Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

lower right and left pop ups with redirects


  • Please log in to reply
9 replies to this topic

#1 rbblb

rbblb

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:05:40 AM

Posted 22 February 2013 - 08:29 AM

Hello,

 

I get pop ups and redirects in both chrome and IE.  I suspect malware.  Any help would be appreciated.   I see on a separate topic that is now closed that the following logs seem to be required to diagnose the problem (TDSSKiller/awsMBR/mini Toolbox).  So here you go.

 

TDSSKILLER:

 

04:57:44.0581 4692  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
04:57:45.0117 4692  ============================================================
04:57:45.0117 4692  Current date / time: 2013/02/22 04:57:45.0117
04:57:45.0117 4692  SystemInfo:
04:57:45.0117 4692  
04:57:45.0117 4692  OS Version: 6.1.7601 ServicePack: 1.0
04:57:45.0117 4692  Product type: Workstation
04:57:45.0117 4692  ComputerName: BFAMILY-PC
04:57:45.0117 4692  UserName: BFamily
04:57:45.0117 4692  Windows directory: C:\Windows
04:57:45.0118 4692  System windows directory: C:\Windows
04:57:45.0118 4692  Running under WOW64
04:57:45.0118 4692  Processor architecture: Intel x64
04:57:45.0118 4692  Number of processors: 4
04:57:45.0118 4692  Page size: 0x1000
04:57:45.0118 4692  Boot type: Normal boot
04:57:45.0118 4692  ============================================================
04:57:45.0608 4692  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
04:57:45.0657 4692  ============================================================
04:57:45.0657 4692  \Device\Harddisk0\DR0:
04:57:45.0658 4692  MBR partitions:
04:57:45.0658 4692  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1B58800, BlocksNum 0x32000
04:57:45.0658 4692  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1B8A800, BlocksNum 0x72B7BDB0
04:57:45.0658 4692  ============================================================
04:57:45.0698 4692  C: <-> \Device\Harddisk0\DR0\Partition2
04:57:45.0699 4692  ============================================================
04:57:45.0699 4692  Initialize success
04:57:45.0699 4692  ============================================================
04:58:25.0826 4596  ============================================================
04:58:25.0826 4596  Scan started
04:58:25.0826 4596  Mode: Manual; TDLFS; 
04:58:25.0826 4596  ============================================================
04:58:26.0948 4596  ================ Scan system memory ========================
04:58:26.0948 4596  System memory - ok
04:58:26.0948 4596  ================ Scan services =============================
04:58:27.0075 4596  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
04:58:27.0079 4596  1394ohci - ok
04:58:27.0112 4596  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
04:58:27.0116 4596  ACPI - ok
04:58:27.0148 4596  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
04:58:27.0150 4596  AcpiPmi - ok
04:58:27.0250 4596  [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
04:58:27.0251 4596  AdobeARMservice - ok
04:58:27.0360 4596  [ EC807244904FA170C299AB06D87FBDBE ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
04:58:27.0363 4596  AdobeFlashPlayerUpdateSvc - ok
04:58:27.0397 4596  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
04:58:27.0403 4596  adp94xx - ok
04:58:27.0424 4596  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
04:58:27.0429 4596  adpahci - ok
04:58:27.0449 4596  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
04:58:27.0452 4596  adpu320 - ok
04:58:27.0477 4596  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
04:58:27.0478 4596  AeLookupSvc - ok
04:58:27.0523 4596  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
04:58:27.0528 4596  AFD - ok
04:58:27.0569 4596  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
04:58:27.0571 4596  agp440 - ok
04:58:27.0589 4596  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
04:58:27.0591 4596  ALG - ok
04:58:27.0617 4596  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
04:58:27.0618 4596  aliide - ok
04:58:27.0731 4596  [ FF6F0F6A2D72065AE4300426FA414693 ] Amazon Download Agent C:\Program Files (x86)\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderService.exe
04:58:27.0736 4596  Amazon Download Agent - ok
04:58:27.0758 4596  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
04:58:27.0759 4596  amdide - ok
04:58:27.0764 4596  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
04:58:27.0767 4596  AmdK8 - ok
04:58:27.0786 4596  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
04:58:27.0788 4596  AmdPPM - ok
04:58:27.0818 4596  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
04:58:27.0820 4596  amdsata - ok
04:58:27.0839 4596  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
04:58:27.0843 4596  amdsbs - ok
04:58:27.0862 4596  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
04:58:27.0863 4596  amdxata - ok
04:58:27.0895 4596  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
04:58:27.0897 4596  AppID - ok
04:58:27.0914 4596  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
04:58:27.0916 4596  AppIDSvc - ok
04:58:27.0953 4596  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo         C:\Windows\System32\appinfo.dll
04:58:27.0954 4596  Appinfo - ok
04:58:28.0013 4596  [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
04:58:28.0014 4596  Apple Mobile Device - ok
04:58:28.0071 4596  [ 0E029912E4F9886B9190F59E72EAE96D ] Application Updater C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
04:58:28.0080 4596  Application Updater - ok
04:58:28.0095 4596  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys
04:58:28.0097 4596  arc - ok
04:58:28.0102 4596  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
04:58:28.0104 4596  arcsas - ok
04:58:28.0132 4596  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
04:58:28.0134 4596  AsyncMac - ok
04:58:28.0183 4596  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
04:58:28.0183 4596  atapi - ok
04:58:28.0230 4596  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
04:58:28.0238 4596  AudioEndpointBuilder - ok
04:58:28.0250 4596  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
04:58:28.0255 4596  AudioSrv - ok
04:58:28.0425 4596  [ 4AFC14AFA58878FAA1D249E7E90EA54B ] AVGIDSAgent     C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
04:58:28.0566 4596  AVGIDSAgent - ok
04:58:28.0607 4596  [ 388056EBD5FE6718FE669078DBE37897 ] AVGIDSDriver    C:\Windows\system32\DRIVERS\avgidsdrivera.sys
04:58:28.0610 4596  AVGIDSDriver - ok
04:58:28.0667 4596  [ 550E981747D6A6C55078C77346FFC2C6 ] AVGIDSHA        C:\Windows\system32\DRIVERS\avgidsha.sys
04:58:28.0668 4596  AVGIDSHA - ok
04:58:28.0704 4596  [ 5989592A91A17587799792A81E1541D4 ] Avgldx64        C:\Windows\system32\DRIVERS\avgldx64.sys
04:58:28.0707 4596  Avgldx64 - ok
04:58:28.0760 4596  [ 3FC43AA02545FCDDC22817829114DEC8 ] Avgloga         C:\Windows\system32\DRIVERS\avgloga.sys
04:58:28.0763 4596  Avgloga - ok
04:58:28.0783 4596  [ 841C40C193889730848849AC220D9242 ] Avgmfx64        C:\Windows\system32\DRIVERS\avgmfx64.sys
04:58:28.0785 4596  Avgmfx64 - ok
04:58:28.0801 4596  [ FE4F444DBE4BBBDFD8FECF49398DEFC7 ] Avgrkx64        C:\Windows\system32\DRIVERS\avgrkx64.sys
04:58:28.0803 4596  Avgrkx64 - ok
04:58:28.0819 4596  [ 6E634525613D48A1D1657FB21F21F3B2 ] Avgtdia         C:\Windows\system32\DRIVERS\avgtdia.sys
04:58:28.0822 4596  Avgtdia - ok
04:58:28.0857 4596  [ 4C05242DC361A217223E9B8EC2B3A76B ] avgtp           C:\Windows\system32\drivers\avgtpx64.sys
04:58:28.0858 4596  avgtp - ok
04:58:28.0885 4596  [ 6B72E1E329C4E98C6B6FDD2D265E3BA3 ] avgwd           C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
04:58:28.0887 4596  avgwd - ok
04:58:28.0927 4596  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
04:58:28.0929 4596  AxInstSV - ok
04:58:28.0965 4596  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
04:58:28.0971 4596  b06bdrv - ok
04:58:29.0001 4596  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
04:58:29.0005 4596  b57nd60a - ok
04:58:29.0039 4596  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
04:58:29.0042 4596  BDESVC - ok
04:58:29.0050 4596  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
04:58:29.0051 4596  Beep - ok
04:58:29.0113 4596  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
04:58:29.0121 4596  BFE - ok
04:58:29.0180 4596  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
04:58:29.0221 4596  BITS - ok
04:58:29.0243 4596  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
04:58:29.0245 4596  blbdrive - ok
04:58:29.0330 4596  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
04:58:29.0335 4596  Bonjour Service - ok
04:58:29.0368 4596  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
04:58:29.0370 4596  bowser - ok
04:58:29.0398 4596  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
04:58:29.0400 4596  BrFiltLo - ok
04:58:29.0404 4596  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
04:58:29.0406 4596  BrFiltUp - ok
04:58:29.0436 4596  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
04:58:29.0439 4596  Browser - ok
04:58:29.0486 4596  [ E5E9B1625A767CEB6F319C12D33EAB78 ] BrSerIb         C:\Windows\system32\DRIVERS\BrSerIb.sys
04:58:29.0490 4596  BrSerIb - ok
04:58:29.0498 4596  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
04:58:29.0502 4596  Brserid - ok
04:58:29.0507 4596  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
04:58:29.0509 4596  BrSerWdm - ok
04:58:29.0514 4596  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
04:58:29.0516 4596  BrUsbMdm - ok
04:58:29.0521 4596  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
04:58:29.0522 4596  BrUsbSer - ok
04:58:29.0551 4596  [ D9F6B30AD93CBD165EC71FADF51DF25E ] BrUsbSIb        C:\Windows\system32\DRIVERS\BrUsbSIb.sys
04:58:29.0552 4596  BrUsbSIb - ok
04:58:29.0598 4596  [ 07DCB3C254D584E3949FE2C0EE3963F2 ] BthAudioHF      C:\Windows\system32\DRIVERS\BthAudioHF.sys
04:58:29.0600 4596  BthAudioHF - ok
04:58:29.0610 4596  [ 832B121E4532919CC49F2438F1DCAA21 ] BthAvrcp        C:\Windows\system32\DRIVERS\BthAvrcp.sys
04:58:29.0612 4596  BthAvrcp - ok
04:58:29.0645 4596  [ CF98190A94F62E405C8CB255018B2315 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
04:58:29.0646 4596  BthEnum - ok
04:58:29.0654 4596  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
04:58:29.0656 4596  BTHMODEM - ok
04:58:29.0694 4596  [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
04:58:29.0696 4596  BthPan - ok
04:58:29.0717 4596  [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
04:58:29.0723 4596  BTHPORT - ok
04:58:29.0760 4596  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
04:58:29.0762 4596  bthserv - ok
04:58:29.0801 4596  [ F188B7394D81010767B6DF3178519A37 ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
04:58:29.0804 4596  BTHUSB - ok
04:58:29.0830 4596  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
04:58:29.0832 4596  cdfs - ok
04:58:29.0871 4596  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
04:58:29.0874 4596  cdrom - ok
04:58:29.0910 4596  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
04:58:29.0912 4596  CertPropSvc - ok
04:58:29.0934 4596  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
04:58:29.0936 4596  circlass - ok
04:58:29.0957 4596  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
04:58:29.0960 4596  CLFS - ok
04:58:30.0042 4596  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
04:58:30.0044 4596  clr_optimization_v2.0.50727_32 - ok
04:58:30.0085 4596  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
04:58:30.0087 4596  clr_optimization_v2.0.50727_64 - ok
04:58:30.0144 4596  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
04:58:30.0146 4596  clr_optimization_v4.0.30319_32 - ok
04:58:30.0187 4596  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
04:58:30.0190 4596  clr_optimization_v4.0.30319_64 - ok
04:58:30.0205 4596  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
04:58:30.0207 4596  CmBatt - ok
04:58:30.0256 4596  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
04:58:30.0257 4596  cmdide - ok
04:58:30.0300 4596  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
04:58:30.0305 4596  CNG - ok
04:58:30.0320 4596  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
04:58:30.0322 4596  Compbatt - ok
04:58:30.0349 4596  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
04:58:30.0351 4596  CompositeBus - ok
04:58:30.0356 4596  COMSysApp - ok
04:58:30.0371 4596  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
04:58:30.0372 4596  crcdisk - ok
04:58:30.0414 4596  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
04:58:30.0417 4596  CryptSvc - ok
04:58:30.0458 4596  [ DF07C6D98BA7F81D0571E366B1CD6672 ] csr_a2dp        C:\Windows\system32\drivers\bthav.sys
04:58:30.0460 4596  csr_a2dp - ok
04:58:30.0491 4596  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
04:58:30.0498 4596  DcomLaunch - ok
04:58:30.0530 4596  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
04:58:30.0534 4596  defragsvc - ok
04:58:30.0585 4596  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
04:58:30.0587 4596  DfsC - ok
04:58:30.0630 4596  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
04:58:30.0634 4596  Dhcp - ok
04:58:30.0674 4596  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
04:58:30.0675 4596  discache - ok
04:58:30.0697 4596  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
04:58:30.0698 4596  Disk - ok
04:58:30.0734 4596  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
04:58:30.0737 4596  Dnscache - ok
04:58:30.0773 4596  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
04:58:30.0776 4596  dot3svc - ok
04:58:30.0820 4596  [ B42ED0320C6E41102FDE0005154849BB ] Dot4            C:\Windows\system32\DRIVERS\Dot4.sys
04:58:30.0823 4596  Dot4 - ok
04:58:30.0862 4596  [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print       C:\Windows\system32\drivers\Dot4Prt.sys
04:58:30.0864 4596  Dot4Print - ok
04:58:30.0877 4596  [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys
04:58:30.0879 4596  dot4usb - ok
04:58:30.0906 4596  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
04:58:30.0909 4596  DPS - ok
04:58:30.0923 4596  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
04:58:30.0925 4596  drmkaud - ok
04:58:30.0970 4596  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
04:58:30.0981 4596  DXGKrnl - ok
04:58:31.0006 4596  [ 50AD8FC1DC800FF36087994C8F7FDFF2 ] e1yexpress      C:\Windows\system32\DRIVERS\e1y60x64.sys
04:58:31.0010 4596  e1yexpress - ok
04:58:31.0053 4596  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
04:58:31.0055 4596  EapHost - ok
04:58:31.0129 4596  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
04:58:31.0198 4596  ebdrv - ok
04:58:31.0235 4596  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
04:58:31.0237 4596  EFS - ok
04:58:31.0277 4596  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
04:58:31.0301 4596  ehRecvr - ok
04:58:31.0321 4596  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
04:58:31.0324 4596  ehSched - ok
04:58:31.0353 4596  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
04:58:31.0360 4596  elxstor - ok
04:58:31.0406 4596  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
04:58:31.0408 4596  ErrDev - ok
04:58:31.0449 4596  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
04:58:31.0454 4596  EventSystem - ok
04:58:31.0490 4596  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
04:58:31.0493 4596  exfat - ok
04:58:31.0515 4596  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
04:58:31.0518 4596  fastfat - ok
04:58:31.0562 4596  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
04:58:31.0571 4596  Fax - ok
04:58:31.0576 4596  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
04:58:31.0578 4596  fdc - ok
04:58:31.0622 4596  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
04:58:31.0623 4596  fdPHost - ok
04:58:31.0635 4596  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
04:58:31.0636 4596  FDResPub - ok
04:58:31.0648 4596  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
04:58:31.0650 4596  FileInfo - ok
04:58:31.0666 4596  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
04:58:31.0668 4596  Filetrace - ok
04:58:31.0673 4596  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
04:58:31.0675 4596  flpydisk - ok
04:58:31.0712 4596  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
04:58:31.0716 4596  FltMgr - ok
04:58:31.0771 4596  [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache       C:\Windows\system32\FntCache.dll
04:58:31.0784 4596  FontCache - ok
04:58:31.0838 4596  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
04:58:31.0840 4596  FontCache3.0.0.0 - ok
04:58:31.0861 4596  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
04:58:31.0863 4596  FsDepends - ok
04:58:31.0899 4596  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
04:58:31.0900 4596  Fs_Rec - ok
04:58:31.0935 4596  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
04:58:31.0937 4596  fvevol - ok
04:58:31.0960 4596  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
04:58:31.0962 4596  gagp30kx - ok
04:58:32.0011 4596  [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
04:58:32.0013 4596  GEARAspiWDM - ok
04:58:32.0046 4596  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
04:58:32.0056 4596  gpsvc - ok
04:58:32.0126 4596  [ 816FD5A6F3C2F3D600900096632FC60E ] Greg_Service    C:\Program Files (x86)\Gateway\Registration\GregHSRW.exe
04:58:32.0139 4596  Greg_Service - ok
04:58:32.0330 4596  [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
