Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Google Redirect to Facebook virus - help needed


  • Please log in to reply
16 replies to this topic

#1 madkeiper

madkeiper

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:11:43 PM

Posted 26 May 2013 - 09:45 PM

Hi,

I see numerous other posts about this redirect virus, but all seem to have answers where there is not a universal answer to this dilemma.  Therefore, I am posting to find out what I need to do.  Is there a tool that works for everyone that I can use or what do I need to do to finally get rid of this?

 

A few months ago, this virus showed up on our router as all computers and phones in our house were being redirected.  We took care of that (somehow) and have had little issue since then.  Now one computer started doing it again today.  I used Malware, MBAM, JRT and Super AntiSpyWare all today without any luck.

 

Can someone please help me with this?

 

Thanks.

 



BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,489 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:43 AM

Posted 26 May 2013 - 10:19 PM

Welcome, I moved this from Win7 to Am I Infected..

Appears you are infected so lets run these and see how it is after.

Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



Please Download TDSSkiller
Launch it.
Click on change parameters-Select TDLFS file system
Click on "Scan".
Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results.



Please download AdwCleaner by Xplode onto your desktop.
•Close all open programs and internet browsers.
•Double click on adwcleaner.exe to run the tool.
•Click on Delete.
•Confirm each time with Ok.
•You will be prompted to restart your computer. A text file will open after the restart.
•Please post the contents of that logfile with your next reply.
•You can find the logfile at C:\AdwCleaner[S1].txt as well.




Now I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
NOTE:Sometimes if ESET finds no infections it will not create a log.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 madkeiper

madkeiper
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:11:43 PM

Posted 27 May 2013 - 09:14 PM

Sorry, I didn't see this reply until just now. Thanks for the info. I will get working on this and let you know of any questions, etc.



#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,489 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:43 AM

Posted 27 May 2013 - 09:59 PM

No problem.


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 madkeiper

madkeiper
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:11:43 PM

Posted 27 May 2013 - 10:11 PM

Here is the result.txt report - Happy Reading:)

 

MiniToolBox by Farbar  Version:21-04-2013
Ran by Keiper (administrator) on 27-05-2013 at 22:08:47
Running from "C:\Users\Keiper\Desktop"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

 

========================= IP Configuration: ================================

Broadcom 802.11n Network Adapter = Wireless Network Connection 2 (Connected)
Atheros AR8152/8158 PCI-E Fast Ethernet Controller (NDIS 6.20) = Local Area Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection (Media disconnected)

# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled

popd
# End of IPv4 configuration

 

Windows IP Configuration

   Host Name . . . . . . . . . . . . : Keiper-PC
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
   Physical Address. . . . . . . . . : 38-59-F9-59-F0-6A
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection 2:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Broadcom 802.11n Network Adapter
   Physical Address. . . . . . . . . : 38-59-F9-59-F0-6A
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::a83b:da47:e8c7:a609%12(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.106(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Monday, May 27, 2013 7:10:06 PM
   Lease Expires . . . . . . . . . . : Tuesday, May 28, 2013 8:52:23 PM
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 406346233
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-C2-69-9A-B8-70-F4-AE-78-C3
   DNS Servers . . . . . . . . . . . : 192.168.1.1
                                       97.64.168.12
                                       97.64.183.165
   NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : PXE.ACER.COM
   Description . . . . . . . . . . . : Atheros AR8152/8158 PCI-E Fast Ethernet Controller (NDIS 6.20)
   Physical Address. . . . . . . . . : B8-70-F4-AE-78-C3
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.PXE.ACER.COM:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{84C306B1-0BA9-4A50-8698-B84FB0C5271C}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{817F1DDA-30B9-4FF4-AB1A-90844398C753}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6ab8:3cf0:f7a:cdae:5359(Preferred)
   Link-local IPv6 Address . . . . . : fe80::3cf0:f7a:cdae:5359%13(Preferred)
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled
Server:  UnKnown
Address:  192.168.1.1

Name:    google.com
Addresses:  2607:f8b0:4009:800::1001
   74.125.225.40
   74.125.225.41
   74.125.225.46
   74.125.225.32
   74.125.225.33
   74.125.225.34
   74.125.225.35
   74.125.225.36
   74.125.225.37
   74.125.225.38
   74.125.225.39

Pinging google.com [74.125.225.39] with 32 bytes of data:
Reply from 74.125.225.39: bytes=32 time=27ms TTL=53
Reply from 74.125.225.39: bytes=32 time=31ms TTL=53

Ping statistics for 74.125.225.39:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 27ms, Maximum = 31ms, Average = 29ms
Server:  UnKnown
Address:  192.168.1.1

Name:    yahoo.com
Addresses:  206.190.36.45
   98.138.253.109
   98.139.183.24

Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=395ms TTL=47
Reply from 98.139.183.24: bytes=32 time=429ms TTL=47

Ping statistics for 98.139.183.24:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 395ms, Maximum = 429ms, Average = 412ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 14...38 59 f9 59 f0 6a ......Microsoft Virtual WiFi Miniport Adapter
 12...38 59 f9 59 f0 6a ......Broadcom 802.11n Network Adapter
 11...b8 70 f4 ae 78 c3 ......Atheros AR8152/8158 PCI-E Fast Ethernet Controller (NDIS 6.20)
  1...........................Software Loopback Interface 1
 19...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
 18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
 13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1    192.168.1.106     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link     192.168.1.106    281
    192.168.1.106  255.255.255.255         On-link     192.168.1.106    281
    192.168.1.255  255.255.255.255         On-link     192.168.1.106    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link     192.168.1.106    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link     192.168.1.106    281
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 13     58 ::/0                     On-link
  1    306 ::1/128                  On-link
 13     58 2001::/32                On-link
 13    306 2001:0:9d38:6ab8:3cf0:f7a:cdae:5359/128
                                    On-link
 12    281 fe80::/64                On-link
 13    306 fe80::/64                On-link
 13    306 fe80::3cf0:f7a:cdae:5359/128
                                    On-link
 12    281 fe80::a83b:da47:e8c7:a609/128
                                    On-link
  1    306 ff00::/8                 On-link
 13    306 ff00::/8                 On-link
 12    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (05/27/2013 10:06:57 PM) (Source: Application Error) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 10.0.9200.16576, time stamp: 0x515e30fe
Faulting module name: AVG Secure Search_toolbar.dll_unloaded, version: 0.0.0.0, time stamp: 0x51824e9f
Exception code: 0xc0000005
Fault offset: 0x056b5037
Faulting process id: 0x11e0
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3

Error: (05/27/2013 07:11:55 PM) (Source: Application Virtualization Client) (User: )
Description: {hap=12:app=OfficeVirt 9014006604090000:tid=1414}
The client was unable to connect to an Application Virtualization Server (rc 2460420A-40002EE2)

Error: (05/27/2013 07:11:55 PM) (Source: Application Virtualization Client) (User: )
Description: {hap=12:app=OfficeVirt 9014006604090000:tid=1414}
The Application Virtualization Client could not connect to stream URL 'http://c2r.microsoft.com/ConsumerC2R/en-us/14.0.4763.1000/ConsumerC2R.en-us_14.0.5131.5000.sft' (rc 2460420A-40002EE2, original rc 2460420A-40002EE2).

Error: (05/27/2013 07:10:54 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/27/2013 03:20:42 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/27/2013 02:10:54 PM) (Source: Application Error) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 10.0.9200.16576, time stamp: 0x515e30fe
Faulting module name: urlmon.dll, version: 10.0.9200.16576, time stamp: 0x515e314b
Exception code: 0xc0000005
Fault offset: 0x0002ba53
Faulting process id: 0x25c0
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3

Error: (05/26/2013 07:37:19 PM) (Source: Application Virtualization Client) (User: )
Description: {hap=12:app=OfficeVirt 9014006604090000:tid=11FC}
The client was unable to connect to an Application Virtualization Server (rc 24604E0A-40000194)

Error: (05/26/2013 07:37:18 PM) (Source: Application Virtualization Client) (User: )
Description: {hap=12:app=OfficeVirt 9014006604090000:tid=11FC}
The Application Virtualization Client could not connect to stream URL 'http://c2r.microsoft.com/ConsumerC2R/en-us/14.0.4763.1000/ConsumerC2R.en-us_14.0.5131.5000.sft' (rc 24604E0A-40000194, original rc 24604E0A-40000194).

Error: (05/26/2013 07:36:57 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/26/2013 04:17:50 PM) (Source: Application Error) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 10.0.9200.16576, time stamp: 0x515e30fe
Faulting module name: avgdttbx.dll, version: 1.0.0.2, time stamp: 0x50aa2d7d
Exception code: 0xc0000005
Fault offset: 0x0001bdec
Faulting process id: 0xa0c
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3

System errors:
=============
Error: (05/27/2013 07:10:19 PM) (Source: Service Control Manager) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error:
%%5

Error: (05/27/2013 03:19:48 PM) (Source: DCOM) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}

Error: (05/27/2013 03:19:48 PM) (Source: DCOM) (User: )
Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (05/27/2013 03:19:47 PM) (Source: DCOM) (User: )
Description: 1084EventSystem{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (05/27/2013 03:19:39 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.

