Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Strange Redirects in Google Search


  • Please log in to reply
8 replies to this topic

#1 Dizzleyboy

Dizzleyboy

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:10:39 AM

Posted 28 January 2013 - 04:24 PM

It's lovely to be here, but...

Problem
When I click on results in a Google Web search sometimes I get a redirect which fails with a security warning from Google Chrome.
I can't reproduce this at the moment. But the site in question seems always to be (something)...redirect.at

Some system details
- Windows 7 Home Premium
- Google Chrome 24.0.1

Any Action Taken
I am running a full scan from Microsoft Security Essentials.

Well... it looks like a Google Redirect problem. Please can somebody help me?

Dizz

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:39 AM

Posted 28 January 2013 - 04:33 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 Dizzleyboy

Dizzleyboy
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:10:39 AM

Posted 28 January 2013 - 06:44 PM

Thanks.

The scans completed.

TDSSkiller log
--------------
21:51:48.0031 5092 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
21:51:48.0517 5092 ============================================================
21:51:48.0517 5092 Current date / time: 2013/01/28 21:51:48.0517
21:51:48.0517 5092 SystemInfo:
21:51:48.0517 5092
21:51:48.0517 5092 OS Version: 6.1.7601 ServicePack: 1.0
21:51:48.0517 5092 Product type: Workstation
21:51:48.0518 5092 ComputerName: SHINYTHING
21:51:48.0518 5092 UserName: Peter
21:51:48.0518 5092 Windows directory: C:\Windows
21:51:48.0518 5092 System windows directory: C:\Windows
21:51:48.0518 5092 Running under WOW64
21:51:48.0518 5092 Processor architecture: Intel x64
21:51:48.0518 5092 Number of processors: 2
21:51:48.0518 5092 Page size: 0x1000
21:51:48.0518 5092 Boot type: Normal boot
21:51:48.0518 5092 ============================================================
21:51:50.0806 5092 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:51:50.0906 5092 ============================================================
21:51:50.0906 5092 \Device\Harddisk0\DR0:
21:51:50.0917 5092 MBR partitions:
21:51:50.0917 5092 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1770800, BlocksNum 0x32000
21:51:50.0917 5092 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x17A2800, BlocksNum 0x1BA22970
21:51:50.0917 5092 ============================================================
21:51:50.0998 5092 C: <-> \Device\Harddisk0\DR0\Partition2
21:51:50.0998 5092 ============================================================
21:51:50.0998 5092 Initialize success
21:51:50.0998 5092 ============================================================
21:52:46.0410 6640 ============================================================
21:52:46.0410 6640 Scan started
21:52:46.0411 6640 Mode: Manual;
21:52:46.0411 6640 ============================================================
21:52:46.0776 6640 ================ Scan system memory ========================
21:52:46.0777 6640 System memory - ok
21:52:46.0777 6640 ================ Scan services =============================
21:52:47.0020 6640 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
21:52:47.0027 6640 1394ohci - ok
21:52:47.0084 6640 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
21:52:47.0090 6640 ACPI - ok
21:52:47.0129 6640 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
21:52:47.0131 6640 AcpiPmi - ok
21:52:47.0283 6640 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
21:52:47.0335 6640 AdobeARMservice - ok
21:52:47.0548 6640 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:52:47.0555 6640 AdobeFlashPlayerUpdateSvc - ok
21:52:47.0629 6640 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
21:52:47.0647 6640 adp94xx - ok
21:52:47.0689 6640 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
21:52:47.0696 6640 adpahci - ok
21:52:47.0745 6640 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
21:52:47.0749 6640 adpu320 - ok
21:52:47.0783 6640 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
21:52:47.0785 6640 AeLookupSvc - ok
21:52:47.0839 6640 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
21:52:47.0857 6640 AFD - ok
21:52:47.0982 6640 [ B65F8DBA54F251906BBE8611B5A0E7AB ] AgereModemAudio C:\Program Files\LSI SoftModem\agr64svc.exe
21:52:47.0985 6640 AgereModemAudio - ok
21:52:48.0035 6640 [ AF4748EF93416159459769A24A0053AF ] AgereSoftModem C:\Windows\system32\DRIVERS\agrsm64.sys
21:52:48.0070 6640 AgereSoftModem - ok
21:52:48.0127 6640 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
21:52:48.0130 6640 agp440 - ok
21:52:48.0172 6640 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
21:52:48.0176 6640 ALG - ok
21:52:48.0205 6640 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
21:52:48.0210 6640 aliide - ok
21:52:48.0237 6640 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
21:52:48.0239 6640 amdide - ok
21:52:48.0281 6640 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
21:52:48.0284 6640 AmdK8 - ok
21:52:48.0297 6640 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
21:52:48.0299 6640 AmdPPM - ok
21:52:48.0357 6640 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
21:52:48.0360 6640 amdsata - ok
21:52:48.0378 6640 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
21:52:48.0382 6640 amdsbs - ok
21:52:48.0404 6640 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
21:52:48.0406 6640 amdxata - ok
21:52:48.0445 6640 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
21:52:48.0447 6640 AppID - ok
21:52:48.0471 6640 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
21:52:48.0472 6640 AppIDSvc - ok
21:52:48.0557 6640 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
21:52:48.0560 6640 Appinfo - ok
21:52:48.0683 6640 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
21:52:48.0686 6640 Apple Mobile Device - ok
21:52:48.0728 6640 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
21:52:48.0730 6640 arc - ok
21:52:48.0749 6640 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
21:52:48.0753 6640 arcsas - ok
21:52:48.0928 6640 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
21:52:48.0931 6640 aspnet_state - ok
21:52:48.0961 6640 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
21:52:48.0965 6640 AsyncMac - ok
21:52:49.0015 6640 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
21:52:49.0016 6640 atapi - ok
21:52:49.0092 6640 [ 0ACC06FCF46F64ED4F11E57EE461C1F4 ] athr C:\Windows\system32\DRIVERS\athrx.sys
21:52:49.0137 6640 athr - ok
21:52:49.0204 6640 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:52:49.0222 6640 AudioEndpointBuilder - ok
21:52:49.0239 6640 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
21:52:49.0244 6640 AudioSrv - ok
21:52:49.0321 6640 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
21:52:49.0324 6640 AxInstSV - ok
21:52:49.0369 6640 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
21:52:49.0387 6640 b06bdrv - ok
21:52:49.0494 6640 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
21:52:49.0499 6640 b57nd60a - ok
21:52:49.0610 6640 [ F48FEB7DA35821DA15E0B006DCB9A169 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe
21:52:49.0615 6640 BBSvc - ok
21:52:49.0685 6640 [ 8E16F7A85441986FD2B9CE6C879524E4 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe
21:52:49.0690 6640 BBUpdate - ok
21:52:49.0743 6640 [ 9E84A931DBEE0292E38ED672F6293A99 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
21:52:49.0778 6640 BCM43XX - ok
21:52:49.0829 6640 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
21:52:49.0831 6640 BDESVC - ok
21:52:50.0022 6640 [ 553E94AE71D233C14A8C8B4AF9286ED0 ] BecHelperService C:\Program Files (x86)\3 Mobile Broadband\3Connect\BecHelperService.exe
21:52:50.0146 6640 BecHelperService - ok
21:52:50.0178 6640 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
21:52:50.0185 6640 Beep - ok
21:52:50.0263 6640 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
21:52:50.0282 6640 BFE - ok
21:52:50.0348 6640 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
21:52:50.0418 6640 BITS - ok
21:52:50.0478 6640 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
21:52:50.0480 6640 blbdrive - ok
21:52:50.0571 6640 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
21:52:50.0589 6640 Bonjour Service - ok
21:52:50.0631 6640 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
21:52:50.0633 6640 bowser - ok
21:52:50.0674 6640 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
21:52:50.0676 6640 BrFiltLo - ok
21:52:50.0711 6640 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
21:52:50.0713 6640 BrFiltUp - ok
21:52:50.0792 6640 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
21:52:50.0795 6640 Browser - ok
21:52:50.0830 6640 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
21:52:50.0835 6640 Brserid - ok
21:52:50.0841 6640 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
21:52:50.0845 6640 BrSerWdm - ok
21:52:50.0854 6640 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
21:52:50.0857 6640 BrUsbMdm - ok
21:52:50.0866 6640 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
21:52:50.0870 6640 BrUsbSer - ok
21:52:50.0880 6640 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
21:52:50.0882 6640 BTHMODEM - ok
21:52:50.0959 6640 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
21:52:50.0961 6640 bthserv - ok
21:52:50.0987 6640 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
21:52:50.0989 6640 cdfs - ok
21:52:51.0084 6640 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
21:52:51.0089 6640 cdrom - ok
21:52:51.0145 6640 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
21:52:51.0149 6640 CertPropSvc - ok
21:52:51.0197 6640 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
21:52:51.0200 6640 circlass - ok
21:52:51.0276 6640 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
21:52:51.0285 6640 CLFS - ok
21:52:51.0373 6640 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:52:51.0376 6640 clr_optimization_v2.0.50727_32 - ok
21:52:51.0472 6640 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:52:51.0475 6640 clr_optimization_v2.0.50727_64 - ok
21:52:51.0632 6640 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:52:51.0637 6640 clr_optimization_v4.0.30319_32 - ok
21:52:51.0659 6640 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:52:51.0664 6640 clr_optimization_v4.0.30319_64 - ok
21:52:51.0743 6640 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
21:52:51.0744 6640 CmBatt - ok
21:52:51.0809 6640 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
21:52:51.0810 6640 cmdide - ok
21:52:51.0898 6640 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys
21:52:51.0905 6640 CNG - ok
21:52:51.0980 6640 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
21:52:51.0982 6640 Compbatt - ok
21:52:52.0139 6640 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
21:52:52.0141 6640 CompositeBus - ok
21:52:52.0153 6640 COMSysApp - ok
21:52:52.0206 6640 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
21:52:52.0209 6640 crcdisk - ok
21:52:52.0275 6640 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
21:52:52.0279 6640 CryptSvc - ok
21:52:52.0332 6640 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
21:52:52.0352 6640 DcomLaunch - ok
21:52:52.0403 6640 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
21:52:52.0408 6640 defragsvc - ok
21:52:52.0489 6640 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
21:52:52.0492 6640 DfsC - ok
21:52:52.0553 6640 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
21:52:52.0561 6640 Dhcp - ok
21:52:52.0617 6640 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
21:52:52.0618 6640 discache - ok
21:52:52.0699 6640 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
21:52:52.0702 6640 Disk - ok
21:52:52.0808 6640 [ D5BCB77BE83CF99F508943945D46343D ] DKbFltr C:\Windows\syswow64\Drivers\DKbFltr.sys
21:52:52.0810 6640 DKbFltr - ok
21:52:52.0850 6640 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
21:52:52.0855 6640 Dnscache - ok
21:52:52.0900 6640 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
21:52:52.0905 6640 dot3svc - ok
21:52:53.0013 6640 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
21:52:53.0019 6640 DPS - ok
21:52:53.0089 6640 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
21:52:53.0090 6640 drmkaud - ok
21:52:53.0171 6640 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
21:52:53.0209 6640 DXGKrnl - ok
21:52:53.0249 6640 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
21:52:53.0251 6640 EapHost - ok
21:52:53.0378 6640 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
21:52:53.0493 6640 ebdrv - ok
21:52:53.0551 6640 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
21:52:53.0553 6640 EFS - ok
21:52:53.0672 6640 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
21:52:53.0712 6640 ehRecvr - ok
21:52:53.0760 6640 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
21:52:53.0762 6640 ehSched - ok
21:52:53.0815 6640 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
21:52:53.0835 6640 elxstor - ok
21:52:53.0921 6640 [ 7C35C6865957289D9EFE6CC73F4AB2E1 ] ePowerSvc C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
21:52:53.0951 6640 ePowerSvc - ok
21:52:53.0993 6640 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
21:52:53.0995 6640 ErrDev - ok
21:52:54.0065 6640 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
21:52:54.0072 6640 EventSystem - ok
21:52:54.0107 6640 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
21:52:54.0112 6640 exfat - ok
21:52:54.0141 6640 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
21:52:54.0145 6640 fastfat - ok
21:52:54.0195 6640 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
21:52:54.0219 6640 Fax - ok
21:52:54.0226 6640 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
21:52:54.0232 6640 fdc - ok
21:52:54.0274 6640 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
21:52:54.0276 6640 fdPHost - ok
21:52:54.0307 6640 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
21:52:54.0309 6640 FDResPub - ok
21:52:54.0330 6640 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
21:52:54.0339 6640 FileInfo - ok
21:52:54.0376 6640 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
21:52:54.0378 6640 Filetrace - ok
21:52:54.0385 6640 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
21:52:54.0392 6640 flpydisk - ok
21:52:54.0468 6640 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
21:52:54.0473 6640 FltMgr - ok
21:52:54.0544 6640 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
21:52:54.0579 6640 FontCache - ok
21:52:54.0670 6640 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:52:54.0672 6640 FontCache3.0.0.0 - ok
21:52:54.0696 6640 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
21:52:54.0700 6640 FsDepends - ok
21:52:54.0739 6640 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
21:52:54.0741 6640 Fs_Rec - ok
21:52:54.0787 6640 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
21:52:54.0792 6640 fvevol - ok
21:52:54.0828 6640 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
21:52:54.0830 6640 gagp30kx - ok
21:52:54.0886 6640 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
21:52:54.0887 6640 GEARAspiWDM - ok
21:52:54.0941 6640 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
21:52:54.0965 6640 gpsvc - ok
21:52:55.0081 6640 [ 816FD5A6F3C2F3D600900096632FC60E ] Greg_Service C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
21:52:55.0090 6640 Greg_Service - ok
21:52:55.0167 6640 [ B9893A68032A6D9ADDB5B98287C630F7 ] grmnusb C:\Windows\system32\drivers\grmnusb.sys
21:52:55.0169 6640 grmnusb - ok
21:52:55.0267 6640 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:52:55.0270 6640 gupdate - ok
21:52:55.0301 6640 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:52:55.0302 6640 gupdatem - ok
21:52:55.0434 6640 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
21:52:55.0440 6640 gusvc - ok
21:52:55.0495 6640 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
21:52:55.0498 6640 hcw85cir - ok
21:52:55.0560 6640 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:52:55.0568 6640 HdAudAddService - ok
21:52:55.0638 6640 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
21:52:55.0642 6640 HDAudBus - ok
21:52:55.0665 6640 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
21:52:55.0668 6640 HidBatt - ok
21:52:55.0681 6640 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
21:52:55.0687 6640 HidBth - ok
21:52:55.0694 6640 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
21:52:55.0698 6640 HidIr - ok
21:52:55.0728 6640 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
21:52:55.0730 6640 hidserv - ok
21:52:55.0744 6640 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
21:52:55.0746 6640 HidUsb - ok
21:52:55.0791 6640 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
21:52:55.0795 6640 hkmsvc - ok
21:52:55.0827 6640 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:52:55.0832 6640 HomeGroupListener - ok
21:52:55.0914 6640 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:52:55.0919 6640 HomeGroupProvider - ok
21:52:55.0963 6640 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
21:52:55.0966 6640 HpSAMD - ok
21:52:56.0019 6640 [ CF44B25AE808765D7308F412AD492DDB ] HTCAND64 C:\Windows\system32\Drivers\ANDROIDUSB.sys
21:52:56.0021 6640 HTCAND64 - ok
21:52:56.0070 6640 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
21:52:56.0089 6640 HTTP - ok
21:52:56.0174 6640 [ 8F9B0FC4EC3A8194BD4CBC5ED3E7ABEB ] hwdatacard C:\Windows\system32\DRIVERS\ewusbmdm.sys
21:52:56.0177 6640 hwdatacard - ok
21:52:56.0257 6640 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
21:52:56.0259 6640 hwpolicy - ok
21:52:56.0323 6640 [ B45B3647BA32749B94FA689175EC8C26 ] hwusbdev C:\Windows\system32\DRIVERS\ewusbdev.sys
21:52:56.0327 6640 hwusbdev - ok
21:52:56.0402 6640 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
21:52:56.0404 6640 i8042prt - ok
21:52:56.0512 6640 [ 7548066DF68A8A1A56B043359F915F37 ] IAANTMON C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
21:52:56.0519 6640 IAANTMON - ok
21:52:56.0556 6640 [ 1D004CB1DA6323B1F55CAEF7F94B61D9 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
21:52:56.0559 6640 iaStor - ok
21:52:56.0617 6640 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
21:52:56.0624 6640 iaStorV - ok
21:52:56.0686 6640 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:52:56.0718 6640 idsvc - ok
21:52:56.0968 6640 [ 2D18C9E1F23970DE32D78D3B1CDDA0A7 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
21:52:57.0152 6640 igfx - ok
21:52:57.0234 6640 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
21:52:57.0237 6640 iirsp - ok
21:52:57.0296 6640 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
21:52:57.0329 6640 IKEEXT - ok
21:52:57.0442 6640 [ 9AA6A93852E36FE76C3F7FC2904F3B01 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
21:52:57.0505 6640 IntcAzAudAddService - ok
21:52:57.0562 6640 [ D485D3BD3E2179AA86853A182F70699F ] IntcHdmiAddService C:\Windows\system32\drivers\IntcHdmi.sys
21:52:57.0566 6640 IntcHdmiAddService - ok
21:52:57.0590 6640 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
21:52:57.0593 6640 intelide - ok
21:52:57.0664 6640 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
21:52:57.0667 6640 intelppm - ok
21:52:57.0709 6640 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
21:52:57.0714 6640 IPBusEnum - ok
21:52:57.0760 6640 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:52:57.0764 6640 IpFilterDriver - ok
21:52:57.0810 6640 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
21:52:57.0827 6640 iphlpsvc - ok
21:52:57.0870 6640 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
21:52:57.0873 6640 IPMIDRV - ok
21:52:57.0898 6640 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
21:52:57.0904 6640 IPNAT - ok
21:52:57.0974 6640 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
21:52:58.0008 6640 iPod Service - ok
21:52:58.0065 6640 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
21:52:58.0066 6640 IRENUM - ok
21:52:58.0121 6640 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
21:52:58.0124 6640 isapnp - ok
21:52:58.0169 6640 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
21:52:58.0174 6640 iScsiPrt - ok
21:52:58.0218 6640 [ 249EE2D26CB1530F3BEDE0AC8B9E3099 ] k57nd60a C:\Windows\system32\DRIVERS\k57nd60a.sys
21:52:58.0225 6640 k57nd60a - ok
21:52:58.0282 6640 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
21:52:58.0285 6640 kbdclass - ok
21:52:58.0350 6640 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
21:52:58.0352 6640 kbdhid - ok
21:52:58.0365 6640 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
21:52:58.0367 6640 KeyIso - ok
21:52:58.0417 6640 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
21:52:58.0419 6640 KSecDD - ok
21:52:58.0481 6640 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
21:52:58.0484 6640 KSecPkg - ok
21:52:58.0538 6640 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
21:52:58.0539 6640 ksthunk - ok
21:52:58.0597 6640 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
21:52:58.0604 6640 KtmRm - ok
21:52:58.0695 6640 [ 2AC603C3188C704CFCE353659AA7AD71 ] L1E C:\Windows\system32\DRIVERS\L1E62x64.sys
21:52:58.0697 6640 L1E - ok
21:52:58.0760 6640 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
21:52:58.0765 6640 LanmanServer - ok
21:52:58.0819 6640 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:52:58.0824 6640 LanmanWorkstation - ok
21:52:58.0869 6640 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
21:52:58.0871 6640 lltdio - ok
21:52:58.0915 6640 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
21:52:58.0922 6640 lltdsvc - ok
21:52:58.0968 6640 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
21:52:58.0970 6640 lmhosts - ok
21:52:59.0004 6640 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
21:52:59.0007 6640 LSI_FC - ok
21:52:59.0023 6640 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
21:52:59.0026 6640 LSI_SAS - ok
21:52:59.0064 6640 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
21:52:59.0066 6640 LSI_SAS2 - ok
21:52:59.0097 6640 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
21:52:59.0100 6640 LSI_SCSI - ok
21:52:59.0139 6640 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
21:52:59.0141 6640 luafv - ok
21:52:59.0187 6640 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
21:52:59.0190 6640 Mcx2Svc - ok
21:52:59.0223 6640 mdvrmng - ok
21:52:59.0245 6640 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
21:52:59.0248 6640 megasas - ok
21:52:59.0270 6640 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
21:52:59.0276 6640 MegaSR - ok
21:52:59.0314 6640 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
21:52:59.0317 6640 MMCSS - ok
21:52:59.0339 6640 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
21:52:59.0341 6640 Modem - ok
21:52:59.0366 6640 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
21:52:59.0367 6640 monitor - ok
21:52:59.0390 6640 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
21:52:59.0394 6640 mouclass - ok
21:52:59.0418 6640 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
21:52:59.0422 6640 mouhid - ok
21:52:59.0478 6640 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
21:52:59.0481 6640 mountmgr - ok
21:52:59.0592 6640 [ 05BF204EC0E82CC4A054DB189C8A3D84 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
21:52:59.0597 6640 MpFilter - ok
21:52:59.0642 6640 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
21:52:59.0645 6640 mpio - ok
21:52:59.0697 6640 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
21:52:59.0699 6640 mpsdrv - ok
21:52:59.0756 6640 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
21:52:59.0777 6640 MpsSvc - ok
21:52:59.0812 6640 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
21:52:59.0816 6640 MRxDAV - ok
21:52:59.0855 6640 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
21:52:59.0858 6640 mrxsmb - ok
21:52:59.0931 6640 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:52:59.0936 6640 mrxsmb10 - ok
21:52:59.0972 6640 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:52:59.0976 6640 mrxsmb20 - ok
21:53:00.0015 6640 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
21:53:00.0017 6640 msahci - ok
21:53:00.0029 6640 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
21:53:00.0033 6640 msdsm - ok
21:53:00.0069 6640 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
21:53:00.0074 6640 MSDTC - ok
21:53:00.0117 6640 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
21:53:00.0119 6640 Msfs - ok
21:53:00.0144 6640 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
21:53:00.0145 6640 mshidkmdf - ok
21:53:00.0209 6640 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
21:53:00.0211 6640 msisadrv - ok
21:53:00.0245 6640 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
21:53:00.0249 6640 MSiSCSI - ok
21:53:00.0258 6640 msiserver - ok
21:53:00.0284 6640 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
21:53:00.0286 6640 MSKSSRV - ok
21:53:00.0375 6640 [ CC8E4F72F21340A4D3A3D4DB50313EF5 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
21:53:00.0376 6640 MsMpSvc - ok
21:53:00.0423 6640 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
21:53:00.0425 6640 MSPCLOCK - ok
21:53:00.0434 6640 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
21:53:00.0436 6640 MSPQM - ok
21:53:00.0485 6640 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
21:53:00.0490 6640 MsRPC - ok
21:53:00.0559 6640 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
21:53:00.0561 6640 mssmbios - ok
21:53:00.0585 6640 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
21:53:00.0586 6640 MSTEE - ok
21:53:00.0623 6640 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
21:53:00.0625 6640 MTConfig - ok
21:53:00.0660 6640 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
21:53:00.0662 6640 Mup - ok
21:53:00.0701 6640 [ A906B08944EF1BEC17AE306E9FDB35D0 ] mv2 C:\Windows\system32\DRIVERS\mv2.sys
21:53:00.0734 6640 mv2 - ok
21:53:00.0770 6640 [ 6FFECC25B39DC7652A0CEC0ADA9DB589 ] mwlPSDFilter C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
21:53:00.0772 6640 mwlPSDFilter - ok
21:53:00.0785 6640 [ 0BEFE32CA56D6EE89D58175725596A85 ] mwlPSDNServ C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
21:53:00.0786 6640 mwlPSDNServ - ok
21:53:00.0806 6640 [ D43BC633B8660463E446E28E14A51262 ] mwlPSDVDisk C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