04:58:32.0332 4596  gupdate - ok
04:58:32.0360 4596  [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
04:58:32.0362 4596  gupdatem - ok
04:58:32.0431 4596  [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
04:58:32.0434 4596  gusvc - ok
04:58:32.0460 4596  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
04:58:32.0462 4596  hcw85cir - ok
04:58:32.0577 4596  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
04:58:32.0582 4596  HdAudAddService - ok
04:58:32.0678 4596  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
04:58:32.0680 4596  HDAudBus - ok
04:58:32.0858 4596  [ EE8C05F926521A0E24EDAF40F45D01E6 ] HFGService      C:\Windows\System32\HFGService.dll
04:58:32.0864 4596  HFGService - ok
04:58:32.0881 4596  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
04:58:32.0883 4596  HidBatt - ok
04:58:32.0889 4596  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
04:58:32.0891 4596  HidBth - ok
04:58:32.0896 4596  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
04:58:32.0898 4596  HidIr - ok
04:58:32.0933 4596  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
04:58:32.0935 4596  hidserv - ok
04:58:32.0969 4596  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
04:58:32.0971 4596  HidUsb - ok
04:58:33.0011 4596  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
04:58:33.0014 4596  hkmsvc - ok
04:58:33.0051 4596  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
04:58:33.0055 4596  HomeGroupListener - ok
04:58:33.0083 4596  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
04:58:33.0087 4596  HomeGroupProvider - ok
04:58:33.0099 4596  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
04:58:33.0101 4596  HpSAMD - ok
04:58:33.0143 4596  [ CF44B25AE808765D7308F412AD492DDB ] HTCAND64        C:\Windows\system32\Drivers\ANDROIDUSB.sys
04:58:33.0145 4596  HTCAND64 - ok
04:58:33.0199 4596  [ B8B1B284362E1D8135112573395D5DA5 ] htcnprot        C:\Windows\system32\DRIVERS\htcnprot.sys
04:58:33.0201 4596  htcnprot - ok
04:58:33.0253 4596  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
04:58:33.0261 4596  HTTP - ok
04:58:33.0289 4596  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
04:58:33.0290 4596  hwpolicy - ok
04:58:33.0316 4596  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
04:58:33.0318 4596  i8042prt - ok
04:58:33.0377 4596  [ 7548066DF68A8A1A56B043359F915F37 ] IAANTMON        C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
04:58:33.0381 4596  IAANTMON - ok
04:58:33.0397 4596  [ 1D004CB1DA6323B1F55CAEF7F94B61D9 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
04:58:33.0400 4596  iaStor - ok
04:58:33.0437 4596  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
04:58:33.0442 4596  iaStorV - ok
04:58:33.0501 4596  [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
04:58:33.0526 4596  IDriverT - ok
04:58:33.0561 4596  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
04:58:33.0571 4596  idsvc - ok
04:58:33.0817 4596  [ C6238C6ABD6AC99F5D152DA4E9439A3D ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
04:58:34.0019 4596  igfx - ok
04:58:34.0051 4596  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
04:58:34.0053 4596  iirsp - ok
04:58:34.0093 4596  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
04:58:34.0103 4596  IKEEXT - ok
04:58:34.0159 4596  [ BC64B75E8E0A0B8982AB773483164E72 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
04:58:34.0205 4596  IntcAzAudAddService - ok
04:58:34.0261 4596  [ D485D3BD3E2179AA86853A182F70699F ] IntcHdmiAddService C:\Windows\system32\drivers\IntcHdmi.sys
04:58:34.0264 4596  IntcHdmiAddService - ok
04:58:34.0302 4596  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
04:58:34.0303 4596  intelide - ok
04:58:34.0319 4596  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
04:58:34.0321 4596  intelppm - ok
04:58:34.0352 4596  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
04:58:34.0354 4596  IPBusEnum - ok
04:58:34.0393 4596  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
04:58:34.0395 4596  IpFilterDriver - ok
04:58:34.0436 4596  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
04:58:34.0443 4596  iphlpsvc - ok
04:58:34.0473 4596  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
04:58:34.0475 4596  IPMIDRV - ok
04:58:34.0496 4596  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
04:58:34.0499 4596  IPNAT - ok
04:58:34.0563 4596  [ 0F261EC4F514926177C70C1832374231 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
04:58:34.0570 4596  iPod Service - ok
04:58:34.0587 4596  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
04:58:34.0589 4596  IRENUM - ok
04:58:34.0622 4596  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
04:58:34.0623 4596  isapnp - ok
04:58:34.0657 4596  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
04:58:34.0661 4596  iScsiPrt - ok
04:58:34.0694 4596  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
04:58:34.0696 4596  kbdclass - ok
04:58:34.0736 4596  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
04:58:34.0738 4596  kbdhid - ok
04:58:34.0757 4596  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
04:58:34.0758 4596  KeyIso - ok
04:58:34.0797 4596  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
04:58:34.0799 4596  KSecDD - ok
04:58:34.0833 4596  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
04:58:34.0835 4596  KSecPkg - ok
04:58:34.0852 4596  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
04:58:34.0854 4596  ksthunk - ok
04:58:34.0877 4596  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
04:58:34.0883 4596  KtmRm - ok
04:58:34.0914 4596  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
04:58:34.0918 4596  LanmanServer - ok
04:58:34.0957 4596  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
04:58:34.0961 4596  LanmanWorkstation - ok
04:58:34.0989 4596  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
04:58:34.0991 4596  lltdio - ok
04:58:35.0013 4596  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
04:58:35.0018 4596  lltdsvc - ok
04:58:35.0034 4596  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
04:58:35.0036 4596  lmhosts - ok
04:58:35.0061 4596  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
04:58:35.0063 4596  LSI_FC - ok
04:58:35.0069 4596  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
04:58:35.0071 4596  LSI_SAS - ok
04:58:35.0077 4596  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
04:58:35.0079 4596  LSI_SAS2 - ok
04:58:35.0085 4596  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
04:58:35.0087 4596  LSI_SCSI - ok
04:58:35.0112 4596  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
04:58:35.0114 4596  luafv - ok
04:58:35.0137 4596  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
04:58:35.0140 4596  Mcx2Svc - ok
04:58:35.0145 4596  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
04:58:35.0147 4596  megasas - ok
04:58:35.0157 4596  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
04:58:35.0161 4596  MegaSR - ok
04:58:35.0174 4596  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
04:58:35.0177 4596  MMCSS - ok
04:58:35.0190 4596  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
04:58:35.0192 4596  Modem - ok
04:58:35.0217 4596  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
04:58:35.0218 4596  monitor - ok
04:58:35.0250 4596  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
04:58:35.0252 4596  mouclass - ok
04:58:35.0257 4596  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
04:58:35.0259 4596  mouhid - ok
04:58:35.0282 4596  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
04:58:35.0283 4596  mountmgr - ok
04:58:35.0314 4596  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
04:58:35.0317 4596  mpio - ok
04:58:35.0338 4596  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
04:58:35.0340 4596  mpsdrv - ok
04:58:35.0377 4596  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
04:58:35.0387 4596  MpsSvc - ok
04:58:35.0414 4596  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
04:58:35.0417 4596  MRxDAV - ok
04:58:35.0452 4596  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
04:58:35.0454 4596  mrxsmb - ok
04:58:35.0481 4596  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
04:58:35.0484 4596  mrxsmb10 - ok
04:58:35.0498 4596  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
04:58:35.0500 4596  mrxsmb20 - ok
04:58:35.0526 4596  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
04:58:35.0528 4596  msahci - ok
04:58:35.0571 4596  [ 023E10227D83B47D3B72C9FFCD323704 ] MSCamSvc        C:\Program Files\Microsoft LifeCam\MSCamS64.exe
04:58:35.0573 4596  MSCamSvc - ok
04:58:35.0586 4596  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
04:58:35.0589 4596  msdsm - ok
04:58:35.0602 4596  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
04:58:35.0605 4596  MSDTC - ok
04:58:35.0626 4596  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
04:58:35.0627 4596  Msfs - ok
04:58:35.0634 4596  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
04:58:35.0636 4596  mshidkmdf - ok
04:58:35.0677 4596  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
04:58:35.0678 4596  msisadrv - ok
04:58:35.0715 4596  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
04:58:35.0719 4596  MSiSCSI - ok
04:58:35.0723 4596  msiserver - ok
04:58:35.0749 4596  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
04:58:35.0751 4596  MSKSSRV - ok
04:58:35.0777 4596  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
04:58:35.0778 4596  MSPCLOCK - ok
04:58:35.0783 4596  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
04:58:35.0784 4596  MSPQM - ok
04:58:35.0819 4596  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
04:58:35.0824 4596  MsRPC - ok
04:58:35.0841 4596  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
04:58:35.0843 4596  mssmbios - ok
04:58:35.0861 4596  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
04:58:35.0863 4596  MSTEE - ok
04:58:35.0876 4596  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
04:58:35.0878 4596  MTConfig - ok
04:58:35.0905 4596  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
04:58:35.0906 4596  Mup - ok
04:58:35.0939 4596  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
04:58:35.0945 4596  napagent - ok
04:58:35.0966 4596  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
04:58:35.0970 4596  NativeWifiP - ok
04:58:36.0039 4596  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
04:58:36.0050 4596  NDIS - ok
04:58:36.0061 4596  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
04:58:36.0063 4596  NdisCap - ok
04:58:36.0076 4596  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
04:58:36.0078 4596  NdisTapi - ok
04:58:36.0101 4596  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
04:58:36.0103 4596  Ndisuio - ok
04:58:36.0136 4596  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
04:58:36.0139 4596  NdisWan - ok
04:58:36.0171 4596  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
04:58:36.0173 4596  NDProxy - ok
04:58:36.0235 4596  [ B90E093E7A7250906F1054418B5339C0 ] Nero BackItUp Scheduler 4.0 C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
04:58:36.0246 4596  Nero BackItUp Scheduler 4.0 - ok
04:58:36.0297 4596  [ 2334DC48997BA203B794DF3EE70521DB ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
04:58:36.0309 4596  Net Driver HPZ12 - ok
04:58:36.0326 4596  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
04:58:36.0327 4596  NetBIOS - ok
04:58:36.0374 4596  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
04:58:36.0377 4596  NetBT - ok
04:58:36.0390 4596  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
04:58:36.0392 4596  Netlogon - ok
04:58:36.0436 4596  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
04:58:36.0442 4596  Netman - ok
04:58:36.0458 4596  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
04:58:36.0464 4596  netprofm - ok
04:58:36.0495 4596  [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
04:58:36.0497 4596  NetTcpPortSharing - ok
04:58:36.0516 4596  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
04:58:36.0518 4596  nfrd960 - ok
04:58:36.0538 4596  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
04:58:36.0544 4596  NlaSvc - ok
04:58:36.0560 4596  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
04:58:36.0562 4596  Npfs - ok
04:58:36.0577 4596  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
04:58:36.0579 4596  nsi - ok
04:58:36.0589 4596  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
04:58:36.0590 4596  nsiproxy - ok
04:58:36.0643 4596  [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
04:58:36.0682 4596  Ntfs - ok
04:58:36.0716 4596  [ BD691091AC7D9713D8F0B07C6B099E6C ] NTI IScheduleSvc C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exe
04:58:36.0717 4596  NTI IScheduleSvc - ok
04:58:36.0725 4596  [ 64DDD0DEE976302F4BD93E5EFCC2F013 ] NTIDrvr         C:\Windows\system32\drivers\NTIDrvr.sys
04:58:36.0727 4596  NTIDrvr - ok
04:58:36.0759 4596  [ 13A1CCB48C64EE9B75CFBA77EC3E5721 ] NT_NvcA         C:\Windows\system32\DRIVERS\ntnvca.sys
04:58:36.0760 4596  NT_NvcA - ok
04:58:36.0774 4596  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
04:58:36.0776 4596  Null - ok
04:58:36.0849 4596  [ E7BE0669645CAC693CA12D767DB50E23 ] NvcSvcMgr       C:\Program Files (x86)\Nortel\Nortel VPN Client\NvcSvcMgr.exe
04:58:36.0856 4596  NvcSvcMgr - ok
04:58:36.0890 4596  [ 06DE0AE24D9CF7E8B675BA1EB6A2F7CF ] nvcwfpco        C:\Windows\system32\DRIVERS\nvcwfpco.sys
04:58:36.0902 4596  nvcwfpco - ok
04:58:36.0923 4596  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
04:58:36.0926 4596  nvraid - ok
04:58:36.0953 4596  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
04:58:36.0955 4596  nvstor - ok
04:58:36.0993 4596  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
04:58:36.0995 4596  nv_agp - ok
04:58:37.0033 4596  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
04:58:37.0035 4596  ohci1394 - ok
04:58:37.0108 4596  [ 4965B005492CBA7719E82B71E3245495 ] ose64           C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
04:58:37.0111 4596  ose64 - ok
04:58:37.0227 4596  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
04:58:37.0341 4596  osppsvc - ok
04:58:37.0373 4596  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
04:58:37.0377 4596  p2pimsvc - ok
04:58:37.0401 4596  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
04:58:37.0407 4596  p2psvc - ok
04:58:37.0422 4596  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
04:58:37.0425 4596  Parport - ok
04:58:37.0449 4596  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
04:58:37.0451 4596  partmgr - ok
04:58:37.0511 4596  [ AFADA8B97BE3C9398DC6C770409C3544 ] PassThru Service C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
04:58:37.0512 4596  PassThru Service - ok
04:58:37.0524 4596  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
04:58:37.0528 4596  PcaSvc - ok
04:58:37.0542 4596  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
04:58:37.0544 4596  pci - ok
04:58:37.0580 4596  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
04:58:37.0582 4596  pciide - ok
04:58:37.0600 4596  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
04:58:37.0604 4596  pcmcia - ok
04:58:37.0615 4596  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
04:58:37.0616 4596  pcw - ok
04:58:37.0635 4596  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
04:58:37.0643 4596  PEAUTH - ok
04:58:37.0711 4596  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
04:58:37.0713 4596  PerfHost - ok
04:58:37.0773 4596  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
04:58:37.0797 4596  pla - ok
04:58:37.0846 4596  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
04:58:37.0853 4596  PlugPlay - ok
04:58:37.0911 4596  [ AC78DF349F0E4CFB8B667C0CFFF83CCE ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
04:58:37.0922 4596  Pml Driver HPZ12 - ok
04:58:37.0967 4596  [ 8AC5649C9070674D4607301C180AB10B ] pneteth         C:\Windows\system32\DRIVERS\pneteth.sys
04:58:38.0006 4596  pneteth - ok
04:58:38.0045 4596  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
04:58:38.0048 4596  PNRPAutoReg - ok
04:58:38.0062 4596  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
04:58:38.0065 4596  PNRPsvc - ok
04:58:38.0093 4596  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
04:58:38.0099 4596  PolicyAgent - ok
04:58:38.0120 4596  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
04:58:38.0124 4596  Power - ok
04:58:38.0157 4596  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
04:58:38.0159 4596  PptpMiniport - ok
04:58:38.0180 4596  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys
04:58:38.0182 4596  Processor - ok
04:58:38.0226 4596  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
04:58:38.0230 4596  ProfSvc - ok
04:58:38.0235 4596  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
04:58:38.0237 4596  ProtectedStorage - ok
04:58:38.0285 4596  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
04:58:38.0287 4596  Psched - ok
04:58:38.0328 4596  [ 46851BC18322DA70F3F2299A1007C479 ] PxHlpa64        C:\Windows\system32\Drivers\PxHlpa64.sys
04:58:38.0330 4596  PxHlpa64 - ok
04:58:38.0370 4596  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
04:58:38.0391 4596  ql2300 - ok
04:58:38.0398 4596  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
04:58:38.0400 4596  ql40xx - ok
04:58:38.0415 4596  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
04:58:38.0420 4596  QWAVE - ok
04:58:38.0434 4596  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
04:58:38.0436 4596  QWAVEdrv - ok
04:58:38.0446 4596  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
