Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Redirect Virus-Chrome, IE and FFox


  • Please log in to reply
20 replies to this topic

#1 paddlegal

paddlegal

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:04:43 AM

Posted 02 February 2013 - 02:18 PM

Today while signing into my pc's administrator account a black window with (partially) the phrase "reg.exe" displayed quickly. I have read in a couple of places about changing your registry and reg.exe is NOT a valid entry for that process, is it?

I also have the redirect virus on my pc and cannot get rid of it. Panda Cloud Anti-virus and Microsoft Security Essentials can 'see' this (cookie?) and indicate that it has been deleted, or isolated, but I still experience redirects whenever I search for something on Google and click a result.

Help Please! I have read through a couple of posts on this forum where you have given help regarding this redirect virus. I sure hope you can help me clean up my pc!

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:43 AM

Posted 02 February 2013 - 03:25 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 paddlegal

paddlegal
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:04:43 AM

Posted 02 February 2013 - 07:48 PM

TDSSiller Log

15:39:49.0580 1240 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
15:39:50.0252 1240 ============================================================
15:39:50.0252 1240 Current date / time: 2013/02/02 15:39:50.0252
15:39:50.0252 1240 SystemInfo:
15:39:50.0252 1240
15:39:50.0252 1240 OS Version: 6.1.7601 ServicePack: 1.0
15:39:50.0252 1240 Product type: Workstation
15:39:50.0252 1240 ComputerName: CONIPOOH-PC
15:39:50.0253 1240 UserName: Conipooh
15:39:50.0253 1240 Windows directory: C:\Windows
15:39:50.0253 1240 System windows directory: C:\Windows
15:39:50.0253 1240 Running under WOW64
15:39:50.0253 1240 Processor architecture: Intel x64
15:39:50.0253 1240 Number of processors: 4
15:39:50.0253 1240 Page size: 0x1000
15:39:50.0253 1240 Boot type: Normal boot
15:39:50.0253 1240 ============================================================
15:39:52.0875 1240 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:39:52.0903 1240 Drive \Device\Harddisk1\DR1 - Size: 0x75E00000 (1.84 Gb), SectorSize: 0x200, Cylinders: 0xF0, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
15:39:52.0931 1240 ============================================================
15:39:52.0931 1240 \Device\Harddisk0\DR0:
15:39:52.0935 1240 MBR partitions:
15:39:52.0935 1240 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2000800, BlocksNum 0x32000
15:39:52.0936 1240 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2032800, BlocksNum 0x1B192800
15:39:52.0936 1240 \Device\Harddisk1\DR1:
15:39:52.0937 1240 MBR partitions:
15:39:52.0937 1240 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x6, StartLBA 0x87, BlocksNum 0x3AE039
15:39:52.0937 1240 ============================================================
15:39:52.0996 1240 C: <-> \Device\Harddisk0\DR0\Partition2
15:39:52.0996 1240 ============================================================
15:39:52.0996 1240 Initialize success
15:39:52.0996 1240 ============================================================
15:40:09.0781 3388 ============================================================
15:40:09.0781 3388 Scan started
15:40:09.0781 3388 Mode: Manual;
15:40:09.0781 3388 ============================================================
15:40:10.0829 3388 ================ Scan system memory ========================
15:40:10.0829 3388 System memory - ok
15:40:10.0830 3388 ================ Scan services =============================
15:40:11.0024 3388 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
15:40:11.0029 3388 1394ohci - ok
15:40:11.0091 3388 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
15:40:11.0098 3388 ACPI - ok
15:40:11.0159 3388 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
15:40:11.0173 3388 AcpiPmi - ok
15:40:11.0370 3388 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:40:11.0376 3388 AdobeFlashPlayerUpdateSvc - ok
15:40:11.0458 3388 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
15:40:11.0467 3388 adp94xx - ok
15:40:11.0515 3388 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
15:40:11.0523 3388 adpahci - ok
15:40:11.0555 3388 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
15:40:11.0560 3388 adpu320 - ok
15:40:11.0606 3388 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
15:40:11.0609 3388 AeLookupSvc - ok
15:40:11.0709 3388 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
15:40:11.0720 3388 AFD - ok
15:40:11.0774 3388 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
15:40:11.0778 3388 agp440 - ok
15:40:12.0106 3388 [ B9B98E08EC127900025F42462D3D0A66 ] Akamai c:\program files (x86)\common files\akamai/netsession_win_ce5ba24.dll
15:40:12.0107 3388 Suspicious file (Hidden): c:\program files (x86)\common files\akamai/netsession_win_ce5ba24.dll. md5: B9B98E08EC127900025F42462D3D0A66
15:40:12.0121 3388 Akamai ( HiddenFile.Multi.Generic ) - warning
15:40:12.0121 3388 Akamai - detected HiddenFile.Multi.Generic (1)
15:40:12.0160 3388 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
15:40:12.0164 3388 ALG - ok
15:40:12.0213 3388 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
15:40:12.0217 3388 aliide - ok
15:40:12.0243 3388 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
15:40:12.0246 3388 amdide - ok
15:40:12.0293 3388 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
15:40:12.0298 3388 AmdK8 - ok
15:40:12.0340 3388 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
15:40:12.0344 3388 AmdPPM - ok
15:40:12.0397 3388 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
15:40:12.0401 3388 amdsata - ok
15:40:12.0440 3388 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
15:40:12.0445 3388 amdsbs - ok
15:40:12.0468 3388 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
15:40:12.0472 3388 amdxata - ok
15:40:12.0533 3388 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
15:40:12.0536 3388 AppID - ok
15:40:12.0572 3388 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
15:40:12.0576 3388 AppIDSvc - ok
15:40:12.0620 3388 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
15:40:12.0623 3388 Appinfo - ok
15:40:12.0669 3388 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
15:40:12.0674 3388 arc - ok
15:40:12.0697 3388 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
15:40:12.0702 3388 arcsas - ok
15:40:12.0777 3388 aspnet_state - ok
15:40:12.0820 3388 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
15:40:12.0824 3388 AsyncMac - ok
15:40:12.0877 3388 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
15:40:12.0878 3388 atapi - ok
15:40:12.0955 3388 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:40:12.0966 3388 AudioEndpointBuilder - ok
15:40:12.0984 3388 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
15:40:12.0992 3388 AudioSrv - ok
15:40:13.0070 3388 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
15:40:13.0076 3388 AxInstSV - ok
15:40:13.0186 3388 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
15:40:13.0197 3388 b06bdrv - ok
15:40:13.0232 3388 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
15:40:13.0240 3388 b57nd60a - ok
15:40:13.0289 3388 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
15:40:13.0293 3388 BDESVC - ok
15:40:13.0335 3388 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
15:40:13.0339 3388 Beep - ok
15:40:13.0415 3388 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
15:40:13.0428 3388 BFE - ok
15:40:13.0505 3388 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
15:40:13.0555 3388 BITS - ok
15:40:13.0592 3388 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
15:40:13.0607 3388 blbdrive - ok
15:40:13.0720 3388 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
15:40:13.0746 3388 bowser - ok
15:40:13.0791 3388 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:40:13.0819 3388 BrFiltLo - ok
15:40:13.0830 3388 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:40:13.0833 3388 BrFiltUp - ok
15:40:13.0912 3388 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
15:40:13.0921 3388 Browser - ok
15:40:13.0988 3388 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
15:40:14.0003 3388 Brserid - ok
15:40:14.0039 3388 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
15:40:14.0058 3388 BrSerWdm - ok
15:40:14.0111 3388 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
15:40:14.0130 3388 BrUsbMdm - ok
15:40:14.0158 3388 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
15:40:14.0172 3388 BrUsbSer - ok
15:40:14.0195 3388 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
15:40:14.0199 3388 BTHMODEM - ok
15:40:14.0257 3388 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
15:40:14.0275 3388 bthserv - ok
15:40:14.0352 3388 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
15:40:14.0356 3388 cdfs - ok
15:40:14.0480 3388 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
15:40:14.0497 3388 cdrom - ok
15:40:14.0573 3388 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
15:40:14.0584 3388 CertPropSvc - ok
15:40:14.0670 3388 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
15:40:14.0690 3388 circlass - ok
15:40:14.0756 3388 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
15:40:14.0767 3388 CLFS - ok
15:40:14.0818 3388 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:40:14.0878 3388 clr_optimization_v2.0.50727_32 - ok
15:40:15.0010 3388 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:40:15.0035 3388 clr_optimization_v2.0.50727_64 - ok
15:40:15.0232 3388 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:40:15.0241 3388 clr_optimization_v4.0.30319_32 - ok
15:40:15.0357 3388 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:40:15.0372 3388 clr_optimization_v4.0.30319_64 - ok
15:40:15.0424 3388 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
15:40:15.0435 3388 CmBatt - ok
15:40:15.0455 3388 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
15:40:15.0467 3388 cmdide - ok
15:40:15.0548 3388 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys
15:40:15.0608 3388 CNG - ok
15:40:15.0659 3388 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
15:40:15.0689 3388 Compbatt - ok
15:40:15.0768 3388 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
15:40:15.0794 3388 CompositeBus - ok
15:40:15.0817 3388 COMSysApp - ok
15:40:15.0874 3388 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
15:40:15.0887 3388 crcdisk - ok
15:40:15.0954 3388 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
15:40:15.0964 3388 CryptSvc - ok
15:40:16.0100 3388 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
15:40:16.0117 3388 DcomLaunch - ok
15:40:16.0232 3388 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
15:40:16.0241 3388 defragsvc - ok
15:40:16.0319 3388 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
15:40:16.0337 3388 DfsC - ok
15:40:16.0454 3388 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
15:40:16.0469 3388 Dhcp - ok
15:40:16.0526 3388 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
15:40:16.0552 3388 discache - ok
15:40:16.0655 3388 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
15:40:16.0689 3388 Disk - ok
15:40:16.0743 3388 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
15:40:16.0756 3388 Dnscache - ok
15:40:16.0873 3388 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
15:40:16.0887 3388 dot3svc - ok
15:40:16.0967 3388 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
15:40:16.0971 3388 DPS - ok
15:40:17.0012 3388 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
15:40:17.0015 3388 drmkaud - ok
15:40:17.0087 3388 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
15:40:17.0104 3388 DXGKrnl - ok
15:40:17.0171 3388 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
15:40:17.0186 3388 EapHost - ok
15:40:17.0421 3388 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
15:40:17.0534 3388 ebdrv - ok
15:40:17.0580 3388 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
15:40:17.0583 3388 EFS - ok
15:40:17.0675 3388 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
15:40:17.0687 3388 ehRecvr - ok
15:40:17.0732 3388 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
15:40:17.0737 3388 ehSched - ok
15:40:17.0809 3388 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
15:40:17.0825 3388 elxstor - ok
15:40:17.0861 3388 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
15:40:17.0864 3388 ErrDev - ok
15:40:17.0968 3388 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
15:40:17.0976 3388 EventSystem - ok
15:40:18.0002 3388 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
15:40:18.0028 3388 exfat - ok
15:40:18.0079 3388 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
15:40:18.0105 3388 fastfat - ok
15:40:18.0291 3388 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
15:40:18.0302 3388 Fax - ok
15:40:18.0352 3388 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
15:40:18.0367 3388 fdc - ok
15:40:18.0403 3388 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
15:40:18.0406 3388 fdPHost - ok
15:40:18.0443 3388 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
15:40:18.0455 3388 FDResPub - ok
15:40:18.0489 3388 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
15:40:18.0492 3388 FileInfo - ok
15:40:18.0523 3388 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
15:40:18.0525 3388 Filetrace - ok
15:40:18.0548 3388 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
15:40:18.0550 3388 flpydisk - ok
15:40:18.0611 3388 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
15:40:18.0618 3388 FltMgr - ok
15:40:18.0741 3388 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
15:40:18.0784 3388 FontCache - ok
15:40:18.0874 3388 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:40:18.0877 3388 FontCache3.0.0.0 - ok
15:40:18.0919 3388 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
15:40:18.0922 3388 FsDepends - ok
15:40:18.0960 3388 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
15:40:18.0969 3388 Fs_Rec - ok
15:40:19.0025 3388 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
15:40:19.0034 3388 fvevol - ok
15:40:19.0084 3388 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
15:40:19.0087 3388 gagp30kx - ok
15:40:19.0157 3388 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
15:40:19.0171 3388 GamesAppService - ok
15:40:19.0294 3388 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
15:40:19.0309 3388 gpsvc - ok
15:40:19.0377 3388 [ 0191DEE9B9EB7902AF2CF4F67301095D ] GREGService C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
15:40:19.0389 3388 GREGService - ok
15:40:19.0521 3388 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:40:19.0525 3388 gupdate - ok
15:40:19.0561 3388 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:40:19.0564 3388 gupdatem - ok
15:40:19.0616 3388 [ C1B577B2169900F4CF7190C39F085794 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
15:40:19.0620 3388 gusvc - ok
15:40:19.0659 3388 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
15:40:19.0662 3388 hcw85cir - ok
15:40:19.0762 3388 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:40:19.0770 3388 HdAudAddService - ok
15:40:19.0830 3388 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
15:40:19.0834 3388 HDAudBus - ok
15:40:19.0871 3388 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
15:40:19.0888 3388 HidBatt - ok
15:40:19.0923 3388 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
15:40:19.0926 3388 HidBth - ok
15:40:19.0950 3388 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
15:40:19.0953 3388 HidIr - ok
15:40:19.0984 3388 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
15:40:19.0987 3388 hidserv - ok
15:40:20.0043 3388 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
15:40:20.0052 3388 HidUsb - ok
15:40:20.0097 3388 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
15:40:20.0182 3388 hkmsvc - ok
15:40:20.0282 3388 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:40:20.0299 3388 HomeGroupListener - ok
15:40:20.0375 3388 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:40:20.0381 3388 HomeGroupProvider - ok
15:40:20.0461 3388 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
15:40:20.0484 3388 HpSAMD - ok
15:40:20.0677 3388 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
15:40:20.0691 3388 HTTP - ok
15:40:20.0746 3388 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
15:40:20.0762 3388 hwpolicy - ok
15:40:20.0829 3388 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
15:40:20.0856 3388 i8042prt - ok
15:40:20.0967 3388 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
15:40:21.0003 3388 iaStorV - ok
15:40:21.0197 3388 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:40:21.0246 3388 idsvc - ok
15:40:21.0313 3388 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
15:40:21.0317 3388 iirsp - ok
15:40:21.0444 3388 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
