1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Audio Ads in background AND Google link redirect

Discussion in 'Virus & Other Malware Removal' started by rjf322, Jun 24, 2012.

Thread Status:
Not open for further replies.
Advertisement
  1. rjf322

    rjf322 Thread Starter

    Joined:
    Jun 24, 2012
    Messages:
    5
    Hello,

    Thank you in advance to the person who can assist with my issue! I'm trying to help my mom, she seems to have contracted two issues which I have seen multiple posts regarding on this and other forums:

    1. Random audio ads playing in background, even with no browser open.
    2. Google links redirecting to ad pages.

    I just ran a Malawarebytes full scan that came up empty, as well as a Hijack this scan. Logs below. Please help. I know it will take a few days and some back and forth, but I really appreciate your expertise.




    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 1:47:53 PM, on 6/24/2012
    Platform: Windows 7 SP1 (WinNT 6.00.3505)
    MSIE: Internet Explorer v9.00 (9.00.8112.16421)
    Boot mode: Normal

    Running processes:
    C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
    C:\Windows\PLFSetI.exe
    C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe
    C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe
    C:\Program Files (x86)\Ask.com\Updater\Updater.exe
    C:\Program Files (x86)\iTunes\iTunesHelper.exe
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    C:\Users\pat\Desktop\Setup Files\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&m=aspire_5517&r=273601107235l0334z195t4862y489
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/?affID=10...HP_ss&mntrId=d4aff23a0000000000000ceee6a06f45
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&m=aspire_5517&r=273601107235l0334z195t4862y489
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&m=aspire_5517&r=273601107235l0334z195t4862y489
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
    F2 - REG:system.ini: UserInit=userinit.exe,
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (file missing)
    O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    O3 - Toolbar: Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll
    O4 - HKLM\..\Run: [EgisTecLiveUpdate] "C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
    O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    O4 - HKLM\..\Run: [RemoteControl8] "C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe"
    O4 - HKLM\..\Run: [PDVD8LanguageShortcut] "C:\Program Files (x86)\CyberLink\PowerDVD8\Language\Language.exe"
    O4 - HKLM\..\Run: [Acer Assist Launcher] C:\Program Files (x86)\Acer\Acer Assist\launcher.exe
    O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
    O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [BYR_AGENT] C:\ProgramData\LGMOBILEAX\BYR_Client\VZWNotiAgent.exe
    O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [Facebook Update] "C:\Users\pat\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
    O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
    O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O16 - DPF: {1851174C-97BD-4217-A0CC-E908F60D5B7A} (Hewlett-Packard Online Support Services) - https://h50203.www5.hp.com/CSMWeb/Customer/cabs/HPISDataManager.CAB
    O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - (no file)
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL
    O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - (no file)
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
    O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
    O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
    O23 - Service: McAfee SiteAdvisor Service - Unknown owner - c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe (file missing)
    O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
    O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: Updater Service - Acer - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

    --
    End of file - 13023 bytes





    Malwarebytes Anti-Malware (Trial) 1.61.0.1400
    www.malwarebytes.org

    Database version: v2012.06.24.03

    Windows 7 Service Pack 1 x64 NTFS
    Internet Explorer 9.0.8112.16421
    pat :: PAT-PC [administrator]

    Protection: Enabled

    6/24/2012 12:38:37 PM
    mbam-log-2012-06-24 (12-38-37).txt

    Scan type: Full scan
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: P2P
    Objects scanned: 349356
    Time elapsed: 53 minute(s), 34 second(s)

    Memory Processes Detected: 0
    (No malicious items detected)

    Memory Modules Detected: 0
    (No malicious items detected)

    Registry Keys Detected: 0
    (No malicious items detected)

    Registry Values Detected: 0
    (No malicious items detected)

    Registry Data Items Detected: 0
    (No malicious items detected)

    Folders Detected: 0
    (No malicious items detected)

    Files Detected: 0
    (No malicious items detected)

    (end)
     
  2. Gizzy

    Gizzy Malware Specialist

    Joined:
    Aug 2, 2005
    Messages:
    3,832
    Hello rjf322 and Welcome to Tech Support Guy! :)
    My name is Gizzy and I'll be glad to help you with your malware problems.

    Please note the following while we work:
    • The fixes are specific to your problem and should only be used for this issue on this computer.
    • Perform all actions in the order given.
    • If you don't know or understand something stop and ask! Don't keep going on.
    • Please DO NOT uninstall/install any programs unless asked to. It is more difficult when files/programs appear or disappear from the logs.
    • Please DO NOT run any tools or scans unless I ask you to.
    • It is important that you reply to this thread. Do not start a new topic.
    • Your security programs may give warnings for some of the tools I will ask you to use, Be assured, any links I give are safe.
    • The process is not instant, Please continue to respond to this thread until I give you the All Clean!. Absence of symptoms does not mean that everything is clear.
    • Topics not replied to within 3 days will be removed from my Subscribed Threads List.
    Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

    Because of this, I advise you to backup any personal files and folders before you start.
    Backup your data - windows 7


    I'm going through your logs and will reply with instructions soon.
     
  3. Gizzy

    Gizzy Malware Specialist

    Joined:
    Aug 2, 2005
    Messages:
    3,832
    Hi rjf322,


    Download and Run DDS
    [​IMG]
    Please download DDS by sUBs from one of the links below and save it to your desktop

    Link 1
    Link 2
    Link 3

    1. Disable any script blocker, Then right-click the dds file and select Run as administrator to run the tool, A command window will appear, This is normal
    2. Once DDS has finished, Two logs will appear:
      • DDS.txt
      • Attach.txt
    3. A window will open instructing you save & post the logs
    4. Save the logs to a convenient place such as your desktop
    5. Copy & paste the contents of both logs in your next reply


    Security Check
    1. Download Security Check by screen317 from:
    2. Save it to your Desktop.
    3. Right-click SecurityCheck.exe and select Run as administrator, Then follow the onscreen instructions inside of the black box.
    4. A Notepad document should open automatically called checkup.txt
    5. Please post the contents of that document.


    TDSSKiller Scan
    1. Please download TDSSKiller.zip and extract (unzip) it to your Desktop.
    2. Right-click on TDSSKiller.exe and select Run as administrator to launch it.
    3. Click on Change parameters
      • Check Detect TDLFS file system
      • Click OK
    4. Click on Start Scan, The scan will run.
    5. When the scan has finished, if it finds anything please click on the drop down arrow next to Cure and select Skip
    6. Now click on Report to open the log file created by TDSSKiller in your root directory C:\
    7. To find the log go to Start > Computer > C:
    8. Post the contents of that log in your next reply please.
      DO NOT TRY TO FIX ANYTHING AT THIS POINT


    Please reply with:
    • DDS logs (DDS.txt and Attach.txt)
    • SecurityCheck log
    • TDSSKiler log
     
  4. rjf322

    rjf322 Thread Starter

    Joined:
    Jun 24, 2012
    Messages:
    5
    Thank you! Will run and post logs after work this evening.
     
