emil915
Members-
Posts
18 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Everything posted by emil915
-
Chrome Infected with arabyonline / alarabeyes.com
emil915 replied to emil915's topic in Resolved Malware Removal Logs
Kevin, The Above Fix works, Thanks a lot..!- 13 replies
-
- chrome infected
- arabyonline
- (and 3 more)
-
Chrome Infected with arabyonline / alarabeyes.com
emil915 replied to emil915's topic in Resolved Malware Removal Logs
Kevin, When i pin Chrome to the taskbar, the home page opens to search.arab-one.com but if i launch chrome from windows 8 home menu it works fine.- 13 replies
-
- chrome infected
- arabyonline
- (and 3 more)
-
Chrome Infected with arabyonline / alarabeyes.com
emil915 replied to emil915's topic in Resolved Malware Removal Logs
Thanks Kevin, Did you find out which software / website has caused the infection ? Please advise so that i can be careful the next time i deal with such stuff.- 13 replies
-
- chrome infected
- arabyonline
- (and 3 more)
-
Chrome Infected with arabyonline / alarabeyes.com
emil915 replied to emil915's topic in Resolved Malware Removal Logs
Kevin, Chrome is now back to normal. i was able to delete the arabyonline search engine from settings. Thank you very much..!- 13 replies
-
- chrome infected
- arabyonline
- (and 3 more)
-
Chrome Infected with arabyonline / alarabeyes.com
emil915 replied to emil915's topic in Resolved Malware Removal Logs
Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 7/6/2015 Scan Time: 8:46 PM Logfile: Administrator: Yes Version: 2.1.8.1057 Malware Database: v2015.07.06.04 Rootkit Database: v2015.07.05.03 License: Free Malware Protection: Disabled Malicious Website Protection: Disabled Self-protection: Disabled OS: Windows 8.1 CPU: x64 File System: NTFS User: Joel Scan Type: Threat Scan Result: Completed Objects Scanned: 521713 Time Elapsed: 40 min, 4 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Enabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 0 (No malicious items detected) Registry Values: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Folders: 0 (No malicious items detected) Files: 0 (No malicious items detected) Physical Sectors: 0 (No malicious items detected) (end) AdwCleanerS4.txt JRT.txt mrt.log Fixlog.txt- 13 replies
-
- chrome infected
- arabyonline
- (and 3 more)
-
Chrome Infected with arabyonline / alarabeyes.com
emil915 replied to emil915's topic in Resolved Malware Removal Logs
Kevin, Thanks for helping, See below Log from Malwarebytes scan. Also Attached All other logs you require. Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 7/5/2015 Scan Time: 11:12 PM Logfile: Administrator: Yes Version: 2.1.8.1057 Malware Database: v2015.07.05.05 Rootkit Database: v2015.07.05.03 License: Free Malware Protection: Disabled Malicious Website Protection: Disabled Self-protection: Disabled OS: Windows 8.1 CPU: x64 File System: NTFS User: Joel Scan Type: Threat Scan Result: Completed Objects Scanned: 521978 Time Elapsed: 38 min, 47 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Enabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 0 (No malicious items detected) Registry Values: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Folders: 0 (No malicious items detected) Files: 0 (No malicious items detected) Physical Sectors: 0 (No malicious items detected) (end) Rougekiller.txt Addition.txt FRST.txt- 13 replies
-
- chrome infected
- arabyonline
- (and 3 more)
-
Hi, Google chrome on my Laptop seems to be infected with some virus, the home page is automatically set to www.alarabeyes.com, search engine locked on arabeyonline, which i cannot change..! I've tride using adwcleaner. junkware removal tool, malwarebytes anti malware... Nothing Works,, Please Help..
- 13 replies
-
- chrome infected
- arabyonline
- (and 3 more)
-
cannot remove pup.optional.BrowseFox.A
emil915 replied to emil915's topic in Resolved Malware Removal Logs
just keeps coming like this after i paste. Pls. find the .txt file attached eset online scan log.txt -
cannot remove pup.optional.BrowseFox.A
emil915 replied to emil915's topic in Resolved Malware Removal Logs
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Search Results Toolbar\del_DataMngrHlpFF10_98.dll.vir probably a variant of Win32/Toolbar.SearchSuite.D application C:\AdwCleaner\Quarantine\C\Program Files (x86)\Search Results Toolbar\del_DataMngrHlpFF11_98.dll.vir probably a variant of Win32/Toolbar.SearchSuite.D application C:\AdwCleaner\Quarantine\C\Program Files (x86)\Search Results Toolbar\del_DataMngrHlpFF12_98.dll.vir probably a variant of Win32/Toolbar.SearchSuite.D application C:\AdwCleaner\Quarantine\C\Program Files (x86)\Search Results Toolbar\del_DataMngrHlpFF13_98.dll.vir probably a variant of Win32/Toolbar.SearchSuite.D application C:\AdwCleaner\Quarantine\C\Program Files (x86)\Search Results Toolbar\del_DataMngrHlpFF3_98.dll.vir probably a variant of Win32/Toolbar.SearchSuite.D application C:\AdwCleaner\Quarantine\C\Program Files (x86)\Search Results Toolbar\del_DataMngrHlpFF4_98.dll.vir probably a variant of Win32/Toolbar.SearchSuite.D application C:\AdwCleaner\Quarantine\C\Program Files (x86)\Search Results Toolbar\del_DataMngrHlpFF5_98.dll.vir probably a variant of Win32/Toolbar.SearchSuite.D application C:\AdwCleaner\Quarantine\C\Program Files (x86)\Search Results Toolbar\del_DataMngrHlpFF6_98.dll.vir probably a variant of Win32/Toolbar.SearchSuite.D application C:\AdwCleaner\Quarantine\C\Program Files (x86)\Search Results Toolbar\del_DataMngrHlpFF7_98.dll.vir probably a variant of Win32/Toolbar.SearchSuite.D application C:\AdwCleaner\Quarantine\C\Program Files (x86)\Search Results Toolbar\del_DataMngrHlpFF8_98.dll.vir probably a variant of Win32/Toolbar.SearchSuite.D application C:\AdwCleaner\Quarantine\C\Program Files (x86)\Search Results Toolbar\del_DataMngrHlpFF9_98.dll.vir probably a variant of Win32/Toolbar.SearchSuite.D application C:\AdwCleaner\Quarantine\C\Program Files (x86)\Search Results Toolbar\del_IEBHO_39.dll.vir a variant of Win64/Toolbar.SearchSuite.A application C:\AdwCleaner\Quarantine\C\Program Files (x86)\Search Results Toolbar\del_IEBHO_80.dll.vir a variant of Win32/Toolbar.SearchSuite application C:\AdwCleaner\Quarantine\C\Users\ANJU\AppData\Local\torch\User Data\Default\Extensions\dlmdlmoekcipeicfbnohedgkglmbhcla\1.0.0_0\background.js.vir Win32/BrowseFox.B application C:\AdwCleaner\Quarantine\C\Users\ANJU\AppData\Local\torch\User Data\Default\Extensions\dlmdlmoekcipeicfbnohedgkglmbhcla\1.0.0_0\content.js.vir Win32/BrowseFox.B application C:\AdwCleaner\Quarantine\C\Users\ANJU\AppData\LocalLow\FilmFanaticEI\Installr\Cache\001013DD.exe.vir a variant of Win32/Toolbar.MyWebSearch.O application C:\Users\ANJU\AppData\Local\BlackHawk\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde\1.0_0\BabMaint.x a variant of Win32/Toolbar.Babylon.I application C:\Users\ANJU\AppData\Local\BlackHawk\User Data\Default\Extensions\gaiilaahiahdejapggenmdmafpmbipje\3.0.7.2_0\background.html Win32/DealPly.E application C:\Users\ANJU\Downloads\Programs\cbsidlm-tr1_10a-Direct_MP3_Joiner-ORG-10360428.exe Win32/DownloadAdmin.G application C:\Users\ANJU\Downloads\Programs\free-mp3-cutter-joiner.exe Win32/Adware.RK.AP application C:\Users\ANJU\Downloads\Programs\fTalkV4.exe Win32/Toolbar.SearchSuite application C:\Users\ANJU\Downloads\Programs\MP3CutterSetup.exe Win32/InstallMonetizer.AF application C:\Users\ANJU\Downloads\Programs\Setup_FreeYouTubeDownloaderplus.exe Win32/Toolbar.SearchSuite application C:\Users\ANJU\Downloads\Programs\Setup_FreeYouTubeDownloaderplus_2.exe Win32/Toolbar.SearchSuite application C:\Users\ANJU\Downloads\Softwares\exe\MP3CutterSetup.exe Win32/InstallMonetizer.AF application -
cannot remove pup.optional.BrowseFox.A
emil915 replied to emil915's topic in Resolved Malware Removal Logs
Finally got the scan to work. find the log below : C:\AdwCleaner\Quarantine\C\Program Files (x86)\Search Results Toolbar\del_DataMngrHlpFF10_98.dll.vir probably a variant of Win32/Toolbar.SearchSuite.D application C:\AdwCleaner\Quarantine\C\Program Files (x86)\Search Results Toolbar\del_DataMngrHlpFF11_98.dll.vir probably a variant of Win32/Toolbar.SearchSuite.D application C:\AdwCleaner\Quarantine\C\Program Files (x86)\Search Results Toolbar\del_DataMngrHlpFF12_98.dll.vir probably a variant of Win32/Toolbar.SearchSuite.D application C:\AdwCleaner\Quarantine\C\Program Files (x86)\Search Results Toolbar\del_DataMngrHlpFF13_98.dll.vir probably a variant of Win32/Toolbar.SearchSuite.D application C:\AdwCleaner\Quarantine\C\Program Files (x86)\Search Results Toolbar\del_DataMngrHlpFF3_98.dll.vir probably a variant of Win32/Toolbar.SearchSuite.D application C:\AdwCleaner\Quarantine\C\Program Files (x86)\Search Results Toolbar\del_DataMngrHlpFF4_98.dll.vir probably a variant of Win32/Toolbar.SearchSuite.D application C:\AdwCleaner\Quarantine\C\Program Files (x86)\Search Results Toolbar\del_DataMngrHlpFF5_98.dll.vir probably a variant of Win32/Toolbar.SearchSuite.D application C:\AdwCleaner\Quarantine\C\Program Files (x86)\Search Results Toolbar\del_DataMngrHlpFF6_98.dll.vir probably a variant of Win32/Toolbar.SearchSuite.D application C:\AdwCleaner\Quarantine\C\Program Files (x86)\Search Results Toolbar\del_DataMngrHlpFF7_98.dll.vir probably a variant of Win32/Toolbar.SearchSuite.D application C:\AdwCleaner\Quarantine\C\Program Files (x86)\Search Results Toolbar\del_DataMngrHlpFF8_98.dll.vir probably a variant of Win32/Toolbar.SearchSuite.D application C:\AdwCleaner\Quarantine\C\Program Files (x86)\Search Results Toolbar\del_DataMngrHlpFF9_98.dll.vir probably a variant of Win32/Toolbar.SearchSuite.D application C:\AdwCleaner\Quarantine\C\Program Files (x86)\Search Results Toolbar\del_IEBHO_39.dll.vir a variant of Win64/Toolbar.SearchSuite.A application C:\AdwCleaner\Quarantine\C\Program Files (x86)\Search Results Toolbar\del_IEBHO_80.dll.vir a variant of Win32/Toolbar.SearchSuite application C:\AdwCleaner\Quarantine\C\Users\ANJU\AppData\Local\torch\User Data\Default\Extensions\dlmdlmoekcipeicfbnohedgkglmbhcla\1.0.0_0\background.js.vir Win32/BrowseFox.B application C:\AdwCleaner\Quarantine\C\Users\ANJU\AppData\Local\torch\User Data\Default\Extensions\dlmdlmoekcipeicfbnohedgkglmbhcla\1.0.0_0\content.js.vir Win32/BrowseFox.B application C:\AdwCleaner\Quarantine\C\Users\ANJU\AppData\LocalLow\FilmFanaticEI\Installr\Cache\001013DD.exe.vir a variant of Win32/Toolbar.MyWebSearch.O application C:\Users\ANJU\AppData\Local\BlackHawk\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde\1.0_0\BabMaint.x a variant of Win32/Toolbar.Babylon.I application C:\Users\ANJU\AppData\Local\BlackHawk\User Data\Default\Extensions\gaiilaahiahdejapggenmdmafpmbipje\3.0.7.2_0\background.html Win32/DealPly.E application C:\Users\ANJU\Downloads\Programs\cbsidlm-tr1_10a-Direct_MP3_Joiner-ORG-10360428.exe Win32/DownloadAdmin.G application C:\Users\ANJU\Downloads\Programs\free-mp3-cutter-joiner.exe Win32/Adware.RK.AP application C:\Users\ANJU\Downloads\Programs\fTalkV4.exe Win32/Toolbar.SearchSuite application C:\Users\ANJU\Downloads\Programs\MP3CutterSetup.exe Win32/InstallMonetizer.AF application C:\Users\ANJU\Downloads\Programs\Setup_FreeYouTubeDownloaderplus.exe Win32/Toolbar.SearchSuite application C:\Users\ANJU\Downloads\Programs\Setup_FreeYouTubeDownloaderplus_2.exe Win32/Toolbar.SearchSuite application C:\Users\ANJU\Downloads\Softwares\exe\MP3CutterSetup.exe Win32/InstallMonetizer.AF application -
cannot remove pup.optional.BrowseFox.A
emil915 replied to emil915's topic in Resolved Malware Removal Logs
Hi, i think the online scanning is not going to work. every time i start the scan, the virus signature database download step gets disconnected at around 30 to 50%, and i have to start all over again. i have tried this for 5 times now. may be it is due to my internet connectivity issue ? -
cannot remove pup.optional.BrowseFox.A
emil915 replied to emil915's topic in Resolved Malware Removal Logs
MBAM Log : Malwarebytes Anti-Malware (PRO) 1.75.0.1300www.malwarebytes.org Database version: v2013.10.08.01 Windows 7 x64 NTFSInternet Explorer 8.0.7600.16385ANJU :: ANJU-PC [administrator] Protection: Disabled 18-10-2013 PM 1:35:48mbam-log-2013-10-18 (13-35-48).txt Scan type: Full scan (C:\|D:\|)Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUMScan options disabled: P2PObjects scanned: 390828Time elapsed: 42 minute(s), 1 second(s) Memory Processes Detected: 0(No malicious items detected) Memory Modules Detected: 0(No malicious items detected) Registry Keys Detected: 1HKCR\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3} (PUP.Optional.BrowseFox.A) -> Quarantined and deleted successfully. Registry Values Detected: 0(No malicious items detected) Registry Data Items Detected: 0(No malicious items detected) Folders Detected: 0(No malicious items detected) Files Detected: 2C:\AdwCleaner\Quarantine\C\Users\ANJU\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.2.0.0_0\mgHelperGCFB.dll.vir (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.C:\AdwCleaner\Quarantine\C\Users\ANJU\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.3.0.2_0\mgHelperGC.dll.vir (PUP.Optional.SweetIM) -> Quarantined and deleted successfully. (end) -
cannot remove pup.optional.BrowseFox.A
emil915 replied to emil915's topic in Resolved Malware Removal Logs
Combofix scripting Log. ComboFix 13-10-16.02 - ANJU 18-10-2013 13:05:22.2.4 - x64 Microsoft Windows 7 Home Premium 6.1.7600.0.1252.91.1033.18.3767.2199 [GMT 5.5:30]Running from: c:\users\ANJU\Desktop\ComboFix.exeCommand switches used :: c:\users\ANJU\Desktop\CFScript.txtAV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}..((((((((((((((((((((((((( Files Created from 2013-09-18 to 2013-10-18 )))))))))))))))))))))))))))))))..2013-10-18 07:44 . 2013-10-18 07:44 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Local\temp2013-10-18 07:44 . 2013-10-18 07:44 -------- d-----w- c:\users\Guest User\AppData\Local\temp2013-10-18 07:44 . 2013-10-18 07:44 -------- d-----w- c:\users\Default\AppData\Local\temp2013-10-15 13:01 . 2013-10-15 13:01 12872 ----a-w- c:\windows\system32\bootdelete.exe2013-10-15 10:14 . 2013-10-15 13:01 -------- d-----w- c:\programdata\HitmanPro2013-10-15 07:27 . 2013-10-17 08:11 -------- d-----w- C:\AdwCleaner2013-10-15 05:11 . 2012-08-30 04:08 1718392 ----a-w- c:\windows\system32\WdfCoinstaller01009.dll2013-10-15 05:11 . 2012-08-30 04:08 40448 ----a-w- c:\windows\system32\drivers\usb2ser.sys2013-10-15 05:11 . 2012-08-30 04:06 103424 ----a-w- c:\windows\SysWow64\MyDIT_GenClassCoInst.dll2013-10-15 05:11 . 2013-10-15 05:11 -------- d-----w- c:\program files (x86)\D-Link Connection Manager2013-10-07 12:25 . 2013-10-07 12:33 -------- d-----w- C:\Acer2013-10-03 13:29 . 2013-10-03 13:29 17154952 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe2013-09-28 16:14 . 2013-09-28 16:14 -------- d-----w- c:\users\ANJU\AppData\Local\avgchrome...(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))).2013-10-03 13:30 . 2013-03-02 16:26 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe2013-10-03 13:30 . 2011-10-01 15:11 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl2011-09-26 14:52 . 2013-03-22 14:27 161720 ----a-w- c:\program files (x86)\pares.dll..((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))..*Note* empty entries & legit default entries are not shown REGEDIT4.[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{e9e8eb35-ff77-455d-b677-91e5e4fc06c2}]2009-11-25 07:17 297808 ----a-w- c:\windows\System32\mscoree.dll.[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]2010-05-27 02:40 120176 ----a-w- c:\program files (x86)\EgisTec MyWinLocker\x86\PSDProtect.dll.[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"Facebook Update"="c:\users\ANJU\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-09-22 138096]"IDMan"="c:\program files (x86)\Internet Download Manager\IDMan.exe" [2012-06-07 3491264]"Nimbuzz"="c:\program files (x86)\Nimbuzz\Nimbuzz.exe" [2012-10-17 12859904]"GoogleDriveSync"="c:\program files (x86)\Google\Drive\googledrivesync.exe" [2013-04-16 19662744]"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-06-21 19876968].