15:40:21.0458 3388 IKEEXT - ok
15:40:21.0620 3388 [ 96B0A408842B0E214EDCB41E89438999 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
15:40:21.0699 3388 IntcAzAudAddService - ok
15:40:21.0752 3388 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
15:40:21.0768 3388 intelide - ok
15:40:21.0816 3388 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
15:40:21.0820 3388 intelppm - ok
15:40:21.0851 3388 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
15:40:21.0863 3388 IPBusEnum - ok
15:40:21.0904 3388 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:40:21.0908 3388 IpFilterDriver - ok
15:40:21.0997 3388 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
15:40:22.0018 3388 iphlpsvc - ok
15:40:22.0065 3388 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
15:40:22.0079 3388 IPMIDRV - ok
15:40:22.0113 3388 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
15:40:22.0117 3388 IPNAT - ok
15:40:22.0151 3388 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
15:40:22.0154 3388 IRENUM - ok
15:40:22.0171 3388 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
15:40:22.0174 3388 isapnp - ok
15:40:22.0239 3388 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
15:40:22.0245 3388 iScsiPrt - ok
15:40:22.0277 3388 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
15:40:22.0280 3388 kbdclass - ok
15:40:22.0326 3388 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
15:40:22.0340 3388 kbdhid - ok
15:40:22.0380 3388 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
15:40:22.0383 3388 KeyIso - ok
15:40:22.0433 3388 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
15:40:22.0448 3388 KSecDD - ok
15:40:22.0488 3388 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
15:40:22.0493 3388 KSecPkg - ok
15:40:22.0533 3388 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
15:40:22.0536 3388 ksthunk - ok
15:40:22.0572 3388 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
15:40:22.0581 3388 KtmRm - ok
15:40:22.0658 3388 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
15:40:22.0732 3388 LanmanServer - ok
15:40:22.0781 3388 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:40:22.0787 3388 LanmanWorkstation - ok
15:40:22.0823 3388 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
15:40:22.0826 3388 lltdio - ok
15:40:22.0902 3388 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
15:40:22.0910 3388 lltdsvc - ok
15:40:22.0930 3388 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
15:40:22.0933 3388 lmhosts - ok
15:40:22.0982 3388 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
15:40:22.0986 3388 LSI_FC - ok
15:40:23.0003 3388 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
15:40:23.0007 3388 LSI_SAS - ok
15:40:23.0025 3388 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:40:23.0028 3388 LSI_SAS2 - ok
15:40:23.0041 3388 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:40:23.0045 3388 LSI_SCSI - ok
15:40:23.0078 3388 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
15:40:23.0083 3388 luafv - ok
15:40:23.0126 3388 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
15:40:23.0142 3388 Mcx2Svc - ok
15:40:23.0176 3388 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
15:40:23.0179 3388 megasas - ok
15:40:23.0204 3388 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
15:40:23.0210 3388 MegaSR - ok
15:40:23.0247 3388 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
15:40:23.0259 3388 MMCSS - ok
15:40:23.0277 3388 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
15:40:23.0280 3388 Modem - ok
15:40:23.0332 3388 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
15:40:23.0348 3388 monitor - ok
15:40:23.0374 3388 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
15:40:23.0377 3388 mouclass - ok
15:40:23.0414 3388 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
15:40:23.0417 3388 mouhid - ok
15:40:23.0461 3388 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
15:40:23.0473 3388 mountmgr - ok
15:40:23.0516 3388 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
15:40:23.0521 3388 mpio - ok
15:40:23.0562 3388 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
15:40:23.0570 3388 mpsdrv - ok
15:40:23.0636 3388 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
15:40:23.0650 3388 MpsSvc - ok
15:40:23.0693 3388 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
15:40:23.0697 3388 MRxDAV - ok
15:40:23.0742 3388 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
15:40:23.0747 3388 mrxsmb - ok
15:40:23.0805 3388 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:40:23.0812 3388 mrxsmb10 - ok
15:40:23.0865 3388 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:40:23.0880 3388 mrxsmb20 - ok
15:40:23.0927 3388 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
15:40:23.0930 3388 msahci - ok
15:40:23.0980 3388 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
15:40:23.0985 3388 msdsm - ok
15:40:24.0013 3388 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
15:40:24.0019 3388 MSDTC - ok
15:40:24.0075 3388 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
15:40:24.0083 3388 Msfs - ok
15:40:24.0092 3388 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
15:40:24.0095 3388 mshidkmdf - ok
15:40:24.0112 3388 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
15:40:24.0134 3388 msisadrv - ok
15:40:24.0192 3388 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
15:40:24.0198 3388 MSiSCSI - ok
15:40:24.0207 3388 msiserver - ok
15:40:24.0248 3388 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
15:40:24.0259 3388 MSKSSRV - ok
15:40:24.0284 3388 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
15:40:24.0289 3388 MSPCLOCK - ok
15:40:24.0330 3388 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
15:40:24.0332 3388 MSPQM - ok
15:40:24.0405 3388 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
15:40:24.0418 3388 MsRPC - ok
15:40:24.0472 3388 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
15:40:24.0490 3388 mssmbios - ok
15:40:24.0528 3388 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
15:40:24.0531 3388 MSTEE - ok
15:40:24.0561 3388 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
15:40:24.0564 3388 MTConfig - ok
15:40:24.0595 3388 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
15:40:24.0598 3388 Mup - ok
15:40:24.0632 3388 [ 6FFECC25B39DC7652A0CEC0ADA9DB589 ] mwlPSDFilter C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
15:40:24.0635 3388 mwlPSDFilter - ok
15:40:24.0669 3388 [ 0BEFE32CA56D6EE89D58175725596A85 ] mwlPSDNServ C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
15:40:24.0672 3388 mwlPSDNServ - ok
15:40:24.0707 3388 [ D43BC633B8660463E446E28E14A51262 ] mwlPSDVDisk C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
15:40:24.0710 3388 mwlPSDVDisk - ok
15:40:24.0770 3388 [ 3E5E20817259F7328C8F3BE5421F35B9 ] MWLService C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe
15:40:24.0784 3388 MWLService - ok
15:40:24.0879 3388 [ 9E8BA0FF3E70C52328148F075200086C ] NanoServiceMain C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSANHost.exe
15:40:24.0883 3388 NanoServiceMain - ok
15:40:24.0942 3388 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
15:40:24.0961 3388 napagent - ok
15:40:25.0045 3388 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
15:40:25.0052 3388 NativeWifiP - ok
15:40:25.0154 3388 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
15:40:25.0178 3388 NDIS - ok
15:40:25.0212 3388 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
15:40:25.0215 3388 NdisCap - ok
15:40:25.0260 3388 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
15:40:25.0263 3388 NdisTapi - ok
15:40:25.0307 3388 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
15:40:25.0310 3388 Ndisuio - ok
15:40:25.0370 3388 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
15:40:25.0390 3388 NdisWan - ok
15:40:25.0429 3388 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
15:40:25.0432 3388 NDProxy - ok
15:40:25.0599 3388 [ 7D2633295EB6FF2B938185874884059D ] Nero BackItUp Scheduler 4.0 C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
15:40:25.0625 3388 Nero BackItUp Scheduler 4.0 - ok
15:40:25.0661 3388 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
15:40:25.0678 3388 NetBIOS - ok
15:40:25.0727 3388 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
15:40:25.0733 3388 NetBT - ok
15:40:25.0747 3388 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
15:40:25.0750 3388 Netlogon - ok
15:40:25.0806 3388 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
15:40:25.0816 3388 Netman - ok
15:40:25.0847 3388 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
15:40:25.0856 3388 netprofm - ok
15:40:25.0919 3388 [ AF5F224A600F50B7D2B77F4AE59C1ABE ] netr28x C:\Windows\system32\DRIVERS\netr28x.sys
15:40:25.0937 3388 netr28x - ok
15:40:25.0972 3388 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:40:25.0977 3388 NetTcpPortSharing - ok
15:40:26.0015 3388 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
15:40:26.0018 3388 nfrd960 - ok
15:40:26.0093 3388 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
15:40:26.0108 3388 NlaSvc - ok
15:40:26.0161 3388 [ E7B45AFEB9EFC5EF3E71E1E5795957BB ] NNSALPC C:\Windows\system32\DRIVERS\NNSAlpc.sys
15:40:26.0182 3388 NNSALPC - ok
15:40:26.0232 3388 [ E1B9D490FCC75365E1DDDB2BD06138C0 ] NNSHTTP C:\Windows\system32\DRIVERS\NNSHttp.sys
15:40:26.0236 3388 NNSHTTP - ok
15:40:26.0280 3388 [ C1FE11B72308CAF0DC0A98A23F7AA98F ] NNSIDS C:\Windows\system32\DRIVERS\NNSIds.sys
15:40:26.0285 3388 NNSIDS - ok
15:40:26.0323 3388 [ 0DCF0AF0ABBF324928B6DC7B022155D6 ] NNSNAHSL C:\Windows\system32\DRIVERS\NNSNAHSL.sys
15:40:26.0326 3388 NNSNAHSL - ok
15:40:26.0407 3388 [ 95B99852C46CBE1700C6ACB7F1B98591 ] NNSPICC C:\Windows\system32\DRIVERS\NNSPicc.sys
15:40:26.0412 3388 NNSPICC - ok
15:40:26.0540 3388 [ 5A17FD36BABAF805CE235B4E36BD63E8 ] NNSPIHSW C:\Windows\system32\DRIVERS\NNSPihsw.sys
15:40:26.0558 3388 NNSPIHSW - ok
15:40:26.0574 3388 [ ABA13F88ACDE0347567AE3D832824745 ] NNSPOP3 C:\Windows\system32\DRIVERS\NNSPop3.sys
15:40:26.0579 3388 NNSPOP3 - ok
15:40:26.0673 3388 [ 3781A2FE63CF23F31FB50BC3DD044D02 ] NNSPROT C:\Windows\system32\DRIVERS\NNSProt.sys
15:40:26.0681 3388 NNSPROT - ok
15:40:26.0759 3388 [ 548F850616F139E610B620FC9328338C ] NNSPRV C:\Windows\system32\DRIVERS\NNSPrv.sys
15:40:26.0768 3388 NNSPRV - ok
15:40:26.0793 3388 [ 24886A82FBC72580104CC8F1496CE708 ] NNSSMTP C:\Windows\system32\DRIVERS\NNSSmtp.sys
15:40:26.0814 3388 NNSSMTP - ok
15:40:26.0844 3388 [ 2B7E077344A24F31015FF3C276174646 ] NNSSTRM C:\Windows\system32\DRIVERS\NNSStrm.sys
15:40:26.0861 3388 NNSSTRM - ok
15:40:26.0948 3388 [ 3983FC86B5AC68FBE8C55E120166D146 ] NNSTLSC C:\Windows\system32\DRIVERS\NNSTlsc.sys
15:40:26.0968 3388 NNSTLSC - ok
15:40:26.0993 3388 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
15:40:26.0996 3388 Npfs - ok
15:40:27.0041 3388 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
15:40:27.0045 3388 nsi - ok
15:40:27.0066 3388 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
15:40:27.0069 3388 nsiproxy - ok
15:40:27.0208 3388 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
15:40:27.0277 3388 Ntfs - ok
15:40:27.0318 3388 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
15:40:27.0334 3388 Null - ok
15:40:27.0384 3388 [ CDDD4478757288DF4BB1494BFD084259 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
15:40:27.0398 3388 NVHDA - ok
15:40:27.0895 3388 [ 5104BAC2DA2A5BDD86AC6B0708B00F06 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
15:40:28.0218 3388 nvlddmkm - ok
15:40:28.0270 3388 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
15:40:28.0327 3388 nvraid - ok
15:40:28.0458 3388 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
15:40:28.0539 3388 nvstor - ok
15:40:28.0640 3388 [ DDFAFCE89A5C93D04712B86F94E9FCBA ] nvsvc C:\Windows\system32\nvvsvc.exe
15:40:28.0656 3388 nvsvc - ok
15:40:28.0864 3388 [ 84E035225474E48CD3A6A3CE52332095 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
15:40:28.0910 3388 nvUpdatusService - ok
15:40:28.0983 3388 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
15:40:29.0010 3388 nv_agp - ok
15:40:29.0080 3388 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
15:40:29.0098 3388 ohci1394 - ok
15:40:29.0189 3388 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
15:40:29.0198 3388 p2pimsvc - ok
15:40:29.0261 3388 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
15:40:29.0271 3388 p2psvc - ok
15:40:29.0314 3388 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
15:40:29.0338 3388 Parport - ok
15:40:29.0403 3388 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
15:40:29.0421 3388 partmgr - ok
15:40:29.0479 3388 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
15:40:29.0485 3388 PcaSvc - ok
15:40:29.0532 3388 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
15:40:29.0537 3388 pci - ok
15:40:29.0556 3388 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
15:40:29.0559 3388 pciide - ok
15:40:29.0605 3388 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
15:40:29.0611 3388 pcmcia - ok
15:40:29.0636 3388 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
15:40:29.0639 3388 pcw - ok
15:40:29.0666 3388 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
15:40:29.0679 3388 PEAUTH - ok
15:40:29.0755 3388 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
15:40:29.0760 3388 PerfHost - ok
15:40:29.0960 3388 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
15:40:30.0006 3388 pla - ok
15:40:30.0074 3388 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
15:40:30.0085 3388 PlugPlay - ok
15:40:30.0130 3388 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
15:40:30.0135 3388 PNRPAutoReg - ok
15:40:30.0169 3388 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
15:40:30.0176 3388 PNRPsvc - ok
15:40:30.0300 3388 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
15:40:30.0312 3388 PolicyAgent - ok
15:40:30.0396 3388 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
15:40:30.0414 3388 Power - ok
15:40:30.0500 3388 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
15:40:30.0505 3388 PptpMiniport - ok
15:40:30.0533 3388 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
15:40:30.0537 3388 Processor - ok
15:40:30.0593 3388 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
15:40:30.0600 3388 ProfSvc - ok
15:40:30.0637 3388 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:40:30.0640 3388 ProtectedStorage - ok
15:40:30.0705 3388 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
15:40:30.0709 3388 Psched - ok
15:40:30.0752 3388 [ 061E8188D41E24E094F941199E725531 ] PSINAflt C:\Windows\system32\DRIVERS\PSINAflt.sys
15:40:30.0759 3388 PSINAflt - ok
15:40:30.0826 3388 [ 98A6F5515BB8E84BF3D8097D71358FAF ] PSINFile C:\Windows\system32\DRIVERS\PSINFile.sys
15:40:30.0830 3388 PSINFile - ok
15:40:30.0908 3388 [ 836EEBF961B44FF5A394A6D118B606BA ] PSINKNC C:\Windows\system32\DRIVERS\psinknc.sys
15:40:30.0914 3388 PSINKNC - ok
15:40:30.0972 3388 [ 5DD7B2CC193DB76E8F913866AA75A74B ] PSINProc C:\Windows\system32\DRIVERS\PSINProc.sys
15:40:30.0976 3388 PSINProc - ok
15:40:31.0000 3388 [ 6324C85D8CAB05333DCDF3DA09BE7724 ] PSINProt C:\Windows\system32\DRIVERS\PSINProt.sys
15:40:31.0004 3388 PSINProt - ok
15:40:31.0058 3388 [ B3D55D17538F0FE4373206E82600D612 ] PSKMAD C:\Windows\system32\DRIVERS\PSKMAD.sys
15:40:31.0061 3388 PSKMAD - ok
15:40:31.0111 3388 [ 5F1CDC45F75F80206EFB177D1089E816 ] PSUAService C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUAService.exe
15:40:31.0126 3388 PSUAService - ok
15:40:31.0183 3388 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
15:40:31.0407 3388 ql2300 - ok
15:40:31.0435 3388 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
15:40:31.0442 3388 ql40xx - ok
15:40:31.0512 3388 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
15:40:31.0521 3388 QWAVE - ok
15:40:31.0576 3388 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
15:40:31.0580 3388 QWAVEdrv - ok
15:40:31.0620 3388 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
15:40:31.0639 3388 RasAcd - ok
15:40:31.0684 3388 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
15:40:31.0687 3388 RasAgileVpn - ok
15:40:31.0730 3388 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
15:40:31.0737 3388 RasAuto - ok
15:40:31.0822 3388 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
15:40:31.0848 3388 Rasl2tp - ok
15:40:31.0949 3388 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
15:40:31.0969 3388 RasMan - ok
15:40:32.0036 3388 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
15:40:32.0064 3388 RasPppoe - ok
15:40:32.0096 3388 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
15:40:32.0100 3388 RasSstp - ok
15:40:32.0164 3388 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
15:40:32.0191 3388 rdbss - ok
15:40:32.0238 3388 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
15:40:32.0273 3388 rdpbus - ok
15:40:32.0308 3388 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