  5. rjf322

    rjf322 Thread Starter

    Joined:
    Jun 24, 2012
    Messages:
    5
    Ok here we go! Thank you again for your time!


    1)
    .
    DDS (Ver_2011-08-26.01) - NTFSAMD64
    Internet Explorer: 9.0.8112.16421
    Run by pat at 18:59:20 on 2012-06-25
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.2812.1419 [GMT -4:00]
    .
    AV: ESET NOD32 Antivirus 4.0 *Enabled/Outdated* {CB0F8167-5331-BA19-698E-64816B6801A5}
    SP: ESET NOD32 Antivirus 4.0 *Enabled/Outdated* {706E6083-750B-B597-533E-5FF310EF4B18}
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\system32\atiesrxx.exe
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\servicing\TrustedInstaller.exe
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\System32\spoolsv.exe
    C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
    C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe
    C:\Windows\System32\svchost.exe -k HPZ12
    C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
    C:\Windows\System32\svchost.exe -k HPZ12
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Program Files\Acer\Acer Updater\UpdaterService.exe
    C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
    C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
    C:\Windows\system32\atieclxx.exe
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
    C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
    C:\Windows\PLFSetI.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe
    C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe
    C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    C:\Program Files (x86)\Launch Manager\LManager.exe
    C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe
    C:\Program Files (x86)\Ask.com\Updater\Updater.exe
    C:\Program Files (x86)\iTunes\iTunesHelper.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
    C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    C:\Windows\system32\svchost.exe -k HPService
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
    C:\Windows\system32\sppsvc.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Windows\System32\svchost.exe -k LocalServicePeerNet
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
    C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_262.exe
    C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_262.exe
    C:\Windows\system32\taskhost.exe
    C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
    C:\Windows\system32\wuauclt.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\SysWOW64\cmd.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\SysWOW64\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://search.babylon.com/?affID=109935&tt=060612_5_&babsrc=HP_ss&mntrId=d4aff23a0000000000000ceee6a06f45
    uDefault_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&m=aspire_5517&r=273601107235l0334z195t4862y489
    mDefault_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&m=aspire_5517&r=273601107235l0334z195t4862y489
    mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&m=aspire_5517&r=273601107235l0334z195t4862y489
    uInternet Settings,ProxyOverride = *.local
    uURLSearchHooks: UrlSearchHook Class: {00000000-6e41-4fd3-8538-502f5495e5fc} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
    mWinlogon: Userinit=userinit.exe,
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO: Skype add-on (mastermind): {22bf413b-c6d2-4d91-82a9-a0f997ba588c} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    BHO: Babylon toolbar helper: {2eecd738-5844-4a99-b4b6-146bf802613b} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll
    BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
    BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL
    BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
    BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
    BHO: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    TB: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
    TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    TB: Babylon Toolbar: {98889811-442d-49dd-99d7-dc866be87dbc} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll
    uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
    uRun: [Facebook Update] "C:\Users\pat\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
    mRun: [EgisTecLiveUpdate] "C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe"
    mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    mRun: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
    mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    mRun: [RemoteControl8] "C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe"
    mRun: [PDVD8LanguageShortcut] "C:\Program Files (x86)\CyberLink\PowerDVD8\Language\Language.exe"
    mRun: [Acer Assist Launcher] C:\Program Files (x86)\Acer\Acer Assist\launcher.exe
    mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
    mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    mRun: [<NO NAME>]
    mRun: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
    mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    mRun: [BYR_AGENT] C:\ProgramData\LGMOBILEAX\BYR_Client\VZWNotiAgent.exe
    mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
    mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    uPolicies-explorer: HideSCAHealth = 1 (0x1)
    mPolicies-explorer: NoActiveDesktop = 1 (0x1)
    mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
    mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
    mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
    IE: {5067A26B-1337-4436-8AFE-EE169C2DA79F} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    IE: {77BF5300-1474-4EC7-9980-D32B190E9B07} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
    LSP: mswsock.dll
    DPF: {1851174C-97BD-4217-A0CC-E908F60D5B7A} - hxxps://h50203.www5.hp.com/CSMWeb/Customer/cabs/HPISDataManager.CAB
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
    TCP: DhcpNameServer = 192.168.2.1
    TCP: Interfaces\{0AEA413E-841D-44A3-B1CE-CC325362C007} : DhcpNameServer = 192.168.2.1
    TCP: Interfaces\{0AEA413E-841D-44A3-B1CE-CC325362C007}\163656E65647 : DhcpNameServer = 68.87.64.150 68.87.75.198
    TCP: Interfaces\{0AEA413E-841D-44A3-B1CE-CC325362C007}\354727F6D626F6C696 : DhcpNameServer = 192.168.1.1
    TCP: Interfaces\{0AEA413E-841D-44A3-B1CE-CC325362C007}\A60713933393 : DhcpNameServer = 192.168.1.1 71.242.0.12
    Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
    SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL
    SubSystems: Windows = basesrv,1 winsrv:UserServerDllInitialization,3 consrv:ConServerDllInitialization,2 sxssrv,4
    BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO-X64: AcroIEHelperStub - No File
    BHO-X64: Skype add-on (mastermind): {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    BHO-X64: Skype add-on (mastermind) - No File
    BHO-X64: Babylon toolbar helper: {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll
    BHO-X64: Babylon toolbar helper - No File
    BHO-X64: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
    BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL
    BHO-X64: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
    BHO-X64: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    BHO-X64: Google Dictionary Compression sdch: {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
