Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Redirecting virus


  • Please log in to reply
9 replies to this topic

#1 ETolentino

ETolentino

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:07:11 PM

Posted 27 January 2013 - 10:59 AM

Whenever I google something and I click on the link it redirects me to a random site. I ran my bit defender in full scan and it found 99+ infected files which i fixed, but the issue is still there. Then I ran malwarebyte anti malware full scan in safe mode and it just found one issue. Fixtdss did not find anything wrong. And microsoft fix it did not find anything either. The isuse still persist though. The only way to get around this is by copy paste the url in the address rather than clicking on the link. I use window 7

Please help. Thank you.

Edited by ETolentino, 27 January 2013 - 11:00 AM.


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:11 PM

Posted 27 January 2013 - 11:05 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 ETolentino

ETolentino
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:07:11 PM

Posted 27 January 2013 - 02:11 PM

TDSSKILLER

11:23:03.0017 6964 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
11:23:03.0532 6964 ============================================================
11:23:03.0532 6964 Current date / time: 2013/01/27 11:23:03.0532
11:23:03.0532 6964 SystemInfo:
11:23:03.0532 6964
11:23:03.0532 6964 OS Version: 6.1.7601 ServicePack: 1.0
11:23:03.0532 6964 Product type: Workstation
11:23:03.0532 6964 ComputerName: ETOLENTINO-PC
11:23:03.0532 6964 UserName: ETolentino
11:23:03.0532 6964 Windows directory: C:\Windows
11:23:03.0532 6964 System windows directory: C:\Windows
11:23:03.0532 6964 Running under WOW64
11:23:03.0532 6964 Processor architecture: Intel x64
11:23:03.0532 6964 Number of processors: 2
11:23:03.0532 6964 Page size: 0x1000
11:23:03.0532 6964 Boot type: Normal boot
11:23:03.0532 6964 ============================================================
11:23:04.0094 6964 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:23:04.0109 6964 ============================================================
11:23:04.0109 6964 \Device\Harddisk0\DR0:
11:23:04.0109 6964 MBR partitions:
11:23:04.0109 6964 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1963000, BlocksNum 0x1D1C3000
11:23:04.0125 6964 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1EB26800, BlocksNum 0x1B85F000
11:23:04.0125 6964 ============================================================
11:23:04.0156 6964 C: <-> \Device\Harddisk0\DR0\Partition1
11:23:04.0187 6964 D: <-> \Device\Harddisk0\DR0\Partition2
11:23:04.0187 6964 ============================================================
11:23:04.0187 6964 Initialize success
11:23:04.0187 6964 ============================================================
11:23:54.0876 5492 ============================================================
11:23:54.0876 5492 Scan started
11:23:54.0876 5492 Mode: Manual; TDLFS;
11:23:54.0876 5492 ============================================================
11:23:55.0375 5492 ================ Scan system memory ========================
11:23:55.0375 5492 System memory - ok
11:23:55.0375 5492 ================ Scan services =============================
11:23:55.0562 5492 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
11:23:55.0562 5492 1394ohci - ok
11:23:55.0609 5492 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
11:23:55.0609 5492 ACPI - ok
11:23:55.0625 5492 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
11:23:55.0640 5492 AcpiPmi - ok
11:23:55.0734 5492 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
11:23:55.0734 5492 AdobeARMservice - ok
11:23:55.0859 5492 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
11:23:55.0859 5492 AdobeFlashPlayerUpdateSvc - ok
11:23:55.0921 5492 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
11:23:55.0937 5492 adp94xx - ok
11:23:55.0968 5492 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
11:23:55.0984 5492 adpahci - ok
11:23:55.0999 5492 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
11:23:55.0999 5492 adpu320 - ok
11:23:56.0077 5492 [ C0BF554D2277F7A4C735D475ADE2E3B2 ] ADSMService C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
11:23:56.0077 5492 ADSMService - ok
11:23:56.0108 5492 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
11:23:56.0124 5492 AeLookupSvc - ok
11:23:56.0171 5492 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
11:23:56.0186 5492 AFD - ok
11:23:56.0218 5492 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
11:23:56.0218 5492 agp440 - ok
11:23:56.0249 5492 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
11:23:56.0264 5492 ALG - ok
11:23:56.0280 5492 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
11:23:56.0296 5492 aliide - ok
11:23:56.0296 5492 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
11:23:56.0296 5492 amdide - ok
11:23:56.0342 5492 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
11:23:56.0342 5492 AmdK8 - ok
11:23:56.0358 5492 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
11:23:56.0358 5492 AmdPPM - ok
11:23:56.0374 5492 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
11:23:56.0389 5492 amdsata - ok
11:23:56.0420 5492 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
11:23:56.0420 5492 amdsbs - ok
11:23:56.0436 5492 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
11:23:56.0436 5492 amdxata - ok
11:23:56.0483 5492 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
11:23:56.0483 5492 AppID - ok
11:23:56.0530 5492 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
11:23:56.0530 5492 AppIDSvc - ok
11:23:56.0592 5492 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
11:23:56.0592 5492 Appinfo - ok
11:23:56.0623 5492 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
11:23:56.0623 5492 arc - ok
11:23:56.0670 5492 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
11:23:56.0670 5492 arcsas - ok
11:23:56.0701 5492 [ 88FBC8BEBFD38566235EAA5E4DBC4E05 ] AsDsm C:\Windows\system32\drivers\AsDsm.sys
11:23:56.0701 5492 AsDsm - ok
11:23:56.0748 5492 [ EB1807795CD3EEAA3288B4A30DE254E8 ] ASLDRService C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
11:23:56.0748 5492 ASLDRService - ok
11:23:56.0826 5492 [ 2DB34EDD17D3A8DA7105A19C95A3DD68 ] ASMMAP64 C:\Program Files\ATKGFNEX\ASMMAP64.sys
11:23:56.0826 5492 ASMMAP64 - ok
11:23:56.0842 5492 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
11:23:56.0857 5492 AsyncMac - ok
11:23:56.0888 5492 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
11:23:56.0888 5492 atapi - ok
11:23:56.0966 5492 [ E857EEE6B92AAA473EBB3465ADD8F7E7 ] athr C:\Windows\system32\DRIVERS\athrx.sys
11:23:57.0013 5492 athr - ok
11:23:57.0013 5492 [ 7C157574A181B19B9DCF5F339E25337E ] ATKGFNEXSrv C:\Program Files\ATKGFNEX\GFNEXSrv.exe
11:23:57.0013 5492 ATKGFNEXSrv - ok
11:23:57.0091 5492 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
11:23:57.0107 5492 AudioEndpointBuilder - ok
11:23:57.0138 5492 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
11:23:57.0138 5492 AudioSrv - ok
11:23:57.0169 5492 [ E7433C0C2505D8DEE6CA2A446C355595 ] avc3 C:\Windows\system32\DRIVERS\avc3.sys
11:23:57.0169 5492 avc3 - ok
11:23:57.0200 5492 [ 3B9549FEF98AB1768A1D6A919F355B70 ] avchv C:\Windows\system32\DRIVERS\avchv.sys
11:23:57.0216 5492 avchv - ok
11:23:57.0263 5492 [ 3CA0BD46B2FC65393A9B1DCAF6E2F7E7 ] avckf C:\Windows\system32\DRIVERS\avckf.sys
11:23:57.0263 5492 avckf - ok
11:23:57.0341 5492 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
11:23:57.0341 5492 AxInstSV - ok
11:23:57.0356 5492 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
11:23:57.0356 5492 b06bdrv - ok
11:23:57.0403 5492 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
11:23:57.0419 5492 b57nd60a - ok
11:23:57.0466 5492 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
11:23:57.0466 5492 BDESVC - ok
11:23:57.0544 5492 [ 4CE4B0098FC315C237FA8867F07886C4 ] bdfwfpf C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys
11:23:57.0559 5492 bdfwfpf - ok
11:23:57.0590 5492 [ F4683F14A40B05438A8B6E3B4EE765AC ] BDSandBox C:\Windows\system32\drivers\bdsandbox.sys
11:23:57.0590 5492 BDSandBox - ok
11:23:57.0653 5492 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
11:23:57.0668 5492 Beep - ok
11:23:57.0715 5492 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
11:23:57.0731 5492 BFE - ok
11:23:57.0793 5492 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
11:23:57.0793 5492 BITS - ok
11:23:57.0824 5492 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
11:23:57.0824 5492 blbdrive - ok
11:23:57.0856 5492 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
11:23:57.0871 5492 bowser - ok
11:23:57.0902 5492 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
11:23:57.0902 5492 BrFiltLo - ok
11:23:57.0918 5492 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
11:23:57.0918 5492 BrFiltUp - ok
11:23:57.0965 5492 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
11:23:57.0965 5492 Browser - ok
11:23:57.0996 5492 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
11:23:57.0996 5492 Brserid - ok
11:23:58.0027 5492 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
11:23:58.0027 5492 BrSerWdm - ok
11:23:58.0043 5492 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
11:23:58.0058 5492 BrUsbMdm - ok
11:23:58.0074 5492 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
11:23:58.0074 5492 BrUsbSer - ok
11:23:58.0090 5492 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
11:23:58.0090 5492 BTHMODEM - ok
11:23:58.0136 5492 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
11:23:58.0136 5492 bthserv - ok
11:23:58.0152 5492 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
11:23:58.0152 5492 cdfs - ok
11:23:58.0183 5492 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
11:23:58.0183 5492 cdrom - ok
11:23:58.0230 5492 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
11:23:58.0230 5492 CertPropSvc - ok
11:23:58.0261 5492 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
11:23:58.0261 5492 circlass - ok
11:23:58.0308 5492 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
11:23:58.0308 5492 CLFS - ok
11:23:58.0448 5492 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:23:58.0480 5492 clr_optimization_v2.0.50727_32 - ok
11:23:58.0526 5492 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:23:58.0558 5492 clr_optimization_v2.0.50727_64 - ok
11:23:58.0636 5492 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:23:58.0667 5492 clr_optimization_v4.0.30319_32 - ok
11:23:58.0714 5492 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
11:23:58.0760 5492 clr_optimization_v4.0.30319_64 - ok
11:23:58.0776 5492 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
11:23:58.0792 5492 CmBatt - ok
11:23:58.0807 5492 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
11:23:58.0807 5492 cmdide - ok
11:23:58.0838 5492 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
11:23:58.0854 5492 CNG - ok
11:23:58.0901 5492 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
11:23:58.0916 5492 Compbatt - ok
11:23:58.0932 5492 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
11:23:58.0932 5492 CompositeBus - ok
11:23:58.0948 5492 COMSysApp - ok
11:23:58.0963 5492 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
11:23:58.0979 5492 crcdisk - ok
11:23:59.0010 5492 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
11:23:59.0026 5492 CryptSvc - ok
11:23:59.0072 5492 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
11:23:59.0072 5492 DcomLaunch - ok
11:23:59.0119 5492 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
11:23:59.0119 5492 defragsvc - ok
11:23:59.0182 5492 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
11:23:59.0182 5492 DfsC - ok
11:23:59.0228 5492 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
11:23:59.0244 5492 Dhcp - ok
11:23:59.0275 5492 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
11:23:59.0275 5492 discache - ok
11:23:59.0291 5492 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
11:23:59.0291 5492 Disk - ok
11:23:59.0322 5492 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
11:23:59.0338 5492 Dnscache - ok
11:23:59.0369 5492 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
11:23:59.0384 5492 dot3svc - ok
11:23:59.0416 5492 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
11:23:59.0431 5492 DPS - ok
11:23:59.0462 5492 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
11:23:59.0462 5492 drmkaud - ok