Module Path: C:\Windows\System32\bcmihvsrv64.dll
Error Code: 21

Error: (05/27/2013 03:19:30 PM) (Source: DCOM) (User: )
Description: 1084ShellHWDetection{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (05/27/2013 03:19:27 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
AVGIDSDriver
Avgldx64
discache
mwlPSDFilter
mwlPSDNServ
mwlPSDVDisk
SASDIFSV
SASKUTIL
spldr
Wanarpv6

Error: (05/27/2013 03:19:21 PM) (Source: Service Control Manager) (User: )
Description: The Client Virtualization Handler service depends on the Application Virtualization Client service which failed to start because of the following error:
%%1068

Error: (05/27/2013 03:19:21 PM) (Source: Service Control Manager) (User: )
Description: The Conexant Audio Message Service service depends on the Windows Audio service which failed to start because of the following error:
%%1068

Error: (05/27/2013 03:19:21 PM) (Source: Service Control Manager) (User: )
Description: The AVGIDSAgent service depends on the AVGIDSDriver service which failed to start because of the following error:
%%31

Microsoft Office Sessions:
=========================
Error: (05/27/2013 10:06:57 PM) (Source: Application Error)(User: )
Description: IEXPLORE.EXE10.0.9200.16576515e30feAVG Secure Search_toolbar.dll_unloaded0.0.0.051824e9fc0000005056b503711e001ce5b504898a906C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEAVG Secure Search_toolbar.dlla7ad6388-c743-11e2-9427-b870f4ae78c3

Error: (05/27/2013 07:11:55 PM) (Source: Application Virtualization Client)(User: )
Description: {hap=12:app=OfficeVirt 9014006604090000:tid=1414}
2460420A-40002EE2

Error: (05/27/2013 07:11:55 PM) (Source: Application Virtualization Client)(User: )
Description: {hap=12:app=OfficeVirt 9014006604090000:tid=1414}
http://c2r.microsoft.com/ConsumerC2R/en-us/14.0.4763.1000/ConsumerC2R.en-us_14.0.5131.5000.sft2460420A-40002EE22460420A-40002EE2

Error: (05/27/2013 07:10:54 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/27/2013 03:20:42 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/27/2013 02:10:54 PM) (Source: Application Error)(User: )
Description: IEXPLORE.EXE10.0.9200.16576515e30feurlmon.dll10.0.9200.16576515e314bc00000050002ba5325c001ce5b0de09952f4C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\syswow64\urlmon.dll26bf2899-c701-11e2-a99d-b870f4ae78c3

Error: (05/26/2013 07:37:19 PM) (Source: Application Virtualization Client)(User: )
Description: {hap=12:app=OfficeVirt 9014006604090000:tid=11FC}
24604E0A-40000194

Error: (05/26/2013 07:37:18 PM) (Source: Application Virtualization Client)(User: )
Description: {hap=12:app=OfficeVirt 9014006604090000:tid=11FC}
http://c2r.microsoft.com/ConsumerC2R/en-us/14.0.4763.1000/ConsumerC2R.en-us_14.0.5131.5000.sft24604E0A-4000019424604E0A-40000194

Error: (05/26/2013 07:36:57 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/26/2013 04:17:50 PM) (Source: Application Error)(User: )
Description: IEXPLORE.EXE10.0.9200.16576515e30feavgdttbx.dll1.0.0.250aa2d7dc00000050001bdeca0c01ce5a53869b2a5eC:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Program Files (x86)\Common Files\AVG Secure Search\DNTInstaller\15.2.0\avgdttbx.dllb7ef7eff-c649-11e2-9ff4-b870f4ae78c3

=========================== Installed Programs ============================

Acer Crystal Eye Webcam (Version: 1.0.1306)
Acer ePower Management (Version: 6.00.3004)
Acer eRecovery Management (Version: 5.00.3002)
Acer Games (Version: 1.0.2.4)
Acer Registration (Version: 1.03.3004)
Acer ScreenSaver (Version: 1.1.0413.2011)
Acer Updater (Version: 1.02.3005)
Acer VCM (Version: 4.05.3004)
Acrobat.com (Version: 1.6.65)
Ad-Aware Antivirus (Version: 10.5.2.4379)
Ad-Aware Security Add-on (Version: 3.0.0.6)
Adobe AIR (Version: 2.0.2.12610)
Adobe Flash Player 11 ActiveX (Version: 11.7.700.202)
Adobe Reader 9.1 MUI (Version: 9.1.0)
Agatha Christie - 4:50 from Paddington (Version: 2.2.0.95)
AMD APP SDK Runtime (Version: 2.4.650.9)
AMD Media Foundation Decoders (Version: 1.0.60524.2309)
AMD VISION Engine Control Center (Version: 2011.0524.2352.41027)
Ask Toolbar (Version: 1.14.1.0)
Ask Toolbar Updater (Version: 1.2.0.20007)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (Version: 1.0.0.39)
ATI Catalyst Install Manager (Version: 3.0.829.0)
AVG 2013 (Version: 13.0.3184)
AVG 2013 (Version: 13.0.3343)
AVG 2013 (Version: 2013.0.3343)
Bejeweled 2 Deluxe (Version: 2.2.0.95)
Bing Bar (Version: 7.0.610.0)
Build-a-lot 2 (Version: 2.2.0.95)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Graphics Previews Common (Version: 2011.0524.2352.41027)
Catalyst Control Center InstallProxy (Version: 2011.0524.2352.41027)
Catalyst Control Center Localization All (Version: 2011.0524.2352.41027)
CCC Help Chinese Standard (Version: 2011.0524.2351.41027)
CCC Help Chinese Traditional (Version: 2011.0524.2351.41027)
CCC Help Czech (Version: 2011.0524.2351.41027)
CCC Help Danish (Version: 2011.0524.2351.41027)
CCC Help Dutch (Version: 2011.0524.2351.41027)
CCC Help English (Version: 2011.0524.2351.41027)
CCC Help Finnish (Version: 2011.0524.2351.41027)
CCC Help French (Version: 2011.0524.2351.41027)
CCC Help German (Version: 2011.0524.2351.41027)
CCC Help Greek (Version: 2011.0524.2351.41027)
CCC Help Hungarian (Version: 2011.0524.2351.41027)
CCC Help Italian (Version: 2011.0524.2351.41027)
CCC Help Japanese (Version: 2011.0524.2351.41027)
CCC Help Korean (Version: 2011.0524.2351.41027)
CCC Help Norwegian (Version: 2011.0524.2351.41027)
CCC Help Polish (Version: 2011.0524.2351.41027)
CCC Help Portuguese (Version: 2011.0524.2351.41027)
CCC Help Russian (Version: 2011.0524.2351.41027)
CCC Help Spanish (Version: 2011.0524.2351.41027)
CCC Help Swedish (Version: 2011.0524.2351.41027)
CCC Help Thai (Version: 2011.0524.2351.41027)
CCC Help Turkish (Version: 2011.0524.2351.41027)
ccc-utility64 (Version: 2011.0524.2352.41027)
Chuzzle Deluxe (Version: 2.2.0.95)
COMODO System Utilities (Version: 4.0.226743.26)
Conexant HD Audio (Version: 8.54.8.50)
Coupon Printer for Windows (Version: 5.0.0.1)
D3DX10 (Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Diner Dash 2 Restaurant Rescue (Version: 2.2.0.95)
Dora's World Adventure (Version: 2.2.0.95)
Dropbox (Version: 1.6.18)
eBay Worldwide (Version: 2.1.0901)
Emsisoft Anti-Malware (Version: 7.0)
FATE - The Traitor Soul (Version: 2.2.0.95)
Final Drive: Nitro (Version: 2.2.0.95)
Galerie de photos Windows Live (Version: 15.4.3502.0922)
Google Chrome (Version: 27.0.1453.94)
Google Drive (Version: 1.9.4536.8202)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.4.3607.2246)
Google Update Helper (Version: 1.3.21.145)
HP Officejet 6500 E710a-f Basic Device Software (Version: 22.50.231.0)
HP Officejet 6500 E710a-f Help (Version: 140.0.2.2)
HP Officejet 6500 E710n-z Basic Device Software (Version: 28.0.1315.0)
Identity Card (Version: 1.00.3006)
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 32 (Version: 6.0.320)
Jewel Quest Heritage (Version: 2.2.0.95)
Junk Mail filter update (Version: 15.4.3502.0922)
Launch Manager (Version: 5.1.4)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
McAfee SiteAdvisor (Version: 3.5.0.229)
McAfee SiteAdvisor (Version: 3.6.193)
McAfee Virtual Technician (Version: 6.3.0.1911)
Mesh Runtime (Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Starter 2010 - English (Version: 14.0.5131.5000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 5.1.20125.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Mozilla Firefox 20.0.1 (x86 en-US) (Version: 20.0.1)
Mozilla Maintenance Service (Version: 20.0.1)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
Mystery P.I. - Stolen in San Francisco (Version: 2.2.0.95)
MyWinLocker (Version: 4.0.14.11)
MyWinLocker 4 (Version: 4.0.14.11)
MyWinLocker Suite (Version: 4.0.14.11)
Namco All-Stars: PAC-MAN (Version: 2.2.0.95)
newsXpresso (Version: 1.0.0.40)
NOOK for PC (Version: 2.5.1.237)
Norton Online Backup (Version: 2.1.17869)
OpenOffice.org 3.3 (Version: 3.3.9567)
Penguins! (Version: 2.2.0.95)
Plants vs. Zombies - Game of the Year (Version: 2.2.0.95)
Poker Superstars III (Version: 2.2.0.95)
Polar Bowler (Version: 2.2.0.95)
Polar Golfer (Version: 2.2.0.95)
Realtek USB 2.0 Card Reader (Version: 6.1.7600.30127)
Shared C Run-time for x64 (Version: 10.0.0)
ShopAtHome.com Helper (Version: 7.0.2.0)
ShopAtHome.com Toolbar (Version: 7.0.2.0)
Shredder (Version: 2.0.8.7)
Smilebox (Version: 1.1.1.1)
SmileBox EN Toolbar (Version: 6.8.2.0)
SUPERAntiSpyware (Version: 5.6.1014)
Synaptics Pointing Device Driver (Version: 15.2.9.0)
Times Reader (Version: 2.055)
Torchlight (Version: 2.2.0.95)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
Update Installer for WildTangent Games App
Virtual Villagers 4 - The Tree of Life (Version: 2.2.0.95)
Visual Studio 2010 x64 Redistributables (Version: 13.0.0.1)
Welcome Center (Version: 1.02.3102)
Wi-Fi MediaConnect (Version: 1.6.42)
WildTangent Games App (Acer Games) (Version: 4.0.3.57)
WildTangent Games App (Version: 4.0.5.36)
Windows Live (Version: 15.4.3502.0922)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3508.1109)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3508.1109)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Zuma's Revenge (Version: 2.2.0.95)

========================= Memory info: ===================================

Percentage of memory in use: 71%
Total physical RAM: 1770.9 MB
Available physical RAM: 495.9 MB
Total Pagefile: 3541.8 MB
Available Pagefile: 1279.24 MB
Total Virtual: 4095.88 MB
Available Virtual: 3974.01 MB

========================= Partitions: =====================================

1 Drive c: (Acer) (Fixed) (Total:219.79 GB) (Free:168.98 GB) NTFS

========================= Users: ========================================

User accounts for \\KEIPER-PC

Administrator            Guest                    Keiper                  

**** End of log ****



#6 madkeiper

madkeiper
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:11:43 PM

Posted 27 May 2013 - 10:15 PM

I just went to do the next step, the TDSS killer, but the link brings me to a page that says that offer has expired.  Not sure if you want me to then skip this step and go to the next one or not.  Let me know as I do not want to move ahead before receiving confirmation from you first.



