826 5812 DfsC - ok
11:26:55.0876 5812 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
11:26:55.0881 5812 Dhcp - ok
11:26:55.0931 5812 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
11:26:55.0933 5812 discache - ok
11:26:55.0979 5812 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
11:26:55.0982 5812 Disk - ok
11:26:56.0021 5812 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
11:26:56.0025 5812 Dnscache - ok
11:26:56.0060 5812 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
11:26:56.0066 5812 dot3svc - ok
11:26:56.0112 5812 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
11:26:56.0116 5812 DPS - ok
11:26:56.0151 5812 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
11:26:56.0153 5812 drmkaud - ok
11:26:56.0220 5812 [ 61E894FE1E9CC720C909E6E343351794 ] DsiWMIService C:\Program Files (x86)\Launch Manager\dsiwmis.exe
11:26:56.0224 5812 DsiWMIService - ok
11:26:56.0277 5812 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
11:26:56.0285 5812 DXGKrnl - ok
11:26:56.0307 5812 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
11:26:56.0310 5812 EapHost - ok
11:26:56.0417 5812 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
11:26:56.0505 5812 ebdrv - ok
11:26:56.0569 5812 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
11:26:56.0572 5812 EFS - ok
11:26:56.0648 5812 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
11:26:56.0658 5812 ehRecvr - ok
11:26:56.0714 5812 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
11:26:56.0717 5812 ehSched - ok
11:26:56.0793 5812 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
11:26:56.0802 5812 elxstor - ok
11:26:56.0913 5812 [ 49EEF52BFB986A2B5D70F4EC12637D7B ] ePowerSvc C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
11:26:56.0941 5812 ePowerSvc - ok
11:26:56.0974 5812 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
11:26:56.0976 5812 ErrDev - ok
11:26:57.0033 5812 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
11:26:57.0040 5812 EventSystem - ok
11:26:57.0119 5812 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
11:26:57.0123 5812 exfat - ok
11:26:57.0141 5812 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
11:26:57.0145 5812 fastfat - ok
11:26:57.0207 5812 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
11:26:57.0217 5812 Fax - ok
11:26:57.0266 5812 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
11:26:57.0268 5812 fdc - ok
11:26:57.0301 5812 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
11:26:57.0303 5812 fdPHost - ok
11:26:57.0323 5812 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
11:26:57.0325 5812 FDResPub - ok
11:26:57.0352 5812 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
11:26:57.0354 5812 FileInfo - ok
11:26:57.0369 5812 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
11:26:57.0371 5812 Filetrace - ok
11:26:57.0413 5812 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
11:26:57.0415 5812 flpydisk - ok
11:26:57.0465 5812 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
11:26:57.0471 5812 FltMgr - ok
11:26:57.0530 5812 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
11:26:57.0565 5812 FontCache - ok
11:26:57.0660 5812 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:26:57.0662 5812 FontCache3.0.0.0 - ok
11:26:57.0691 5812 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
11:26:57.0694 5812 FsDepends - ok
11:26:57.0737 5812 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
11:26:57.0739 5812 Fs_Rec - ok
11:26:57.0794 5812 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
11:26:57.0798 5812 fvevol - ok
11:26:57.0821 5812 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
11:26:57.0824 5812 gagp30kx - ok
11:26:57.0912 5812 [ 6858C318E8DAA40E747E6FB9B214E104 ] GameConsoleService C:\Program Files (x86)\Acer Games\Acer Game Console\GameConsoleService.exe
11:26:57.0917 5812 GameConsoleService - ok
11:26:57.0972 5812 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
11:26:57.0989 5812 gpsvc - ok
11:26:58.0113 5812 [ 0191DEE9B9EB7902AF2CF4F67301095D ] GREGService C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
11:26:58.0114 5812 GREGService - ok
11:26:58.0205 5812 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:26:58.0207 5812 gupdate - ok
11:26:58.0250 5812 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:26:58.0252 5812 gupdatem - ok
11:26:58.0295 5812 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
11:26:58.0297 5812 hcw85cir - ok
11:26:58.0354 5812 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
11:26:58.0361 5812 HdAudAddService - ok
11:26:58.0405 5812 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
11:26:58.0408 5812 HDAudBus - ok
11:26:58.0443 5812 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
11:26:58.0445 5812 HidBatt - ok
11:26:58.0461 5812 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
11:26:58.0464 5812 HidBth - ok
11:26:58.0499 5812 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
11:26:58.0501 5812 HidIr - ok
11:26:58.0538 5812 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
11:26:58.0540 5812 hidserv - ok
11:26:58.0594 5812 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
11:26:58.0596 5812 HidUsb - ok
11:26:58.0633 5812 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
11:26:58.0636 5812 hkmsvc - ok
11:26:58.0678 5812 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
11:26:58.0683 5812 HomeGroupListener - ok
11:26:58.0722 5812 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
11:26:58.0728 5812 HomeGroupProvider - ok
11:26:58.0784 5812 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
11:26:58.0787 5812 HpSAMD - ok
11:26:58.0841 5812 [ F47CEC45FB85791D4AB237563AD0FA8F ] HTCAND64 C:\Windows\system32\Drivers\ANDROIDUSB.sys
11:26:58.0843 5812 HTCAND64 - ok
11:26:58.0893 5812 [ B8B1B284362E1D8135112573395D5DA5 ] htcnprot C:\Windows\system32\DRIVERS\htcnprot.sys
11:26:58.0895 5812 htcnprot - ok
11:26:58.0963 5812 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
11:26:58.0975 5812 HTTP - ok
11:26:59.0026 5812 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
11:26:59.0027 5812 hwpolicy - ok
11:26:59.0073 5812 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
11:26:59.0076 5812 i8042prt - ok
11:26:59.0124 5812 [ 42E00996DFC13C46366689C0EA8ABC5E ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
11:26:59.0130 5812 iaStor - ok
11:26:59.0203 5812 [ 48362E5DB5CB2C000C514EE1F3890ACD ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
11:26:59.0204 5812 IAStorDataMgrSvc - ok
11:26:59.0243 5812 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
11:26:59.0252 5812 iaStorV - ok
11:26:59.0326 5812 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
11:26:59.0344 5812 idsvc - ok
11:26:59.0539 5812 [ 2D18C9E1F23970DE32D78D3B1CDDA0A7 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
11:26:59.0719 5812 igfx - ok
11:26:59.0787 5812 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
11:26:59.0789 5812 iirsp - ok
11:26:59.0875 5812 [ F82BC30BB2B608AF8B5540CDBAEA93A6 ] IJPLMSVC C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
11:26:59.0878 5812 IJPLMSVC - ok
11:26:59.0930 5812 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
11:26:59.0950 5812 IKEEXT - ok
11:27:00.0041 5812 [ 1768CCC0CCDA73A5B3D7A17A3C52E870 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
11:27:00.0066 5812 IntcAzAudAddService - ok
11:27:00.0126 5812 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
11:27:00.0128 5812 intelide - ok
11:27:00.0178 5812 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
11:27:00.0179 5812 intelppm - ok
11:27:00.0217 5812 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
11:27:00.0221 5812 IPBusEnum - ok
11:27:00.0254 5812 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:27:00.0257 5812 IpFilterDriver - ok
11:27:00.0302 5812 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
11:27:00.0312 5812 iphlpsvc - ok
11:27:00.0372 5812 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
11:27:00.0375 5812 IPMIDRV - ok
11:27:00.0418 5812 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
11:27:00.0421 5812 IPNAT - ok
11:27:00.0466 5812 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
11:27:00.0468 5812 IRENUM - ok
11:27:00.0497 5812 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
11:27:00.0499 5812 isapnp - ok
11:27:00.0543 5812 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
11:27:00.0548 5812 iScsiPrt - ok
11:27:00.0597 5812 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
11:27:00.0599 5812 kbdclass - ok
11:27:00.0658 5812 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
11:27:00.0660 5812 kbdhid - ok
11:27:00.0681 5812 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
11:27:00.0684 5812 KeyIso - ok
11:27:00.0725 5812 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
11:27:00.0728 5812 KSecDD - ok
11:27:00.0766 5812 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
11:27:00.0770 5812 KSecPkg - ok
11:27:00.0797 5812 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
11:27:00.0799 5812 ksthunk - ok
11:27:00.0838 5812 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
11:27:00.0847 5812 KtmRm - ok
11:27:00.0911 5812 [ 55480B9C63F3F91A8EBBADCBF28FE581 ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys
11:27:00.0912 5812 L1C - ok
11:27:00.0968 5812 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
11:27:00.0975 5812 LanmanServer - ok
11:27:01.0008 5812 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
11:27:01.0014 5812 LanmanWorkstation - ok
11:27:01.0233 5812 [ 3C879D04BB6466E2853C3155B635CC45 ] LeapFrog Connect Device Service C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
11:27:01.0368 5812 LeapFrog Connect Device Service - ok
11:27:01.0430 5812 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
11:27:01.0432 5812 lltdio - ok
11:27:01.0465 5812 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
11:27:01.0472 5812 lltdsvc - ok
11:27:01.0501 5812 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
11:27:01.0504 5812 lmhosts - ok
11:27:01.0567 5812 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
11:27:01.0571 5812 LSI_FC - ok
11:27:01.0580 5812 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
11:27:01.0583 5812 LSI_SAS - ok
11:27:01.0591 5812 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