21:53:00.0808 6640 mwlPSDVDisk - ok
21:53:00.0901 6640 [ 0F5FAAC852DB4C340B7A2F187E3358B8 ] MWLService C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe
21:53:00.0906 6640 MWLService - ok
21:53:00.0957 6640 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
21:53:00.0975 6640 napagent - ok
21:53:01.0037 6640 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
21:53:01.0044 6640 NativeWifiP - ok
21:53:01.0143 6640 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
21:53:01.0179 6640 NDIS - ok
21:53:01.0208 6640 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
21:53:01.0210 6640 NdisCap - ok
21:53:01.0236 6640 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
21:53:01.0249 6640 NdisTapi - ok
21:53:01.0309 6640 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
21:53:01.0311 6640 Ndisuio - ok
21:53:01.0375 6640 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
21:53:01.0379 6640 NdisWan - ok
21:53:01.0427 6640 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
21:53:01.0429 6640 NDProxy - ok
21:53:01.0461 6640 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
21:53:01.0463 6640 NetBIOS - ok
21:53:01.0509 6640 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
21:53:01.0514 6640 NetBT - ok
21:53:01.0534 6640 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
21:53:01.0536 6640 Netlogon - ok
21:53:01.0588 6640 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
21:53:01.0595 6640 Netman - ok
21:53:01.0708 6640 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:53:01.0711 6640 NetMsmqActivator - ok
21:53:01.0717 6640 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:53:01.0719 6640 NetPipeActivator - ok
21:53:01.0751 6640 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
21:53:01.0770 6640 netprofm - ok
21:53:01.0783 6640 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:53:01.0785 6640 NetTcpActivator - ok
21:53:01.0799 6640 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:53:01.0800 6640 NetTcpPortSharing - ok
21:53:01.0869 6640 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
21:53:01.0871 6640 nfrd960 - ok
21:53:01.0929 6640 [ 5FF89F20317309D28AC1EDEB0CD1BA72 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
21:53:01.0932 6640 NisDrv - ok
21:53:01.0999 6640 [ 79E80B10FE8F6662E0C9162A68C43444 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
21:53:02.0005 6640 NisSrv - ok
21:53:02.0081 6640 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
21:53:02.0086 6640 NlaSvc - ok
21:53:02.0111 6640 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
21:53:02.0112 6640 Npfs - ok
21:53:02.0138 6640 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
21:53:02.0141 6640 nsi - ok
21:53:02.0164 6640 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
21:53:02.0166 6640 nsiproxy - ok
21:53:02.0243 6640 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
21:53:02.0310 6640 Ntfs - ok
21:53:02.0395 6640 [ 70E3EB0CEF795D348F05E5A9B115F491 ] NTI IScheduleSvc C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
21:53:02.0397 6640 NTI IScheduleSvc - ok
21:53:02.0442 6640 [ 64DDD0DEE976302F4BD93E5EFCC2F013 ] NTIDrvr C:\Windows\system32\drivers\NTIDrvr.sys
21:53:02.0444 6640 NTIDrvr - ok
21:53:02.0502 6640 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
21:53:02.0506 6640 Null - ok
21:53:02.0527 6640 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
21:53:02.0530 6640 nvraid - ok
21:53:02.0568 6640 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
21:53:02.0571 6640 nvstor - ok
21:53:02.0618 6640 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
21:53:02.0621 6640 nv_agp - ok
21:53:02.0780 6640 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
21:53:02.0798 6640 odserv - ok
21:53:02.0854 6640 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
21:53:02.0856 6640 ohci1394 - ok
21:53:02.0887 6640 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:53:02.0892 6640 ose - ok
21:53:02.0924 6640 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
21:53:02.0930 6640 p2pimsvc - ok
21:53:02.0991 6640 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
21:53:02.0999 6640 p2psvc - ok
21:53:03.0068 6640 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
21:53:03.0071 6640 Parport - ok
21:53:03.0109 6640 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
21:53:03.0111 6640 partmgr - ok
21:53:03.0130 6640 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
21:53:03.0136 6640 PcaSvc - ok
21:53:03.0209 6640 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
21:53:03.0213 6640 pci - ok
21:53:03.0237 6640 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
21:53:03.0238 6640 pciide - ok
21:53:03.0263 6640 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
21:53:03.0268 6640 pcmcia - ok
21:53:03.0301 6640 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
21:53:03.0303 6640 pcw - ok
21:53:03.0336 6640 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
21:53:03.0359 6640 PEAUTH - ok
21:53:03.0461 6640 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
21:53:03.0463 6640 PerfHost - ok
21:53:03.0541 6640 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
21:53:03.0575 6640 pla - ok
21:53:03.0625 6640 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
21:53:03.0644 6640 PlugPlay - ok
21:53:03.0669 6640 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
21:53:03.0672 6640 PNRPAutoReg - ok
21:53:03.0713 6640 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
21:53:03.0718 6640 PNRPsvc - ok
21:53:03.0770 6640 [ 33328FA8A580885AB0065BE6DB266E9F ] Point64 C:\Windows\system32\DRIVERS\point64.sys
21:53:03.0772 6640 Point64 - ok
21:53:03.0824 6640 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
21:53:03.0845 6640 PolicyAgent - ok
21:53:03.0874 6640 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
21:53:03.0879 6640 Power - ok
21:53:03.0940 6640 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
21:53:03.0944 6640 PptpMiniport - ok
21:53:04.0001 6640 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
21:53:04.0005 6640 Processor - ok
21:53:04.0054 6640 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
21:53:04.0060 6640 ProfSvc - ok
21:53:04.0081 6640 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
21:53:04.0082 6640 ProtectedStorage - ok
21:53:04.0142 6640 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
21:53:04.0145 6640 Psched - ok
21:53:04.0192 6640 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
21:53:04.0237 6640 ql2300 - ok
21:53:04.0322 6640 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
21:53:04.0327 6640 ql40xx - ok
21:53:04.0387 6640 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
21:53:04.0393 6640 QWAVE - ok
21:53:04.0410 6640 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
21:53:04.0412 6640 QWAVEdrv - ok
21:53:04.0611 6640 [ F98487B25828441B1C6488C642C2AC10 ] RapportCerberus_43926 C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\43926\RapportCerberus64_43926.sys
21:53:04.0630 6640 RapportCerberus_43926 - ok
21:53:04.0765 6640 [ EAE1BB44F17EB3F439367AAC6B829D55 ] RapportEI64 C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys
21:53:04.0767 6640 RapportEI64 - ok
21:53:04.0799 6640 [ 428ABD0B5D771284F393356C6729074F ] RapportKE64 C:\Windows\system32\Drivers\RapportKE64.sys
21:53:04.0801 6640 RapportKE64 - ok
21:53:04.0920 6640 [ 35468625105F5B10FCF43E5D58659924 ] RapportMgmtService C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
21:53:04.0936 6640 RapportMgmtService - ok
21:53:05.0002 6640 [ 4CCFCED21C81C0C1D2BE6CB3ABF8A217 ] RapportPG64 C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys
21:53:05.0007 6640 RapportPG64 - ok
21:53:05.0044 6640 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
21:53:05.0046 6640 RasAcd - ok
21:53:05.0114 6640 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
21:53:05.0116 6640 RasAgileVpn - ok
21:53:05.0157 6640 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
21:53:05.0162 6640 RasAuto - ok
21:53:05.0213 6640 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
21:53:05.0217 6640 Rasl2tp - ok
21:53:05.0301 6640 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
21:53:05.0307 6640 RasMan - ok
21:53:05.0333 6640 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
21:53:05.0336 6640 RasPppoe - ok
21:53:05.0368 6640 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
21:53:05.0371 6640 RasSstp - ok
21:53:05.0415 6640 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
21:53:05.0420 6640 rdbss - ok
21:53:05.0442 6640 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
21:53:05.0446 6640 rdpbus - ok
21:53:05.0501 6640 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
21:53:05.0503 6640 RDPCDD - ok
21:53:05.0537 6640 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
21:53:05.0539 6640 RDPENCDD - ok
21:53:05.0553 6640 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
21:53:05.0556 6640 RDPREFMP - ok
21:53:05.0626 6640 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
21:53:05.0629 6640 RdpVideoMiniport - ok
21:53:05.0680 6640 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
21:53:05.0684 6640 RDPWD - ok
21:53:05.0751 6640 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
21:53:05.0755 6640 rdyboost - ok
21:53:05.0781 6640 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
21:53:05.0785 6640 RemoteAccess - ok
21:53:05.0813 6640 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
21:53:05.0818 6640 RemoteRegistry - ok
21:53:05.0851 6640 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
21:53:05.0855 6640 RpcEptMapper - ok
21:53:05.0902 6640 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
21:53:05.0905 6640 RpcLocator - ok
21:53:05.0974 6640 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
21:53:05.0980 6640 RpcSs - ok
21:53:06.0035 6640 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
21:53:06.0041 6640 rspndr - ok
21:53:06.0087 6640 [ 2DB8116D52B19216812C4E6D5D837810 ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
21:53:06.0091 6640 RSUSBSTOR - ok
21:53:06.0117 6640 RtsUIR - ok
21:53:06.0160 6640 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
21:53:06.0161 6640 SamSs - ok
21:53:06.0205 6640 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
21:53:06.0209 6640 sbp2port - ok
21:53:06.0258 6640 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
21:53:06.0266 6640 SCardSvr - ok
21:53:06.0308 6640 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
21:53:06.0309 6640 scfilter - ok
21:53:06.0400 6640 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
21:53:06.0447 6640 Schedule - ok
21:53:06.0500 6640 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
21:53:06.0501 6640 SCPolicySvc - ok
21:53:06.0550 6640 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
21:53:06.0555 6640 SDRSVC - ok
21:53:06.0589 6640 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
21:53:06.0590 6640 secdrv - ok
21:53:06.0629 6640 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
21:53:06.0633 6640 seclogon - ok
21:53:06.0713 6640 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
21:53:06.0716 6640 SENS - ok
21:53:06.0738 6640 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
21:53:06.0742 6640 SensrSvc - ok
21:53:06.0798 6640 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
21:53:06.0799 6640 Serenum - ok
21:53:06.0850 6640 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
21:53:06.0853 6640 Serial - ok
21:53:06.0887 6640 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
21:53:06.0888 6640 sermouse - ok
21:53:06.0955 6640 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
21:53:06.0959 6640 SessionEnv - ok
21:53:06.0999 6640 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
21:53:07.0000 6640 sffdisk - ok
21:53:07.0020 6640 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
21:53:07.0022 6640 sffp_mmc - ok
21:53:07.0043 6640 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
21:53:07.0047 6640 sffp_sd - ok
21:53:07.0055 6640 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
21:53:07.0057 6640 sfloppy - ok
21:53:07.0105 6640 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
21:53:07.0112 6640 SharedAccess - ok
21:53:07.0188 6640 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:53:07.0207 6640 ShellHWDetection - ok
21:53:07.0230 6640 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
21:53:07.0232 6640 SiSRaid2 - ok
21:53:07.0285 6640 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
21:53:07.0288 6640 SiSRaid4 - ok
21:53:07.0404 6640 [ 8C4F0DCC6A5100D48F9B2F950CDD220F ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
21:53:07.0407 6640 SkypeUpdate - ok
21:53:07.0441 6640 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
21:53:07.0444 6640 Smb - ok
21:53:07.0498 6640 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
21:53:07.0501 6640 SNMPTRAP - ok
21:53:07.0527 6640 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
21:53:07.0530 6640 spldr - ok
21:53:07.0586 6640 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
21:53:07.0605 6640 Spooler - ok
21:53:07.0729 6640 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
21:53:07.0828 6640 sppsvc - ok
21:53:07.0864 6640 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
21:53:07.0868 6640 sppuinotify - ok
21:53:07.0911 6640 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
21:53:07.0930 6640 srv - ok
21:53:07.0951 6640 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
21:53:07.0957 6640 srv2 - ok
21:53:07.0985 6640 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
21:53:07.0989 6640 srvnet - ok
21:53:08.0016 6640 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
21:53:08.0021 6640 SSDPSRV - ok
21:53:08.0045 6640 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
21:53:08.0049 6640 SstpSvc - ok
21:53:08.0082 6640 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
21:53:08.0085 6640 stexstor - ok
21:53:08.0139 6640 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
21:53:08.0141 6640 StillCam - ok
21:53:08.0197 6640 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
21:53:08.0219 6640 stisvc - ok
21:53:08.0265 6640 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
21:53:08.0267 6640 swenum - ok
21:53:08.0287 6640 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
21:53:08.0307 6640 swprv - ok
21:53:08.0373 6640 [ BCF305959B53B200CEB2AD25AD22F8A7 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
21:53:08.0381 6640 SynTP - ok
21:53:08.0471 6640 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
21:53:08.0524 6640 SysMain - ok
21:53:08.0561 6640 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:53:08.0567 6640 TabletInputService - ok
21:53:08.0625 6640 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
21:53:08.0631 6640 TapiSrv - ok
21:53:08.0695 6640 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
21:53:08.0698 6640 TBS - ok
21:53:08.0812 6640 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
21:53:08.0869 6640 Tcpip - ok
21:53:08.0959 6640 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
21:53:08.0972 6640 TCPIP6 - ok
21:53:09.0020 6640 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
21:53:09.0023 6640 tcpipreg - ok
21:53:09.0057 6640 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
21:53:09.0059 6640 TDPIPE - ok
21:53:09.0097 6640 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
21:53:09.0099 6640 TDTCP - ok
21:53:09.0157 6640 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
21:53:09.0160 6640 tdx - ok
21:53:09.0204 6640 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
21:53:09.0207 6640 TermDD - ok
21:53:09.0258 6640 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
21:53:09.0271 6640 TermService - ok
21:53:09.0316 6640 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
21:53:09.0319 6640 Themes - ok
21:53:09.0354 6640 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
21:53:09.0357 6640 THREADORDER - ok
21:53:09.0375 6640 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
21:53:09.0379 6640 TrkWks - ok
21:53:09.0440 6640 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:53:09.0445 6640 TrustedInstaller - ok
21:53:09.0480 6640 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
21:53:09.0483 6640 tssecsrv - ok
21:53:09.0523 6640 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
21:53:09.0525 6640 TsUsbFlt - ok
21:53:09.0589 6640 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
21:53:09.0592 6640 tunnel - ok
21:53:09.0710 6640 [ E6118E6FA528A62CB31B8BC4013A3DAF ] tvnserver C:\Program Files\TightVNC\tvnserver.exe
21:53:09.0760 6640 tvnserver - ok
21:53:09.0791 6640 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
21:53:09.0793 6640 uagp35 - ok
21:53:09.0830 6640 [ 2E22C1FD397A5A9FFEF55E9D1FC96C00 ] UBHelper C:\Windows\system32\drivers\UBHelper.sys
21:53:09.0833 6640 UBHelper - ok
21:53:09.0879 6640 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
21:53:09.0885 6640 udfs - ok
21:53:09.0919 6640 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
21:53:09.0922 6640 UI0Detect - ok
21:53:09.0952 6640 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
21:53:09.0955 6640 uliagpkx - ok
21:53:10.0013 6640 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
21:53:10.0015 6640 umbus - ok
21:53:10.0036 6640 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
21:53:10.0037 6640 UmPass - ok
21:53:10.0095 6640 [ 70DDE3A86DBEB1D6C3C30AD687B1877A ] Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
21:53:10.0100 6640 Updater Service - ok
21:53:10.0124 6640 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
21:53:10.0132 6640 upnphost - ok
21:53:10.0187 6640 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
21:53:10.0190 6640 usbaudio - ok
21:53:10.0258 6640 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
21:53:10.0261 6640 usbccgp - ok
21:53:10.0271 6640 USBCCID - ok
21:53:10.0340 6640 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
21:53:10.0345 6640 usbcir - ok
21:53:10.0415 6640 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
21:53:10.0417 6640 usbehci - ok
21:53:10.0455 6640 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
21:53:10.0460 6640 usbhub - ok
21:53:10.0504 6640 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
21:53:10.0507 6640 usbohci - ok
21:53:10.0548 6640 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
21:53:10.0550 6640 usbprint - ok
21:53:10.0613 6640 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
21:53:10.0616 6640 usbscan - ok
21:53:10.0656 6640 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:53:10.0658 6640 USBSTOR - ok
21:53:10.0677 6640 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
21:53:10.0679 6640 usbuhci - ok
21:53:10.0741 6640 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
21:53:10.0745 6640 usbvideo - ok
21:53:10.0856 6640 [ E7474DCA1148597D841E8599D4AC4859 ] uvnc_service C:\Program Files\UltraVNC\WinVNC.exe
21:53:10.0910 6640 uvnc_service - ok
21:53:10.0972 6640 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
21:53:10.0976 6640 UxSms - ok
21:53:10.0996 6640 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
21:53:10.0998 6640 VaultSvc - ok
21:53:11.0050 6640 [ B6437A7C60C817A0D7BEA1D994B01612 ] VBoxDrv C:\Windows\system32\DRIVERS\VBoxDrv.sys
21:53:11.0055 6640 VBoxDrv - ok
21:53:11.0115 6640 [ 9E607F6240EADC4C0B3570F3E5E0358C ] VBoxNetAdp C:\Windows\system32\DRIVERS\VBoxNetAdp.sys
21:53:11.0118 6640 VBoxNetAdp - ok
21:53:11.0132 6640 [ 9F7BC6D33A3AA4AFF35C9DBD69C2BCA0 ] VBoxNetFlt C:\Windows\system32\DRIVERS\VBoxNetFlt.sys
21:53:11.0137 6640 VBoxNetFlt - ok
21:53:11.0200 6640 [ 84B57B85A550476456EC5AB32FA99513 ] VBoxUSBMon C:\Windows\system32\DRIVERS\VBoxUSBMon.sys
21:53:11.0203 6640 VBoxUSBMon - ok
21:53:11.0246 6640 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
21:53:11.0248 6640 vdrvroot - ok
21:53:11.0301 6640 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
21:53:11.0321 6640 vds - ok
21:53:11.0352 6640 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
21:53:11.0354 6640 vga - ok
21:53:11.0377 6640 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
21:53:11.0379 6640 VgaSave - ok
21:53:11.0419 6640 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
21:53:11.0423 6640 vhdmp - ok
21:53:11.0444 6640 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
21:53:11.0446 6640 viaide - ok
21:53:11.0474 6640 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
21:53:11.0477 6640 volmgr - ok
21:53:11.0523 6640 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
21:53:11.0530 6640 volmgrx - ok
21:53:11.0554 6640 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
21:53:11.0557 6640 volsnap - ok
21:53:11.0588 6640 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
21:53:11.0592 6640 vsmraid - ok
21:53:11.0661 6640 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
21:53:11.0785 6640 VSS - ok
21:53:11.0811 6640 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
21:53:11.0837 6640 vwifibus - ok
21:53:11.0848 6640 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
21:53:11.0888 6640 vwififlt - ok
21:53:11.0933 6640 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
21:53:11.0955 6640 W32Time - ok
21:53:11.0986 6640 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
21:53:11.0996 6640 WacomPen - ok
21:53:12.0044 6640 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
21:53:12.0053 6640 WANARP - ok
21:53:12.0060 6640 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
21:53:12.0062 6640 Wanarpv6 - ok
21:53:12.0159 6640 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
21:53:12.0192 6640 WatAdminSvc - ok
21:53:12.0289 6640 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
21:53:12.0323 6640 wbengine - ok
21:53:12.0380 6640 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
21:53:12.0385 6640 WbioSrvc - ok
21:53:12.0430 6640 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
21:53:12.0438 6640 wcncsvc - ok
21:53:12.0493 6640 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:53:12.0497 6640 WcsPlugInService - ok
21:53:12.0531 6640 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
21:53:12.0533 6640 Wd - ok
21:53:12.0587 6640 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
21:53:12.0610 6640 Wdf01000 - ok
21:53:12.0639 6640 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
21:53:12.0643 6640 WdiServiceHost - ok
21:53:12.0650 6640 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
21:53:12.0655 6640 WdiSystemHost - ok
21:53:12.0701 6640 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
21:53:12.0708 6640 WebClient - ok
21:53:12.0756 6640 [ D5BA7D43FA2EF656BF7E98A188391E40 ] Wecsvc C:\Windows\system32\wecsvc.dll
21:53:12.0762 6640 Wecsvc - ok
21:53:12.0794 6640 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
21:53:12.0798 6640 wercplsupport - ok
21:53:12.0831 6640 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
21:53:12.0836 6640 WerSvc - ok
21:53:12.0880 6640 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
21:53:12.0882 6640 WfpLwf - ok
21:53:12.0911 6640 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
21:53:12.0913 6640 WIMMount - ok
21:53:12.0931 6640 WinDefend - ok
21:53:12.0961 6640 WinHttpAutoProxySvc - ok
21:53:13.0042 6640 [ 136760C1E9697BAF4ECDEAE5590A0806 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
21:53:13.0047 6640 Winmgmt - ok
21:53:13.0143 6640 [ 3BB6B401A780BF434C8F58137DE10BF7 ] WinRM C:\Windows\system32\WsmSvc.dll
21:53:13.0208 6640 WinRM - ok
21:53:13.0317 6640 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
21:53:13.0319 6640 WinUsb - ok
21:53:13.0362 6640 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
21:53:13.0386 6640 Wlansvc - ok
21:53:13.0505 6640 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
21:53:13.0561 6640 wlidsvc - ok
21:53:13.0609 6640 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
21:53:13.0611 6640 WmiAcpi - ok
21:53:13.0660 6640 [ 4DF841632B62A7CF19A79A05046A8AB1 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
21:53:13.0665 6640 wmiApSrv - ok
21:53:13.0687 6640 WMPNetworkSvc - ok
21:53:13.0728 6640 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
21:53:13.0731 6640 WPCSvc - ok
21:53:13.0771 6640 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
21:53:13.0776 6640 WPDBusEnum - ok
21:53:13.0814 6640 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
21:53:13.0816 6640 ws2ifsl - ok
21:53:13.0833 6640 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
21:53:13.0838 6640 wscsvc - ok
21:53:13.0852 6640 WSearch - ok
21:53:13.0957 6640 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
21:53:14.0014 6640 wuauserv - ok
21:53:14.0054 6640 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
21:53:14.0056 6640 WudfPf - ok
21:53:14.0113 6640 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
21:53:14.0117 6640 WUDFRd - ok
21:53:14.0210 6640 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
21:53:14.0215 6640 wudfsvc - ok
21:53:14.0262 6640 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
21:53:14.0270 6640 WwanSvc - ok
21:53:14.0333 6640 ================ Scan global ===============================
21:53:14.0376 6640 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
21:53:14.0413 6640 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
21:53:14.0458 6640 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
21:53:14.0512 6640 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
21:53:14.0549 6640 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
21:53:14.0555 6640 [Global] - ok
21:53:14.0561 6640 ================ Scan MBR ==================================
21:53:14.0606 6640 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
21:53:14.0809 6640 \Device\Harddisk0\DR0 - ok
21:53:14.0810 6640 ================ Scan VBR ==================================
21:53:14.0814 6640 [ 7E282B81F3C393AEFDF28FBE2AB18091 ] \Device\Harddisk0\DR0\Partition1
21:53:14.0816 6640 \Device\Harddisk0\DR0\Partition1 - ok
21:53:14.0829 6640 [ 80EBEBA4C6CE9C8871184359A26566E4 ] \Device\Harddisk0\DR0\Partition2
21:53:14.0831 6640 \Device\Harddisk0\DR0\Partition2 - ok
21:53:14.0832 6640 ============================================================
21:53:14.0832 6640 Scan finished
21:53:14.0832 6640 ============================================================
21:53:14.0911 6852 Detected object count: 0
21:53:14.0912 6852 Actual detected object count: 0