15:40:32.0330 3388 RDPCDD - ok
15:40:32.0391 3388 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
15:40:32.0409 3388 RDPENCDD - ok
15:40:32.0437 3388 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
15:40:32.0440 3388 RDPREFMP - ok
15:40:32.0491 3388 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
15:40:32.0501 3388 RdpVideoMiniport - ok
15:40:32.0563 3388 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
15:40:32.0568 3388 RDPWD - ok
15:40:32.0679 3388 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
15:40:32.0684 3388 rdyboost - ok
15:40:32.0754 3388 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
15:40:32.0768 3388 RemoteAccess - ok
15:40:32.0813 3388 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
15:40:32.0831 3388 RemoteRegistry - ok
15:40:32.0928 3388 [ F12A68ED55053940CADD59CA5E3468DD ] RichVideo C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe
15:40:32.0938 3388 RichVideo - ok
15:40:32.0982 3388 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
15:40:32.0987 3388 RpcEptMapper - ok
15:40:33.0022 3388 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
15:40:33.0041 3388 RpcLocator - ok
15:40:33.0091 3388 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
15:40:33.0099 3388 RpcSs - ok
15:40:33.0158 3388 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
15:40:33.0187 3388 rspndr - ok
15:40:33.0261 3388 [ 7EA8D2EB9BBFD2AB8A3117A1E96D3B3A ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
15:40:33.0268 3388 RTL8167 - ok
15:40:33.0292 3388 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
15:40:33.0296 3388 SamSs - ok
15:40:33.0352 3388 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
15:40:33.0356 3388 sbp2port - ok
15:40:33.0419 3388 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
15:40:33.0433 3388 SCardSvr - ok
15:40:33.0488 3388 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
15:40:33.0504 3388 scfilter - ok
15:40:33.0903 3388 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
15:40:33.0917 3388 Schedule - ok
15:40:33.0964 3388 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
15:40:33.0966 3388 SCPolicySvc - ok
15:40:34.0013 3388 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
15:40:34.0020 3388 SDRSVC - ok
15:40:34.0061 3388 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
15:40:34.0064 3388 secdrv - ok
15:40:34.0106 3388 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
15:40:34.0111 3388 seclogon - ok
15:40:34.0138 3388 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
15:40:34.0143 3388 SENS - ok
15:40:34.0161 3388 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
15:40:34.0166 3388 SensrSvc - ok
15:40:34.0189 3388 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
15:40:34.0192 3388 Serenum - ok
15:40:34.0223 3388 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
15:40:34.0227 3388 Serial - ok
15:40:34.0272 3388 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
15:40:34.0292 3388 sermouse - ok
15:40:34.0361 3388 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
15:40:34.0367 3388 SessionEnv - ok
15:40:34.0426 3388 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
15:40:34.0429 3388 sffdisk - ok
15:40:34.0453 3388 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
15:40:34.0456 3388 sffp_mmc - ok
15:40:34.0502 3388 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
15:40:34.0505 3388 sffp_sd - ok
15:40:34.0540 3388 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
15:40:34.0543 3388 sfloppy - ok
15:40:34.0592 3388 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
15:40:34.0600 3388 SharedAccess - ok
15:40:34.0650 3388 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:40:34.0659 3388 ShellHWDetection - ok
15:40:34.0692 3388 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:40:34.0696 3388 SiSRaid2 - ok
15:40:34.0707 3388 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
15:40:34.0711 3388 SiSRaid4 - ok
15:40:34.0731 3388 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
15:40:34.0735 3388 Smb - ok
15:40:34.0792 3388 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
15:40:34.0797 3388 SNMPTRAP - ok
15:40:34.0830 3388 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
15:40:34.0833 3388 spldr - ok
15:40:34.0882 3388 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
15:40:34.0894 3388 Spooler - ok
15:40:35.0031 3388 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
15:40:35.0133 3388 sppsvc - ok
15:40:35.0171 3388 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
15:40:35.0177 3388 sppuinotify - ok
15:40:35.0228 3388 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
15:40:35.0238 3388 srv - ok
15:40:35.0259 3388 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
15:40:35.0268 3388 srv2 - ok
15:40:35.0293 3388 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
15:40:35.0298 3388 srvnet - ok
15:40:35.0350 3388 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
15:40:35.0357 3388 SSDPSRV - ok
15:40:35.0376 3388 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
15:40:35.0382 3388 SstpSvc - ok
15:40:35.0429 3388 Steam Client Service - ok
15:40:35.0542 3388 [ F0359F7CE712D69ACEF0886BDB4792ED ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
15:40:35.0548 3388 Stereo Service - ok
15:40:35.0581 3388 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
15:40:35.0584 3388 stexstor - ok
15:40:35.0642 3388 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
15:40:35.0655 3388 stisvc - ok
15:40:35.0693 3388 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
15:40:35.0696 3388 swenum - ok
15:40:35.0742 3388 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
15:40:35.0755 3388 swprv - ok
15:40:35.0837 3388 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
15:40:35.0864 3388 SysMain - ok
15:40:35.0910 3388 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:40:35.0916 3388 TabletInputService - ok
15:40:35.0970 3388 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
15:40:35.0979 3388 TapiSrv - ok
15:40:36.0016 3388 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
15:40:36.0023 3388 TBS - ok
15:40:36.0109 3388 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
15:40:36.0138 3388 Tcpip - ok
15:40:36.0209 3388 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
15:40:36.0228 3388 TCPIP6 - ok
15:40:36.0276 3388 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
15:40:36.0280 3388 tcpipreg - ok
15:40:36.0313 3388 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
15:40:36.0316 3388 TDPIPE - ok
15:40:36.0370 3388 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
15:40:36.0374 3388 TDTCP - ok
15:40:36.0432 3388 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
15:40:36.0436 3388 tdx - ok
15:40:36.0473 3388 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
15:40:36.0477 3388 TermDD - ok
15:40:36.0507 3388 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
15:40:36.0521 3388 TermService - ok
15:40:36.0553 3388 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
15:40:36.0558 3388 Themes - ok
15:40:36.0593 3388 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
15:40:36.0596 3388 THREADORDER - ok
15:40:36.0620 3388 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
15:40:36.0626 3388 TrkWks - ok
15:40:36.0698 3388 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:40:36.0703 3388 TrustedInstaller - ok
15:40:36.0755 3388 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
15:40:36.0759 3388 tssecsrv - ok
15:40:36.0815 3388 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
15:40:36.0818 3388 TsUsbFlt - ok
15:40:36.0884 3388 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
15:40:36.0889 3388 tunnel - ok
15:40:36.0923 3388 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
15:40:36.0926 3388 uagp35 - ok
15:40:36.0970 3388 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
15:40:36.0979 3388 udfs - ok
15:40:37.0024 3388 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
15:40:37.0030 3388 UI0Detect - ok
15:40:37.0051 3388 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
15:40:37.0055 3388 uliagpkx - ok
15:40:37.0111 3388 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
15:40:37.0115 3388 umbus - ok
15:40:37.0134 3388 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
15:40:37.0151 3388 UmPass - ok
15:40:37.0214 3388 [ F9EC9ACD504D823D9B9CA98A4F8D3CA2 ] Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
15:40:37.0218 3388 Updater Service - ok
15:40:37.0254 3388 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
15:40:37.0264 3388 upnphost - ok
15:40:37.0339 3388 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
15:40:37.0343 3388 usbaudio - ok
15:40:37.0388 3388 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
15:40:37.0392 3388 usbccgp - ok
15:40:37.0437 3388 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
15:40:37.0442 3388 usbcir - ok
15:40:37.0469 3388 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
15:40:37.0472 3388 usbehci - ok
15:40:37.0559 3388 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
15:40:37.0585 3388 usbhub - ok
15:40:37.0614 3388 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
15:40:37.0617 3388 usbohci - ok
15:40:37.0660 3388 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
15:40:37.0666 3388 usbprint - ok
15:40:37.0715 3388 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:40:37.0719 3388 USBSTOR - ok
15:40:37.0737 3388 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
15:40:37.0741 3388 usbuhci - ok
15:40:37.0771 3388 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
15:40:37.0776 3388 UxSms - ok
15:40:37.0792 3388 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
15:40:37.0796 3388 VaultSvc - ok
15:40:37.0851 3388 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
15:40:37.0855 3388 vdrvroot - ok
15:40:37.0928 3388 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
15:40:37.0941 3388 vds - ok
15:40:37.0977 3388 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
15:40:37.0980 3388 vga - ok
15:40:38.0000 3388 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
15:40:38.0003 3388 VgaSave - ok
15:40:38.0058 3388 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
15:40:38.0063 3388 vhdmp - ok
15:40:38.0104 3388 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
15:40:38.0107 3388 viaide - ok
15:40:38.0128 3388 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
15:40:38.0132 3388 volmgr - ok
15:40:38.0191 3388 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
15:40:38.0199 3388 volmgrx - ok
15:40:38.0260 3388 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
15:40:38.0267 3388 volsnap - ok
15:40:38.0309 3388 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
15:40:38.0314 3388 vsmraid - ok
15:40:38.0403 3388 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
15:40:38.0430 3388 VSS - ok
15:40:38.0453 3388 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
15:40:38.0457 3388 vwifibus - ok
15:40:38.0470 3388 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
15:40:38.0473 3388 vwififlt - ok
15:40:38.0513 3388 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
15:40:38.0516 3388 vwifimp - ok
15:40:38.0557 3388 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
15:40:38.0567 3388 W32Time - ok
15:40:38.0598 3388 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
15:40:38.0601 3388 WacomPen - ok
15:40:38.0669 3388 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
15:40:38.0673 3388 WANARP - ok
15:40:38.0682 3388 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
15:40:38.0684 3388 Wanarpv6 - ok
15:40:38.0793 3388 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
15:40:38.0813 3388 WatAdminSvc - ok
15:40:38.0934 3388 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
15:40:38.0987 3388 wbengine - ok
15:40:39.0103 3388 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
15:40:39.0116 3388 WbioSrvc - ok
15:40:39.0325 3388 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
15:40:39.0391 3388 wcncsvc - ok
15:40:39.0455 3388 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:40:39.0460 3388 WcsPlugInService - ok
15:40:39.0490 3388 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
15:40:39.0493 3388 Wd - ok
15:40:39.0553 3388 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
15:40:39.0567 3388 Wdf01000 - ok
15:40:39.0589 3388 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
15:40:39.0595 3388 WdiServiceHost - ok
15:40:39.0602 3388 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
15:40:39.0609 3388 WdiSystemHost - ok
15:40:39.0669 3388 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
15:40:39.0678 3388 WebClient - ok
15:40:39.0720 3388 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
15:40:39.0729 3388 Wecsvc - ok
15:40:39.0748 3388 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
15:40:39.0753 3388 wercplsupport - ok
15:40:39.0789 3388 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
15:40:39.0794 3388 WerSvc - ok
15:40:39.0819 3388 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
15:40:39.0822 3388 WfpLwf - ok
15:40:39.0852 3388 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
15:40:39.0856 3388 WIMMount - ok
15:40:39.0869 3388 WinDefend - ok
15:40:39.0881 3388 WinHttpAutoProxySvc - ok
15:40:39.0946 3388 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
15:40:39.0951 3388 Winmgmt - ok
15:40:40.0043 3388 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
15:40:40.0076 3388 WinRM - ok
15:40:40.0167 3388 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
15:40:40.0170 3388 WinUsb - ok
15:40:40.0220 3388 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
15:40:40.0237 3388 Wlansvc - ok
15:40:40.0296 3388 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
15:40:40.0300 3388 wlcrasvc - ok
15:40:40.0408 3388 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:40:40.0430 3388 wlidsvc - ok
15:40:40.0497 3388 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
15:40:40.0500 3388 WmiAcpi - ok
15:40:40.0547 3388 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
15:40:40.0552 3388 wmiApSrv - ok
15:40:40.0586 3388 WMPNetworkSvc - ok
15:40:40.0612 3388 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
15:40:40.0619 3388 WPCSvc - ok
15:40:40.0671 3388 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
15:40:40.0677 3388 WPDBusEnum - ok
15:40:40.0707 3388 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
15:40:40.0710 3388 ws2ifsl - ok
15:40:40.0724 3388 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
15:40:40.0730 3388 wscsvc - ok
15:40:40.0740 3388 WSearch - ok
15:40:40.0842 3388 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
15:40:40.0879 3388 wuauserv - ok
15:40:40.0926 3388 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
15:40:40.0930 3388 WudfPf - ok
15:40:40.0953 3388 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
15:40:40.0962 3388 WUDFRd - ok
15:40:40.0986 3388 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
15:40:40.0993 3388 wudfsvc - ok
15:40:41.0031 3388 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
15:40:41.0040 3388 WwanSvc - ok
15:40:41.0074 3388 ================ Scan global ===============================
15:40:41.0103 3388 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
15:40:41.0155 3388 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
15:40:41.0171 3388 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
15:40:41.0211 3388 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
15:40:41.0243 3388 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
15:40:41.0250 3388 [Global] - ok
15:40:41.0251 3388 ================ Scan MBR ==================================
15:40:41.0268 3388 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
15:40:41.0450 3388 \Device\Harddisk0\DR0 - ok
15:40:41.0460 3388 [ C19BFC6FABC0EA2885E1C247F67109EE ] \Device\Harddisk1\DR1
15:40:41.0473 3388 \Device\Harddisk1\DR1 - ok
15:40:41.0474 3388 ================ Scan VBR ==================================
15:40:41.0480 3388 [ 30435357B109989CCF50951B8BC1E5C1 ] \Device\Harddisk0\DR0\Partition1
15:40:41.0483 3388 \Device\Harddisk0\DR0\Partition1 - ok
15:40:41.0498 3388 [ ED734E78874C3C4ED735955781BCD509 ] \Device\Harddisk0\DR0\Partition2
15:40:41.0501 3388 \Device\Harddisk0\DR0\Partition2 - ok
15:40:41.0511 3388 [ 66F771E506B7169F5A42B31DA7E7C564 ] \Device\Harddisk1\DR1\Partition1
15:40:41.0514 3388 \Device\Harddisk1\DR1\Partition1 - ok
15:40:41.0515 3388 ============================================================
15:40:41.0515 3388 Scan finished
15:40:41.0515 3388 ============================================================
15:40:41.0544 2952 Detected object count: 1
15:40:41.0544 2952 Actual detected object count: 1
15:41:26.0812 2952 Akamai ( HiddenFile.Multi.Generic ) - skipped by user
15:41:26.0812 2952 Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip
15:42:22.0731 2788 Deinitialize success