11:23:59.0509 5492 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
11:23:59.0525 5492 DXGKrnl - ok
11:23:59.0572 5492 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
11:23:59.0572 5492 EapHost - ok
11:23:59.0665 5492 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
11:23:59.0759 5492 ebdrv - ok
11:23:59.0790 5492 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
11:23:59.0790 5492 EFS - ok
11:23:59.0852 5492 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
11:23:59.0899 5492 ehRecvr - ok
11:23:59.0930 5492 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
11:23:59.0930 5492 ehSched - ok
11:23:59.0946 5492 EIO_XP - ok
11:23:59.0993 5492 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
11:24:00.0008 5492 elxstor - ok
11:24:00.0055 5492 [ 3A70DC8951B995C73A22B9A23210833E ] enecir C:\Windows\system32\DRIVERS\enecir.sys
11:24:00.0071 5492 enecir - ok
11:24:00.0086 5492 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
11:24:00.0086 5492 ErrDev - ok
11:24:00.0164 5492 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
11:24:00.0164 5492 EventSystem - ok
11:24:00.0211 5492 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
11:24:00.0211 5492 exfat - ok
11:24:00.0242 5492 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
11:24:00.0242 5492 fastfat - ok
11:24:00.0305 5492 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
11:24:00.0320 5492 Fax - ok
11:24:00.0367 5492 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
11:24:00.0367 5492 fdc - ok
11:24:00.0414 5492 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
11:24:00.0414 5492 fdPHost - ok
11:24:00.0430 5492 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
11:24:00.0445 5492 FDResPub - ok
11:24:00.0445 5492 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
11:24:00.0445 5492 FileInfo - ok
11:24:00.0461 5492 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
11:24:00.0461 5492 Filetrace - ok
11:24:00.0492 5492 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
11:24:00.0492 5492 flpydisk - ok
11:24:00.0539 5492 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
11:24:00.0539 5492 FltMgr - ok
11:24:00.0586 5492 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
11:24:00.0617 5492 FontCache - ok
11:24:00.0679 5492 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:24:00.0679 5492 FontCache3.0.0.0 - ok
11:24:00.0710 5492 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
11:24:00.0726 5492 FsDepends - ok
11:24:00.0742 5492 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
11:24:00.0742 5492 Fs_Rec - ok
11:24:00.0788 5492 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
11:24:00.0788 5492 fvevol - ok
11:24:00.0820 5492 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
11:24:00.0820 5492 gagp30kx - ok
11:24:00.0882 5492 [ 7D66EBDE8B7F9B4E00BEEFEEE82670D4 ] ghaio C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys
11:24:00.0882 5492 ghaio - ok
11:24:00.0944 5492 [ B39662E4C237AA25A2CD2379FF508099 ] GoogleDesktopManager-022208-143751 C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe
11:24:00.0944 5492 GoogleDesktopManager-022208-143751 - ok
11:24:00.0991 5492 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
11:24:01.0022 5492 gpsvc - ok
11:24:01.0038 5492 [ 649F407A844DDE2B97BC086AF97D663B ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
11:24:01.0069 5492 gusvc - ok
11:24:01.0100 5492 [ BF2763FEA9704B1D9AA2C7719423251A ] gzflt C:\Windows\system32\DRIVERS\gzflt.sys
11:24:01.0100 5492 gzflt - ok
11:24:01.0147 5492 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
11:24:01.0147 5492 hcw85cir - ok
11:24:01.0194 5492 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
11:24:01.0210 5492 HdAudAddService - ok
11:24:01.0256 5492 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
11:24:01.0256 5492 HDAudBus - ok
11:24:01.0288 5492 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
11:24:01.0288 5492 HidBatt - ok
11:24:01.0303 5492 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
11:24:01.0334 5492 HidBth - ok
11:24:01.0350 5492 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
11:24:01.0366 5492 HidIr - ok
11:24:01.0381 5492 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
11:24:01.0397 5492 hidserv - ok
11:24:01.0444 5492 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
11:24:01.0444 5492 HidUsb - ok
11:24:01.0475 5492 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
11:24:01.0490 5492 hkmsvc - ok
11:24:01.0522 5492 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
11:24:01.0537 5492 HomeGroupListener - ok
11:24:01.0553 5492 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
11:24:01.0553 5492 HomeGroupProvider - ok
11:24:01.0584 5492 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
11:24:01.0584 5492 HpSAMD - ok
11:24:01.0631 5492 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
11:24:01.0662 5492 HTTP - ok
11:24:01.0693 5492 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
11:24:01.0693 5492 hwpolicy - ok
11:24:01.0724 5492 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
11:24:01.0724 5492 i8042prt - ok
11:24:01.0771 5492 [ 1ADAA4F16073FD0C7270F451FD024E97 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
11:24:01.0771 5492 iaStor - ok
11:24:01.0802 5492 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
11:24:01.0818 5492 iaStorV - ok
11:24:01.0896 5492 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
11:24:01.0927 5492 idsvc - ok
11:24:01.0990 5492 [ 23E1BCADABE423C35C19BBDFF10CCE6D ] IHA_MessageCenter C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe
11:24:01.0990 5492 IHA_MessageCenter - ok
11:24:02.0021 5492 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
11:24:02.0021 5492 iirsp - ok
11:24:02.0068 5492 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
11:24:02.0114 5492 IKEEXT - ok
11:24:02.0192 5492 [ F5AA166953FC4C03503E1345EF2D429A ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
11:24:02.0224 5492 IntcAzAudAddService - ok
11:24:02.0224 5492 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
11:24:02.0239 5492 intelide - ok
11:24:02.0270 5492 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
11:24:02.0270 5492 intelppm - ok
11:24:02.0317 5492 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
11:24:02.0317 5492 IPBusEnum - ok
11:24:02.0348 5492 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:24:02.0364 5492 IpFilterDriver - ok
11:24:02.0395 5492 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
11:24:02.0411 5492 iphlpsvc - ok
11:24:02.0442 5492 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
11:24:02.0442 5492 IPMIDRV - ok
11:24:02.0473 5492 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
11:24:02.0489 5492 IPNAT - ok
11:24:02.0520 5492 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
11:24:02.0536 5492 IRENUM - ok
11:24:02.0551 5492 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
11:24:02.0551 5492 isapnp - ok
11:24:02.0582 5492 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
11:24:02.0582 5492 iScsiPrt - ok
11:24:02.0614 5492 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
11:24:02.0614 5492 kbdclass - ok
11:24:02.0645 5492 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
11:24:02.0645 5492 kbdhid - ok
11:24:02.0692 5492 [ 6CC3A43B3C898BC360A89B75C128B05D ] kbfiltr C:\Windows\system32\DRIVERS\kbfiltr.sys
11:24:02.0707 5492 kbfiltr - ok
11:24:02.0707 5492 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
11:24:02.0723 5492 KeyIso - ok
11:24:02.0738 5492 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
11:24:02.0738 5492 KSecDD - ok
11:24:02.0754 5492 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
11:24:02.0754 5492 KSecPkg - ok
11:24:02.0816 5492 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
11:24:02.0816 5492 ksthunk - ok
11:24:02.0848 5492 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
11:24:02.0863 5492 KtmRm - ok
11:24:02.0894 5492 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
11:24:02.0910 5492 LanmanServer - ok
11:24:02.0941 5492 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
11:24:02.0957 5492 LanmanWorkstation - ok
11:24:03.0004 5492 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
11:24:03.0004 5492 lltdio - ok
11:24:03.0050 5492 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
11:24:03.0066 5492 lltdsvc - ok
11:24:03.0082 5492 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
11:24:03.0082 5492 lmhosts - ok
11:24:03.0128 5492 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
11:24:03.0128 5492 LSI_FC - ok
11:24:03.0160 5492 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
11:24:03.0160 5492 LSI_SAS - ok
11:24:03.0175 5492 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
11:24:03.0175 5492 LSI_SAS2 - ok
11:24:03.0191 5492 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
11:24:03.0191 5492 LSI_SCSI - ok
11:24:03.0206 5492 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
11:24:03.0222 5492 luafv - ok
11:24:03.0238 5492 [ 37B2618E3646D427771AE1719EDADF9C ] lullaby C:\Windows\system32\DRIVERS\lullaby.sys
11:24:03.0238 5492 lullaby - ok
11:24:03.0269 5492 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
11:24:03.0284 5492 Mcx2Svc - ok
11:24:03.0300 5492 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
11:24:03.0300 5492 megasas - ok
11:24:03.0316 5492 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
11:24:03.0331 5492 MegaSR - ok
11:24:03.0362 5492 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
11:24:03.0378 5492 MMCSS - ok
11:24:03.0378 5492 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
11:24:03.0394 5492 Modem - ok
11:24:03.0409 5492 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
11:24:03.0409 5492 monitor - ok
11:24:03.0440 5492 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
11:24:03.0440 5492 mouclass - ok
11:24:03.0456 5492 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
11:24:03.0472 5492 mouhid - ok
11:24:03.0503 5492 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
11:24:03.0503 5492 mountmgr - ok
11:24:03.0534 5492 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
11:24:03.0534 5492 mpio - ok
11:24:03.0565 5492 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
11:24:03.0565 5492 mpsdrv - ok
11:24:03.0628 5492 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
11:24:03.0659 5492 MpsSvc - ok
11:24:03.0768 5492 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
11:24:03.0784 5492 MRxDAV - ok
11:24:03.0815 5492 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
11:24:03.0815 5492 mrxsmb - ok
11:24:03.0830 5492 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:24:03.0846 5492 mrxsmb10 - ok
11:24:03.0862 5492 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:24:03.0862 5492 mrxsmb20 - ok
11:24:03.0893 5492 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
11:24:03.0893 5492 msahci - ok
11:24:03.0908 5492 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
11:24:03.0924 5492 msdsm - ok
11:24:03.0955 5492 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
11:24:03.0955 5492 MSDTC - ok
11:24:04.0002 5492 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
11:24:04.0018 5492 Msfs - ok
11:24:04.0033 5492 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
11:24:04.0033 5492 mshidkmdf - ok
11:24:04.0049 5492 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
11:24:04.0049 5492 msisadrv - ok
11:24:04.0096 5492 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
11:24:04.0096 5492 MSiSCSI - ok
11:24:04.0111 5492 msiserver - ok
11:24:04.0142 5492 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
11:24:04.0142 5492 MSKSSRV - ok
11:24:04.0158 5492 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
11:24:04.0158 5492 MSPCLOCK - ok
11:24:04.0174 5492 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
11:24:04.0174 5492 MSPQM - ok
11:24:04.0205 5492 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
11:24:04.0220 5492 MsRPC - ok
11:24:04.0252 5492 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
11:24:04.0252 5492 mssmbios - ok
11:24:04.0267 5492 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
11:24:04.0283 5492 MSTEE - ok
11:24:04.0298 5492 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
11:24:04.0298 5492 MTConfig - ok
11:24:04.0330 5492 [ A523D9F6AEB152C4480D754DF7FA9F7F ] MTsensor C:\Windows\system32\DRIVERS\ATK64AMD.sys
11:24:04.0345 5492 MTsensor - ok
11:24:04.0361 5492 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