04:58:38.0448 4596  RasAcd - ok
04:58:38.0474 4596  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
04:58:38.0476 4596  RasAgileVpn - ok
04:58:38.0485 4596  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
04:58:38.0489 4596  RasAuto - ok
04:58:38.0521 4596  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
04:58:38.0524 4596  Rasl2tp - ok
04:58:38.0556 4596  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
04:58:38.0562 4596  RasMan - ok
04:58:38.0568 4596  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
04:58:38.0571 4596  RasPppoe - ok
04:58:38.0585 4596  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
04:58:38.0587 4596  RasSstp - ok
04:58:38.0625 4596  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
04:58:38.0628 4596  rdbss - ok
04:58:38.0646 4596  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
04:58:38.0648 4596  rdpbus - ok
04:58:38.0661 4596  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
04:58:38.0662 4596  RDPCDD - ok
04:58:38.0686 4596  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
04:58:38.0687 4596  RDPENCDD - ok
04:58:38.0702 4596  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
04:58:38.0703 4596  RDPREFMP - ok
04:58:38.0740 4596  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
04:58:38.0743 4596  RDPWD - ok
04:58:38.0802 4596  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
04:58:38.0805 4596  rdyboost - ok
04:58:38.0818 4596  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
04:58:38.0822 4596  RemoteAccess - ok
04:58:38.0841 4596  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
04:58:38.0845 4596  RemoteRegistry - ok
04:58:38.0883 4596  [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
04:58:38.0886 4596  RFCOMM - ok
04:58:38.0910 4596  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
04:58:38.0913 4596  RpcEptMapper - ok
04:58:38.0942 4596  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
04:58:38.0945 4596  RpcLocator - ok
04:58:38.0979 4596  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
04:58:38.0984 4596  RpcSs - ok
04:58:39.0006 4596  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
04:58:39.0008 4596  rspndr - ok
04:58:39.0023 4596  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
04:58:39.0025 4596  SamSs - ok
04:58:39.0055 4596  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
04:58:39.0057 4596  sbp2port - ok
04:58:39.0071 4596  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
04:58:39.0076 4596  SCardSvr - ok
04:58:39.0113 4596  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
04:58:39.0114 4596  scfilter - ok
04:58:39.0157 4596  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
04:58:39.0171 4596  Schedule - ok
04:58:39.0209 4596  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
04:58:39.0211 4596  SCPolicySvc - ok
04:58:39.0249 4596  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
04:58:39.0253 4596  SDRSVC - ok
04:58:39.0268 4596  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
04:58:39.0270 4596  secdrv - ok
04:58:39.0303 4596  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
04:58:39.0306 4596  seclogon - ok
04:58:39.0322 4596  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
04:58:39.0326 4596  SENS - ok
04:58:39.0337 4596  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
04:58:39.0341 4596  SensrSvc - ok
04:58:39.0362 4596  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
04:58:39.0364 4596  Serenum - ok
04:58:39.0369 4596  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
04:58:39.0372 4596  Serial - ok
04:58:39.0394 4596  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
04:58:39.0396 4596  sermouse - ok
04:58:39.0444 4596  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
04:58:39.0448 4596  SessionEnv - ok
04:58:39.0473 4596  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
04:58:39.0474 4596  sffdisk - ok
04:58:39.0490 4596  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
04:58:39.0491 4596  sffp_mmc - ok
04:58:39.0508 4596  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
04:58:39.0510 4596  sffp_sd - ok
04:58:39.0514 4596  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
04:58:39.0517 4596  sfloppy - ok
04:58:39.0541 4596  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
04:58:39.0547 4596  SharedAccess - ok
04:58:39.0583 4596  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
04:58:39.0589 4596  ShellHWDetection - ok
04:58:39.0608 4596  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
04:58:39.0609 4596  SiSRaid2 - ok
04:58:39.0615 4596  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
04:58:39.0617 4596  SiSRaid4 - ok
04:58:39.0643 4596  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
04:58:39.0645 4596  Smb - ok
04:58:39.0678 4596  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
04:58:39.0681 4596  SNMPTRAP - ok
04:58:39.0691 4596  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
04:58:39.0691 4596  spldr - ok
04:58:39.0728 4596  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
04:58:39.0737 4596  Spooler - ok
04:58:39.0832 4596  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
04:58:39.0901 4596  sppsvc - ok
04:58:39.0916 4596  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
04:58:39.0919 4596  sppuinotify - ok
04:58:39.0966 4596  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
04:58:39.0971 4596  srv - ok
04:58:40.0005 4596  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
04:58:40.0010 4596  srv2 - ok
04:58:40.0027 4596  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
04:58:40.0029 4596  srvnet - ok
04:58:40.0050 4596  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
04:58:40.0054 4596  SSDPSRV - ok
04:58:40.0067 4596  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
04:58:40.0071 4596  SstpSvc - ok
04:58:40.0089 4596  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
04:58:40.0091 4596  stexstor - ok
04:58:40.0137 4596  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
04:58:40.0146 4596  stisvc - ok
04:58:40.0178 4596  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
04:58:40.0179 4596  swenum - ok
04:58:40.0199 4596  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
04:58:40.0206 4596  swprv - ok
04:58:40.0266 4596  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
04:58:40.0308 4596  SysMain - ok
04:58:40.0350 4596  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
04:58:40.0353 4596  TabletInputService - ok
04:58:40.0392 4596  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
04:58:40.0398 4596  TapiSrv - ok
04:58:40.0412 4596  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
04:58:40.0415 4596  TBS - ok
04:58:40.0478 4596  [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
04:58:40.0508 4596  Tcpip - ok
04:58:40.0546 4596  [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
04:58:40.0559 4596  TCPIP6 - ok
04:58:40.0598 4596  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
04:58:40.0599 4596  tcpipreg - ok
04:58:40.0630 4596  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
04:58:40.0632 4596  TDPIPE - ok
04:58:40.0667 4596  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
04:58:40.0669 4596  TDTCP - ok
04:58:40.0709 4596  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
04:58:40.0712 4596  tdx - ok
04:58:40.0720 4596  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
04:58:40.0722 4596  TermDD - ok
04:58:40.0759 4596  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
04:58:40.0768 4596  TermService - ok
04:58:40.0775 4596  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
04:58:40.0778 4596  Themes - ok
04:58:40.0796 4596  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
04:58:40.0798 4596  THREADORDER - ok
04:58:40.0811 4596  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
04:58:40.0814 4596  TrkWks - ok
04:58:40.0865 4596  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
04:58:40.0867 4596  TrustedInstaller - ok
04:58:40.0906 4596  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
04:58:40.0908 4596  tssecsrv - ok
04:58:40.0945 4596  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
04:58:40.0947 4596  TsUsbFlt - ok
04:58:41.0003 4596  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
04:58:41.0005 4596  tunnel - ok
04:58:41.0027 4596  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
04:58:41.0029 4596  uagp35 - ok
04:58:41.0039 4596  [ 2E22C1FD397A5A9FFEF55E9D1FC96C00 ] UBHelper        C:\Windows\system32\drivers\UBHelper.sys
04:58:41.0040 4596  UBHelper - ok
04:58:41.0078 4596  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
04:58:41.0082 4596  udfs - ok
04:58:41.0098 4596  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
04:58:41.0101 4596  UI0Detect - ok
04:58:41.0129 4596  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
04:58:41.0131 4596  uliagpkx - ok
04:58:41.0175 4596  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\drivers\umbus.sys
04:58:41.0177 4596  umbus - ok
04:58:41.0194 4596  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
04:58:41.0196 4596  UmPass - ok
04:58:41.0241 4596  [ 70DDE3A86DBEB1D6C3C30AD687B1877A ] Updater Service C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe
04:58:41.0243 4596  Updater Service - ok
04:58:41.0261 4596  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
04:58:41.0268 4596  upnphost - ok
04:58:41.0313 4596  [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
04:58:41.0315 4596  usbaudio - ok
04:58:41.0323 4596  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
04:58:41.0326 4596  usbccgp - ok
04:58:41.0366 4596  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
04:58:41.0368 4596  usbcir - ok
04:58:41.0382 4596  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
04:58:41.0384 4596  usbehci - ok
04:58:41.0402 4596  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
04:58:41.0407 4596  usbhub - ok
04:58:41.0421 4596  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
04:58:41.0423 4596  usbohci - ok
04:58:41.0454 4596  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
04:58:41.0455 4596  usbprint - ok
04:58:41.0490 4596  [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
04:58:41.0492 4596  usbscan - ok
04:58:41.0508 4596  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
04:58:41.0529 4596  USBSTOR - ok
04:58:41.0550 4596  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
04:58:41.0552 4596  usbuhci - ok
04:58:41.0563 4596  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
04:58:41.0566 4596  UxSms - ok
04:58:41.0578 4596  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
04:58:41.0580 4596  VaultSvc - ok
04:58:41.0596 4596  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
04:58:41.0597 4596  vdrvroot - ok
04:58:41.0633 4596  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
04:58:41.0641 4596  vds - ok
04:58:41.0659 4596  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
04:58:41.0660 4596  vga - ok
04:58:41.0676 4596  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
04:58:41.0678 4596  VgaSave - ok
04:58:41.0692 4596  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
04:58:41.0695 4596  vhdmp - ok
04:58:41.0726 4596  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
04:58:41.0728 4596  viaide - ok
04:58:41.0741 4596  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
04:58:41.0743 4596  volmgr - ok
04:58:41.0779 4596  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
04:58:41.0783 4596  volmgrx - ok
04:58:41.0801 4596  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
04:58:41.0804 4596  volsnap - ok
04:58:41.0828 4596  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
04:58:41.0831 4596  vsmraid - ok
04:58:41.0892 4596  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
04:58:41.0937 4596  VSS - ok
04:58:42.0055 4596  [ 3AD1E72748978D8B0B3B674741E4C3E2 ] vToolbarUpdater14.2.0 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe
04:58:42.0065 4596  vToolbarUpdater14.2.0 - ok
04:58:42.0084 4596  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
04:58:42.0085 4596  vwifibus - ok
04:58:42.0155 4596  [ E13B31E0ADA64CF1513D993F436CA39D ] VX3000          C:\Windows\system32\DRIVERS\VX3000.sys
04:58:42.0198 4596  VX3000 - ok
04:58:42.0237 4596  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
04:58:42.0244 4596  W32Time - ok
04:58:42.0251 4596  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
04:58:42.0253 4596  WacomPen - ok
04:58:42.0292 4596  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
04:58:42.0294 4596  WANARP - ok
04:58:42.0299 4596  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
04:58:42.0300 4596  Wanarpv6 - ok
04:58:42.0359 4596  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
04:58:42.0372 4596  WatAdminSvc - ok
04:58:42.0421 4596  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
04:58:42.0477 4596  wbengine - ok
04:58:42.0489 4596  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
04:58:42.0494 4596  WbioSrvc - ok
04:58:42.0529 4596  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
04:58:42.0535 4596  wcncsvc - ok
04:58:42.0544 4596  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
04:58:42.0548 4596  WcsPlugInService - ok
04:58:42.0552 4596  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
04:58:42.0554 4596  Wd - ok
04:58:42.0592 4596  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
04:58:42.0600 4596  Wdf01000 - ok
04:58:42.0610 4596  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
04:58:42.0614 4596  WdiServiceHost - ok
04:58:42.0618 4596  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
04:58:42.0621 4596  WdiSystemHost - ok
04:58:42.0649 4596  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
04:58:42.0655 4596  WebClient - ok
04:58:42.0669 4596  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
04:58:42.0675 4596  Wecsvc - ok
04:58:42.0684 4596  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
04:58:42.0688 4596  wercplsupport - ok
04:58:42.0720 4596  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
04:58:42.0723 4596  WerSvc - ok
04:58:42.0735 4596  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
04:58:42.0736 4596  WfpLwf - ok
04:58:42.0746 4596  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
04:58:42.0748 4596  WIMMount - ok
04:58:42.0768 4596  WinDefend - ok
04:58:42.0774 4596  WinHttpAutoProxySvc - ok
04:58:42.0832 4596  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
04:58:42.0835 4596  Winmgmt - ok
04:58:42.0897 4596  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
04:58:42.0940 4596  WinRM - ok
04:58:42.0974 4596  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
04:58:42.0976 4596  WinUsb - ok
04:58:43.0011 4596  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
04:58:43.0023 4596  Wlansvc - ok
04:58:43.0151 4596  [ 98F138897EF4246381D197CB81846D62 ] wlidsvc         c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
04:58:43.0204 4596  wlidsvc - ok
04:58:43.0260 4596  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
04:58:43.0261 4596  WmiAcpi - ok
04:58:43.0283 4596  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
04:58:43.0286 4596  wmiApSrv - ok
04:58:43.0306 4596  WMPNetworkSvc - ok
04:58:43.0336 4596  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
04:58:43.0339 4596  WPCSvc - ok
04:58:43.0365 4596  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
04:58:43.0369 4596  WPDBusEnum - ok
04:58:43.0402 4596  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
04:58:43.0404 4596  ws2ifsl - ok
04:58:43.0419 4596  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
04:58:43.0423 4596  wscsvc - ok
04:58:43.0427 4596  WSearch - ok
04:58:43.0499 4596  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
04:58:43.0544 4596  wuauserv - ok
04:58:43.0583 4596  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
04:58:43.0586 4596  WudfPf - ok
04:58:43.0601 4596  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
04:58:43.0604 4596  WUDFRd - ok
04:58:43.0632 4596  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
04:58:43.0636 4596  wudfsvc - ok
04:58:43.0659 4596  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
04:58:43.0665 4596  WwanSvc - ok
04:58:43.0704 4596  ================ Scan global ===============================
04:58:43.0722 4596  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
04:58:43.0752 4596  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
04:58:43.0761 4596  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
04:58:43.0790 4596  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
04:58:43.0815 4596  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
04:58:43.0820 4596  [Global] - ok
04:58:43.0821 4596  ================ Scan MBR ==================================
04:58:43.0841 4596  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
04:58:44.0101 4596  \Device\Harddisk0\DR0 - ok
04:58:44.0102 4596  ================ Scan VBR ==================================
04:58:44.0104 4596  [ B57F793D31CCF623B804A8D8D8DA0EDC ] \Device\Harddisk0\DR0\Partition1
04:58:44.0106 4596  \Device\Harddisk0\DR0\Partition1 - ok
04:58:44.0132 4596  [ 7DB2648127E867F295FA2C2531073841 ] \Device\Harddisk0\DR0\Partition2
04:58:44.0134 4596  \Device\Harddisk0\DR0\Partition2 - ok
04:58:44.0134 4596  ============================================================
04:58:44.0134 4596  Scan finished
04:58:44.0134 4596  ============================================================
04:58:44.0145 4860  Detected object count: 0
04:58:44.0145 4860  Actual detected object count: 0
04:58:51.0876 2668  Deinitialize success
 