[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2010-03-04 284696]"SuiteTray"="c:\program files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [2010-05-27 337264]"EgisUpdate"="c:\program files (x86)\EgisTec IPS\EgisUpdate.exe" [2010-03-11 201584]"EgisTecPMMUpdate"="c:\program files (x86)\EgisTec IPS\PmmUpdate.exe" [2010-03-11 407920]"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-28 35696]"BackupManagerTray"="c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" [2010-06-28 265984]"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-10-21 98304]"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2010-08-10 975952]"Microsoft Default Manager"="c:\program files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2010-05-10 439568]"MDS_Menu"="c:\program files (x86)\Acer Arcade Deluxe\MediaShow Espresso\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]"ArcadeMovieService"="c:\program files (x86)\Acer Arcade Deluxe\Arcade Movie\ArcadeMovieService.exe" [2010-06-25 124136]"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]"YSearchProtection"="c:\program files (x86)\Yahoo!\Search Protection\SearchProtection.exe" [2009-02-23 111856]"TkBellExe"="c:\program files (x86)\Real\RealPlayer\update\realsched.exe" [2012-06-20 296056]"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-03-06 4767304].c:\users\ANJU\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk - c:\users\ANJU\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe [2013-3-7 248240].c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk - c:\program files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2013-8-25 113664]Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2010-6-25 1129760].[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]"ConsentPromptBehaviorUser"= 3 (0x3)"EnableUIADesktopToggle"= 0 (0x0).[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]"LoadAppInit_DLLs"=1 (0x1).[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]"mixer2"=wdmaud.drv.[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]@="".[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]@="".[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader]@="".[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot]@="".[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]@="".R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]R2 Freemake Improver;Freemake Improver;c:\programdata\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe;c:\programdata\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [x]R2 Idea Net Setter. RunOuc;Idea Net Setter. OUC;c:\program files (x86)\Idea Net Setter\UpdateDog\ouc.exe;c:\program files (x86)\Idea Net Setter\UpdateDog\ouc.exe [x]R2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS;c:\windows\SYSNATIVE\drivers\AmUStor.SYS [x]R3 aswVmm;aswVmm; [x]R3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys;c:\windows\SYSNATIVE\drivers\btwampfl.sys [x]R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ew_hwusbdev.sys [x]R3 ewusbmbb;HUAWEI USB-WWAN miniport;c:\windows\system32\DRIVERS\ewusbwwan.sys;c:\windows\SYSNATIVE\DRIVERS\ewusbwwan.sys [x]R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]R3 MWLService;MyWinLocker Service;c:\program files (x86)\EgisTec MyWinLocker\x86\MWLService.exe;c:\program files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [x]R3 TurboBoost;TurboBoost;c:\program files\Intel\TurboBoost\TurboBoost.exe;c:\program files\Intel\TurboBoost\TurboBoost.exe [x]R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]R3 ztemtusbser;ZTEMT Legacy Serial Communication;c:\windows\system32\DRIVERS\CT_ZTEMT_U_USBSER.sys;c:\windows\SYSNATIVE\DRIVERS\CT_ZTEMT_U_USBSER.sys [x]S0 aswRvrt;aswRvrt; [x]S1 aswSnx;aswSnx; [x]S1 aswSP;aswSP; [x]S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDFilter.sys [x]S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDNServ.sys [x]S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDVDisk.sys [x]S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]S2 aswFsBlk;aswFsBlk; [x]S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe;c:\program files (x86)\Launch Manager\dsiwmis.exe [x]S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer PowerSmart Manager\ePowerSvc.exe;c:\program files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [x]S2 FreemakeVideoCapture;FreemakeVideoCapture;c:\program files (x86)\Freemake\CaptureLib\CaptureLibService.exe;c:\program files (x86)\Freemake\CaptureLib\CaptureLibService.exe [x]S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe;c:\program files (x86)\Acer\Registration\GREGsvc.exe [x]S2 HWDeviceService64.exe;HWDeviceService64.exe;c:\programdata\DatacardService\HWDeviceService64.exe;c:\programdata\DatacardService\HWDeviceService64.exe [x]S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [x]S2 IDMWFP;IDMWFP;c:\windows\system32\DRIVERS\idmwfp.sys;c:\windows\SYSNATIVE\DRIVERS\idmwfp.sys [x]S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [x]S2 ODDPwrSvc;Acer ODD Power Service;c:\program files\Acer\Optical Drive Power Management\ODDPWRSvc.exe;c:\program files\Acer\Optical Drive Power Management\ODDPWRSvc.exe [x]S2 RS_Service;Raw Socket Service;c:\program files (x86)\Acer\Acer VCM\RS_Service.exe;c:\program files (x86)\Acer\Acer VCM\RS_Service.exe [x]S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys;c:\windows\SYSNATIVE\DRIVERS\TurboB.sys [x]S2 UDisk Monitor;UDisk Monitor;c:\program files\TATA Photon Whiz Dialer\bin\MonServiceUDisk.exe;c:\program files\TATA Photon Whiz Dialer\bin\MonServiceUDisk.exe [x]S2 UNS;Intel® Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [x]S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe;c:\program files\Acer\Acer Updater\UpdaterService.exe [x]S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jubusenum.sys [x]S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys;c:\windows\SYSNATIVE\DRIVERS\Impcd.sys [x]S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys;c:\windows\SYSNATIVE\DRIVERS\igdpmd64.sys [x]S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]S3 wdf_usb;wdf_usb;c:\windows\system32\DRIVERS\usb2ser.sys;c:\windows\SYSNATIVE\DRIVERS\usb2ser.sys [x]..[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]2013-10-06 04:20 1185744 ----a-w- c:\program files (x86)\Google\Chrome\Application\30.0.1599.69\Installer\chrmstp.exe.Contents of the 'Scheduled Tasks' folder.2013-10-18 c:\windows\Tasks\Adobe Flash Player Updater.job- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-02 16:06].2013-10-17 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2178933935-4143419969-1144191208-1000Core.job- c:\users\ANJU\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-11-22 14:48].2013-10-17 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2178933935-4143419969-1144191208-1000UA.job- c:\users\ANJU\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-11-22 14:48].2013-10-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-03-19 08:59].2013-10-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-03-19 08:59].2013-10-15 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2178933935-4143419969-1144191208-1000Core.job- c:\users\ANJU\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-12 13:07].2013-10-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2178933935-4143419969-1144191208-1000UA.job- c:\users\ANJU\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-12 13:07].2013-10-17 c:\windows\Tasks\ReclaimerUpdateFiles_ANJU.job- c:\users\ANJU\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.60\agent\rnupgagent.exe [2013-09-02 13:57].2013-09-28 c:\windows\Tasks\ReclaimerUpdateXML_ANJU.job- c:\users\ANJU\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.60\agent\rnupgagent.exe [2013-09-02 13:57].2013-10-18 c:\windows\Tasks\RNUpgradeHelperLogonPrompt_ANJU.job- c:\users\ANJU\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.60\agent\rnupgagent.exe [2013-09-02 13:57]..--------- X64 Entries -----------..[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]@="{472083B0-C522-11CF-8763-00608CC02F24}"[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]2013-03-06 23:32 133840 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]2010-05-27 02:42 137584 ----a-w- c:\program files (x86)\EgisTec MyWinLocker\x64\PSDProtect.dll.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]2013-04-16 10:40 776144 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]2013-04-16 10:40 776144 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]2013-04-16 10:40 776144 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]2013-04-16 10:40 776144 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IDM Shell Extension]@="{CDC95B92-E27C-4745-A8C5-64A52A78855D}"[HKEY_CLASSES_ROOT\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}]2012-02-08 00:49 23432 ----a-w- c:\program files (x86)\Internet Download Manager\IDMShellExt64.dll.[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-07-13 11046504]"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-07-13 2103912]"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2009-04-09 320000]"ODDPwr"="c:\program files\Acer\Optical Drive Power Management\ODDPwr.exe" [2010-04-22 223264]"mwlDaemon"="c:\program files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe" [2010-05-27 349552]"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-10-20 161304]"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-10-20 386584]"Persistence"="c:\windows\system32\igfxpers.exe" [2010-10-20 414744]"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [bU]"Acer ePower Management"="c:\program files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe" [2010-06-11 496160].------- Supplementary Scan -------.uLocal Page = c:\windows\system32\blank.htmmLocal Page = c:\windows\SysWOW64\blank.htmIE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200IE: Download all links with IDM - c:\program files (x86)\Internet Download Manager\IEGetAll.htmIE: Download with IDM - c:\program files (x86)\Internet Download Manager\IEExt.htmIE: E&xport to Microsoft Excel - c:\progra~2\MICROS~3\Office12\EXCEL.EXE/3000IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htmIE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htmTCP: DhcpNameServer = 10.0.0.2 10.0.0.3TCP: Interfaces\{39C1F243-4DD3-44A8-BB5C-91764DE735FD}: NameServer = 112.110.240.5 112.110.249.5FF - ProfilePath - c:\users\ANJU\AppData\Roaming\Mozilla\Firefox\Profiles\y3uf64cy.default\FF - prefs.js: browser.search.defaulturl - FF - prefs.js: network.proxy.type - 0.- - - - ORPHANS REMOVED - - - -.Toolbar-Locked - (no file)Toolbar-10 - (no file)AddRemove-{3CC29C1A-B5FE-457B-8F22-32A2557A92C7}}_is1 - c:\program files (x86)\Windows Movie Maker\unins000.exe...[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MySQL]"ImagePath"="\"c:\program files\MySQL\MySQL Server 5.5\bin\mysqld\" --defaults-file=\"c:\program files\MySQL\MySQL Server 5.5\my.ini\" MySQL".--------------------- LOCKED REGISTRY KEYS ---------------------.[HKEY_USERS\S-1-5-21-2178933935-4143419969-1144191208-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.download\UserChoice]@Denied: (2) (LocalSystem)"Progid"="SafariDownload".[HKEY_USERS\S-1-5-21-2178933935-4143419969-1144191208-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]@Denied: (2) (S-1-5-21-2178933935-4143419969-1144191208-1000)@Denied: (2) (LocalSystem)"Progid"="ChromeHTML".[HKEY_USERS\S-1-5-21-2178933935-4143419969-1144191208-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]@Denied: (2) (S-1-5-21-2178933935-4143419969-1144191208-1000)@Denied: (2) (LocalSystem)"Progid"="Applications\\notepad.exe".[HKEY_USERS\S-1-5-21-2178933935-4143419969-1144191208-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.safariextz\UserChoice]@Denied: (2) (LocalSystem)"Progid"="SafariExtension".[HKEY_USERS\S-1-5-21-2178933935-4143419969-1144191208-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]@Denied: (2) (S-1-5-21-2178933935-4143419969-1144191208-1000)@Denied: (2) (LocalSystem)"Progid"="ChromeHTML".[HKEY_USERS\S-1-5-21-2178933935-4143419969-1144191208-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.svg\UserChoice]@Denied: (2) (LocalSystem)"Progid"="SafariHTML".[HKEY_USERS\S-1-5-21-2178933935-4143419969-1144191208-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.webarchive\UserChoice]@Denied: (2) (LocalSystem)"Progid"="SafariHTML".[HKEY_USERS\S-1-5-21-2178933935-4143419969-1144191208-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]@Denied: (2) (S-1-5-21-2178933935-4143419969-1144191208-1000)@Denied: (2) (LocalSystem)"Progid"="ChromeHTML".[HKEY_USERS\S-1-5-21-2178933935-4143419969-1144191208-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]@Denied: (2) (S-1-5-21-2178933935-4143419969-1144191208-1000)@Denied: (2) (LocalSystem)"Progid"="ChromeHTML".[HKEY_USERS\S-1-5-21-2178933935-4143419969-1144191208-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xml\UserChoice]@Denied: (2) (LocalSystem)"Progid"="SafariHTML".[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]@Denied: (A) (Users)@Denied: (A) (Everyone)@Allowed: (B 1 2 3 4 5) (S-1-5-20)"BlindDial"=dword:00000000.[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]@Denied: (A) (Users)@Denied: (A) (Everyone)@Allowed: (B 1 2 3 4 5) (S-1-5-20)"BlindDial"=dword:00000000.[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]@Denied: (A) (Users)@Denied: (A) (Everyone)@Allowed: (B 1 2 3 4 5) (S-1-5-20)"BlindDial"=dword:00000000.[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]@Denied: (A) (Users)@Denied: (A) (Everyone)@Allowed: (B 1 2 3 4 5) (S-1-5-20)"BlindDial"=dword:00000000.[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]@Denied: (A) (Users)@Denied: (A) (Everyone)@Allowed: (B 1 2 3 4 5) (S-1-5-20)"BlindDial"=dword:00000000.[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]@Denied: (A) (Users)@Denied: (A) (Everyone)@Allowed: (B 1 2 3 4 5) (S-1-5-20)"BlindDial"=dword:00000000.[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]@Denied: (A) (Users)@Denied: (A) (Everyone)@Allowed: (B 1 2 3 4 5) (S-1-5-20)"BlindDial"=dword:00000000.[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]@Denied: (A) (Users)@Denied: (A) (Everyone)@Allowed: (B 1 2 3 4 5) (S-1-5-20)"BlindDial"=dword:00000000.[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings]@Denied: (A) (Users)@Denied: (A) (Everyone)@Allowed: (B 1 2 3 4 5) (S-1-5-20)"BlindDial"=dword:00000000.[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings]@Denied: (A) (Users)@Denied: (A) (Everyone)@Allowed: (B 1 2 3 4 5) (S-1-5-20)"BlindDial"=dword:00000000.[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0010\AllUserSettings]@Denied: (A) (Users)@Denied: (A) (Everyone)@Allowed: (B 1 2 3 4 5) (S-1-5-20)"BlindDial"=dword:00000000.[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0011\AllUserSettings]@Denied: (A) (Users)@Denied: (A) (Everyone)@Allowed: (B 1 2 3 4 5) (S-1-5-20)"BlindDial"=dword:00000000.[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]@Denied: (Full) (Everyone).Completion time: 2013-10-18 13:30:24ComboFix-quarantined-files.txt 2013-10-18 08:00ComboFix2.txt 2013-10-17 15:29.Pre-Run: 204,069,412,864 bytes freePost-Run: 203,827,965,952 bytes free.- - End Of File - - 29D409FE170F7D5EF322AC02F4402FBE -
cannot remove pup.optional.BrowseFox.A
emil915 replied to emil915's topic in Resolved Malware Removal Logs