aswMBR log
----------
aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2013-01-28 22:00:36
-----------------------------
22:00:36.416 OS Version: Windows x64 6.1.7601 Service Pack 1
22:00:36.416 Number of processors: 2 586 0x170A
22:00:36.416 ComputerName: SHINYTHING UserName: Peter
22:00:37.228 Initialize success
22:00:49.848 AVAST engine defs: 13012800
22:00:53.873 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
22:00:53.873 Disk 0 Vendor: WDC_WD25 11.0 Size: 238475MB BusType: 3
22:00:53.888 Disk 0 MBR read successfully
22:00:53.888 Disk 0 MBR scan
22:00:53.904 Disk 0 Windows VISTA default MBR code
22:00:53.920 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 12000 MB offset 2048
22:00:54.044 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 24578048
22:00:54.060 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 226373 MB offset 24782848
22:00:54.076 Disk 0 scanning C:\Windows\system32\drivers
22:01:33.921 Service scanning
22:02:42.354 Modules scanning
22:02:42.354 Disk 0 trace - called modules:
22:02:42.401 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
22:02:42.416 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8002fb6060]
22:02:42.416 3 CLASSPNP.SYS[fffff88001bb143f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8002401050]
22:02:44.631 AVAST engine scan C:\Windows
22:02:48.469 AVAST engine scan C:\Windows\system32
22:06:22.174 AVAST engine scan C:\Windows\system32\drivers
22:06:33.888 AVAST engine scan C:\Users\Peter
22:08:23.179 Disk 0 MBR has been saved successfully to "C:\Users\Peter\Documents\Malware-report\MBR.dat"
22:08:23.179 The log file has been saved successfully to "C:\Users\Peter\Documents\Malware-report\aswMBR.txt"


aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2013-01-28 22:00:36
-----------------------------
22:00:36.416 OS Version: Windows x64 6.1.7601 Service Pack 1
22:00:36.416 Number of processors: 2 586 0x170A
22:00:36.416 ComputerName: SHINYTHING UserName: Peter
22:00:37.228 Initialize success
22:00:49.848 AVAST engine defs: 13012800
22:00:53.873 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
22:00:53.873 Disk 0 Vendor: WDC_WD25 11.0 Size: 238475MB BusType: 3
22:00:53.888 Disk 0 MBR read successfully
22:00:53.888 Disk 0 MBR scan
22:00:53.904 Disk 0 Windows VISTA default MBR code
22:00:53.920 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 12000 MB offset 2048
22:00:54.044 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 24578048
22:00:54.060 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 226373 MB offset 24782848
22:00:54.076 Disk 0 scanning C:\Windows\system32\drivers
22:01:33.921 Service scanning
22:02:42.354 Modules scanning
22:02:42.354 Disk 0 trace - called modules:
22:02:42.401 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
22:02:42.416 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8002fb6060]
22:02:42.416 3 CLASSPNP.SYS[fffff88001bb143f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8002401050]
22:02:44.631 AVAST engine scan C:\Windows
22:02:48.469 AVAST engine scan C:\Windows\system32
22:06:22.174 AVAST engine scan C:\Windows\system32\drivers
22:06:33.888 AVAST engine scan C:\Users\Peter
22:08:23.179 Disk 0 MBR has been saved successfully to "C:\Users\Peter\Documents\Malware-report\MBR.dat"
22:08:23.179 The log file has been saved successfully to "C:\Users\Peter\Documents\Malware-report\aswMBR.txt"
22:20:17.149 AVAST engine scan C:\ProgramData
22:22:27.237 Scan finished successfully
22:22:54.007 Disk 0 MBR has been saved successfully to "C:\Users\Peter\Documents\Malware-report\MBR.dat"
22:22:54.022 The log file has been saved successfully to "C:\Users\Peter\Documents\Malware-report\aswMBR.txt"