 
awsMBR:

aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2013-02-22 05:00:18
-----------------------------
05:00:18.787    OS Version: Windows x64 6.1.7601 Service Pack 1
05:00:18.787    Number of processors: 4 586 0x170A
05:00:18.788    ComputerName: BFAMILY-PC  UserName: BFamily
05:00:20.958    Initialize success
05:01:47.032    AVAST engine defs: 13022200
05:01:54.676    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
05:01:54.679    Disk 0 Vendor: WDC_WD10 01.0 Size: 953869MB BusType: 3
05:01:54.686    Disk 0 MBR read successfully
05:01:54.688    Disk 0 MBR scan
05:01:54.692    Disk 0 Windows 7 default MBR code
05:01:54.695    Disk 0 Partition 1 00     27 Hidden NTFS WinRE NTFS        14000 MB offset 2048
05:01:54.706    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS          100 MB offset 28674048
05:01:54.721    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS       939767 MB offset 28878848
05:01:54.733    Disk 0 scanning C:\Windows\system32\drivers
05:02:04.533    Service scanning
05:02:24.676    Modules scanning
05:02:24.683    Disk 0 trace - called modules:
05:02:24.708    ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll 
05:02:25.037    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007119790]
05:02:25.042    3 CLASSPNP.SYS[fffff880013d043f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8005ee9050]
05:02:26.824    AVAST engine scan C:\Windows
05:02:30.724    AVAST engine scan C:\Windows\system32
05:06:27.698    AVAST engine scan C:\Windows\system32\drivers
05:06:42.924    AVAST engine scan C:\Users\BFamily
05:42:55.227    AVAST engine scan C:\ProgramData
05:45:39.802    Scan finished successfully
06:10:58.747    Disk 0 MBR has been saved successfully to "C:\Users\BFamily\MBR.dat"
06:10:58.752    The log file has been saved successfully to "C:\Users\BFamily\aswMBR.txt"
 
 
 
mini ToolBox:
 
 

MiniToolBox by Farbar  Version:10-01-2013
Ran by BFamily (administrator) on 22-02-2013 at 06:13:11
Running from "C:\Users\BFamily\Downloads"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================
 
::1             localhost
 
 
 

*Moderator Edit: Moved topic from Web Browsing/Email and Other Internet Applications to the more appropriate forum. ~ Queen-Evie*

 


Edited by Queen-Evie, 22 February 2013 - 08:46 AM.


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:40 AM

Posted 22 February 2013 - 08:38 AM


ESET Online Scanner

--------------------

I'd like us to scan your machine with ESET OnlineScan  This process may may take several hours, that is normal

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the   button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)

    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the icon on your desktop.

  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:

    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Copy and paste the information in your next reply.   Note:  If no malware was found you will not get a log.
  • Click the Back button.
  • Click the Finish button.


===================================================
`
Malwarebytes

--------------------

Please download Malwarebytes Anti-Malware and save it to your desktop.  If you already have it installed launch the program and update the database.

  • Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download.  You can also right click on the link and select Save Link As

Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.

  • Make sure you are connected to the Internet and double-click on the renamed file to install the application.
    For instructions with screenshots, please refer to this Guide.
  • When the installation begins, follow the prompts and do not make any changes to default settings except to uncheck any offer for a free Pro trial version
  • Malwarebytes will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button and continue.
  • If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.
  • Under the Scanner tab, make sure the "Perform Quick Scan" option is selected.
  • Click on the Scan button.
  • When finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box, then click the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked and then click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.

Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.


===================================================


Farbar's Service Scanner

--------------------

Please download Farbar Service Scanner, save it to your desktop, and run it.

  • Make sure the following options are checked:

    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.


===================================================


AdwCleaner by Xplode - Search for Adware

-------------------

  • Please download AdwCleaner by Xplode onto your desktop.
  • Double click on AdwCleaner.exe, select OK, then Run
  • Click on DELETE
  • A logfile will automatically open after the scan has finished
  • Copy and paste the contents in your reply
  • You can find the logfile at C:\AdwCleaner[R1].txt as well


===================================================


Junkware Removal Tooll by thisisu

-------------------

  • Please download Junkware Removal Tool and save it to your desktop.
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Right-mouse click JRT.exe and select Run as administrator (Windows XP double click the icon)
  • Please allow the program time to run
  • Once completed a Notepad document will open on your desktop
  • Copy and paste the contents in your reply


===================================================


Rkill

-------------------

Please download Rkill by Grinler from one of the 4 links below (if one of them does not work try another...) and save it to your desktop:


  • In order for Rkill to run properly you must disable your anti-malware software.  Please refer to this page if you are not sure how.
  • Double-click on Rkill. (If you are using Windows Vista, please right-click on it and select Run As Administrator)
    • Note:  You may have to run Rkill a few times before it is successful.  You may also have to download Rkill from a different link which will save it as a different file name.
  • A black screen will appear and then disappear. Please do not worry, that is normal. This means that the tool has been successfully executed.
  • An Rkill.log will appear.  Please copy and paste the contents in your reply (file also located at c:\rkill.log)
  • Do not reboot your computer after running Rkill as the malware programs will start again.  If your computer reboots, run Rkill again before continuing on to the next step.
  • If nothing happens or if the tool does not run, please let me know in your next reply.


===================================================


Autoruns

--------------------

  • Please download AutoRuns and save it to your desktop
  • Double click the AutoRuns.zip folder
  • Double click autoruns.exe (not autorunsc.exe), select Run, then Run again and allow the information to populate
  • Select File, Save, Desktop (in the left hand pane), then Save filename as Autoruns.txt and change Save as type to  Text(*.txt).
  • Double click on the text file,copy and paste the contents in your reply


 



#3 rbblb

rbblb
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:05:40 AM

Posted 23 February 2013 - 06:48 PM

Alright here are all of the logs.

 

 

 



ESET log:



C:\Program Files (x86)\Common Files\Spigot\Search
Settings\SearchSettings.exe            a
variant of Win32/Toolbar.Widgi application          cleaned
by deleting - quarantined



C:\Program Files
(x86)\MyFunCards_5mEI\Installr\1.bin\5mEIPlug.dll     a variant of Win32/Toolbar.MyWebSearch application          cleaned by deleting - quarantined



C:\Program Files
(x86)\MyFunCards_5mEI\Installr\1.bin\5mEZSETP.dll   a variant of Win32/Toolbar.MyWebSearch.Q application          cleaned by deleting - quarantined



C:\Program Files (x86)\PDFCreator\Toolbar\pdfforge
Toolbar_setup.exe             Win32/Toolbar.Widgi
application                cleaned by
deleting - quarantined



C:\Program Files (x86)\pdfforge
Toolbar\IE\6.9\pdfforgeToolbarIE.dll    a
variant of Win32/Toolbar.Widgi application                cleaned
by deleting - quarantined



C:\Users\BFamily\AppData\Local\Temp\ICReinstall_FLVPlayerSetup_MMM
(3).exe      a variant of
Win32/InstallCore.T application          cleaned
by deleting - quarantined



C:\Users\BFamily\AppData\Local\Temp\ICReinstall_ICReinstall_FLVPlayerSetup_MMM
(3).exe               a variant of
Win32/InstallCore.T application cleaned by
deleting - quarantined



C:\Users\BFamily\AppData\Local\Temp\jar_cache2728163713238708207.tmp    a variant of Java/Exploit.CVE-2012-0507.AF
trojan    deleted - quarantined



C:\Users\BFamily\AppData\Local\Temp\jar_cache8157546671591045530.tmp    multiple threats                deleted - quarantined



C:\Users\BFamily\AppData\Local\Temp\SetupDataMngr_Searchqu.exe              multiple threats                cleaned by deleting -
quarantined



C:\Users\BFamily\Downloads\abiword_35.exe a variant of Win32/InstallIQ application  cleaned by deleting - quarantined



C:\Users\BFamily\Downloads\clipartcollection.exe         probably a variant of Win32/InstallIQ
application               cleaned by
deleting - quarantined



C:\Users\BFamily\Downloads\doc.zip    a variant of Win32/TrojanDownloader.Chepvil.A trojan  deleted - quarantined



C:\Users\BFamily\Downloads\FLVPlayerSetup_MMM (1).exe   a variant of Win32/InstallCore.T application         cleaned by deleting - quarantined



C:\Users\BFamily\Downloads\FLVPlayerSetup_MMM (2).exe   a variant of Win32/InstallCore.T application         cleaned by deleting - quarantined



C:\Users\BFamily\Downloads\FLVPlayerSetup_MMM (3).exe   a variant of Win32/InstallCore.T application         cleaned by deleting - quarantined



C:\Users\BFamily\Downloads\FLVPlayerSetup_MMM (4).exe   a variant of Win32/InstallCore.T application         cleaned by deleting - quarantined



C:\Users\BFamily\Downloads\FLVPlayerSetup_MMM (5).exe   a variant of Win32/InstallCore.T application         cleaned by deleting - quarantined



C:\Users\BFamily\Downloads\FLVPlayerSetup_MMM (6).exe   a variant of Win32/InstallCore.T application         cleaned by deleting - quarantined



C:\Users\BFamily\Downloads\FLVPlayerSetup_MMM (7).exe   a variant of Win32/InstallCore.T application         cleaned by deleting - quarantined



C:\Users\BFamily\Downloads\FLVPlayerSetup_MMM (8).exe   a variant of Win32/InstallCore.T application         cleaned by deleting - quarantined