#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,489 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:43 AM

Posted 27 May 2013 - 10:22 PM

Try this http://www.bleepingcomputer.com/download/tdsskiller/


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#8 madkeiper

madkeiper
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:11:43 PM

Posted 28 May 2013 - 08:32 AM

Sorry, waited a little while last night and it looked like you weren't online so I logged off.  The second link you provided, but only the zip file worked as the exe file still took me to the Kaspersky site where the software is no longer available.  Just FYI.

 

Here is the report:

 

 

08:27:15.0953 3932  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
08:27:16.0571 3932  ============================================================
08:27:16.0571 3932  Current date / time: 2013/05/28 08:27:16.0571
08:27:16.0571 3932  SystemInfo:
08:27:16.0571 3932 
08:27:16.0571 3932  OS Version: 6.1.7601 ServicePack: 1.0
08:27:16.0571 3932  Product type: Workstation
08:27:16.0572 3932  ComputerName: KEIPER-PC
08:27:16.0572 3932  UserName: Keiper
08:27:16.0572 3932  Windows directory: C:\Windows
08:27:16.0572 3932  System windows directory: C:\Windows
08:27:16.0572 3932  Running under WOW64
08:27:16.0572 3932  Processor architecture: Intel x64
08:27:16.0572 3932  Number of processors: 2
08:27:16.0572 3932  Page size: 0x1000
08:27:16.0572 3932  Boot type: Normal boot
08:27:16.0572 3932  ============================================================
08:27:18.0876 3932  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
08:27:18.0890 3932  ============================================================
08:27:18.0890 3932  \Device\Harddisk0\DR0:
08:27:18.0890 3932  MBR partitions:
08:27:18.0890 3932  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1A00800, BlocksNum 0x32000
08:27:18.0890 3932  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1A32800, BlocksNum 0x1B792800
08:27:18.0891 3932  ============================================================
08:27:18.0951 3932  C: <-> \Device\Harddisk0\DR0\Partition2
08:27:18.0971 3932  ============================================================
08:27:18.0971 3932  Initialize success
08:27:18.0971 3932  ============================================================
08:27:25.0505 5584  ============================================================
08:27:25.0505 5584  Scan started
08:27:25.0505 5584  Mode: Manual;
08:27:25.0505 5584  ============================================================
08:27:31.0582 5584  ================ Scan system memory ========================
08:27:31.0582 5584  System memory - ok
08:27:31.0583 5584  ================ Scan services =============================
08:27:31.0771 5584  [ 581D88B25C4D4121824FED2CA38E562F ] !SASCORE        C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
08:27:31.0776 5584  !SASCORE - ok
08:27:32.0263 5584  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
08:27:32.0363 5584  1394ohci - ok
08:27:32.0616 5584  [ 2D6434E957F7CFA0035C20890F77BBC6 ] a2acc           C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys
08:27:32.0621 5584  a2acc - ok
08:27:32.0812 5584  [ A7F08A73F2668FCD2B51A66751FA7FF3 ] a2AntiMalware   C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
08:27:32.0869 5584  a2AntiMalware - ok
08:27:32.0934 5584  [ D27A8B7BB0E15DFBFC6B4E774EE17AD9 ] A2DDA           C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys
08:27:32.0951 5584  A2DDA - ok
08:27:33.0004 5584  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
08:27:33.0037 5584  ACPI - ok
08:27:33.0115 5584  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
08:27:33.0159 5584  AcpiPmi - ok
08:27:33.0292 5584  [ 9D90344179ED6A05959DE40FC934A022 ] Ad-Aware Service C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe
08:27:33.0317 5584  Ad-Aware Service - ok
08:27:33.0630 5584  [ F040037B149FD0F5A5044AE563390FA7 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
08:27:33.0645 5584  AdobeFlashPlayerUpdateSvc - ok
08:27:34.0071 5584  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
08:27:34.0148 5584  adp94xx - ok
08:27:34.0262 5584  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
08:27:34.0308 5584  adpahci - ok
08:27:34.0356 5584  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
08:27:34.0421 5584  adpu320 - ok
08:27:34.0493 5584  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
08:27:34.0496 5584  AeLookupSvc - ok
08:27:34.0566 5584  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
08:27:34.0610 5584  AFD - ok
08:27:34.0672 5584  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
08:27:34.0684 5584  agp440 - ok
08:27:34.0736 5584  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
08:27:34.0740 5584  ALG - ok
08:27:34.0780 5584  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
08:27:34.0783 5584  aliide - ok
08:27:34.0883 5584  [ 514089CB4A7DF38DC4DD936ADE4114D3 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
08:27:34.0889 5584  AMD External Events Utility - ok
08:27:34.0932 5584  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
08:27:34.0949 5584  amdide - ok
08:27:34.0993 5584  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
08:27:35.0015 5584  AmdK8 - ok
08:27:35.0560 5584  [ 9A4B92150A5E259A7159D914CC3A60D7 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
08:27:35.0885 5584  amdkmdag - ok
08:27:35.0945 5584  [ 9DEB889D152F9C9DBA98BE8986084535 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
08:27:35.0965 5584  amdkmdap - ok
08:27:35.0997 5584  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
08:27:36.0042 5584  AmdPPM - ok
08:27:36.0077 5584  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
08:27:36.0197 5584  amdsata - ok
08:27:36.0256 5584  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
08:27:36.0271 5584  amdsbs - ok
08:27:36.0302 5584  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
08:27:36.0312 5584  amdxata - ok
08:27:36.0349 5584  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
08:27:36.0361 5584  AppID - ok
08:27:36.0401 5584  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
08:27:36.0440 5584  AppIDSvc - ok
08:27:36.0556 5584  [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo         C:\Windows\System32\appinfo.dll
08:27:36.0569 5584  Appinfo - ok
08:27:36.0612 5584  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\drivers\arc.sys
08:27:36.0616 5584  arc - ok
08:27:36.0663 5584  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\drivers\arcsas.sys
08:27:36.0698 5584  arcsas - ok
08:27:36.0754 5584  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
08:27:36.0777 5584  AsyncMac - ok
08:27:36.0802 5584  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
08:27:36.0804 5584  atapi - ok
08:27:36.0893 5584  [ CBD14F698DEF12EE3557604B726CB8EB ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
08:27:36.0914 5584  AtiHDAudioService - ok
08:27:36.0990 5584  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
08:27:37.0020 5584  AudioEndpointBuilder - ok
08:27:37.0043 5584  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
08:27:37.0055 5584  AudioSrv - ok
08:27:37.0440 5584  [ 50185186719134FA8F307D269106A51C ] AVGIDSAgent     C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
08:27:37.0588 5584  AVGIDSAgent - ok
08:27:37.0677 5584  [ 139BD30C32BEE830D0CF39C5324D79DE ] AVGIDSDriver    C:\Windows\system32\DRIVERS\avgidsdrivera.sys
08:27:37.0695 5584  AVGIDSDriver - ok
08:27:37.0798 5584  [ 2940FACB6EF92BD1936E4A1E2502468E ] AVGIDSHA        C:\Windows\system32\DRIVERS\avgidsha.sys
08:27:37.0814 5584  AVGIDSHA - ok
08:27:37.0868 5584  [ 54B66C4AEEC6C4F742F3569EBA03EBB8 ] Avgldx64        C:\Windows\system32\DRIVERS\avgldx64.sys
08:27:37.0922 5584  Avgldx64 - ok
08:27:38.0011 5584  [ 13667B5D6310228A9FEF2BA5FCD9081F ] Avgloga         C:\Windows\system32\DRIVERS\avgloga.sys
08:27:38.0020 5584  Avgloga - ok
08:27:38.0099 5584  [ BE82F9A1F2CCF4CE746D0C645D94079E ] Avgmfx64        C:\Windows\system32\DRIVERS\avgmfx64.sys
08:27:38.0105 5584  Avgmfx64 - ok
08:27:38.0193 5584  [ 5D11620DEF66F9DC9468FEE385A8429B ] Avgrkx64        C:\Windows\system32\DRIVERS\avgrkx64.sys
08:27:38.0197 5584  Avgrkx64 - ok
08:27:38.0264 5584  [ 69BD90E337625F96C718CACE7A9C9E29 ] Avgtdia         C:\Windows\system32\DRIVERS\avgtdia.sys
08:27:38.0272 5584  Avgtdia - ok
08:27:38.0335 5584  [ 3B5657B6C11CDA87F664DD6F7DD0702D ] avgtp           C:\Windows\system32\drivers\avgtpx64.sys
08:27:38.0354 5584  avgtp - ok
08:27:38.0415 5584  [ 3A0977CB68AF13E2579E47EB8984056B ] avgwd           C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
08:27:38.0423 5584  avgwd - ok
08:27:38.0498 5584  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
08:27:38.0504 5584  AxInstSV - ok
08:27:38.0586 5584  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
08:27:38.0628 5584  b06bdrv - ok
08:27:38.0704 5584  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
08:27:38.0741 5584  b57nd60a - ok
08:27:38.0817 5584  [ 93EE7D9C35AE7E9FFDA148D7805F1421 ] BBSvc           C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
08:27:38.0832 5584  BBSvc - ok
08:27:39.0049 5584  [ 85111026F1C5A1C4CCE3697F0DA7BC1A ] BCM43XX         C:\Windows\system32\DRIVERS\bcmwl664.sys
08:27:39.0196 5584  BCM43XX - ok
08:27:39.0278 5584  [ 23D68A29D1E12E593E99A7CF8F5F1B95 ] BCMH43XX        C:\Windows\system32\DRIVERS\bcmwlhigh664.sys
08:27:39.0322 5584  BCMH43XX - ok
08:27:39.0378 5584  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
08:27:39.0412 5584  BDESVC - ok
08:27:39.0446 5584  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
08:27:39.0470 5584  Beep - ok
08:27:39.0563 5584  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
08:27:39.0577 5584  BFE - ok
08:27:39.0642 5584  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
08:27:39.0754 5584  BITS - ok
08:27:39.0820 5584  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
08:27:39.0824 5584  blbdrive - ok
08:27:39.0866 5584  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
08:27:39.0870 5584  bowser - ok
08:27:39.0895 5584  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
08:27:39.0919 5584  BrFiltLo - ok
08:27:39.0951 5584  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
08:27:39.0971 5584  BrFiltUp - ok
08:27:40.0020 5584  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
08:27:40.0025 5584  Browser - ok
08:27:40.0083 5584  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
08:27:40.0091 5584  Brserid - ok
08:27:40.0116 5584  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
08:27:40.0120 5584  BrSerWdm - ok
08:27:40.0139 5584  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
08:27:40.0145 5584  BrUsbMdm - ok
08:27:40.0169 5584  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
08:27:40.0173 5584  BrUsbSer - ok