    BHO-X64: Google Dictionary Compression sdch - No File
    BHO-X64: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
    BHO-X64: Ask Toolbar BHO - No File
    BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    TB-X64: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
    TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    TB-X64: Babylon Toolbar: {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll
    mRun-x64: [EgisTecLiveUpdate] "C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe"
    mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    mRun-x64: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
    mRun-x64: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    mRun-x64: [RemoteControl8] "C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe"
    mRun-x64: [PDVD8LanguageShortcut] "C:\Program Files (x86)\CyberLink\PowerDVD8\Language\Language.exe"
    mRun-x64: [Acer Assist Launcher] C:\Program Files (x86)\Acer\Acer Assist\launcher.exe
    mRun-x64: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
    mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    mRun-x64: [(Default)]
    mRun-x64: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
    mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    mRun-x64: [BYR_AGENT] C:\ProgramData\LGMOBILEAX\BYR_Client\VZWNotiAgent.exe
    mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
    mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - C:\Users\pat\AppData\Roaming\Mozilla\Firefox\Profiles\rjnuxjlg.default\
    FF - prefs.js: browser.search.selectedEngine - Ask.com
    FF - prefs.js: keyword.URL - hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=ORJ&o=100000031&locale=en_US&apn_uid=C8A27E97-5F3A-4CE5-BD96-B86FAC998A06&apn_ptnrs=TV&apn_sauid=59CED247-3D8C-4E6A-AC5E-08BF5D2DB9FB&apn_dtid=OSJ000YYUS&&q=
    FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
    FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
    FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
    FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll
    FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\6\NP_wtapp.dll
    FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
    FF - plugin: C:\Users\pat\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
    FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll
    FF - plugin: C:\Windows\SysWOW64\npdeployJava1.dll
    FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
    .
    ============= SERVICES / DRIVERS ===============
    .
    R1 mwlPSDFilter;mwlPSDFilter;C:\Windows\system32\DRIVERS\mwlPSDFilter.sys --> C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [?]
    R1 mwlPSDNServ;mwlPSDNServ;C:\Windows\system32\DRIVERS\mwlPSDNServ.sys --> C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [?]
    R1 mwlPSDVDisk;mwlPSDVDisk;C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys --> C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [?]
    R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
    R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
    R2 ePowerSvc;Acer ePower Service;C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2009-8-15 844320]
    R2 Greg_Service;GRegService;C:\Program Files (x86)\Acer\Registration\GregHSRW.exe [2009-6-4 1150496]
    R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-6-10 654408]
    R2 MWLService;MyWinLocker Service;C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe [2009-8-6 311592]
    R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2009-6-17 144640]
    R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);C:\Windows\system32\DRIVERS\L1C62x64.sys --> C:\Windows\system32\DRIVERS\L1C62x64.sys [?]
    R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
    R3 usbfilter;AMD USB Filter Driver;C:\Windows\system32\DRIVERS\usbfilter.sys --> C:\Windows\system32\DRIVERS\usbfilter.sys [?]
    S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-2-10 135664]
    S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe --> c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [?]
    S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-6-8 250056]
    S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
    S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-2-10 135664]
    S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-6-10 113120]
    S3 NTIBackupSvc;NTI Backup Now 5 Backup Service;C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2009-6-17 50432]
    S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
    S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
    .
    =============== Created Last 30 ================
    .
    2012-06-24 16:29:55 -------- d-----w- C:\TDSSKiller_Quarantine
    2012-06-24 16:21:43 -------- d-----w- C:\Users\pat\AppData\Local\Macromedia
    2012-06-24 15:38:55 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe
    2012-06-24 15:38:55 77312 ----a-w- C:\Windows\System32\rdpwsx.dll
    2012-06-24 15:38:55 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll
    2012-06-24 15:38:46 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe
    2012-06-24 15:38:44 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
    2012-06-24 15:38:44 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
    2012-06-24 15:38:42 3146752 ----a-w- C:\Windows\System32\win32k.sys
    2012-06-24 15:38:41 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys
    2012-06-24 15:31:37 2622464 ----a-w- C:\Windows\System32\wucltux.dll
    2012-06-24 15:31:24 99840 ----a-w- C:\Windows\System32\wudriver.dll
    2012-06-24 15:31:10 36864 ----a-w- C:\Windows\System32\wuapp.exe
    2012-06-24 15:31:10 186752 ----a-w- C:\Windows\System32\wuwebv.dll
    2012-06-11 00:22:06 -------- d-----w- C:\Users\pat\AppData\Local\Mozilla
    2012-06-08 22:37:22 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2012-06-08 22:37:22 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
    2012-05-30 18:37:49 476960 ----a-w- C:\Windows\SysWow64\npdeployJava1.dll
    2012-05-30 18:18:57 -------- d-----w- C:\Users\pat\AppData\Roaming\Malwarebytes
    2012-05-30 18:18:35 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys
    2012-05-30 18:18:35 -------- d-----w- C:\ProgramData\Malwarebytes
    2012-05-30 18:18:34 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
    .
    ==================== Find3M ====================
    .
    2012-05-30 18:37:38 472864 ----a-w- C:\Windows\SysWow64\deployJava1.dll
    2012-05-26 14:09:13 0 --sha-w- C:\Windows\System32\dds_trash_log.cmd
    2012-05-18 02:06:48 2311680 ----a-w- C:\Windows\System32\jscript9.dll
    2012-05-18 01:59:14 1392128 ----a-w- C:\Windows\System32\wininet.dll
    2012-05-18 01:58:39 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
    2012-05-18 01:55:22 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
    2012-05-18 01:51:30 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
    2012-05-17 22:45:37 1800192 ----a-w- C:\Windows\SysWow64\jscript9.dll
    2012-05-17 22:35:47 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
    2012-05-17 22:35:39 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
    2012-05-17 22:29:45 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
    2012-05-17 22:24:45 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
    2012-03-30 11:35:47 1918320 ----a-w- C:\Windows\System32\drivers\tcpip.sys
    .
    ============= FINISH: 19:02:18.01 ===============