11:24:04.0361 5492 Mup - ok
11:24:04.0408 5492 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
11:24:04.0408 5492 napagent - ok
11:24:04.0439 5492 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
11:24:04.0454 5492 NativeWifiP - ok
11:24:04.0501 5492 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
11:24:04.0517 5492 NDIS - ok
11:24:04.0532 5492 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
11:24:04.0532 5492 NdisCap - ok
11:24:04.0595 5492 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
11:24:04.0595 5492 NdisTapi - ok
11:24:04.0626 5492 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
11:24:04.0626 5492 Ndisuio - ok
11:24:04.0657 5492 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
11:24:04.0673 5492 NdisWan - ok
11:24:04.0704 5492 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
11:24:04.0704 5492 NDProxy - ok
11:24:04.0720 5492 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
11:24:04.0720 5492 NetBIOS - ok
11:24:04.0751 5492 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
11:24:04.0751 5492 NetBT - ok
11:24:04.0766 5492 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
11:24:04.0782 5492 Netlogon - ok
11:24:04.0829 5492 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
11:24:04.0844 5492 Netman - ok
11:24:04.0860 5492 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
11:24:04.0876 5492 netprofm - ok
11:24:04.0907 5492 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
11:24:04.0907 5492 NetTcpPortSharing - ok
11:24:04.0954 5492 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
11:24:04.0954 5492 nfrd960 - ok
11:24:05.0000 5492 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
11:24:05.0000 5492 NlaSvc - ok
11:24:05.0032 5492 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
11:24:05.0032 5492 Npfs - ok
11:24:05.0078 5492 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
11:24:05.0078 5492 nsi - ok
11:24:05.0094 5492 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
11:24:05.0094 5492 nsiproxy - ok
11:24:05.0141 5492 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
11:24:05.0172 5492 Ntfs - ok
11:24:05.0188 5492 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
11:24:05.0188 5492 Null - ok
11:24:05.0468 5492 [ 0EB204639119370F5F8F2871FBF4E14B ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
11:24:05.0531 5492 nvlddmkm - ok
11:24:05.0578 5492 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
11:24:05.0578 5492 nvraid - ok
11:24:05.0593 5492 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
11:24:05.0609 5492 nvstor - ok
11:24:05.0656 5492 [ 32FF8EE6DCEE5C0CB91FF892FB1CA364 ] nvsvc C:\Windows\system32\nvvsvc.exe
11:24:05.0687 5492 nvsvc - ok
11:24:05.0780 5492 [ BD012DC22C78BE1071BC21EB125D782F ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
11:24:05.0827 5492 nvUpdatusService - ok
11:24:05.0843 5492 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
11:24:05.0858 5492 nv_agp - ok
11:24:05.0952 5492 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
11:24:05.0983 5492 odserv - ok
11:24:06.0030 5492 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
11:24:06.0030 5492 ohci1394 - ok
11:24:06.0061 5492 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:24:06.0061 5492 ose - ok
11:24:06.0108 5492 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
11:24:06.0124 5492 p2pimsvc - ok
11:24:06.0139 5492 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
11:24:06.0170 5492 p2psvc - ok
11:24:06.0202 5492 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
11:24:06.0217 5492 Parport - ok
11:24:06.0233 5492 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
11:24:06.0233 5492 partmgr - ok
11:24:06.0248 5492 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
11:24:06.0264 5492 PcaSvc - ok
11:24:06.0295 5492 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
11:24:06.0295 5492 pci - ok
11:24:06.0311 5492 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
11:24:06.0311 5492 pciide - ok
11:24:06.0358 5492 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
11:24:06.0358 5492 pcmcia - ok
11:24:06.0373 5492 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
11:24:06.0373 5492 pcw - ok
11:24:06.0404 5492 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
11:24:06.0404 5492 PEAUTH - ok
11:24:06.0482 5492 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
11:24:06.0482 5492 PerfHost - ok
11:24:06.0545 5492 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
11:24:06.0592 5492 pla - ok
11:24:06.0638 5492 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
11:24:06.0654 5492 PlugPlay - ok
11:24:06.0685 5492 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
11:24:06.0701 5492 PNRPAutoReg - ok
11:24:06.0716 5492 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
11:24:06.0716 5492 PNRPsvc - ok
11:24:06.0763 5492 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
11:24:06.0763 5492 PolicyAgent - ok
11:24:06.0794 5492 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
11:24:06.0794 5492 Power - ok
11:24:06.0841 5492 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
11:24:06.0841 5492 PptpMiniport - ok
11:24:06.0857 5492 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
11:24:06.0872 5492 Processor - ok
11:24:06.0888 5492 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
11:24:06.0904 5492 ProfSvc - ok
11:24:06.0919 5492 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
11:24:06.0919 5492 ProtectedStorage - ok
11:24:06.0966 5492 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
11:24:06.0966 5492 Psched - ok
11:24:07.0028 5492 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
11:24:07.0060 5492 ql2300 - ok
11:24:07.0106 5492 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
11:24:07.0106 5492 ql40xx - ok
11:24:07.0138 5492 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
11:24:07.0153 5492 QWAVE - ok
11:24:07.0169 5492 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
11:24:07.0169 5492 QWAVEdrv - ok
11:24:07.0184 5492 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
11:24:07.0184 5492 RasAcd - ok
11:24:07.0216 5492 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
11:24:07.0216 5492 RasAgileVpn - ok
11:24:07.0231 5492 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
11:24:07.0262 5492 RasAuto - ok
11:24:07.0294 5492 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
11:24:07.0294 5492 Rasl2tp - ok
11:24:07.0325 5492 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
11:24:07.0356 5492 RasMan - ok
11:24:07.0372 5492 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
11:24:07.0387 5492 RasPppoe - ok
11:24:07.0387 5492 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
11:24:07.0403 5492 RasSstp - ok
11:24:07.0434 5492 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
11:24:07.0434 5492 rdbss - ok
11:24:07.0450 5492 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
11:24:07.0465 5492 rdpbus - ok
11:24:07.0481 5492 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
11:24:07.0481 5492 RDPCDD - ok
11:24:07.0512 5492 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
11:24:07.0512 5492 RDPENCDD - ok
11:24:07.0528 5492 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
11:24:07.0528 5492 RDPREFMP - ok
11:24:07.0559 5492 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
11:24:07.0559 5492 RDPWD - ok
11:24:07.0621 5492 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
11:24:07.0621 5492 rdyboost - ok
11:24:07.0652 5492 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
11:24:07.0668 5492 RemoteAccess - ok
11:24:07.0699 5492 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
11:24:07.0715 5492 RemoteRegistry - ok
11:24:07.0746 5492 [ 4CCF35F5086CDBF5E6C51A1CFBD0B269 ] rimmptsk C:\Windows\system32\DRIVERS\rimmpx64.sys
11:24:07.0746 5492 rimmptsk - ok
11:24:07.0777 5492 [ BB9EDC55B0B8CB4FCD713428820E0776 ] rimsptsk C:\Windows\system32\DRIVERS\rimspx64.sys
11:24:07.0793 5492 rimsptsk - ok
11:24:07.0824 5492 [ 481C3FDEACAAE04B74C58288DBC91DF9 ] rismxdp C:\Windows\system32\DRIVERS\rixdpx64.sys
11:24:07.0824 5492 rismxdp - ok
11:24:07.0871 5492 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
11:24:07.0886 5492 RpcEptMapper - ok
11:24:07.0918 5492 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
11:24:07.0918 5492 RpcLocator - ok
11:24:07.0964 5492 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
11:24:07.0964 5492 RpcSs - ok
11:24:07.0996 5492 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
11:24:07.0996 5492 rspndr - ok
11:24:08.0042 5492 [ A2CBE070FBA458357ACEF41C3F3906CA ] RTL8169 C:\Windows\system32\DRIVERS\Rtlh64.sys
11:24:08.0058 5492 RTL8169 - ok
11:24:08.0074 5492 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
11:24:08.0074 5492 SamSs - ok
11:24:08.0105 5492 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
11:24:08.0105 5492 sbp2port - ok
11:24:08.0152 5492 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
11:24:08.0167 5492 SCardSvr - ok
11:24:08.0183 5492 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
11:24:08.0183 5492 scfilter - ok
11:24:08.0245 5492 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
11:24:08.0276 5492 Schedule - ok
11:24:08.0323 5492 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
11:24:08.0323 5492 SCPolicySvc - ok
11:24:08.0354 5492 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\drivers\sdbus.sys
11:24:08.0370 5492 sdbus - ok
11:24:08.0386 5492 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
11:24:08.0401 5492 SDRSVC - ok
11:24:08.0432 5492 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
11:24:08.0432 5492 secdrv - ok
11:24:08.0464 5492 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
11:24:08.0479 5492 seclogon - ok
11:24:08.0510 5492 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
11:24:08.0510 5492 SENS - ok
11:24:08.0542 5492 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
11:24:08.0542 5492 SensrSvc - ok
11:24:08.0573 5492 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
11:24:08.0573 5492 Serenum - ok
11:24:08.0604 5492 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
11:24:08.0620 5492 Serial - ok
11:24:08.0635 5492 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
11:24:08.0635 5492 sermouse - ok
11:24:08.0682 5492 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
11:24:08.0682 5492 SessionEnv - ok
11:24:08.0713 5492 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
11:24:08.0729 5492 sffdisk - ok
11:24:08.0744 5492 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
11:24:08.0744 5492 sffp_mmc - ok
11:24:08.0760 5492 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
11:24:08.0760 5492 sffp_sd - ok
11:24:08.0776 5492 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
11:24:08.0776 5492 sfloppy - ok
11:24:08.0807 5492 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
11:24:08.0822 5492 SharedAccess - ok
11:24:08.0854 5492 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
11:24:08.0869 5492 ShellHWDetection - ok
11:24:08.0885 5492 [ 1BC348CF6BAA90EC8E533EF6E6A69933 ] SiSGbeLH C:\Windows\system32\DRIVERS\SiSG664.sys
11:24:08.0900 5492 SiSGbeLH - ok
11:24:08.0916 5492 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
11:24:08.0916 5492 SiSRaid2 - ok
11:24:08.0932 5492 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
11:24:08.0932 5492 SiSRaid4 - ok
11:24:08.0978 5492 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
11:24:08.0978 5492 SkypeUpdate - ok
11:24:08.0994 5492 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
11:24:08.0994 5492 Smb - ok
11:24:09.0056 5492 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
11:24:09.0072 5492 SNMPTRAP - ok
11:24:09.0134 5492 [ 1A5806E5C2E232C193B90D2ADE8A977C ] SNP2UVC C:\Windows\system32\DRIVERS\snp2uvc.sys
11:24:09.0181 5492 SNP2UVC - ok
11:24:09.0228 5492 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
11:24:09.0228 5492 spldr - ok
11:24:09.0306 5492 [ 739DB668DBD812285ECC553E64A5E212 ] spmgr C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
11:24:09.0322 5492 spmgr - ok
11:24:09.0353 5492 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
11:24:09.0368 5492 Spooler - ok
11:24:09.0478 5492 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
11:24:09.0571 5492 sppsvc - ok
11:24:09.0618 5492 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
11:24:09.0618 5492 sppuinotify - ok
11:24:09.0649 5492 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
11:24:09.0649 5492 srv - ok