11:27:01.0594 5812 LSI_SAS2 - ok
11:27:01.0602 5812 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
11:27:01.0605 5812 LSI_SCSI - ok
11:27:01.0624 5812 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
11:27:01.0626 5812 luafv - ok
11:27:01.0656 5812 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
11:27:01.0659 5812 Mcx2Svc - ok
11:27:01.0664 5812 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
11:27:01.0667 5812 megasas - ok
11:27:01.0677 5812 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
11:27:01.0681 5812 MegaSR - ok
11:27:01.0765 5812 Microsoft SharePoint Workspace Audit Service - ok
11:27:01.0802 5812 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
11:27:01.0806 5812 MMCSS - ok
11:27:01.0824 5812 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
11:27:01.0826 5812 Modem - ok
11:27:01.0867 5812 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
11:27:01.0868 5812 monitor - ok
11:27:01.0900 5812 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
11:27:01.0901 5812 mouclass - ok
11:27:01.0930 5812 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
11:27:01.0932 5812 mouhid - ok
11:27:01.0975 5812 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
11:27:01.0977 5812 mountmgr - ok
11:27:02.0015 5812 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
11:27:02.0019 5812 mpio - ok
11:27:02.0044 5812 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
11:27:02.0047 5812 mpsdrv - ok
11:27:02.0097 5812 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
11:27:02.0114 5812 MpsSvc - ok
11:27:02.0144 5812 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
11:27:02.0148 5812 MRxDAV - ok
11:27:02.0182 5812 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
11:27:02.0186 5812 mrxsmb - ok
11:27:02.0228 5812 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:27:02.0234 5812 mrxsmb10 - ok
11:27:02.0256 5812 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:27:02.0258 5812 mrxsmb20 - ok
11:27:02.0279 5812 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
11:27:02.0281 5812 msahci - ok
11:27:02.0310 5812 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
11:27:02.0313 5812 msdsm - ok
11:27:02.0329 5812 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
11:27:02.0333 5812 MSDTC - ok
11:27:02.0373 5812 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
11:27:02.0374 5812 Msfs - ok
11:27:02.0385 5812 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
11:27:02.0386 5812 mshidkmdf - ok
11:27:02.0421 5812 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
11:27:02.0422 5812 msisadrv - ok
11:27:02.0477 5812 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
11:27:02.0482 5812 MSiSCSI - ok
11:27:02.0489 5812 msiserver - ok
11:27:02.0528 5812 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
11:27:02.0530 5812 MSKSSRV - ok
11:27:02.0554 5812 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
11:27:02.0555 5812 MSPCLOCK - ok
11:27:02.0563 5812 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
11:27:02.0565 5812 MSPQM - ok
11:27:02.0617 5812 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
11:27:02.0624 5812 MsRPC - ok
11:27:02.0670 5812 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
11:27:02.0672 5812 mssmbios - ok
11:27:02.0686 5812 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
11:27:02.0688 5812 MSTEE - ok
11:27:02.0699 5812 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
11:27:02.0701 5812 MTConfig - ok
11:27:02.0737 5812 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
11:27:02.0738 5812 Mup - ok
11:27:02.0792 5812 [ 6FFECC25B39DC7652A0CEC0ADA9DB589 ] mwlPSDFilter C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
11:27:02.0793 5812 mwlPSDFilter - ok
11:27:02.0813 5812 [ 0BEFE32CA56D6EE89D58175725596A85 ] mwlPSDNServ C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
11:27:02.0815 5812 mwlPSDNServ - ok
11:27:02.0832 5812 [ D43BC633B8660463E446E28E14A51262 ] mwlPSDVDisk C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
11:27:02.0834 5812 mwlPSDVDisk - ok
11:27:02.0917 5812 [ 22A4905C958BEB68D78385B633C1351B ] MWLService C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe
11:27:02.0923 5812 MWLService - ok
11:27:02.0962 5812 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
11:27:02.0970 5812 napagent - ok
11:27:03.0023 5812 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
11:27:03.0028 5812 NativeWifiP - ok
11:27:03.0096 5812 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
11:27:03.0117 5812 NDIS - ok
11:27:03.0136 5812 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
11:27:03.0137 5812 NdisCap - ok
11:27:03.0174 5812 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
11:27:03.0176 5812 NdisTapi - ok
11:27:03.0248 5812 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
11:27:03.0250 5812 Ndisuio - ok
11:27:03.0292 5812 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
11:27:03.0296 5812 NdisWan - ok
11:27:03.0330 5812 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
11:27:03.0333 5812 NDProxy - ok
11:27:03.0393 5812 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
11:27:03.0395 5812 NetBIOS - ok
11:27:03.0437 5812 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
11:27:03.0442 5812 NetBT - ok
11:27:03.0459 5812 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
11:27:03.0462 5812 Netlogon - ok
11:27:03.0513 5812 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
11:27:03.0521 5812 Netman - ok
11:27:03.0541 5812 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
11:27:03.0547 5812 netprofm - ok
11:27:03.0579 5812 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
11:27:03.0581 5812 NetTcpPortSharing - ok
11:27:03.0622 5812 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
11:27:03.0624 5812 nfrd960 - ok
11:27:03.0669 5812 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
11:27:03.0676 5812 NlaSvc - ok
11:27:03.0695 5812 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
11:27:03.0697 5812 Npfs - ok
11:27:03.0719 5812 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
11:27:03.0723 5812 nsi - ok
11:27:03.0732 5812 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
11:27:03.0734 5812 nsiproxy - ok
11:27:03.0789 5812 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
11:27:03.0825 5812 Ntfs - ok
11:27:03.0890 5812 [ 5B3CE960C62DBE864BE9A0BD043A3E30 ] NTI IScheduleSvc C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
11:27:03.0894 5812 NTI IScheduleSvc - ok
11:27:03.0936 5812 [ 15221DD637D9D0FFC60848EBBF1DF538 ] NTIBackupSvc C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
11:27:03.0939 5812 NTIBackupSvc - ok
11:27:03.0970 5812 [ 64DDD0DEE976302F4BD93E5EFCC2F013 ] NTIDrvr C:\Windows\system32\drivers\NTIDrvr.sys
11:27:03.0972 5812 NTIDrvr - ok
11:27:04.0033 5812 [ B5071E15D4C3F5EF5018AFF7E85A85E5 ] NTISchedulerSvc C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
11:27:04.0036 5812 NTISchedulerSvc - ok
11:27:04.0067 5812 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
11:27:04.0069 5812 Null - ok
11:27:04.0108 5812 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
11:27:04.0112 5812 nvraid - ok
11:27:04.0138 5812 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
11:27:04.0142 5812 nvstor - ok
11:27:04.0191 5812 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
11:27:04.0195 5812 nv_agp - ok
11:27:04.0233 5812 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
11:27:04.0236 5812 ohci1394 - ok
11:27:04.0332 5812 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:27:04.0336 5812 ose - ok
11:27:04.0570 5812 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
11:27:04.0677 5812 osppsvc - ok
11:27:04.0743 5812 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
11:27:04.0751 5812 p2pimsvc - ok
11:27:04.0788 5812 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
11:27:04.0794 5812 p2psvc - ok
11:27:04.0856 5812 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
11:27:04.0859 5812 Parport - ok
11:27:04.0903 5812 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
11:27:04.0906 5812 partmgr - ok
11:27:05.0004 5812 [ AFADA8B97BE3C9398DC6C770409C3544 ] PassThru Service C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
11:27:05.0006 5812 PassThru Service - ok
11:27:05.0042 5812 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
11:27:05.0048 5812 PcaSvc - ok
11:27:05.0078 5812 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
11:27:05.0081 5812 pci - ok
11:27:05.0111 5812 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
11:27:05.0114 5812 pciide - ok
11:27:05.0154 5812 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
11:27:05.0158 5812 pcmcia - ok
11:27:05.0179 5812 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
11:27:05.0180 5812 pcw - ok
11:27:05.0212 5812 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
11:27:05.0219 5812 PEAUTH - ok
11:27:05.0339 5812 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
11:27:05.0342 5812 PerfHost - ok
11:27:05.0427 5812 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
11:27:05.0460 5812 pla - ok
11:27:05.0529 5812 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
11:27:05.0538 5812 PlugPlay - ok
11:27:05.0565 5812 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
11:27:05.0568 5812 PNRPAutoReg - ok
11:27:05.0587 5812 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
11:27:05.0591 5812 PNRPsvc - ok
11:27:05.0632 5812 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
11:27:05.0638 5812 PolicyAgent - ok
11:27:05.0707 5812 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
11:27:05.0713 5812 Power - ok
11:27:05.0755 5812 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
11:27:05.0758 5812 PptpMiniport - ok
11:27:05.0805 5812 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
11:27:05.0807 5812 Processor - ok
11:27:05.0849 5812 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
11:27:05.0855 5812 ProfSvc - ok
11:27:05.0870 5812 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
11:27:05.0873 5812 ProtectedStorage - ok
11:27:05.0925 5812 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
11:27:05.0955 5812 ql2300 - ok
11:27:05.0990 5812 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
11:27:05.0992 5812 ql40xx - ok