    1a) ATTACH = attached.


    2)

    Results of screen317's Security Check version 0.99.42
    Windows 7 Service Pack 1 x64 (UAC is enabled)
    Internet Explorer 9
    ``````````````Antivirus/Firewall Check:``````````````
    Windows Security Center service is not running! This report may not be accurate!
    ESET NOD32 Antivirus 4.0
    Antivirus out of date!
    `````````Anti-malware/Other Utilities Check:`````````
    Malwarebytes Anti-Malware version 1.61.0.1400
    Java(TM) 6 Update 32
    Java version out of Date!
    Adobe Reader 9 Adobe Reader out of Date!
    Mozilla Firefox (13.0)
    ````````Process Check: objlist.exe by Laurent````````
    Malwarebytes Anti-Malware mbamservice.exe
    Malwarebytes Anti-Malware mbamgui.exe
    `````````````````System Health check`````````````````
    Total Fragmentation on Drive C: 6%
    ````````````````````End of Log``````````````````````


    3)

    19:13:07.0492 4256 TDSS rootkit removing tool 2.7.41.0 Jun 20 2012 20:53:32
    19:13:07.0867 4256 ============================================================
    19:13:07.0867 4256 Current date / time: 2012/06/25 19:13:07.0867
    19:13:07.0867 4256 SystemInfo:
    19:13:07.0867 4256
    19:13:07.0867 4256 OS Version: 6.1.7601 ServicePack: 1.0
    19:13:07.0867 4256 Product type: Workstation
    19:13:07.0867 4256 ComputerName: PAT-PC
    19:13:07.0867 4256 UserName: pat
    19:13:07.0867 4256 Windows directory: C:\Windows
    19:13:07.0867 4256 System windows directory: C:\Windows
    19:13:07.0868 4256 Running under WOW64
    19:13:07.0868 4256 Processor architecture: Intel x64
    19:13:07.0868 4256 Number of processors: 2
    19:13:07.0868 4256 Page size: 0x1000
    19:13:07.0868 4256 Boot type: Normal boot
    19:13:07.0868 4256 ============================================================
    19:13:09.0396 4256 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
    19:13:09.0409 4256 ============================================================
    19:13:09.0409 4256 \Device\Harddisk0\DR0:
    19:13:09.0409 4256 MBR partitions:
    19:13:09.0409 4256 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1801F5F, BlocksNum 0x32FCD
    19:13:09.0410 4256 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1834F2C, BlocksNum 0x1B990244
    19:13:09.0410 4256 ============================================================
    19:13:09.0450 4256 C: <-> \Device\Harddisk0\DR0\Partition1
    19:13:09.0473 4256 ============================================================
    19:13:09.0473 4256 Initialize success
    19:13:09.0473 4256 ============================================================
    19:13:19.0872 4872 ============================================================
    19:13:19.0872 4872 Scan started
    19:13:19.0872 4872 Mode: Manual; SigCheck; TDLFS;
    19:13:19.0872 4872 ============================================================
    19:13:21.0010 4872 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
    19:13:21.0135 4872 1394ohci - ok
    19:13:21.0198 4872 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
    19:13:21.0229 4872 ACPI - ok
    19:13:21.0264 4872 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
    19:13:21.0294 4872 AcpiPmi - ok
    19:13:21.0684 4872 AdobeFlashPlayerUpdateSvc (990dc6edc9f933194d7cd4e65146bc94) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    19:13:21.0724 4872 AdobeFlashPlayerUpdateSvc - ok
    19:13:21.0794 4872 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
    19:13:21.0824 4872 adp94xx - ok
    19:13:21.0874 4872 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
    19:13:21.0904 4872 adpahci - ok
    19:13:21.0954 4872 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
    19:13:21.0974 4872 adpu320 - ok
    19:13:22.0024 4872 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
    19:13:22.0094 4872 AeLookupSvc - ok
    19:13:22.0184 4872 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
    19:13:22.0244 4872 AFD - ok
    19:13:22.0304 4872 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
    19:13:22.0344 4872 agp440 - ok
    19:13:22.0374 4872 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
    19:13:22.0444 4872 ALG - ok
    19:13:22.0474 4872 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
    19:13:22.0494 4872 aliide - ok
    19:13:22.0534 4872 AMD External Events Utility (f238be4fa4e55eb67f17281fadf69851) C:\Windows\system32\atiesrxx.exe
    19:13:22.0574 4872 AMD External Events Utility - ok
    19:13:22.0614 4872 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
    19:13:22.0634 4872 amdide - ok
    19:13:22.0694 4872 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
    19:13:22.0734 4872 AmdK8 - ok
    19:13:22.0764 4872 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
    19:13:22.0804 4872 AmdPPM - ok
    19:13:22.0864 4872 amdsata (6ec6d772eae38dc17c14aed9b178d24b) C:\Windows\system32\drivers\amdsata.sys
    19:13:22.0884 4872 amdsata - ok
    19:13:22.0944 4872 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
    19:13:22.0974 4872 amdsbs - ok
    19:13:23.0014 4872 amdxata (1142a21db581a84ea5597b03a26ebaa0) C:\Windows\system32\drivers\amdxata.sys
    19:13:23.0034 4872 amdxata - ok
    19:13:23.0084 4872 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
    19:13:23.0154 4872 AppID - ok
    19:13:23.0184 4872 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
    19:13:23.0254 4872 AppIDSvc - ok
    19:13:23.0334 4872 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
    19:13:23.0404 4872 Appinfo - ok
    19:13:23.0574 4872 Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    19:13:23.0594 4872 Apple Mobile Device - ok
    19:13:23.0624 4872 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
    19:13:23.0644 4872 arc - ok
    19:13:23.0674 4872 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
    19:13:23.0694 4872 arcsas - ok
    19:13:23.0744 4872 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
    19:13:23.0824 4872 AsyncMac - ok
    19:13:23.0864 4872 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
    19:13:23.0874 4872 atapi - ok
    19:13:24.0015 4872 athr (b2c3a8618867404475228f7dd260698b) C:\Windows\system32\DRIVERS\athrx.sys
    19:13:24.0095 4872 athr - ok
    19:13:24.0505 4872 atikmdag (2db9047aac9d981f59ce06d04d70c4d8) C:\Windows\system32\DRIVERS\atikmdag.sys
    19:13:24.0775 4872 atikmdag - ok
    19:13:24.0905 4872 AtiPcie (7c5d273e29dcc5505469b299c6f29163) C:\Windows\system32\DRIVERS\AtiPcie.sys
    19:13:24.0975 4872 AtiPcie - ok
    19:13:25.0055 4872 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
    19:13:25.0145 4872 AudioEndpointBuilder - ok
    19:13:25.0155 4872 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
    19:13:25.0225 4872 AudioSrv - ok
    19:13:25.0275 4872 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
    19:13:25.0375 4872 AxInstSV - ok
    19:13:25.0455 4872 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
    19:13:25.0545 4872 b06bdrv - ok
    19:13:25.0615 4872 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
    19:13:25.0655 4872 b57nd60a - ok
    19:13:25.0845 4872 BCM43XX (fb4fda64f2e8552eaeb5986c3f34462c) C:\Windows\system32\DRIVERS\bcmwl664.sys
    19:13:25.0945 4872 BCM43XX - ok
    19:13:26.0045 4872 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
    19:13:26.0075 4872 BDESVC - ok
    19:13:26.0145 4872 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
    19:13:26.0255 4872 Beep - ok
    19:13:26.0325 4872 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
    19:13:26.0395 4872 BITS - ok
    19:13:26.0435 4872 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
    19:13:26.0465 4872 blbdrive - ok
    19:13:26.0555 4872 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
    19:13:26.0575 4872 Bonjour Service - ok
    19:13:26.0615 4872 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
    19:13:26.0625 4872 bowser - ok