aswMBR Log

aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2013-02-02 15:44:08
-----------------------------
15:44:08.164 OS Version: Windows x64 6.1.7601 Service Pack 1
15:44:08.165 Number of processors: 4 586 0x1C0A
15:44:08.167 ComputerName: CONIPOOH-PC UserName: Conipooh
15:44:09.031 Initialize success
15:51:22.273 AVAST engine defs: 13020200
15:55:13.388 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
15:55:13.394 Disk 0 Vendor: Hitachi_HTS545025B9A300 PB2OC60F Size: 238475MB BusType: 11
15:55:13.450 Disk 0 MBR read successfully
15:55:13.457 Disk 0 MBR scan
15:55:13.468 Disk 0 Windows 7 default MBR code
15:55:13.515 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 16384 MB offset 2048
15:55:13.556 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 33556480
15:55:13.598 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 221989 MB offset 33761280
15:55:13.698 Disk 0 scanning C:\Windows\system32\drivers
15:55:33.214 Service scanning
15:56:20.167 Modules scanning
15:56:20.187 Disk 0 trace - called modules:
15:56:20.219 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
15:56:20.235 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8002552060]
15:56:20.248 3 CLASSPNP.SYS[fffff8800165143f] -> nt!IofCallDriver -> [0xfffffa800186d040]
15:56:20.262 5 ACPI.sys[fffff8800100b7a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa80022e81f0]
15:56:21.030 AVAST engine scan C:\Windows
15:56:24.320 AVAST engine scan C:\Windows\system32
16:01:28.558 AVAST engine scan C:\Windows\system32\drivers
16:01:57.467 AVAST engine scan C:\Users\Conipooh
16:04:06.961 AVAST engine scan C:\ProgramData
16:05:57.401 Scan finished successfully
16:07:22.351 Disk 0 MBR has been saved successfully to "C:\Users\Conipooh\Documents\MBR.dat"
16:07:22.366 The log file has been saved successfully to "C:\Users\Conipooh\Documents\aswMBR.txt"


ESET List of threats

C:\Users\coni\AppData\Local\Google\Chrome\User Data\Default\Default\aagbgbdcgfdggfdedbdjdagbdegggggc\background.html Win32/BHO.OEI trojan cleaned by deleting - quarantined
C:\Users\coni\AppData\Local\Google\Chrome\User Data\Default\Default\aagbgbdcgfdggfdedbdjdagbdegggggc\ContentScript.js Win32/BHO.OEI trojan cleaned by deleting - quarantined

Here are the logs. I don't know what 'safe mode with networking' means but I did not have any crashes.

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:43 AM

Posted 02 February 2013 - 07:50 PM

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.


Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

#5 paddlegal

paddlegal
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:04:43 AM

Posted 02 February 2013 - 10:43 PM

Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Database version: v2013.02.02.10

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
Conipooh :: CONIPOOH-PC [administrator]

2/2/2013 7:08:21 PM
mbam-log-2013-02-02 (19-08-21).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 493374
Time elapsed: 1 hour(s), 23 minute(s), 59 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)


MiniToolBox by Farbar Version:10-01-2013
Ran by Conipooh (administrator) on 02-02-2013 at 20:39:00
Running from "C:\Users\Conipooh\Downloads"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Realtek PCIe GBE Family Controller = Local Area Connection (Connected)
Ralink 802.11n Wireless LAN Card = Wireless Network Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Conipooh-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : domain_not_set.invalid

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : 68-A3-C4-03-EA-37
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Ralink 802.11n Wireless LAN Card
Physical Address. . . . . . . . . : 68-A3-C4-03-EA-36
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : domain_not_set.invalid
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : D0-27-88-4E-F6-BE
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::18ca:86f5:7736:4491%10(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.0.3(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Saturday, February 02, 2013 12:38:08 PM
Lease Expires . . . . . . . . . . : Sunday, February 03, 2013 12:38:07 PM
Default Gateway . . . . . . . . . : 192.168.0.1
DHCP Server . . . . . . . . . . . : 192.168.0.1
DHCPv6 IAID . . . . . . . . . . . : 198190984
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-EC-AD-CB-D0-27-88-4E-F6-BE
DNS Servers . . . . . . . . . . . : 192.168.0.1
208.54.220.21
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{C6243AA4-A4F7-4AE5-ABD9-4B1F6FE3C296}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{BE8968B4-C411-4757-ABEC-EEA194A44E7F}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.domain_not_set.invalid:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : domain_not_set.invalid
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6ab8:4d9:5ad:b75e:4748(Preferred)
Link-local IPv6 Address . . . . . : fe80::4d9:5ad:b75e:4748%12(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: dslmodem.domain
Address: 192.168.0.1

DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
Name: google.com
Addresses: 2001:4860:4002:800::1003
74.125.227.8
74.125.227.9
74.125.227.14
74.125.227.0
74.125.227.1
74.125.227.2
74.125.227.3
74.125.227.4
74.125.227.5
74.125.227.6
74.125.227.7


Pinging google.com [74.125.227.9] with 32 bytes of data:
Reply from 74.125.227.9: bytes=32 time=32ms TTL=53
Reply from 74.125.227.9: bytes=32 time=33ms TTL=53

Ping statistics for 74.125.227.9:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 32ms, Maximum = 33ms, Average = 32ms
Server: dslmodem.domain
Address: 192.168.0.1

DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
Name: yahoo.com
Addresses: 98.138.253.109
98.139.183.24
206.190.36.45


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=128ms TTL=50
Reply from 98.139.183.24: bytes=32 time=86ms TTL=50

Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 86ms, Maximum = 128ms, Average = 107ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
14...68 a3 c4 03 ea 37 ......Microsoft Virtual WiFi Miniport Adapter
11...68 a3 c4 03 ea 36 ......Ralink 802.11n Wireless LAN Card
10...d0 27 88 4e f6 be ......Realtek PCIe GBE Family Controller
1...........................Software Loopback Interface 1
17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
15...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.3 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.0.0 255.255.255.0 On-link 192.168.0.3 276
192.168.0.3 255.255.255.255 On-link 192.168.0.3 276
192.168.0.255 255.255.255.255 On-link 192.168.0.3 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.0.3 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.0.3 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
12 58 ::/0 On-link
1 306 ::1/128 On-link
12 58 2001::/32 On-link
12 306 2001:0:9d38:6ab8:4d9:5ad:b75e:4748/128
On-link
10 276 fe80::/64 On-link
12 306 fe80::/64 On-link
12 306 fe80::4d9:5ad:b75e:4748/128
On-link
10 276 fe80::18ca:86f5:7736:4491/128
On-link
1 306 ff00::/8 On-link
12 306 ff00::/8 On-link
10 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 06 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 08 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 08 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (02/02/2013 04:47:00 PM) (Source: Application Error) (User: )
Description: Faulting application name: mscorsvw.exe, version: 4.0.30319.1, time stamp: 0x4ba21f5d
Faulting module name: ntdll.dll, version: 6.1.7601.17725, time stamp: 0x4ec4aa8e
Exception code: 0xc0000005
Fault offset: 0x000000000009970a
Faulting process id: 0x9a0
Faulting application start time: 0xmscorsvw.exe0
Faulting application path: mscorsvw.exe1
Faulting module path: mscorsvw.exe2
Report Id: mscorsvw.exe3

Error: (02/02/2013 04:33:38 PM) (Source: Application Error) (User: )
Description: Faulting application name: mscorsvw.exe, version: 4.0.30319.1, time stamp: 0x4ba21f5d
Faulting module name: ntdll.dll, version: 6.1.7601.17725, time stamp: 0x4ec4aa8e
Exception code: 0xc0000005
Fault offset: 0x000000000009970a
Faulting process id: 0x122c
Faulting application start time: 0xmscorsvw.exe0
Faulting application path: mscorsvw.exe1
Faulting module path: mscorsvw.exe2
Report Id: mscorsvw.exe3

Error: (02/02/2013 04:08:50 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (02/02/2013 04:08:39 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (02/02/2013 03:37:49 PM) (Source: Application Hang) (User: )
Description: The program chrome.exe version 24.0.1312.57 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: b88

Start Time: 01ce018cf315bf86

Termination Time: 213

Application Path: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

Report Id: c5dba633-6d80-11e2-ba42-d027884ef6be

Error: (02/02/2013 03:33:22 PM) (Source: Application Hang) (User: )
Description: The program chrome.exe version 24.0.1312.57 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: ed4