11:27:06.0019 5812 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
11:27:06.0024 5812 QWAVE - ok
11:27:06.0038 5812 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
11:27:06.0040 5812 QWAVEdrv - ok
11:27:06.0053 5812 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
11:27:06.0055 5812 RasAcd - ok
11:27:06.0095 5812 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
11:27:06.0097 5812 RasAgileVpn - ok
11:27:06.0128 5812 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
11:27:06.0132 5812 RasAuto - ok
11:27:06.0176 5812 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
11:27:06.0179 5812 Rasl2tp - ok
11:27:06.0210 5812 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
11:27:06.0221 5812 RasMan - ok
11:27:06.0283 5812 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
11:27:06.0286 5812 RasPppoe - ok
11:27:06.0302 5812 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
11:27:06.0304 5812 RasSstp - ok
11:27:06.0346 5812 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
11:27:06.0352 5812 rdbss - ok
11:27:06.0411 5812 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
11:27:06.0414 5812 rdpbus - ok
11:27:06.0452 5812 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
11:27:06.0453 5812 RDPCDD - ok
11:27:06.0471 5812 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
11:27:06.0473 5812 RDPENCDD - ok
11:27:06.0535 5812 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
11:27:06.0536 5812 RDPREFMP - ok
11:27:06.0578 5812 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
11:27:06.0583 5812 RDPWD - ok
11:27:06.0634 5812 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
11:27:06.0638 5812 rdyboost - ok
11:27:06.0679 5812 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
11:27:06.0684 5812 RemoteAccess - ok
11:27:06.0721 5812 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
11:27:06.0727 5812 RemoteRegistry - ok
11:27:06.0745 5812 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
11:27:06.0749 5812 RpcEptMapper - ok
11:27:06.0788 5812 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
11:27:06.0790 5812 RpcLocator - ok
11:27:06.0828 5812 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
11:27:06.0833 5812 RpcSs - ok
11:27:06.0872 5812 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
11:27:06.0875 5812 rspndr - ok
11:27:06.0908 5812 [ DB30AA4DAA0D492FA5D7717D8181FFA1 ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
11:27:06.0912 5812 RSUSBSTOR - ok
11:27:06.0925 5812 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
11:27:06.0927 5812 SamSs - ok
11:27:06.0968 5812 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
11:27:06.0971 5812 sbp2port - ok
11:27:07.0002 5812 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
11:27:07.0006 5812 SCardSvr - ok
11:27:07.0039 5812 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
11:27:07.0040 5812 scfilter - ok
11:27:07.0084 5812 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
11:27:07.0122 5812 Schedule - ok
11:27:07.0166 5812 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
11:27:07.0167 5812 SCPolicySvc - ok
11:27:07.0203 5812 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
11:27:07.0210 5812 SDRSVC - ok
11:27:07.0259 5812 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
11:27:07.0262 5812 secdrv - ok
11:27:07.0289 5812 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
11:27:07.0294 5812 seclogon - ok
11:27:07.0326 5812 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
11:27:07.0330 5812 SENS - ok
11:27:07.0340 5812 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
11:27:07.0345 5812 SensrSvc - ok
11:27:07.0364 5812 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
11:27:07.0366 5812 Serenum - ok
11:27:07.0408 5812 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
11:27:07.0410 5812 Serial - ok
11:27:07.0442 5812 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
11:27:07.0444 5812 sermouse - ok
11:27:07.0494 5812 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
11:27:07.0498 5812 SessionEnv - ok
11:27:07.0534 5812 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
11:27:07.0536 5812 sffdisk - ok
11:27:07.0561 5812 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
11:27:07.0563 5812 sffp_mmc - ok
11:27:07.0577 5812 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
11:27:07.0579 5812 sffp_sd - ok
11:27:07.0609 5812 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
11:27:07.0612 5812 sfloppy - ok
11:27:07.0653 5812 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
11:27:07.0658 5812 SharedAccess - ok
11:27:07.0694 5812 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
11:27:07.0700 5812 ShellHWDetection - ok
11:27:07.0713 5812 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
11:27:07.0715 5812 SiSRaid2 - ok
11:27:07.0721 5812 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
11:27:07.0724 5812 SiSRaid4 - ok
11:27:07.0758 5812 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
11:27:07.0760 5812 Smb - ok
11:27:07.0802 5812 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
11:27:07.0806 5812 SNMPTRAP - ok
11:27:07.0816 5812 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
11:27:07.0818 5812 spldr - ok
11:27:07.0872 5812 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
11:27:07.0884 5812 Spooler - ok
11:27:07.0983 5812 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
11:27:08.0066 5812 sppsvc - ok
11:27:08.0103 5812 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
11:27:08.0106 5812 sppuinotify - ok
11:27:08.0143 5812 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
11:27:08.0149 5812 srv - ok
11:27:08.0195 5812 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
11:27:08.0202 5812 srv2 - ok
11:27:08.0218 5812 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
11:27:08.0222 5812 srvnet - ok
11:27:08.0257 5812 [ ED161B91FDF7EAA39469D72D463D5F4E ] sscdbus C:\Windows\system32\DRIVERS\sscdbus.sys
11:27:08.0260 5812 sscdbus - ok
11:27:08.0308 5812 [ 4CB09E77593DBD8D7AF33B37375CA715 ] sscdmdfl C:\Windows\system32\DRIVERS\sscdmdfl.sys
11:27:08.0309 5812 sscdmdfl - ok
11:27:08.0342 5812 [ C7B4CF53497A6E5363F3439427663882 ] sscdmdm C:\Windows\system32\DRIVERS\sscdmdm.sys
11:27:08.0347 5812 sscdmdm - ok
11:27:08.0371 5812 [ 05FFA552F578E27AB2D41B6828DB477F ] sscdserd C:\Windows\system32\DRIVERS\sscdserd.sys
11:27:08.0374 5812 sscdserd - ok
11:27:08.0429 5812 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
11:27:08.0433 5812 SSDPSRV - ok
11:27:08.0444 5812 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
11:27:08.0448 5812 SstpSvc - ok
11:27:08.0497 5812 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
11:27:08.0498 5812 stexstor - ok
11:27:08.0543 5812 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
11:27:08.0552 5812 stisvc - ok
11:27:08.0597 5812 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
11:27:08.0598 5812 swenum - ok
11:27:08.0637 5812 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
11:27:08.0645 5812 swprv - ok
11:27:08.0686 5812 [ BCF305959B53B200CEB2AD25AD22F8A7 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
11:27:08.0689 5812 SynTP - ok
11:27:08.0761 5812 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
11:27:08.0808 5812 SysMain - ok
11:27:08.0839 5812 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
11:27:08.0842 5812 TabletInputService - ok
11:27:08.0881 5812 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
11:27:08.0891 5812 TapiSrv - ok
11:27:08.0918 5812 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
11:27:08.0921 5812 TBS - ok
11:27:09.0014 5812 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
11:27:09.0053 5812 Tcpip - ok
11:27:09.0109 5812 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
11:27:09.0120 5812 TCPIP6 - ok
11:27:09.0161 5812 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
11:27:09.0163 5812 tcpipreg - ok
11:27:09.0198 5812 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
11:27:09.0199 5812 TDPIPE - ok
11:27:09.0231 5812 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
11:27:09.0233 5812 TDTCP - ok
11:27:09.0261 5812 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
11:27:09.0264 5812 tdx - ok
11:27:09.0290 5812 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
11:27:09.0291 5812 TermDD - ok
11:27:09.0328 5812 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
11:27:09.0338 5812 TermService - ok
11:27:09.0362 5812 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
11:27:09.0365 5812 Themes - ok
11:27:09.0402 5812 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
11:27:09.0403 5812 THREADORDER - ok
11:27:09.0425 5812 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
11:27:09.0428 5812 TrkWks - ok
11:27:09.0489 5812 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
11:27:09.0492 5812 TrustedInstaller - ok
11:27:09.0538 5812 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
11:27:09.0539 5812 tssecsrv - ok
11:27:09.0591 5812 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
11:27:09.0593 5812 TsUsbFlt - ok
11:27:09.0659 5812 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
11:27:09.0662 5812 tunnel - ok
11:27:09.0698 5812 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
11:27:09.0701 5812 uagp35 - ok
11:27:09.0724 5812 [ 2E22C1FD397A5A9FFEF55E9D1FC96C00 ] UBHelper C:\Windows\system32\drivers\UBHelper.sys
11:27:09.0725 5812 UBHelper - ok
11:27:09.0761 5812 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
11:27:09.0767 5812 udfs - ok
11:27:09.0803 5812 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
11:27:09.0806 5812 UI0Detect - ok
11:27:09.0837 5812 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
11:27:09.0840 5812 uliagpkx - ok
11:27:09.0890 5812 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
11:27:09.0891 5812 umbus - ok
11:27:09.0930 5812 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
11:27:09.0932 5812 UmPass - ok
11:27:10.0011 5812 [ F9EC9ACD504D823D9B9CA98A4F8D3CA2 ] Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
11:27:10.0015 5812 Updater Service - ok
11:27:10.0061 5812 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
11:27:10.0069 5812 upnphost - ok
11:27:10.0114 5812 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
11:27:10.0117 5812 usbccgp - ok