08:27:40.0236 5584  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
08:27:40.0241 5584  BTHMODEM - ok
08:27:40.0297 5584  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
08:27:40.0328 5584  bthserv - ok
08:27:40.0368 5584  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
08:27:40.0403 5584  cdfs - ok
08:27:40.0505 5584  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\drivers\cdrom.sys
08:27:40.0514 5584  cdrom - ok
08:27:40.0574 5584  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
08:27:40.0597 5584  CertPropSvc - ok
08:27:40.0646 5584  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\drivers\circlass.sys
08:27:40.0656 5584  circlass - ok
08:27:40.0724 5584  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
08:27:40.0763 5584  CLFS - ok
08:27:40.0848 5584  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
08:27:40.0856 5584  clr_optimization_v2.0.50727_32 - ok
08:27:40.0925 5584  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
08:27:40.0955 5584  clr_optimization_v2.0.50727_64 - ok
08:27:41.0027 5584  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
08:27:41.0117 5584  clr_optimization_v4.0.30319_32 - ok
08:27:41.0155 5584  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
08:27:41.0166 5584  clr_optimization_v4.0.30319_64 - ok
08:27:41.0219 5584  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
08:27:41.0227 5584  CmBatt - ok
08:27:41.0265 5584  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
08:27:41.0279 5584  cmdide - ok
08:27:41.0339 5584  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
08:27:41.0350 5584  CNG - ok
08:27:41.0434 5584  [ 87FF942B1954F31AD09028BCCC9DCCA2 ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT64.sys
08:27:41.0465 5584  CnxtHdAudService - ok
08:27:41.0523 5584  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
08:27:41.0527 5584  Compbatt - ok
08:27:41.0542 5584  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
08:27:41.0550 5584  CompositeBus - ok
08:27:41.0571 5584  COMSysApp - ok
08:27:41.0603 5584  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
08:27:41.0607 5584  crcdisk - ok
08:27:41.0674 5584  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
08:27:41.0694 5584  CryptSvc - ok
08:27:41.0786 5584  [ F473349F3FDCC29616337612C868B5EB ] CSUService      C:\Program Files\COMODO\COMODO System Utilities\CSUService.exe
08:27:41.0815 5584  CSUService - ok
08:27:41.0923 5584  [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc          C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
08:27:41.0988 5584  cvhsvc - ok
08:27:42.0132 5584  [ 9D0D050170D47E778B624A28C90F23DE ] CxAudMsg        C:\Windows\system32\CxAudMsg64.exe
08:27:42.0138 5584  CxAudMsg - ok
08:27:42.0200 5584  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
08:27:42.0215 5584  DcomLaunch - ok
08:27:42.0266 5584  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
08:27:42.0275 5584  defragsvc - ok
08:27:42.0301 5584  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
08:27:42.0306 5584  DfsC - ok
08:27:42.0387 5584  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
08:27:42.0400 5584  Dhcp - ok
08:27:42.0456 5584  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
08:27:42.0459 5584  discache - ok
08:27:42.0524 5584  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\drivers\disk.sys
08:27:42.0531 5584  Disk - ok
08:27:42.0573 5584  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
08:27:42.0582 5584  Dnscache - ok
08:27:42.0608 5584  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
08:27:42.0619 5584  dot3svc - ok
08:27:42.0649 5584  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
08:27:42.0655 5584  DPS - ok
08:27:42.0705 5584  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
08:27:42.0709 5584  drmkaud - ok
08:27:42.0808 5584  [ 4AB2A58816CC6BE771F1D8C768B804C5 ] DsiWMIService   C:\Program Files (x86)\Launch Manager\dsiwmis.exe
08:27:42.0817 5584  DsiWMIService - ok
08:27:42.0895 5584  [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
08:27:42.0986 5584  DXGKrnl - ok
08:27:43.0040 5584  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
08:27:43.0046 5584  EapHost - ok
08:27:43.0174 5584  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\drivers\evbda.sys
08:27:43.0293 5584  ebdrv - ok
08:27:43.0333 5584  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
08:27:43.0337 5584  EFS - ok
08:27:43.0405 5584  [ 03E6888DA1A85ACF14AC2A3C328A9E62 ] EgisTec Ticket Service C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
08:27:43.0434 5584  EgisTec Ticket Service - ok
08:27:43.0533 5584  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
08:27:43.0558 5584  ehRecvr - ok
08:27:43.0581 5584  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
08:27:43.0607 5584  ehSched - ok
08:27:43.0688 5584  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
08:27:43.0721 5584  elxstor - ok
08:27:43.0833 5584  [ 753FAD8FD476116FA93799B0DB77702B ] ePowerSvc       C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
08:27:43.0849 5584  ePowerSvc - ok
08:27:43.0891 5584  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
08:27:43.0914 5584  ErrDev - ok
08:27:43.0992 5584  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
08:27:44.0004 5584  EventSystem - ok
08:27:44.0066 5584  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
08:27:44.0080 5584  exfat - ok
08:27:44.0118 5584  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
08:27:44.0125 5584  fastfat - ok
08:27:44.0188 5584  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
08:27:44.0203 5584  Fax - ok
08:27:44.0233 5584  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\drivers\fdc.sys
08:27:44.0237 5584  fdc - ok
08:27:44.0297 5584  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
08:27:44.0301 5584  fdPHost - ok
08:27:44.0322 5584  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
08:27:44.0326 5584  FDResPub - ok
08:27:44.0355 5584  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
08:27:44.0360 5584  FileInfo - ok
08:27:44.0412 5584  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
08:27:44.0420 5584  Filetrace - ok
08:27:44.0465 5584  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
08:27:44.0479 5584  flpydisk - ok
08:27:44.0515 5584  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
08:27:44.0557 5584  FltMgr - ok
08:27:44.0672 5584  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
08:27:44.0722 5584  FontCache - ok
08:27:44.0797 5584  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
08:27:44.0813 5584  FontCache3.0.0.0 - ok
08:27:44.0867 5584  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
08:27:44.0889 5584  FsDepends - ok
08:27:44.0934 5584  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
08:27:44.0984 5584  Fs_Rec - ok
08:27:45.0049 5584  [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
08:27:45.0073 5584  fvevol - ok
08:27:45.0132 5584  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
08:27:45.0153 5584  gagp30kx - ok
08:27:45.0243 5584  [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
08:27:45.0259 5584  GamesAppService - ok
08:27:45.0326 5584  [ 14908F4F9005C29DE8F5587E271390EE ] gfibto          C:\Windows\system32\drivers\gfibto.sys
08:27:45.0329 5584  gfibto - ok
08:27:45.0389 5584  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
08:27:45.0407 5584  gpsvc - ok
08:27:45.0471 5584  [ 84E58FEA8B1A7537696A20C59CB9B0C9 ] GREGService     C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
08:27:45.0474 5584  GREGService - ok
08:27:45.0599 5584  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
08:27:45.0603 5584  gupdate - ok
08:27:45.0620 5584  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
08:27:45.0623 5584  gupdatem - ok
08:27:45.0711 5584  [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
08:27:45.0718 5584  gusvc - ok
08:27:45.0750 5584  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
08:27:45.0787 5584  hcw85cir - ok
08:27:45.0841 5584  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
08:27:45.0851 5584  HdAudAddService - ok
08:27:45.0903 5584  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
08:27:45.0908 5584  HDAudBus - ok
08:27:45.0932 5584  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
08:27:45.0936 5584  HidBatt - ok
08:27:45.0966 5584  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
08:27:45.0972 5584  HidBth - ok
08:27:46.0015 5584  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\drivers\hidir.sys
08:27:46.0020 5584  HidIr - ok
08:27:46.0060 5584  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
08:27:46.0067 5584  hidserv - ok
08:27:46.0131 5584  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
08:27:46.0135 5584  HidUsb - ok
08:27:46.0192 5584  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
08:27:46.0231 5584  hkmsvc - ok
08:27:46.0268 5584  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
08:27:46.0288 5584  HomeGroupListener - ok
08:27:46.0338 5584  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
08:27:46.0354 5584  HomeGroupProvider - ok
08:27:46.0389 5584  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
08:27:46.0439 5584  HpSAMD - ok
08:27:46.0523 5584  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
08:27:46.0575 5584  HTTP - ok
08:27:46.0596 5584  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
08:27:46.0604 5584  hwpolicy - ok
08:27:46.0636 5584  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
08:27:46.0684 5584  i8042prt - ok
08:27:46.0736 5584  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
08:27:46.0753 5584  iaStorV - ok
08:27:46.0840 5584  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
08:27:46.0901 5584  idsvc - ok
08:27:46.0966 5584  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
08:27:46.0972 5584  iirsp - ok
08:27:47.0048 5584  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
08:27:47.0070 5584  IKEEXT - ok
08:27:47.0099 5584  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
08:27:47.0103 5584  intelide - ok
08:27:47.0138 5584  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\drivers\intelppm.sys
08:27:47.0157 5584  intelppm - ok
08:27:47.0203 5584  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
08:27:47.0209 5584  IPBusEnum - ok
08:27:47.0239 5584  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
08:27:47.0244 5584  IpFilterDriver - ok
08:27:47.0302 5584  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
08:27:47.0316 5584  iphlpsvc - ok
08:27:47.0372 5584  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
08:27:47.0376 5584  IPMIDRV - ok
08:27:47.0404 5584  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
08:27:47.0409 5584  IPNAT - ok
08:27:47.0462 5584  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
08:27:47.0466 5584  IRENUM - ok