Start Time: 01ce017694383daf

Termination Time: 7114

Application Path: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

Report Id: 1e200767-6d80-11e2-ba42-d027884ef6be

Error: (02/02/2013 00:33:09 PM) (Source: Application Error) (User: )
Description: Faulting application name: mscorsvw.exe, version: 4.0.30319.1, time stamp: 0x4ba21f5d
Faulting module name: ntdll.dll, version: 6.1.7601.17725, time stamp: 0x4ec4aa8e
Exception code: 0xc0000005
Fault offset: 0x000000000009970a
Faulting process id: 0x169c
Faulting application start time: 0xmscorsvw.exe0
Faulting application path: mscorsvw.exe1
Faulting module path: mscorsvw.exe2
Report Id: mscorsvw.exe3

Error: (02/02/2013 11:43:05 AM) (Source: Application Error) (User: )
Description: Faulting application name: Dwm.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc541
Faulting module name: ntdll.dll, version: 6.1.7601.17725, time stamp: 0x4ec4aa8e
Exception code: 0xc0000005
Fault offset: 0x000000000009970a
Faulting process id: 0x1a90
Faulting application start time: 0xDwm.exe0
Faulting application path: Dwm.exe1
Faulting module path: Dwm.exe2
Report Id: Dwm.exe3

Error: (02/01/2013 05:36:02 PM) (Source: Application Error) (User: )
Description: Faulting application name: taskeng.exe, version: 6.1.7601.17514, time stamp: 0x4ce79d2c
Faulting module name: ntdll.dll, version: 6.1.7601.17725, time stamp: 0x4ec4aa8e
Exception code: 0xc0000005
Fault offset: 0x000000000009970a
Faulting process id: 0x2868
Faulting application start time: 0xtaskeng.exe0
Faulting application path: taskeng.exe1
Faulting module path: taskeng.exe2
Report Id: taskeng.exe3

Error: (02/01/2013 05:45:03 AM) (Source: Application Error) (User: )
Description: Faulting application name: taskeng.exe, version: 6.1.7601.17514, time stamp: 0x4ce79d2c
Faulting module name: ntdll.dll, version: 6.1.7601.17725, time stamp: 0x4ec4aa8e
Exception code: 0xc0000005
Fault offset: 0x000000000009970a
Faulting process id: 0x898
Faulting application start time: 0xtaskeng.exe0
Faulting application path: taskeng.exe1
Faulting module path: taskeng.exe2
Report Id: taskeng.exe3


System errors:
=============
Error: (02/02/2013 00:42:37 PM) (Source: Service Control Manager) (User: )
Description: The Steam Client Service service failed to start due to the following error:
%%1053

Error: (02/02/2013 00:42:37 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.

Error: (02/02/2013 00:40:41 PM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Update Service Daemon service failed to start due to the following error:
%%1069

Error: (02/02/2013 00:40:41 PM) (Source: Service Control Manager) (User: )
Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error:
%%1330

To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

Error: (01/30/2013 03:23:17 PM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Update Service Daemon service failed to start due to the following error:
%%1069

Error: (01/30/2013 03:23:17 PM) (Source: Service Control Manager) (User: )
Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error:
%%1330

To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

Error: (01/27/2013 07:09:51 AM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Update Service Daemon service failed to start due to the following error:
%%1069

Error: (01/27/2013 07:09:51 AM) (Source: Service Control Manager) (User: )
Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error:
%%1330

To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

Error: (01/25/2013 03:53:22 PM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Update Service Daemon service failed to start due to the following error:
%%1069

Error: (01/25/2013 03:53:22 PM) (Source: Service Control Manager) (User: )
Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error:
%%1330

To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).


Microsoft Office Sessions:
=========================
Error: (02/02/2013 04:47:00 PM) (Source: Application Error)(User: )
Description: mscorsvw.exe4.0.30319.14ba21f5dntdll.dll6.1.7601.177254ec4aa8ec0000005000000000009970a9a001ce0197344728b2C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeC:\Windows\SYSTEM32\ntdll.dll7457108f-6d8a-11e2-ba42-d027884ef6be

Error: (02/02/2013 04:33:38 PM) (Source: Application Error)(User: )
Description: mscorsvw.exe4.0.30319.14ba21f5dntdll.dll6.1.7601.177254ec4aa8ec0000005000000000009970a122c01ce0195565cfd23C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeC:\Windows\SYSTEM32\ntdll.dll9653421f-6d88-11e2-ba42-d027884ef6be

Error: (02/02/2013 04:08:50 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Conipooh\Downloads\esetsmartinstaller_enu.exe

Error: (02/02/2013 04:08:39 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Conipooh\Downloads\esetsmartinstaller_enu.exe

Error: (02/02/2013 03:37:49 PM) (Source: Application Hang)(User: )
Description: chrome.exe24.0.1312.57b8801ce018cf315bf86213C:\Program Files (x86)\Google\Chrome\Application\chrome.exec5dba633-6d80-11e2-ba42-d027884ef6be

Error: (02/02/2013 03:33:22 PM) (Source: Application Hang)(User: )
Description: chrome.exe24.0.1312.57ed401ce017694383daf7114C:\Program Files (x86)\Google\Chrome\Application\chrome.exe1e200767-6d80-11e2-ba42-d027884ef6be

Error: (02/02/2013 00:33:09 PM) (Source: Application Error)(User: )
Description: mscorsvw.exe4.0.30319.14ba21f5dntdll.dll6.1.7601.177254ec4aa8ec0000005000000000009970a169c01ce0173bf6c55fdC:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeC:\Windows\SYSTEM32\ntdll.dllfde2ac1a-6d66-11e2-a2bc-d027884ef6be

Error: (02/02/2013 11:43:05 AM) (Source: Application Error)(User: )
Description: Dwm.exe6.1.7600.163854a5bc541ntdll.dll6.1.7601.177254ec4aa8ec0000005000000000009970a1a9001ce016cbecab2c8C:\Windows\system32\Dwm.exeC:\Windows\SYSTEM32\ntdll.dllff781a21-6d5f-11e2-a2bc-d027884ef6be

Error: (02/01/2013 05:36:02 PM) (Source: Application Error)(User: )
Description: taskeng.exe6.1.7601.175144ce79d2cntdll.dll6.1.7601.177254ec4aa8ec0000005000000000009970a286801ce00d4e41791c3C:\Windows\system32\taskeng.exeC:\Windows\SYSTEM32\ntdll.dll22f98f87-6cc8-11e2-a2bc-d027884ef6be

Error: (02/01/2013 05:45:03 AM) (Source: Application Error)(User: )
Description: taskeng.exe6.1.7601.175144ce79d2cntdll.dll6.1.7601.177254ec4aa8ec0000005000000000009970a89801ce007190be5ad4C:\Windows\system32\taskeng.exeC:\Windows\SYSTEM32\ntdll.dlld07090f1-6c64-11e2-a2bc-d027884ef6be


=========================== Installed Programs ============================

18 Wheels of Steel - American Long Haul (Version: 2.2.0.95)
Acer Arcade Deluxe (Version: 4.5.7828)
Acer Arcade Movie (Version: 9.0.6629)
Acer eRecovery Management (Version: 4.05.3013)
Acer Games (Version: 1.0.1.3)
Acer Registration (Version: 1.03.3003)
Acer ScreenSaver (Version: 1.1.0825.2010)
Acer Updater (Version: 1.02.3001)
Adobe AIR (Version: 2.0.2.12610)
Adobe Flash Player 11 ActiveX (Version: 11.5.502.146)
Adobe Flash Player 11 Plugin (Version: 11.5.502.146)
Adobe Reader 9.1 MUI (Version: 9.1.0)
Advertising Center (Version: 0.0.0.2)
Agatha Christie - Death on the Nile (Version: 2.2.0.95)
Age of Empires Online
Akamai NetSession Interface Service
American McGee's Alice™
Apple Application Support (Version: 2.1.5)
Apple Software Update (Version: 2.1.3.127)
AUPEO! (Version: 1.07)
Awakening: Moonfell Wood
Awakening: The Dreamless Castle
Awakening: The Goblin Kingdom
Bejeweled 2 Deluxe (Version: 2.2.0.95)
Big Fish Games: Game Manager (Version: 3.0.1.60)
Blackhawk Striker 2 (Version: 2.2.0.95)
Build-a-lot 2 (Version: 2.2.0.95)
CCleaner (Version: 3.26)
Chuzzle Deluxe (Version: 2.2.0.95)
D3DX10 (Version: 15.4.2368.0902)
Diner Dash 2 Restaurant Rescue (Version: 2.2.0.95)
Dora's Carnival Adventure (Version: 2.2.0.95)
Empress of the Deep 2: Song of the Blue Whale
Empress of the Deep: The Darkest Secret
ESET Online Scanner v3
eSobi v2 (Version: 2.0.4.000274)
EverQuest II
Fallen Earth
FATE (Version: 2.2.0.95)
Fishdom (remove only)
Freeraser (Version: 1.0.0.23)
Google Chrome (Version: 24.0.1312.57)
Google Earth (Version: 6.2.2.6613)
Google Update Helper (Version: 1.3.21.123)
Hotkey Utility (Version: 2.05.3009)
Hoyle Board Games 2005 (Version: 1.0.0.0)
Hoyle Card Games 2003 (Version: 1.0.0.0)
Hoyle Puzzle Games 2005 (Version: 1.0.0.0)
Hoyle Word Games 3 (Version: 1.0.0.0)
Identity Card (Version: 1.00.3003)
ImagXpress (Version: 7.0.74.0)
Java 7 Update 13 (64-bit) (Version: 7.0.130)
Java 7 Update 13 (Version: 7.0.130)
Java Auto Updater (Version: 2.1.9.0)
Jewel Quest - Heritage (Version: 2.2.0.95)
Jewel Quest Mysteries: Curse of the Emerald Tear
Jewel Quest Solitaire 2 (Version: 2.2.0.95)
John Deere Drive Green (Version: 2.2.0.95)
Junk Mail filter update (Version: 15.4.3502.0922)
LG CyberLink Power2Go (Version: 6.2.4009)
LG CyberLink PowerBackup (Version: 2.5.5529)
LG ODD Auto Firmware Update (Version: 9.01.1124.01)
magicJack (Version: 2.0.5703.3988)
Malwarebytes Anti-Malware version 1.70.0.1100 (Version: 1.70.0.1100)
MediaShow Espresso (Version: 5.5.1713_26701)
Mesh Runtime (Version: 15.4.5722.2)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Age of Empires Gold
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Flight
Microsoft Games for Windows - LIVE Redistributable (Version: 3.5.92.0)
Microsoft Games for Windows Marketplace (Version: 3.5.50.0)
Microsoft Reader
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
Monopoly Here & Now Edition
Mozilla Firefox 8.0 (x86 en-US) (Version: 8.0)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MyWinLocker (Version: 3.1.212.0)
MyWinLocker Suite (Version: 3.1.212.0)
Nero 9 Essentials
Nero ControlCenter (Version: 9.0.0.1)
Nero DiscSpeed (Version: 5.4.13.100)
Nero DiscSpeed Help (Version: 5.4.4.100)
Nero DriveSpeed (Version: 4.4.12.100)
Nero DriveSpeed Help (Version: 4.4.4.100)
Nero Express Help (Version: 9.4.37.100)
Nero InfoTool (Version: 6.4.12.100)
Nero InfoTool Help (Version: 6.4.4.100)
Nero Installer (Version: 4.4.9.0)
Nero Online Upgrade (Version: 1.3.0.0)
Nero StartSmart (Version: 9.4.37.100)
Nero StartSmart Help (Version: 9.4.27.100)
Nero StartSmart OEM (Version: 9.16.0.100)
NeroExpress (Version: 9.4.37.100)
neroxml (Version: 1.0.0)
NOOK for PC (Version: 2.5.1.237)
NVIDIA 3D Vision Driver 306.97 (Version: 306.97)
NVIDIA Control Panel 306.97 (Version: 306.97)
NVIDIA Display Control Panel (Version: 1.10)
NVIDIA Drivers (Version: 1.10.57.35)
NVIDIA Graphics Driver 306.97 (Version: 306.97)
NVIDIA Install Application (Version: 2.1002.85.551)
NVIDIA Stereoscopic 3D Driver (Version: 7.17.13.0697)
NVIDIA Update 1.10.8 (Version: 1.10.8)
NVIDIA Update Components (Version: 1.10.8)
Oddly Enough: Pied Piper
OpenOffice.org 3.3 (Version: 3.3.9567)
Panda Cloud Antivirus (Version: 2.1.0)
Panda Cloud Antivirus (Version: 5.00.00.0000)
Panda Security Toolbar (Version: 4.0.0.12)
Panda Security URL Filtering (Version: 2.0.0.14)
Penguins! (Version: 2.2.0.95)
Picasa 3 (Version: 3.8)
Pixia (Version: 4.79d)
Plants vs. Zombies (Version: 2.2.0.95)
Polar Bowler (Version: 2.2.0.95)
Polar Golfer (Version: 2.2.0.95)
QuickTime (Version: 7.71.80.42)
Realtek High Definition Audio Driver (Version: 6.0.1.6101)
Romance of Rome
Settings Alerter (Version: 4.5.0.4243)
Shredder (Version: 2.0.8.3)
Steam (Version: 1.0.0.0)
Tales of Lagoona: Orphans of the Ocean
The Lord of the Rings Online™ v03.07.01.8015 (Version: 03.07.01.8015)
The Lost Kingdom Prophecy
Times Reader (Version: 2.055)
Toolbar Cleaner 1.0
Ulead PhotoImpact XL SE (Version: 8.5)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update Installer for WildTangent Games App
Virtual Villagers 4 - The Tree of Life (Version: 2.2.0.95)
Welcome Center (Version: 1.02.3005)
WildTangent Games App (Acer Games) (Version: 4.0.5.14)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3502.0922)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3502.0922)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
WinRAR 4.01 (64-bit) (Version: 4.01.0)
WOT for Internet Explorer (Version: 11.11.7.0)
ZENcast Organizer
Zuma's Revenge (Version: 2.2.0.95)

========================= Memory info: ===================================

Percentage of memory in use: 69%
Total physical RAM: 2047.18 MB
Available physical RAM: 633.93 MB
Total Pagefile: 4094.35 MB
Available Pagefile: 2071.8 MB
Total Virtual: 4095.88 MB
Available Virtual: 3972.42 MB

========================= Partitions: =====================================

1 Drive c: (Acer) (Fixed) (Total:216.79 GB) (Free:118.05 GB) NTFS
4 Drive g: () (Removable) (Total:1.84 GB) (Free:1.22 GB) FAT

========================= Users: ========================================
========================= Restore Points ==================================

14-01-2013 21:49:56 Windows Update
17-01-2013 22:34:10 Windows Update
21-01-2013 22:34:20 Windows Update
25-01-2013 22:02:35 Windows Update
02-02-2013 09:13:16 Scheduled Checkpoint
02-02-2013 14:43:47 Removed Java 7 Update 11
02-02-2013 14:47:35 Removed Java 7 Update 11 (64-bit)
02-02-2013 16:58:17 Installed Java 7 Update 13 (64-bit)
02-02-2013 17:37:30 Installed Java 7 Update 13
02-02-2013 17:52:38 Windows Update

**** End of log ****


Farbar Service Scanner Version: 30-01-2013
Ran by Conipooh (administrator) on 02-02-2013 at 20:44:23
Running from "C:\Users\Conipooh\Downloads"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Attempt to access Google IP returned error. Google IP is offline
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============

Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****


I got two txt documents from adware cleaner. when i ran it first i clicked search and then i clicked delete........