Note - I saved the log twice.

ESET log
--------

C:\Users\Peter\Downloads\Setup.exe a variant of Win32/Adware.iBryte.D application cleaned by deleting - quarantined



End of logs.

I'm going to bed now so I can continue tomorrow. I will hibernate the PC.

Thanks for the help.

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:39 AM

Posted 28 January 2013 - 06:47 PM

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.


Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

#5 Dizzleyboy

Dizzleyboy
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:10:39 AM

Posted 29 January 2013 - 01:25 AM

I'm about to do this next step - but Chrome reports that http://thisisudax.org/downloads/JRT.exe JUNKWARE REMOVAL TOOL appears to be malicious.

#6 Dizzleyboy

Dizzleyboy
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:10:39 AM

Posted 29 January 2013 - 04:09 AM

OK I've done as you ask.

- LOGS -

Malwarebytes
------------
Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Database version: v2013.01.29.03

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Peter :: SHINYTHING [administrator]

29/01/2013 06:51:02
mbam-log-2013-01-29 (06-51-02).txt

Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 430494
Time elapsed: 1 hour(s), 44 minute(s), 7 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)


Minitoolbox
-----------
MiniToolBox by Farbar Version:10-01-2013
Ran by Peter (administrator) on 29-01-2013 at 08:37:56
Running from "C:\Users\Peter\Downloads"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================



========================= IP Configuration: ================================

Atheros AR5B93 Wireless Network Adapter = Wireless Network Connection (Connected)
VirtualBox Host-Only Ethernet Adapter = VirtualBox Host-Only Network (Connected)
Broadcom NetLink ™ Gigabit Ethernet = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : SHINYTHING
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : DISLEY.PLUS.COM

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : DISLEY.PLUS.COM
Description . . . . . . . . . . . : Atheros AR5B93 Wireless Network Adapter
Physical Address. . . . . . . . . : 0C-60-76-0A-9F-D0
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::c85f:a440:750b:b7e8%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.106(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : 29 January 2013 06:13:17
Lease Expires . . . . . . . . . . : 30 January 2013 06:13:21
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 302801014
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-9E-64-66-00-1F-16-C2-5D-B7
DNS Servers . . . . . . . . . . . : 212.159.6.10
212.159.6.9
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Broadcom NetLink ™ Gigabit Ethernet
Physical Address. . . . . . . . . : 00-1F-16-C2-5D-B7
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter VirtualBox Host-Only Network:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : VirtualBox Host-Only Ethernet Adapter
Physical Address. . . . . . . . . : 08-00-27-00-10-F2
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::7d17:b88e:9274:eb43%16(Preferred)
Autoconfiguration IPv4 Address. . : 169.254.235.67(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.0.0
Default Gateway . . . . . . . . . :
DHCPv6 IAID . . . . . . . . . . . : 436731943
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-9E-64-66-00-1F-16-C2-5D-B7
DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
fec0:0:0:ffff::2%1
fec0:0:0:ffff::3%1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{85350625-A1AC-45C1-BA99-723671321840}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.DISLEY.PLUS.COM:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 12:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : DISLEY.PLUS.COM
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: cdns02.plus.net
Address: 212.159.6.10

Name: google.com
Addresses: 2a00:1450:4009:806::1004
173.194.41.163
173.194.41.165
173.194.41.164
173.194.41.167
173.194.41.161
173.194.41.169
173.194.41.166
173.194.41.168
173.194.41.160
173.194.41.174
173.194.41.162


Pinging google.com [173.194.34.104] with 32 bytes of data:
Reply from 173.194.34.104: bytes=32 time=22ms TTL=55
Reply from 173.194.34.104: bytes=32 time=26ms TTL=55

Ping statistics for 173.194.34.104:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 22ms, Maximum = 26ms, Average = 24ms
Server: cdns02.plus.net
Address: 212.159.6.10

Name: yahoo.com
Addresses: 98.138.253.109
98.139.183.24
206.190.36.45


Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=261ms TTL=45
Reply from 98.138.253.109: bytes=32 time=195ms TTL=45

Ping statistics for 98.138.253.109:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 195ms, Maximum = 261ms, Average = 228ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
11...0c 60 76 0a 9f d0 ......Atheros AR5B93 Wireless Network Adapter
10...00 1f 16 c2 5d b7 ......Broadcom NetLink ™ Gigabit Ethernet
16...08 00 27 00 10 f2 ......VirtualBox Host-Only Ethernet Adapter
1...........................Software Loopback Interface 1
18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
21...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.106 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
169.254.0.0 255.255.0.0 On-link 169.254.235.67 276
169.254.235.67 255.255.255.255 On-link 169.254.235.67 276
169.254.255.255 255.255.255.255 On-link 169.254.235.67 276
192.168.1.0 255.255.255.0 On-link 192.168.1.106 276
192.168.1.106 255.255.255.255 On-link 192.168.1.106 276
192.168.1.255 255.255.255.255 On-link 192.168.1.106 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 169.254.235.67 276
224.0.0.0 240.0.0.0 On-link 192.168.1.106 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 169.254.235.67 276
255.255.255.255 255.255.255.255 On-link 192.168.1.106 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
16 276 fe80::/64 On-link
11 276 fe80::/64 On-link
16 276 fe80::7d17:b88e:9274:eb43/128
On-link
11 276 fe80::c85f:a440:750b:b7e8/128
On-link
1 306 ff00::/8 On-link
16 276 ff00::/8 On-link
11 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (01/28/2013 10:23:14 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (01/28/2013 10:00:30 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (01/28/2013 08:29:40 PM) (Source: Application Hang) (User: )
Description: The program chrome.exe version 24.0.1312.56 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 13b8

Start Time: 01cdfd35c08bd6ab

Termination Time: 679

Application Path: C:\Users\Peter\AppData\Local\Google\Chrome\Application\chrome.exe

Report Id: 62008c43-6989-11e2-ace5-001f16c25db7

Error: (01/28/2013 08:16:02 PM) (Source: Application Error) (User: )
Description: Faulting application name: POWERPNT.EXE, version: 12.0.6600.1000, time stamp: 0x4de50c7e
Faulting module name: ppcore.dll, version: 12.0.6654.5000, time stamp: 0x4e8d280f
Exception code: 0xc0000005
Fault offset: 0x005f22c0
Faulting process id: 0x1a74
Faulting application start time: 0xPOWERPNT.EXE0
Faulting application path: POWERPNT.EXE1
Faulting module path: POWERPNT.EXE2
Report Id: POWERPNT.EXE3

Error: (01/27/2013 02:21:12 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1123

Error: (01/27/2013 02:21:12 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1123

Error: (01/27/2013 02:21:12 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/27/2013 00:06:46 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2028

Error: (01/27/2013 00:06:46 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2028

Error: (01/27/2013 00:06:46 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (01/29/2013 06:13:12 AM) (Source: Service Control Manager) (User: )
Description: The Mobile IP Route Manager service failed to start due to the following error:
%%1275

Error: (01/29/2013 06:13:12 AM) (Source: Application Popup) (User: )
Description: \??\C:\Windows\SysWow64\drivers\mdvrmng.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (01/28/2013 11:46:23 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (01/28/2013 11:46:23 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (01/28/2013 11:46:23 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (01/28/2013 11:46:21 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (01/28/2013 11:46:21 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (01/28/2013 11:46:21 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (01/28/2013 11:44:21 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (01/28/2013 11:44:21 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068


Microsoft Office Sessions:
=========================
Error: (01/28/2013 08:15:58 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6600.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 37950 seconds with 0 seconds of active time. This session ended with a crash.

Error: (12/08/2012 10:32:50 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6662.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 3163 seconds with 1500 seconds of active time. This session ended with a crash.

Error: (11/17/2012 05:45:44 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 21300 seconds with 16560 seconds of active time. This session ended with a crash.


CodeIntegrity Errors:
===================================
Date: 2012-11-19 21:48:51.740
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Acer\Acer ePower Management\SysHook.dll because the set of per-page image hashes could not be found on the system.

Date: 2012-11-19 21:48:51.433
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Acer\Acer ePower Management\SysHook.dll because the set of per-page image hashes could not be found on the system.