11:24:09.0680 5492 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
11:24:09.0680 5492 srv2 - ok
11:24:09.0696 5492 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
11:24:09.0696 5492 srvnet - ok
11:24:09.0758 5492 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
11:24:09.0774 5492 SSDPSRV - ok
11:24:09.0774 5492 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
11:24:09.0790 5492 SstpSvc - ok
11:24:09.0821 5492 [ FC0A58529A02B1EED55DDC58696B7908 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
11:24:09.0899 5492 Stereo Service - ok
11:24:09.0914 5492 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
11:24:09.0930 5492 stexstor - ok
11:24:09.0961 5492 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
11:24:09.0992 5492 stisvc - ok
11:24:10.0024 5492 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
11:24:10.0024 5492 swenum - ok
11:24:10.0055 5492 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
11:24:10.0070 5492 swprv - ok
11:24:10.0148 5492 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
11:24:10.0211 5492 SysMain - ok
11:24:10.0242 5492 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
11:24:10.0258 5492 TabletInputService - ok
11:24:10.0289 5492 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
11:24:10.0304 5492 TapiSrv - ok
11:24:10.0336 5492 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
11:24:10.0336 5492 TBS - ok
11:24:10.0398 5492 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
11:24:10.0460 5492 Tcpip - ok
11:24:10.0507 5492 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
11:24:10.0538 5492 TCPIP6 - ok
11:24:10.0570 5492 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
11:24:10.0570 5492 tcpipreg - ok
11:24:10.0601 5492 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
11:24:10.0616 5492 TDPIPE - ok
11:24:10.0632 5492 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
11:24:10.0648 5492 TDTCP - ok
11:24:10.0679 5492 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
11:24:10.0679 5492 tdx - ok
11:24:10.0694 5492 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
11:24:10.0694 5492 TermDD - ok
11:24:10.0726 5492 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
11:24:10.0757 5492 TermService - ok
11:24:10.0804 5492 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
11:24:10.0804 5492 Themes - ok
11:24:10.0819 5492 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
11:24:10.0819 5492 THREADORDER - ok
11:24:10.0835 5492 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
11:24:10.0850 5492 TrkWks - ok
11:24:10.0897 5492 [ B66EE1D68197DFB9AA24F961E68ACDCC ] trufos C:\Windows\system32\DRIVERS\trufos.sys
11:24:10.0897 5492 trufos - ok
11:24:10.0975 5492 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
11:24:10.0991 5492 TrustedInstaller - ok
11:24:11.0022 5492 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
11:24:11.0022 5492 tssecsrv - ok
11:24:11.0069 5492 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
11:24:11.0069 5492 TsUsbFlt - ok
11:24:11.0131 5492 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
11:24:11.0131 5492 tunnel - ok
11:24:11.0162 5492 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
11:24:11.0178 5492 uagp35 - ok
11:24:11.0209 5492 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
11:24:11.0209 5492 udfs - ok
11:24:11.0240 5492 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
11:24:11.0256 5492 UI0Detect - ok
11:24:11.0303 5492 [ B1D1FE35303E3AEE6D5AF69F09F12E87 ] uisp C:\Windows\system32\Drivers\usbicp.sys
11:24:11.0303 5492 uisp - ok
11:24:11.0334 5492 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
11:24:11.0334 5492 uliagpkx - ok
11:24:11.0350 5492 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
11:24:11.0365 5492 umbus - ok
11:24:11.0396 5492 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
11:24:11.0396 5492 UmPass - ok
11:24:11.0443 5492 [ 75A488DA3EA48BE97695A727185515CF ] UPDATESRV C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe
11:24:11.0443 5492 UPDATESRV - ok
11:24:11.0490 5492 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
11:24:11.0521 5492 upnphost - ok
11:24:11.0552 5492 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
11:24:11.0584 5492 usbaudio - ok
11:24:11.0599 5492 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
11:24:11.0615 5492 usbccgp - ok
11:24:11.0646 5492 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
11:24:11.0646 5492 usbcir - ok
11:24:11.0662 5492 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
11:24:11.0677 5492 usbehci - ok
11:24:11.0708 5492 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
11:24:11.0724 5492 usbhub - ok
11:24:11.0740 5492 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
11:24:11.0740 5492 usbohci - ok
11:24:11.0786 5492 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
11:24:11.0786 5492 usbprint - ok
11:24:11.0802 5492 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:24:11.0818 5492 USBSTOR - ok
11:24:11.0849 5492 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
11:24:11.0849 5492 usbuhci - ok
11:24:11.0880 5492 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
11:24:11.0880 5492 usbvideo - ok
11:24:11.0911 5492 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
11:24:11.0911 5492 UxSms - ok
11:24:11.0958 5492 [ 81A9F455BF2C9180348949F7C8D93E66 ] VaneFltr C:\Windows\system32\drivers\Lachesis.sys
11:24:11.0958 5492 VaneFltr - ok
11:24:11.0974 5492 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
11:24:11.0974 5492 VaultSvc - ok
11:24:12.0020 5492 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
11:24:12.0020 5492 vdrvroot - ok
11:24:12.0067 5492 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
11:24:12.0083 5492 vds - ok
11:24:12.0130 5492 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
11:24:12.0130 5492 vga - ok
11:24:12.0145 5492 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
11:24:12.0161 5492 VgaSave - ok
11:24:12.0176 5492 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
11:24:12.0176 5492 vhdmp - ok
11:24:12.0208 5492 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
11:24:12.0223 5492 viaide - ok
11:24:12.0239 5492 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
11:24:12.0239 5492 volmgr - ok
11:24:12.0270 5492 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
11:24:12.0286 5492 volmgrx - ok
11:24:12.0301 5492 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
11:24:12.0317 5492 volsnap - ok
11:24:12.0348 5492 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
11:24:12.0348 5492 vsmraid - ok
11:24:12.0426 5492 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
11:24:12.0488 5492 VSS - ok
11:24:12.0535 5492 [ CE9659E7047145791F1288C167C22BFE ] VSSERV C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe
11:24:12.0551 5492 VSSERV - ok
11:24:12.0582 5492 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
11:24:12.0598 5492 vwifibus - ok
11:24:12.0598 5492 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
11:24:12.0598 5492 vwififlt - ok
11:24:12.0644 5492 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
11:24:12.0676 5492 W32Time - ok
11:24:12.0691 5492 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
11:24:12.0691 5492 WacomPen - ok
11:24:12.0754 5492 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
11:24:12.0754 5492 WANARP - ok
11:24:12.0754 5492 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
11:24:12.0754 5492 Wanarpv6 - ok
11:24:12.0832 5492 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
11:24:12.0878 5492 WatAdminSvc - ok
11:24:12.0925 5492 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
11:24:12.0956 5492 wbengine - ok
11:24:13.0003 5492 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
11:24:13.0019 5492 WbioSrvc - ok
11:24:13.0097 5492 [ 8DD42F233EC1317E5F7B0FC61E3D9BC2 ] WBVGAservice C:\Program Files (x86)\ASUS\Turbo Gear Enhanced VGA Driver\WBVGAservice.exe
11:24:13.0097 5492 WBVGAservice - ok
11:24:13.0128 5492 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
11:24:13.0159 5492 wcncsvc - ok
11:24:13.0190 5492 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
11:24:13.0190 5492 WcsPlugInService - ok
11:24:13.0222 5492 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
11:24:13.0222 5492 Wd - ok
11:24:13.0268 5492 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
11:24:13.0284 5492 Wdf01000 - ok
11:24:13.0300 5492 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
11:24:13.0315 5492 WdiServiceHost - ok
11:24:13.0315 5492 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
11:24:13.0331 5492 WdiSystemHost - ok
11:24:13.0378 5492 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
11:24:13.0393 5492 WebClient - ok
11:24:13.0409 5492 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
11:24:13.0424 5492 Wecsvc - ok
11:24:13.0440 5492 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
11:24:13.0456 5492 wercplsupport - ok
11:24:13.0487 5492 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
11:24:13.0487 5492 WerSvc - ok
11:24:13.0518 5492 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
11:24:13.0518 5492 WfpLwf - ok
11:24:13.0549 5492 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
11:24:13.0549 5492 WIMMount - ok
11:24:13.0580 5492 WinDefend - ok
11:24:13.0580 5492 WinHttpAutoProxySvc - ok
11:24:13.0674 5492 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
11:24:13.0690 5492 Winmgmt - ok
11:24:13.0768 5492 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
11:24:13.0846 5492 WinRM - ok
11:24:13.0908 5492 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
11:24:13.0908 5492 WinUsb - ok
11:24:13.0970 5492 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
11:24:13.0986 5492 Wlansvc - ok
11:24:14.0064 5492 [ 357CABBF155AFD1D3926E62539D2A3A7 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
11:24:14.0111 5492 wlidsvc - ok
11:24:14.0142 5492 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
11:24:14.0142 5492 WmiAcpi - ok
11:24:14.0173 5492 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
11:24:14.0189 5492 wmiApSrv - ok
11:24:14.0220 5492 WMPNetworkSvc - ok
11:24:14.0267 5492 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
11:24:14.0267 5492 WPCSvc - ok
11:24:14.0314 5492 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
11:24:14.0329 5492 WPDBusEnum - ok
11:24:14.0423 5492 WPFFontCache_v0400 - ok
11:24:14.0470 5492 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
11:24:14.0470 5492 ws2ifsl - ok
11:24:14.0501 5492 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
11:24:14.0516 5492 wscsvc - ok
11:24:14.0516 5492 WSearch - ok
11:24:14.0610 5492 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
11:24:14.0688 5492 wuauserv - ok
11:24:14.0719 5492 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
11:24:14.0719 5492 WudfPf - ok
11:24:14.0750 5492 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
11:24:14.0766 5492 WUDFRd - ok
11:24:14.0782 5492 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
11:24:14.0797 5492 wudfsvc - ok
11:24:14.0828 5492 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
11:24:14.0828 5492 WwanSvc - ok
11:24:14.0844 5492 ================ Scan global ===============================
11:24:14.0875 5492 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
11:24:14.0922 5492 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
11:24:14.0938 5492 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
11:24:14.0969 5492 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
11:24:15.0016 5492 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
11:24:15.0016 5492 [Global] - ok
11:24:15.0016 5492 ================ Scan MBR ==================================
11:24:15.0031 5492 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
11:24:15.0530 5492 \Device\Harddisk0\DR0 - ok
11:24:15.0530 5492 ================ Scan VBR ==================================
11:24:15.0530 5492 [ 8A1BB7D89313D2C540EF58D230059EB9 ] \Device\Harddisk0\DR0\Partition1
11:24:15.0530 5492 \Device\Harddisk0\DR0\Partition1 - ok
11:24:15.0562 5492 [ 64D42FE30D3BB6D9D28D8AB8F22DF78D ] \Device\Harddisk0\DR0\Partition2
11:24:15.0562 5492 \Device\Harddisk0\DR0\Partition2 - ok
11:24:15.0562 5492 ============================================================
11:24:15.0562 5492 Scan finished
11:24:15.0562 5492 ============================================================
11:24:15.0640 1504 Detected object count: 0
11:24:15.0640 1504 Actual detected object count: 0