# AdwCleaner v2.109 - Logfile created 02/02/2013 at 20:46:10
# Updated 26/01/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Conipooh - CONIPOOH-PC
# Boot Mode : Normal
# Running from : C:\Users\Conipooh\Downloads\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

File Found : C:\Users\Conipooh\AppData\Roaming\Mozilla\Firefox\Profiles\37tja7ew.default\searchplugins\WebSearch.xml
Folder Found : C:\ProgramData\blekko toolbars
Folder Found : C:\ProgramData\Browser Manager
Folder Found : C:\ProgramData\Trymedia
Folder Found : C:\Users\Conipooh\AppData\Roaming\Mozilla\Firefox\Profiles\37tja7ew.default\extensions\{1fd91a9c-410c-4090-bbcc-55d3450ef433}

***** [Registry] *****

Data Found : [x64] HKLM\..\Windows [AppInit_DLLs] = C:\PROGRA~2\SETTIN~1\Datamngr\x64\datamngr.dll
Data Found : [x64] HKLM\..\Windows [AppInit_DLLs] = C:\PROGRA~2\SETTIN~1\Datamngr\x64\IEBHO.dll
Data Found : HKLM\..\Windows [AppInit_DLLs] = C:\PROGRA~2\SETTIN~1\Datamngr\datamngr.dll
Data Found : HKLM\..\Windows [AppInit_DLLs] = C:\PROGRA~2\SETTIN~1\Datamngr\IEBHO.dll
Key Found : HKCU\Software\DataMngr
Key Found : HKCU\Software\DataMngr_Toolbar
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F2D6C718-7E52-428E-8852-365C4B1A6E36}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Key Found : HKLM\SOFTWARE\Classes\AppID\{D97A8234-F2A2-4AD4-91D5-FECDB2C553AF}
Key Found : HKLM\SOFTWARE\Classes\AppID\BrowserConnection.dll
Key Found : HKLM\SOFTWARE\Classes\BrowserConnection.Loader
Key Found : HKLM\SOFTWARE\Classes\BrowserConnection.Loader.1
Key Found : HKLM\SOFTWARE\Classes\iLividIEHelper.DNSGuard
Key Found : HKLM\SOFTWARE\Classes\iLividIEHelper.DNSGuard.1
Key Found : HKLM\Software\DataMngr
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F2D6C718-7E52-428E-8852-365C4B1A6E36}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F2D6C718-7E52-428E-8852-365C4B1A6E36}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F2D6C718-7E52-428E-8852-365C4B1A6E36}
Key Found : HKLM\SOFTWARE\DataMngr
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F2D6C718-7E52-428E-8852-365C4B1A6E36}
Key Found : HKU\S-1-5-21-471322506-4121362078-2470743385-1000\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [DataMngr]
Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [10]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [10]

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.7601.17514

[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://isearch.fantastigames.com/439

-\\ Mozilla Firefox v8.0 (en-US)

File : C:\Users\Conipooh\AppData\Roaming\Mozilla\Firefox\Profiles\37tja7ew.default\prefs.js

Found : user_pref("browser.startup.homepage", "hxxp://isearch.fantastigames.com/439");
Found : user_pref("browser.search.selectedEngine", "Web Search");
Found : user_pref("browser.search.defaultenginename", "Web Search");
Found : user_pref("browser.search.order.1", "Web Search");
Found : user_pref("keyword.URL", "hxxp://isearch.fantastigames.com/web?src=ffb&gct=ds&appid=100&systemid=439[...]

File : C:\Users\coni\AppData\Roaming\Mozilla\Firefox\Profiles\3h85ly8p.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v24.0.1312.57

File : C:\Users\Conipooh\AppData\Local\Google\Chrome\User Data\Default\Preferences

Found [l.12] : urls_to_restore_on_startup = [ "hxxp://www.google.com/", "hxxp://www.google.com", "hxxp://isearch.fantastigames.com/439" ]
Found [l.2518] : urls_to_restore_on_startup = [ "hxxp://www.google.com/", "hxxp://www.google.com", "hxxp://isearch.fantastigames.com/439" ]

File : C:\Users\coni\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [4116 octets] - [02/02/2013 20:46:10]

########## EOF - C:\AdwCleaner[R1].txt - [4176 octets] ##########


# AdwCleaner v2.109 - Logfile created 02/02/2013 at 20:46:53
# Updated 26/01/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Conipooh - CONIPOOH-PC
# Boot Mode : Normal
# Running from : C:\Users\Conipooh\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Deleted on reboot : C:\ProgramData\Browser Manager
Deleted on reboot : C:\Users\Conipooh\AppData\Roaming\Mozilla\Firefox\Profiles\37tja7ew.default\extensions\{1fd91a9c-410c-4090-bbcc-55d3450ef433}
File Deleted : C:\Users\Conipooh\AppData\Roaming\Mozilla\Firefox\Profiles\37tja7ew.default\searchplugins\WebSearch.xml
Folder Deleted : C:\ProgramData\blekko toolbars
Folder Deleted : C:\ProgramData\Trymedia

***** [Registry] *****

Data Deleted : [x64] HKLM\..\Windows [AppInit_DLLs] = C:\PROGRA~2\SETTIN~1\Datamngr\x64\datamngr.dll
Data Deleted : [x64] HKLM\..\Windows [AppInit_DLLs] = C:\PROGRA~2\SETTIN~1\Datamngr\x64\IEBHO.dll
Data Deleted : HKLM\..\Windows [AppInit_DLLs] = C:\PROGRA~2\SETTIN~1\Datamngr\datamngr.dll
Data Deleted : HKLM\..\Windows [AppInit_DLLs] = C:\PROGRA~2\SETTIN~1\Datamngr\IEBHO.dll
Key Deleted : HKCU\Software\DataMngr
Key Deleted : HKCU\Software\DataMngr_Toolbar
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F2D6C718-7E52-428E-8852-365C4B1A6E36}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D97A8234-F2A2-4AD4-91D5-FECDB2C553AF}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\BrowserConnection.dll
Key Deleted : HKLM\SOFTWARE\Classes\BrowserConnection.Loader
Key Deleted : HKLM\SOFTWARE\Classes\BrowserConnection.Loader.1
Key Deleted : HKLM\SOFTWARE\Classes\iLividIEHelper.DNSGuard
Key Deleted : HKLM\SOFTWARE\Classes\iLividIEHelper.DNSGuard.1
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F2D6C718-7E52-428E-8852-365C4B1A6E36}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F2D6C718-7E52-428E-8852-365C4B1A6E36}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F2D6C718-7E52-428E-8852-365C4B1A6E36}
Key Deleted : HKLM\SOFTWARE\DataMngr
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F2D6C718-7E52-428E-8852-365C4B1A6E36}
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [DataMngr]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [10]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [10]

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.7601.17514

Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://isearch.fantastigames.com/439 --> hxxp://www.google.com

-\\ Mozilla Firefox v8.0 (en-US)

File : C:\Users\Conipooh\AppData\Roaming\Mozilla\Firefox\Profiles\37tja7ew.default\prefs.js

Deleted : user_pref("browser.startup.homepage", "hxxp://isearch.fantastigames.com/439");
Deleted : user_pref("browser.search.selectedEngine", "Web Search");
Deleted : user_pref("browser.search.defaultenginename", "Web Search");
Deleted : user_pref("browser.search.order.1", "Web Search");
Deleted : user_pref("keyword.URL", "hxxp://isearch.fantastigames.com/web?src=ffb&gct=ds&appid=100&systemid=439[...]

File : C:\Users\coni\AppData\Roaming\Mozilla\Firefox\Profiles\3h85ly8p.default\prefs.js

C:\Users\coni\AppData\Roaming\Mozilla\Firefox\Profiles\3h85ly8p.default\user.js ... Deleted !

[OK] File is clean.

-\\ Google Chrome v24.0.1312.57

File : C:\Users\Conipooh\AppData\Local\Google\Chrome\User Data\Default\Preferences

Deleted [l.12] : urls_to_restore_on_startup = [ "hxxp://www.google.com/", "hxxp://www.google.com", "hxxp://[...]
Deleted [l.2518] : urls_to_restore_on_startup = [ "hxxp://www.google.com/", "hxxp://www.google.com", "hxxp://ise[...]

File : C:\Users\coni\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [4235 octets] - [02/02/2013 20:46:10]
AdwCleaner[S1].txt - [4183 octets] - [02/02/2013 20:46:53]

########## EOF - C:\AdwCleaner[S1].txt - [4243 octets] ##########

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.6.2 (02.02.2013:2)
OS: Windows 7 Home Premium x64
Ran by Conipooh on Sat 02/02/2013 at 20:58:00.17
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ FireFox

Successfully deleted: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\websearch.xml"
Failed to delete: [Folder] "C:\Program Files (x86)\Mozilla Firefox\extensions\{1fd91a9c-410c-4090-bbcc-55d3450ef433}"
Failed to delete: [Folder] C:\Users\Conipooh\AppData\Roaming\mozilla\firefox\profiles\37tja7ew.default\extensions\{1fd91a9c-410c-4090-bbcc-55d3450ef433}