    19:13:26.0665 4872 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
    19:13:26.0705 4872 BrFiltLo - ok
    19:13:26.0715 4872 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
    19:13:26.0745 4872 BrFiltUp - ok
    19:13:26.0795 4872 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
    19:13:26.0865 4872 Browser - ok
    19:13:26.0905 4872 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
    19:13:26.0975 4872 Brserid - ok
    19:13:27.0015 4872 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
    19:13:27.0055 4872 BrSerWdm - ok
    19:13:27.0165 4872 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
    19:13:27.0235 4872 BrUsbMdm - ok
    19:13:27.0265 4872 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
    19:13:27.0315 4872 BrUsbSer - ok
    19:13:27.0345 4872 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
    19:13:27.0385 4872 BTHMODEM - ok
    19:13:27.0445 4872 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
    19:13:27.0516 4872 bthserv - ok
    19:13:27.0553 4872 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
    19:13:27.0617 4872 cdfs - ok
    19:13:27.0675 4872 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
    19:13:27.0715 4872 cdrom - ok
    19:13:27.0770 4872 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
    19:13:27.0848 4872 CertPropSvc - ok
    19:13:27.0887 4872 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
    19:13:27.0912 4872 circlass - ok
    19:13:27.0956 4872 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
    19:13:27.0979 4872 CLFS - ok
    19:13:28.0046 4872 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
    19:13:28.0066 4872 clr_optimization_v2.0.50727_32 - ok
    19:13:28.0106 4872 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
    19:13:28.0126 4872 clr_optimization_v2.0.50727_64 - ok
    19:13:28.0168 4872 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
    19:13:28.0203 4872 CmBatt - ok
    19:13:28.0238 4872 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
    19:13:28.0258 4872 cmdide - ok
    19:13:28.0308 4872 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
    19:13:28.0353 4872 CNG - ok
    19:13:28.0393 4872 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
    19:13:28.0408 4872 Compbatt - ok
    19:13:28.0438 4872 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
    19:13:28.0473 4872 CompositeBus - ok
    19:13:28.0488 4872 COMSysApp - ok
    19:13:28.0528 4872 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
    19:13:28.0543 4872 crcdisk - ok
    19:13:28.0608 4872 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
    19:13:28.0673 4872 CryptSvc - ok
    19:13:28.0748 4872 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
    19:13:28.0824 4872 DcomLaunch - ok
    19:13:28.0865 4872 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
    19:13:28.0929 4872 defragsvc - ok
    19:13:28.0972 4872 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
    19:13:29.0052 4872 DfsC - ok
    19:13:29.0132 4872 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
    19:13:29.0203 4872 Dhcp - ok
    19:13:29.0234 4872 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
    19:13:29.0304 4872 discache - ok
    19:13:29.0336 4872 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
    19:13:29.0354 4872 Disk - ok
    19:13:29.0479 4872 DKbFltr (d5bcb77be83cf99f508943945d46343d) C:\Windows\syswow64\Drivers\DKbFltr.sys
    19:13:29.0511 4872 DKbFltr - ok
    19:13:29.0581 4872 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
    19:13:29.0654 4872 Dnscache - ok
    19:13:29.0711 4872 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
    19:13:29.0816 4872 dot3svc - ok
    19:13:29.0866 4872 Dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys
    19:13:29.0911 4872 Dot4 - ok
    19:13:29.0963 4872 Dot4Print (e9f5969233c5d89f3c35e3a66a52a361) C:\Windows\system32\DRIVERS\Dot4Prt.sys
    19:13:30.0006 4872 Dot4Print - ok
    19:13:30.0025 4872 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys
    19:13:30.0067 4872 dot4usb - ok
    19:13:30.0110 4872 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
    19:13:30.0186 4872 DPS - ok
    19:13:30.0224 4872 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
    19:13:30.0259 4872 drmkaud - ok
    19:13:30.0346 4872 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
    19:13:30.0388 4872 DXGKrnl - ok
    19:13:30.0427 4872 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
    19:13:30.0494 4872 EapHost - ok
    19:13:30.0675 4872 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
    19:13:30.0844 4872 ebdrv - ok
    19:13:30.0940 4872 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
    19:13:30.0991 4872 EFS - ok
    19:13:31.0110 4872 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
    19:13:31.0174 4872 ehRecvr - ok
    19:13:31.0254 4872 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
    19:13:31.0316 4872 ehSched - ok
    19:13:31.0423 4872 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
    19:13:31.0475 4872 elxstor - ok
    19:13:31.0594 4872 ePowerSvc (7c35c6865957289d9efe6cc73f4ab2e1) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
    19:13:31.0629 4872 ePowerSvc - ok
    19:13:31.0740 4872 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
    19:13:31.0766 4872 ErrDev - ok
    19:13:31.0823 4872 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
    19:13:31.0901 4872 EventSystem - ok
    19:13:31.0937 4872 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
    19:13:32.0008 4872 exfat - ok
    19:13:32.0033 4872 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
    19:13:32.0102 4872 fastfat - ok
    19:13:32.0185 4872 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
    19:13:32.0310 4872 Fax - ok
    19:13:32.0387 4872 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
    19:13:32.0421 4872 fdc - ok
    19:13:32.0461 4872 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
    19:13:32.0540 4872 fdPHost - ok
    19:13:32.0560 4872 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
    19:13:32.0629 4872 FDResPub - ok
    19:13:32.0660 4872 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
    19:13:32.0695 4872 FileInfo - ok
    19:13:32.0718 4872 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
    19:13:32.0835 4872 Filetrace - ok
    19:13:32.0855 4872 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
    19:13:32.0874 4872 flpydisk - ok
    19:13:32.0916 4872 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
    19:13:32.0941 4872 FltMgr - ok
    19:13:33.0024 4872 FontCache (b4447f606bb19fd8ad0bafb59b90f5d9) C:\Windows\system32\FntCache.dll
    19:13:33.0116 4872 FontCache - ok
    19:13:33.0206 4872 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
    19:13:33.0221 4872 FontCache3.0.0.0 - ok
    19:13:33.0274 4872 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
    19:13:33.0314 4872 FsDepends - ok
    19:13:33.0346 4872 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
    19:13:33.0381 4872 Fs_Rec - ok
    19:13:33.0454 4872 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
    19:13:33.0509 4872 fvevol - ok
    19:13:33.0544 4872 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
    19:13:33.0584 4872 gagp30kx - ok
    19:13:33.0731 4872 GamesAppService (c403c5db49a0f9aaf4f2128edc0106d8) C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
    19:13:33.0771 4872 GamesAppService - ok
    19:13:33.0838 4872 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
    19:13:33.0852 4872 GEARAspiWDM - ok
    19:13:33.0937 4872 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
    19:13:34.0006 4872 gpsvc - ok
    19:13:34.0150 4872 Greg_Service (816fd5a6f3c2f3d600900096632fc60e) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
    19:13:34.0196 4872 Greg_Service - ok