08:27:47.0513 5584  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
08:27:47.0519 5584  isapnp - ok
08:27:47.0554 5584  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
08:27:47.0593 5584  iScsiPrt - ok
08:27:47.0633 5584  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
08:27:47.0651 5584  kbdclass - ok
08:27:47.0678 5584  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
08:27:47.0706 5584  kbdhid - ok
08:27:47.0734 5584  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
08:27:47.0738 5584  KeyIso - ok
08:27:47.0789 5584  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
08:27:47.0795 5584  KSecDD - ok
08:27:47.0834 5584  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
08:27:47.0843 5584  KSecPkg - ok
08:27:47.0886 5584  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
08:27:47.0899 5584  ksthunk - ok
08:27:47.0949 5584  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
08:27:47.0993 5584  KtmRm - ok
08:27:48.0042 5584  [ 6DD5383C9413AAE3113FAF89E345663D ] L1C             C:\Windows\system32\DRIVERS\L1C62x64.sys
08:27:48.0060 5584  L1C - ok
08:27:48.0126 5584  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
08:27:48.0160 5584  LanmanServer - ok
08:27:48.0208 5584  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
08:27:48.0247 5584  LanmanWorkstation - ok
08:27:48.0361 5584  [ 93B73DED2BC688F140C6AE2FBAD45789 ] Live Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
08:27:48.0370 5584  Live Updater Service - ok
08:27:48.0477 5584  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
08:27:48.0481 5584  lltdio - ok
08:27:48.0524 5584  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
08:27:48.0535 5584  lltdsvc - ok
08:27:48.0567 5584  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
08:27:48.0573 5584  lmhosts - ok
08:27:48.0627 5584  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
08:27:48.0635 5584  LSI_FC - ok
08:27:48.0662 5584  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
08:27:48.0670 5584  LSI_SAS - ok
08:27:48.0705 5584  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
08:27:48.0710 5584  LSI_SAS2 - ok
08:27:48.0782 5584  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
08:27:48.0787 5584  LSI_SCSI - ok
08:27:48.0820 5584  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
08:27:48.0825 5584  luafv - ok
08:27:48.0942 5584  [ 370BE68CE532405DC4465A0A4644D7B8 ] McAfee SiteAdvisor Service c:\PROGRA~2\mcafee\SITEAD~1\McSACore.exe
08:27:48.0946 5584  McAfee SiteAdvisor Service - ok
08:27:48.0999 5584  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
08:27:49.0055 5584  Mcx2Svc - ok
08:27:49.0078 5584  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\drivers\megasas.sys
08:27:49.0085 5584  megasas - ok
08:27:49.0145 5584  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
08:27:49.0186 5584  MegaSR - ok
08:27:49.0293 5584  Microsoft SharePoint Workspace Audit Service - ok
08:27:49.0340 5584  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
08:27:49.0346 5584  MMCSS - ok
08:27:49.0388 5584  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
08:27:49.0395 5584  Modem - ok
08:27:49.0433 5584  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
08:27:49.0481 5584  monitor - ok
08:27:49.0535 5584  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
08:27:49.0541 5584  mouclass - ok
08:27:49.0564 5584  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\drivers\mouhid.sys
08:27:49.0571 5584  mouhid - ok
08:27:49.0601 5584  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
08:27:49.0607 5584  mountmgr - ok
08:27:49.0695 5584  [ 7EDBBB9351A38C6BB0FE98CFD44DB430 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
08:27:49.0700 5584  MozillaMaintenance - ok
08:27:49.0737 5584  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
08:27:49.0743 5584  mpio - ok
08:27:49.0805 5584  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
08:27:49.0809 5584  mpsdrv - ok
08:27:49.0877 5584  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
08:27:49.0902 5584  MpsSvc - ok
08:27:49.0934 5584  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
08:27:49.0941 5584  MRxDAV - ok
08:27:49.0989 5584  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
08:27:50.0017 5584  mrxsmb - ok
08:27:50.0064 5584  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
08:27:50.0075 5584  mrxsmb10 - ok
08:27:50.0096 5584  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
08:27:50.0105 5584  mrxsmb20 - ok
08:27:50.0159 5584  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
08:27:50.0163 5584  msahci - ok
08:27:50.0196 5584  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
08:27:50.0205 5584  msdsm - ok
08:27:50.0253 5584  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
08:27:50.0260 5584  MSDTC - ok
08:27:50.0302 5584  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
08:27:50.0322 5584  Msfs - ok
08:27:50.0361 5584  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
08:27:50.0364 5584  mshidkmdf - ok
08:27:50.0387 5584  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
08:27:50.0390 5584  msisadrv - ok
08:27:50.0530 5584  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
08:27:50.0567 5584  MSiSCSI - ok
08:27:50.0582 5584  msiserver - ok
08:27:50.0657 5584  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
08:27:50.0660 5584  MSKSSRV - ok
08:27:50.0691 5584  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
08:27:50.0694 5584  MSPCLOCK - ok
08:27:50.0719 5584  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
08:27:50.0722 5584  MSPQM - ok
08:27:50.0761 5584  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
08:27:50.0792 5584  MsRPC - ok
08:27:50.0852 5584  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
08:27:50.0856 5584  mssmbios - ok
08:27:50.0886 5584  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
08:27:50.0893 5584  MSTEE - ok
08:27:50.0923 5584  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
08:27:50.0926 5584  MTConfig - ok
08:27:50.0986 5584  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
08:27:50.0991 5584  Mup - ok
08:27:51.0057 5584  [ 9B1EAC6FAF6F37305E822F5588DC8056 ] mwlPSDFilter    C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
08:27:51.0066 5584  mwlPSDFilter - ok
08:27:51.0095 5584  [ AD55C1524B296280ED9C6E0D730D35DA ] mwlPSDNServ     C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
08:27:51.0141 5584  mwlPSDNServ - ok
08:27:51.0191 5584  [ 2B599E6EC8843637BDD62E7F8F3BA201 ] mwlPSDVDisk     C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
08:27:51.0195 5584  mwlPSDVDisk - ok
08:27:51.0258 5584  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
08:27:51.0272 5584  napagent - ok
08:27:51.0327 5584  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
08:27:51.0336 5584  NativeWifiP - ok
08:27:51.0410 5584  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
08:27:51.0430 5584  NDIS - ok
08:27:51.0472 5584  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
08:27:51.0476 5584  NdisCap - ok
08:27:51.0505 5584  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
08:27:51.0509 5584  NdisTapi - ok
08:27:51.0538 5584  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
08:27:51.0542 5584  Ndisuio - ok
08:27:51.0575 5584  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
08:27:51.0582 5584  NdisWan - ok
08:27:51.0638 5584  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
08:27:51.0643 5584  NDProxy - ok
08:27:51.0669 5584  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
08:27:51.0674 5584  NetBIOS - ok
08:27:51.0704 5584  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
08:27:51.0718 5584  NetBT - ok
08:27:51.0745 5584  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
08:27:51.0750 5584  Netlogon - ok
08:27:51.0814 5584  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
08:27:51.0826 5584  Netman - ok
08:27:51.0860 5584  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
08:27:51.0875 5584  netprofm - ok
08:27:51.0920 5584  [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
08:27:51.0933 5584  NetTcpPortSharing - ok
08:27:51.0991 5584  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
08:27:52.0010 5584  nfrd960 - ok
08:27:52.0057 5584  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
08:27:52.0067 5584  NlaSvc - ok
08:27:52.0332 5584  [ 5839A8027D6D324A7CD494051A96628C ] NOBU            C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
08:27:52.0451 5584  NOBU - ok
08:27:52.0607 5584  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
08:27:52.0625 5584  Npfs - ok
08:27:52.0695 5584  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
08:27:52.0717 5584  nsi - ok
08:27:52.0746 5584  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
08:27:52.0752 5584  nsiproxy - ok
08:27:52.0842 5584  [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
08:27:52.0911 5584  Ntfs - ok
08:27:52.0978 5584  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
08:27:52.0982 5584  Null - ok
08:27:53.0009 5584  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
08:27:53.0031 5584  nvraid - ok
08:27:53.0072 5584  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
08:27:53.0078 5584  nvstor - ok
08:27:53.0122 5584  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
08:27:53.0127 5584  nv_agp - ok
08:27:53.0158 5584  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
08:27:53.0183 5584  ohci1394 - ok
08:27:53.0301 5584  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
08:27:53.0323 5584  ose - ok
08:27:53.0584 5584  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
08:27:53.0726 5584  osppsvc - ok
08:27:53.0815 5584  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
08:27:53.0826 5584  p2pimsvc - ok
08:27:53.0861 5584  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
08:27:53.0876 5584  p2psvc - ok
08:27:53.0914 5584  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\drivers\parport.sys
08:27:53.0922 5584  Parport - ok
08:27:53.0969 5584  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
08:27:53.0974 5584  partmgr - ok
08:27:54.0025 5584  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
08:27:54.0038 5584  PcaSvc - ok
08:27:54.0082 5584  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
08:27:54.0089 5584  pci - ok
08:27:54.0120 5584  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
08:27:54.0123 5584  pciide - ok
08:27:54.0156 5584  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
08:27:54.0162 5584  pcmcia - ok
08:27:54.0191 5584  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
08:27:54.0195 5584  pcw - ok
08:27:54.0229 5584  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
08:27:54.0244 5584  PEAUTH - ok
08:27:54.0389 5584  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
08:27:54.0394 5584  PerfHost - ok