#4 ETolentino

ETolentino
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:07:11 PM

Posted 27 January 2013 - 02:13 PM

ASWMBR

aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2013-01-27 11:27:16
-----------------------------
11:27:16.768 OS Version: Windows x64 6.1.7601 Service Pack 1
11:27:16.768 Number of processors: 2 586 0x170A
11:27:16.778 ComputerName: ETOLENTINO-PC UserName: ETolentino
11:27:17.651 Initialize success
11:33:48.363 AVAST engine defs: 13012700
11:35:25.114 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
11:35:25.114 Disk 0 Vendor: ST950032 0002 Size: 476940MB BusType: 3
11:35:25.130 Disk 0 MBR read successfully
11:35:25.130 Disk 0 MBR scan
11:35:25.239 Disk 0 Windows 7 default MBR code
11:35:25.239 Disk 0 Partition 1 00 1C Hidd FAT32 LBA MSDOS5.0 12997 MB offset 63
11:35:25.255 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 238470 MB offset 26619904
11:35:25.255 Disk 0 Partition - 00 0F Extended LBA 225471 MB offset 515006464
11:35:25.286 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 225470 MB offset 515008512
11:35:25.348 Disk 0 scanning C:\Windows\system32\drivers
11:35:38.951 Service scanning
11:35:42.929 Service bdfwfpf C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys **LOCKED** 5
11:36:08.654 Modules scanning
11:36:08.654 Disk 0 trace - called modules:
11:36:08.716 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
11:36:08.716 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007302060]
11:36:08.732 3 CLASSPNP.SYS[fffff88001dc743f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8006252050]
11:36:09.730 AVAST engine scan C:\Windows
11:36:13.506 AVAST engine scan C:\Windows\system32
11:39:48.053 AVAST engine scan C:\Windows\system32\drivers
11:40:04.387 AVAST engine scan C:\Users\ETolentino
11:44:03.809 Disk 0 MBR has been saved successfully to "C:\Users\ETolentino\Desktop\MBR.dat"
11:44:03.887 The log file has been saved successfully to "C:\Users\ETolentino\Desktop\aswMBR.txt"

#5 ETolentino

ETolentino
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:07:11 PM

Posted 27 January 2013 - 02:14 PM

ESET

C:\Users\ETolentino\AppData\Local\bdch\Apple Computer\qnzrdjc.dll Win32/TrojanDownloader.Tracur.V trojan cleaned by deleting (after the next restart) - quarantined
C:\Users\ETolentino\AppData\Local\Temp\qnzrdjc\qnzrdjc.dll Win32/TrojanDownloader.Tracur.V trojan cleaned by deleting - quarantined
C:\Users\ETolentino\AppData\Local\Temp\0.21643803843491805 Win32/TrojanDownloader.Tracur.V trojan cleaned by deleting - quarantined
C:\Users\ETolentino\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\25\478b7a59-4fd2dee8 Win32/Olmarik.AYD trojan cleaned by deleting - quarantined

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:11 PM

Posted 27 January 2013 - 02:24 PM

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.



Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

#7 ETolentino

ETolentino
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:07:11 PM

Posted 30 January 2013 - 04:17 AM

Malwarebytes


Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Database version: v2013.01.25.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
ETolentino :: ETOLENTINO-PC [administrator]

1/27/2013 1:52:03 PM
mbam-log-2013-01-27 (13-52-03).txt

Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 370575
Time elapsed: 1 hour(s), 4 minute(s), 18 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

mini toolbox

MiniToolBox by Farbar Version:10-01-2013
Ran by ETolentino (administrator) on 27-01-2013 at 15:20:19
Running from "C:\Users\ETolentino\Desktop"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================

# ::1 localhost

========================= IP Configuration: ================================

Atheros AR928X Wireless Network Adapter = Wireless Network Connection (Connected)
Realtek RTL8168C(P)/8111C(P) Family PCI-E Gigabit Ethernet NIC (NDIS 6.0) = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : ETolentino-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : gateway.2wire.net
Description . . . . . . . . . . . : Realtek RTL8168C(P)/8111C(P) Family PCI-E Gigabit Ethernet NIC (NDIS 6.0)
Physical Address. . . . . . . . . : 90-E6-BA-2B-80-3E
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Atheros AR928X Wireless Network Adapter
Physical Address. . . . . . . . . : 00-25-D3-3E-2B-3C
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::34c5:2a55:8e38:c37a%10(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.3(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Sunday, January 27, 2013 9:37:06 AM
Lease Expires . . . . . . . . . . : Monday, January 28, 2013 2:34:13 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 285222355
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-12-3D-B8-C2-90-E6-BA-2B-80-3E
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{10B837EE-F04D-45D8-99B4-731E4B3BDA8E}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 7:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:7b:105b:9d3a:f785(Preferred)
Link-local IPv6 Address . . . . . : fe80::7b:105b:9d3a:f785%15(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter 6TO4 Adapter:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.gateway.2wire.net:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: UnKnown
Address: 192.168.1.1

Name: google.com
Addresses: 2607:f8b0:4002:c04::64
173.194.37.65
173.194.37.69
173.194.37.78
173.194.37.71
173.194.37.66
173.194.37.64
173.194.37.70
173.194.37.68
173.194.37.72
173.194.37.73
173.194.37.67


Pinging google.com [74.125.137.102] with 32 bytes of data:
Reply from 74.125.137.102: bytes=32 time=37ms TTL=47
Reply from 74.125.137.102: bytes=32 time=34ms TTL=47

Ping statistics for 74.125.137.102:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 34ms, Maximum = 37ms, Average = 35ms
Server: UnKnown
Address: 192.168.1.1

Name: yahoo.com
Addresses: 206.190.36.45
98.139.183.24
98.138.253.109


Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=148ms TTL=48
Reply from 98.138.253.109: bytes=32 time=100ms TTL=48

Ping statistics for 98.138.253.109:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 100ms, Maximum = 148ms, Average = 124ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
11...90 e6 ba 2b 80 3e ......Realtek RTL8168C(P)/8111C(P) Family PCI-E Gigabit Ethernet NIC (NDIS 6.0)
10...00 25 d3 3e 2b 3c ......Atheros AR928X Wireless Network Adapter
1...........................Software Loopback Interface 1
16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
15...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
14...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
26...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.3 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.3 281
192.168.1.3 255.255.255.255 On-link 192.168.1.3 281
192.168.1.255 255.255.255.255 On-link 192.168.1.3 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.3 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.3 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
15 58 ::/0 On-link
1 306 ::1/128 On-link
15 58 2001::/32 On-link
15 306 2001:0:4137:9e76:7b:105b:9d3a:f785/128
On-link
10 281 fe80::/64 On-link
15 306 fe80::/64 On-link
15 306 fe80::7b:105b:9d3a:f785/128
On-link
10 281 fe80::34c5:2a55:8e38:c37a/128
On-link
1 306 ff00::/8 On-link
15 306 ff00::/8 On-link
10 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (01/27/2013 01:40:30 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (01/27/2013 01:40:29 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (01/27/2013 01:40:27 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (01/27/2013 01:39:46 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (01/27/2013 01:10:01 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (01/27/2013 11:45:18 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (01/27/2013 11:45:13 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (01/27/2013 09:38:18 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/26/2013 06:30:40 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/26/2013 06:17:05 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (01/27/2013 09:37:42 AM) (Source: Service Control Manager) (User: )
Description: The EIO_XP service failed to start due to the following error:
%%2

Error: (01/27/2013 09:37:10 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
EIO_XP

Error: (01/27/2013 09:37:10 AM) (Source: Service Control Manager) (User: )
Description: The EIO_XP service failed to start due to the following error:
%%2

Error: (01/26/2013 06:29:34 PM) (Source: Service Control Manager) (User: )
Description: The EIO_XP service failed to start due to the following error:
%%2

Error: (01/26/2013 06:29:31 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
EIO_XP

Error: (01/26/2013 06:29:31 PM) (Source: Service Control Manager) (User: )
Description: The EIO_XP service failed to start due to the following error:
%%2

Error: (01/26/2013 06:15:59 PM) (Source: Service Control Manager) (User: )
Description: The EIO_XP service failed to start due to the following error:
%%2

Error: (01/26/2013 06:15:56 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
EIO_XP

Error: (01/26/2013 06:15:56 PM) (Source: Service Control Manager) (User: )
Description: The EIO_XP service failed to start due to the following error:
%%2

Error: (01/26/2013 04:47:32 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Google Updater Service service to connect.