Date: 2011-07-01 03:12:53.962
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system.

Date: 2011-06-30 21:59:16.691
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system.

Date: 2011-06-30 21:46:30.353
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system.

Date: 2011-06-30 20:51:43.188
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system.

Date: 2011-06-30 20:32:51.268
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system.

Date: 2011-06-30 20:14:08.573
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system.

Date: 2011-06-30 20:04:07.253
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system.

Date: 2011-06-30 19:50:34.679
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system.


=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
3Connect (Version: 3.0.0)
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
Acer Arcade Deluxe (Version: 3.0.7020)
Acer Backup Manager (Version: 2.0.0.22)
Acer Crystal Eye Webcam (Version: 5.2.7.1)
Acer ePower Management (Version: 4.05.3002)
Acer eRecovery Management (Version: 4.05.3002)
Acer GameZone Console (Version: 5.1.0.2)
Acer GridVista (Version: 3.01.0730)
Acer Registration (Version: 1.02.3004)
Acer ScreenSaver (Version: 1.5.0715)
Acer Updater (Version: 1.01.3014)
Acrobat.com (Version: 1.6.65)
Adapter 1.0.3.0
Adobe AIR (Version: 3.5.0.1060)
Adobe Flash Player 11 ActiveX (Version: 11.5.502.146)
Adobe Reader X (10.1.5) (Version: 10.1.5)
Alice Greenfingers
Amazon Kindle
Amazon MP3 Downloader 1.0.17 (Version: 1.0.17)
Amazon Music Importer (Version: 2.0.1)
Amazonia
AppInventor Setup (Version: 1.1)
Apple Application Support (Version: 2.3)
Apple Mobile Device Support (Version: 6.0.0.59)
Apple Software Update (Version: 2.1.3.127)
Backup Manager Basic (Version: 2.0.0.22)
BBC iPlayer Desktop (Version: 3.2.15)
Bing Bar (Version: 7.1.391.0)
blinkbox Download Manager (Version: 2.0.7)
Bonjour (Version: 3.0.0.10)
Broadcom Gigabit NetLink Controller (Version: 12.26.02)
calibre (Version: 0.9.4)
Chicken Invaders 2
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
D3DX10 (Version: 15.4.2368.0902)
Dairy Dash
Dream Day First Home
Dropbox (Version: 1.6.11)
EasyWorship 2009 (Version: 2009.01.09)
ESET Online Scanner v3
eSobi v2 (Version: 2.0.4.000274)
Evernote v. 4.6 (Version: 4.6.0.7670)
Farm Frenzy 2
FreeMind (Version: 0.9.0)
Google Chrome (Version: 24.0.1312.56)
Google Drive (Version: 1.7.4018.3496)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.4.3607.2246)
Google Update Helper (Version: 1.3.21.123)
Granny In Paradise
GSAK 8.1.0.10 (Final)
HandBrake 0.9.8 (Version: 0.9.8)
Heroes of Hellas
HP Photo Creations (Version: 1.0.0.5192)
HP Photosmart 5510 series Basic Device Software (Version: 25.0.621.0)
HP Photosmart 5510 series Help (Version: 140.0.2.2)
HTC Driver Installer (Version: 2.0.7.016)
Huawei modem
iCloud (Version: 2.0.2.187)
Identity Card (Version: 1.00.3001)
Inkscape 0.48.1 (Version: 0.48.1)
Intel® Graphics Media Accelerator Driver (Version: 8.15.10.1892)
Intel® Matrix Storage Manager
iTunes (Version: 10.7.0.21)
Java 7 Update 9 (Version: 7.0.90)
Java Auto Updater (Version: 2.1.9.0)
Java™ 6 Update 31 (Version: 6.0.310)
Junk Mail filter update (Version: 15.4.3502.0922)
Kies Air Discovery Service
Launch Manager (Version: 3.0.01)
LSI HDA Modem (Version: 2.1.94)
Malwarebytes Anti-Malware version 1.70.0.1100 (Version: 1.70.0.1100)
Merriam Websters Spell Jam
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft IntelliPoint 8.1 (Version: 8.15.406.0)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Suite Activation Assistant (Version: 2.9)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Security Client (Version: 4.1.0522.0)
Microsoft Security Essentials (Version: 4.1.522.0)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Works (Version: 9.7.0621)
Mozilla Thunderbird (5.0) (Version: 5.0 (en-US))
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MyWinLocker (Version: 3.1.72.0)
Notepad App
Notepad++ (Version: 5.9.2)
NTI Media Maker 8 (Version: 8.0.12.6619)
Oracle VM VirtualBox 4.1.6 (Version: 4.1.6)
Picasa 3 (Version: 3.8)
Pradis Do Not Remove (Version: 5.17.0013)
Pradis: Creative Bible Lessons (Version: 5.17.0013)
PuTTY version 0.60 (Version: 0.60)
QuickTime (Version: 7.73.80.64)
Rapport (Version: 3.5.1205.18)
Realtek High Definition Audio Driver (Version: 6.0.1.5911)
Realtek USB 2.0 Card Reader (Version: 6.1.7100.30093)
Skype Click to Call (Version: 5.9.9216)
Skype™ 6.1 (Version: 6.1.129)
Star Defender 4
Synaptics Pointing Device Driver (Version: 13.2.2.0)
TightVNC (Version: 2.5.2.0)
UltraVnc (Version: 1.0.9.6.1)
UltraVnc (Version: 1.1.0)
Unity Web Player (Version: )
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Welcome Center (Version: 1.00.3005)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Sync (Version: 14.0.8064.206)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
WinSCP 4.3.3 (Version: 4.3.3)
XBMC

========================= Memory info: ===================================

Percentage of memory in use: 71%
Total physical RAM: 3000.93 MB
Available physical RAM: 849.61 MB
Total Pagefile: 6000.04 MB
Available Pagefile: 2940.14 MB
Total Virtual: 4095.88 MB
Available Virtual: 3972.64 MB

========================= Partitions: =====================================

1 Drive c: (ACER) (Fixed) (Total:221.07 GB) (Free:140.95 GB) NTFS

========================= Users: ========================================

User accounts for \\SHINYTHING

Administrator Gillian Guest
Peter

========================= Minidump Files ==================================

No minidump file found

========================= Restore Points ==================================

25-12-2012 18:03:16 Windows Update
31-12-2012 15:59:07 Windows Update
31-12-2012 17:18:37 Installed Evernote v. 4.6
01-01-2013 11:23:23 Windows Update
04-01-2013 12:52:12 Windows Update
10-01-2013 20:52:38 Windows Update
15-01-2013 21:21:02 Installed Rapport
15-01-2013 21:23:33 Windows Update
21-01-2013 03:54:48 Windows Update
25-01-2013 02:20:11 Windows Update
29-01-2013 06:23:52 Windows Update

**** End of log ****


FSS
---

Farbar Service Scanner Version: 16-01-2013
Ran by Peter (administrator) on 29-01-2013 at 08:42:50
Running from "C:\Users\Peter\Downloads"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Attempt to access Google IP returned error. Google IP is offline
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll
[2012-12-13 10:51] - [2012-08-21 13:09] - 0219136 ____A (Microsoft Corporation) 136760C1E9697BAF4ECDEAE5590A0806

C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

Adware Cleaner
--------------

# AdwCleaner v2.109 - Logfile created 01/29/2013 at 08:44:21
# Updated 26/01/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Peter - SHINYTHING
# Boot Mode : Normal
# Running from : C:\Users\Peter\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\ProgramData\Partner
Folder Deleted : C:\Users\Gillian\AppData\Local\Temp\boost_interprocess

***** [Registry] *****

Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\ImInstaller
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_install_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_install_RASMANCS
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}
Key Deleted : HKU\S-1-5-21-3030138700-2445171958-2339525778-1003\Software\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Registry is clean.

-\\ Google Chrome v24.0.1312.56

File : C:\Users\Gillian\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

File : C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [1601 octets] - [29/01/2013 08:43:58]
AdwCleaner[S1].txt - [1552 octets] - [29/01/2013 08:44:21]

########## EOF - C:\AdwCleaner[S1].txt - [1612 octets] ##########



JUNKWARE REMOVAL TOOL - NOT RUN - Reported by Chrome as malicious.




rkill
-----

Rkill 2.4.6 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 01/29/2013 08:51:16 AM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* C:\Windows\PLFSetI.exe (PID: 3440) [WD-HEUR]

1 proccess terminated!

Checking Registry for malware related settings:

* Explorer Policy Removed: NoActiveDesktopChanges [HKLM]

Backup Registry file created at:
C:\Users\Peter\Desktop\rkill\rkill-01-29-2013-08-51-56.reg

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* No issues found.

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* No issues found.

Program finished at: 01/29/2013 08:52:12 AM
Execution time: 0 hours(s), 0 minute(s), and 55 seconds(s)