08:27:54.0666 5584  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
08:27:54.0696 5584  pla - ok
08:27:54.0748 5584  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
08:27:54.0764 5584  PlugPlay - ok
08:27:54.0812 5584  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
08:27:54.0890 5584  PNRPAutoReg - ok
08:27:54.0939 5584  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
08:27:54.0948 5584  PNRPsvc - ok
08:27:54.0998 5584  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
08:27:55.0011 5584  PolicyAgent - ok
08:27:55.0070 5584  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
08:27:55.0079 5584  Power - ok
08:27:55.0168 5584  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
08:27:55.0173 5584  PptpMiniport - ok
08:27:55.0204 5584  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\drivers\processr.sys
08:27:55.0209 5584  Processor - ok
08:27:55.0244 5584  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
08:27:55.0255 5584  ProfSvc - ok
08:27:55.0289 5584  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
08:27:55.0293 5584  ProtectedStorage - ok
08:27:55.0345 5584  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
08:27:55.0351 5584  Psched - ok
08:27:55.0421 5584  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
08:27:55.0451 5584  ql2300 - ok
08:27:55.0483 5584  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
08:27:55.0493 5584  ql40xx - ok
08:27:55.0543 5584  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
08:27:55.0559 5584  QWAVE - ok
08:27:55.0594 5584  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
08:27:55.0598 5584  QWAVEdrv - ok
08:27:55.0620 5584  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
08:27:55.0624 5584  RasAcd - ok
08:27:55.0687 5584  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
08:27:55.0705 5584  RasAgileVpn - ok
08:27:55.0744 5584  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
08:27:55.0763 5584  RasAuto - ok
08:27:55.0805 5584  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
08:27:55.0810 5584  Rasl2tp - ok
08:27:55.0858 5584  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
08:27:55.0870 5584  RasMan - ok
08:27:55.0900 5584  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
08:27:55.0908 5584  RasPppoe - ok
08:27:55.0954 5584  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
08:27:55.0959 5584  RasSstp - ok
08:27:55.0990 5584  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
08:27:55.0998 5584  rdbss - ok
08:27:56.0023 5584  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
08:27:56.0027 5584  rdpbus - ok
08:27:56.0057 5584  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
08:27:56.0061 5584  RDPCDD - ok
08:27:56.0123 5584  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
08:27:56.0127 5584  RDPENCDD - ok
08:27:56.0158 5584  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
08:27:56.0161 5584  RDPREFMP - ok
08:27:56.0196 5584  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
08:27:56.0257 5584  RDPWD - ok
08:27:56.0306 5584  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
08:27:56.0312 5584  rdyboost - ok
08:27:56.0358 5584  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
08:27:56.0389 5584  RemoteAccess - ok
08:27:56.0480 5584  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
08:27:56.0489 5584  RemoteRegistry - ok
08:27:56.0508 5584  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
08:27:56.0515 5584  RpcEptMapper - ok
08:27:56.0570 5584  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
08:27:56.0575 5584  RpcLocator - ok
08:27:56.0631 5584  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
08:27:56.0643 5584  RpcSs - ok
08:27:56.0690 5584  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
08:27:56.0708 5584  rspndr - ok
08:27:56.0738 5584  [ 135A64530D7699AD48F29D73A658DD11 ] RSUSBSTOR       C:\Windows\System32\Drivers\RtsUStor.sys
08:27:56.0746 5584  RSUSBSTOR - ok
08:27:56.0834 5584  [ 7CB9F0FDD730F4A4ECF6CDE15EA12E8A ] RS_Service      C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
08:27:56.0840 5584  RS_Service - ok
08:27:56.0867 5584  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
08:27:56.0874 5584  SamSs - ok
08:27:56.0978 5584  [ 3289766038DB2CB14D07DC84392138D5 ] SASDIFSV        C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
08:27:56.0981 5584  SASDIFSV - ok
08:27:57.0081 5584  [ 58A38E75F3316A83C23DF6173D41F2B5 ] SASKUTIL        C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
08:27:57.0086 5584  SASKUTIL - ok
08:27:57.0273 5584  [ 99FC1599F89A80216E41175B8CA44D89 ] SBAMSvc         C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe
08:27:57.0388 5584  SBAMSvc - ok
08:27:57.0459 5584  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
08:27:57.0464 5584  sbp2port - ok
08:27:57.0514 5584  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
08:27:57.0546 5584  SCardSvr - ok
08:27:57.0596 5584  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
08:27:57.0600 5584  scfilter - ok
08:27:57.0709 5584  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
08:27:57.0746 5584  Schedule - ok
08:27:57.0798 5584  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
08:27:57.0802 5584  SCPolicySvc - ok
08:27:57.0848 5584  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
08:27:57.0938 5584  SDRSVC - ok
08:27:58.0017 5584  [ CC781378E7EDA615D2CDCA3B17829FA4 ] SeaPort         C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
08:27:58.0022 5584  SeaPort - ok
08:27:58.0090 5584  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
08:27:58.0093 5584  secdrv - ok
08:27:58.0141 5584  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
08:27:58.0148 5584  seclogon - ok
08:27:58.0182 5584  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
08:27:58.0192 5584  SENS - ok
08:27:58.0217 5584  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
08:27:58.0239 5584  SensrSvc - ok
08:27:58.0271 5584  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\drivers\serenum.sys
08:27:58.0276 5584  Serenum - ok
08:27:58.0310 5584  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\drivers\serial.sys
08:27:58.0315 5584  Serial - ok
08:27:58.0340 5584  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
08:27:58.0344 5584  sermouse - ok
08:27:58.0440 5584  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
08:27:58.0448 5584  SessionEnv - ok
08:27:58.0511 5584  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
08:27:58.0515 5584  sffdisk - ok
08:27:58.0542 5584  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
08:27:58.0546 5584  sffp_mmc - ok
08:27:58.0572 5584  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
08:27:58.0575 5584  sffp_sd - ok
08:27:58.0596 5584  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
08:27:58.0600 5584  sfloppy - ok
08:27:58.0681 5584  [ C6CC9297BD53E5229653303E556AA539 ] Sftfs           C:\Windows\system32\DRIVERS\Sftfslh.sys
08:27:58.0696 5584  Sftfs - ok
08:27:58.0769 5584  [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist         C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
08:27:58.0780 5584  sftlist - ok
08:27:58.0830 5584  [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay         C:\Windows\system32\DRIVERS\Sftplaylh.sys
08:27:58.0841 5584  Sftplay - ok
08:27:58.0884 5584  [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir        C:\Windows\system32\DRIVERS\Sftredirlh.sys
08:27:58.0891 5584  Sftredir - ok
08:27:58.0919 5584  [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol          C:\Windows\system32\DRIVERS\Sftvollh.sys
08:27:58.0922 5584  Sftvol - ok
08:27:58.0961 5584  [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa          C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
08:27:58.0967 5584  sftvsa - ok
08:27:59.0035 5584  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
08:27:59.0047 5584  SharedAccess - ok
08:27:59.0095 5584  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
08:27:59.0107 5584  ShellHWDetection - ok
08:27:59.0166 5584  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
08:27:59.0171 5584  SiSRaid2 - ok
08:27:59.0195 5584  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
08:27:59.0200 5584  SiSRaid4 - ok
08:27:59.0250 5584  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
08:27:59.0258 5584  Smb - ok
08:27:59.0322 5584  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
08:27:59.0329 5584  SNMPTRAP - ok
08:27:59.0375 5584  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
08:27:59.0379 5584  spldr - ok
08:27:59.0443 5584  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
08:27:59.0458 5584  Spooler - ok
08:27:59.0600 5584  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
08:27:59.0712 5584  sppsvc - ok
08:27:59.0775 5584  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
08:27:59.0794 5584  sppuinotify - ok
08:27:59.0833 5584  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
08:27:59.0845 5584  srv - ok
08:27:59.0873 5584  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
08:27:59.0884 5584  srv2 - ok
08:27:59.0902 5584  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
08:27:59.0911 5584  srvnet - ok
08:27:59.0979 5584  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
08:27:59.0988 5584  SSDPSRV - ok
08:28:00.0009 5584  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
08:28:00.0016 5584  SstpSvc - ok
08:28:00.0064 5584  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\drivers\stexstor.sys
08:28:00.0068 5584  stexstor - ok
08:28:00.0122 5584  [ DECACB6921DED1A38642642685D77DAC ] StillCam        C:\Windows\system32\DRIVERS\serscan.sys
08:28:00.0150 5584  StillCam - ok
08:28:00.0225 5584  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
08:28:00.0242 5584  stisvc - ok
08:28:00.0284 5584  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
08:28:00.0292 5584  swenum - ok
08:28:00.0354 5584  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
08:28:00.0395 5584  swprv - ok
08:28:00.0506 5584  [ 02364D8BE46A51361B0905736C3F7438 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
08:28:00.0549 5584  SynTP - ok
08:28:00.0638 5584  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
08:28:00.0673 5584  SysMain - ok
08:28:00.0697 5584  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
08:28:00.0709 5584  TabletInputService - ok
08:28:00.0769 5584  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
08:28:00.0781 5584  TapiSrv - ok
08:28:00.0802 5584  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
08:28:00.0829 5584  TBS - ok
08:28:00.0920 5584  [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
08:28:00.0955 5584  Tcpip - ok
08:28:01.0044 5584  [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
08:28:01.0069 5584  TCPIP6 - ok
08:28:01.0132 5584  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