C:\Users\BFamily\Downloads\FLVPlayerSetup_MMM.exe         a variant of Win32/InstallCore.T
application         cleaned by deleting -
quarantined



C:\Users\BFamily\Downloads\iLividSetupV1.exe              Win32/Toolbar.SearchSuite application  cleaned by deleting - quarantined



C:\Users\BFamily\Downloads\PDFCreator-1_2_1_setup.exe     multiple threats                cleaned by deleting - quarantined



C:\Users\BFamily\Downloads\PDFCreator-1_2_3_setup.exe     multiple threats                cleaned by deleting - quarantined



C:\Users\BFamily\Downloads\ultimatemediaplayer_2 (1).exe   a variant of Win32/InstallIQ application  cleaned by deleting - quarantined



C:\Users\BFamily\Downloads\ultimatemediaplayer_2.exe          a variant of Win32/InstallIQ
application  cleaned by deleting -
quarantined



C:\Users\BFamily\Downloads\video_downloader (1).exe            Win32/Adware.Bundlore application      cleaned by deleting - quarantined



C:\Users\BFamily\Downloads\video_downloader.exe  Win32/Adware.Bundlore application      cleaned by deleting - quarantined



C:\Windows\Installer\e625f6.msi             a variant of Win32/Toolbar.Widgi application       deleted – quarantined



 



 



 



 



 



MalwareBytes – anit malware log:



Malwarebytes Anti-Malware 1.70.0.1100



www.malwarebytes.org



 



Database version: v2013.02.23.08



 



Windows 7 Service Pack 1 x64 NTFS



Internet Explorer 9.0.8112.16421



BFamily :: BFAMILY-PC [administrator]



 



2/23/2013 2:45:28 PM



mbam-log-2013-02-23 (14-45-28).txt



 



Scan type: Quick scan



Scan options enabled: Memory | Startup | Registry | File
System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM



Scan options disabled: P2P



Objects scanned: 223432



Time elapsed: 4 minute(s),



 



Memory Processes Detected: 0



(No malicious items detected)



 



Memory Modules Detected: 0



(No malicious items detected)



 



Registry Keys Detected: 1



HKLM\SOFTWARE\MyFunCards_5mEI (Adware.MyFunCards) ->
Quarantined and deleted successfully.



 



Registry Values Detected: 0



(No malicious items detected)



 



Registry Data Items Detected: 0



(No malicious items detected)



 



Folders Detected: 0



(No malicious items detected)



 



Files Detected: 0



(No malicious items detected)



 



(end)



 



 



 



 



FSS



Farbar Service Scanner Version: 20-02-2013



Ran by BFamily (administrator) on 23-02-2013 at 15:24:05



Running from "C:\Users\BFamily\Downloads"



Windows 7 Home Premium Service Pack 1 (X64)



Boot Mode: Normal



****************************************************************



 



Internet Services:



============



 



Connection Status:



==============



Localhost is accessible.



LAN connected.



Google IP is accessible.



Google.com is accessible.



Yahoo IP is accessible.



Yahoo.com is accessible.



 



 



Windows Firewall:



=============



 



Firewall Disabled Policy:



==================



 



 



System Restore:



============



 



System Restore Disabled Policy:



========================



 



 



Action Center:



============



 



Windows Update:



============



 



Windows Autoupdate Disabled Policy:



============================



 



 



Windows Defender:



==============



WinDefend Service is not running. Checking service
configuration:



The start type of WinDefend service is set to Demand. The
default start type is Auto.



The ImagePath of WinDefend service is OK.



The ServiceDll of WinDefend service is OK.



 



 



Windows Defender Disabled Policy:



==========================



[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]



"DisableAntiSpyware"=DWORD:1



 



 



Other Services:



==============



 



 



File Check:



========



C:\Windows\System32\nsisvc.dll => MD5 is legit



C:\Windows\System32\drivers\nsiproxy.sys => MD5 is
legit



C:\Windows\System32\dhcpcore.dll => MD5 is legit



C:\Windows\System32\drivers\afd.sys => MD5 is legit



C:\Windows\System32\drivers\tdx.sys => MD5 is legit



C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit



C:\Windows\System32\dnsrslvr.dll => MD5 is legit



C:\Windows\System32\mpssvc.dll => MD5 is legit



C:\Windows\System32\bfe.dll => MD5 is legit



C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit



C:\Windows\System32\SDRSVC.dll => MD5 is legit



C:\Windows\System32\vssvc.exe => MD5 is legit



C:\Windows\System32\wscsvc.dll => MD5 is legit



C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit



C:\Windows\System32\wuaueng.dll => MD5 is legit



C:\Windows\System32\qmgr.dll => MD5 is legit



C:\Windows\System32\es.dll => MD5 is legit



C:\Windows\System32\cryptsvc.dll => MD5 is legit



C:\Program Files\Windows Defender\MpSvc.dll => MD5 is
legit



C:\Windows\System32\ipnathlp.dll => MD5 is legit



C:\Windows\System32\iphlpsvc.dll => MD5 is legit



C:\Windows\System32\svchost.exe => MD5 is legit



C:\Windows\System32\rpcss.dll => MD5 is legit



 



 



**** End of log ****



 



 



 



# AdwCleaner v2.112 - Logfile created 02/23/2013 at
15:26:14



# Updated 10/02/2013 by Xplode



# Operating system : Windows 7 Home Premium Service Pack
1 (64 bits)



# User : BFamily - BFAMILY-PC



# Boot Mode : Normal



# Running from :
C:\Users\BFamily\Downloads\AdwCleaner.exe



# Option [Delete]



 



 



***** [Services] *****



 



Stopped & Deleted : Application Updater



 



***** [Files / Folders] *****



 



Deleted on reboot : C:\Program Files (x86)\Common
Files\AVG Secure Search



File Deleted : C:\END



File Deleted :
C:\Users\BFamily\AppData\Local\Temp\Searchqu.ini



File Deleted : C:\Users\BFamily\AppData\Local\Temp\searchqutoolbar-manifest.xml



Folder Deleted : C:\Program Files (x86)\Application
Updater



Folder Deleted : C:\Program Files (x86)\AVG Secure Search



Folder Deleted : C:\Program Files (x86)\Common
Files\spigot



Folder Deleted : C:\Program Files (x86)\Free Offers from
Freeze.com



Folder Deleted : C:\Program Files (x86)\pdfforge Toolbar



Folder Deleted : C:\ProgramData\AVG Secure Search



Folder Deleted : C:\ProgramData\boost_interprocess



Folder Deleted : C:\ProgramData\Partner



Folder Deleted : C:\Users\BFamily\AppData\Local\AVG
Secure Search



Folder Deleted : C:\Users\BFamily\AppData\Local\Ilivid
Player



Folder Deleted :
C:\Users\BFamily\AppData\Local\Temp\avg@toolbar



Folder Deleted :
C:\Users\BFamily\AppData\Local\Temp\boost_interprocess



Folder Deleted : C:\Users\BFamily\AppData\LocalLow\AVG
Secure Search



Folder Deleted : C:\Users\BFamily\AppData\LocalLow\AVG
Security Toolbar



Folder Deleted :
C:\Users\BFamily\AppData\LocalLow\pdfforge



Folder Deleted : C:\Users\BFamily\AppData\LocalLow\Search
Settings



Folder Deleted :
C:\Users\BFamily\AppData\Roaming\pdfforge



 



***** [Registry] *****



 



Key Deleted : HKCU\Software\AppDataLow\Software\AVG
Security Toolbar



Key Deleted : HKCU\Software\AppDataLow\Software\pdfforge



Key Deleted : HKCU\Software\AppDataLow\Software\Search
Settings



Key Deleted : HKCU\Software\AVG Secure Search



Key Deleted : HKCU\Software\AVG Security Toolbar



Key Deleted : HKCU\Software\Conduit



Key Deleted : HKCU\Software\DataMngr



Key Deleted :
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}



Key Deleted :
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}



Key Deleted :
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7}



Key Deleted :
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B922D405-6D13-4A2B-AE89-08A030DA4402}



Key Deleted :
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}



Key Deleted :
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}



Key Deleted :
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7}



Key Deleted :
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B922D405-6D13-4A2B-AE89-08A030DA4402}



Key Deleted :
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}



Key Deleted : HKCU\Software\pdfforge



Key Deleted : HKCU\Software\Search Settings



Key Deleted : HKCU\Software\Microsoft\Internet
Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}



Key Deleted : HKCU\Software\Microsoft\Internet
Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}



Key Deleted : HKLM\Software\Application Updater



Key Deleted : HKLM\Software\AVG Secure Search



Key Deleted : HKLM\Software\AVG Security Toolbar



Key Deleted :
HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}



Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}



Key Deleted :
HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE



Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL



Key Deleted :
HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe



Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure
Search.BrowserWndAPI



Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure
Search.BrowserWndAPI.1



Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure
Search.PugiObj



Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure
Search.PugiObj.1



Key Deleted : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol



Key Deleted : HKLM\SOFTWARE\Classes\S



Key Deleted :
HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi



Key Deleted :
HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1



Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}



Key Deleted :
HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}



Key Deleted :
HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}



Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE



Key Deleted :
HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1



Key Deleted : HKLM\Software\Conduit



Key Deleted : HKLM\Software\Freeze.com



Key Deleted :
HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32



Key Deleted :
HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS



Key Deleted :
HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASAPI32



Key Deleted :
HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASMANCS



Key Deleted :
HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32



Key Deleted :
HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCS



Key Deleted :
HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32



Key Deleted :
HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS



Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}



Key Deleted :
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}



Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}



Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG
SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin



Key Deleted : HKLM\Software\pdfforge



Key Deleted : HKLM\Software\Search Settings



Key Deleted :
HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}



Key Deleted :
HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}



Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{99079A25-328F-4BD4-BE04-00955ACAA0A7}



Key Deleted :
HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}



Key Deleted :
HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B922D405-6D13-4A2B-AE89-08A030DA4402}



Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}



Key Deleted :
HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}



Key Deleted :
HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}



Key Deleted :
HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}



Key Deleted :
HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}



Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}



Key Deleted :
HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}



Key Deleted :
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low
Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}



Key Deleted :
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low
Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}



Key Deleted :
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet
Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}



Key Deleted :
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser
Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}



Key Deleted :
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser
Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}



Key Deleted :
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser
Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402}



Key Deleted :
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure
Search



Key Deleted :
HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}



Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}



Key Deleted :
HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}



Key Deleted :
HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}



Key Deleted : HKLM\SOFTWARE\DataMngr



Key Deleted : HKLM\SOFTWARE\Microsoft\Internet
Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}



Value Deleted : HKCU\Software\Microsoft\Internet
Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]



Value Deleted : HKCU\Software\Microsoft\Internet
Explorer\URLSearchHooks [{B922D405-6D13-4A2B-AE89-08A030DA4402}]



Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions
[Avg@toolbar]



Value Deleted :
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar
[{95B7759C-8C7F-4BF1-B163-73684A933233}]



Value Deleted :
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar
[{B922D405-6D13-4A2B-AE89-08A030DA4402}]



Value Deleted :
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [10]



Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar
[10]



 



***** [Internet Browsers] *****



 



-\\ Internet Explorer v9.0.8112.16464



 



[OK] Registry is clean.



 



-\\ Google Chrome v25.0.1364.97



 



File : C:\Users\BFamily\AppData\Local\Google\Chrome\User
Data\Default\Preferences



 



[OK] File is clean.



 



*************************



 



AdwCleaner[S1].txt - [9574 octets] - [23/02/2013
15:26:14]



 



########## EOF - C:\AdwCleaner[S1].txt - [9634 octets]
##########



 



~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



Junkware Removal Tool (JRT) by Thisisu



Version: 4.6.5 (02.18.2013:1)



OS: Windows 7 Home Premium x64



Ran by BFamily on Sat 02/23/2013 at 15:45:20.33



~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



 



 



 



 



~~~ Services



 



 



 



~~~ Registry Values



 



 



 



~~~ Registry Keys



 



Successfully deleted: [Registry Key]
hkey_current_user\software\microsoft\internet
explorer\searchscopes\{6a1806cd-94d4-4689-ba73-e35ea1ea9990}



Successfully deleted: [Registry Key]
hkey_local_machine\software\microsoft\internet
explorer\searchscopes\{6a1806cd-94d4-4689-ba73-e35ea1ea9990}



 



 



 



~~~ Files



 



Successfully deleted: [File] C:\eula.1028.txt



Successfully deleted: [File] C:\eula.1031.txt



Successfully deleted: [File] C:\eula.1033.txt



Successfully deleted: [File] C:\eula.1036.txt



Successfully deleted: [File] C:\eula.1040.txt



Successfully deleted: [File] C:\eula.1041.txt



Successfully deleted: [File] C:\eula.1042.txt



Successfully deleted: [File] C:\eula.2052.txt



Successfully deleted: [File] C:\install.res.1028.dll



Successfully deleted: [File] C:\install.res.1031.dll



Successfully deleted: [File] C:\install.res.1033.dll



Successfully deleted: [File] C:\install.res.1036.dll



Successfully deleted: [File] C:\install.res.1040.dll



Successfully deleted: [File] C:\install.res.1041.dll



Successfully deleted: [File] C:\install.res.1042.dll



Successfully deleted: [File] C:\install.res.2052.dll



Successfully deleted: [File] C:\install.res.3082.dll



 



 



 



~~~ Folders



 



Successfully deleted: [Folder]
"C:\Users\BFamily\appdata\locallow\datamngr"



Successfully deleted: [Folder] "C:\Program Files
(x86)\coupons"



Successfully deleted: [Folder] "C:\Program Files
(x86)\myfuncards_5mei"



 



 



 



~~~ Event Viewer Logs were cleared



 



 



 



 



 



~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



Scan was completed on Sat 02/23/2013 at 15:52:24.51





End of JRT log


 


 



 



 



 



 



 



 



Rkill 2.4.7 by Lawrence Abrams (Grinler)



http://www.bleepingcomputer.com/



Copyright 2008-2013 BleepingComputer.com



More Information about Rkill can be found at this link:



 http://www.bleepingcomputer.com/forums/topic308364.html



 



Program started at: 02/23/2013 04:42:24 PM in x64 mode.



Windows Version: Windows 7 Home Premium Service Pack 1



 



Checking for Windows services to stop:



 



 * No malware
services found to stop.