    19:13:34.0293 4872 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    19:13:34.0310 4872 gupdate - ok
    19:13:34.0362 4872 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    19:13:34.0377 4872 gupdatem - ok
    19:13:34.0419 4872 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
    19:13:34.0437 4872 gusvc - ok
    19:13:34.0565 4872 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
    19:13:34.0636 4872 hcw85cir - ok
    19:13:34.0720 4872 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
    19:13:34.0794 4872 HdAudAddService - ok
    19:13:34.0884 4872 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
    19:13:34.0934 4872 HDAudBus - ok
    19:13:34.0967 4872 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
    19:13:35.0005 4872 HidBatt - ok
    19:13:35.0050 4872 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
    19:13:35.0096 4872 HidBth - ok
    19:13:35.0128 4872 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
    19:13:35.0161 4872 HidIr - ok
    19:13:35.0196 4872 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
    19:13:35.0276 4872 hidserv - ok
    19:13:35.0319 4872 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
    19:13:35.0339 4872 HidUsb - ok
    19:13:35.0390 4872 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
    19:13:35.0501 4872 hkmsvc - ok
    19:13:35.0559 4872 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
    19:13:35.0627 4872 HomeGroupListener - ok
    19:13:35.0682 4872 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
    19:13:35.0715 4872 HomeGroupProvider - ok
    19:13:35.0759 4872 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
    19:13:35.0778 4872 HpSAMD - ok
    19:13:35.0998 4872 HPSLPSVC (5ecec779312ad35b1b19951a4b53fac1) C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
    19:13:36.0051 4872 HPSLPSVC - ok
    19:13:36.0116 4872 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
    19:13:36.0194 4872 HTTP - ok
    19:13:36.0235 4872 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
    19:13:36.0251 4872 hwpolicy - ok
    19:13:36.0303 4872 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
    19:13:36.0324 4872 i8042prt - ok
    19:13:36.0393 4872 iaStorV (3df4395a7cf8b7a72a5f4606366b8c2d) C:\Windows\system32\drivers\iaStorV.sys
    19:13:36.0421 4872 iaStorV - ok
    19:13:36.0568 4872 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
    19:13:36.0632 4872 idsvc - ok
    19:13:36.0660 4872 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
    19:13:36.0679 4872 iirsp - ok
    19:13:36.0770 4872 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
    19:13:36.0867 4872 IKEEXT - ok
    19:13:37.0304 4872 IntcAzAudAddService (0c3cf4b3bae28e121a1689e3538f8712) C:\Windows\system32\drivers\RTKVHD64.sys
    19:13:37.0375 4872 IntcAzAudAddService - ok
    19:13:37.0499 4872 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
    19:13:37.0516 4872 intelide - ok
    19:13:37.0552 4872 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
    19:13:37.0587 4872 intelppm - ok
    19:13:37.0636 4872 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
    19:13:37.0708 4872 IPBusEnum - ok
    19:13:37.0746 4872 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
    19:13:37.0815 4872 IpFilterDriver - ok
    19:13:37.0852 4872 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
    19:13:37.0888 4872 IPMIDRV - ok
    19:13:37.0948 4872 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
    19:13:38.0030 4872 IPNAT - ok
    19:13:38.0161 4872 iPod Service (46d249f9db7844cc01050a9345f0f61b) C:\Program Files\iPod\bin\iPodService.exe
    19:13:38.0202 4872 iPod Service - ok
    19:13:38.0337 4872 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
    19:13:38.0383 4872 IRENUM - ok
    19:13:38.0426 4872 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
    19:13:38.0463 4872 isapnp - ok
    19:13:38.0522 4872 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
    19:13:38.0573 4872 iScsiPrt - ok
    19:13:38.0610 4872 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
    19:13:38.0651 4872 kbdclass - ok
    19:13:38.0695 4872 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
    19:13:38.0748 4872 kbdhid - ok
    19:13:38.0788 4872 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
    19:13:38.0827 4872 KeyIso - ok
    19:13:38.0951 4872 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
    19:13:38.0989 4872 KSecDD - ok
    19:13:39.0153 4872 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
    19:13:39.0175 4872 KSecPkg - ok
    19:13:39.0208 4872 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
    19:13:39.0273 4872 ksthunk - ok
    19:13:39.0328 4872 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
    19:13:39.0408 4872 KtmRm - ok
    19:13:39.0442 4872 L1C (2377ec4cc3e356655b996f39b43486b6) C:\Windows\system32\DRIVERS\L1C62x64.sys
    19:13:39.0473 4872 L1C - ok
    19:13:39.0514 4872 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
    19:13:39.0589 4872 LanmanServer - ok
    19:13:39.0650 4872 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
    19:13:39.0782 4872 LanmanWorkstation - ok
    19:13:39.0831 4872 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
    19:13:39.0906 4872 lltdio - ok
    19:13:39.0986 4872 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
    19:13:40.0072 4872 lltdsvc - ok
    19:13:40.0094 4872 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
    19:13:40.0154 4872 lmhosts - ok
    19:13:40.0212 4872 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
    19:13:40.0232 4872 LSI_FC - ok
    19:13:40.0263 4872 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
    19:13:40.0283 4872 LSI_SAS - ok
    19:13:40.0333 4872 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
    19:13:40.0352 4872 LSI_SAS2 - ok
    19:13:40.0380 4872 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
    19:13:40.0401 4872 LSI_SCSI - ok
    19:13:40.0442 4872 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
    19:13:40.0511 4872 luafv - ok
    19:13:40.0583 4872 MBAMProtector (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys
    19:13:40.0615 4872 MBAMProtector - ok
    19:13:40.0776 4872 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
    19:13:40.0836 4872 MBAMService - ok
    19:13:40.0880 4872 McAfee SiteAdvisor Service - ok
    19:13:40.0938 4872 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
    19:13:40.0980 4872 Mcx2Svc - ok
    19:13:41.0021 4872 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
    19:13:41.0039 4872 megasas - ok
    19:13:41.0075 4872 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
    19:13:41.0100 4872 MegaSR - ok
    19:13:41.0180 4872 Microsoft Office Groove Audit Service (fafe367d032ed82e9332b4c741a20216) C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
    19:13:41.0197 4872 Microsoft Office Groove Audit Service - ok
    19:13:41.0229 4872 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
    19:13:41.0303 4872 MMCSS - ok
    19:13:41.0337 4872 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
    19:13:41.0407 4872 Modem - ok
    19:13:41.0433 4872 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
    19:13:41.0470 4872 monitor - ok
    19:13:41.0503 4872 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
    19:13:41.0522 4872 mouclass - ok
    19:13:41.0552 4872 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
    19:13:41.0583 4872 mouhid - ok
    19:13:41.0616 4872 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
    19:13:41.0634 4872 mountmgr - ok
    19:13:41.0737 4872 MozillaMaintenance (6380ff81dd4d78b23398752d2f46ea43) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
    19:13:41.0775 4872 MozillaMaintenance - ok
    19:13:41.0823 4872 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
    19:13:41.0866 4872 mpio - ok
    19:13:41.0904 4872 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