11:27:10.0162 5812 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
11:27:10.0165 5812 usbcir - ok
11:27:10.0189 5812 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
11:27:10.0192 5812 usbehci - ok
11:27:10.0265 5812 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
11:27:10.0272 5812 usbhub - ok
11:27:10.0292 5812 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
11:27:10.0294 5812 usbohci - ok
11:27:10.0343 5812 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
11:27:10.0344 5812 usbprint - ok
11:27:10.0386 5812 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
11:27:10.0389 5812 usbscan - ok
11:27:10.0404 5812 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:27:10.0407 5812 USBSTOR - ok
11:27:10.0449 5812 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
11:27:10.0451 5812 usbuhci - ok
11:27:10.0514 5812 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
11:27:10.0517 5812 usbvideo - ok
11:27:10.0560 5812 [ 70D05EE263568A742D14E1876DF80532 ] usb_rndisx C:\Windows\system32\DRIVERS\usb8023x.sys
11:27:10.0563 5812 usb_rndisx - ok
11:27:10.0604 5812 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
11:27:10.0609 5812 UxSms - ok
11:27:10.0625 5812 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
11:27:10.0628 5812 VaultSvc - ok
11:27:10.0690 5812 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
11:27:10.0693 5812 vdrvroot - ok
11:27:10.0730 5812 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
11:27:10.0742 5812 vds - ok
11:27:10.0791 5812 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
11:27:10.0793 5812 vga - ok
11:27:10.0813 5812 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
11:27:10.0815 5812 VgaSave - ok
11:27:10.0854 5812 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
11:27:10.0859 5812 vhdmp - ok
11:27:10.0894 5812 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
11:27:10.0896 5812 viaide - ok
11:27:10.0925 5812 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
11:27:10.0927 5812 volmgr - ok
11:27:10.0973 5812 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
11:27:10.0979 5812 volmgrx - ok
11:27:11.0057 5812 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
11:27:11.0062 5812 volsnap - ok
11:27:11.0130 5812 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
11:27:11.0134 5812 vsmraid - ok
11:27:11.0204 5812 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
11:27:11.0250 5812 VSS - ok
11:27:11.0363 5812 [ 7D110D645030C05A06C3CD08D1E47D0A ] vToolbarUpdater13.2.0 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe
11:27:11.0379 5812 vToolbarUpdater13.2.0 - ok
11:27:11.0424 5812 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
11:27:11.0425 5812 vwifibus - ok
11:27:11.0436 5812 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
11:27:11.0438 5812 vwififlt - ok
11:27:11.0475 5812 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
11:27:11.0476 5812 vwifimp - ok
11:27:11.0519 5812 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
11:27:11.0525 5812 W32Time - ok
11:27:11.0564 5812 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
11:27:11.0565 5812 WacomPen - ok
11:27:11.0609 5812 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
11:27:11.0611 5812 WANARP - ok
11:27:11.0625 5812 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
11:27:11.0627 5812 Wanarpv6 - ok
11:27:11.0715 5812 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
11:27:11.0751 5812 WatAdminSvc - ok
11:27:11.0814 5812 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
11:27:11.0860 5812 wbengine - ok
11:27:11.0889 5812 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
11:27:11.0893 5812 WbioSrvc - ok
11:27:11.0933 5812 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
11:27:11.0939 5812 wcncsvc - ok
11:27:11.0955 5812 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
11:27:11.0958 5812 WcsPlugInService - ok
11:27:12.0002 5812 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
11:27:12.0004 5812 Wd - ok
11:27:12.0053 5812 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
11:27:12.0069 5812 Wdf01000 - ok
11:27:12.0084 5812 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
11:27:12.0089 5812 WdiServiceHost - ok
11:27:12.0094 5812 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
11:27:12.0098 5812 WdiSystemHost - ok
11:27:12.0132 5812 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
11:27:12.0137 5812 WebClient - ok
11:27:12.0160 5812 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
11:27:12.0165 5812 Wecsvc - ok
11:27:12.0184 5812 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
11:27:12.0188 5812 wercplsupport - ok
11:27:12.0222 5812 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
11:27:12.0225 5812 WerSvc - ok
11:27:12.0262 5812 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
11:27:12.0264 5812 WfpLwf - ok
11:27:12.0275 5812 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
11:27:12.0276 5812 WIMMount - ok
11:27:12.0303 5812 WinDefend - ok
11:27:12.0310 5812 WinHttpAutoProxySvc - ok
11:27:12.0373 5812 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
11:27:12.0378 5812 Winmgmt - ok
11:27:12.0450 5812 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
11:27:12.0499 5812 WinRM - ok
11:27:12.0594 5812 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
11:27:12.0596 5812 WinUsb - ok
11:27:12.0637 5812 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
11:27:12.0657 5812 Wlansvc - ok
11:27:12.0774 5812 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
11:27:12.0831 5812 wlidsvc - ok
11:27:12.0864 5812 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
11:27:12.0865 5812 WmiAcpi - ok
11:27:12.0904 5812 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
11:27:12.0908 5812 wmiApSrv - ok
11:27:12.0931 5812 WMPNetworkSvc - ok
11:27:12.0955 5812 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
11:27:12.0958 5812 WPCSvc - ok
11:27:12.0997 5812 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
11:27:13.0001 5812 WPDBusEnum - ok
11:27:13.0034 5812 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
11:27:13.0035 5812 ws2ifsl - ok
11:27:13.0054 5812 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
11:27:13.0057 5812 wscsvc - ok
11:27:13.0062 5812 WSearch - ok
11:27:13.0147 5812 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
11:27:13.0204 5812 wuauserv - ok
11:27:13.0236 5812 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
11:27:13.0238 5812 WudfPf - ok
11:27:13.0273 5812 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
11:27:13.0276 5812 WUDFRd - ok
11:27:13.0311 5812 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
11:27:13.0314 5812 wudfsvc - ok
11:27:13.0356 5812 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
11:27:13.0364 5812 WwanSvc - ok
11:27:13.0407 5812 ================ Scan global ===============================
11:27:13.0437 5812 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
11:27:13.0465 5812 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
11:27:13.0477 5812 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
11:27:13.0502 5812 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
11:27:13.0540 5812 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
11:27:13.0548 5812 [Global] - ok
11:27:13.0548 5812 ================ Scan MBR ==================================
11:27:13.0563 5812 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
11:27:14.0024 5812 \Device\Harddisk0\DR0 - ok
11:27:14.0025 5812 ================ Scan VBR ==================================
11:27:14.0029 5812 [ F5D7083B92F8459A43BB8151F8664B0C ] \Device\Harddisk0\DR0\Partition1
11:27:14.0031 5812 \Device\Harddisk0\DR0\Partition1 - ok
11:27:14.0045 5812 [ 2C4400D68E503B8540E2860FC9F1A175 ] \Device\Harddisk0\DR0\Partition2
11:27:14.0047 5812 \Device\Harddisk0\DR0\Partition2 - ok
11:27:14.0047 5812 ============================================================
11:27:14.0047 5812 Scan finished
11:27:14.0047 5812 ============================================================
11:27:14.0059 3124 Detected object count: 0
11:27:14.0060 3124 Actual detected object count: 0
11:32:50.0225 1168 Deinitialize success
aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2013-01-20 11:35:57
-----------------------------
11:35:57.004 OS Version: Windows x64 6.1.7601 Service Pack 1
11:35:57.004 Number of processors: 2 586 0x170A
11:35:57.005 ComputerName: TRACY-PC UserName: Tracy
11:35:57.764 Initialize success
11:43:05.493 AVAST engine defs: 13012000
11:43:37.912 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
11:43:37.917 Disk 0 Vendor: WDC_WD32 01.0 Size: 305245MB BusType: 3
11:43:37.931 Disk 0 MBR read successfully
11:43:37.936 Disk 0 MBR scan
11:43:37.944 Disk 0 Windows 7 default MBR code
11:43:37.949 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 13319 MB offset 63
11:43:37.969 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 101 MB offset 27278370
11:43:37.979 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 291822 MB offset 27487215
11:43:38.021 Disk 0 scanning C:\Windows\system32\drivers
11:43:50.532 Service scanning
11:44:25.764 Modules scanning
11:44:25.778 Disk 0 trace - called modules:
11:44:25.809 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
11:44:25.819 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8006994740]
11:44:25.828 3 CLASSPNP.SYS[fffff88001b8b43f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004a67050]
11:44:27.766 AVAST engine scan C:\Windows
11:44:30.433 AVAST engine scan C:\Windows\system32
11:48:14.438 AVAST engine scan C:\Windows\system32\drivers
11:48:28.583 AVAST engine scan C:\Users\Tracy
11:56:45.388 AVAST engine scan C:\ProgramData
12:00:57.768 Scan finished successfully
12:09:57.003 Disk 0 MBR has been saved successfully to "C:\Users\Tracy\Desktop\MBR.dat"
12:09:57.010 The log file has been saved successfully to "C:\Users\Tracy\Desktop\aswMBR.txt"
Eset online Scanner_________________________________________
C:\ProgramData\Mircrosoft\Windows\DRM\1635.tmp
C:\Users\AllUsers\Mircrosoft\Windows\DRM\1635.tmp
C:\Users\Tracy\AppData\Local Apps\Adobe\ibwdpeo.dll
C:\Users\Tracy\AppData\Local\Temp\ibwdpeo\ibwdpeo.dll
C:\Users\Tracy\AppData\Local\Temp\0.009125360625634626
C:\Users\Tracy\AppData\Local\Temp\0.03778239749539192