 



Checking for processes to terminate:



 



 *
C:\Users\BFamily\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe (PID:
3436) [UP-HEUR]



 *
C:\Users\BFamily\AppData\Local\Programs\Google\MusicManager\MusicManager.exe
(PID: 3348) [UP-HEUR]



 *
C:\Users\BFamily\Desktop\JRT.exe (PID: 5736) [UP-HEUR]



 



3 proccesses terminated!



 



Checking Registry for malware related settings:



 



 * Explorer Policy
Removed:  NoActiveDesktopChanges [HKLM]



 



Backup Registry file created at:



 C:\Users\BFamily\Desktop\rkill\rkill-02-23-2013-04-42-30.reg



 



Resetting .EXE, .COM, & .BAT associations in the
Windows Registry.



 



Performing miscellaneous checks:



 



 * Windows Defender
Disabled



 



  
[HKLM\SOFTWARE\Microsoft\Windows Defender]



  
"DisableAntiSpyware" = dword:00000001



 



Checking Windows Service Integrity:



 



 * Windows Defender
(WinDefend) is not Running.



   Startup Type set
to: Manual



 



Searching for Missing Digital Signatures:



 



 * No issues found.



 



Checking HOSTS File:



 



 * Cannot edit the
HOSTS file.



 * Permissions
Fixed. Administrators can now edit the HOSTS file.



 



 * HOSTS file
entries found:



 



  127.0.0.1       localhost



  ::1             localhost



  176.9.75.3
www.google-analytics.com.



  176.9.75.3
ad-emea.doubleclick.net.



  176.9.75.3
www.statcounter.com.



  108.163.215.51
www.google-analytics.com.



  108.163.215.51
ad-emea.doubleclick.net.



  108.163.215.51
www.statcounter.com.



 



Program finished at: 02/23/2013 04:42:38 PM



Execution time: 0 hours(s), 0 minute(s), and 13
seconds(s)



 



"HKLM\System\CurrentControlSet\Control\Terminal
Server\Wds\rdpwd\StartupPrograms"      ""            ""            ""



+ "rdpclip"           ""            ""            "File not found: rdpclip"



"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" ""            ""            ""



+ "HotKeysCmds"            "hkcmd
Module"             "Intel
Corporation"         "c:\windows\system32\hkcmd.exe"



+ "IAAnotif"       "Event
Monitor User Notification Tool"  "Intel
Corporation"         "c:\program
files (x86)\intel\intel matrix storage manager\iaanotif.exe"



+ "IgfxTray"        "igfxTray
Module"           "Intel
Corporation"         "c:\windows\system32\igfxtray.exe"



+ "Persistence" "persistence
Module"   "Intel
Corporation"         "c:\windows\system32\igfxpers.exe"



+ "RtHDVCpl"     "HD
Audio Control Panel"             "Realtek
Semiconductor"             "c:\program
files\realtek\audio\hda\ravcpl64.exe"



"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run"                ""            ""            ""



+ "Adobe ARM"                "Adobe
Reader and Acrobat Manager"  "Adobe
Systems Incorporated" "c:\program
files (x86)\common files\adobe\arm\1.0\adobearm.exe"



+ "AmazonGSDownloaderTray"                "TaskTray Application"   "Amazon.com" "c:\program files (x86)\amazon\amazon games & software
downloader\amazongsdownloadertray.exe"



+ "APSDaemon"               "Apple
Push"     "Apple Inc."        "c:\program files (x86)\common
files\apple\apple application support\apsdaemon.exe"



+ "AVG_UI"        "AVG
User Interface"    "AVG
Technologies CZ, s.r.o."    "c:\program
files (x86)\avg\avg2013\avgui.exe"



+ "BackupManagerTray"               "Gateway MyBackup"   "NewTech Infosystems, Inc."     "c:\program files (x86)\newtech infosystems\gateway
mybackup\backupmanagertray.exe"



+ "BrMfcWnd"  "Brother
Status Monitor Application"     "Brother
Industries, Ltd."             "c:\program
files (x86)\brother\brmfcmon\brmfcwnd.exe"



+ "ControlCenter3"         "ControlCenter Program"             "Brother Industries, Ltd."             "c:\program files
(x86)\brother\controlcenter3\brctrcen.exe"



+ "Gateway Photo Frame"           "ButtonMonitor"             "IOI"      "c:\program files (x86)\gateway photo
frame\buttonmonitor.exe"



+ "HP Software Update"               "hpwuSchd Application"               "Hewlett-Packard"          "c:\program files (x86)\hp\hp
software update\hpwuschd2.exe"



+ "IndexSearch"               "PaperPort
IndexSearch"             "Nuance
Communications, Inc."                "c:\program
files (x86)\scansoft\paperport\indexsearch.exe"



+ "iTunesHelper"             "iTunesHelper" "Apple
Inc."        "c:\program files
(x86)\itunes\ituneshelper.exe"



+ "LifeCam"        "LifeExp.exe"    "Microsoft Corporation"               "c:\program files
(x86)\microsoft lifecam\lifeexp.exe"



+ "Microsoft Default Manager" "Microsoft Default Manager"     "Microsoft Corporation"               "c:\program files
(x86)\microsoft\search enhancement pack\default manager\defmgr.exe"



+ "PaperPort PTD"           "PaperPort Print to Desktop for NT"        "Nuance Communications, Inc."                "c:\program files
(x86)\scansoft\paperport\pptd40nt.exe"



+ "PPort11reminder"     "Ereg"   "Nuance
Communications, Inc."                "c:\program
files (x86)\scansoft\paperport\ereg\ereg.exe"



+ "QuickTime Task"         "QuickTime Task"             "Apple
Inc."        "c:\program files
(x86)\quicktime\qttask.exe"



+ "SSBkgdUpdate"          "SSBkgdUpdate"              "Nuance
Communications, Inc."                "c:\program
files (x86)\common files\scansoft shared\ssbkgdupdate\ssbkgdupdate.exe"



+ "SunJavaUpdateSched"            "Java™ Update Scheduler"    "Sun Microsystems, Inc."             "c:\program files (x86)\common
files\java\java update\jusched.exe"



+ "vProt"             ""            ""            "File not found: C:\Program Files (x86)\AVG Secure
Search\vprot.exe"



"C:\Users\BFamily\AppData\Roaming\Microsoft\Windows\Start
Menu\Programs\Startup"       ""            ""            ""



+ "Dropbox.lnk"               "Dropbox"          "Dropbox, Inc." "c:\users\bfamily\appdata\roaming\dropbox\bin\dropbox.exe"



+ "PdaNet Desktop.lnk"                ""            ""            "c:\program files (x86)\pdanet
for android\pdanetpc.exe"



"HKLM\SOFTWARE\Microsoft\Active Setup\Installed
Components"       ""            ""            ""



+ "Microsoft Windows" "Windows Mail"               "Microsoft
Corporation"               "c:\program
files\windows mail\winmail.exe"



"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active
Setup\Installed Components"      ""            ""            ""



+ "Microsoft Windows" "Windows Mail"               "Microsoft
Corporation"               "c:\program
files (x86)\windows mail\winmail.exe"



"HKCU\Software\Microsoft\Windows\CurrentVersion\Run"      ""            ""            ""



+ "cdloader"       "magicJack
(cdloader2)"                "magicJack
L.P."                "c:\users\bfamily\appdata\roaming\mjusbsp\cdloader2.exe"



+ "Google Update"         "Google Installer"            "Google
Inc."                "c:\users\bfamily\appdata\local\google\update\googleupdate.exe"



+ "msnmsgr"      ""            ""            "File not found: C:\Program Files (x86)\Windows
Live\Messenger\msnmsgr.exe"



+ "MusicManager"          "Music Manager"             "Google
Inc."                "c:\users\bfamily\appdata\local\programs\google\musicmanager\musicmanager.exe"



+ "SansaDispatch"           "Sansa Dispatcher"          "SanDisk Corporation"   "c:\users\bfamily\appdata\roaming\sandisk\sansa
updater\sansadispatch.exe"



"HKLM\SOFTWARE\Classes\Protocols\Filter"     ""            ""            ""



+ "text/xml"       "Microsoft
Office XML MIME Filter"        "Microsoft
Corporation"               "c:\program
files\common files\microsoft shared\office14\msoxmlmf.dll"



"HKLM\SOFTWARE\Classes\Protocols\Handler"                ""            ""            ""



+ "linkscanner" ""            ""            "File not found: C:\Program Files
(x86)\AVG\AVG2012\avgppa.dll"



+ "ms-help"        "Microsoft®
Help Data Services Module"              "Microsoft
Corporation"               "c:\program
files\common files\microsoft shared\help\hxds.dll"



"HKCU\Software\Classes\*\ShellEx\ContextMenuHandlers"     ""            ""            ""



+ "DropboxExt"                "Dropbox
Shell Extension"           "Dropbox,
Inc."                "c:\users\bfamily\appdata\roaming\dropbox\bin\dropboxext64.17.dll"



"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers"     ""            ""            ""



+ "AVG Shell Extension"               "AVG Shell Extension"   "AVG Technologies CZ, s.r.o."    "c:\program files (x86)\avg\avg2013\avgsea.dll"



"HKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers"    ""            ""            ""



+ "AVG Shell Extension"               "AVG Shell Extension"   "AVG Technologies CZ, s.r.o."    "c:\program files (x86)\avg\avg2013\avgse.dll"



"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers"             ""            ""            ""



+ "MBAMShlExt"              "Malwarebytes
Anti-Malware"  "Malwarebytes
Corporation"     "c:\program
files (x86)\malwarebytes' anti-malware\mbamext.dll"



"HKCU\Software\Classes\Directory\ShellEx\ContextMenuHandlers"     ""            ""            ""



+ "DropboxExt"                "Dropbox
Shell Extension"           "Dropbox,
Inc."                "c:\users\bfamily\appdata\roaming\dropbox\bin\dropboxext64.17.dll"



"HKCU\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers"           ""            ""            ""



+ "DropboxExt"                "Dropbox
Shell Extension"           "Dropbox,
Inc."                "c:\users\bfamily\appdata\roaming\dropbox\bin\dropboxext64.17.dll"



"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers"           ""            ""            ""



+ "Gadgets"       "Sidebar
droptarget"      "Microsoft
Corporation"               "c:\program
files\windows sidebar\sbdrop.dll"



+ "igfxcui"           "igfxpph
Module"            "Intel
Corporation"         "c:\windows\system32\igfxpph.dll"



"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers"          ""            ""            ""



+ "Gadgets"       "Sidebar
droptarget"      "Microsoft
Corporation"               "c:\program
files (x86)\windows sidebar\sbdrop.dll"



"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers"      ""            ""            ""



+ "PDF Shell Extension" "PDF Shell Extension"    "Adobe
Systems, Inc."   "c:\program
files (x86)\common files\adobe\acrobat\activex\pdfshell.dll"



"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers"           ""            ""            ""



+ "AVG Shell Extension"               "AVG Shell Extension"   "AVG Technologies CZ, s.r.o."    "c:\program files (x86)\avg\avg2013\avgsea.dll"



+ "MBAMShlExt"              "Malwarebytes
Anti-Malware"  "Malwarebytes
Corporation"     "c:\program
files (x86)\malwarebytes' anti-malware\mbamext.dll"



"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\ContextMenuHandlers"         ""            ""            ""



+ "AVG Shell Extension"               "AVG Shell Extension"   "AVG Technologies CZ, s.r.o."    "c:\program files (x86)\avg\avg2013\avgse.dll"



"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers"   ""            ""            ""



+ "DropboxExt1"              "Dropbox
Shell Extension"           "Dropbox,
Inc."                "c:\users\bfamily\appdata\roaming\dropbox\bin\dropboxext64.17.dll"



+ "DropboxExt2"              "Dropbox
Shell Extension"           "Dropbox,
Inc."                "c:\users\bfamily\appdata\roaming\dropbox\bin\dropboxext64.17.dll"



+ "DropboxExt3"              "Dropbox
Shell Extension"           "Dropbox,
Inc."                "c:\users\bfamily\appdata\roaming\dropbox\bin\dropboxext64.17.dll"



+ "DropboxExt4"              "Dropbox
Shell Extension"           "Dropbox,
Inc."                "c:\users\bfamily\appdata\roaming\dropbox\bin\dropboxext64.17.dll"



"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers"  ""            ""                ""



+ "DropboxExt1"              "Dropbox
Shell Extension"           "Dropbox,
Inc."                "c:\users\bfamily\appdata\roaming\dropbox\bin\dropboxext.17.dll"



+ "DropboxExt2"              "Dropbox
Shell Extension"           "Dropbox,
Inc."                "c:\users\bfamily\appdata\roaming\dropbox\bin\dropboxext.17.dll"



+ "DropboxExt3"              "Dropbox
Shell Extension"           "Dropbox,
Inc."                "c:\users\bfamily\appdata\roaming\dropbox\bin\dropboxext.17.dll"



"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser
Helper Objects"          ""            ""            ""



+ "AVG Safe Search"      ""            ""            "File not found: C:\Program
Files (x86)\AVG\AVG2012\avgssiea.dll"



+ "Office Document Cache Handler"       "Microsoft Office Document Cache
Handler"      "Microsoft
Corporation"                "c:\program
files\microsoft office\office14\urlredir.dll"



+ "Windows Live ID Sign-in Helper"          "Microsoft® Windows Live ID Login
Helper"         "Microsoft
Corporation"                "c:\program
files\common files\microsoft shared\windows live\windowslivelogin.dll"



"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser
Helper Objects"         ""            ""                ""



+ "Adobe PDF Link Helper"          "Adobe PDF Helper for Internet
Explorer"            "Adobe
Systems Incorporated" "c:\program
files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll"



+ "AVG Safe Search"      ""            ""            "File not found: C:\Program
Files (x86)\AVG\AVG2012\avgssie.dll"



+ "Java™ Plug-In 2 SSV Helper"             "Java™ Platform SE
binary"   "Oracle
Corporation"      "c:\program
files (x86)\java\jre7\bin\jp2ssv.dll"



+ "Java™ Plug-In SSV Helper"                "Java™ Platform SE
binary"   "Oracle
Corporation"      "c:\program
files (x86)\java\jre7\bin\ssv.dll"