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
Date: 2013-01-27 15:18:26.036
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00174_022\avcuf64.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-01-27 14:12:16.682
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00174_022\avcuf64.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-01-27 13:50:48.862
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00174_022\avcuf64.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-01-27 13:27:05.443
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00174_022\avcuf64.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-01-27 13:15:48.130
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00174_022\avcuf64.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-01-27 11:44:03.934
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00174_022\avcuf64.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-01-27 11:22:01.644
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00174_022\avcuf64.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-01-27 09:37:01.261
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00174_022\avcuf64.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-01-26 18:38:09.266
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00174_022\avcuf64.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-01-26 18:29:19.158
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00174_022\avcuf64.dll because the set of per-page image hashes could not be found on the system.


=========================== Installed Programs ============================

Adobe Flash Player 11 ActiveX (Version: 11.5.502.146)
Adobe Reader X (10.1.5) (Version: 10.1.5)
ASUS CopyProtect (Version: 1.0.0012)
ASUS Data Security Manager (Version: 1.00.0011)
ASUS LifeFrame3 (Version: 3.0.19)
ASUS Live Update (Version: 2.5.7)
ASUS MultiFrame (Version: 1.0.0018)
ASUS SmartLogon (Version: 1.0.0005)
ASUS Splendid Video Enhancement Technology (Version: 1.02.0025)
ASUS Turbo Gear Enhanced VGA Driver (Version: 0.0.0.18)
ASUS Virtual Camera (Version: 1.0.14)
Asus_Camera_ScreenSaver (Version: 2.0.0008)
Atheros Client Installation Program (Version: 7.0)
ATK Generic Function Service (Version: 1.00.0008)
ATK Hotkey (Version: 1.0.0049)
ATK Media (Version: 2.0.0004)
ATKOSD2 (Version: 7.0.0003)
Bitdefender Antivirus Plus 2013 (Version: 16.16.0.1348)
ChkMail (Version: 2.0.0.16)
Cisco EAP-FAST Module (Version: 2.2.10)
Cisco LEAP Module (Version: 1.0.16)
Cisco PEAP Module (Version: 1.1.3)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
CyberLink LabelPrint (Version: 2.5.1720)
CyberLink Power2Go (Version: 6.1.2713)
D3DX10 (Version: 15.4.2368.0902)
Direct Console 2.0 (Version: 2.0.7)
ESET Online Scanner v3
Express Gate (Version: 1.1.9.2)
Galapago
Geek Squad 24 Hour Computer Support (Version: 2.1.322)
Google Desktop (Version: 5.7.0802.22438)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Guild Wars 2
IHA_MessageCenter (Version: 1.8.70)
Java 7 Update 9 (Version: 7.0.90)
Java Auto Updater (Version: 2.1.9.0)
JavaFX 2.1.1 (Version: 2.1.1)
League of Legends (Version: 1.3)
LoJack Factory Installer (Version: 1.00.0029)
Malwarebytes Anti-Malware version 1.70.0.1100 (Version: 1.70.0.1100)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Suite Activation Assistant (Version: 2.9)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Works (Version: 9.7.0621)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT110 (Version: 16.4.1108.0727)
MSVCRT110_amd64 (Version: 16.4.1108.0727)
myPhotoMovie (remove only) (Version: 1.5.0.170)
NB Probe
NVIDIA 3D Vision Driver 296.10 (Version: 296.10)
NVIDIA Control Panel 296.10 (Version: 296.10)
NVIDIA Graphics Driver 296.10 (Version: 296.10)
NVIDIA Install Application (Version: 2.1002.62.312)
NVIDIA PhysX (Version: 9.12.0213)
NVIDIA PhysX System Software 9.12.0213 (Version: 9.12.0213)
NVIDIA Stereoscopic 3D Driver (Version: 7.17.12.9610)
NVIDIA Update 1.7.11 (Version: 1.7.11)
NVIDIA Update Components (Version: 1.7.11)
P4P (Version: 1.0.0.17)
Pando Media Booster (Version: 2.6.0.8)
Photo Common (Version: 16.4.3503.0728)
Picasa 2 (Version: 2.0)
Razer Lachesis (Version: 1.00.0000)
Realtek 8169 8168 8101E 8102E Ethernet Driver (Version: 1.00.0000)
Realtek High Definition Audio Driver (Version: 6.0.1.5836)
RICOH R5C83x/84x Flash Media Controller Driver Ver.3.55.01 (Version: 3.55.01)
ROCCAT Kone[+] Mouse Driver
Skype™ 5.10 (Version: 5.10.116)
TERA (Version: 1.41)
Turbo Gear Extreme (Version: 1.00.22)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
USB 2.0 1.3M UVC WebCam
Windows Live Communications Platform (Version: 16.4.3503.0728)
Windows Live Essentials (Version: 16.4.3503.0728)
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0)
Windows Live Installer (Version: 16.4.3503.0728)
Windows Live Messenger (Version: 16.4.3503.0728)
Windows Live Photo Common (Version: 16.4.3503.0728)
Windows Live PIMT Platform (Version: 16.4.3503.0728)
Windows Live SOXE (Version: 16.4.3503.0728)
Windows Live SOXE Definitions (Version: 16.4.3503.0728)
Windows Live UX Platform (Version: 16.4.3503.0728)
Windows Live UX Platform Language Pack (Version: 16.4.3503.0728)
WinFlash
Wireless Console 2 (Version: 2.0.10)

========================= Memory info: ===================================

Percentage of memory in use: 48%
Total physical RAM: 6143.04 MB
Available physical RAM: 3141.41 MB
Total Pagefile: 16141.23 MB
Available Pagefile: 12891.4 MB
Total Virtual: 4095.88 MB
Available Virtual: 3943.79 MB

========================= Partitions: =====================================

1 Drive c: (Vista64) (Fixed) (Total:232.88 GB) (Free:118.48 GB) NTFS
2 Drive d: (DATA) (Fixed) (Total:220.19 GB) (Free:220.05 GB) NTFS

========================= Users: ========================================

User accounts for \\ETOLENTINO-PC

Administrator ETolentino Guest
UpdatusUser

========================= Restore Points ==================================

28-12-2012 21:41:47 Scheduled Checkpoint
05-01-2013 22:56:39 Installed iTunes
05-01-2013 23:22:59 Removed Apple Software Update
05-01-2013 23:23:23 Removed Apple Mobile Device Support
05-01-2013 23:25:00 Removed Bonjour
05-01-2013 23:26:31 Removed Apple Application Support
05-01-2013 23:27:06 Removed iTunes
10-01-2013 16:24:51 Windows Update
19-01-2013 02:32:58 Scheduled Checkpoint
27-01-2013 00:23:41 Installed Microsoft Fix it 50267
27-01-2013 00:26:48 Installed Microsoft Fix it 50267

**** End of log ****




Farbar service scanner



Farbar Service Scanner Version: 16-01-2013
Ran by ETolentino (administrator) on 27-01-2013 at 15:21:31
Running from "C:\Users\ETolentino\Desktop"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Attempt to access Google IP returned error. Google IP is offline
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****



adware cleaner



# AdwCleaner v2.109 - Logfile created 01/27/2013 at 15:22:36
# Updated 26/01/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : ETolentino - ETOLENTINO-PC
# Boot Mode : Normal
# Running from : C:\Users\ETolentino\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Registry is clean.

*************************

AdwCleaner[S1].txt - [762 octets] - [27/01/2013 15:22:36]

########## EOF - C:\AdwCleaner[S1].txt - [821 octets] ##########




Junkware removal tool

I kept trying to run the JRT as in administrator but it gets stuck in deep scanning the registry. It's been scanning for about 3 hours. I finally just gave up.




http://www.bleepingcomputer.com/download/rkill/

Rkill 2.4.6 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 01/30/2013 03:04:54 AM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* C:\Windows\SysWOW64\ACEngSvr.exe (PID: 3692) [WD-HEUR]

1 proccess terminated!

Checking Registry for malware related settings:

* Explorer Policy Removed: NoActiveDesktopChanges [HKLM]

Backup Registry file created at:
C:\Users\ETolentino\Desktop\rkill\rkill-01-30-2013-03-04-59.reg

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* Windows Defender Disabled

[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001

Checking Windows Service Integrity:

* Windows Defender (WinDefend) is not Running.
Startup Type set to: Manual

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* No issues found.