    19:13:41.0980 4872 mpsdrv - ok
    19:13:42.0024 4872 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
    19:13:42.0063 4872 MRxDAV - ok
    19:13:42.0104 4872 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
    19:13:42.0136 4872 mrxsmb - ok
    19:13:42.0184 4872 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
    19:13:42.0226 4872 mrxsmb10 - ok
    19:13:42.0266 4872 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
    19:13:42.0286 4872 mrxsmb20 - ok
    19:13:42.0316 4872 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
    19:13:42.0336 4872 msahci - ok
    19:13:42.0376 4872 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
    19:13:42.0396 4872 msdsm - ok
    19:13:42.0436 4872 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
    19:13:42.0476 4872 MSDTC - ok
    19:13:42.0506 4872 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
    19:13:42.0566 4872 Msfs - ok
    19:13:42.0576 4872 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
    19:13:42.0646 4872 mshidkmdf - ok
    19:13:42.0676 4872 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
    19:13:42.0696 4872 msisadrv - ok
    19:13:42.0736 4872 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
    19:13:42.0816 4872 MSiSCSI - ok
    19:13:42.0828 4872 msiserver - ok
    19:13:42.0856 4872 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
    19:13:42.0931 4872 MSKSSRV - ok
    19:13:42.0953 4872 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
    19:13:43.0019 4872 MSPCLOCK - ok
    19:13:43.0032 4872 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
    19:13:43.0115 4872 MSPQM - ok
    19:13:43.0170 4872 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
    19:13:43.0198 4872 MsRPC - ok
    19:13:43.0230 4872 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
    19:13:43.0248 4872 mssmbios - ok
    19:13:43.0283 4872 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
    19:13:43.0355 4872 MSTEE - ok
    19:13:43.0374 4872 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
    19:13:43.0408 4872 MTConfig - ok
    19:13:43.0446 4872 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
    19:13:43.0465 4872 Mup - ok
    19:13:43.0499 4872 mwlPSDFilter (6ffecc25b39dc7652a0cec0ada9db589) C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
    19:13:43.0514 4872 mwlPSDFilter - ok
    19:13:43.0525 4872 mwlPSDNServ (0befe32ca56d6ee89d58175725596a85) C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
    19:13:43.0539 4872 mwlPSDNServ - ok
    19:13:43.0559 4872 mwlPSDVDisk (d43bc633b8660463e446e28e14a51262) C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
    19:13:43.0575 4872 mwlPSDVDisk - ok
    19:13:43.0686 4872 MWLService (0f5faac852db4c340b7a2f187e3358b8) C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe
    19:13:43.0707 4872 MWLService - ok
    19:13:43.0764 4872 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
    19:13:43.0835 4872 napagent - ok
    19:13:43.0902 4872 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
    19:13:43.0986 4872 NativeWifiP - ok
    19:13:44.0090 4872 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
    19:13:44.0132 4872 NDIS - ok
    19:13:44.0169 4872 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
    19:13:44.0247 4872 NdisCap - ok
    19:13:44.0272 4872 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
    19:13:44.0330 4872 NdisTapi - ok
    19:13:44.0517 4872 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
    19:13:44.0621 4872 Ndisuio - ok
    19:13:44.0666 4872 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
    19:13:44.0732 4872 NdisWan - ok
    19:13:44.0769 4872 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
    19:13:44.0823 4872 NDProxy - ok
    19:13:44.0898 4872 Net Driver HPZ12 (dc6530a291d4bdf6df399f1f128e7f8f) C:\Windows\system32\HPZinw12.dll
    19:13:44.0906 4872 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
    19:13:44.0906 4872 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
    19:13:44.0955 4872 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
    19:13:45.0011 4872 NetBIOS - ok
    19:13:45.0057 4872 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
    19:13:45.0114 4872 NetBT - ok
    19:13:45.0142 4872 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
    19:13:45.0161 4872 Netlogon - ok
    19:13:45.0223 4872 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
    19:13:45.0307 4872 Netman - ok
    19:13:45.0356 4872 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
    19:13:45.0445 4872 netprofm - ok
    19:13:45.0523 4872 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
    19:13:45.0558 4872 NetTcpPortSharing - ok
    19:13:45.0592 4872 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
    19:13:45.0633 4872 nfrd960 - ok
    19:13:45.0723 4872 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
    19:13:45.0803 4872 NlaSvc - ok
    19:13:45.0826 4872 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
    19:13:45.0884 4872 Npfs - ok
    19:13:45.0921 4872 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
    19:13:45.0994 4872 nsi - ok
    19:13:46.0014 4872 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
    19:13:46.0067 4872 nsiproxy - ok
    19:13:46.0177 4872 Ntfs (05d78aa5cb5f3f5c31160bdb955d0b7c) C:\Windows\system32\drivers\Ntfs.sys
    19:13:46.0239 4872 Ntfs - ok
    19:13:46.0369 4872 NTIBackupSvc (fd324cce1d4d5bb5af65f8e55b462c7e) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
    19:13:46.0382 4872 NTIBackupSvc - ok
    19:13:46.0506 4872 NTIDrvr (64ddd0dee976302f4bd93e5efcc2f013) C:\Windows\system32\drivers\NTIDrvr.sys
    19:13:46.0536 4872 NTIDrvr - ok
    19:13:46.0581 4872 NTISchedulerSvc (3f6268a2ec33cd38cf75c880af8ded42) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
    19:13:46.0627 4872 NTISchedulerSvc - ok
    19:13:46.0668 4872 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
    19:13:46.0782 4872 Null - ok
    19:13:46.0827 4872 nvraid (5d9fd91f3d38dc9da01e3cb5fa89cd48) C:\Windows\system32\drivers\nvraid.sys
    19:13:46.0848 4872 nvraid - ok
    19:13:46.0896 4872 nvstor (f7cd50fe7139f07e77da8ac8033d1832) C:\Windows\system32\drivers\nvstor.sys
    19:13:46.0918 4872 nvstor - ok
    19:13:46.0954 4872 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
    19:13:46.0973 4872 nv_agp - ok
    19:13:47.0061 4872 odserv (84de1dd996b48b05ace31ad015fa108a) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
    19:13:47.0087 4872 odserv - ok
    19:13:47.0117 4872 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
    19:13:47.0145 4872 ohci1394 - ok
    19:13:47.0195 4872 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
    19:13:47.0215 4872 ose - ok
    19:13:47.0264 4872 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
    19:13:47.0321 4872 p2pimsvc - ok
    19:13:47.0367 4872 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
    19:13:47.0399 4872 p2psvc - ok
    19:13:47.0436 4872 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
    19:13:47.0460 4872 Parport - ok
    19:13:47.0497 4872 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
    19:13:47.0517 4872 partmgr - ok
    19:13:47.0555 4872 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
    19:13:47.0598 4872 PcaSvc - ok
    19:13:47.0642 4872 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
    19:13:47.0664 4872 pci - ok
    19:13:47.0684 4872 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
    19:13:47.0702 4872 pciide - ok
    19:13:47.0733 4872 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
    19:13:47.0755 4872 pcmcia - ok
    19:13:47.0778 4872 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
    19:13:47.0797 4872 pcw - ok
    19:13:47.0835 4872 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
    19:13:47.0916 4872 PEAUTH - ok