+ "Office Document Cache Handler"       "Microsoft Office Document Cache
Handler"      "Microsoft
Corporation"                "c:\program
files (x86)\microsoft office\office14\urlredir.dll"



+ "Windows Live ID Sign-in Helper"          "Microsoft® Windows Live ID Login
Helper"         "Microsoft
Corporation"                "c:\program
files (x86)\common files\microsoft shared\windows
live\windowslivelogin.dll"



"HKLM\Software\Microsoft\Internet
Explorer\Extensions"         ""            ""            ""



+ "OneNote Lin&ked Notes"      "Microsoft OneNote Internet Explorer
Add-in"  "Microsoft
Corporation"               "c:\program
files\microsoft office\office14\onbttnielinkednotes.dll"



+ "Se&nd to OneNote" "Microsoft OneNote Internet Explorer Add-in"  "Microsoft Corporation"               "c:\program files\microsoft
office\office14\onbttnie.dll"



"HKLM\Software\Wow6432Node\Microsoft\Internet
Explorer\Extensions"       ""            ""            ""



+ "OneNote Lin&ked Notes"      "Microsoft OneNote Internet Explorer
Add-in"  "Microsoft
Corporation"               "c:\program
files (x86)\microsoft office\office14\onbttnielinkednotes.dll"



+ "Se&nd to OneNote" "Microsoft OneNote Internet Explorer Add-in"  "Microsoft Corporation"               "c:\program files
(x86)\microsoft office\office14\onbttnie.dll"



"Task Scheduler"              ""            ""            ""



+ "\Adobe Flash Player Updater"              "Adobe® Flash® Player Update
Service 11.5 r502"             "Adobe
Systems Incorporated"   "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe"



+ "\Apple\AppleSoftwareUpdate"          "Apple Software Update"            "Apple Inc."        "c:\program files (x86)\apple
software update\softwareupdate.exe"



+ "\GoogleUpdateTaskMachineCore"    "Google Installer"            "Google Inc."     "c:\program files
(x86)\google\update\googleupdate.exe"



+ "\GoogleUpdateTaskMachineUA"       "Google Installer"            "Google Inc."     "c:\program files
(x86)\google\update\googleupdate.exe"



+
"\GoogleUpdateTaskUserS-1-5-21-3606663481-3160736827-3853255702-1000Core"     "Google Installer"            "Google Inc."       "c:\users\bfamily\appdata\local\google\update\googleupdate.exe"



+
"\GoogleUpdateTaskUserS-1-5-21-3606663481-3160736827-3853255702-1000UA"         "Google Installer"            "Google Inc."       "c:\users\bfamily\appdata\local\google\update\googleupdate.exe"



+ "\Launch HTC Sync Loader"      ""            ""            "File
not found: C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe"



+
"\Microsoft\Windows\NetTrace\GatherNetworkInfo"              ""            ""                "c:\windows\system32\gathernetworkinfo.vbs"



+ "\Microsoft\Windows\Windows Media
Sharing\UpdateLibrary"            "Windows
Media Player Network Sharing Service Configuration Application"           "Microsoft Corporation"               "c:\program files\windows
media player\wmpnscfg.exe"



+ "\Recovery Management\Burn Notification"  "NotificationCenter"      "Acer"   "c:\program files\gateway\gateway recovery
management\notificationcenter\notification.exe"



+ "\SidebarExecute"       "Windows Desktop Gadgets"     "Microsoft Corporation"               "c:\program files\windows
sidebar\sidebar.exe"



"HKLM\System\CurrentControlSet\Services"     ""            ""            ""



+ "AdobeARMservice"  "Adobe Acrobat Updater keeps your Adobe software up to
date."          "Adobe Systems
Incorporated"   "c:\program
files (x86)\common files\adobe\arm\1.0\armsvc.exe"



+ "AdobeFlashPlayerUpdateSvc"              "This service keeps your
Adobe Flash Player installation up to date with the latest enhancements and
security fixes."          "Adobe
Systems Incorporated"                "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe"



+ "Amazon Download Agent"     "Amazon Games & Software
Downloader Service"          "Amazon.com" "c:\program files (x86)\amazon\amazon
games & software downloader\amazongsdownloaderservice.exe"



+ "Apple Mobile Device"              "Provides the interface to Apple mobile
devices."            "Apple
Inc."        "c:\program files
(x86)\common files\apple\mobile device
support\applemobiledeviceservice.exe"



+ "AVGIDSAgent"            "Provides
Identity Protection Against Cyber Crime."        "AVG
Technologies CZ, s.r.o."    "c:\program
files (x86)\avg\avg2013\avgidsagent.exe"



+ "avgwd"           "AVG
Watchdog Service"             "AVG
Technologies CZ, s.r.o."    "c:\program
files (x86)\avg\avg2013\avgwdsvc.exe"



+ "Greg_Service"             "Global Registration Service"      "Acer Incorporated"       "c:\program files
(x86)\gateway\registration\greghsrw.exe"



+ "gupdate"       "Keeps
your Google software up to date. If this service is disabled or stopped, your
Google software will not be kept up to date, meaning security vulnerabilities
that may arise cannot be fixed and features may not work. This service
uninstalls itself when there is no Google software using it."          "Google Inc."     "c:\program files
(x86)\google\update\googleupdate.exe"



+ "gupdatem"   "Keeps
your Google software up to date. If this service is disabled or stopped, your
Google software will not be kept up to date, meaning security vulnerabilities
that may arise cannot be fixed and features may not work. This service
uninstalls itself when there is no Google software using it."          "Google Inc."     "c:\program files
(x86)\google\update\googleupdate.exe"



+ "gusvc"             "Google
Updater keeps your Google software up to date. If Google Updater Service is
disabled or stopped, your Google software will not be kept up to date, meaning
security vulnerabilities that may arise cannot be fixed and features may not work."              "Google"             "c:\program files
(x86)\google\common\google updater\googleupdaterservice.exe"



+ "HFGService" "Enables
wireless Bluetooth headsets to run on this computer. If this service is stopped
or disabled, then Bluetooth headsets will not function properly on this
machine."                "CSR,
plc"                "c:\windows\system32\hfgservice.dll"



+ "IAANTMON"                "RAID
Monitor"                "Intel
Corporation"         "c:\program
files (x86)\intel\intel matrix storage manager\iaantmon.exe"



+ "IDriverT"        "Provides
support for the Running Object Table for InstallShield Drivers"              "Macrovision
Corporation"                "c:\program
files (x86)\common files\installshield\driver\11\intel 32\idrivert.exe"



+ "iPod Service"                "iPod hardware management services" "Apple Inc."        "c:\program files\ipod\bin\ipodservice.exe"



+ "MSCamSvc"  "MsCamSvc.exe"             "Microsoft Corporation"               "c:\program files\microsoft
lifecam\mscams64.exe"



+ "Nero BackItUp Scheduler 4.0"              "Nero BackItUp Scheduler 4.0
is responsible to control all jobs created using Nero BackItUp. These jobs can
create backups of selected files/folders/partitions or complete hard disk to
hard disk, network drive, disc or FTP."           "Nero
AG"          "c:\program files
(x86)\common files\nero\nero backitup 4\nbservice.exe"



+ "Net Driver HPZ12"      "Dot4Net Module"          "Hewlett-Packard"          "c:\windows\system32\hpzinw12.dll"



+ "NTI IScheduleSvc"      "NTI IShadow Manage backup/Sync jobs and  etc..."       "NewTech
Infosystems, Inc."     "c:\program
files (x86)\newtech infosystems\gateway mybackup\ischedulesvc.exe"



+ "ose64"            "Saves
installation files used for updates and repairs and is required for the
downloading of Setup updates and Watson error reports."         "Microsoft Corporation"               "c:\program files\common
files\microsoft shared\source engine\ose.exe"



+ "osppsvc"        "Office
Software Protection Platform Service (unlocalized description)" "Microsoft Corporation"                "c:\program files\common
files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe"



+ "Pml Driver HPZ12"      "PmlDrv Module"            "Hewlett-Packard"          "c:\windows\system32\hpzipm12.dll"



+ "Updater Service"        "Acer Update Service"   "Acer"   "c:\program
files\gateway\gateway updater\updaterservice.exe"



+ "vToolbarUpdater14.2.0"          "ToolbarU Application"  ""            "c:\program
files (x86)\common files\avg secure
search\vtoolbarupdater\14.2.0\toolbarupdater.exe"



+ "WinDefend" "Protection
against spyware and potentially unwanted software"            "Microsoft Corporation"                "c:\program files\windows
defender\mpsvc.dll"



+ "wlidsvc"          "Enables
Windows Live ID authentication."          "Microsoft
Corporation"               "c:\program
files\common files\microsoft shared\windows live\wlidsvc.exe"



+ "WMPNetworkSvc"    "Shares Windows Media Player libraries to other networked
players and media devices using Universal Plug and Play"               "Microsoft Corporation"               "c:\program files\windows
media player\wmpnetwk.exe"



"HKLM\System\CurrentControlSet\Services"     ""            ""            ""



+ "adp94xx"       "Adaptec
Windows SAS/SATA Storport Driver"  "Adaptec,
Inc."                "c:\windows\system32\drivers\adp94xx.sys"



+ "adpahci"         "Adaptec
Windows SATA Storport Driver"            "Adaptec,
Inc."                "c:\windows\system32\drivers\adpahci.sys"



+ "adpu320"       "Adaptec
StorPort Ultra320 SCSI Driver (X64)"    "Adaptec,
Inc."                "c:\windows\system32\drivers\adpu320.sys"



+ "aliide"              "ALi
mini IDE Driver"       "Acer
Laboratories Inc."                "c:\windows\system32\drivers\aliide.sys"



+ "amdsata"       "AHCI
1.2 Device Driver"               "Advanced
Micro Devices"                "c:\windows\system32\drivers\amdsata.sys"



+ "amdsbs"         "AMD
Technology AHCI Compatible Controller Driver for Windows - AMD64 platform"   "AMD Technologies Inc."       "c:\windows\system32\drivers\amdsbs.sys"



+ "amdxata"       "Storage
Filter Driver"    "Advanced
Micro Devices"          "c:\windows\system32\drivers\amdxata.sys"



+ "arc"  "Adaptec
RAID Storport Driver" "Adaptec,
Inc." "c:\windows\system32\drivers\arc.sys"



+ "arcsas"            "Adaptec
SAS RAID WS03 Driver"              "Adaptec,
Inc." "c:\windows\system32\drivers\arcsas.sys"



+ "AVGIDSDriver"            "AVG Technologies IDS Application Activity Monitor
Driver"         "AVG
Technologies CZ, s.r.o. "                "c:\windows\system32\drivers\avgidsdrivera.sys"



+ "AVGIDSHA"  "AVG
Technologies IDS Application Activity Monitor Helper Driver"          "AVG Technologies CZ, s.r.o.
"                "c:\windows\system32\drivers\avgidsha.sys"



+ "Avgldx64"      "AVG
AVI Loader Driver"              "AVG
Technologies CZ, s.r.o."                "c:\windows\system32\drivers\avgldx64.sys"



+ "Avgloga"        "AVG
Logging Driver"     "AVG
Technologies CZ, s.r.o."    "c:\windows\system32\drivers\avgloga.sys"



+ "Avgmfx64"    "AVG
Resident Shield Minifilter Driver" "AVG
Technologies CZ, s.r.o."                "c:\windows\system32\drivers\avgmfx64.sys"



+ "Avgrkx64"      "AVG
Anti-Rootkit Driver"            "AVG
Technologies CZ, s.r.o."                "c:\windows\system32\drivers\avgrkx64.sys"



+ "Avgtdia"         "AVG
Network connection watcher"      "AVG
Technologies CZ, s.r.o."                "c:\windows\system32\drivers\avgtdia.sys"



+ "avgtp"             ""            "AVG Technologies"       "c:\windows\system32\drivers\avgtpx64.sys"



+ "b06bdrv"        "Broadcom
NetXtreme II GigE VBD"        "Broadcom
Corporation"                "c:\windows\system32\drivers\bxvbda.sys"



+ "b57nd60a"     "Broadcom
NetXtreme Gigabit Ethernet NDIS6.x Unified Driver."             "Broadcom Corporation"                "c:\windows\system32\drivers\b57nd60a.sys"



+ "BrFiltLo"         "Windows
ME USB Mass-Storage Bulk-Only Lower Filter Driver"                "Brother Industries, Ltd."                "c:\windows\system32\drivers\brfiltlo.sys"



+ "BrFiltUp"        "Windows
ME USB Mass-Storage Bulk-Only Upper Filter Driver"                "Brother Industries, Ltd."                "c:\windows\system32\drivers\brfiltup.sys"



+ "BrSerIb"         "Brother
MFC Serial Interface Driver(WDM)"      "Brother
Industries Ltd."                "c:\windows\system32\drivers\brserib.sys"



+ "Brserid"          "Brotehr
Serial I/F Driver (WDM)"            "Brother
Industries Ltd."                "c:\windows\system32\drivers\brserid.sys"



+ "BrSerWdm"  "Brother
Serial driver (WDM version)"   "Brother
Industries Ltd."                "c:\windows\system32\drivers\brserwdm.sys"



+ "BrUsbMdm" "Brother
USB MDM Driver "        "Brother
Industries Ltd."                "c:\windows\system32\drivers\brusbmdm.sys"



+ "BrUsbSer"     "Brother
USB Serial Driver"          "Brother
Industries Ltd."                "c:\windows\system32\drivers\brusbser.sys"



+ "BrUsbSIb"      "Brother
MFC Serial USB Driver(WDM)"                "Brother
Industries Ltd."                "c:\windows\system32\drivers\brusbsib.sys"



+ "BthAudioHF"                "Bluetooth
Hands-free Audio Service"   "CSR,
plc"                "c:\windows\system32\drivers\bthaudiohf.sys"



+ "BthAvrcp"      "Bluetooth
Remote Control Driver"         "CSR,
plc"            "c:\windows\system32\drivers\bthavrcp.sys"



+ "cmdide"         "CMD
PCI IDE Bus Driver"             "CMD
Technology, Inc."                "c:\windows\system32\drivers\cmdide.sys"



+ "csr_a2dp"      "Bluetooth
A2DP Driver"              "CSR,
plc"            "c:\windows\system32\drivers\bthav.sys"