Program finished at: 01/30/2013 03:05:10 AM
Execution time: 0 hours(s), 0 minute(s), and 16 seconds(s)





Autoruns

"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms" "" "" ""
+ "rdpclip" "" "" "File not found: rdpclip"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Bdagent" "Bitdefender Agent" "Bitdefender" "c:\program files\bitdefender\bitdefender 2013\bdagent.exe"
+ "RtHDVCpl" "HD Audio Control Panel" "Realtek Semiconductor" "c:\program files\realtek\audio\hda\ravcpl64.exe"
+ "Skytel" "Realtek Voice Manager" "Realtek Semiconductor Corp." "c:\program files\realtek\audio\hda\skytel.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "ACMON" "ACMON " "ATK" "c:\program files (x86)\asus\splendid\acmon.exe"
+ "Adobe ARM" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe"
+ "ADSMTray" "ADSMTray" "ASUSTek Computer Inc." "c:\program files (x86)\asus\asus data security manager\adsmtray.exe"
+ "ASUS Camera ScreenSaver" "" "" "c:\windows\asscrprolog.exe"
+ "ASUS Screen Saver Protector" "AsScrPro" "ASUS" "c:\windows\asscrpro.exe"
+ "ATKMEDIA" "ATK Media" "ASUS" "c:\program files (x86)\asus\atk media\dmedia.exe"
+ "ATKOSD2" "ATKOSD2" "ASUS" "c:\program files (x86)\asus\atkosd2\atkosd2.exe"
+ "ChkMail" "ChkMail" "ChkMail" "c:\program files\chkmail\chkmail\chkmail.exe"
+ "CLMLServer" "CyberLink MediaLibray Service" "CyberLink" "c:\program files (x86)\cyberlink\power2go\clmlsvc.exe"
+ "DirectConsole2" "Direct Console 2.0" "ASUSTek." "c:\program files (x86)\asus\direct console\direct console.exe"
+ "Google Desktop Search" "Google Desktop" "Google" "c:\program files (x86)\google\google desktop search\googledesktop.exe"
+ "HControlUser" "HControlUser" "ASUS" "c:\program files (x86)\asus\atk hotkey\hcontroluser.exe"
+ "Lachesis" "razerhid MFC Application" "" "c:\program files (x86)\razer\lachesis\razerhid.exe"
+ "PowerForPhone" "PowerForPhone" "" "c:\program files (x86)\p4p\p4p.exe"
+ "RoccatKone+" "Kone[+] Monitor Application" "ROCCAT GmbH" "c:\program files (x86)\roccat\kone[+] mouse\kone[+]monitor.exe"
+ "SunJavaUpdateSched" "Java™ Update Scheduler" "Sun Microsystems, Inc." "c:\program files (x86)\common files\java\java update\jusched.exe"
+ "Turbo Gear" "" "" "c:\program files\asus\turbo gear\turbogear.exe"
+ "Turbo Gear Help" "" "" "c:\program files\asus\turbo gear\gearhelp.exe"
+ "UpdateLBPShortCut" "MUI StartMenu Application" "CyberLink Corp." "c:\program files (x86)\cyberlink\labelprint\muitransfer\muistartmenu.exe"
+ "UpdateP2GoShortCut" "MUI StartMenu Application" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\muitransfer\muistartmenu.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files (x86)\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Apple Computer" "" "" "File not found: C:\Users\ETolentino\AppData\Local\bdch\Apple Computer\qnzrdjc.dll"
+ "swg" "GoogleToolbarNotifier" "Google Inc." "c:\program files (x86)\google\googletoolbarnotifier\googletoolbarnotifier.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "text/xml" "Microsoft Office XML MIME Filter" "Microsoft Corporation" "c:\program files\common files\microsoft shared\office12\msoxmlmf.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "ADSMEnDecExt" "" "ASUSTek Computer Inc." "c:\program files (x86)\asus\asus data security manager\shlext\x64\adsmendecext.dll"
+ "BDMenu Class" "BDShellExt Module" "Bitdefender" "c:\program files\bitdefender\bitdefender 2013\bdshellext.dll"
+ "FileShredderCtxMenu Class" "Bitdefender File Shredder Shell Extension" "Bitdefender" "c:\program files\bitdefender\bitdefender 2013\fshredctx.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "ADSMEnDecExt" "" "ASUSTek Computer Inc." "c:\program files (x86)\asus\asus data security manager\shlext\x64\adsmendecext.dll"
+ "BDMenu Class" "BDShellExt Module" "Bitdefender" "c:\program files\bitdefender\bitdefender 2013\bdshellext.dll"
+ "FileShredderCtxMenu Class" "Bitdefender File Shredder Shell Extension" "Bitdefender" "c:\program files\bitdefender\bitdefender 2013\fshredctx.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll"
+ "NvCplDesktopContext" "" "NVIDIA Corporation" "c:\windows\system32\nvshext.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files (x86)\windows sidebar\sbdrop.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "BDMenu Class" "BDShellExt Module" "Bitdefender" "c:\program files\bitdefender\bitdefender 2013\bdshellext.dll"
+ "FileShredderCtxMenu Class" "Bitdefender File Shredder Shell Extension" "Bitdefender" "c:\program files\bitdefender\bitdefender 2013\fshredctx.dll"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "ADSMOverlayIcon" "OverlayIconShlExt" "" "c:\program files (x86)\asus\asus data security manager\shlext\x64\overlayiconshlext64.dll"
+ "ADSMOverlayIcon1" "" "" "c:\program files (x86)\asus\asus data security manager\shlext\x64\overlayiconshlext1_64.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "ADSMOverlayIcon" "OverlayIconShlExt" "" "c:\program files (x86)\asus\asus data security manager\shlext\x86\overlayiconshlext.dll"
+ "ADSMOverlayIcon1" "" "" "c:\program files (x86)\asus\asus data security manager\shlext\x86\overlayiconshlext1.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "Google Toolbar Helper" "" "" "c:\program files (x86)\google\google toolbar\googletoolbar.dll"
+ "Google Toolbar Notifier BHO" "GoogleToolbarNotifier" "Google Inc." "c:\program files (x86)\google\googletoolbarnotifier\4.1.805.1852\swg.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files (x86)\java\jre7\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files (x86)\java\jre7\bin\ssv.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "&Google Toolbar" "" "" "c:\program files (x86)\google\google toolbar\googletoolbar.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "S&end to OneNote" "Microsoft Office OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office12\onbttnie.dll"
"Task Scheduler" "" "" ""
+ "\Adobe Flash Player Updater" "Adobe® Flash® Player Update Service 11.5 r502" "Adobe Systems Incorporated" "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe"
+ "\ASPG" "ASPG application" "ASUS" "c:\program files (x86)\asus\asus copyprotect\aspg.exe"
+ "\ASUS Live Update" "ALU" "" "c:\program files (x86)\asus\asus live update\alu.exe"
+ "\ASUS SmartLogon Console Sensor" "SmartLogon Application" "ASUS" "c:\program files (x86)\asus\smartlogon\sensorsrv.exe"
+ "\Direct Console 2.0" "Direct Console Helper" "ASUSTek." "c:\program files (x86)\asus\direct console\dchelper.exe"
+ "\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task" "Windows Live Social Object Extractor Engine" "Microsoft Corporation" "c:\program files (x86)\windows live\soxe\wlsoxe.dll"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe"
+ "\Microsoft\Windows\Wired\GatherWiredInfo" "" "" "File not found: C:\Windows\system32\gatherWiredInfo.vbs"
+ "\Microsoft\Windows\Wireless\GatherWirelessInfo" "" "" "File not found: C:\Windows\system32\gatherWirelessInfo.vbs"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "AdobeARMservice" "Adobe Acrobat Updater keeps your Adobe software up to date." "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe"
+ "AdobeFlashPlayerUpdateSvc" "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes." "Adobe Systems Incorporated" "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe"
+ "ADSMService" "ADSMSrv" "ASUSTek Computer Inc." "c:\program files (x86)\asus\asus data security manager\adsmsrv.exe"
+ "ASLDRService" "ASLDR Service" "" "c:\program files (x86)\asus\atk hotkey\asldrsrv.exe"
+ "ATKGFNEXSrv" "GFNEXSrv" "" "c:\program files\atkgfnex\gfnexsrv.exe"
+ "GoogleDesktopManager-022208-143751" "Google Desktop" "Google" "c:\program files (x86)\google\google desktop search\googledesktop.exe"
+ "gusvc" "gusvc" "Google" "c:\program files (x86)\google\common\google updater\googleupdaterservice.exe"
+ "IHA_MessageCenter" "IHA_MessageCenter" "Verizon" "c:\program files (x86)\verizon\iha_messagecenter\bin\verizon_ihamessagecenter.exe"
+ "nvsvc" "Provides system and desktop level support to the NVIDIA display driver" "NVIDIA Corporation" "c:\windows\system32\nvvsvc.exe"
+ "nvUpdatusService" "NVIDIA Settings Update Manager service, used to check new updates from NVIDIA server." "NVIDIA Corporation" "c:\program files (x86)\nvidia corporation\nvidia update core\daemonu.exe"
+ "odserv" "Run portions of Microsoft Office Diagnostics." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\office12\odserv.exe"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\source engine\ose.exe"
+ "SkypeUpdate" "Enables the detection, download and installation of updates for Skype." "Skype Technologies" "c:\program files (x86)\skype\updater\updater.exe"
+ "spmgr" "spmgr Module" "" "c:\program files\asus\nb probe\spm\spmgr.exe"
+ "Stereo Service" "Provides system support for NVIDIA Stereoscopic 3D driver" "NVIDIA Corporation" "c:\program files (x86)\nvidia corporation\3d vision\nvscpapisvr.exe"
+ "UPDATESRV" "Downloads Bitdefender updates and new malware signatures from the Internet." "Bitdefender" "c:\program files\bitdefender\bitdefender 2013\updatesrv.exe"
+ "VSSERV" "Bitdefender Security Service" "Bitdefender" "c:\program files\bitdefender\bitdefender 2013\vsserv.exe"
+ "WBVGAservice" "" "" "c:\program files (x86)\asus\turbo gear enhanced vga driver\wbvgaservice.exe"
+ "WinDefend" "Protection against spyware and potentially unwanted software" "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll"
+ "wlidsvc" "Enables Windows Live ID authentication." "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidsvc.exe"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
+ "WPFFontCache_v0400" "@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe,-101" "" "File not found: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver (X64)" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "AsDsm" "Data Security Manager Driver" "ASUSTek Computer Inc" "c:\windows\system32\drivers\asdsm.sys"
+ "ASMMAP64" "" "" "c:\program files\atkgfnex\asmmap64.sys"
+ "athr" "Atheros Extensible Wireless LAN device driver" "Atheros Communications, Inc." "c:\windows\system32\drivers\athrx.sys"
+ "avc3" "avc3 File System Minifilter Driver" "BitDefender" "c:\windows\system32\drivers\avc3.sys"
+ "avchv" "BitDefender AntiVirus Active Virus Control Hypervisor driver" "BitDefender" "c:\windows\system32\drivers\avchv.sys"
+ "avckf" "avckf File System Minifilter Driver" "BitDefender" "c:\windows\system32\drivers\avckf.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbda.sys"
+ "b57nd60a" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60a.sys"
+ "bdfwfpf" "BitDefender Firewall WFP Filter Driver" "BitDefender LLC" "c:\program files\common files\bitdefender\bitdefender firewall\bdfwfpf.sys"
+ "BDSandBox" "BitDefender SandBox Filter Driver" "BitDefender SRL" "c:\windows\system32\drivers\bdsandbox.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbda.sys"
+ "EIO_XP" "" "" "File not found: C:\Windows\system32\drivers\EIO64_XP.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
+ "enecir" "ENE CIR Driver for eHome(64)" "ENE TECHNOLOGY INC." "c:\windows\system32\drivers\enecir.sys"
+ "ghaio" "" "" "c:\program files\asus\nb probe\spm\ghaio.sys"
+ "gzflt" "GzFlt File System Minifilter Driver" "BitDefender LLC" "c:\windows\system32\drivers\gzflt.sys"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys"
+ "iaStor" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastor.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "IntcAzAudAddService" "Realtek® High Definition Audio Function Driver" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtkvhd64.sys"
+ "kbfiltr" "Keyboard Filter Driver" " " "c:\windows\system32\drivers\kbfiltr.sys"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys"
+ "lullaby" "lullabyFilter mini-filter driver" "Windows ® Win 7 DDK provider" "c:\windows\system32\drivers\lullaby.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
+ "MTsensor" "ATK0100 ACPI Utility" "" "c:\windows\system32\drivers\atk64amd.sys"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "nvlddmkm" "NVIDIA Windows Kernel Mode Driver, Version 296.10 " "NVIDIA Corporation" "c:\windows\system32\drivers\nvlddmkm.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
+ "rimmptsk" "RICOH MMC Driver" "REDC" "c:\windows\system32\drivers\rimmpx64.sys"
+ "rimsptsk" "RICOH MS Driver" "REDC" "c:\windows\system32\drivers\rimspx64.sys"
+ "rismxdp" "RICOH xD SM Driver" "REDC" "c:\windows\system32\drivers\rixdpx64.sys"
+ "RTL8169" "Realtek 8101E/8168/8169 NDIS6 64-bit Driver " "Realtek Corporation " "c:\windows\system32\drivers\rtlh64.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "SiSGbeLH" "NDIS 6.0 Miniport Driver for SiS191/SiS190 Ethernet Device" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisg664.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
+ "SNP2UVC" "UVC Camera Streaming Driver" "" "c:\windows\system32\drivers\snp2uvc.sys"
+ "stexstor" "Promise SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys"
+ "trufos" "Trufos Mini-Filter Driver" "BitDefender S.R.L." "c:\windows\system32\drivers\trufos.sys"
+ "uisp" "UsbIsp" "Motorola" "c:\windows\system32\drivers\usbicp.sys"
+ "VaneFltr" "Lachesis USB Optical Mouse Driver" "Razer (Asia-Pacific) Pte Ltd" "c:\windows\system32\drivers\lachesis.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codeca.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\syswow64\iccvid.dll"
"HKLM\Software\Classes\Filter" "" "" ""
+ "MainConcept MP4 Demultiplexer" "MPEG-4 Demultiplexer Direct Show Filter" "MainConcept AG" "c:\program files (x86)\avinci\common\mcmp4demux.ax"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "ASUS Color Preview Filter" "ASUS Color Preview Filter" "ASUSTek" "c:\program files (x86)\asus\splendid\rgbtran.ax"
+ "Color Convert" "ASUS Color Preview Filter" "ASUSTek" "c:\program files (x86)\asus\splendid\rgbtran.ax"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "ASUS SplitVCam Pump" "" "" "c:\program files (x86)\asus\virtualcamera\virtualcamera.ax"
+ "ASUS SplitVCam Relayer" "" "" "c:\program files (x86)\asus\virtualcamera\virtualcamera.ax"
+ "ASUS SplitVCam Renderer" "" "" "c:\program files (x86)\asus\virtualcamera\splitvcamrenderer.ax"
+ "ASUS Virtual Camera" "" "" "c:\program files (x86)\asus\virtualcamera\virtualcamera.ax"
+ "CyberLink Audio Noise Reduction" "CLAuNR" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gaunrwrapper.ax"
+ "CyberLink Audio Resampler" "CLAuRsmpl.ax" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gaursmpl.ax"
+ "CyberLink Audio VolumeBooster" "CyberLink Audio Volume Booster Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gvb.ax"
+ "CyberLink AudioCD Filter" "CyberLink AudioCD Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gaudiocd.ax"
+ "Cyberlink Dump Dispatch Filter" "Cyberlink File Dump Dispatch Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gdumpdispatch.ax"
+ "Cyberlink Dump Filter" "Cyberlink File Dump Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gdump.ax"
+ "CyberLink Editing Service 3.0 (Source)" "CES Kernel" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gedtkrn.dll"
+ "Cyberlink File Reader (Async.)" "Cyberlink MPEG File Reader" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2greader.ax"
+ "CyberLink Load Image Filter" "CLImage" "CyberLink" "c:\program files (x86)\cyberlink\shared files\climage.ax"
+ "CyberLink M2V Writer" "CLM2VWriter" "CyberLink" "c:\program files (x86)\cyberlink\power2go\p2gm2vwriter.ax"
+ "CyberLink MP3/WAV Wrapper" "CyberLink MP3 Wrapper" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gmp3wrap.ax"
+ "CyberLink MPEG Decoder" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gmvd.ax"
+ "CyberLink MPEG Muxer" "MpgMux" "CyberLink" "c:\program files (x86)\cyberlink\power2go\p2gmpgmux.ax"
+ "CyberLink MPEG Video Encoder" "CyberLink MPEG Video Encoder " "CyberLink Corp. " "c:\program files (x86)\cyberlink\power2go\p2gvidenc.ax"
+ "CyberLink MPEG-1 Splitter" "CyberLink MPEG Splitter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gm1spliter.ax"
+ "CyberLink MPEG-2 Splitter" "CyberLink MPEG Splitter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gm2spliter.ax"
+ "CyberLink PCM Wrapper" "CyberLink PCM Wrapper" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gpcmenc.ax"
+ "CyberLink TimeStretch Filter (CES)" "CLAuTS.ax" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gauts.ax"
+ "CyberLink TL MPEG Splitter" "CyberLink MPEG Splitter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gtlmsplter.ax"
+ "CyberLink Video Effect" "CLVidFx" "CyberLink" "c:\program files (x86)\cyberlink\power2go\p2gvidfx.ax"
+ "CyberLink Video Regulator" "CLRGL" "Cyberlink" "c:\program files (x86)\cyberlink\power2go\p2grgl.ax"
+ "CyberLink Video Stabilizer" "CLVideoDeShaking" "CyberLink" "c:\program files (x86)\cyberlink\power2go\p2gvideostabilizer.ax"
+ "Gargle" "Gargle Filter (Sample)" "Microsoft Corporation" "c:\program files (x86)\asus\asus lifeframe3\lifeframeaudio.ax"
+ "LifeFrame Image Effects" "Camera Filter" "ASUS" "c:\program files (x86)\asus\asus lifeframe3\camera_effect.ax"
+ "Logon Effects" "SmartLogon Filter" "ASUS" "c:\program files (x86)\asus\smartlogon\face_filter.ax"
+ "MainConcept (Consumer) AVC/H.264 Video Decoder" "AVC/H.264 Video Decoder" "MainConcept AG" "c:\program files (x86)\avinci\common\mcstdavcvd.ax"
+ "MainConcept MP4 Demultiplexer" "MPEG-4 Demultiplexer Direct Show Filter" "MainConcept AG" "c:\program files (x86)\avinci\common\mcmp4demux.ax"
+ "MotionDetect" "" "" "c:\program files (x86)\asus\asus lifeframe3\motiondetect.ax"
+ "P2G Audio Decoder" "CyberLink Audio Decoder Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gaud.ax"
+ "P2G Audio Encoder" "CyberLink Audio Encoder Filter" "Cyberlink Corp." "c:\program files (x86)\cyberlink\power2go\p2gaudenc.ax"
+ "P2G Video Decoder" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gvsd.ax"
+ "P2G Video Regulator" "CyberLink Video Regulator" "CyberLink" "c:\program files (x86)\cyberlink\power2go\p2gresample.ax"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers" "" "" ""
+ "AdsmCredentialProvider" "ADSM Credential Provider" "ASUSTek Computer Inc." "c:\program files (x86)\asus\asus data security manager\shlext\x64\adsmcredentialprovider.dll"
+ "AdsmCredentialProvider" "ADSM Credential Provider" "ASUSTek Computer Inc." "c:\program files (x86)\asus\asus data security manager\shlext\x64\adsmcredentialprovider.dll"
+ "FaceCredentialProvider64" "SmartLogon Dynamic Link Library" "ASUS" "c:\windows\syswow64\facecredentialprovider64.dll"
+ "WLIDCredentialProvider" "Microsoft® Windows Live ID Credential Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidcredprov.dll"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Provider Filters" "" "" ""
+ "AdsmCredentialProvider" "ADSM Credential Provider" "ASUSTek Computer Inc." "c:\program files (x86)\asus\asus data security manager\shlext\x64\adsmcredentialprovider.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64" "" "" ""
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"