I could not get the last one to copy to desk top so I just typed it in here I hope this was alright.

#4 narenxp

Forum Addict

BC Advisor
16,365 posts

Gender:Male
Location:India

Posted 20 January 2013 - 04:55 PM

Please run ESET online scanner again and make sure to checkmark REMOVE THREATS option.Post the log

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.

Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here

Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

#5 cbunch1234

New Member

Members
4 posts

Posted 21 January 2013 - 12:28 AM

C:\ProgramData\Mircrosoft\Windows\DRM\1635.tmp
C:\Users\AllUsers\Mircrosoft\Windows\DRM\1635.tmp Was deleted-quarantined
C:\Users\Tracy\AppData\Local Apps\Adobe\ibwdpeo.dll Was deleted-quarantined

C:\Users\Tracy\AppData\Local\Temp\ibwdpeo\ibwdpeo.dll Was deleted-quarantined

C:\Users\Tracy\AppData\Local\Temp\0.009125360625634626 Was deleted-quarantined

C:\Users\Tracy\AppData\Local\Temp\0.03778239749539192 Was deleted-quarantined

Not sure why but I still can not get this one to copy to my desk top this is what it said after I was done this time.

Malwarebytes Anti-Malware (Trial) 1.70.0.1100
www.malwarebytes.org

Database version: v2013.01.21.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
Tracy :: TRACY-PC [administrator]

Protection: Enabled

1/20/2013 11:26:39 PM
MBAM-log-2013-01-21 (00-25-22).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 387670
Time elapsed: 51 minute(s), 45 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 1
C:\Program Files (x86)\InfoAtoms\IE32\InfoAtomsClientIE.dll (PUP.InfoAtoms) -> No action taken.

Registry Keys Detected: 9
HKCR\AppID\{F85FA3F2-D2C8-4D4D-BB1C-3181E691AF2B} (PUP.FaceThemes) -> No action taken.
HKCR\CLSID\{103089DA-0F31-4A8B-843F-7D24A7FE8345} (PUP.InfoAtoms) -> No action taken.
HKCR\TypeLib\{EF96EDE0-E1F8-4EB2-956B-D54DF35335E4} (PUP.InfoAtoms) -> No action taken.
HKCR\Interface\{44C0ECF5-4AC6-4E39-8091-E57070F8945A} (PUP.InfoAtoms) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{103089DA-0F31-4A8B-843F-7D24A7FE8345} (PUP.InfoAtoms) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{103089DA-0F31-4A8B-843F-7D24A7FE8345} (PUP.InfoAtoms) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{103089DA-0F31-4A8B-843F-7D24A7FE8345} (PUP.InfoAtoms) -> No action taken.
HKCR\Typelib\{A3F56272-CDB4-4310-9BB1-9A0D0757A3B3} (PUP.FaceThemes) -> No action taken.
HKCR\Interface\{D6975F9E-15B2-4FE7-9D16-FC2E85CB201B} (PUP.FaceThemes) -> No action taken.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Program Files (x86)\InfoAtoms\IE32\InfoAtomsClientIE.dll (PUP.InfoAtoms) -> No action taken.

(end)

Farbar Service Scanner Version: 16-01-2013
Ran by Tracy (administrator) on 21-01-2013 at 01:08:43
Running from "C:\Users\Tracy\Desktop"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Attempt to access Google IP returned error. Google IP is offline
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.