ComboFix Log : ComboFix 13-10-16.02 - ANJU 17-10-2013 20:23:22.1.4 - x64Microsoft Windows 7 Home Premium 6.1.7600.0.1252.91.1033.18.3767.2066 [GMT 5.5:30]Running from: c:\users\ANJU\Desktop\ComboFix.exeAV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Created a new restore point..((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))..c:\users\ANJU\AppData\Local\Temp\_MEI31962\_ctypes.pydc:\users\ANJU\AppData\Local\Temp\_MEI31962\_elementtree.pydc:\users\ANJU\AppData\Local\Temp\_MEI31962\_hashlib.pydc:\users\ANJU\AppData\Local\Temp\_MEI31962\_multiprocessing.pydc:\users\ANJU\AppData\Local\Temp\_MEI31962\_socket.pydc:\users\ANJU\AppData\Local\Temp\_MEI31962\_ssl.pydc:\users\ANJU\AppData\Local\Temp\_MEI31962\pyexpat.pydc:\users\ANJU\AppData\Local\Temp\_MEI31962\pysqlite2._sqlite.pydc:\users\ANJU\AppData\Local\Temp\_MEI31962\python27.dllc:\users\ANJU\AppData\Local\Temp\_MEI31962\pythoncom27.dllc:\users\ANJU\AppData\Local\Temp\_MEI31962\PyWinTypes27.dllc:\users\ANJU\AppData\Local\Temp\_MEI31962\select.pydc:\users\ANJU\AppData\Local\Temp\_MEI31962\unicodedata.pydc:\users\ANJU\AppData\Local\Temp\_MEI31962\win32api.pydc:\users\ANJU\AppData\Local\Temp\_MEI31962\win32com.shell.shell.pydc:\users\ANJU\AppData\Local\Temp\_MEI31962\win32crypt.pydc:\users\ANJU\AppData\Local\Temp\_MEI31962\win32event.pydc:\users\ANJU\AppData\Local\Temp\_MEI31962\win32file.pydc:\users\ANJU\AppData\Local\Temp\_MEI31962\win32inet.pydc:\users\ANJU\AppData\Local\Temp\_MEI31962\win32pdh.pydc:\users\ANJU\AppData\Local\Temp\_MEI31962\win32process.pydc:\users\ANJU\AppData\Local\Temp\_MEI31962\win32profile.pydc:\users\ANJU\AppData\Local\Temp\_MEI31962\win32security.pydc:\users\ANJU\AppData\Local\Temp\_MEI31962\win32ts.pydc:\users\ANJU\AppData\Local\Temp\_MEI31962\windows._cacheinvalidation.pydc:\users\ANJU\AppData\Local\Temp\_MEI31962\wx._controls_.pydc:\users\ANJU\AppData\Local\Temp\_MEI31962\wx._core_.pydc:\users\ANJU\AppData\Local\Temp\_MEI31962\wx._gdi_.pydc:\users\ANJU\AppData\Local\Temp\_MEI31962\wx._html2.pydc:\users\ANJU\AppData\Local\Temp\_MEI31962\wx._misc_.pydc:\users\ANJU\AppData\Local\Temp\_MEI31962\wx._windows_.pydc:\users\ANJU\AppData\Local\Temp\_MEI31962\wx._wizard.pydc:\users\ANJU\AppData\Local\Temp\_MEI31962\wxbase294u_net_vc90.dllc:\users\ANJU\AppData\Local\Temp\_MEI31962\wxbase294u_vc90.dllc:\users\ANJU\AppData\Local\Temp\_MEI31962\wxmsw294u_adv_vc90.dllc:\users\ANJU\AppData\Local\Temp\_MEI31962\wxmsw294u_core_vc90.dllc:\users\ANJU\AppData\Local\Temp\_MEI31962\wxmsw294u_html_vc90.dllc:\users\ANJU\AppData\Local\Temp\_MEI31962\wxmsw294u_webview_vc90.dllc:\windows\87534825D130C004.logc:\windows\ST6UNST.000c:\windows\SysWow64\DEBUG.logc:\windows\SysWow64\Packet.dllc:\windows\SysWow64\pthreadVC.dllc:\windows\SysWow64\wpcap.dllc:\windows\wininit.ini..((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))..-------\Legacy_NPF-------\Service_npf..((((((((((((((((((((((((( Files Created from 2013-09-17 to 2013-10-17 )))))))))))))))))))))))))))))))..2013-10-17 15:07 . 2013-10-17 15:07 -------- d-----w- c:\users\Default\AppData\Local\temp2013-10-17 15:06 . 2013-10-17 15:06 -------- d-----w- c:\users\Guest User\AppData\Local\temp2013-10-15 13:01 . 2013-10-15 13:01 12872 ----a-w- c:\windows\system32\bootdelete.exe2013-10-15 10:14 . 2013-10-15 13:01 -------- d-----w- c:\programdata\HitmanPro2013-10-15 07:27 . 2013-10-17 08:11 -------- d-----w- C:\AdwCleaner2013-10-15 05:11 . 2012-08-30 04:08 1718392 ----a-w- c:\windows\system32\WdfCoinstaller01009.dll2013-10-15 05:11 . 2012-08-30 04:08 40448 ----a-w- c:\windows\system32\drivers\usb2ser.sys2013-10-15 05:11 . 2012-08-30 04:06 103424 ----a-w- c:\windows\SysWow64\MyDIT_GenClassCoInst.dll2013-10-15 05:11 . 2013-10-15 05:11 -------- d-----w- c:\program files (x86)\D-Link Connection Manager2013-10-07 12:25 . 2013-10-07 12:33 -------- d-----w- C:\Acer2013-10-03 13:29 . 2013-10-03 13:29 17154952 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe2013-09-28 16:14 . 2013-09-28 16:14 -------- d-----w- c:\users\ANJU\AppData\Local\avgchrome...(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))).2013-10-03 13:30 . 2013-03-02 16:26 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe2013-10-03 13:30 . 2011-10-01 15:11 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl2011-09-26 14:52 . 2013-03-22 14:27 161720 ----a-w- c:\program files (x86)\pares.dll..((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))..*Note* empty entries & legit default entries are not shown REGEDIT4.[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{e9e8eb35-ff77-455d-b677-91e5e4fc06c2}]2009-11-25 07:17 297808 ----a-w- c:\windows\System32\mscoree.dll.[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]2010-05-27 02:40 120176 ----a-w- c:\program files (x86)\EgisTec MyWinLocker\x86\PSDProtect.dll.[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"Facebook Update"="c:\users\ANJU\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-09-22 138096]"IDMan"="c:\program files (x86)\Internet Download Manager\IDMan.exe" [2012-06-07 3491264]"Nimbuzz"="c:\program files (x86)\Nimbuzz\Nimbuzz.exe" [2012-10-17 12859904]"GoogleDriveSync"="c:\program files (x86)\Google\Drive\googledrivesync.exe" [2013-04-16 19662744]"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-06-21 19876968].[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2010-03-04 284696]"SuiteTray"="c:\program files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [2010-05-27 337264]"EgisUpdate"="c:\program files (x86)\EgisTec IPS\EgisUpdate.exe" [2010-03-11 201584]"EgisTecPMMUpdate"="c:\program files (x86)\EgisTec IPS\PmmUpdate.exe" [2010-03-11 407920]"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-28 35696]"BackupManagerTray"="c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" [2010-06-28 265984]"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-10-21 98304]"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2010-08-10 975952]"Microsoft Default Manager"="c:\program files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2010-05-10 439568]"MDS_Menu"="c:\program files (x86)\Acer Arcade Deluxe\MediaShow Espresso\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]"ArcadeMovieService"="c:\program files (x86)\Acer Arcade Deluxe\Arcade Movie\ArcadeMovieService.exe" [2010-06-25 124136]"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]"YSearchProtection"="c:\program files (x86)\Yahoo!\Search Protection\SearchProtection.exe" [2009-02-23 111856]"TkBellExe"="c:\program files (x86)\Real\RealPlayer\update\realsched.exe" [2012-06-20 296056]"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-03-06 4767304].c:\users\ANJU\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk - c:\users\ANJU\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe [2013-3-7 248240].c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk - c:\program files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2013-8-25 113664]Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2010-6-25 1129760].[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]"ConsentPromptBehaviorUser"= 3 (0x3)"EnableUIADesktopToggle"= 0 (0x0).[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]"LoadAppInit_DLLs"=1 (0x1).[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]"mixer2"=wdmaud.drv.[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]@="".[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]@="".[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader]@="".[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot]@="".[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]@="".R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]R2 Idea Net Setter. RunOuc;Idea Net Setter. OUC;c:\program files (x86)\Idea Net Setter\UpdateDog\ouc.exe;c:\program files (x86)\Idea Net Setter\UpdateDog\ouc.exe [x]R2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS;c:\windows\SYSNATIVE\drivers\AmUStor.SYS [x]R3 aswVmm;aswVmm; [x]R3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys;c:\windows\SYSNATIVE\drivers\btwampfl.sys [x]R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ew_hwusbdev.sys [x]R3 ewusbmbb;HUAWEI USB-WWAN miniport;c:\windows\system32\DRIVERS\ewusbwwan.sys;c:\windows\SYSNATIVE\DRIVERS\ewusbwwan.sys [x]R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]R3 MWLService;MyWinLocker Service;c:\program files (x86)\EgisTec MyWinLocker\x86\MWLService.exe;c:\program files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [x]R3 TurboBoost;TurboBoost;c:\program files\Intel\TurboBoost\TurboBoost.exe;c:\program files\Intel\TurboBoost\TurboBoost.exe [x]R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]R3 wdf_usb;wdf_usb;c:\windows\system32\DRIVERS\usb2ser.sys;c:\windows\SYSNATIVE\DRIVERS\usb2ser.sys [x]R3 ztemtusbser;ZTEMT Legacy Serial Communication;c:\windows\system32\DRIVERS\CT_ZTEMT_U_USBSER.sys;c:\windows\SYSNATIVE\DRIVERS\CT_ZTEMT_U_USBSER.sys [x]S0 aswRvrt;aswRvrt; [x]S1 aswSnx;aswSnx; [x]S1 aswSP;aswSP; [x]S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDFilter.sys [x]S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDNServ.sys [x]S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDVDisk.sys [x]S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]S2 aswFsBlk;aswFsBlk; [x]S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe;c:\program files (x86)\Launch Manager\dsiwmis.exe [x]S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer PowerSmart Manager\ePowerSvc.exe;c:\program files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [x]S2 Freemake Improver;Freemake Improver;c:\programdata\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe;c:\programdata\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [x]S2 FreemakeVideoCapture;FreemakeVideoCapture;c:\program files (x86)\Freemake\CaptureLib\CaptureLibService.exe;c:\program files (x86)\Freemake\CaptureLib\CaptureLibService.exe [x]S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe;c:\program files (x86)\Acer\Registration\GREGsvc.exe [x]S2 HWDeviceService64.exe;HWDeviceService64.exe;c:\programdata\DatacardService\HWDeviceService64.exe;c:\programdata\DatacardService\HWDeviceService64.exe [x]S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [x]S2 IDMWFP;IDMWFP;c:\windows\system32\DRIVERS\idmwfp.sys;c:\windows\SYSNATIVE\DRIVERS\idmwfp.sys [x]S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [x]S2 ODDPwrSvc;Acer ODD Power Service;c:\program files\Acer\Optical Drive Power Management\ODDPWRSvc.exe;c:\program files\Acer\Optical Drive Power Management\ODDPWRSvc.exe [x]S2 RS_Service;Raw Socket Service;c:\program files (x86)\Acer\Acer VCM\RS_Service.exe;c:\program files (x86)\Acer\Acer VCM\RS_Service.exe [x]S2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys;c:\windows\SYSNATIVE\DRIVERS\TurboB.sys [x]S2 UDisk Monitor;UDisk Monitor;c:\program files\TATA Photon Whiz Dialer\bin\MonServiceUDisk.exe;c:\program files\TATA Photon Whiz Dialer\bin\MonServiceUDisk.exe [x]S2 UNS;Intel® Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [x]S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe;c:\program files\Acer\Acer Updater\UpdaterService.exe [x]S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jubusenum.sys [x]S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys;c:\windows\SYSNATIVE\DRIVERS\Impcd.sys [x]S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys;c:\windows\SYSNATIVE\DRIVERS\igdpmd64.sys [x]S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]..--- Other Services/Drivers In Memory ---.*NewlyCreated* - WS2IFSL.[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]2013-10-06 04:20 1185744 ----a-w- c:\program files (x86)\Google\Chrome\Application\30.0.1599.69\Installer\chrmstp.exe.Contents of the 'Scheduled Tasks' folder.2013-10-17 c:\windows\Tasks\Adobe Flash Player Updater.job- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-02 16:06].2013-10-17 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2178933935-4143419969-1144191208-1000Core.job- c:\users\ANJU\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-11-22 14:48].2013-10-17 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2178933935-4143419969-1144191208-1000UA.job- c:\users\ANJU\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-11-22 14:48].2013-10-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-03-19 08:59].2013-10-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-03-19 08:59].2013-10-15 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2178933935-4143419969-1144191208-1000Core.job- c:\users\ANJU\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-12 13:07].2013-10-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2178933935-4143419969-1144191208-1000UA.job- c:\users\ANJU\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-12 13:07].2013-10-17 c:\windows\Tasks\ReclaimerUpdateFiles_ANJU.job- c:\users\ANJU\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.60\agent\rnupgagent.exe [2013-09-02 13:57].2013-09-28 c:\windows\Tasks\ReclaimerUpdateXML_ANJU.job- c:\users\ANJU\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.60\agent\rnupgagent.exe [2013-09-02 13:57].2013-10-17 c:\windows\Tasks\RNUpgradeHelperLogonPrompt_ANJU.job- c:\users\ANJU\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.60\agent\rnupgagent.exe [2013-09-02 13:57]..--------- X64 Entries -----------..[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]@="{472083B0-C522-11CF-8763-00608CC02F24}"[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]2013-03-06 23:32 133840 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]2010-05-27 02:42 137584 ----a-w- c:\program files (x86)\EgisTec MyWinLocker\x64\PSDProtect.dll.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]2013-04-16 10:40 776144 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]2013-04-16 10:40 776144 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]2013-04-16 10:40 776144 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]2013-04-16 10:40 776144 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IDM Shell Extension]@="{CDC95B92-E27C-4745-A8C5-64A52A78855D}"[HKEY_CLASSES_ROOT\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}]2012-02-08 00:49 23432 ----a-w- c:\program files (x86)\Internet Download Manager\IDMShellExt64.dll.[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-07-13 11046504]"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-07-13 2103912]"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2009-04-09 320000]"ODDPwr"="c:\program files\Acer\Optical Drive Power Management\ODDPwr.exe" [2010-04-22 223264]"mwlDaemon"="c:\program files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe" [2010-05-27 349552]"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-10-20 161304]"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-10-20 386584]"Persistence"="c:\windows\system32\igfxpers.exe" [2010-10-20 414744]"Acer ePower Management"="c:\program files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe" [2010-06-11 496160].------- Supplementary Scan -------.uLocal Page = c:\windows\system32\blank.htmmLocal Page = c:\windows\SysWOW64\blank.htmuInternet Settings,ProxyOverride = localIE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200IE: Download all links with IDM - c:\program files (x86)\Internet Download Manager\IEGetAll.htmIE: Download with IDM - c:\program files (x86)\Internet Download Manager\IEExt.htmIE: E&xport to Microsoft Excel - c:\progra~2\MICROS~3\Office12\EXCEL.EXE/3000IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htmIE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htmTCP: DhcpNameServer = 10.0.0.2 10.0.0.3FF - ProfilePath - c:\users\ANJU\AppData\Roaming\Mozilla\Firefox\Profiles\y3uf64cy.default\FF - prefs.js: browser.search.defaulturl - FF - prefs.js: network.proxy.type - 0.- - - - ORPHANS REMOVED - - - -.URLSearchHooks-{81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - (no file)URLSearchHooks-{9384bd4c-dd14-4be9-80f7-f6277511e4f5} - (no file)Toolbar-Locked - (no file)Toolbar-10 - (no file)Wow6432Node-HKCU-Run-Messenger (Yahoo!) - ~c:\progra~2\Yahoo!\Messenger\YahooMessenger.exeWow6432Node-HKLM-Run-Yahoo Messenger - (no file)Toolbar-Locked - (no file)Toolbar-10 - (no file)HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exeAddRemove-{3CC29C1A-B5FE-457B-8F22-32A2557A92C7}}_is1 - c:\program files (x86)\Windows Movie Maker\unins000.exe...[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MySQL]"ImagePath"="\"c:\program files\MySQL\MySQL Server 5.5\bin\mysqld\" --defaults-file=\"c:\program files\MySQL\MySQL Server 5.5\my.ini\" MySQL".--------------------- LOCKED REGISTRY KEYS ---------------------.[HKEY_USERS\S-1-5-21-2178933935-4143419969-1144191208-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.download\UserChoice]@Denied: (2) (LocalSystem)"Progid"="SafariDownload".[HKEY_USERS\S-1-5-21-2178933935-4143419969-1144191208-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]@Denied: (2) (S-1-5-21-2178933935-4143419969-1144191208-1000)@Denied: (2) (LocalSystem)"Progid"="ChromeHTML".[HKEY_USERS\S-1-5-21-2178933935-4143419969-1144191208-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]@Denied: (2) (S-1-5-21-2178933935-4143419969-1144191208-1000)@Denied: (2) (LocalSystem)"Progid"="Applications\\notepad.exe".[HKEY_USERS\S-1-5-21-2178933935-4143419969-1144191208-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.safariextz\UserChoice]@Denied: (2) (LocalSystem)"Progid"="SafariExtension".[HKEY_USERS\S-1-5-21-2178933935-4143419969-1144191208-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]@Denied: (2) (S-1-5-21-2178933935-4143419969-1144191208-1000)@Denied: (2) (LocalSystem)"Progid"="ChromeHTML".[HKEY_USERS\S-1-5-21-2178933935-4143419969-1144191208-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.svg\UserChoice]@Denied: (2) (LocalSystem)"Progid"="SafariHTML".[HKEY_USERS\S-1-5-21-2178933935-4143419969-1144191208-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.webarchive\UserChoice]@Denied: (2) (LocalSystem)"Progid"="SafariHTML".[HKEY_USERS\S-1-5-21-2178933935-4143419969-1144191208-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]@Denied: (2) (S-1-5-21-2178933935-4143419969-1144191208-1000)@Denied: (2) (LocalSystem)"Progid"="ChromeHTML".[HKEY_USERS\S-1-5-21-2178933935-4143419969-1144191208-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]@Denied: (2) (S-1-5-21-2178933935-4143419969-1144191208-1000)@Denied: (2) (LocalSystem)"Progid"="ChromeHTML".