I noticed that the redirecting is no longer there anymore also.

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:11 PM

Posted 30 January 2013 - 06:50 AM

That looks good

Remove temporary and junk files

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode


Create a new restore point

Follow this guide to turn off and turn on your restore points

XP- http://support.microsoft.com/kb/310405

Vista & windows 7- http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Turn off your system restore-It deletes old infected restore points

Turn on system restore and create a new restore point

Update JAVA and Flash player

Uninstall old version of java from control panel-Add or remove programs.Download the latest version from here

http://java.com/en/

Update your flash player

Antivirus recommendations

Update your antivirus frequently.Two free antivirus that i would suggest are

Microsoft security essentials or Avast.You can select either one of them.

If you have a paid one,make sure to update it frequently.Do not use multiple security softwares.

Informative guides that could prevent you from being infected again

How did I get infected?

http://www.bleepingcomputer.com/forums/topic2520.html

Best Practices for Safe Computing - Prevention of Malware Infection

http://www.bleepingcomputer.com/forums/topic407147.html

Simple and easy ways to keep your computer safe and secure on the Internet

http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/

Safe surfing :)

#9 ETolentino

ETolentino
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:07:11 PM

Posted 02 February 2013 - 12:43 PM

thanks a lot

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:11 PM

Posted 02 February 2013 - 03:27 PM

You're welcome :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users