Windows Firewall:
=============

Firewall Disabled Policy:
==================

System Restore:
============

System Restore Disabled Policy:
========================

Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================

Windows Defender:
==============

Other Services:
==============

File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit

**** End of log ****

# AdwCleaner v2.106 - Logfile created 01/21/2013 at 01:11:03
# Updated 17/01/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Tracy - TRACY-PC
# Boot Mode : Normal
# Running from : C:\Users\Tracy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DWCGMMSR\2-adwcleaner[1].exe
# Option [Delete]

***** [Services] *****

***** [Files / Folders] *****

Deleted on reboot : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Deleted : C:\Program Files (x86)\AVG Secure Search
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\OApps
Folder Deleted : C:\ProgramData\APN
Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\ProgramData\boost_interprocess
Folder Deleted : C:\ProgramData\Partner
Folder Deleted : C:\Users\Tracy\AppData\Local\AVG Secure Search
Folder Deleted : C:\Users\Tracy\AppData\Local\Conduit
Folder Deleted : C:\Users\Tracy\AppData\Local\Wajam
Folder Deleted : C:\Users\Tracy\AppData\LocalLow\AVG Secure Search
Folder Deleted : C:\Users\Tracy\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Tracy\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\Tracy\AppData\Roaming\OpenCandy

***** [Registry] *****

Key Deleted : HKCU\Software\Alexa Internet
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKCU\Software\Cr_Installer
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EA582743-9076-4178-9AA6-7393FDF4D5CE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EA582743-9076-4178-9AA6-7393FDF4D5CE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\PIP
Key Deleted : HKCU\Software\wecarereminder
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\Software\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Key Deleted : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\S
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2260173
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3196716
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3209604
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.7601.17514

[OK] Registry is clean.

*************************

AdwCleaner[S1].txt - [8236 octets] - [21/01/2013 01:11:03]

########## EOF - C:\AdwCleaner[S1].txt - [8296 octets] ##########

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.4.6 (01.20.2013:1)
OS: Windows 7 Home Premium x64
Ran by Tracy on Mon 01/21/2013 at 1:17:14.57
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

Successfully deleted: [Registry Value] hkey_current_user\software\microsoft\internet explorer\toolbar\webbrowser\\{8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94}
Successfully deleted: [Registry Value] hkey_current_user\software\microsoft\internet explorer\toolbar\webbrowser\\{ebd898f8-fcf6-4694-bc3b-eabc7271eeb1}
Successfully deleted: [Registry Value] hkey_current_user\software\microsoft\internet explorer\urlsearchhooks\\{ebd898f8-fcf6-4694-bc3b-eabc7271eeb1}

~~~ Registry Keys

Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{02478d38-c3f9-4efb-9b51-7695eca05670}

~~~ Files

~~~ Folders

Successfully deleted: [Folder] "C:\Users\Tracy\AppData\Roaming\strongvault"
Successfully deleted: [Folder] "C:\Users\Tracy\appdata\local\stronghold_llc"
Successfully deleted: [Folder] "C:\Program Files (x86)\infoatoms"
Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Mon 01/21/2013 at 1:34:34.60
End of JRT log
~~~~~~Rkill 2.4.6 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 01/21/2013 12:15:13 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* C:\Users\Tracy\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe (PID: 5580) [UP-HEUR]

1 proccess terminated!

Checking Registry for malware related settings:

* Explorer Policy Removed: NoActiveDesktopChanges [HKLM]

Backup Registry file created at:
C:\Users\Tracy\Desktop\rkill\rkill-01-21-2013-12-15-21.reg

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* No issues found.

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* No issues found.