[HKEY_USERS\S-1-5-21-2178933935-4143419969-1144191208-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xml\UserChoice]@Denied: (2) (LocalSystem)"Progid"="SafariHTML".[HKEY_USERS\S-1-5-21-2178933935-4143419969-1144191208-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{40966F84-4AD1-63BE-00B5-BDB4A610243D}*]"oafjempfdjlbclhgpnjnfjboegdnag"=hex:6a,61,6d,6f,69,67,65,69,68,6c,6d,63,66,6c, 6e,64,63,6d,67,65,00,fa"naljolbllikbjeiafggjohiioggp"=hex:6a,61,6d,6f,6e,67,6e,68,6b,64,6f,68,6f,6c, 6e,66,6b,6f,65,6f,00,ff"oajicaooaelehglmgfcepfdnonkgmo"=hex:64,61,6d,6f,69,67,6c,67,00,fc.[HKEY_USERS\S-1-5-21-2178933935-4143419969-1144191208-1000_Classes\Wow6432Node\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]@Denied: (Full) (Everyone)@Allowed: (Read) (RestrictedCode)"scansk"=hex(0):76,f9,7a,e3,12,53,3c,50,6b,fa,a3,90,7d,a8,fa,8d,68,ed,ce,93,ab, 2c,18,0b,6b,ce,39,90,73,53,bd,55,ea,2e,9d,38,0b,0b,ff,fc,00,00,00,00,00,00,\.[HKEY_USERS\S-1-5-21-2178933935-4143419969-1144191208-1000_Classes\Wow6432Node\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]@Denied: (Full) (Everyone)"scansk"=hex(0):05,77,84,ed,af,4c,2c,fb,d0,72,dc,ea,6d,07,fd,fc,07,05,93,b2,9f, b0,36,9a,2e,21,dc,cc,42,e7,5b,0b,8a,9c,be,d4,d3,4d,d2,90,00,00,00,00,00,00,\.[HKEY_USERS\S-1-5-21-2178933935-4143419969-1144191208-1000_Classes\Wow6432Node\CLSID\{82fba445-bd83-4f01-823e-dd9274bbfb03}]@Denied: (Full) (Everyone)@Allowed: (Read) (RestrictedCode)"Model"=dword:000000c5"Therad"=dword:00000020"MData"=hex(0):2b,8f,78,29,5a,0c,ce,ec,48,d4,68,e5,9f,6a,96,3e,ab,de,c5,81,26, 38,95,44,85,b1,12,f9,90,dd,23,a1,46,8f,3c,f2,5c,68,ee,21,4a,c5,cc,d9,5d,57,\.[HKEY_USERS\S-1-5-21-2178933935-4143419969-1144191208-1000_Classes\Wow6432Node\CLSID\{ab006fd2-42bf-4123-8ff7-9e37e83218e0}]@Denied: (Full) (Everyone)@Allowed: (Read) (RestrictedCode)"Model"=dword:0000005a"Therad"=dword:0000001b"MData"=hex(0):73,d5,cf,b8,a4,07,89,80,31,e4,35,6b,2a,ca,fe,43,b6,1f,81,1f,5a, 1b,4d,36,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,\.[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]@Denied: (A) (Users)@Denied: (A) (Everyone)@Allowed: (B 1 2 3 4 5) (S-1-5-20)"BlindDial"=dword:00000000.[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]@Denied: (A) (Users)@Denied: (A) (Everyone)@Allowed: (B 1 2 3 4 5) (S-1-5-20)"BlindDial"=dword:00000000.[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]@Denied: (A) (Users)@Denied: (A) (Everyone)@Allowed: (B 1 2 3 4 5) (S-1-5-20)"BlindDial"=dword:00000000.[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]@Denied: (A) (Users)@Denied: (A) (Everyone)@Allowed: (B 1 2 3 4 5) (S-1-5-20)"BlindDial"=dword:00000000.[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]@Denied: (A) (Users)@Denied: (A) (Everyone)@Allowed: (B 1 2 3 4 5) (S-1-5-20)"BlindDial"=dword:00000000.[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]@Denied: (A) (Users)@Denied: (A) (Everyone)@Allowed: (B 1 2 3 4 5) (S-1-5-20)"BlindDial"=dword:00000000.[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]@Denied: (A) (Users)@Denied: (A) (Everyone)@Allowed: (B 1 2 3 4 5) (S-1-5-20)"BlindDial"=dword:00000000.[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]@Denied: (A) (Users)@Denied: (A) (Everyone)@Allowed: (B 1 2 3 4 5) (S-1-5-20)"BlindDial"=dword:00000000.[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings]@Denied: (A) (Users)@Denied: (A) (Everyone)@Allowed: (B 1 2 3 4 5) (S-1-5-20)"BlindDial"=dword:00000000.[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings]@Denied: (A) (Users)@Denied: (A) (Everyone)@Allowed: (B 1 2 3 4 5) (S-1-5-20)"BlindDial"=dword:00000000.[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0010\AllUserSettings]@Denied: (A) (Users)@Denied: (A) (Everyone)@Allowed: (B 1 2 3 4 5) (S-1-5-20)"BlindDial"=dword:00000000.[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0011\AllUserSettings]@Denied: (A) (Users)@Denied: (A) (Everyone)@Allowed: (B 1 2 3 4 5) (S-1-5-20)"BlindDial"=dword:00000000.[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]@Denied: (Full) (Everyone).------------------------ Other Running Processes ------------------------.c:\program files\AVAST Software\Avast\AvastSvc.exec:\programdata\Idea Net Setter\OnlineUpdate\ouc.exec:\program files (x86)\Cyberlink\Shared files\RichVideo.exec:\program files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exec:\program files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exec:\windows\SysWOW64\RunDll32.exec:\program files (x86)\Launch Manager\LMworker.exec:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe.**************************************************************************.Completion time: 2013-10-17 20:59:04 - machine was rebootedComboFix-quarantined-files.txt 2013-10-17 15:28.Pre-Run: 200,839,053,312 bytes freePost-Run: 204,502,401,024 bytes free.- - End Of File - - 2E0B843F980E4B34FDF6AB8F3851BA56 -
cannot remove pup.optional.BrowseFox.A
emil915 replied to emil915's topic in Resolved Malware Removal Logs
Log from TDSS-Killer 19:46:22.0628 5832 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:4219:46:24.0629 5832 ============================================================19:46:24.0629 5832 Current date / time: 2013/10/17 19:46:24.062919:46:24.0629 5832 SystemInfo:19:46:24.0629 5832 19:46:24.0629 5832 OS Version: 6.1.7600 ServicePack: 0.019:46:24.0629 5832 Product type: Workstation19:46:24.0630 5832 ComputerName: ANJU-PC19:46:24.0630 5832 UserName: ANJU19:46:24.0630 5832 Windows directory: C:\Windows19:46:24.0630 5832 System windows directory: C:\Windows19:46:24.0630 5832 Running under WOW6419:46:24.0630 5832 Processor architecture: Intel x6419:46:24.0630 5832 Number of processors: 419:46:24.0630 5832 Page size: 0x100019:46:24.0630 5832 Boot type: Normal boot19:46:24.0630 5832 ============================================================19:46:26.0407 5832 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x0000004019:46:26.0421 5832 ============================================================19:46:26.0421 5832 \Device\Harddisk0\DR0:19:46:26.0421 5832 MBR partitions:19:46:26.0421 5832 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1E00800, BlocksNum 0x3200019:46:26.0421 5832 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1E32800, BlocksNum 0x1DDB800019:46:26.0470 5832 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x1FBEB000, BlocksNum 0x124F800019:46:26.0504 5832 ============================================================19:46:26.0542 5832 C: <-> \Device\Harddisk0\DR0\Partition219:46:26.0610 5832 D: <-> \Device\Harddisk0\DR0\Partition319:46:26.0610 5832 ============================================================19:46:26.0611 5832 Initialize success19:46:26.0611 5832 ============================================================19:46:30.0309 5436 ============================================================19:46:30.0309 5436 Scan started19:46:30.0309 5436 Mode: Manual; 19:46:30.0309 5436 ============================================================19:46:32.0439 5436 ================ Scan system memory ========================19:46:32.0439 5436 System memory - ok19:46:32.0440 5436 ================ Scan services =============================19:46:32.0613 5436 [ 1B00662092F9F9568B995902F0CC40D5 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys19:46:32.0618 5436 1394ohci - ok19:46:33.0038 5436 [ 6F11E88748CDEFD2F76AA215F97DDFE5 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys19:46:33.0044 5436 ACPI - ok19:46:33.0067 5436 [ 63B05A0420CE4BF0E4AF6DCC7CADA254 ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys19:46:33.0069 5436 AcpiPmi - ok19:46:33.0196 5436 [ 3109B16A0939BA11696EEB04F345D099 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe19:46:33.0200 5436 AdobeFlashPlayerUpdateSvc - ok19:46:33.0262 5436 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys19:46:33.0271 5436 adp94xx - ok19:46:33.0323 5436 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys19:46:33.0330 5436 adpahci - ok19:46:33.0354 5436 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys19:46:33.0358 5436 adpu320 - ok19:46:33.0394 5436 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll19:46:33.0396 5436 AeLookupSvc - ok19:46:33.0466 5436 [ 6EF20DDF3172E97D69F596FB90602F29 ] AFD C:\Windows\system32\drivers\afd.sys19:46:33.0475 5436 AFD - ok19:46:33.0520 5436 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\DRIVERS\agp440.sys19:46:33.0522 5436 agp440 - ok19:46:33.0560 5436 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe19:46:33.0562 5436 ALG - ok19:46:33.0599 5436 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\DRIVERS\aliide.sys19:46:33.0601 5436 aliide - ok19:46:33.0630 5436 [ 893D2125996BB8B92054D743D75FDC09 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe19:46:33.0634 5436 AMD External Events Utility - ok19:46:33.0657 5436 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\DRIVERS\amdide.sys19:46:33.0659 5436 amdide - ok19:46:33.0700 5436 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys19:46:33.0702 5436 AmdK8 - ok19:46:33.0928 5436 [ 6AA57C2C6B586CAC8910A142928A79C7 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys19:46:34.0107 5436 amdkmdag - ok19:46:34.0158 5436 [ 2705B5AF991EFF9396109FBE63635FC9 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys19:46:34.0182 5436 amdkmdap - ok19:46:34.0209 5436 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys19:46:34.0211 5436 AmdPPM - ok19:46:34.0246 5436 [ 7A4B413614C055935567CF88A9734D38 ] amdsata C:\Windows\system32\DRIVERS\amdsata.sys19:46:34.0249 5436 amdsata - ok19:46:34.0289 5436 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys19:46:34.0293 5436 amdsbs - ok19:46:34.0310 5436 [ B4AD0CACBAB298671DD6F6EF7E20679D ] amdxata C:\Windows\system32\DRIVERS\amdxata.sys19:46:34.0312 5436 amdxata - ok19:46:34.0339 5436 [ 391887990CDAA83DE5C56C3FDE966DA1 ] AmUStor C:\Windows\system32\drivers\AmUStor.SYS19:46:34.0340 5436 AmUStor - ok19:46:34.0375 5436 [ 42FD751B27FA0E9C69BB39F39E409594 ] AppID C:\Windows\system32\drivers\appid.sys19:46:34.0377 5436 AppID - ok19:46:34.0400 5436 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll19:46:34.0402 5436 AppIDSvc - ok19:46:34.0423 5436 [ D065BE66822847B7F127D1F90158376E ] Appinfo C:\Windows\System32\appinfo.dll19:46:34.0426 5436 Appinfo - ok19:46:34.0452 5436 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys19:46:34.0455 5436 arc - ok19:46:34.0479 5436 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys19:46:34.0481 5436 arcsas - ok19:46:34.0594 5436 [ FA558B04F900EF9801534D20F24FF2BF ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe19:46:34.0596 5436 aspnet_state - ok19:46:34.0670 5436 [ B217378ED9A964E15346A67FEF609A17 ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys19:46:34.0672 5436 aswFsBlk - ok19:46:34.0746 5436 [ E92635BB235B03ED03B17CBB59F77FA4 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys19:46:34.0749 5436 aswMonFlt - ok19:46:34.0780 5436 [ 8F90459AFB7FD4557D935CE639EF6110 ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys19:46:34.0783 5436 aswRdr - ok19:46:34.0849 5436 [ DE6759B8D8E62BF0FFF2B05F05AFCEE6 ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys19:46:34.0852 5436 aswRvrt - ok19:46:34.0938 5436 [ AB8B4D3136D18A20777036E0F0CFC5E1 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys19:46:34.0983 5436 aswSnx - ok19:46:35.0053 5436 [ 97D4D725BD32C965119E6C8E252F8C64 ] aswSP C:\Windows\system32\drivers\aswSP.sys19:46:35.0062 5436 aswSP - ok19:46:35.0198 5436 [ D62C10D1829C65115111C160EA956260 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys19:46:35.0201 5436 aswTdi - ok19:46:35.0259 5436 [ 7E44C2684A6CA779B9D07CB4BD3F649D ] aswVmm C:\Windows\system32\drivers\aswVmm.sys19:46:35.0263 5436 aswVmm - ok19:46:35.0311 5436 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys19:46:35.0312 5436 AsyncMac - ok19:46:35.0377 5436 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\DRIVERS\atapi.sys19:46:35.0379 5436 atapi - ok19:46:35.0440 5436 [ E857EEE6B92AAA473EBB3465ADD8F7E7 ] athr C:\Windows\system32\DRIVERS\athrx.sys19:46:35.0475 5436 athr - ok19:46:35.0527 5436 [ 2D648572BA9A610952FCAFBA1E119C2D ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys19:46:35.0530 5436 AtiHdmiService - ok19:46:35.0643 5436 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll19:46:35.0656 5436 AudioEndpointBuilder - ok19:46:35.0671 5436 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioSrv C:\Windows\System32\Audiosrv.dll19:46:35.0677 5436 AudioSrv - ok19:46:35.0806 5436 [ 41735B82DB57E4EBE9504EC400FD120E ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe19:46:35.0808 5436 avast! Antivirus - ok19:46:35.0919 5436 [ B20B5FA5CA050E9926E4D1DB81501B32 ] AxInstSV C:\Windows\System32\AxInstSV.dll19:46:35.0923 5436 AxInstSV - ok19:46:35.0973 5436 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys19:46:35.0985 5436 b06bdrv - ok19:46:36.0048 5436 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys19:46:36.0055 5436 b57nd60a - ok19:46:36.0327 5436 [ 2D659B569A76CDB83B815675A80D7096 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys19:46:36.0417 5436 BCM43XX - ok19:46:36.0476 5436 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll19:46:36.0479 5436 BDESVC - ok19:46:36.0511 5436 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys19:46:36.0515 5436 Beep - ok19:46:36.0587 5436 [ 4992C609A6315671463E30F6512BC022 ] BFE C:\Windows\System32\bfe.dll19:46:36.0601 5436 BFE - ok19:46:36.0641 5436 [ 7F0C323FE3DA28AA4AA1BDA3F575707F ] BITS C:\Windows\System32\qmgr.dll19:46:36.0663 5436 BITS - ok19:46:36.0713 5436 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys19:46:36.0715 5436 blbdrive - ok19:46:36.0808 5436 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe19:46:36.0817 5436 Bonjour Service - ok19:46:36.0859 5436 [ 19D20159708E152267E53B66677A4995 ] bowser C:\Windows\system32\DRIVERS\bowser.sys19:46:36.0861 5436 bowser - ok19:46:36.0895 5436 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys19:46:36.0897 5436 BrFiltLo - ok19:46:36.0908 5436 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys19:46:36.0910 5436 BrFiltUp - ok19:46:36.0942 5436 [ 94FBC06F294D58D02361918418F996E3 ] Browser C:\Windows\System32\browser.dll19:46:36.0945 5436 Browser - ok19:46:36.0972 5436 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys19:46:36.0978 5436 Brserid - ok19:46:37.0001 5436 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys19:46:37.0003 5436 BrSerWdm - ok19:46:37.0033 5436 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys19:46:37.0035 5436 BrUsbMdm - ok19:46:37.0044 5436 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys19:46:37.0046 5436 BrUsbSer - ok19:46:37.0100 5436 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys19:46:37.0102 5436 BthEnum - ok19:46:37.0124 5436 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys19:46:37.0126 5436 BTHMODEM - ok19:46:37.0145 5436 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys19:46:37.0148 5436 BthPan - ok19:46:37.0174 5436 [ A51FA9D0E85D5ADABEF72E67F386309C ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys19:46:37.0183 5436 BTHPORT - ok19:46:37.0252 5436 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll19:46:37.0255 5436 bthserv - ok19:46:37.0278 5436 [ F740B9A16B2C06700F2130E19986BF3B ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys19:46:37.0281 5436 BTHUSB - ok19:46:37.0329 5436 [ 73A1C54749FE4F0019241E36C796AB86 ] btwampfl C:\Windows\system32\drivers\btwampfl.sys19:46:37.0337 5436 btwampfl - ok19:46:37.0358 5436 [ 1872074ED0A3FB22E3F1E3197B984BFA ] btwaudio C:\Windows\system32\drivers\btwaudio.sys19:46:37.0360 5436 btwaudio - ok19:46:37.0388 5436 [ 691CF076C33AB1C3A5B2FD5450300733 ] btwavdt C:\Windows\system32\DRIVERS\btwavdt.sys19:46:37.0392 5436 btwavdt - ok19:46:37.0452 5436 [ 4E6AC6475EF653BDFFDA67A74B9591D8 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe19:46:37.0474 5436 btwdins - ok19:46:37.0502 5436 [ 07096D2BC22CCB6CEA5A532DF0BE8A75 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys19:46:37.0504 5436 btwl2cap - ok19:46:37.0520 5436 [ C9273B20DEC8CE38DBCE5D29DE63C907 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys19:46:37.0521 5436 btwrchid - ok19:46:37.0559 5436 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys19:46:37.0561 5436 cdfs - ok19:46:37.0628 5436 [ 83D2D75E1EFB81B3450C18131443F7DB ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys19:46:37.0632 5436 cdrom - ok19:46:37.0674 5436 [ 312E2F82AF11E79906898AC3E3D58A1F ] CertPropSvc C:\Windows\System32\certprop.dll19:46:37.0677 5436 CertPropSvc - ok19:46:37.0698 5436 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys19:46:37.0701 5436 circlass - ok19:46:37.0722 5436 