08:28:01.0136 5584  tcpipreg - ok
08:28:01.0192 5584  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
08:28:01.0207 5584  TDPIPE - ok
08:28:01.0227 5584  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
08:28:01.0251 5584  TDTCP - ok
08:28:01.0299 5584  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
08:28:01.0305 5584  tdx - ok
08:28:01.0326 5584  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
08:28:01.0330 5584  TermDD - ok
08:28:01.0391 5584  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
08:28:01.0421 5584  TermService - ok
08:28:01.0442 5584  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
08:28:01.0448 5584  Themes - ok
08:28:01.0485 5584  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
08:28:01.0493 5584  THREADORDER - ok
08:28:01.0537 5584  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
08:28:01.0545 5584  TrkWks - ok
08:28:01.0616 5584  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
08:28:01.0623 5584  TrustedInstaller - ok
08:28:01.0660 5584  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
08:28:01.0664 5584  tssecsrv - ok
08:28:01.0701 5584  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
08:28:01.0741 5584  TsUsbFlt - ok
08:28:01.0793 5584  [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
08:28:01.0797 5584  TsUsbGD - ok
08:28:01.0826 5584  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
08:28:01.0832 5584  tunnel - ok
08:28:01.0869 5584  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
08:28:01.0879 5584  uagp35 - ok
08:28:01.0913 5584  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
08:28:01.0925 5584  udfs - ok
08:28:01.0978 5584  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
08:28:02.0030 5584  UI0Detect - ok
08:28:02.0082 5584  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
08:28:02.0099 5584  uliagpkx - ok
08:28:02.0136 5584  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
08:28:02.0165 5584  umbus - ok
08:28:02.0190 5584  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\drivers\umpass.sys
08:28:02.0221 5584  UmPass - ok
08:28:02.0270 5584  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
08:28:02.0291 5584  upnphost - ok
08:28:02.0334 5584  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
08:28:02.0397 5584  usbccgp - ok
08:28:02.0489 5584  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
08:28:02.0511 5584  usbcir - ok
08:28:02.0540 5584  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\drivers\usbehci.sys
08:28:02.0570 5584  usbehci - ok
08:28:02.0623 5584  [ 76E2FFAD301490BA27B947C6507752FB ] usbfilter       C:\Windows\system32\DRIVERS\usbfilter.sys
08:28:02.0648 5584  usbfilter - ok
08:28:02.0703 5584  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\drivers\usbhub.sys
08:28:02.0745 5584  usbhub - ok
08:28:02.0775 5584  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
08:28:02.0810 5584  usbohci - ok
08:28:02.0893 5584  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\drivers\usbprint.sys
08:28:02.0901 5584  usbprint - ok
08:28:02.0930 5584  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
08:28:02.0954 5584  USBSTOR - ok
08:28:02.0984 5584  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
08:28:02.0993 5584  usbuhci - ok
08:28:03.0088 5584  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
08:28:03.0100 5584  usbvideo - ok
08:28:03.0157 5584  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
08:28:03.0164 5584  UxSms - ok
08:28:03.0190 5584  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
08:28:03.0194 5584  VaultSvc - ok
08:28:03.0229 5584  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
08:28:03.0247 5584  vdrvroot - ok
08:28:03.0308 5584  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
08:28:03.0360 5584  vds - ok
08:28:03.0400 5584  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
08:28:03.0418 5584  vga - ok
08:28:03.0450 5584  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
08:28:03.0458 5584  VgaSave - ok
08:28:03.0498 5584  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
08:28:03.0540 5584  vhdmp - ok
08:28:03.0569 5584  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
08:28:03.0582 5584  viaide - ok
08:28:03.0611 5584  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
08:28:03.0651 5584  volmgr - ok
08:28:03.0711 5584  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
08:28:03.0726 5584  volmgrx - ok
08:28:03.0759 5584  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
08:28:03.0786 5584  volsnap - ok
08:28:03.0832 5584  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
08:28:03.0844 5584  vsmraid - ok
08:28:03.0940 5584  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
08:28:04.0002 5584  VSS - ok
08:28:04.0172 5584  [ 4B817450226F93C31ADD5BCC27FED27A ] vToolbarUpdater15.2.0 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe
08:28:04.0192 5584  vToolbarUpdater15.2.0 - ok
08:28:04.0242 5584  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
08:28:04.0246 5584  vwifibus - ok
08:28:04.0292 5584  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
08:28:04.0296 5584  vwififlt - ok
08:28:04.0346 5584  [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
08:28:04.0350 5584  vwifimp - ok
08:28:04.0405 5584  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
08:28:04.0418 5584  W32Time - ok
08:28:04.0478 5584  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
08:28:04.0495 5584  WacomPen - ok
08:28:04.0542 5584  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
08:28:04.0548 5584  WANARP - ok
08:28:04.0563 5584  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
08:28:04.0566 5584  Wanarpv6 - ok
08:28:04.0639 5584  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
08:28:04.0719 5584  WatAdminSvc - ok
08:28:04.0809 5584  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
08:28:04.0919 5584  wbengine - ok
08:28:04.0963 5584  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
08:28:04.0974 5584  WbioSrvc - ok
08:28:05.0066 5584  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
08:28:05.0112 5584  wcncsvc - ok
08:28:05.0136 5584  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
08:28:05.0160 5584  WcsPlugInService - ok
08:28:05.0200 5584  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\drivers\wd.sys
08:28:05.0223 5584  Wd - ok
08:28:05.0283 5584  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
08:28:05.0316 5584  Wdf01000 - ok
08:28:05.0364 5584  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
08:28:05.0372 5584  WdiServiceHost - ok
08:28:05.0381 5584  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
08:28:05.0388 5584  WdiSystemHost - ok
08:28:05.0415 5584  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
08:28:05.0437 5584  WebClient - ok
08:28:05.0463 5584  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
08:28:05.0488 5584  Wecsvc - ok
08:28:05.0531 5584  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
08:28:05.0538 5584  wercplsupport - ok
08:28:05.0578 5584  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
08:28:05.0625 5584  WerSvc - ok
08:28:05.0670 5584  [ C48CA80FDC6926A9FC2F520379BDB635 ] WFMC_VAD        C:\Windows\system32\DRIVERS\wfmcvad.sys
08:28:05.0759 5584  WFMC_VAD - ok
08:28:05.0829 5584  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
08:28:05.0833 5584  WfpLwf - ok
08:28:05.0851 5584  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
08:28:05.0855 5584  WIMMount - ok
08:28:05.0888 5584  WinDefend - ok
08:28:05.0912 5584  WinHttpAutoProxySvc - ok
08:28:06.0002 5584  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
08:28:06.0059 5584  Winmgmt - ok
08:28:06.0159 5584  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
08:28:06.0329 5584  WinRM - ok
08:28:06.0427 5584  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
08:28:06.0448 5584  Wlansvc - ok
08:28:06.0524 5584  [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
08:28:06.0573 5584  wlcrasvc - ok
08:28:06.0717 5584  [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
08:28:06.0790 5584  wlidsvc - ok
08:28:06.0814 5584  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
08:28:06.0845 5584  WmiAcpi - ok
08:28:06.0909 5584  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
08:28:06.0928 5584  wmiApSrv - ok
08:28:06.0977 5584  WMPNetworkSvc - ok
08:28:07.0023 5584  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
08:28:07.0047 5584  WPCSvc - ok
08:28:07.0078 5584  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
08:28:07.0101 5584  WPDBusEnum - ok
08:28:07.0146 5584  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
08:28:07.0150 5584  ws2ifsl - ok
08:28:07.0202 5584  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
08:28:07.0212 5584  wscsvc - ok
08:28:07.0279 5584  [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys
08:28:07.0323 5584  WSDPrintDevice - ok
08:28:07.0336 5584  WSearch - ok
08:28:07.0567 5584  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
08:28:07.0650 5584  wuauserv - ok
08:28:07.0702 5584  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
08:28:07.0765 5584  WudfPf - ok
08:28:07.0811 5584  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
08:28:07.0821 5584  WUDFRd - ok
08:28:07.0863 5584  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
08:28:07.0908 5584  wudfsvc - ok
08:28:07.0957 5584  [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc         C:\Windows\System32\wwansvc.dll
08:28:08.0064 5584  WwanSvc - ok
08:28:08.0161 5584  ================ Scan global ===============================
08:28:08.0198 5584  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
08:28:08.0241 5584  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
08:28:08.0288 5584  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
08:28:08.0325 5584  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
08:28:08.0381 5584  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
08:28:08.0418 5584  [Global] - ok
08:28:08.0454 5584  ================ Scan MBR ==================================
08:28:08.0480 5584  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
08:28:09.0409 5584  \Device\Harddisk0\DR0 - ok
08:28:09.0411 5584  ================ Scan VBR ==================================
08:28:09.0471 5584  [ 30B3FAB1FF2BFF3D2A5E7298BA0FAFD0 ] \Device\Harddisk0\DR0\Partition1
08:28:09.0475 5584  \Device\Harddisk0\DR0\Partition1 - ok
08:28:09.0494 5584  [ 2DC6A1E8F72D01CE8AD8D3CB3854978D ] \Device\Harddisk0\DR0\Partition2
08:28:09.0498 5584  \Device\Harddisk0\DR0\Partition2 - ok
08:28:09.0499 5584  ============================================================
08:28:09.0500 5584  Scan finished
08:28:09.0500 5584  ============================================================
08:28:09.0531 7532  Detected object count: 0
08:28:09.0531 7532  Actual detected object count: 0