Program finished at: 01/21/2013 12:15:36 PM
Execution time: 0 hours(s), 0 minute(s), and 22 seconds(s)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms" "" "" ""
+ "rdpclip" "" "" "File not found: rdpclip"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Acer ePower Management" "ePowerTray" "Acer Incorporated" "c:\program files\acer\acer epower management\epowertray.exe"
+ "CanonMyPrinter" "Canon My Printer" "CANON INC." "c:\program files\canon\myprinter\bjmyprt.exe"
+ "HotKeysCmds" "hkcmd Module" "Intel Corporation" "c:\windows\system32\hkcmd.exe"
+ "IgfxTray" "igfxTray Module" "Intel Corporation" "c:\windows\system32\igfxtray.exe"
+ "mwlDaemon" "MyWinLocker" "Egis Technology Inc." "c:\program files (x86)\egistec mywinlocker\x86\mwldaemon.exe"
+ "Persistence" "persistence Module" "Intel Corporation" "c:\windows\system32\igfxpers.exe"
+ "RtHDVCpl" "Realtek HD Audio Manager" "Realtek Semiconductor" "c:\program files\realtek\audio\hda\ravcpl64.exe"
+ "SynTPEnh" "Synaptics TouchPad Enhancements" "Synaptics Incorporated" "c:\program files\synaptics\syntp\syntpenh.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "AgentMonitor" "AgentMon Application" "" "c:\program files (x86)\vtech\downloadmanager\system\agentmonitor.exe"
+ "AVG_UI" "AVG User Interface" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2013\avgui.exe"
+ "BackupManagerTray" "Acer Backup Manager" "NewTech Infosystems, Inc." "c:\program files (x86)\newtech infosystems\acer backup manager\backupmanagertray.exe"
+ "BCSSync" "Microsoft Office 2010 component" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\bcssync.exe"
+ "CanonSolutionMenuEx" "Canon Solution Menu EX" "CANON INC." "c:\program files (x86)\canon\solution menu ex\cnsemain.exe"
+ "EgisTecPMMUpdate" "PMM Update Application" "Egis Technology Inc." "c:\program files (x86)\egistec ips\pmmupdate.exe"
+ "EgisUpdate" "EgisUpdate Release Application" "Egis Technology Inc." "c:\program files (x86)\egistec ips\egisupdate.exe"
+ "IAStorIcon" "IAStorIcon" "Intel Corporation" "c:\program files (x86)\intel\intel® rapid storage technology\iastoricon.exe"
+ "LManager" "Launch Manager Keyboard Application" "Dritek System Inc." "c:\program files (x86)\launch manager\lmanager.exe"
+ "Monitor" "Monitor Application" "LeapFrog Enterprises, Inc." "c:\program files (x86)\leapfrog\leapfrog connect\monitor.exe"
+ "QuickTime Task" "QuickTime Task" "Apple Inc." "c:\program files (x86)\quicktime\qttask.exe"
+ "ROC_ROC_NT" "" "" "File not found: C:\Program Files (x86)\AVG Secure Search\ROC_ROC_NT.exe"
+ "SuiteTray" "SuiteTray" "Egis Technology Inc." "c:\program files (x86)\egistec mywinlockersuite\x86\suitetray.exe"
+ "SunJavaUpdateSched" "Java™ Update Scheduler" "Sun Microsystems, Inc." "c:\program files (x86)\common files\java\java update\jusched.exe"
+ "TkBellExe" "RealNetworks Scheduler" "RealNetworks, Inc." "c:\program files (x86)\real\realplayer\update\realsched.exe"
+ "vProt" "" "" "File not found: C:\Program Files (x86)\AVG Secure Search\vprot.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files (x86)\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Itibiti.exe" "" "" "File not found: C:\Program Files (x86)\Itibiti Soft Phone\Itibiti.exe"
+ "pronto" "" "" "File not found: C:\Program Files (x86)\Blackboard\Blackboard IM\blackboardim.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "text/xml" "Microsoft Office XML MIME Filter" "Microsoft Corporation" "c:\program files\common files\microsoft shared\office14\msoxmlmf.dll"
"HKLM\SOFTWARE\Classes\Protocols\Handler" "" "" ""
+ "linkscanner" "" "" "File not found: C:\Program Files (x86)\AVG\AVG2012\avgppa.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks" "" "" ""
+ "Groove GFS Stub Execution Hook" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks" "" "" ""
+ "Groove GFS Stub Execution Hook" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "AVG Shell Extension" "AVG Shell Extension" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2013\avgsea.dll"
+ "EDSshellExt" "Shell Extention" "Egis Technology Inc." "c:\program files (x86)\egistec mywinlocker\x64\mwlshellext.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "AVG Shell Extension" "AVG Shell Extension" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2013\avgse.dll"
+ "EDSshellExt" "Shell Extention" "Egis Technology Inc." "c:\program files (x86)\egistec mywinlocker\x86\mwlshellext.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
+ "ShredderContextMenu" "ShredderContextMenu" "Egis Technology Inc." "c:\program files (x86)\egistec shredder\x64\shreddercontextmenu.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "ShredderContextMenu" "ShredderContextMenu" "Egis Technology Inc." "c:\program files (x86)\egistec shredder\x86\shreddercontextmenu.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "EDSshellExt" "Shell Extention" "Egis Technology Inc." "c:\program files (x86)\egistec mywinlocker\x64\mwlshellext.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "EDSshellExt" "Shell Extention" "Egis Technology Inc." "c:\program files (x86)\egistec mywinlocker\x86\mwlshellext.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll"
+ "igfxcui" "igfxpph Module" "Intel Corporation" "c:\windows\system32\igfxpph.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files (x86)\windows sidebar\sbdrop.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "AVG Shell Extension" "AVG Shell Extension" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2013\avgsea.dll"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "AVG Shell Extension" "AVG Shell Extension" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2013\avgse.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "egisPSDP" "PSD DragDrop Protection" "Egis Technology Inc." "c:\program files (x86)\egistec mywinlocker\x64\psdprotect.dll"
+ "Groove Explorer Icon Overlay 1 (GFS Unread Stub)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 2 (GFS Stub)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 3 (GFS Folder)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 4 (GFS Unread Mark)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "egisPSDP" "PSD DragDrop Protection" "Egis Technology Inc." "c:\program files (x86)\egistec mywinlocker\x86\psdprotect.dll"
+ "Groove Explorer Icon Overlay 1 (GFS Unread Stub)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 2 (GFS Stub)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 3 (GFS Folder)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 4 (GFS Unread Mark)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "AVG Safe Search" "" "" "File not found: C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll"
+ "Groove GFS Browser Helper" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Office Document Cache Handler" "Microsoft Office Document Cache Handler" "Microsoft Corporation" "c:\program files\microsoft office\office14\urlredir.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "AVG Safe Search" "" "" "File not found: C:\Program Files (x86)\AVG\AVG2012\avgssie.dll"
+ "Canon Easy-WebPrint EX BHO" "Easy-WebPrint EX" "CANON INC." "c:\program files (x86)\canon\easy-webprint ex\ewpexbho.dll"
+ "Groove GFS Browser Helper" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files (x86)\java\jre7\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files (x86)\java\jre7\bin\ssv.dll"
+ "Office Document Cache Handler" "Microsoft Office Document Cache Handler" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\urlredir.dll"
+ "RealPlayer Download and Record Plugin for Internet Explorer" "RealPlayer Download and Record Plugin" "RealPlayer" "c:\programdata\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "Canon Easy-WebPrint EX" "Easy-WebPrint EX" "CANON INC." "c:\program files (x86)\canon\easy-webprint ex\ewpexhlp.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "OneNote Lin&ked Notes" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files\microsoft office\office14\onbttnielinkednotes.dll"
+ "Se&nd to OneNote" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files\microsoft office\office14\onbttnie.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "&Blog This in Windows Live Writer" "Windows Live Writer Blog This Extension" "Microsoft Corporation" "c:\program files (x86)\windows live\writer\writerbrowserextension.dll"
+ "OneNote Lin&ked Notes" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\onbttnielinkednotes.dll"
+ "Se&nd to OneNote" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\onbttnie.dll"
+ "Sun Java Console" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files (x86)\java\jre7\bin\jp2iexp.dll"
"Task Scheduler" "" "" ""
+ "\Launch HTC Sync Loader" "" "" "File not found: C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe"
+ "\Microsoft\Windows Defender\MP Scheduled Scan" "Microsoft Malware Protection Command Line Utility" "Microsoft Corporation" "c:\program files\windows defender\mpcmdrun.exe"
+ "\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task" "Windows Live Social Object Extractor Engine" "Microsoft Corporation" "c:\program files (x86)\windows live\soxe\wlsoxe.dll"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe"
+ "\RealUpgradeLogonTaskS-1-5-21-3617177942-263739186-1640700973-1000" "RealUpgrade Launcher" "RealNetworks, Inc." "c:\program files (x86)\real\realupgrade\realupgrade.exe"
+ "\RealUpgradeScheduledTaskS-1-5-21-3617177942-263739186-1640700973-1000" "RealUpgrade Launcher" "RealNetworks, Inc." "c:\program files (x86)\real\realupgrade\realupgrade.exe"
+ "\RegAce Scheduled Scan - Tracy" "" "" "File not found: C:\Program Files (x86)\RegAce System Suite\RegAce.exe"
+ "\SidebarExecute" "Windows Desktop Gadgets" "Microsoft Corporation" "c:\program files\windows sidebar\sidebar.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "AdobeFlashPlayerUpdateSvc" "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes." "Adobe Systems Incorporated" "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe"
+ "AVGIDSAgent" "Provides Identity Protection Against Cyber Crime." "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2013\avgidsagent.exe"
+ "avgwd" "AVG Watchdog Service" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2013\avgwdsvc.exe"
+ "DsiWMIService" "Dritek WMI Service" "Dritek System Inc." "c:\program files (x86)\launch manager\dsiwmis.exe"
+ "ePowerSvc" "Acer ePower Service" "Acer Incorporated" "c:\program files\acer\acer epower management\epowersvc.exe"
+ "GameConsoleService" "GameConsole management services" "WildTangent, Inc." "c:\program files (x86)\acer games\acer game console\gameconsoleservice.exe"
+ "GREGService" "Global Registration Service" "Acer Incorporated" "c:\program files (x86)\acer\registration\gregsvc.exe"
+ "gupdate" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "gupdatem" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "IAStorDataMgrSvc" "Provides storage event notification and manages communication between the storage driver and user space applications." "Intel Corporation" "c:\program files (x86)\intel\intel® rapid storage technology\iastordatamgrsvc.exe"