AUTORUNS
--------

"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Acer ePower Management" "ePowerTray" "Acer Incorporated" "c:\program files\acer\acer epower management\epowertray.exe"
+ "HotKeysCmds" "hkcmd Module" "Intel Corporation" "c:\windows\system32\hkcmd.exe"
+ "IAAnotif" "Event Monitor User Notification Tool" "Intel Corporation" "c:\program files (x86)\intel\intel matrix storage manager\iaanotif.exe"
+ "IgfxTray" "igfxTray Module" "Intel Corporation" "c:\windows\system32\igfxtray.exe"
+ "IntelliPoint" "IPoint.exe" "Microsoft Corporation" "c:\program files\microsoft intellipoint\ipoint.exe"
+ "MSC" "Microsoft Security Client User Interface" "Microsoft Corporation" "c:\program files\microsoft security client\msseces.exe"
+ "mwlDaemon" "MyWinLocker" "Egis Technology Inc." "c:\program files (x86)\egistec\mywinlocker 3\x86\mwldaemon.exe"
+ "Persistence" "persistence Module" "Intel Corporation" "c:\windows\system32\igfxpers.exe"
+ "PLFSetI" "DefaultSettingEXE MFC Application" "" "c:\windows\plfseti.exe"
+ "RtHDVCpl" "Realtek HD Audio Manager" "Realtek Semiconductor" "c:\program files\realtek\audio\hda\ravcpl64.exe"
+ "SynTPEnh" "Synaptics TouchPad Enhancements" "Synaptics Incorporated" "c:\program files\synaptics\syntp\syntpenh.exe"
+ "tvncontrol" "TightVNC Server" "GlavSoft LLC." "c:\program files\tightvnc\tvnserver.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Adobe ARM" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe"
+ "APSDaemon" "Apple Push" "Apple Inc." "c:\program files (x86)\common files\apple\apple application support\apsdaemon.exe"
+ "ArcadeDeluxeAgent" "Acer Arcade Deluxe Resident Program" "CyberLink Corp." "c:\program files (x86)\acer arcade deluxe\acer arcade deluxe\arcadedeluxeagent.exe"
+ "BackupManagerTray" "Acer Backup Manager" "NewTech Infosystems, Inc." "c:\program files (x86)\newtech infosystems\acer backup manager\backupmanagertray.exe"
+ "EgisTecLiveUpdate" "EgisUpdate Release Application" "Egis Technology Inc." "c:\program files (x86)\egistec egis software update\egisupdate.exe"
+ "iTunesHelper" "iTunesHelper" "Apple Inc." "c:\program files (x86)\itunes\ituneshelper.exe"
+ "LManager" "Launch Manager Keyboard Application" "Dritek System Inc." "c:\program files (x86)\launch manager\lmanager.exe"
+ "PlayMovie" "Acer Arcade Deluxe PlayMovie Resident Program" "Acer Corp." "c:\program files (x86)\acer arcade deluxe\playmovie\pmvservice.exe"
+ "QuickTime Task" "QuickTime Task" "Apple Inc." "c:\program files (x86)\quicktime\qttask.exe"
+ "SunJavaUpdateSched" "Java™ Update Scheduler" "Sun Microsystems, Inc." "c:\program files (x86)\common files\java\java update\jusched.exe"
"C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "BBC iPlayer Desktop.lnk" "" "" "c:\program files (x86)\bbc iplayer desktop\bbc iplayer desktop.exe"
+ "Dropbox.lnk" "Dropbox" "Dropbox, Inc." "c:\users\peter\appdata\roaming\dropbox\bin\dropbox.exe"
+ "EvernoteClipper.lnk" "Evernote Clipper" "Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041" "c:\program files (x86)\evernote\evernote\evernoteclipper.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files (x86)\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Google Update" "Google Installer" "Google Inc." "c:\users\peter\appdata\local\google\update\googleupdate.exe"
+ "GoogleDriveSync" "Google Drive" "Google" "c:\program files (x86)\google\drive\googledrivesync.exe"
+ "Skype" "Skype " "Skype Technologies S.A." "c:\program files (x86)\skype\phone\skype.exe"
+ "swg" "GoogleToolbarNotifier" "Google Inc." "c:\program files (x86)\google\googletoolbarnotifier\googletoolbarnotifier.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "text/xml" "Microsoft Office XML MIME Filter" "Microsoft Corporation" "c:\program files\common files\microsoft shared\office12\msoxmlmf.dll"
"HKCU\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "DropboxExt" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\peter\appdata\roaming\dropbox\bin\dropboxext64.17.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "EDSshellExt" "Shell Extention" "Egis Technology Inc." "c:\program files (x86)\egistec\mywinlocker 3\x64\mwlshellext.dll"
+ "EPP" "Microsoft Security Client Shell Extension" "Microsoft Corporation" "c:\program files\microsoft security client\shellext.dll"
+ "Notepad++64" "ShellHandler for Notepad++ (64 bit)" "" "c:\program files (x86)\notepad++\nppshell_04.dll"
+ "PhotoStreamsExt" "" "" "c:\program files\common files\apple\internet services\shellstreams64.dll"
"HKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "EDSshellExt" "Shell Extention" "Egis Technology Inc." "c:\program files (x86)\egistec\mywinlocker 3\x86\mwlshellext.dll"
+ "PhotoStreamsExt" "ShellStreams.dll" "Apple Inc." "c:\program files (x86)\common files\apple\internet services\shellstreams.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
"HKCU\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "DropboxExt" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\peter\appdata\roaming\dropbox\bin\dropboxext64.17.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "EDSshellExt" "Shell Extention" "Egis Technology Inc." "c:\program files (x86)\egistec\mywinlocker 3\x64\mwlshellext.dll"
+ "EPP" "Microsoft Security Client Shell Extension" "Microsoft Corporation" "c:\program files\microsoft security client\shellext.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "EDSshellExt" "Shell Extention" "Egis Technology Inc." "c:\program files (x86)\egistec\mywinlocker 3\x86\mwlshellext.dll"
"HKLM\Software\Classes\Directory\Shellex\CopyHookHandlers" "" "" ""
+ "WinSCPCopyHook" "Drag&Drop shell extension for WinSCP (64-bit)" "Martin Prikryl" "c:\program files (x86)\winscp\dragext64.dll"
"HKCU\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "DropboxExt" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\peter\appdata\roaming\dropbox\bin\dropboxext64.17.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll"
+ "igfxcui" "igfxpph Module" "Intel Corporation" "c:\windows\system32\igfxpph.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files (x86)\windows sidebar\sbdrop.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "DropboxExt1" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\peter\appdata\roaming\dropbox\bin\dropboxext64.17.dll"
+ "DropboxExt2" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\peter\appdata\roaming\dropbox\bin\dropboxext64.17.dll"
+ "DropboxExt3" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\peter\appdata\roaming\dropbox\bin\dropboxext64.17.dll"
+ "DropboxExt4" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\peter\appdata\roaming\dropbox\bin\dropboxext64.17.dll"
+ "egisPSDP" "PSD DragDrop Protection" "Egis Technology Inc." "c:\program files (x86)\egistec\mywinlocker 3\x64\psdprotect.dll"
+ "GDriveBlacklistedOverlay" "Google Drive shell extension" "Google" "c:\program files (x86)\google\drive\googledrivesync64.dll"
+ "GDriveSharedOverlay" "Google Drive shell extension" "Google" "c:\program files (x86)\google\drive\googledrivesync64.dll"
+ "GDriveSyncedOverlay" "Google Drive shell extension" "Google" "c:\program files (x86)\google\drive\googledrivesync64.dll"
+ "GDriveSyncingOverlay" "Google Drive shell extension" "Google" "c:\program files (x86)\google\drive\googledrivesync64.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "DropboxExt1" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\peter\appdata\roaming\dropbox\bin\dropboxext.17.dll"
+ "DropboxExt2" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\peter\appdata\roaming\dropbox\bin\dropboxext.17.dll"
+ "DropboxExt3" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\peter\appdata\roaming\dropbox\bin\dropboxext.17.dll"
+ "egisPSDP" "PSD DragDrop Protection" "Egis Technology Inc." "c:\program files (x86)\egistec\mywinlocker 3\x86\psdprotect.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Google Toolbar Helper" "Google Toolbar" "Google Inc." "c:\program files (x86)\google\google toolbar\googletoolbar_64.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "Bing Bar Helper" "Bing Client Extensions" "Microsoft Corporation." "c:\program files (x86)\microsoft\bingbar\7.1.391.0\bingext.dll"
+ "Google Toolbar Helper" "Google Toolbar" "Google Inc." "c:\program files (x86)\google\google toolbar\googletoolbar_32.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files (x86)\java\jre7\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files (x86)\java\jre7\bin\ssv.dll"
+ "Skype Browser Helper" "Skype Click to Call for Internet Explorer" "Skype Technologies S.A." "c:\program files (x86)\skype\toolbars\internet explorer\skypeieplugin.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "Google Toolbar" "Google Toolbar" "Google Inc." "c:\program files (x86)\google\google toolbar\googletoolbar_64.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "Bing" "Bing Client Extensions" "Microsoft Corporation." "c:\program files (x86)\microsoft\bingbar\7.1.391.0\bingext.dll"
+ "Google Toolbar" "Google Toolbar" "Google Inc." "c:\program files (x86)\google\google toolbar\googletoolbar_32.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "&Blog This in Windows Live Writer" "Windows Live Writer Blog This Extension" "Microsoft Corporation" "c:\program files (x86)\windows live\writer\writerbrowserextension.dll"
+ "Add to Evernote 4" "" "" "File not found: C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204"
+ "S&end to OneNote" "Microsoft Office OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office12\onbttnie.dll"
+ "Skype Click to Call" "Skype Click to Call for Internet Explorer" "Skype Technologies S.A." "c:\program files (x86)\skype\toolbars\internet explorer\skypeieplugin.dll"
"Task Scheduler" "" "" ""
+ "\GoogleUpdateTaskUserS-1-5-21-3030138700-2445171958-2339525778-1003Core" "Google Installer" "Google Inc." "c:\users\peter\appdata\local\google\update\googleupdate.exe"
+ "\GoogleUpdateTaskUserS-1-5-21-3030138700-2445171958-2339525778-1003UA" "Google Installer" "Google Inc." "c:\users\peter\appdata\local\google\update\googleupdate.exe"
+ "\HP Photo Creations Messager" "" "" "c:\programdata\hp photo creations\messagecheck.exe"
+ "\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan" "Microsoft Malware Protection Command Line Utility" "Microsoft Corporation" "c:\program files\microsoft security client\mpcmdrun.exe"
+ "\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task" "Windows Live Social Object Extractor Engine" "Microsoft Corporation" "c:\program files (x86)\windows live\soxe\wlsoxe.dll"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe"
+ "\Microsoft_Hardware_Launch_IPoint_exe" "IPoint.exe" "Microsoft Corporation" "c:\program files\microsoft intellipoint\ipoint.exe"
+ "\ScanToPCActivationApp.exe_{E5177331-76C7-49F3-8A1E-55BE6907210A}" "ScanToPCActivationApp" "Hewlett-Packard Co." "c:\program files\hp\hp photosmart 5510 series\bin\scantopcactivationapp.exe"
+ "\{8C3320A8-4F2A-44C9-A5C6-68ED88C41B7E}" "Skype " "Skype Technologies S.A." "c:\program files (x86)\skype\phone\skype.exe"
+ "\{FE3BD22D-53BC-46E3-B23F-B65A4636F9A5}" "Google Chrome" "Google Inc." "c:\users\peter\appdata\local\google\chrome\application\chrome.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "AdobeARMservice" "Adobe Acrobat Updater keeps your Adobe software up to date." "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe"
+ "AdobeFlashPlayerUpdateSvc" "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes." "Adobe Systems Incorporated" "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe"
+ "AgereModemAudio" "LSI Soft Modem Call Progress Service" "LSI Corporation" "c:\program files\lsi softmodem\agr64svc.exe"
+ "Apple Mobile Device" "Provides the interface to Apple mobile devices." "Apple Inc." "c:\program files (x86)\common files\apple\mobile device support\applemobiledeviceservice.exe"
+ "BBSvc" "Keeps Bing Bar up-to-date. Disabling this service might prevent updates and expose your computer to security vulnerabilities or functional flaws in Bing Bar." "Microsoft Corporation." "c:\program files (x86)\microsoft\bingbar\7.1.391.0\bbsvc.exe"
+ "BBUpdate" "Enables the detection, download and installation of up-to-date configuration files for Bing Bar. Also provides server communication for the customer experience improvement program. Stopping or disabling this service may prevent you from getting the latest updates for Bing Bar, which may expose your computer to security vulnerabilities or functional flaws in the Bing Bar." "Microsoft Corporation." "c:\program files (x86)\microsoft\bingbar\7.1.391.0\seaport.exe"
+ "BecHelperService" "Enable Bec updates" "" "c:\program files (x86)\3 mobile broadband\3connect\bechelperservice.exe"
+ "Bonjour Service" "Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence." "Apple Inc." "c:\program files\bonjour\mdnsresponder.exe"
+ "ePowerSvc" "Acer ePower Service" "Acer Incorporated" "c:\program files\acer\acer epower management\epowersvc.exe"
+ "Greg_Service" "Global Registration Service" "Acer Incorporated" "c:\program files (x86)\acer\registration\greghsrw.exe"
+ "gupdate" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "gupdatem" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "gusvc" "Google Updater keeps your Google software up to date. If Google Updater Service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work." "Google" "c:\program files (x86)\google\common\google updater\googleupdaterservice.exe"
+ "IAANTMON" "RAID Monitor" "Intel Corporation" "c:\program files (x86)\intel\intel matrix storage manager\iaantmon.exe"
+ "iPod Service" "iPod hardware management services" "Apple Inc." "c:\program files\ipod\bin\ipodservice.exe"
+ "MsMpSvc" "Helps protect users from malware and other potentially unwanted software" "Microsoft Corporation" "c:\program files\microsoft security client\msmpeng.exe"
+ "MWLService" "MyWinLocker Service" "Egis Technology Inc." "c:\program files (x86)\egistec\mywinlocker 3\x86\mwlservice.exe"
+ "NisSrv" "Helps guard against intrusion attempts targeting known and newly discovered vulnerabilities in network protocols" "Microsoft Corporation" "c:\program files\microsoft security client\nissrv.exe"
+ "NTI IScheduleSvc" "NTI IShadow Manage backup/Sync jobs and etc..." "NewTech Infosystems, Inc." "c:\program files (x86)\newtech infosystems\acer backup manager\ischedulesvc.exe"
+ "odserv" "Run portions of Microsoft Office Diagnostics." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\office12\odserv.exe"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\source engine\ose.exe"
+ "RapportMgmtService" "Central Rapport Management and Monitoring Service" "Trusteer Ltd." "c:\program files (x86)\trusteer\rapport\bin\rapportmgmtservice.exe"
+ "SkypeUpdate" "Enables the detection, download and installation of updates for Skype." "Skype Technologies" "c:\program files (x86)\skype\updater\updater.exe"
+ "tvnserver" "TightVNC Server" "GlavSoft LLC." "c:\program files\tightvnc\tvnserver.exe"
+ "Updater Service" "Acer Update Service" "Acer" "c:\program files\acer\acer updater\updaterservice.exe"
+ "uvnc_service" "Provides secure remote desktop sharing" "UltraVNC" "c:\program files\ultravnc\winvnc.exe"
+ "WinDefend" "Protection against spyware and potentially unwanted software" "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll"
+ "wlidsvc" "Enables Windows Live ID authentication." "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidsvc.exe"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver (X64)" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "AgereSoftModem" "SoftModem Device Driver" "LSI Corporation" "c:\windows\system32\drivers\agrsm64.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "athr" "Atheros Extensible Wireless LAN device driver" "Atheros Communications, Inc." "c:\windows\system32\drivers\athrx.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbda.sys"
+ "b57nd60a" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60a.sys"
+ "BCM43XX" "Broadcom 802.11 Network Adapter wireless driver" "Broadcom Corporation" "c:\windows\system32\drivers\bcmwl664.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "DKbFltr" "Dritek 64-bit PS/2 Keyboard Filter Driver" "Dritek System Inc." "c:\windows\syswow64\drivers\dkbfltr.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbda.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
+ "GEARAspiWDM" "CD DVD Filter" "GEAR Software Inc." "c:\windows\system32\drivers\gearaspiwdm.sys"
+ "grmnusb" "grmnusb.sys" "GARMIN Corp." "c:\windows\system32\drivers\grmnusb.sys"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys"
+ "HTCAND64" "ADB Interface" "HTC, Corporation" "c:\windows\system32\drivers\androidusb.sys"
+ "hwdatacard" "USB Modem/Serial Device Driver" "Huawei Technologies Co., Ltd." "c:\windows\system32\drivers\ewusbmdm.sys"
+ "hwusbdev" "USB Modem/Serial Device Driver" "Huawei Technologies Co., Ltd." "c:\windows\system32\drivers\ewusbdev.sys"
+ "iaStor" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastor.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "igfx" "Intel Graphics Kernel Mode Driver" "Intel Corporation" "c:\windows\system32\drivers\igdkmd64.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "IntcAzAudAddService" "Realtek® High Definition Audio Function Driver" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtkvhd64.sys"
+ "IntcHdmiAddService" "Intel® High Definition Audio HDMI" "Intel® Corporation" "c:\windows\system32\drivers\intchdmi.sys"
+ "k57nd60a" "Broadcom NetLink ™ Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\k57nd60a.sys"
+ "L1E" "Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller(NDIS6.20)" "Atheros Communications, Inc." "c:\windows\system32\drivers\l1e62x64.sys"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys"
+ "mdvrmng" "" "" "File not found: C:\Windows\system32\drivers\mdvrmng.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
+ "mv2" "UltraVnc miniport driver2" "UVNC BVBA" "c:\windows\system32\drivers\mv2.sys"
+ "mwlPSDFilter" "mwlPSDFilter Filter Driver" "Egis Technology Inc." "c:\windows\system32\drivers\mwlpsdfilter.sys"
+ "mwlPSDNServ" "mwlPSDNServ Driver" "Egis Technology Inc." "c:\windows\system32\drivers\mwlpsdnserv.sys"
+ "mwlPSDVDisk" "mwlPSDVdisk Driver" "Egis Technology Inc." "c:\windows\system32\drivers\mwlpsdvdisk.sys"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "NTIDrvr" "NTI CD-ROM Filter Driver" "NewTech Infosystems, Inc." "c:\windows\system32\drivers\ntidrvr.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
+ "RapportCerberus_43926" "" "" "c:\programdata\trusteer\rapport\store\exts\rapportcerberus\43926\rapportcerberus64_43926.sys"
+ "RapportEI64" "RapportEI64" "Trusteer Ltd." "c:\program files (x86)\trusteer\rapport\bin\x64\rapportei64.sys"
+ "RapportKE64" "RapportKE" "Trusteer Ltd." "c:\windows\system32\drivers\rapportke64.sys"
+ "RapportPG64" "RapportPG64" "Trusteer Ltd." "c:\program files (x86)\trusteer\rapport\bin\x64\rapportpg64.sys"
+ "RSUSBSTOR" "Realtek USB Mass Storage Driver for 2K/XP/Vista/Win7" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtsustor.sys"
+ "RtsUIR" "" "" "File not found: system32\DRIVERS\Rts516xIR.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
+ "stexstor" "Promise SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys"
+ "SynTP" "Synaptics Touchpad Driver" "Synaptics Incorporated" "c:\windows\system32\drivers\syntp.sys"
+ "UBHelper" "NTI CDROM Filter Driver" "NewTech Infosystems Corporation" "c:\windows\system32\drivers\ubhelper.sys"
+ "USBCCID" "" "" "File not found: system32\DRIVERS\RtsUCcid.sys"
+ "VBoxDrv" "VirtualBox Support Driver" "Oracle Corporation" "c:\windows\system32\drivers\vboxdrv.sys"
+ "VBoxNetAdp" "VirtualBox Host-Only Network Adapter Driver" "Oracle Corporation" "c:\windows\system32\drivers\vboxnetadp.sys"
+ "VBoxNetFlt" "VirtualBox Bridged Networking Driver" "Oracle Corporation" "c:\windows\system32\drivers\vboxnetflt.sys"
+ "VBoxUSBMon" "VirtualBox USB Monitor Driver" "Oracle Corporation" "c:\windows\system32\drivers\vboxusbmon.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codeca.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\syswow64\iccvid.dll"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "Capture File Writer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "CL_EVRWindow" "CLEvr" "CyberLink Corp." "c:\program files (x86)\acer arcade deluxe\homemedia\kernel\dmp\clevr.dll"
+ "CyberLink Audio Decoder" "CyberLink Audio Decoder Filter" "CyberLink Corp." "c:\program files (x86)\acer arcade deluxe\homemedia\kernel\dmp\claud61.ax"
+ "CyberLink Audio Decoder (PLAYMV)" "CyberLink Audio Decoder Filter" "CyberLink Corp." "c:\program files (x86)\acer arcade deluxe\playmovie\audiofilter\claud.ax"
+ "CyberLink Audio Effect (PLAYMV)" "CyberLink Audio Effect Filter" "CyberLink Corporation" "c:\program files (x86)\acer arcade deluxe\playmovie\audiofilter\claudfx.ax"
+ "CyberLink Audio Spectrum Analyzer (HomeNetwork)" "CLAudSpa.ax" "CyberLink Corp." "c:\program files (x86)\acer arcade deluxe\homemedia\kernel\dmp\claudspa.ax"
+ "CyberLink Demultiplexer(Scramble)" "MPEG-2 Dempltiplexer" "CyberLink Corp." "c:\program files (x86)\acer arcade deluxe\homemedia\kernel\dmp\cldemuxer.ax"
+ "CyberLink DVD Navigator (PLAYMV)" "CyberLink DVD Navigation Filter" "CyberLink Corp." "c:\program files (x86)\acer arcade deluxe\playmovie\navfilter\clnavx.ax"
+ "CyberLink Line21 Decoder (PLAYMV)" "CyberLink Line21 Decoder Filter" "CyberLink Corp." "c:\program files (x86)\acer arcade deluxe\playmovie\videofilter\clline21.ax"
+ "CyberLink MPEG Splitter" "CyberLink MPEG Splitter" "CyberLink Corp." "c:\program files (x86)\acer arcade deluxe\homemedia\kernel\dmp\clsplter.ax"
+ "CyberLink Push-Mode CLStream" "CLStream" "CyberLink" "c:\program files (x86)\acer arcade deluxe\homemedia\kernel\dmp\clstream(pushmode).ax"
+ "CyberLink Push-Mode CLStream (cURL)" "CLStream" "CyberLink" "c:\program files (x86)\acer arcade deluxe\homemedia\kernel\dmp\clstream(multilib).ax"
+ "CyberLink SAC Video Decoder" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files (x86)\acer arcade deluxe\homemedia\kernel\dmp\clvsd.ax"
+ "Cyberlink Streamming Filter" "Cyberlink Streaming Source Filter(Scramble)" "CyberLink Corp." "c:\program files (x86)\acer arcade deluxe\homemedia\kernel\dmp\clstream.ax"
+ "Cyberlink SubTitle (PMV)" "CLSubTitle.ax" "CyberLink Corp." "c:\program files (x86)\acer arcade deluxe\playmovie\videofilter\clsubtitle.ax"
+ "CyberLink TimeStretch Filter (PLAYMV)" "CLAuTS.ax" "CyberLink Corp." "c:\program files (x86)\acer arcade deluxe\playmovie\audiofilter\clauts.ax"
+ "CyberLink TimeStretch Filter(HomeNetwork)" "CLAuTS.ax" "CyberLink Corp." "c:\program files (x86)\acer arcade deluxe\homemedia\kernel\dmp\clauts.ax"
+ "CyberLink Tzan Filter (PLAYMV)" "Cyberlink Tzan Filter" "CyberLink Corp." "c:\program files (x86)\acer arcade deluxe\playmovie\videofilter\cltzan.ax"
+ "CyberLink Video/SP Decoder (PLAYMV)" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files (x86)\acer arcade deluxe\playmovie\videofilter\clvsd.ax"
+ "CyberLink WMV/WMA Demultiplexer" "WMV/WMA Demux" "CyberLink" "c:\program files (x86)\acer arcade deluxe\homemedia\kernel\dmp\clwmfdemux.ax"
+ "Record Queue" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "SlideShow" "" "" "c:\program files (x86)\newtech infosystems\nti media maker 8\photo maker\slideshow.ax"
+ "WM VIH2 Fix" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT DV Extract Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Sample Info Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Switch Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Renderer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Source" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers" "" "" ""
+ "WLIDCredentialProvider" "Microsoft® Windows Live ID Credential Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidcredprov.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" "" "" ""
+ "igfxcui" "igfxdev Module" "Intel Corporation" "c:\windows\system32\igfxdev.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files (x86)\bonjour\mdnsnsp.dll"
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files\bonjour\mdnsnsp.dll"
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "BJ Language Monitor3_2" "Canon Inkjet Printer Driver" "CANON INC." "c:\windows\system32\cnblm3_2.dll"
+ "HP a111 Status Monitor" "Print Status Language Monitor" "Hewlett-Packard Co." "c:\windows\system32\hpinkstsa111lm.dll"
+ "HP Discovery Port Monitor (HP Photosmart 5510 series)" "HP Discovery Port Monitor" "Hewlett-Packard Co." "c:\windows\system32\hpdiscopma111.dll"