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sat 02/02/2013 at 21:21:32.45
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms" "" "" ""
+ "rdpclip" "" "" "File not found: rdpclip"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "mwlDaemon" "MyWinLocker" "Egis Technology Inc." "c:\program files (x86)\egistec mywinlocker\x86\mwldaemon.exe"
+ "RtHDVCpl" "Realtek HD Audio Manager" "Realtek Semiconductor" "c:\program files\realtek\audio\hda\ravcpl64.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Adobe Reader Speed Launcher" "Adobe Acrobat SpeedLauncher" "Adobe Systems Incorporated" "c:\program files (x86)\adobe\reader 9.0\reader\reader_sl.exe"
+ "APSDaemon" "Apple Push" "Apple Inc." "c:\program files (x86)\common files\apple\apple application support\apsdaemon.exe"
+ "ArcadeMovieService" "Arcade Movie Resident Program" "CyberLink Corp." "c:\program files (x86)\acer arcade deluxe\arcade movie\arcademovieservice.exe"
+ "CLMLServer" "CyberLink MediaLibray Service" "CyberLink" "c:\program files (x86)\cyberlink\power2go\clmlsvc.exe"
+ "EgisTecPMMUpdate" "PMM Update Application" "Egis Technology Inc." "c:\program files (x86)\egistec ips\pmmupdate.exe"
+ "EgisUpdate" "EgisUpdate Release Application" "Egis Technology Inc." "c:\program files (x86)\egistec ips\egisupdate.exe"
+ "Hotkey Utility" "Hotkey Utility" "" "c:\program files (x86)\acer\hotkey utility\hotkeyutility.exe"
+ "LGODDFU" "" "BitLeader" "c:\program files (x86)\lg_fwupdate\fwupdate.exe"
+ "MDS_Menu" "MUI StartMenu Application" "CyberLink Corp." "c:\program files (x86)\acer arcade deluxe\mediashow espresso\muitransfer\muistartmenu.exe"
+ "Panda Security URL Filtering" "Visicom Media Anti-phishing Domain Advisor (Powered by Panda Security)" "Panda Security" "c:\programdata\panda security url filtering\panda_url_filtering.exe"
+ "PSUAMain" "PSUAMain" "Panda Security, S.L." "c:\program files (x86)\panda security\panda cloud antivirus\psuamain.exe"
+ "QuickTime Task" "QuickTime Task" "Apple Inc." "c:\program files (x86)\quicktime\qttask.exe"
+ "SuiteTray" "SuiteTray" "Egis Technology Inc." "c:\program files (x86)\egistec mywinlockersuite\x86\suitetray.exe"
+ "SunJavaUpdateSched" "Java™ Update Scheduler" "Sun Microsystems, Inc." "c:\program files (x86)\common files\java\java update\jusched.exe"
+ "UpdateP2GoShortCut" "MUI StartMenu Application" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\muitransfer\muistartmenu.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Google Chrome" "Google Chrome" "Google Inc." "c:\program files (x86)\google\chrome\application\24.0.1312.57\installer\chrmstp.exe"
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files (x86)\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "CTSyncU.exe" "Creative Sync Manager" "" "c:\program files (x86)\creative\sync manager unicode\ctsyncu.exe"
+ "Sidebar" "Windows Desktop Gadgets" "Microsoft Corporation" "c:\program files\windows sidebar\sidebar.exe"
"HKLM\SOFTWARE\Classes\Protocols\Handler" "" "" ""
+ "wot" "" "" "c:\program files\wot\wot.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "EDSshellExt" "Shell Extention" "Egis Technology Inc." "c:\program files (x86)\egistec mywinlocker\x64\mwlshellext.dll"
+ "UAContextMenu" "Shell extension " "Panda Security, S.L." "c:\program files (x86)\panda security\panda cloud antivirus\psuashell.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "EDSshellExt" "Shell Extention" "Egis Technology Inc." "c:\program files (x86)\egistec mywinlocker\x86\mwlshellext.dll"
+ "WinRAR32" "" "" "c:\program files\winrar\rarext32.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
+ "ShredderContextMenu" "ShredderContextMenu" "Egis Technology Inc." "c:\program files (x86)\egistec shredder\x64\shreddercontextmenu.dll"
"HKLM\Software\Wow6432Node\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "ShredderContextMenu" "ShredderContextMenu" "Egis Technology Inc." "c:\program files (x86)\egistec shredder\x86\shreddercontextmenu.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "EDSshellExt" "Shell Extention" "Egis Technology Inc." "c:\program files (x86)\egistec mywinlocker\x64\mwlshellext.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "EDSshellExt" "Shell Extention" "Egis Technology Inc." "c:\program files (x86)\egistec mywinlocker\x86\mwlshellext.dll"
+ "WinRAR32" "" "" "c:\program files\winrar\rarext32.dll"
"HKLM\Software\Classes\Directory\Shellex\DragDropHandlers" "" "" ""
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Shellex\DragDropHandlers" "" "" ""
+ "WinRAR32" "" "" "c:\program files\winrar\rarext32.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll"
+ "NvCplDesktopContext" "" "NVIDIA Corporation" "c:\windows\system32\nvshext.dll"
+ "UAContextMenu" "Shell extension " "Panda Security, S.L." "c:\program files (x86)\panda security\panda cloud antivirus\psuashell.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files (x86)\windows sidebar\sbdrop.dll"
"HKLM\Software\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" "" "OpenOffice.org" "c:\program files (x86)\openoffice.org 3\basis\program\shlxthdl\shlxthdl_x64.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll"
+ "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" "" "OpenOffice.org" "c:\program files (x86)\openoffice.org 3\basis\program\shlxthdl\shlxthdl.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
+ "UAContextMenu" "Shell extension " "Panda Security, S.L." "c:\program files (x86)\panda security\panda cloud antivirus\psuashell.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "WinRAR32" "" "" "c:\program files\winrar\rarext32.dll"
"HKLM\Software\Classes\Folder\ShellEx\DragDropHandlers" "" "" ""
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\DragDropHandlers" "" "" ""
+ "WinRAR32" "" "" "c:\program files\winrar\rarext32.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "egisPSDP" "PSD DragDrop Protection" "Egis Technology Inc." "c:\program files (x86)\egistec mywinlocker\x64\psdprotect.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "egisPSDP" "PSD DragDrop Protection" "Egis Technology Inc." "c:\program files (x86)\egistec mywinlocker\x86\psdprotect.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files\java\jre7\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files\java\jre7\bin\ssv.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll"
+ "WOT Helper" "" "" "c:\program files\wot\wot.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files (x86)\java\jre7\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files (x86)\java\jre7\bin\ssv.dll"
+ "Panda Security Toolbar" "Panda Security Toolbar Link Library" "" "c:\program files (x86)\pandasecuritytb\pandasecuritydx.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll"
+ "WOT Helper" "" "" "c:\program files (x86)\wot\wot.dll"
"HKLM\Software\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "WOT" "" "" "c:\program files\wot\wot.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "Panda Security Toolbar" "Panda Security Toolbar Link Library" "" "c:\program files (x86)\pandasecuritytb\pandasecuritydx.dll"
+ "WOT" "" "" "c:\program files (x86)\wot\wot.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "&Blog This in Windows Live Writer" "Windows Live Writer Blog This Extension" "Microsoft Corporation" "c:\program files (x86)\windows live\writer\writerbrowserextension.dll"
"Task Scheduler" "" "" ""
+ "\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task" "Windows Live Social Object Extractor Engine" "Microsoft Corporation" "c:\program files (x86)\windows live\soxe\wlsoxe.dll"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "AdobeFlashPlayerUpdateSvc" "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes." "Adobe Systems Incorporated" "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe"
+ "Akamai" "Provides networking protocol and file transfer technologies. If the service is stopped, those applications that depend on the service may fail to transfer files or otherwise function properly." "Akamai Technologies, Inc." "c:\program files (x86)\common files\akamai/netsession_win_ce5ba24.dll"
+ "aspnet_state" "Provides support for out-of-process session states for ASP.NET. If this service is stopped, out-of-process requests will not be processed. If this service is disabled, any services that explicitly depend on it will fail to start." "" "File not found: C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe"
+ "GamesAppService" "WT Games App Services" "WildTangent, Inc." "c:\program files (x86)\wildtangent games\app\gamesappservice.exe"
+ "GREGService" "Global Registration Service" "Acer Incorporated" "c:\program files (x86)\acer\registration\gregsvc.exe"
+ "gupdate" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "gupdatem" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "gusvc" "gusvc" "Google" "c:\program files (x86)\google\common\google updater\googleupdaterservice.exe"
+ "MWLService" "MyWinLocker Service" "Egis Technology Inc." "c:\program files (x86)\egistec mywinlocker\x86\mwlservice.exe"
+ "NanoServiceMain" "Panda Cloud Antivirus Service" "Panda Security, S.L." "c:\program files (x86)\panda security\panda cloud antivirus\psanhost.exe"
+ "Nero BackItUp Scheduler 4.0" "Nero BackItUp Scheduler 4.0 is responsible to control all jobs created using Nero BackItUp. These jobs can create backups of selected files/folders/partitions or complete hard disk to hard disk, network drive, disc or FTP." "Nero AG" "c:\program files (x86)\common files\nero\nero backitup 4\nbservice.exe"
+ "nvsvc" "Provides system and desktop level support to the NVIDIA display driver" "NVIDIA Corporation" "c:\windows\system32\nvvsvc.exe"
+ "nvUpdatusService" "NVIDIA Settings Update Manager service, used to check new updates from NVIDIA server." "NVIDIA Corporation" "c:\program files (x86)\nvidia corporation\nvidia update core\daemonu.exe"
+ "PSUAService" "Panda Product Service" "Panda Security, S.L." "c:\program files (x86)\panda security\panda cloud antivirus\psuaservice.exe"
+ "Steam Client Service" "Steam Client Service monitors and updates Steam content" "Valve Corporation" "c:\program files (x86)\common files\steam\steamservice.exe"
+ "Stereo Service" "Provides system support for NVIDIA Stereoscopic 3D driver" "NVIDIA Corporation" "c:\program files (x86)\nvidia corporation\3d vision\nvscpapisvr.exe"
+ "Updater Service" "Updater Service" "Acer Group" "c:\program files\acer\acer updater\updaterservice.exe"
+ "WinDefend" "Protection against spyware and potentially unwanted software" "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll"
+ "wlidsvc" "Enables Windows Live ID authentication." "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidsvc.exe"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver (X64)" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbda.sys"
+ "b57nd60a" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60a.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbda.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "IntcAzAudAddService" "Realtek® High Definition Audio Function Driver" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtkvhd64.sys"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
+ "mwlPSDFilter" "mwlPSDFilter Filter Driver" "Egis Technology Inc." "c:\windows\system32\drivers\mwlpsdfilter.sys"
+ "mwlPSDNServ" "mwlPSDNServ Driver" "Egis Technology Inc." "c:\windows\system32\drivers\mwlpsdnserv.sys"
+ "mwlPSDVDisk" "mwlPSDVdisk Driver" "Egis Technology Inc." "c:\windows\system32\drivers\mwlpsdvdisk.sys"
+ "netr28x" "Ralink 802.11 Wireless Adapter Driver" "Ralink Technology, Corp." "c:\windows\system32\drivers\netr28x.sys"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "NNSALPC" "Application Layer Protocol Colorizer" "Panda Security, S.L." "c:\windows\system32\drivers\nnsalpc.sys"
+ "NNSHTTP" "Http Parser" "Panda Security, S.L." "c:\windows\system32\drivers\nnshttp.sys"
+ "NNSIDS" "Intrusion Detection System" "Panda Security, S.L." "c:\windows\system32\drivers\nnsids.sys"
+ "NNSNAHSL" "Network Activity Hook Server LightWeight Filter Driver" "Panda Security, S.L." "c:\windows\system32\drivers\nnsnahsl.sys"
+ "NNSPICC" "Process Info Colorizer Client" "Panda Security, S.L." "c:\windows\system32\drivers\nnspicc.sys"
+ "NNSPOP3" "Pop3 Parser" "Panda Security, S.L." "c:\windows\system32\drivers\nnspop3.sys"
+ "NNSPROT" "Network Protector" "Panda Security, S.L." "c:\windows\system32\drivers\nnsprot.sys"
+ "NNSPRV" "Network Provider" "Panda Security, S.L." "c:\windows\system32\drivers\nnsprv.sys"
+ "NNSSMTP" "Smtp Parser" "Panda Security, S.L." "c:\windows\system32\drivers\nnssmtp.sys"
+ "NNSSTRM" "Streamer" "Panda Security, S.L." "c:\windows\system32\drivers\nnsstrm.sys"
+ "NNSTLSC" "Transport Layer Session Colorizer" "Panda Security, S.L." "c:\windows\system32\drivers\nnstlsc.sys"
+ "NVHDA" "NVIDIA HDMI Audio Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvhda64v.sys"
+ "nvlddmkm" "NVIDIA Windows Kernel Mode Driver, Version 306.97 " "NVIDIA Corporation" "c:\windows\system32\drivers\nvlddmkm.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
+ "PSINAflt" "PSINAflt Driver" "Panda Security, S.L." "c:\windows\system32\drivers\psinaflt.sys"
+ "PSINFile" "PSINFile Mini-Filter Driver" "Panda Security, S.L." "c:\windows\system32\drivers\psinfile.sys"
+ "PSINKNC" "PSINKNC Kernel Controller for Vista64" "Panda Security, S.L." "c:\windows\system32\drivers\psinknc.sys"
+ "PSINProc" "PSINProc Filter Driver" "Panda Security, S.L." "c:\windows\system32\drivers\psinproc.sys"
+ "PSINProt" "PSINProt Driver" "Panda Security, S.L." "c:\windows\system32\drivers\psinprot.sys"
+ "PSKMAD" "Panda Kernel Memory Access Driver (x64)" "Panda Security, S.L." "c:\windows\system32\drivers\pskmad.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
+ "RTL8167" "Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver " "Realtek " "c:\windows\system32\drivers\rt64win7.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
+ "stexstor" "Promise SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.iac2" "Indeo® audio software" "Intel Corporation" "c:\windows\syswow64\iac25_32.ax"
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codeca.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\syswow64\iccvid.dll"
+ "VIDC.IV41" "Intel Indeo® Video 4.5" "Intel Corporation" "c:\windows\syswow64\ir41_32.ax"
+ "vidc.iv50" "Intel Indeo® video 5.10" "Intel Corporation" "c:\windows\syswow64\ir50_32.dll"
"HKLM\Software\Classes\Filter" "" "" ""
+ "Indeo® video 4.4 Compression Filter" "Intel Indeo® Video 4.5" "Intel Corporation" "c:\windows\syswow64\ir41_32.ax"
+ "Indeo® video 4.4 Decompression Filter" "Intel Indeo® Video 4.5" "Intel Corporation" "c:\windows\syswow64\ir41_32.ax"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "Audio Destination" "WAVDest Filter (Sample)" "Microsoft Corporation" "c:\program files (x86)\google\google earth\client\wavdest.ax"
+ "Capture File Writer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "CL_EVRWindow" "CLEvr" "CyberLink Corp." "c:\program files (x86)\acer arcade deluxe\homemedia\kernel\dmp\clevr.dll"
+ "Creative Flac Source Filter" "Creative FLAC Source Filter" "Creative Technology Ltd" "c:\program files (x86)\creative\shared files\flacsrcu.ax"
+ "Creative Frame Rate Converter" "Creative Frame Rate Converter" "Creative Technology Ltd" "c:\program files (x86)\creative\shared files\ctfrconv.ax"
+ "Creative Media Select" "" "Creative Technology Ltd." "c:\program files (x86)\creative\shared files\mediasel.ax"
+ "Creative Null Audio" "" "Creative Technology Ltd." "c:\program files (x86)\creative\shared files\nullaud.ax"
+ "Creative Ogg Source Filter" "Creative Ogg Source Filter" "Creative Technology Ltd" "c:\program files (x86)\creative\shared files\oggsrcu.ax"
+ "Creative QT Source Filter" "Creative QT Source Filter" "Creative Technology Ltd." "c:\program files (x86)\creative\shared files\ctqtsf.ax"
+ "Creative Video Processing Filter" "Creative Video Processing Filter" "Creative Technology Ltd." "c:\program files (x86)\creative\shared files\vidprocu.ax"
+ "CyberLink Audio Decoder" "CyberLink Audio Decoder Filter" "CyberLink Corp." "c:\program files (x86)\acer arcade deluxe\homemedia\kernel\dmp\claud61.ax"
+ "CyberLink Audio Decoder (PCMMovie)" "CyberLink Audio Decoder Filter" "CyberLink Corp." "c:\program files (x86)\acer arcade deluxe\arcade movie\audiofilter\claud.ax"
+ "CyberLink Audio Effect (PCMMovie)" "CyberLink Audio Effect Filter" "CyberLink Corporation" "c:\program files (x86)\acer arcade deluxe\arcade movie\audiofilter\claudfx.ax"
+ "CyberLink Audio Noise Reduction" "CLAuNR" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gaunrwrapper.ax"
+ "CyberLink Audio Resampler" "CLAuRsmpl.ax" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gaursmpl.ax"
+ "CyberLink Audio Spectrum Analyzer (HomeNetwork)" "CLAudSpa.ax" "CyberLink Corp." "c:\program files (x86)\acer arcade deluxe\homemedia\kernel\dmp\claudspa.ax"
+ "CyberLink Audio Spectrum Analyzer (PCMMovie)" "CLAudSpa.ax" "CyberLink Corp." "c:\program files (x86)\acer arcade deluxe\arcade movie\audiofilter\claudspa.ax"
+ "CyberLink Audio VolumeBooster" "CyberLink Audio Volume Booster Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gvb.ax"
+ "CyberLink Audio Wizard (PCMMovie)" "CyberLink Audio Wizard Filter" "CyberLink Corp." "c:\program files (x86)\acer arcade deluxe\arcade movie\audiofilter\claudwizard.ax"
+ "CyberLink AudioCD Filter" "CyberLink AudioCD Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gaudiocd.ax"
+ "CyberLink Demultiplexer(Scramble)" "MPEG-2 Dempltiplexer" "CyberLink Corp." "c:\program files (x86)\acer arcade deluxe\homemedia\kernel\dmp\cldemuxer.ax"
+ "Cyberlink Dump Dispatch Filter" "Cyberlink File Dump Dispatch Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gdumpdispatch.ax"
+ "Cyberlink Dump Filter" "Cyberlink File Dump Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gdump.ax"
+ "CyberLink DVD Navigator" "CyberLink DVD Navigation Filter" "CyberLink Corp." "c:\program files (x86)\acer arcade deluxe\arcade movie\navfilter\clnavx.ax"
+ "CyberLink Editing Service 3.0 (Source)" "CES Kernel" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gedtkrn.dll"
+ "Cyberlink File Reader (Async.)" "Cyberlink MPEG File Reader" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2greader.ax"
+ "CyberLink Line21 Decoder (PCMMovie)" "CyberLink Line21 Decoder Filter" "CyberLink Corp." "c:\program files (x86)\acer arcade deluxe\arcade movie\videofilter\clline21.ax"
+ "CyberLink Load Image Filter" "CLImage" "CyberLink" "c:\program files (x86)\cyberlink\shared files\climage.ax"
+ "CyberLink M2V Writer" "CLM2VWriter" "CyberLink" "c:\program files (x86)\cyberlink\power2go\p2gm2vwriter.ax"
+ "CyberLink MP3/WAV Wrapper" "CyberLink MP3 Wrapper" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gmp3wrap.ax"
+ "CyberLink MPEG Decoder" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gmvd.ax"
+ "CyberLink MPEG Muxer" "MpgMux" "CyberLink" "c:\program files (x86)\cyberlink\power2go\p2gmpgmux.ax"
+ "CyberLink MPEG Splitter" "CyberLink MPEG Splitter" "CyberLink Corp." "c:\program files (x86)\acer arcade deluxe\homemedia\kernel\dmp\clsplter.ax"
+ "CyberLink MPEG Video Encoder" "CyberLink MPEG Video Encoder " "CyberLink Corp. " "c:\program files (x86)\cyberlink\power2go\p2gvidenc.ax"
+ "CyberLink MPEG-1 Splitter" "CyberLink MPEG Splitter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gm1spliter.ax"
+ "CyberLink MPEG-2 Splitter" "CyberLink MPEG Splitter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gm2spliter.ax"
+ "CyberLink PCM Wrapper" "CyberLink PCM Wrapper" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gpcmenc.ax"
+ "CyberLink Push-Mode CLStream" "CLStream" "CyberLink" "c:\program files (x86)\acer arcade deluxe\homemedia\kernel\dmp\clstream(pushmode).ax"
+ "CyberLink Push-Mode CLStream (cURL)" "CLStream" "CyberLink" "c:\program files (x86)\acer arcade deluxe\homemedia\kernel\dmp\clstream(multilib).ax"
+ "CyberLink SAC Video Decoder" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files (x86)\acer arcade deluxe\homemedia\kernel\dmp\clvsd.ax"
+ "Cyberlink Streamming Filter" "Cyberlink Streaming Source Filter(Scramble)" "CyberLink Corp." "c:\program files (x86)\acer arcade deluxe\homemedia\kernel\dmp\clstream.ax"
+ "Cyberlink SubTitle Importor (PCMMovie)" "CLSubTitle.ax" "CyberLink Corp." "c:\program files (x86)\acer arcade deluxe\arcade movie\videofilter\clsubtitle.ax"
+ "CyberLink TimeStretch Filter (CES)" "CLAuTS.ax" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gauts.ax"
+ "CyberLink TimeStretch Filter (PCMMovie)" "CLAuTS.ax" "CyberLink Corp." "c:\program files (x86)\acer arcade deluxe\arcade movie\audiofilter\clauts.ax"
+ "CyberLink TimeStretch Filter(HomeNetwork)" "CLAuTS.ax" "CyberLink Corp." "c:\program files (x86)\acer arcade deluxe\homemedia\kernel\dmp\clauts.ax"
+ "CyberLink TL MPEG Splitter" "CyberLink MPEG Splitter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gtlmsplter.ax"
+ "CyberLink Tzan Filter (PCMMovie)" "Cyberlink Tzan Filter" "CyberLink Corp." "c:\program files (x86)\acer arcade deluxe\arcade movie\videofilter\cltzan.ax"
+ "CyberLink Video Effect" "CLVidFx" "CyberLink" "c:\program files (x86)\cyberlink\power2go\p2gvidfx.ax"
+ "CyberLink Video Regulator" "CLRGL" "Cyberlink" "c:\program files (x86)\cyberlink\power2go\p2grgl.ax"
+ "CyberLink Video Stabilizer" "CLVideoDeShaking" "CyberLink" "c:\program files (x86)\cyberlink\power2go\p2gvideostabilizer.ax"
+ "CyberLink Video/SP Decoder (PCMMovie)" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files (x86)\acer arcade deluxe\arcade movie\videofilter\clvsd.ax"
+ "CyberLink WMV/WMA Demultiplexer" "WMV/WMA Demux" "CyberLink" "c:\program files (x86)\acer arcade deluxe\homemedia\kernel\dmp\clwmfdemux.ax"
+ "Indeo® audio software" "Indeo® audio software" "Intel Corporation" "c:\windows\syswow64\iac25_32.ax"
+ "Indeo® video 5.10 Compression Filter" "Intel Indeo® video 5.10" "Intel Corporation" "c:\windows\syswow64\ir50_32.dll"
+ "Indeo® video 5.10 Decompression Filter" "Intel Indeo® video 5.10" "Intel Corporation" "c:\windows\syswow64\ir50_32.dll"
+ "Mp3Dump" "" "Creative Technology Ltd." "c:\program files (x86)\creative\shared files\mp3dump.ax"
+ "P2G Audio Decoder" "CyberLink Audio Decoder Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gaud.ax"
+ "P2G Audio Encoder" "CyberLink Audio Encoder Filter" "Cyberlink Corp." "c:\program files (x86)\cyberlink\power2go\p2gaudenc.ax"
+ "P2G Video Decoder" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gvsd.ax"
+ "P2G Video Regulator" "CyberLink Video Regulator" "CyberLink" "c:\program files (x86)\cyberlink\power2go\p2gresample.ax"
+ "Record Queue" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WavTrans" "" "Creative Technology Ltd." "c:\program files (x86)\creative\shared files\wavtrans.ax"
+ "WM VIH2 Fix" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT DV Extract Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Sample Info Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Switch Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Renderer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Source" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\Appinit_Dlls" "" "" ""
+ "" "" "" "c:\programdata\wincert\win32c~1.dll "
+ "C:\PROGRA~3\Wincert\WIN32C~1.DLL C:\PROGRA~3\Wincert\WIN64C~1.DLL " "" "" "c:\programdata\wincert\win32c~1.dll "
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Windows\Appinit_Dlls" "" "" ""
+ " C:\PROGRA~3\Wincert\WIN32C~1.DLL " "" "" "c:\programdata\wincert\win32c~1.dll "
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers" "" "" ""
+ "WLIDCredentialProvider" "Microsoft® Windows Live ID Credential Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidcredprov.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64" "" "" ""
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "PCL hpz3llhn" "LanguageMonitor" "Hewlett-Packard Company" "c:\windows\system32\hpz3llhn.dll"
"C:\Users\Conipooh\AppData\Local\Microsoft\Windows Sidebar\Settings.ini" "" "" ""
+ "Calendar" "Browse the days of the calendar." "Microsoft Corporation" "C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\en-US\Gadget.xml"
+ "Weather" "See what the weather looks like around the world." "Microsoft Corporation" "C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\en-US\Gadget.xml"