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys19:46:37.0729 5436 CLFS - ok19:46:37.0779 5436 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe19:46:37.0782 5436 clr_optimization_v2.0.50727_32 - ok19:46:37.0813 5436 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe19:46:37.0816 5436 clr_optimization_v2.0.50727_64 - ok19:46:37.0927 5436 [ F53E15A89675B7489FABE74F2091568E ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe19:46:37.0931 5436 clr_optimization_v4.0.30319_32 - ok19:46:37.0945 5436 [ 101D397632B9007DF13E9A957EA68E04 ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe19:46:37.0947 5436 clr_optimization_v4.0.30319_64 - ok19:46:37.0997 5436 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys19:46:37.0998 5436 CmBatt - ok19:46:38.0039 5436 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys19:46:38.0041 5436 cmdide - ok19:46:38.0451 5436 [ F95FD4CB7DA00BA2A63CE9F6B5C053E1 ] CNG C:\Windows\system32\Drivers\cng.sys19:46:38.0460 5436 CNG - ok19:46:38.0471 5436 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys19:46:38.0474 5436 Compbatt - ok19:46:38.0491 5436 [ F26B3A86F6FA87CA360B879581AB4123 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys19:46:38.0492 5436 CompositeBus - ok19:46:38.0498 5436 COMSysApp - ok19:46:38.0503 5436 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys19:46:38.0505 5436 crcdisk - ok19:46:38.0531 5436 [ 8C57411B66282C01533CB776F98AD384 ] CryptSvc C:\Windows\system32\cryptsvc.dll19:46:38.0534 5436 CryptSvc - ok19:46:38.0590 5436 [ 7266972E86890E2B30C0C322E906B027 ] DcomLaunch C:\Windows\system32\rpcss.dll19:46:38.0602 5436 DcomLaunch - ok19:46:38.0620 5436 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll19:46:38.0625 5436 defragsvc - ok19:46:38.0667 5436 [ 9C253CE7311CA60FC11C774692A13208 ] DfsC C:\Windows\system32\Drivers\dfsc.sys19:46:38.0670 5436 DfsC - ok19:46:38.0718 5436 [ CE3B9562D997F69B330D181A8875960F ] Dhcp C:\Windows\system32\dhcpcore.dll19:46:38.0725 5436 Dhcp - ok19:46:38.0773 5436 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys19:46:38.0775 5436 discache - ok19:46:38.0802 5436 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys19:46:38.0804 5436 Disk - ok19:46:38.0842 5436 [ 85CF424C74A1D5EC33533E1DBFF9920A ] Dnscache C:\Windows\System32\dnsrslvr.dll19:46:38.0847 5436 Dnscache - ok19:46:38.0903 5436 [ 14452ACDB09B70964C8C21BF80A13ACB ] dot3svc C:\Windows\System32\dot3svc.dll19:46:38.0908 5436 dot3svc - ok19:46:38.0936 5436 [ 8C2BA6BEA949EE6E68385F5692BAFB94 ] DPS C:\Windows\system32\dps.dll19:46:38.0940 5436 DPS - ok19:46:38.0980 5436 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys19:46:38.0981 5436 drmkaud - ok19:46:39.0059 5436 [ 9CF46FDF163E06B83D03FF929EF2296C ] DsiWMIService C:\Program Files (x86)\Launch Manager\dsiwmis.exe19:46:39.0064 5436 DsiWMIService - ok19:46:39.0474 5436 [ EBCE0B0924835F635F620D19F0529DCE ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys19:46:39.0489 5436 DXGKrnl - ok19:46:39.0524 5436 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll19:46:39.0527 5436 EapHost - ok19:46:39.0627 5436 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys19:46:39.0709 5436 ebdrv - ok19:46:39.0742 5436 [ 0793F40B9B8A1BDD266296409DBD91EA ] EFS C:\Windows\System32\lsass.exe19:46:39.0746 5436 EFS - ok19:46:39.0823 5436 [ 47C071994C3F649F23D9CD075AC9304A ] ehRecvr C:\Windows\ehome\ehRecvr.exe19:46:39.0830 5436 ehRecvr - ok19:46:39.0861 5436 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe19:46:39.0932 5436 ehSched - ok19:46:39.0995 5436 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys19:46:40.0006 5436 elxstor - ok19:46:40.0093 5436 [ EB78FBD1C3DB8223EEB364D485627EF1 ] ePowerSvc C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe19:46:40.0101 5436 ePowerSvc - ok19:46:40.0125 5436 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys19:46:40.0126 5436 ErrDev - ok19:46:40.0191 5436 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll19:46:40.0199 5436 EventSystem - ok19:46:40.0290 5436 [ 334C907536E815E56CD13108A6D5FB9D ] ewusbmbb C:\Windows\system32\DRIVERS\ewusbwwan.sys19:46:40.0299 5436 ewusbmbb - ok19:46:40.0332 5436 [ 86F7951BBCEE4A86E79A97306BD14318 ] ew_hwusbdev C:\Windows\system32\DRIVERS\ew_hwusbdev.sys19:46:40.0334 5436 ew_hwusbdev - ok19:46:40.0398 5436 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys19:46:40.0403 5436 exfat - ok19:46:40.0438 5436 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys19:46:40.0442 5436 fastfat - ok19:46:40.0533 5436 [ D607B2F1BEE3992AA6C2C92C0A2F0855 ] Fax C:\Windows\system32\fxssvc.exe19:46:40.0550 5436 Fax - ok19:46:40.0575 5436 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys19:46:40.0577 5436 fdc - ok19:46:40.0598 5436 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll19:46:40.0601 5436 fdPHost - ok19:46:40.0611 5436 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll19:46:40.0614 5436 FDResPub - ok19:46:40.0650 5436 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys19:46:40.0652 5436 FileInfo - ok19:46:40.0681 5436 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys19:46:40.0683 5436 Filetrace - ok19:46:40.0695 5436 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys19:46:40.0697 5436 flpydisk - ok19:46:40.0707 5436 [ F7866AF72ABBAF84B1FA5AA195378C59 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys19:46:40.0712 5436 FltMgr - ok19:46:40.0761 5436 [ 8AC4CB4EA61E41009FAE9AE7B2B5DA3A ] FontCache C:\Windows\system32\FntCache.dll19:46:40.0797 5436 FontCache - ok19:46:40.0850 5436 [ 8D89E3131C27FDD6932189CB785E1B7A ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe19:46:40.0853 5436 FontCache3.0.0.0 - ok19:46:41.0052 5436 [ AA7DBB7B955DAB8438B1E222057692A7 ] Freemake Improver C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe19:46:41.0054 5436 Freemake Improver - ok19:46:41.0168 5436 [ CE0494485C1A7A5E8E9E6FD4F11E6D6F ] FreemakeVideoCapture C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe19:46:41.0169 5436 FreemakeVideoCapture - ok19:46:41.0200 5436 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys19:46:41.0203 5436 FsDepends - ok19:46:41.0232 5436 [ E95EF8547DE20CF0603557C0CF7A9462 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys19:46:41.0234 5436 Fs_Rec - ok19:46:41.0289 5436 [ AE87BA80D0EC3B57126ED2CDC15B24ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys19:46:41.0294 5436 fvevol - ok19:46:41.0329 5436 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys19:46:41.0333 5436 gagp30kx - ok19:46:41.0372 5436 [ FE5AB4525BC2EC68B9119A6E5D40128B ] gpsvc C:\Windows\System32\gpsvc.dll19:46:41.0388 5436 gpsvc - ok19:46:41.0438 5436 [ 0191DEE9B9EB7902AF2CF4F67301095D ] GREGService C:\Program Files (x86)\Acer\Registration\GREGsvc.exe19:46:41.0439 5436 GREGService - ok19:46:41.0569 5436 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe19:46:41.0572 5436 gupdate - ok19:46:41.0589 5436 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe19:46:41.0591 5436 gupdatem - ok19:46:41.0634 5436 [ C1B577B2169900F4CF7190C39F085794 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe19:46:41.0636 5436 gusvc - ok19:46:41.0668 5436 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys19:46:41.0671 5436 hcw85cir - ok19:46:41.0707 5436 [ 6410F6F415B2A5A9037224C41DA8BF12 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys19:46:41.0714 5436 HdAudAddService - ok19:46:41.0741 5436 [ 0A49913402747A0B67DE940FB42CBDBB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys19:46:41.0744 5436 HDAudBus - ok19:46:41.0778 5436 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys19:46:41.0780 5436 HECIx64 - ok19:46:41.0805 5436 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys19:46:41.0807 5436 HidBatt - ok19:46:41.0825 5436 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys19:46:41.0828 5436 HidBth - ok19:46:41.0859 5436 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys19:46:41.0862 5436 HidIr - ok19:46:41.0908 5436 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll19:46:41.0911 5436 hidserv - ok19:46:41.0949 5436 [ B3BF6B5B50006DEF50B66306D99FCF6F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys19:46:41.0951 5436 HidUsb - ok19:46:41.0968 5436 [ EFA58EDE58DD74388FFD04CB32681518 ] hkmsvc C:\Windows\system32\kmsvc.dll19:46:41.0973 5436 hkmsvc - ok19:46:42.0014 5436 [ 046B2673767CA626E2CFB7FDF735E9E8 ] HomeGroupListener C:\Windows\system32\ListSvc.dll19:46:42.0020 5436 HomeGroupListener - ok19:46:42.0073 5436 [ 06A7422224D9865A5613710A089987DF ] HomeGroupProvider C:\Windows\system32\provsvc.dll19:46:42.0080 5436 HomeGroupProvider - ok19:46:42.0128 5436 [ 0886D440058F203EBA0E1825E4355914 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys19:46:42.0131 5436 HpSAMD - ok19:46:42.0200 5436 [ CEE049CAC4EFA7F4E1E4AD014414A5D4 ] HTTP C:\Windows\system32\drivers\HTTP.sys19:46:42.0216 5436 HTTP - ok19:46:42.0259 5436 [ 1642C62F1FD5E1FF44608283994A7BB8 ] huawei_enumerator C:\Windows\system32\DRIVERS\ew_jubusenum.sys19:46:42.0261 5436 huawei_enumerator - ok19:46:42.0298 5436 [ 04D1DE1E8ACE40CA396502C90524E945 ] hwdatacard C:\Windows\system32\DRIVERS\ewusbmdm.sys19:46:42.0302 5436 hwdatacard - ok19:46:42.0336 5436 HWDeviceService64.exe - ok19:46:42.0362 5436 [ F17766A19145F111856378DF337A5D79 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys19:46:42.0363 5436 hwpolicy - ok19:46:42.0386 5436 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys19:46:42.0389 5436 i8042prt - ok19:46:42.0403 5436 [ ABBF174CB394F5C437410A788B7E404A ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys19:46:42.0409 5436 iaStor - ok19:46:42.0461 5436 [ 31A0E93CDF29007D6C6FFFB632F375ED ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe19:46:42.0462 5436 IAStorDataMgrSvc - ok19:46:42.0500 5436 [ D83EFB6FD45DF9D55E9A1AFC63640D50 ] iaStorV C:\Windows\system32\DRIVERS\iaStorV.sys19:46:42.0506 5436 iaStorV - ok19:46:42.0573 5436 [ 38106C7BD34EAE89D2769AC0BA2E846B ] Idea Net Setter. RunOuc C:\Program Files (x86)\Idea Net Setter\UpdateDog\ouc.exe19:46:42.0576 5436 Idea Net Setter. RunOuc - ok19:46:42.0631 5436 [ 2A63036283B36B3B68CDC6F85A7D53ED ] IDMWFP C:\Windows\system32\DRIVERS\idmwfp.sys19:46:42.0635 5436 IDMWFP - ok19:46:42.0685 5436 [ 2F2BE70D3E02B6FA877921AB9516D43C ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe19:46:42.0692 5436 idsvc - ok19:46:42.0737 5436 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys19:46:42.0739 5436 iirsp - ok19:46:42.0790 5436 [ C5B4683680DF085B57BC53E5EF34861F ] IKEEXT C:\Windows\System32\ikeext.dll19:46:42.0807 5436 IKEEXT - ok19:46:42.0852 5436 [ 4B6363CD4610BB848531BB260B15DFCC ] Impcd C:\Windows\system32\DRIVERS\Impcd.sys19:46:42.0855 5436 Impcd - ok19:46:42.0956 5436 [ CB5FD9B681AD43B560490B5283DDC1C1 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys19:46:43.0012 5436 IntcAzAudAddService - ok19:46:43.0031 5436 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\DRIVERS\intelide.sys19:46:43.0033 5436 intelide - ok19:46:43.0245 5436 [ B744E1375CD1DB3EB7B89781B8C93D9F ] intelkmd C:\Windows\system32\DRIVERS\igdpmd64.sys19:46:43.0452 5436 intelkmd - ok19:46:43.0503 5436 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys19:46:43.0505 5436 intelppm - ok19:46:43.0531 5436 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll19:46:43.0537 5436 IPBusEnum - ok19:46:43.0555 5436 [ 722DD294DF62483CECAAE6E094B4D695 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys19:46:43.0558 5436 IpFilterDriver - ok19:46:43.0607 5436 [ F8E058D17363EC580E4B7232778B6CB5 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll19:46:43.0618 5436 iphlpsvc - ok19:46:43.0640 5436 [ E2B4A4494DB7CB9B89B55CA268C337C5 ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys19:46:43.0642 5436 IPMIDRV - ok19:46:43.0669 5436 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys19:46:43.0672 5436 IPNAT - ok19:46:43.0710 5436 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys19:46:43.0712 5436 IRENUM - ok19:46:43.0731 5436 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys19:46:43.0733 5436 isapnp - ok19:46:43.0754 5436 [ FA4D2557DE56D45B0A346F93564BE6E1 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys19:46:43.0759 5436 iScsiPrt - ok19:46:43.0804 5436 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys19:46:43.0807 5436 kbdclass - ok19:46:43.0840 5436 [ 6DEF98F8541E1B5DCEB2C822A11F7323 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys19:46:43.0842 5436 kbdhid - ok19:46:43.0864 5436 [ 0793F40B9B8A1BDD266296409DBD91EA ] KeyIso C:\Windows\system32\lsass.exe19:46:43.0889 5436 KeyIso - ok19:46:43.0895 5436 [ E8B6FCC9C83535C67F835D407620BD27 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys19:46:43.0898 5436 KSecDD - ok19:46:43.0905 5436 [ A8C63880EF6F4D3FEC7B616B9C060215 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys19:46:43.0909 5436 KSecPkg - ok19:46:43.0933 5436 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys19:46:43.0935 5436 ksthunk - ok19:46:43.0967 5436 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll19:46:43.0976 5436 KtmRm - ok19:46:44.0011 5436 [ A4A9CA24E54E81C6C3E469EAEB4B3F42 ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys19:46:44.0014 5436 L1C - ok19:46:44.0078 5436 [ 81F1D04D4D0E433099365127375FD501 ] LanmanServer C:\Windows\system32\srvsvc.dll19:46:44.0088 5436 LanmanServer - ok19:46:44.0119 5436 [ 27026EAC8818E8A6C00A1CAD2F11D29A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll19:46:44.0128 5436 LanmanWorkstation - ok19:46:44.0157 5436 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys19:46:44.0159 5436 lltdio - ok19:46:44.0179 5436 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll19:46:44.0188 5436 lltdsvc - ok19:46:44.0225 5436 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll19:46:44.0229 5436 lmhosts - ok19:46:44.0296 5436 [ 23D990150D56B670A62B21B9ABDD45EE ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe19:46:44.0300 5436 LMS - ok19:46:44.0341 5436 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys19:46:44.0344 5436 LSI_FC - ok19:46:44.0368 5436 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys19:46:44.0371 5436 LSI_SAS - ok19:46:44.0390 5436 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys19:46:44.0393 5436 LSI_SAS2 - ok19:46:44.0400 5436 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys19:46:44.0403 5436 LSI_SCSI - ok19:46:44.0436 5436 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys19:46:44.0439 5436 luafv - ok19:46:44.0493 5436 [ 0BB97D43299910CBFBA59C461B99B910 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys19:46:44.0495 5436 MBAMProtector - ok19:46:44.0548 5436 [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe19:46:44.0553 5436 MBAMScheduler - ok19:46:44.0579 5436 [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe19:46:44.0585 5436 MBAMService - ok19:46:44.0637 5436 [ F84C8F1000BC11E3B7B23CBD3BAFF111 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll19:46:44.0643 5436 Mcx2Svc - ok19:46:44.0674 5436 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys19:46:44.0676 5436 megasas - ok19:46:44.0723 5436 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys19:46:44.0727 5436 MegaSR - ok19:46:45.0197 5436 [ FAFE367D032ED82E9332B4C741A20216 ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe19:46:45.0199 5436 Microsoft Office Groove Audit Service - ok19:46:45.0250 5436 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll19:46:45.0255 5436 MMCSS - ok19:46:45.0272 5436 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys19:46:45.0274 5436 Modem - ok19:46:45.0303 5436 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys19:46:45.0304 5436 monitor - ok19:46:45.0324 5436 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys19:46:45.0326 5436 mouclass - ok19:46:45.0352 5436 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys19:46:45.0354 5436 mouhid - ok19:46:45.0369 5436 [ 791AF66C4D0E7C90A3646066386FB571 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys19:46:45.0372 5436 mountmgr - ok19:46:45.0446 5436 [ 8A7C8F4C713E70D73946833D76B77035 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe19:46:45.0449 5436 MozillaMaintenance - ok19:46:45.0484 5436 [ 609D1D87649ECC19796F4D76D4C15CEA ] mpio C:\Windows\system32\DRIVERS\mpio.sys19:46:45.0488 5436 mpio - ok19:46:45.0505 5436 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys19:46:45.0508 5436 mpsdrv - ok19:46:45.0549 5436 [ AECAB449567D1846DAD63ECE49E893E3 ] MpsSvc C:\Windows\system32\mpssvc.dll19:46:45.0569 5436 MpsSvc - ok19:46:45.0587 5436 [ 30524261BB51D96D6FCBAC20C810183C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys19:46:45.0591 5436 MRxDAV - ok19:46:45.0608 5436 [ 040D62A9D8AD28922632137ACDD984F2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys19:46:45.0611 