+ "IJPLMSVC" "Collects log data from the IJ printer and manages data transmission." "" "c:\program files (x86)\canon\ijplm\ijplmsvc.exe"
+ "LeapFrog Connect Device Service" "Manages LeapFrog Connect devices." "LeapFrog Enterprises, Inc." "c:\program files (x86)\leapfrog\leapfrog connect\commandservice.exe"
+ "MBAMScheduler" "Malwarebytes Anti-Malware scheduler" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamscheduler.exe"
+ "MBAMService" "Malwarebytes Anti-Malware service" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamservice.exe"
+ "Microsoft SharePoint Workspace Audit Service" "Microsoft SharePoint Workspace" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\groove.exe"
+ "MWLService" "MyWinLocker Service" "Egis Technology Inc." "c:\program files (x86)\egistec mywinlocker\x86\mwlservice.exe"
+ "NTI IScheduleSvc" "NTI IShadow Manage backup/Sync jobs and etc..." "NewTech Infosystems, Inc." "c:\program files (x86)\newtech infosystems\acer backup manager\ischedulesvc.exe"
+ "NTIBackupSvc" "NTI Backup Now 5 Backup service for backup(restore). " "NewTech InfoSystems, Inc." "c:\program files (x86)\newtech infosystems\nti backup now 5\backupsvc.exe"
+ "NTISchedulerSvc" "NTI Backup Now 5 Manage BackupNow backup jobs and etc..." "NewTech Infosystems, Inc." "c:\program files (x86)\newtech infosystems\nti backup now 5\schedulersvc.exe"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\source engine\ose.exe"
+ "osppsvc" "Office Software Protection Platform Service (unlocalized description)" "Microsoft Corporation" "c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe"
+ "PassThru Service" "Detect HTC Android device for internet pass-through function." "" "c:\program files (x86)\htc\internet pass-through\passthrusvr.exe"
+ "Updater Service" "Updater Service" "Acer Group" "c:\program files\acer\acer updater\updaterservice.exe"
+ "vToolbarUpdater13.2.0" "ToolbarU Application" "" "c:\program files (x86)\common files\avg secure search\vtoolbarupdater\13.2.0\toolbarupdater.exe"
+ "WinDefend" "Protection against spyware and potentially unwanted software" "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll"
+ "wlidsvc" "Enables Windows Live ID authentication." "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidsvc.exe"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver (X64)" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "athr" "Atheros Extensible Wireless LAN device driver" "Atheros Communications, Inc." "c:\windows\system32\drivers\athrx.sys"
+ "AVGIDSDriver" "AVG Technologies IDS Application Activity Monitor Driver" "AVG Technologies CZ, s.r.o. " "c:\windows\system32\drivers\avgidsdrivera.sys"
+ "AVGIDSHA" "AVG Technologies IDS Application Activity Monitor Helper Driver" "AVG Technologies CZ, s.r.o. " "c:\windows\system32\drivers\avgidsha.sys"
+ "Avgldx64" "AVG AVI Loader Driver" "AVG Technologies CZ, s.r.o." "c:\windows\system32\drivers\avgldx64.sys"
+ "Avgloga" "AVG Logging Driver" "AVG Technologies CZ, s.r.o." "c:\windows\system32\drivers\avgloga.sys"
+ "Avgmfx64" "AVG Resident Shield Minifilter Driver" "AVG Technologies CZ, s.r.o." "c:\windows\system32\drivers\avgmfx64.sys"
+ "Avgrkx64" "AVG Anti-Rootkit Driver" "AVG Technologies CZ, s.r.o." "c:\windows\system32\drivers\avgrkx64.sys"
+ "Avgtdia" "AVG Network connection watcher" "AVG Technologies CZ, s.r.o." "c:\windows\system32\drivers\avgtdia.sys"
+ "avgtp" "" "AVG Technologies" "c:\windows\system32\drivers\avgtpx64.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbda.sys"
+ "b57nd60a" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60a.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbda.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys"
+ "HTCAND64" "ADB Interface" "HTC, Corporation" "c:\windows\system32\drivers\androidusb.sys"
+ "htcnprot" "HTC NDIS Protocol Driver" "Windows ® Win 7 DDK provider" "c:\windows\system32\drivers\htcnprot.sys"
+ "iaStor" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastor.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "igfx" "Intel Graphics Kernel Mode Driver" "Intel Corporation" "c:\windows\system32\drivers\igdkmd64.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "IntcAzAudAddService" "Realtek® High Definition Audio Function Driver" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtkvhd64.sys"
+ "L1C" "Atheros L1c PCI-E Gigabit Ethernet Controller" "Atheros Communications, Inc." "c:\windows\system32\drivers\l1c62x64.sys"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys"
+ "MBAMProtector" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\windows\system32\drivers\mbam.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
+ "mwlPSDFilter" "mwlPSDFilter Filter Driver" "Egis Technology Inc." "c:\windows\system32\drivers\mwlpsdfilter.sys"
+ "mwlPSDNServ" "mwlPSDNServ Driver" "Egis Technology Inc." "c:\windows\system32\drivers\mwlpsdnserv.sys"
+ "mwlPSDVDisk" "mwlPSDVdisk Driver" "Egis Technology Inc." "c:\windows\system32\drivers\mwlpsdvdisk.sys"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "NTIDrvr" "NTI CD-ROM Filter Driver" "NewTech Infosystems, Inc." "c:\windows\system32\drivers\ntidrvr.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
+ "RSUSBSTOR" "Realtek USB Mass Storage Driver for 2K/XP/Vista/Win7" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtsustor.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
+ "sscdbus" "SAMSUNG USB Composite Device Driver" "MCCI Corporation" "c:\windows\system32\drivers\sscdbus.sys"
+ "sscdmdfl" "SAMSUNG Mobile Modem Filter" "MCCI Corporation" "c:\windows\system32\drivers\sscdmdfl.sys"
+ "sscdmdm" "SAMSUNG Mobile Modem Drivers" "MCCI Corporation" "c:\windows\system32\drivers\sscdmdm.sys"
+ "sscdserd" "SAMSUNG Mobile Modem Diagnostic Serial Port (WDM)" "MCCI Corporation" "c:\windows\system32\drivers\sscdserd.sys"
+ "stexstor" "Promise SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys"
+ "SynTP" "Synaptics Touchpad Driver" "Synaptics Incorporated" "c:\windows\system32\drivers\syntp.sys"
+ "UBHelper" "NTI CDROM Filter Driver" "NewTech Infosystems Corporation" "c:\windows\system32\drivers\ubhelper.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codeca.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\syswow64\iccvid.dll"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "Capture File Writer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "CyberLink Audio Decoder (PDVD9)" "CyberLink Audio Decoder Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd9\audiofilter\claud.ax"
+ "CyberLink Audio Effect (PDVD9)" "CyberLink Audio Effect Filter" "CyberLink Corporation" "c:\program files (x86)\cyberlink\powerdvd9\audiofilter\claudfx.ax"
+ "CyberLink Audio Spectrum Analyzer (PDVD9)" "CLAudSpa.ax" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd9\audiofilter\claudspa.ax"
+ "CyberLink Audio Wizard" "CyberLink Audio Wizard Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd9\audiofilter\claudwizard.ax"
+ "CyberLink AudioCD Filter (PDVD9)" "CyberLink AudioCD Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd9\audiofilter\claudiocd.ax"
+ "Cyberlink Demuxer 2.0" "CLDemuxer2" "Cyberlink" "c:\program files (x86)\cyberlink\powerdvd9\navfilter\cldemuxer2.ax"
+ "CyberLink Digest Filter (PDVD9)" "DigestFilter Dynamic Link Library" "" "c:\program files (x86)\cyberlink\powerdvd9\digestfilter.dll"
+ "CyberLink DVD Navigator (PDVD9)" "CyberLink DVD Navigation Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd9\navfilter\clnavx.ax"
+ "CyberLink FLV Splitter (PDVD9)" "CyberLink FLV Splitter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd9\navfilter\clflvsplitter.ax"
+ "CyberLink HD/BD Mixer (PDVD9)" "CLHBMixer" " " "c:\program files (x86)\cyberlink\powerdvd9\audiofilter\clhbmixer.ax"
+ "CyberLink Line21 Decoder (PDVD9)" "CyberLink Line21 Decoder Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd9\videofilter\clline21.ax"
+ "CyberLink Matroska Splitter (PDVD9)" "CyberLink Matroska Splitter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd9\navfilter\clmkvsplter.ax"
+ "CyberLink MPEG-4 Splitter (PDVD9)" "CyberLink MPEG-4 Splitter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd9\navfilter\clm4splt.ax"
+ "CyberLink RealAudio Decoder (PDVD9)" "CyberLink RealMedia Audio Decoder" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd9\audiofilter\clrmaud.ax"
+ "CyberLink RealMedia Splitter (PDVD9)" "CyberLink RealMedia Splitter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd9\navfilter\clrmsplitter.ax"
+ "CyberLink RealVideo Decoder (PDVD9)" "CyberLink RealMedia Video Decoder" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd9\videofilter\clrmvd.ax"
+ "Cyberlink SubTitle Importor (PDVD9)" "CLSubTitle.ax" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd9\videofilter\clsubtitle.ax"
+ "CyberLink TimeStretch Filter (PDVD9)" "CLAuTS.ax" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd9\audiofilter\clauts.ax"
+ "CyberLink Tzan Filter (PDVD9)" "Cyberlink Tzan Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd9\videofilter\cltzan.ax"
+ "CyberLink Video/SP Decoder (PDVD9)" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd9\videofilter\clvsd.ax"
+ "RealPlayer Audio Filter" "Audio Filter Plugin" "RealNetworks, Inc." "c:\program files (x86)\real\realplayer\rdsf3260.dll"
+ "RealPlayer Transcode Filter" "Audio Filter Plugin" "RealNetworks, Inc." "c:\program files (x86)\real\realplayer\rdsf3260.dll"
+ "RealPlayer Video Filter" "Audio Filter Plugin" "RealNetworks, Inc." "c:\program files (x86)\real\realplayer\rdsf3260.dll"
+ "Record Queue" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "SlideShow" "" "" "c:\program files (x86)\newtech infosystems\nti media maker 8\photo maker\slideshow.ax"
+ "WM VIH2 Fix" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT DV Extract Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Sample Info Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Switch Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Renderer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Source" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers" "" "" ""
+ "WLIDCredentialProvider" "Microsoft® Windows Live ID Credential Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidcredprov.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" "" "" ""
+ "igfxcui" "igfxdev Module" "Intel Corporation" "c:\windows\system32\igfxdev.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64" "" "" ""
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "BJ Language Monitor4" "Canon Inkjet Printer Driver" "CANON INC." "c:\windows\system32\cnblm4.dll"
+ "Canon BJ FAX Language Monitor MX360 series" "Canon Inkjet Fax Driver" "CANON INC." "c:\windows\system32\cncalak.dll"
+ "Canon BJ Language Monitor MX360 series" "IJ Language Monitor" "CANON INC." "c:\windows\system32\cnmlmak.dll"

Edited by cbunch1234, 21 January 2013 - 12:45 PM.

Back to Am I infected? What do I do?