When I was doing the minitoolbox step, i received the error messaage 'cmd.exe' application error (it was listing installed programs) was unable to start correctly (0x0000142)

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:43 AM

Posted 02 February 2013 - 10:47 PM

Looks good.Let me know if you still have redirects before we do our final task

#7 paddlegal

paddlegal
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:04:43 AM

Posted 02 February 2013 - 10:57 PM

Okay, I will go to google in all the browers i use and see if i get redirected. TYSM for your help! ( I'm proud of myself too for getting through this) thank you thank you!!

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:43 AM

Posted 02 February 2013 - 10:58 PM

If you dont have issues please follow these steps.If you still get redirected let me know

Remove temporary and junk files

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode


Create a new restore point

Follow this guide to turn off and turn on your restore points

XP- http://support.microsoft.com/kb/310405

Vista & windows 7- http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Turn off your system restore-It deletes old infected restore points

Turn on system restore and create a new restore point

Update JAVA and Flash player

Uninstall old version of java from control panel-Add or remove programs.Download the latest version from here

http://java.com/en/

Update your flash player

Antivirus recommendations

Update your antivirus frequently.Two free antivirus that i would suggest are

Microsoft security essentials or Avast.You can select either one of them.

If you have a paid one,make sure to update it frequently.Do not use multiple security softwares.

Informative guides that could prevent you from being infected again

How did I get infected?

http://www.bleepingcomputer.com/forums/topic2520.html

Best Practices for Safe Computing - Prevention of Malware Infection

http://www.bleepingcomputer.com/forums/topic407147.html

Simple and easy ways to keep your computer safe and secure on the Internet

http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/

Safe surfing :)

#9 paddlegal

paddlegal
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:04:43 AM

Posted 02 February 2013 - 11:21 PM

So you don't recommend Panda Cloud Antivirus? I had MSE but someone recommended Panda Cloud. I have printed out your last instructions, TYSM. No redirects in IE, FFox or Chrome!

<3

Safe surfing? Okay................I'll try to be a good girl.

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:43 AM

Posted 02 February 2013 - 11:25 PM

Microsoft security essentials or Avast are better compared to Panda.Just keep in my mind that no security software is 100% efficient and and remove all threats at any given time. Just because one anti-malware scanner detected threats that another missed, does not mean its more effective.

Safe surfing? Okay................I'll try to be a good girl.


:thumbup2:

#11 paddlegal

paddlegal
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:04:43 AM

Posted 03 February 2013 - 04:03 PM

Hello. It is almost 3 p.m. and I haven't been using my computer for about 12 hours. When I open Chrome, it opens 2 tabs for Google (my home page) and a tab for isearch.com. I have tried some searches on google from Chrome but no redirects have happened. I will go try some from IE and FFox.

Okay I did not get any redirects after using FFox or IE, but when I tried to sigion to my gmail in FFox, it had my secret name and a password in the signin boxes.

Also when I opened IE I was notified I was using an unsupported version of IE (I use 7) and that I would have to download a supported version. I did not do that.

I also got the message from gmail that I had to allow cookies for it to function. My security was set on high, I had to change to medium low to signin to gmail.

Edited by paddlegal, 03 February 2013 - 04:38 PM.


#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:43 AM

Posted 03 February 2013 - 09:49 PM

Export bookmarks from google chrome using this guide

http://support.google.com/chrome/bin/answer.py?hl=en&answer=96816

Uninstall google chrome,make sure to checkmark Also delete browsing data option

Reinstall chrome and check your web pages.

Let me know how it goes.

#13 paddlegal

paddlegal
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:04:43 AM

Posted 03 February 2013 - 10:14 PM

I uninstalled Chrome after exporting my bookmarks, re-installed Chrome from the home site. When it finished installing it opened by itself 2 tabs of Chrome and this

http://isearch.fantastigames.com/439

url. I'm not going to make you work on a Sunday night. I'll wait until Monday to contact you again.

tysm for your help.

#14 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:43 AM

Posted 03 February 2013 - 10:18 PM

Uninstall google chrome,make sure to checkmark Also delete browsing data option


Did you checkmark the browsing data option?

#15 paddlegal

paddlegal
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:04:43 AM

Posted 03 February 2013 - 10:20 PM

Yes I did. Sorry forgot to tell you.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users