5436 mrxsmb - ok19:46:45.0635 5436 [ A8C2D7673C8A010569390C826A0EFAF4 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys19:46:45.0640 5436 mrxsmb10 - ok19:46:45.0651 5436 [ 3C142D31DE9F2F193218A53FE2632051 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys19:46:45.0654 5436 mrxsmb20 - ok19:46:45.0682 5436 [ 5C37497276E3B3A5488B23A326A754B7 ] msahci C:\Windows\system32\DRIVERS\msahci.sys19:46:45.0684 5436 msahci - ok19:46:45.0708 5436 [ 8D27B597229AED79430FB9DB3BCBFBD0 ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys19:46:45.0712 5436 msdsm - ok19:46:45.0755 5436 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe19:46:45.0760 5436 MSDTC - ok19:46:45.0791 5436 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys19:46:45.0793 5436 Msfs - ok19:46:45.0811 5436 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys19:46:45.0812 5436 mshidkmdf - ok19:46:45.0817 5436 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys19:46:45.0819 5436 msisadrv - ok19:46:45.0845 5436 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll19:46:45.0849 5436 MSiSCSI - ok19:46:45.0854 5436 msiserver - ok19:46:45.0894 5436 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys19:46:45.0937 5436 MSKSSRV - ok19:46:45.0960 5436 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys19:46:45.0962 5436 MSPCLOCK - ok19:46:45.0975 5436 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys19:46:45.0977 5436 MSPQM - ok19:46:45.0998 5436 [ 89CB141AA8616D8C6A4610FA26C60964 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys19:46:46.0004 5436 MsRPC - ok19:46:46.0011 5436 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys19:46:46.0012 5436 mssmbios - ok19:46:46.0031 5436 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys19:46:46.0033 5436 MSTEE - ok19:46:46.0050 5436 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys19:46:46.0051 5436 MTConfig - ok19:46:46.0057 5436 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys19:46:46.0059 5436 Mup - ok19:46:46.0083 5436 [ 6FFECC25B39DC7652A0CEC0ADA9DB589 ] mwlPSDFilter C:\Windows\system32\DRIVERS\mwlPSDFilter.sys19:46:46.0085 5436 mwlPSDFilter - ok19:46:46.0094 5436 [ 0BEFE32CA56D6EE89D58175725596A85 ] mwlPSDNServ C:\Windows\system32\DRIVERS\mwlPSDNServ.sys19:46:46.0096 5436 mwlPSDNServ - ok19:46:46.0108 5436 [ D43BC633B8660463E446E28E14A51262 ] mwlPSDVDisk C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys19:46:46.0110 5436 mwlPSDVDisk - ok19:46:46.0162 5436 [ 3E5E20817259F7328C8F3BE5421F35B9 ] MWLService C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe19:46:46.0167 5436 MWLService - ok19:46:46.0238 5436 MySQL - ok19:46:46.0273 5436 [ 4987E079A4530FA737A128BE54B63B12 ] napagent C:\Windows\system32\qagentRT.dll19:46:46.0285 5436 napagent - ok19:46:46.0327 5436 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys19:46:46.0332 5436 NativeWifiP - ok19:46:46.0360 5436 [ CAD515DBD07D082BB317D9928CE8962C ] NDIS C:\Windows\system32\drivers\ndis.sys19:46:46.0372 5436 NDIS - ok19:46:46.0397 5436 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys19:46:46.0399 5436 NdisCap - ok19:46:46.0412 5436 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys19:46:46.0413 5436 NdisTapi - ok19:46:46.0418 5436 [ F105BA1E22BF1F2EE8F005D4305E4BEC ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys19:46:46.0420 5436 Ndisuio - ok19:46:46.0425 5436 [ 557DFAB9CA1FCB036AC77564C010DAD3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys19:46:46.0428 5436 NdisWan - ok19:46:46.0433 5436 [ 659B74FB74B86228D6338D643CD3E3CF ] NDProxy C:\Windows\system32\drivers\NDProxy.sys19:46:46.0434 5436 NDProxy - ok19:46:46.0438 5436 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys19:46:46.0440 5436 NetBIOS - ok19:46:46.0453 5436 [ 9162B273A44AB9DCE5B44362731D062A ] NetBT C:\Windows\system32\DRIVERS\netbt.sys19:46:46.0457 5436 NetBT - ok19:46:46.0474 5436 [ 0793F40B9B8A1BDD266296409DBD91EA ] Netlogon C:\Windows\system32\lsass.exe19:46:46.0477 5436 Netlogon - ok19:46:46.0505 5436 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll19:46:46.0512 5436 Netman - ok19:46:46.0554 5436 [ 7E9228C814C0D0B551AF9A114B7E0B16 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe19:46:46.0558 5436 NetMsmqActivator - ok19:46:46.0565 5436 [ 7E9228C814C0D0B551AF9A114B7E0B16 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe19:46:46.0567 5436 NetPipeActivator - ok19:46:46.0580 5436 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll19:46:46.0590 5436 netprofm - ok19:46:46.0599 5436 [ 7E9228C814C0D0B551AF9A114B7E0B16 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe19:46:46.0602 5436 NetTcpActivator - ok19:46:46.0607 5436 [ 7E9228C814C0D0B551AF9A114B7E0B16 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe19:46:46.0610 5436 NetTcpPortSharing - ok19:46:46.0632 5436 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys19:46:46.0634 5436 nfrd960 - ok19:46:46.0667 5436 [ D9A0CE66046D6EFA0C61BAA885CBA0A8 ] NlaSvc C:\Windows\System32\nlasvc.dll19:46:46.0673 5436 NlaSvc - ok19:46:46.0713 5436 [ 351533ACC2A069B94E80BBFC177E8FDF ] npf C:\Windows\system32\drivers\npf.sys19:46:46.0715 5436 npf - ok19:46:46.0734 5436 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys19:46:46.0736 5436 Npfs - ok19:46:46.0740 5436 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll19:46:46.0744 5436 nsi - ok19:46:46.0748 5436 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys19:46:46.0750 5436 nsiproxy - ok19:46:46.0783 5436 [ 356698A13C4630D5B31C37378D469196 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys19:46:46.0803 5436 Ntfs - ok19:46:46.0853 5436 [ 9A308FCDCCA98A15B6F62D36A272160E ] NTI IScheduleSvc C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe19:46:46.0856 5436 NTI IScheduleSvc - ok19:46:46.0882 5436 [ 710263B44C1D1AEE07525A53401FBE48 ] NTIDrvr C:\Windows\system32\drivers\NTIDrvr.sys19:46:46.0884 5436 NTIDrvr - ok19:46:46.0915 5436 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys19:46:46.0916 5436 Null - ok19:46:46.0948 5436 [ 3E38712941E9BB4DDBEE00AFFE3FED3D ] nvraid C:\Windows\system32\DRIVERS\nvraid.sys19:46:46.0952 5436 nvraid - ok19:46:46.0973 5436 [ 477DC4D6DEB99BE37084C9AC6D013DA1 ] nvstor C:\Windows\system32\DRIVERS\nvstor.sys19:46:46.0978 5436 nvstor - ok19:46:47.0020 5436 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys19:46:47.0023 5436 nv_agp - ok19:46:47.0091 5436 [ BA7DAC1B8A86D9402C3E04E1FCAA600D ] ODDPwrSvc C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe19:46:47.0094 5436 ODDPwrSvc - ok19:46:47.0158 5436 [ 84DE1DD996B48B05ACE31AD015FA108A ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE19:46:47.0166 5436 odserv - ok19:46:47.0186 5436 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys19:46:47.0189 5436 ohci1394 - ok19:46:47.0225 5436 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE19:46:47.0227 5436 ose - ok19:46:47.0268 5436 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll19:46:47.0277 5436 p2pimsvc - ok19:46:47.0321 5436 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll19:46:47.0331 5436 p2psvc - ok19:46:47.0361 5436 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys19:46:47.0364 5436 Parport - ok19:46:47.0384 5436 [ 7DAA117143316C4A1537E074A5A9EAF0 ] partmgr C:\Windows\system32\drivers\partmgr.sys19:46:47.0387 5436 partmgr - ok19:46:47.0400 5436 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll19:46:47.0407 5436 PcaSvc - ok19:46:47.0414 5436 [ F36F6504009F2FB0DFD1B17A116AD74B ] pci C:\Windows\system32\DRIVERS\pci.sys19:46:47.0418 5436 pci - ok19:46:47.0431 5436 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\DRIVERS\pciide.sys19:46:47.0433 5436 pciide - ok19:46:47.0457 5436 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys19:46:47.0461 5436 pcmcia - ok19:46:47.0464 5436 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys19:46:47.0467 5436 pcw - ok19:46:47.0496 5436 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys19:46:47.0502 5436 PEAUTH - ok19:46:47.0593 5436 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe19:46:47.0597 5436 PerfHost - ok19:46:47.0661 5436 [ 557E9A86F65F0DE18C9B6751DFE9D3F1 ] pla C:\Windows\system32\pla.dll19:46:47.0705 5436 pla - ok19:46:47.0759 5436 [ 98B1721B8718164293B9701B98C52D77 ] PlugPlay C:\Windows\system32\umpnpmgr.dll19:46:47.0769 5436 PlugPlay - ok19:46:47.0788 5436 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll19:46:47.0793 5436 PNRPAutoReg - ok19:46:47.0812 5436 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll19:46:47.0819 5436 PNRPsvc - ok19:46:47.0853 5436 [ 166EB40D1F5B47E615DE3D0FFFE5F243 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll19:46:47.0862 5436 PolicyAgent - ok19:46:47.0923 5436 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll19:46:47.0930 5436 Power - ok19:46:47.0969 5436 [ 27CC19E81BA5E3403C48302127BDA717 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys19:46:47.0972 5436 PptpMiniport - ok19:46:48.0002 5436 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys19:46:48.0004 5436 Processor - ok19:46:48.0033 5436 [ F381975E1F4346DE875CB07339CE8D3A ] ProfSvc C:\Windows\system32\profsvc.dll19:46:48.0040 5436 ProfSvc - ok19:46:48.0052 5436 [ 0793F40B9B8A1BDD266296409DBD91EA ] ProtectedStorage C:\Windows\system32\lsass.exe19:46:48.0056 5436 ProtectedStorage - ok19:46:48.0084 5436 [ EE992183BD8EAEFD9973F352E587A299 ] Psched C:\Windows\system32\DRIVERS\pacer.sys19:46:48.0088 5436 Psched - ok19:46:48.0179 5436 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys19:46:48.0225 5436 ql2300 - ok19:46:48.0245 5436 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys19:46:48.0247 5436 ql40xx - ok19:46:48.0287 5436 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll19:46:48.0295 5436 QWAVE - ok19:46:48.0322 5436 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys19:46:48.0324 5436 QWAVEdrv - ok19:46:48.0341 5436 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys19:46:48.0343 5436 RasAcd - ok19:46:48.0388 5436 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys19:46:48.0390 5436 RasAgileVpn - ok19:46:48.0426 5436 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll19:46:48.0432 5436 RasAuto - ok19:46:48.0455 5436 [ 87A6E852A22991580D6D39ADC4790463 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys19:46:48.0459 5436 Rasl2tp - ok19:46:48.0495 5436 [ 47394ED3D16D053F5906EFE5AB51CC83 ] RasMan C:\Windows\System32\rasmans.dll19:46:48.0504 5436 RasMan - ok19:46:48.0510 5436 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys19:46:48.0512 5436 RasPppoe - ok19:46:48.0518 5436 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys19:46:48.0521 5436 RasSstp - ok19:46:48.0530 5436 [ 3BAC8142102C15D59A87757C1D41DCE5 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys19:46:48.0534 5436 rdbss - ok19:46:48.0542 5436 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys19:46:48.0544 5436 rdpbus - ok19:46:48.0575 5436 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys19:46:48.0577 5436 RDPCDD - ok19:46:48.0594 5436 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys19:46:48.0595 5436 RDPENCDD - ok19:46:48.0603 5436 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys19:46:48.0604 5436 RDPREFMP - ok19:46:48.0621 5436 [ 8A3E6BEA1C53EA6177FE2B6EBA2C80D7 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys19:46:48.0625 5436 RDPWD - ok19:46:48.0654 5436 [ E5DC9BA9E439D6DBDD79F8CAACB5BF01 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys19:46:48.0658 5436 rdyboost - ok19:46:48.0697 5436 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll19:46:48.0700 5436 RemoteAccess - ok19:46:48.0759 5436 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll19:46:48.0766 5436 RemoteRegistry - ok19:46:48.0809 5436 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys19:46:48.0813 5436 RFCOMM - ok19:46:48.0879 5436 [ F12A68ED55053940CADD59CA5E3468DD ] RichVideo C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe19:46:48.0882 5436 RichVideo - ok19:46:48.0898 5436 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll19:46:48.0904 5436 RpcEptMapper - ok19:46:48.0933 5436 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe19:46:48.0937 5436 RpcLocator - ok19:46:48.0967 5436 [ 7266972E86890E2B30C0C322E906B027 ] RpcSs C:\Windows\system32\rpcss.dll19:46:48.0975 5436 RpcSs - ok19:46:49.0022 5436 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys19:46:49.0024 5436 rspndr - ok19:46:49.0070 5436 [ 7CB9F0FDD730F4A4ECF6CDE15EA12E8A ] RS_Service C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe19:46:49.0074 5436 RS_Service - ok19:46:49.0085 5436 [ 0793F40B9B8A1BDD266296409DBD91EA ] SamSs C:\Windows\system32\lsass.exe19:46:49.0089 5436 SamSs - ok19:46:49.0110 5436 [ E3BBB89983DAF5622C1D50CF49F28227 ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys19:46:49.0113 5436 sbp2port - ok19:46:49.0148 5436 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll19:46:49.0156 5436 SCardSvr - ok19:46:49.0182 5436 [ C94DA20C7E3BA1DCA269BC8460D98387 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys19:46:49.0184 5436 scfilter - ok19:46:49.0257 5436 [ 624D0F5FF99428BB90A5B8A4123E918E ] Schedule C:\Windows\system32\schedsvc.dll19:46:49.0291 5436 Schedule - ok19:46:49.0319 5436 [ 312E2F82AF11E79906898AC3E3D58A1F ] SCPolicySvc C:\Windows\System32\certprop.dll19:46:49.0321 5436 SCPolicySvc - ok19:46:49.0347 5436 [ 765A27C3279CE11D14CB9E4F5869FCA5 ] SDRSVC C:\Windows\System32\SDRSVC.dll19:46:49.0356 5436 SDRSVC - ok19:46:49.0421 5436 [ 331E7BDE228914574FC9AE6CD520DAFA ] SeaPort C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe19:46:49.0425 5436 SeaPort - ok19:46:49.0455 5436 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys19:46:49.0457 5436 secdrv - ok19:46:49.0480 5436 [ 463B386EBC70F98DA5DFF85F7E654346 ] seclogon C:\Windows\system32\seclogon.dll19:46:49.0485 5436 seclogon - ok19:46:49.0503 5436 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll19:46:49.0509 5436 SENS - ok19:46:49.0525 5436 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll19:46:49.0531 5436 SensrSvc - ok19:46:49.0543 5436 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys19:46:49.0545 5436 Serenum - ok19:46:49.0561 5436 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys19:46:49.0564 5436 Serial - ok19:46:49.0610 5436 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys19:46:49.0612 5436 sermouse - ok19:46:49.0649 5436 [ C3BC61CE47FF6F4E88AB8A3B429A36AF ] SessionEnv C:\Windows\system32\sessenv.dll19:46:49.0655 5436 SessionEnv - ok19:46:49.0676 5436 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys19:46:49.0679 5436 sffdisk - ok19:46:49.0693 5436 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\DRIVERS\sffp_mmc.sys19:46:49.0696 5436 sffp_mmc - ok19:46:49.0707 5436 [ 178298F767FE638C9FEDCBDEF58BB5E4 ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys19:46:49.0709 5436 sffp_sd - ok19:46:49.0721 5436 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys19:46:49.0723 5436 sfloppy - ok19:46:49.0756 5436 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll19:46:49.0764 5436 SharedAccess - ok19:46:49.0812 5436 [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF ] ShellHWDetection C:\Windows\System32\shsvcs.dll19:46:49.0821 5436 ShellHWDetection - ok19:46:49.0852 5436 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys19:46:49.0854 5436 SiSRaid2 - ok19:46:49.0873 5436 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys19:46:49.0904 5436 SiSRaid4 - ok19:46:50.0115 5436 [ EB17DF573B4423DF0B3B2EE3B268A6DE ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe19:46:50.0195 5436 Skype C2C Service - ok19:46:50.0288 5436 [ CA058CB8320CF9E3F978D729E55C82CF ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe19:46:50.0292 5436 SkypeUpdate - ok19:46:50.0331 5436 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys19:46:50.0336 5436 Smb - ok19:46:50.0400 5436 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe19:46:50.0406 5436 SNMPTRAP - ok19:46:50.0422 5436 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys19:46:50.0424 5436 spldr - ok19:46:50.0454 5436 [ F8E1FA03CB70D54A9892AC88B91D1E7B ] Spooler C:\Windows\System32\spoolsv.exe19:46:50.0471 5436 Spooler - ok19:46:50.0566 5436 [ 913D843498553A1BC8F8DBAD6358E49F ] sppsvc C:\Windows\system32\sppsvc.exe19:46:50.0659 5436 sppsvc - ok19:46:50.0672 5436 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll19:46:50.0676 5436 sppuinotify - ok19:46:50.0710 5436 [ 2408C0366D96BCDF63E8F1C78E4A29C5 ] srv C:\Windows\system32\DRIVERS\srv.sys19:46:50.0716 5436 srv - ok19:46:50.0755 5436 [ 76548F7B818881B47D8D1AE1BE9C11F8 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys19:46:50.0763 