+ "e1yexpress" "Intel®
Gigabit Network Connection NDIS 6 deserialized driver"             "Intel Corporation"                "c:\windows\system32\drivers\e1y60x64.sys"



+ "ebdrv"            "Broadcom
NetXtreme II 10 GigE VBD"  "Broadcom
Corporation"                "c:\windows\system32\drivers\evbda.sys"



+ "elxstor"          "Storport
Miniport Driver for LightPulse HBAs"   "Emulex"             "c:\windows\system32\drivers\elxstor.sys"



+ "GEARAspiWDM"         "CD
DVD Filter" "GEAR Software
Inc."     "c:\windows\system32\drivers\gearaspiwdm.sys"



+ "hcw85cir"       "Hauppauge
WinTV 885 Consumer IR Driver for eHome"               "Hauppauge
Computer Works, Inc."                "c:\windows\system32\drivers\hcw85cir.sys"



+ "HpSAMD"      "Smart
Array SAS/SATA Controller Media Driver"              "Hewlett-Packard
Company"                "c:\windows\system32\drivers\hpsamd.sys"



+ "HTCAND64"  "ADB
Interface"                "HTC,
Corporation"         "c:\windows\system32\drivers\androidusb.sys"



+ "iaStor"             "Intel
Matrix Storage Manager driver - x64"         "Intel
Corporation"                "c:\windows\system32\drivers\iastor.sys"



+ "iaStorV"          "Intel
Matrix Storage Manager driver - x64"         "Intel
Corporation"                "c:\windows\system32\drivers\iastorv.sys"



+ "igfx" "Intel
Graphics Kernel Mode Driver"       "Intel
Corporation"         "c:\windows\system32\drivers\igdkmd64.sys"



+ "iirsp"                "Intel/ICP
Raid Storport Driver" "Intel
Corp./ICP vortex GmbH"  "c:\windows\system32\drivers\iirsp.sys"



+ "IntcAzAudAddService"            "Realtek® High Definition Audio Function
Driver"            "Realtek
Semiconductor Corp."                "c:\windows\system32\drivers\rtkvhd64.sys"



+ "IntcHdmiAddService"               "Intel® High Definition Audio HDMI"    "Intel® Corporation"                "c:\windows\system32\drivers\intchdmi.sys"



+ "LSI_FC"           "LSI
Fusion-MPT FC Driver (StorPort)"    "LSI
Corporation"             "c:\windows\system32\drivers\lsi_fc.sys"



+ "LSI_SAS"        "LSI
Fusion-MPT SAS Driver (StorPort)"  "LSI
Corporation"             "c:\windows\system32\drivers\lsi_sas.sys"



+ "LSI_SAS2"      "LSI
SAS Gen2 Driver (StorPort)"               "LSI
Corporation"                "c:\windows\system32\drivers\lsi_sas2.sys"



+ "LSI_SCSI"       "LSI
Fusion-MPT SCSI Driver (StorPort)" "LSI
Corporation"             "c:\windows\system32\drivers\lsi_scsi.sys"



+ "megasas"       "MEGASAS
RAID Controller Driver for Windows 7\Server 2008 R2 for x64"             "LSI Corporation"                "c:\windows\system32\drivers\megasas.sys"



+ "MegaSR"        "LSI
MegaRAID Software RAID Driver"    "LSI
Corporation, Inc."                "c:\windows\system32\drivers\megasr.sys"



+ "nfrd960"         "IBM
ServeRAID Controller Driver"          "IBM
Corporation"                "c:\windows\system32\drivers\nfrd960.sys"



+ "NT_NvcA"     "Nortel
VPN Adapter"   ""            "File not found:
system32\DRIVERS\ntnvca.sys"



+ "NTIDrvr"         "NTI
CD-ROM Filter Driver"          "NewTech
Infosystems, Inc."     "c:\windows\system32\drivers\ntidrvr.sys"



+ "nvraid"            "NVIDIA®
nForce™ RAID Driver"         "NVIDIA
Corporation"    "c:\windows\system32\drivers\nvraid.sys"



+ "nvstor"           "NVIDIA®
nForce™ Sata Performance Driver"               "NVIDIA
Corporation"                "c:\windows\system32\drivers\nvstor.sys"



+ "pneteth"        "PdaNet
Broadband Adapter Driver"      "June
Fabrics Technology Inc."                "c:\windows\system32\drivers\pneteth.sys"



+ "PxHlpa64"      "Px
Engine Device Driver for 64-bit Windows"     "Sonic
Solutions"                "c:\windows\system32\drivers\pxhlpa64.sys"



+ "ql2300"           "QLogic
Fibre Channel Stor Miniport Driver"        "QLogic
Corporation"                "c:\windows\system32\drivers\ql2300.sys"



+ "ql40xx"           "QLogic
iSCSI Storport Miniport Driver"  "QLogic
Corporation"     "c:\windows\system32\drivers\ql40xx.sys"



+ "secdrv"           "Macrovision
SECURITY Driver"  "Macrovision
Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia
K.K."       "c:\windows\system32\drivers\secdrv.sys"



+ "SiSRaid2"        "SiS
RAID Stor Miniport Driver"  "Silicon
Integrated Systems Corp."                "c:\windows\system32\drivers\sisraid2.sys"



+ "SiSRaid4"        "SiS
AHCI Stor-Miniport Driver" "Silicon
Integrated Systems"                "c:\windows\system32\drivers\sisraid4.sys"



+ "stexstor"        "Promise  SuperTrak EX Series Driver for Windows "        "Promise Technology"                "c:\windows\system32\drivers\stexstor.sys"



+ "UBHelper"     "NTI
CDROM Filter Driver"           "NewTech
Infosystems Corporation"                "c:\windows\system32\drivers\ubhelper.sys"



+ "viaide"            "VIA
Generic PCI IDE Bus Driver"               "VIA
Technologies, Inc."                "c:\windows\system32\drivers\viaide.sys"



+ "vsmraid"        "VIA
RAID DRIVER FOR AMD-X86-64"      "VIA
Technologies Inc.,Ltd"                "c:\windows\system32\drivers\vsmraid.sys"



"HKLM\Software\Microsoft\Windows
NT\CurrentVersion\Drivers32"    ""            ""            ""



+ "msacm.l3acm"             "MPEG
Layer-3 Audio Codec for MSACM"            "Fraunhofer
Institut Integrierte Schaltungen IIS"                "c:\windows\system32\l3codeca.acm"



"HKLM\Software\Wow6432Node\Microsoft\Windows
NT\CurrentVersion\Drivers32"  ""            ""            ""



+ "msacm.l3acm"             "MPEG
Layer-3 Audio Codec for MSACM"            "Fraunhofer
Institut Integrierte Schaltungen IIS"                "c:\windows\syswow64\l3codeca.acm"



+ "vidc.cvid"       "Cinepak®
Codec"           "Radius
Inc."      "c:\windows\syswow64\iccvid.dll"



"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance"               ""            ""                ""



+ "ArcGetDataSample"  ""            ""            "File not found: C:\Program
Files (x86)\Palm\PhotoDesktop\ArcGetDataSample.ax"



+ "ArcPutDataSample"  ""            ""            "File not found: C:\Program
Files (x86)\Palm\PhotoDesktop\ArcPutDataSample.ax"



+ "ArcSoft AAC Decoder"             ""            ""            "File not found: C:\Program
Files (x86)\Palm\PhotoDesktop\AACDecode.ax"



+ "Arcsoft AMRDecoder"             ""            ""            "File not found: C:\Program
Files (x86)\Palm\PhotoDesktop\AMRDecoder.ax"



+ "ArcSoft Deinterlace" ""            ""            "File not found: C:\Program
Files (x86)\Palm\PhotoDesktop\deinterlace.ax"



+ "ArcSoft H.264 Decoder"           ""            ""            "File
not found: C:\Program Files (x86)\Palm\PhotoDesktop\H264DecFilter.ax"



+ "ArcSoft MP4 Splitter"               ""            ""            "File not found: C:\Program
Files (x86)\Palm\PhotoDesktop\MP4Splitter.ax"



+ "ArcSoft MPEG Audio Decoder"            ""            ""            "File
not found: C:\Program Files (x86)\Palm\PhotoDesktop\mpgaudio.ax"



+ "ArcSoft Mpeg Encoder Filter"               ""            ""            "File not found: C:\Program Files
(x86)\Palm\PhotoDesktop\ArcMpegCodec.ax"



+ "ArcSoft MPEG Splitter"            ""            ""            "File
not found: C:\Program Files (x86)\Palm\PhotoDesktop\ArcSpl.ax"



+ "ArcSoft MPEG Video Decoder"            ""            ""            "File
not found: C:\Program Files (x86)\Palm\PhotoDesktop\mpgvideo.ax"



+ "ArcSoft MPEG4 Decoder"       ""            ""            "File
not found: C:\Program Files (x86)\Palm\PhotoDesktop\MP4Decoder.ax"



+ "ArcSoft MPEG4 Decoder"       ""            ""            "File
not found: C:\Program Files (x86)\Palm\PhotoDesktop\H263Dec.ax"



+ "Arcsoft QCELPDecoder"          ""            ""            "File not found: C:\Program
Files (x86)\Palm\PhotoDesktop\QCELPDecoder.ax"



+ "ArcSoft Video Decoder"          ""            ""            "File
not found: C:\Program Files (x86)\Palm\PhotoDesktop\uASViD.ax"



+ "File Dump"    ""            ""            "File not found: C:\Program Files
(x86)\Palm\PhotoDesktop\FileDump.ax"



+ "TimeShift2.0 Client Filter"       ""            ""            "File
not found: C:\Program Files (x86)\Palm\PhotoDesktop\TimeShift2.ax"



+ "TimeShift2.0 Server Filter"     ""            ""            "File
not found: C:\Program Files (x86)\Palm\PhotoDesktop\TimeShift2.ax"



"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential
Providers"                ""            ""            ""



+ "WLIDCredentialProvider"       "Microsoft® Windows Live ID
Credential Provider"           "Microsoft
Corporation"                "c:\program
files\common files\microsoft shared\windows live\wlidcredprov.dll"



"HKLM\SOFTWARE\Microsoft\Windows
NT\CurrentVersion\Winlogon\Notify" ""            ""            ""



+ "igfxcui"           "igfxdev
Module"            "Intel
Corporation"         "c:\windows\system32\igfxdev.dll"



"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries"      ""            ""                ""



+ "WindowsLive Local NSP"         "Microsoft® Windows Live ID
Namespace Provider"        "Microsoft
Corporation"                "c:\program
files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"



+ "WindowsLive NSP"    "Microsoft® Windows Live ID Namespace Provider"        "Microsoft Corporation"               "c:\program files
(x86)\common files\microsoft shared\windows live\wlidnsp.dll"



"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64" ""            ""                ""



+ "WindowsLive Local NSP"         "Microsoft® Windows Live ID
Namespace Provider"        "Microsoft
Corporation"                "c:\program
files\common files\microsoft shared\windows live\wlidnsp.dll"



+ "WindowsLive NSP"    "Microsoft® Windows Live ID Namespace Provider"        "Microsoft Corporation"               "c:\program files\common
files\microsoft shared\windows live\wlidnsp.dll"



"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors"     ""            ""            ""



+ "LIDIL hpzlllhn"              "LanguageMonitor"        "Hewlett-Packard Company"      "c:\windows\system32\hpzlllhn.dll"



+ "PDFCreator" ""            ""            "c:\windows\system32\pdfcmnnt.dll"



#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:40 AM

Posted 23 February 2013 - 06:51 PM

.


Edited by narenxp, 23 February 2013 - 07:18 PM.


#5 rbblb

rbblb
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:05:40 AM

Posted 23 February 2013 - 07:01 PM

oops.  trying to fix two computers at once let me post the one that I have been quoting this whole time.


Edited by rbblb, 23 February 2013 - 07:04 PM.


#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:40 AM

Posted 23 February 2013 - 07:02 PM

.


That looks good

Remove temporary and junk files

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode


Create a new restore point

Follow this guide to turn off and turn on your restore points

XP- http://support.microsoft.com/kb/310405

Vista & windows 7- http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Turn off your system restore-It deletes old infected restore points

Turn on system restore and create a new restore point

Update JAVA and Flash player

Uninstall old version of java from control panel-Add or remove programs.Download the latest version from here

http://java.com/en/

Update your flash player

Antivirus recommendations

Update your antivirus frequently.Two free antivirus that i would suggest are

Microsoft security essentials or Avast.You can select either one of them.

If you have a paid one,make sure to update it frequently.Do not use multiple security softwares.

Informative guides that could prevent you from being infected again

How did I get infected?

http://www.bleepingcomputer.com/forums/topic2520.html

Best Practices for Safe Computing - Prevention of Malware Infection

http://www.bleepingcomputer.com/forums/topic407147.html

Simple and easy ways to keep your computer safe and secure on the Internet

http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/

Safe surfing smile.png


Edited by narenxp, 23 February 2013 - 07:16 PM.


#7 rbblb

rbblb
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:05:40 AM

Posted 23 February 2013 - 07:08 PM

Let me post this mini toolbox log.  The previous one was from another computer that I was trying to fix in parallel.


MiniToolBox by Farbar  Version:10-01-2013
Ran by BFamily (administrator) on 23-02-2013 at 17:06:30
Running from "C:\Users\BFamily\Downloads"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================
 
::1             localhost


#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:40 AM

Posted 23 February 2013 - 07:16 PM

I'm confused.How do i get the logs for the other computer? Create a new topic for other computer.It should avoid confusion


Edited by narenxp, 23 February 2013 - 07:17 PM.


#9 rbblb

rbblb
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:05:40 AM

Posted 23 February 2013 - 11:36 PM

Sorry about the confusion.  I had posted the mini toolbox for the wrong computer before.  As soon as I had realized what I had done I modified the incorrect posting and replied with a new result but you had already responded by the time I had done so.  Both computers had the same symptoms (probably from the same site) and so I just followed the same steps in parallel to save time.  They both seem to be working well now so I don't think that I will need a separate post.

 

Thanks for all of you help.  I didn't know where to begin to fix this issue.  I couldn't have done it without you.



#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:40 AM

Posted 24 February 2013 - 01:23 PM

welcome.gif






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users