*** END OF MY REPLY ***

#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:39 AM

Posted 29 January 2013 - 01:44 PM

Current issues?

#8 Dizzleyboy

Dizzleyboy
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:10:39 AM

Posted 30 January 2013 - 05:59 AM

narenxp - I am experiencing no current issues.

Thank you for your assistance.

#9 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:39 AM

Posted 30 January 2013 - 06:49 AM

That looks good

Remove temporary and junk files

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode


Create a new restore point

Follow this guide to turn off and turn on your restore points

XP- http://support.microsoft.com/kb/310405

Vista & windows 7- http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Turn off your system restore-It deletes old infected restore points

Turn on system restore and create a new restore point

Update JAVA and Flash player

Uninstall old version of java from control panel-Add or remove programs.Download the latest version from here

http://java.com/en/

Update your flash player

Antivirus recommendations

Update your antivirus frequently.Two free antivirus that i would suggest are

Microsoft security essentials or Avast.You can select either one of them.

If you have a paid one,make sure to update it frequently.Do not use multiple security softwares.

Informative guides that could prevent you from being infected again

How did I get infected?

http://www.bleepingcomputer.com/forums/topic2520.html

Best Practices for Safe Computing - Prevention of Malware Infection

http://www.bleepingcomputer.com/forums/topic407147.html

Simple and easy ways to keep your computer safe and secure on the Internet

http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/

Safe surfing :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users