5436 srv2 - ok19:46:50.0799 5436 [ 0AF6E19D39C70844C5CAA8FB0183C36E ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys19:46:50.0803 5436 srvnet - ok19:46:50.0831 5436 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll19:46:50.0839 5436 SSDPSRV - ok19:46:50.0845 5436 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll19:46:50.0852 5436 SstpSvc - ok19:46:50.0868 5436 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys19:46:50.0871 5436 stexstor - ok19:46:50.0975 5436 [ 52D0E33B681BD0F33FDC08812FEE4F7D ] stisvc C:\Windows\System32\wiaservc.dll19:46:50.0989 5436 stisvc - ok19:46:51.0006 5436 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys19:46:51.0008 5436 swenum - ok19:46:51.0045 5436 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll19:46:51.0062 5436 swprv - ok19:46:51.0125 5436 [ CE9B5A79AEE330BC7E88C0441E5727BB ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys19:46:51.0131 5436 SynTP - ok19:46:51.0184 5436 [ 3C1284516A62078FB68F768DE4F1A7BE ] SysMain C:\Windows\system32\sysmain.dll19:46:51.0237 5436 SysMain - ok19:46:51.0261 5436 [ 238935C3CF2854886DC7CBB2A0E2CC66 ] TabletInputService C:\Windows\System32\TabSvc.dll19:46:51.0268 5436 TabletInputService - ok19:46:51.0285 5436 [ 884264AC597B690C5707C89723BB8E7B ] TapiSrv C:\Windows\System32\tapisrv.dll19:46:51.0294 5436 TapiSrv - ok19:46:51.0316 5436 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll19:46:51.0320 5436 TBS - ok19:46:51.0397 5436 [ 61DC720BB065D607D5823F13D2A64321 ] Tcpip C:\Windows\system32\drivers\tcpip.sys19:46:51.0465 5436 Tcpip - ok19:46:51.0522 5436 [ 61DC720BB065D607D5823F13D2A64321 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys19:46:51.0535 5436 TCPIP6 - ok19:46:51.0562 5436 [ 76D078AF6F587B162D50210F761EB9ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys19:46:51.0564 5436 tcpipreg - ok19:46:51.0585 5436 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys19:46:51.0587 5436 TDPIPE - ok19:46:51.0593 5436 [ E4245BDA3190A582D55ED09E137401A9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys19:46:51.0595 5436 TDTCP - ok19:46:51.0600 5436 [ 079125C4B17B01FCAEEBCE0BCB290C0F ] tdx C:\Windows\system32\DRIVERS\tdx.sys19:46:51.0603 5436 tdx - ok19:46:51.0624 5436 [ C448651339196C0E869A355171875522 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys19:46:51.0626 5436 TermDD - ok19:46:51.0652 5436 [ 0F05EC2887BFE197AD82A13287D2F404 ] TermService C:\Windows\System32\termsrv.dll19:46:51.0667 5436 TermService - ok19:46:51.0684 5436 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll19:46:51.0688 5436 Themes - ok19:46:51.0705 5436 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll19:46:51.0707 5436 THREADORDER - ok19:46:51.0717 5436 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll19:46:51.0722 5436 TrkWks - ok19:46:51.0772 5436 [ 840F7FB849F5887A49BA18C13B2DA920 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe19:46:51.0775 5436 TrustedInstaller - ok19:46:51.0808 5436 [ 61B96C26131E37B24E93327A0BD1FB95 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys19:46:51.0810 5436 tssecsrv - ok19:46:51.0844 5436 [ 3836171A2CDF3AF8EF10856DB9835A70 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys19:46:51.0848 5436 tunnel - ok19:46:51.0902 5436 [ 825E7A1F48FB8BCFBA27C178AAB4E275 ] TurboB C:\Windows\system32\DRIVERS\TurboB.sys19:46:51.0926 5436 TurboB - ok19:46:51.0983 5436 [ B206BE1174D5964D49A56BB6C4E0524A ] TurboBoost C:\Program Files\Intel\TurboBoost\TurboBoost.exe19:46:51.0985 5436 TurboBoost - ok19:46:52.0014 5436 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys19:46:52.0017 5436 uagp35 - ok19:46:52.0039 5436 [ 40079B0B801C5432BA435B5AD61CE6E3 ] UBHelper C:\Windows\system32\drivers\UBHelper.sys19:46:52.0041 5436 UBHelper - ok19:46:52.0064 5436 [ D47BAEAD86C65D4F4069D7CE0A4EDCEB ] udfs C:\Windows\system32\DRIVERS\udfs.sys19:46:52.0071 5436 udfs - ok19:46:52.0191 5436 [ 503D393875AB9844C0CE8B3718348F8A ] UDisk Monitor C:\Program Files\TATA Photon Whiz Dialer\bin\MonServiceUDisk.exe19:46:52.0197 5436 UDisk Monitor - ok19:46:52.0231 5436 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe19:46:52.0238 5436 UI0Detect - ok19:46:52.0278 5436 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys19:46:52.0281 5436 uliagpkx - ok19:46:52.0322 5436 [ EAB6C35E62B1B0DB0D1B48B671D3A117 ] umbus C:\Windows\system32\DRIVERS\umbus.sys19:46:52.0325 5436 umbus - ok19:46:52.0349 5436 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys19:46:52.0351 5436 UmPass - ok19:46:52.0478 5436 [ CBDEE152D73200EE49031A26310B9D3E ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe19:46:52.0495 5436 UNS - ok19:46:52.0542 5436 [ F9EC9ACD504D823D9B9CA98A4F8D3CA2 ] Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe19:46:52.0543 5436 Updater Service - ok19:46:52.0579 5436 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll19:46:52.0591 5436 upnphost - ok19:46:52.0625 5436 [ B26AFB54A534D634523C4FB66765B026 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys19:46:52.0628 5436 usbccgp - ok19:46:52.0661 5436 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys19:46:52.0665 5436 usbcir - ok19:46:52.0671 5436 [ 2EA4AFF7BE7EB4632E3AA8595B0803B5 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys19:46:52.0673 5436 usbehci - ok19:46:52.0699 5436 [ 4C9042B8DF86C1E8E6240C218B99B39B ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys19:46:52.0705 5436 usbhub - ok19:46:52.0720 5436 [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys19:46:52.0723 5436 usbohci - ok19:46:52.0742 5436 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys19:46:52.0744 5436 usbprint - ok19:46:52.0787 5436 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys19:46:52.0790 5436 usbscan - ok19:46:52.0813 5436 [ 080D3820DA6C046BE82FC8B45A893E83 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS19:46:52.0817 5436 USBSTOR - ok19:46:52.0835 5436 [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys19:46:52.0837 5436 usbuhci - ok19:46:52.0895 5436 [ 7CB8C573C6E4A2714402CC0A36EAB4FE ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys19:46:52.0900 5436 usbvideo - ok19:46:52.0934 5436 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll19:46:52.0941 5436 UxSms - ok19:46:52.0952 5436 [ 0793F40B9B8A1BDD266296409DBD91EA ] VaultSvc C:\Windows\system32\lsass.exe19:46:52.0955 5436 VaultSvc - ok19:46:52.0990 5436 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys19:46:52.0993 5436 vdrvroot - ok19:46:53.0019 5436 [ 44D73E0BBC1D3C8981304BA15135C2F2 ] vds C:\Windows\System32\vds.exe19:46:53.0037 5436 vds - ok19:46:53.0058 5436 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys19:46:53.0060 5436 vga - ok19:46:53.0066 5436 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys19:46:53.0068 5436 VgaSave - ok19:46:53.0089 5436 [ C82E748660F62A242B2DFAC1442F22A4 ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys19:46:53.0094 5436 vhdmp - ok19:46:53.0111 5436 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\DRIVERS\viaide.sys19:46:53.0113 5436 viaide - ok19:46:53.0120 5436 [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3 ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys19:46:53.0123 5436 volmgr - ok19:46:53.0132 5436 [ 99B0CBB569CA79ACAED8C91461D765FB ] volmgrx C:\Windows\system32\drivers\volmgrx.sys19:46:53.0138 5436 volmgrx - ok19:46:53.0158 5436 [ 58F82EED8CA24B461441F9C3E4F0BF5C ] volsnap C:\Windows\system32\DRIVERS\volsnap.sys19:46:53.0162 5436 volsnap - ok19:46:53.0193 5436 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys19:46:53.0196 5436 vsmraid - ok19:46:53.0255 5436 [ 787898BF9FB6D7BD87A36E2D95C899BA ] VSS C:\Windows\system32\vssvc.exe19:46:53.0293 5436 VSS - ok19:46:53.0297 5436 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys19:46:53.0298 5436 vwifibus - ok19:46:53.0303 5436 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys19:46:53.0305 5436 vwififlt - ok19:46:53.0351 5436 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys19:46:53.0352 5436 vwifimp - ok19:46:53.0402 5436 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll19:46:53.0409 5436 W32Time - ok19:46:53.0424 5436 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys19:46:53.0426 5436 WacomPen - ok19:46:53.0516 5436 wampmysqld - ok19:46:53.0570 5436 [ 47CA49400643EFFD3F1C9A27E1D69324 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys19:46:53.0573 5436 WANARP - ok19:46:53.0591 5436 [ 47CA49400643EFFD3F1C9A27E1D69324 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys19:46:53.0593 5436 Wanarpv6 - ok19:46:53.0663 5436 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe19:46:53.0696 5436 WatAdminSvc - ok19:46:53.0759 5436 [ 5AB1BB85BD8B5089CC5D64200DEDAE68 ] wbengine C:\Windows\system32\wbengine.exe19:46:53.0805 5436 wbengine - ok19:46:53.0829 5436 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll19:46:53.0837 5436 WbioSrvc - ok19:46:53.0871 5436 [ DD1BAE8EBFC653824D29CCF8C9054D68 ] wcncsvc C:\Windows\System32\wcncsvc.dll19:46:53.0939 5436 wcncsvc - ok19:46:53.0970 5436 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll19:46:53.0977 5436 WcsPlugInService - ok19:46:54.0005 5436 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys19:46:54.0007 5436 Wd - ok19:46:54.0022 5436 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys19:46:54.0034 5436 Wdf01000 - ok19:46:54.0080 5436 [ 7F681EEF56F16050033349EEBE0E45BF ] wdf_usb C:\Windows\system32\DRIVERS\usb2ser.sys19:46:54.0082 5436 wdf_usb - ok19:46:54.0112 5436 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll19:46:54.0120 5436 WdiServiceHost - ok19:46:54.0125 5436 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll19:46:54.0132 5436 WdiSystemHost - ok19:46:54.0171 5436 [ 733006127F235BE7C35354EBEE7B9A7B ] WebClient C:\Windows\System32\webclnt.dll19:46:54.0181 5436 WebClient - ok19:46:54.0209 5436 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll19:46:54.0217 5436 Wecsvc - ok19:46:54.0237 5436 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll19:46:54.0244 5436 wercplsupport - ok19:46:54.0263 5436 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll19:46:54.0270 5436 WerSvc - ok19:46:54.0290 5436 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys19:46:54.0292 5436 WfpLwf - ok19:46:54.0320 5436 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys19:46:54.0323 5436 WIMMount - ok19:46:54.0333 5436 WinDefend - ok19:46:54.0344 5436 WinHttpAutoProxySvc - ok19:46:54.0402 5436 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll19:46:54.0408 5436 Winmgmt - ok19:46:54.0471 5436 [ 41FBB751936B387F9179E7F03A74FE29 ] WinRM C:\Windows\system32\WsmSvc.dll19:46:54.0528 5436 WinRM - ok19:46:54.0593 5436 [ 817EAFF5D38674EDD7713B9DFB8E9791 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys19:46:54.0595 5436 WinUsb - ok19:46:54.0640 5436 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll19:46:54.0672 5436 Wlansvc - ok19:46:54.0796 5436 [ 98F138897EF4246381D197CB81846D62 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE19:46:54.0853 5436 wlidsvc - ok19:46:54.0879 5436 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys19:46:54.0881 5436 WmiAcpi - ok19:46:54.0916 5436 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe19:46:54.0919 5436 wmiApSrv - ok19:46:54.0941 5436 WMPNetworkSvc - ok19:46:54.0972 5436 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll19:46:54.0979 5436 WPCSvc - ok19:46:55.0002 5436 [ 2E57DDF2880A7E52E76F41C7E96D327B ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll19:46:55.0011 5436 WPDBusEnum - ok19:46:55.0041 5436 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys19:46:55.0043 5436 ws2ifsl - ok19:46:55.0083 5436 [ 8F9F3969933C02DA96EB0F84576DB43E ] wscsvc C:\Windows\System32\wscsvc.dll19:46:55.0090 5436 wscsvc - ok19:46:55.0095 5436 WSearch - ok19:46:55.0178 5436 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll19:46:55.0247 5436 wuauserv - ok19:46:55.0265 5436 [ 7CADC74271DD6461C452C271B30BD378 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys19:46:55.0268 5436 WudfPf - ok19:46:55.0309 5436 [ 3B197AF0FFF08AA66B6B2241CA538D64 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys19:46:55.0312 5436 WUDFRd - ok19:46:55.0338 5436 [ B551D6637AA0E132C18AC6E504F7B79B ] wudfsvc C:\Windows\System32\WUDFSvc.dll19:46:55.0343 5436 wudfsvc - ok19:46:55.0359 5436 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll19:46:55.0366 5436 WwanSvc - ok19:46:55.0474 5436 [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe19:46:55.0482 5436 YahooAUService - ok19:46:55.0542 5436 [ B36E54DD76DCAC72581306F5504C6491 ] ztemtusbser C:\Windows\system32\DRIVERS\CT_ZTEMT_U_USBSER.sys19:46:55.0544 5436 ztemtusbser - ok19:46:55.0634 5436 ================ Scan global ===============================19:46:55.0666 5436 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll19:46:55.0701 5436 [ B200DECA2186858595A97FBE63E896CC ] C:\Windows\system32\winsrv.dll19:46:55.0714 5436 [ B200DECA2186858595A97FBE63E896CC ] C:\Windows\system32\winsrv.dll19:46:55.0747 5436 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll19:46:55.0776 5436 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe19:46:55.0783 5436 [Global] - ok19:46:55.0783 5436 ================ Scan MBR ==================================19:46:55.0796 5436 [ 89B5DB6675722B3F1FCF978126515316 ] \Device\Harddisk0\DR019:46:55.0875 5436 \Device\Harddisk0\DR0 - ok19:46:55.0891 5436 ================ Scan VBR ==================================19:46:55.0895 5436 [ 62A528C88C7DB07C12FF31355E007372 ] \Device\Harddisk0\DR0\Partition119:46:55.0897 5436 \Device\Harddisk0\DR0\Partition1 - ok19:46:55.0918 5436 [ 7C165894CE5979C4A87BA13948D45BA0 ] \Device\Harddisk0\DR0\Partition219:46:55.0920 5436 \Device\Harddisk0\DR0\Partition2 - ok19:46:55.0966 5436 [ AB0FB2F484B87FEDC447ED9AE8847561 ] \Device\Harddisk0\DR0\Partition319:46:55.0978 5436 \Device\Harddisk0\DR0\Partition3 - ok19:46:55.0979 5436 ============================================================19:46:55.0979 5436 Scan finished19:46:55.0979 5436 ============================================================19:46:55.0990 3664 Detected object count: 019:46:55.0990 3664 Actual detected object count: 0 -
cannot remove pup.optional.BrowseFox.A
emil915 replied to emil915's topic in Resolved Malware Removal Logs
log from sc Cleaner Shortcut Cleaner 1.2.5 by Lawrence Abrams (Grinler)http://www.bleepingcomputer.com/Copyright 2008-2013 BleepingComputer.comMore Information about Shortcut Cleaner can be found at this link: http://www.bleepingcomputer.com/download/shortcut-cleaner/ Windows Version: Windows 7 Home Premium Program started at: 10/17/2013 07:39:34 PM. Scanning for registry hijacks: * No issues found in the Registry. Searching for Hijacked Shortcuts: Searching C:\Users\ANJU\AppData\Roaming\Microsoft\Windows\Start Menu\ Searching C:\ProgramData\Microsoft\Windows\Start Menu\ Searching C:\Users\ANJU\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\ Searching C:\Users\Public\Desktop\ Searching C:\Users\ANJU\Desktop 0 bad shortcuts found. Program finished at: 10/17/2013 07:39:39 PMExecution time: 0 hours(s), 0 minute(s), and 4 seconds(s) -
cannot remove pup.optional.BrowseFox.A
emil915 replied to emil915's topic in Resolved Malware Removal Logs