 


Edited by boopme, 28 May 2013 - 01:43 PM.


#9 madkeiper

madkeiper
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:11:43 PM

Posted 28 May 2013 - 08:50 AM

Here's the next log:

# AdwCleaner v2.301 - Logfile created 05/28/2013 at 08:38:38
# Updated 16/05/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Keiper - KEIPER-PC
# Boot Mode : Normal
# Running from : C:\Users\Keiper\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J4KAEECV\AdwCleaner.exe
# Option [Delete]

***** [Services] *****

***** [Files / Folders] *****

Deleted on reboot : C:\Program Files (x86)\Common Files\AVG Secure Search
File Deleted : C:\Users\Public\Desktop\eBay.lnk
Folder Deleted : C:\Program Files (x86)\adawaretb
Folder Deleted : C:\Program Files (x86)\AVG Secure Search
Folder Deleted : C:\Program Files (x86)\SmileBox_EN
Folder Deleted : C:\ProgramData\adawaretb
Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\ProgramData\blekko toolbars
Folder Deleted : C:\Users\Keiper\AppData\Local\AVG Secure Search
Folder Deleted : C:\Users\Keiper\AppData\LocalLow\adawaretb
Folder Deleted : C:\Users\Keiper\AppData\LocalLow\AVG Secure Search
Folder Deleted : C:\Users\Keiper\AppData\LocalLow\SmileBox_EN
Folder Deleted : C:\Users\Keiper\AppData\Roaming\Mozilla\Firefox\Profiles\5539d2z8.default\adawaretb

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\adawaretb
Key Deleted : HKCU\Software\AppDataLow\Software\SmileBox_EN
Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F897EB0E-A3A4-46C3-80EB-2729699D8892}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31AA760D-D058-4A63-AA81-BADC600FE745}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F897EB0E-A3A4-46C3-80EB-2729699D8892}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKLM\Software\adawaretb
Key Deleted : HKLM\Software\AVG Secure Search
Key Deleted : HKLM\Software\AVG Security Toolbar
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{31AA760D-D058-4A63-AA81-BADC600FE745}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\Software\SmileBox_EN
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{31AA760D-D058-4A63-AA81-BADC600FE745}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{9F34B17E-FF0D-4FAB-97C4-9713FEE79052}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D433A9D0-8267-40CB-8AD5-24F22FA5373F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D565B35E-B787-40FA-95E3-E3562F8FC1A0}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F897EB0E-A3A4-46C3-80EB-2729699D8892}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6B458F62-592F-4B25-8967-E6A350A59328}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FCC9CDD3-EFFF-11D1-A9F0-00A0244AC403}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{05CAE2CF-57EE-47B7-BA85-97E31B3AB16E}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEEFBA70-F933-4AE4-9FA4-0EF036B2CB27}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F897EB0E-A3A4-46C3-80EB-2729699D8892}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\adawaretb
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SmileBox_EN Toolbar
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6B458F62-592F-4B25-8967-E6A350A59328}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FCC9CDD3-EFFF-11D1-A9F0-00A0244AC403}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{F897EB0E-A3A4-46C3-80EB-2729699D8892}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{F897EB0E-A3A4-46C3-80EB-2729699D8892}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{F897EB0E-A3A4-46C3-80EB-2729699D8892}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{6C97A91E-4524-4019-86AF-2AA2D567BF5C}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{F897EB0E-A3A4-46C3-80EB-2729699D8892}]

***** [Internet Browsers] *****

-\\ Internet Explorer v10.0.9200.16576

[OK] Registry is clean.

-\\ Mozilla Firefox v20.0.1 (en-US)

File : C:\Users\Keiper\AppData\Roaming\Mozilla\Firefox\Profiles\5539d2z8.default\prefs.js

Deleted : user_pref("extensions.asktb.ff-original-keyword-url", "");

-\\ Google Chrome v27.0.1453.94

File : C:\Users\Keiper\AppData\Local\Google\Chrome\User Data\Default\Preferences

Deleted [l.1] : urls_to_restore_on_startup ={"backup":{"session":{["hxxp://www.google.com/"]}},"browser":{"last_kno[...]

*************************

AdwCleaner[S1].txt - [13129 octets] - [28/05/2013 08:38:38]

########## EOF - C:\AdwCleaner[S1].txt - [13190 octets] ##########



#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,489 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:43 AM

Posted 28 May 2013 - 01:44 PM

Good, tell me how it is after ESET.


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#11 madkeiper

madkeiper
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:11:43 PM

Posted 28 May 2013 - 04:48 PM

Just got home to check it and no change:(  By the way, this is on my laptop and I took it to work with me today just to see if it worked there for me.  It did not work there for me either.  The reason I did that was because my husband's phone did the same thing (just a few times) yesterday where it redirected him from google to facebook.  I started thinking that maybe this virus was coming from our router or something since this happened to his phone (but didn't happen to my phone or the other computers in the house).  At any rate, it didn't matter because when I got to work the laptop still redirected to facebook - which it still is doing now.  What next?


Edited by boopme, 28 May 2013 - 07:51 PM.
Edited type size


#12 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,489 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:43 AM

Posted 28 May 2013 - 08:08 PM

That is a possibility.
OK, If still redirecting>>>
Change your DNS Servers:
  • Go to StartBtn.gif > Run... and in the open box, type: cmd
  • Press OK or Hit Enter.
  • At the command prompt, type or copy/paste: ipconfig /flushdns
  • Hit Enter.
  • You will get a confirmation that the flush was successful.
  • Close the command box.
If still redirecting>>>
The problem may actually be based in your router.

Please download Malwarebytes Anti-Malware mbamicontw5.gif and save it to your desktop.
  • Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download.
  • Double-click on the renamed file to install, then follow these instructions
  • for doing a Quick Scan in normal mode.
  • Don't forget to check for database definition updates through the program's interface (preferable method) before scanning.
  • If you cannot update Malwarebytes or use the Internet to download any files to the infected computer, manually update the database by following the instructions in FAQ Section A: 4. Issues
Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.
  • After completing the scan, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab .
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.
Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.

-- Some types of malware will target Malwarebytes and other security tools to keep them from running properly. If that's the case, use Malwarebytes Chameleon and follow the onscreen instructions. The Chameleon folder can be accessed by opening the program folder for Malwarebytes Anti-Malware (normally C:\Program Files\Malwarebytes' Anti-Malware or C:\Program Files (x86)\Malwarebytes' Anti-Malware).



Next you must reset the router to its default configuration. This can be done by inserting something tiny like a paper clip end or pencil tip into a small hole labeled "reset" located on the back of the router. Press and hold down the small button inside until the lights on the front of the router blink off and then on again (usually about 10 seconds). If you dont know the router's default password, you can look it up HERE


However, if there are other infected machines using the same router, they will need to be cleared with the above steps before resetting the router. Otherwise, the malware will simply go back and change the router's DNS settings. You also need to reconfigure any security settings you had in place prior to the reset. Check out this site here for video tutorials on how to properly configure your router's encryption and security settings. You may also need to consult with your Internet service provider to find out which DNS servers your network should be using.

Once you have ran Malwarebytes' Anti-Malware on the infected system, and reset the router to its default configuration you can reconnect to the internet, and router. Then return to this site to post your logs
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#13 madkeiper

madkeiper
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:11:43 PM

Posted 28 May 2013 - 09:08 PM

OK, I tried the dns flush thing and it is still redirecting.  I didn't restart the computer or anything after that though if I needed to. 

 

Next step was to download Malwarebytes; however we already have that downloaded on our computer.  I see that you said to download it and rename it.  Should I uninstall our current version and then follow your steps? Or how should I proceed here?

Thanks a million, by the way.



#14 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,489 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:43 AM

Posted 28 May 2013 - 09:22 PM

Just close and reopen the browser.

No just Update MBAM first.
Open MBAM in normal mode and click Update tab, select Check for Updates
Next disconnect your system from the internet, and your router, then…
Open MBAM in normal mode and click Scanner tab,select Quick scan and scan (normal mode).
After scan click Remove Selected,

You're welcome!!
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#15 madkeiper

madkeiper
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:11:43 PM

Posted 28 May 2013 - 10:56 PM

I am hitting my  head against the wall right now!  If I did it right, it didn't do anything to help.  Here is what I did: I updated MBAM by checking for updates.  Then I disconnected my computer from the internet and we disconnected the router from the power.  We did not reset it at all.  Then I ran MBAM by doing a quick scan (no malicious items detected), closed my browser completely.  Then we plugged in the router, re-connected the internet and the same problem is still happening.

 

I am signing off for the night, but let me know if I messed something up or if I need to do something different.

 

Thanks.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users