Hi Marius, Thank you for your Help. Please find the Log from Gmer rootkit GMER 2.1.19163 - http://www.gmer.net Rootkit scan 2013-10-17 18:55:43Windows 6.1.7600 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 WDC_WD50 rev.01.0 465.76GBRunning: o94oqqkc.exe; Driver: C:\Users\ANJU\AppData\Local\Temp\kwldrpog.sys ---- Registry - GMER 2.1 ---- Reg HKLM\SYSTEM\CurrentControlSet\services\aswFsBlk@Type 2Reg HKLM\SYSTEM\CurrentControlSet\services\aswFsBlk@Start 2Reg HKLM\SYSTEM\CurrentControlSet\services\aswFsBlk@ErrorControl 1Reg HKLM\SYSTEM\CurrentControlSet\services\aswFsBlk@DisplayName aswFsBlkReg HKLM\SYSTEM\CurrentControlSet\services\aswFsBlk@Group FSFilter Activity MonitorReg HKLM\SYSTEM\CurrentControlSet\services\aswFsBlk@DependOnService FltMgr?Reg HKLM\SYSTEM\CurrentControlSet\services\aswFsBlk@Description avast! mini-filter driver (aswFsBlk)Reg HKLM\SYSTEM\CurrentControlSet\services\aswFsBlk@Tag 3Reg HKLM\SYSTEM\CurrentControlSet\services\aswFsBlk\Instances Reg HKLM\SYSTEM\CurrentControlSet\services\aswFsBlk\Instances@DefaultInstance aswFsBlk InstanceReg HKLM\SYSTEM\CurrentControlSet\services\aswFsBlk\Instances\aswFsBlk Instance Reg HKLM\SYSTEM\CurrentControlSet\services\aswFsBlk\Instances\aswFsBlk Instance@Altitude 388400Reg HKLM\SYSTEM\CurrentControlSet\services\aswFsBlk\Instances\aswFsBlk Instance@Flags 0Reg HKLM\SYSTEM\CurrentControlSet\services\aswFsBlk Reg HKLM\SYSTEM\CurrentControlSet\services\aswMonFlt@Type 2Reg HKLM\SYSTEM\CurrentControlSet\services\aswMonFlt@Start 2Reg HKLM\SYSTEM\CurrentControlSet\services\aswMonFlt@ErrorControl 1Reg HKLM\SYSTEM\CurrentControlSet\services\aswMonFlt@ImagePath \??\C:\Windows\system32\drivers\aswMonFlt.sysReg HKLM\SYSTEM\CurrentControlSet\services\aswMonFlt@DisplayName aswMonFltReg HKLM\SYSTEM\CurrentControlSet\services\aswMonFlt@Group FSFilter Anti-VirusReg HKLM\SYSTEM\CurrentControlSet\services\aswMonFlt@DependOnService FltMgr?Reg HKLM\SYSTEM\CurrentControlSet\services\aswMonFlt@Description avast! mini-filter driver (aswMonFlt)Reg HKLM\SYSTEM\CurrentControlSet\services\aswMonFlt\Instances Reg HKLM\SYSTEM\CurrentControlSet\services\aswMonFlt\Instances@DefaultInstance aswMonFlt InstanceReg HKLM\SYSTEM\CurrentControlSet\services\aswMonFlt\Instances\aswMonFlt Instance Reg HKLM\SYSTEM\CurrentControlSet\services\aswMonFlt\Instances\aswMonFlt Instance@Altitude 320700Reg HKLM\SYSTEM\CurrentControlSet\services\aswMonFlt\Instances\aswMonFlt Instance@Flags 0Reg HKLM\SYSTEM\CurrentControlSet\services\aswMonFlt Reg HKLM\SYSTEM\CurrentControlSet\services\aswRdr@ImagePath \SystemRoot\System32\Drivers\aswrdr2.sysReg HKLM\SYSTEM\CurrentControlSet\services\aswRdr@Type 1Reg HKLM\SYSTEM\CurrentControlSet\services\aswRdr@Start 1Reg HKLM\SYSTEM\CurrentControlSet\services\aswRdr@ErrorControl 1Reg HKLM\SYSTEM\CurrentControlSet\services\aswRdr@DisplayName aswRdrReg HKLM\SYSTEM\CurrentControlSet\services\aswRdr@Group PNP_TDIReg HKLM\SYSTEM\CurrentControlSet\services\aswRdr@DependOnService tcpip?Reg HKLM\SYSTEM\CurrentControlSet\services\aswRdr@Description avast! WFP Redirect driverReg HKLM\SYSTEM\CurrentControlSet\services\aswRdr\Parameters Reg HKLM\SYSTEM\CurrentControlSet\services\aswRdr\Parameters@MSIgnoreLSPDefault Reg HKLM\SYSTEM\CurrentControlSet\services\aswRdr\Parameters@WSIgnoreLSPDefault nl_lsp.dll,imon.dll,xfire_lsp.dll,mslsp.dll,mssplsp.dll,cwhook.dll,spi.dll,bmnet.dll,winsflt.dllReg HKLM\SYSTEM\CurrentControlSet\services\aswRdr Reg HKLM\SYSTEM\CurrentControlSet\services\aswRvrt@Type 1Reg HKLM\SYSTEM\CurrentControlSet\services\aswRvrt@Start 0Reg HKLM\SYSTEM\CurrentControlSet\services\aswRvrt@ErrorControl 1Reg HKLM\SYSTEM\CurrentControlSet\services\aswRvrt@DisplayName aswRvrtReg HKLM\SYSTEM\CurrentControlSet\services\aswRvrt@Description avast! RevertReg HKLM\SYSTEM\CurrentControlSet\services\aswRvrt\Parameters Reg HKLM\SYSTEM\CurrentControlSet\services\aswRvrt\Parameters@BootCounter 273Reg HKLM\SYSTEM\CurrentControlSet\services\aswRvrt\Parameters@TickCounter 2834545Reg HKLM\SYSTEM\CurrentControlSet\services\aswRvrt\Parameters@SystemRoot \Device\Harddisk0\Partition3\WindowsReg HKLM\SYSTEM\CurrentControlSet\services\aswRvrt\Parameters@ImproperShutdown 1Reg HKLM\SYSTEM\CurrentControlSet\services\aswRvrt Reg HKLM\SYSTEM\CurrentControlSet\services\aswSnx@Type 2Reg HKLM\SYSTEM\CurrentControlSet\services\aswSnx@Start 1Reg HKLM\SYSTEM\CurrentControlSet\services\aswSnx@ErrorControl 1Reg HKLM\SYSTEM\CurrentControlSet\services\aswSnx@DisplayName aswSnxReg HKLM\SYSTEM\CurrentControlSet\services\aswSnx@Group FSFilter VirtualizationReg HKLM\SYSTEM\CurrentControlSet\services\aswSnx@DependOnService FltMgr?Reg HKLM\SYSTEM\CurrentControlSet\services\aswSnx@Description avast! virtualization driver (aswSnx)Reg HKLM\SYSTEM\CurrentControlSet\services\aswSnx@Tag 2Reg HKLM\SYSTEM\CurrentControlSet\services\aswSnx\Instances Reg HKLM\SYSTEM\CurrentControlSet\services\aswSnx\Instances@DefaultInstance aswSnx InstanceReg HKLM\SYSTEM\CurrentControlSet\services\aswSnx\Instances\aswSnx Instance Reg HKLM\SYSTEM\CurrentControlSet\services\aswSnx\Instances\aswSnx Instance@Altitude 137600Reg HKLM\SYSTEM\CurrentControlSet\services\aswSnx\Instances\aswSnx Instance@Flags 0Reg HKLM\SYSTEM\CurrentControlSet\services\aswSnx\Parameters Reg HKLM\SYSTEM\CurrentControlSet\services\aswSnx\Parameters@ProgramFolder \DosDevices\C:\Program Files\AVAST Software\AvastReg HKLM\SYSTEM\CurrentControlSet\services\aswSnx\Parameters@DataFolder \DosDevices\C:\ProgramData\AVAST Software\AvastReg HKLM\SYSTEM\CurrentControlSet\services\aswSnx Reg HKLM\SYSTEM\CurrentControlSet\services\aswSP@Type 1Reg HKLM\SYSTEM\CurrentControlSet\services\aswSP@Start 1Reg HKLM\SYSTEM\CurrentControlSet\services\aswSP@ErrorControl 1Reg HKLM\SYSTEM\CurrentControlSet\services\aswSP@DisplayName aswSPReg HKLM\SYSTEM\CurrentControlSet\services\aswSP@Description avast! Self ProtectionReg HKLM\SYSTEM\CurrentControlSet\services\aswSP\Parameters Reg HKLM\SYSTEM\CurrentControlSet\services\aswSP\Parameters@BehavShield 1Reg HKLM\SYSTEM\CurrentControlSet\services\aswSP\Parameters@ProgramFolder \DosDevices\C:\Program Files\AVAST Software\AvastReg HKLM\SYSTEM\CurrentControlSet\services\aswSP\Parameters@DataFolder \DosDevices\C:\ProgramData\AVAST Software\AvastReg HKLM\SYSTEM\CurrentControlSet\services\aswSP\Parameters@ProgramFilesFolder \DosDevices\C:\Program FilesReg HKLM\SYSTEM\CurrentControlSet\services\aswSP\Parameters@GadgetFolder \DosDevices\C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadgetReg HKLM\SYSTEM\CurrentControlSet\services\aswSP\Parameters@NoWelcomeScreen 1Reg HKLM\SYSTEM\CurrentControlSet\services\aswSP Reg HKLM\SYSTEM\CurrentControlSet\services\aswTdi@Type 1Reg HKLM\SYSTEM\CurrentControlSet\services\aswTdi@Start 1Reg HKLM\SYSTEM\CurrentControlSet\services\aswTdi@ErrorControl 1Reg HKLM\SYSTEM\CurrentControlSet\services\aswTdi@DisplayName avast! Network Shield SupportReg HKLM\SYSTEM\CurrentControlSet\services\aswTdi@Group PNP_TDIReg HKLM\SYSTEM\CurrentControlSet\services\aswTdi@DependOnService tcpip?Reg HKLM\SYSTEM\CurrentControlSet\services\aswTdi@Description avast! Network Shield TDI driverReg HKLM\SYSTEM\CurrentControlSet\services\aswTdi@Tag 11Reg HKLM\SYSTEM\CurrentControlSet\services\aswTdi Reg HKLM\SYSTEM\CurrentControlSet\services\aswVmm@Type 1Reg HKLM\SYSTEM\CurrentControlSet\services\aswVmm@Start 3Reg HKLM\SYSTEM\CurrentControlSet\services\aswVmm@ErrorControl 1Reg HKLM\SYSTEM\CurrentControlSet\services\aswVmm@DisplayName aswVmmReg HKLM\SYSTEM\CurrentControlSet\services\aswVmm@Description avast! VM MonitorReg HKLM\SYSTEM\CurrentControlSet\services\aswVmm\Parameters Reg HKLM\SYSTEM\CurrentControlSet\services\aswVmm Reg HKLM\SYSTEM\CurrentControlSet\services\avast! Antivirus@Type 32Reg HKLM\SYSTEM\CurrentControlSet\services\avast! Antivirus@Start 2Reg HKLM\SYSTEM\CurrentControlSet\services\avast! Antivirus@ErrorControl 1Reg HKLM\SYSTEM\CurrentControlSet\services\avast! Antivirus@ImagePath "C:\Program Files\AVAST Software\Avast\AvastSvc.exe"Reg HKLM\SYSTEM\CurrentControlSet\services\avast! Antivirus@DisplayName avast! AntivirusReg HKLM\SYSTEM\CurrentControlSet\services\avast! Antivirus@Group ShellSvcGroupReg HKLM\SYSTEM\CurrentControlSet\services\avast! Antivirus@DependOnService aswMonFlt?RpcSS?Reg HKLM\SYSTEM\CurrentControlSet\services\avast! Antivirus@WOW64 1Reg HKLM\SYSTEM\CurrentControlSet\services\avast! Antivirus@ObjectName LocalSystemReg HKLM\SYSTEM\CurrentControlSet\services\avast! Antivirus@ServiceSidType 1Reg HKLM\SYSTEM\CurrentControlSet\services\avast! Antivirus@Description Manages and implements avast! antivirus services for this computer. This includes the resident protection, the virus chest and the scheduler.Reg HKLM\SYSTEM\CurrentControlSet\services\avast! Antivirus Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\18f46ad6f769 Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\18f46ad6f769@6ca7803f0ffc 0xC1 0xA9 0x7C 0x49 ...Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\18f46ad6f769@10f9ee058c65 0x6F 0x79 0xCC 0xCD ...Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\18f46ad6f769@f48e09309c45 0xEC 0xE6 0x46 0xD6 ...Reg HKLM\SYSTEM\ControlSet002\services\aswFsBlk@Type 2Reg HKLM\SYSTEM\ControlSet002\services\aswFsBlk@Start 2Reg HKLM\SYSTEM\ControlSet002\services\aswFsBlk@ErrorControl 1Reg HKLM\SYSTEM\ControlSet002\services\aswFsBlk@DisplayName aswFsBlkReg HKLM\SYSTEM\ControlSet002\services\aswFsBlk@Group FSFilter Activity MonitorReg HKLM\SYSTEM\ControlSet002\services\aswFsBlk@DependOnService FltMgr?Reg HKLM\SYSTEM\ControlSet002\services\aswFsBlk@Description avast! mini-filter driver (aswFsBlk)Reg HKLM\SYSTEM\ControlSet002\services\aswFsBlk@Tag 3Reg HKLM\SYSTEM\ControlSet002\services\aswFsBlk\Instances (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\services\aswFsBlk\Instances@DefaultInstance aswFsBlk InstanceReg HKLM\SYSTEM\ControlSet002\services\aswFsBlk\Instances\aswFsBlk Instance (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\services\aswFsBlk\Instances\aswFsBlk Instance@Altitude 388400Reg HKLM\SYSTEM\ControlSet002\services\aswFsBlk\Instances\aswFsBlk Instance@Flags 0Reg HKLM\SYSTEM\ControlSet002\services\aswMonFlt@Type 2Reg HKLM\SYSTEM\ControlSet002\services\aswMonFlt@Start 2Reg HKLM\SYSTEM\ControlSet002\services\aswMonFlt@ErrorControl 1Reg HKLM\SYSTEM\ControlSet002\services\aswMonFlt@ImagePath \??\C:\Windows\system32\drivers\aswMonFlt.sysReg HKLM\SYSTEM\ControlSet002\services\aswMonFlt@DisplayName aswMonFltReg HKLM\SYSTEM\ControlSet002\services\aswMonFlt@Group FSFilter Anti-VirusReg HKLM\SYSTEM\ControlSet002\services\aswMonFlt@DependOnService FltMgr?Reg HKLM\SYSTEM\ControlSet002\services\aswMonFlt@Description avast! mini-filter driver (aswMonFlt)Reg HKLM\SYSTEM\ControlSet002\services\aswMonFlt\Instances (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\services\aswMonFlt\Instances@DefaultInstance aswMonFlt InstanceReg HKLM\SYSTEM\ControlSet002\services\aswMonFlt\Instances\aswMonFlt Instance (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\services\aswMonFlt\Instances\aswMonFlt Instance@Altitude 320700Reg HKLM\SYSTEM\ControlSet002\services\aswMonFlt\Instances\aswMonFlt Instance@Flags 0Reg HKLM\SYSTEM\ControlSet002\services\aswRdr@ImagePath \SystemRoot\System32\Drivers\aswrdr2.sysReg HKLM\SYSTEM\ControlSet002\services\aswRdr@Type 1Reg HKLM\SYSTEM\ControlSet002\services\aswRdr@Start 1Reg HKLM\SYSTEM\ControlSet002\services\aswRdr@ErrorControl 1Reg HKLM\SYSTEM\ControlSet002\services\aswRdr@DisplayName aswRdrReg HKLM\SYSTEM\ControlSet002\services\aswRdr@Group PNP_TDIReg HKLM\SYSTEM\ControlSet002\services\aswRdr@DependOnService tcpip?Reg HKLM\SYSTEM\ControlSet002\services\aswRdr@Description avast! WFP Redirect driverReg HKLM\SYSTEM\ControlSet002\services\aswRdr\Parameters (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\services\aswRdr\Parameters@MSIgnoreLSPDefault Reg HKLM\SYSTEM\ControlSet002\services\aswRdr\Parameters@WSIgnoreLSPDefault nl_lsp.dll,imon.dll,xfire_lsp.dll,mslsp.dll,mssplsp.dll,cwhook.dll,spi.dll,bmnet.dll,winsflt.dllReg HKLM\SYSTEM\ControlSet002\services\aswRvrt@Type 1Reg HKLM\SYSTEM\ControlSet002\services\aswRvrt@Start 0Reg HKLM\SYSTEM\ControlSet002\services\aswRvrt@ErrorControl 1Reg HKLM\SYSTEM\ControlSet002\services\aswRvrt@DisplayName aswRvrtReg HKLM\SYSTEM\ControlSet002\services\aswRvrt@Description avast! RevertReg HKLM\SYSTEM\ControlSet002\services\aswRvrt\Parameters (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\services\aswRvrt\Parameters@BootCounter 273Reg HKLM\SYSTEM\ControlSet002\services\aswRvrt\Parameters@TickCounter 2834545Reg HKLM\SYSTEM\ControlSet002\services\aswRvrt\Parameters@SystemRoot \Device\Harddisk0\Partition3\WindowsReg HKLM\SYSTEM\ControlSet002\services\aswRvrt\Parameters@ImproperShutdown 1Reg HKLM\SYSTEM\ControlSet002\services\aswSnx@Type 2Reg HKLM\SYSTEM\ControlSet002\services\aswSnx@Start 1Reg HKLM\SYSTEM\ControlSet002\services\aswSnx@ErrorControl 1Reg HKLM\SYSTEM\ControlSet002\services\aswSnx@DisplayName aswSnxReg HKLM\SYSTEM\ControlSet002\services\aswSnx@Group FSFilter VirtualizationReg HKLM\SYSTEM\ControlSet002\services\aswSnx@DependOnService FltMgr?Reg HKLM\SYSTEM\ControlSet002\services\aswSnx@Description avast! virtualization driver (aswSnx)Reg HKLM\SYSTEM\ControlSet002\services\aswSnx@Tag 2Reg HKLM\SYSTEM\ControlSet002\services\aswSnx\Instances (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\services\aswSnx\Instances@DefaultInstance aswSnx InstanceReg HKLM\SYSTEM\ControlSet002\services\aswSnx\Instances\aswSnx Instance (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\services\aswSnx\Instances\aswSnx Instance@Altitude 137600Reg HKLM\SYSTEM\ControlSet002\services\aswSnx\Instances\aswSnx Instance@Flags 0Reg HKLM\SYSTEM\ControlSet002\services\aswSnx\Parameters (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\services\aswSnx\Parameters@ProgramFolder \DosDevices\C:\Program Files\AVAST Software\AvastReg HKLM\SYSTEM\ControlSet002\services\aswSnx\Parameters@DataFolder \DosDevices\C:\ProgramData\AVAST Software\AvastReg HKLM\SYSTEM\ControlSet002\services\aswSP@Type 1Reg HKLM\SYSTEM\ControlSet002\services\aswSP@Start 1Reg HKLM\SYSTEM\ControlSet002\services\aswSP@ErrorControl 1Reg HKLM\SYSTEM\ControlSet002\services\aswSP@DisplayName aswSPReg HKLM\SYSTEM\ControlSet002\services\aswSP@Description avast! Self ProtectionReg HKLM\SYSTEM\ControlSet002\services\aswSP\Parameters (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\services\aswSP\Parameters@BehavShield 1Reg HKLM\SYSTEM\ControlSet002\services\aswSP\Parameters@ProgramFolder \DosDevices\C:\Program Files\AVAST Software\AvastReg HKLM\SYSTEM\ControlSet002\services\aswSP\Parameters@DataFolder \DosDevices\C:\ProgramData\AVAST Software\AvastReg HKLM\SYSTEM\ControlSet002\services\aswSP\Parameters@ProgramFilesFolder \DosDevices\C:\Program FilesReg HKLM\SYSTEM\ControlSet002\services\aswSP\Parameters@GadgetFolder \DosDevices\C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadgetReg HKLM\SYSTEM\ControlSet002\services\aswSP\Parameters@NoWelcomeScreen 1Reg HKLM\SYSTEM\ControlSet002\services\aswTdi@Type 1Reg HKLM\SYSTEM\ControlSet002\services\aswTdi@Start 1Reg HKLM\SYSTEM\ControlSet002\services\aswTdi@ErrorControl 1Reg HKLM\SYSTEM\ControlSet002\services\aswTdi@DisplayName avast! Network Shield SupportReg HKLM\SYSTEM\ControlSet002\services\aswTdi@Group PNP_TDIReg HKLM\SYSTEM\ControlSet002\services\aswTdi@DependOnService tcpip?Reg HKLM\SYSTEM\ControlSet002\services\aswTdi@Description avast! Network Shield TDI driverReg HKLM\SYSTEM\ControlSet002\services\aswTdi@Tag 11Reg HKLM\SYSTEM\ControlSet002\services\aswVmm@Type 1Reg HKLM\SYSTEM\ControlSet002\services\aswVmm@Start 3Reg HKLM\SYSTEM\ControlSet002\services\aswVmm@ErrorControl 1Reg HKLM\SYSTEM\ControlSet002\services\aswVmm@DisplayName aswVmmReg HKLM\SYSTEM\ControlSet002\services\aswVmm@Description avast! VM MonitorReg HKLM\SYSTEM\ControlSet002\services\aswVmm\Parameters (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\services\avast! Antivirus@Type 32Reg HKLM\SYSTEM\ControlSet002\services\avast! Antivirus@Start 2Reg HKLM\SYSTEM\ControlSet002\services\avast! Antivirus@ErrorControl 1Reg HKLM\SYSTEM\ControlSet002\services\avast! Antivirus@ImagePath "C:\Program Files\AVAST Software\Avast\AvastSvc.exe"Reg HKLM\SYSTEM\ControlSet002\services\avast! Antivirus@DisplayName avast! AntivirusReg HKLM\SYSTEM\ControlSet002\services\avast! Antivirus@Group ShellSvcGroupReg HKLM\SYSTEM\ControlSet002\services\avast! Antivirus@DependOnService aswMonFlt?RpcSS?Reg HKLM\SYSTEM\ControlSet002\services\avast! Antivirus@WOW64 1Reg HKLM\SYSTEM\ControlSet002\services\avast! Antivirus@ObjectName LocalSystemReg HKLM\SYSTEM\ControlSet002\services\avast! Antivirus@ServiceSidType 1Reg HKLM\SYSTEM\ControlSet002\services\avast! Antivirus@Description Manages and implements avast! antivirus services for this computer. This includes the resident protection, the virus chest and the scheduler.Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\18f46ad6f769 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\18f46ad6f769@6ca7803f0ffc 0xC1 0xA9 0x7C 0x49 ...Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\18f46ad6f769@10f9ee058c65 0x6F 0x79 0xCC 0xCD ...Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\18f46ad6f769@f48e09309c45 0xEC 0xE6 0x46 0xD6 ...Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{40966F84-4AD1-63BE-00B5-BDB4A610243D} Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{40966F84-4AD1-63BE-00B5-BDB4A610243D}@oafjempfdjlbclhgpnjnfjboegdnag 0x6A 0x61 0x6D 0x6F ...Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{40966F84-4AD1-63BE-00B5-BDB4A610243D}@naljolbllikbjeiafggjohiioggp 0x6A 0x61 0x6D 0x6F ...Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{40966F84-4AD1-63BE-00B5-BDB4A610243D}@oajicaooaelehglmgfcepfdnonkgmo 0x64 0x61 0x6D 0x6F ... ---- Disk sectors - GMER 2.1 ---- Disk \Device\Harddisk0\DR0 unknown MBR code ---- EOF - GMER 2.1 ---- -
Hi, i'm infected with pup.Optional.BrowseFox.A tried AdwCleaner and Malwarebytes, but it keeps coming back a few minutes after i remove it. Pls. help. Find the Log for DDS attached. attach.txt dds.txt