    19:13:47.0979 4872 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
    19:13:48.0016 4872 PerfHost - ok
    19:13:48.0137 4872 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
    19:13:48.0221 4872 pla - ok
    19:13:48.0283 4872 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
    19:13:48.0342 4872 PlugPlay - ok
    19:13:48.0414 4872 Pml Driver HPZ12 (71f62c51dfdfbc04c83c5c64b2b8058e) C:\Windows\system32\HPZipm12.dll
    19:13:48.0432 4872 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
    19:13:48.0432 4872 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
    19:13:48.0461 4872 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
    19:13:48.0483 4872 PNRPAutoReg - ok
    19:13:48.0518 4872 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
    19:13:48.0541 4872 PNRPsvc - ok
    19:13:48.0595 4872 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
    19:13:48.0667 4872 PolicyAgent - ok
    19:13:48.0707 4872 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
    19:13:48.0777 4872 Power - ok
    19:13:48.0895 4872 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
    19:13:49.0001 4872 PptpMiniport - ok
    19:13:49.0048 4872 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
    19:13:49.0090 4872 Processor - ok
    19:13:49.0136 4872 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
    19:13:49.0203 4872 ProfSvc - ok
    19:13:49.0243 4872 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
    19:13:49.0262 4872 ProtectedStorage - ok
    19:13:49.0316 4872 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
    19:13:49.0380 4872 Psched - ok
    19:13:49.0481 4872 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
    19:13:49.0539 4872 ql2300 - ok
    19:13:49.0640 4872 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
    19:13:49.0660 4872 ql40xx - ok
    19:13:49.0701 4872 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
    19:13:49.0733 4872 QWAVE - ok
    19:13:49.0754 4872 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
    19:13:49.0795 4872 QWAVEdrv - ok
    19:13:49.0833 4872 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
    19:13:49.0898 4872 RasAcd - ok
    19:13:49.0943 4872 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
    19:13:50.0000 4872 RasAgileVpn - ok
    19:13:50.0031 4872 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
    19:13:50.0105 4872 RasAuto - ok
    19:13:50.0161 4872 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
    19:13:50.0234 4872 Rasl2tp - ok
    19:13:50.0290 4872 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
    19:13:50.0352 4872 RasMan - ok
    19:13:50.0405 4872 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
    19:13:50.0479 4872 RasPppoe - ok
    19:13:50.0611 4872 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
    19:13:50.0732 4872 RasSstp - ok
    19:13:50.0797 4872 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
    19:13:50.0898 4872 rdbss - ok
    19:13:50.0929 4872 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
    19:13:50.0972 4872 rdpbus - ok
    19:13:50.0986 4872 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
    19:13:51.0051 4872 RDPCDD - ok
    19:13:51.0078 4872 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
    19:13:51.0151 4872 RDPENCDD - ok
    19:13:51.0179 4872 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
    19:13:51.0235 4872 RDPREFMP - ok
    19:13:51.0269 4872 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
    19:13:51.0319 4872 RDPWD - ok
    19:13:51.0360 4872 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
    19:13:51.0386 4872 rdyboost - ok
    19:13:51.0424 4872 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
    19:13:51.0496 4872 RemoteAccess - ok
    19:13:51.0534 4872 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
    19:13:51.0648 4872 RemoteRegistry - ok
    19:13:51.0671 4872 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
    19:13:51.0735 4872 RpcEptMapper - ok
    19:13:51.0767 4872 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
    19:13:51.0802 4872 RpcLocator - ok
    19:13:51.0855 4872 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
    19:13:51.0915 4872 RpcSs - ok
    19:13:51.0947 4872 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
    19:13:52.0013 4872 rspndr - ok
    19:13:52.0042 4872 RSUSBSTOR - ok
    19:13:52.0061 4872 RtsUIR - ok
    19:13:52.0087 4872 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
    19:13:52.0106 4872 SamSs - ok
    19:13:52.0143 4872 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
    19:13:52.0163 4872 sbp2port - ok
    19:13:52.0210 4872 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
    19:13:52.0287 4872 SCardSvr - ok
    19:13:52.0322 4872 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
    19:13:52.0374 4872 scfilter - ok
    19:13:52.0460 4872 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
    19:13:52.0534 4872 Schedule - ok
    19:13:52.0577 4872 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
    19:13:52.0630 4872 SCPolicySvc - ok
    19:13:52.0648 4872 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
    19:13:52.0698 4872 SDRSVC - ok
    19:13:52.0753 4872 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
    19:13:52.0869 4872 secdrv - ok
    19:13:52.0900 4872 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
    19:13:52.0963 4872 seclogon - ok
    19:13:52.0990 4872 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
    19:13:53.0063 4872 SENS - ok
    19:13:53.0077 4872 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
    19:13:53.0119 4872 SensrSvc - ok
    19:13:53.0140 4872 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
    19:13:53.0174 4872 Serenum - ok
    19:13:53.0192 4872 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
    19:13:53.0220 4872 Serial - ok
    19:13:53.0272 4872 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
    19:13:53.0307 4872 sermouse - ok
    19:13:53.0364 4872 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
    19:13:53.0439 4872 SessionEnv - ok
    19:13:53.0462 4872 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
    19:13:53.0496 4872 sffdisk - ok
    19:13:53.0509 4872 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
    19:13:53.0546 4872 sffp_mmc - ok
    19:13:53.0575 4872 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
    19:13:53.0615 4872 sffp_sd - ok
    19:13:53.0644 4872 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
    19:13:53.0663 4872 sfloppy - ok
    19:13:53.0729 4872 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
    19:13:53.0818 4872 SharedAccess - ok
    19:13:53.0868 4872 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
    19:13:53.0941 4872 ShellHWDetection - ok
    19:13:53.0961 4872 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
    19:13:53.0978 4872 SiSRaid2 - ok
    19:13:54.0006 4872 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
    19:13:54.0025 4872 SiSRaid4 - ok
    19:13:54.0056 4872 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
    19:13:54.0111 4872 Smb - ok
    19:13:54.0153 4872 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
    19:13:54.0190 4872 SNMPTRAP - ok
    19:13:54.0221 4872 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
    19:13:54.0237 4872 spldr - ok
    19:13:54.0302 4872 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
    19:13:54.0367 4872 Spooler - ok
    19:13:54.0570 4872 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
    19:13:54.0718 4872 sppsvc - ok
    19:13:54.0834 4872 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
    19:13:54.0944 4872 sppuinotify - ok
    19:13:55.0035 4872 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
    19:13:55.0077 4872 srv - ok
    19:13:55.0132 4872 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
    19:13:55.0169 4872 srv2 - ok
    19:13:55.0213 4872 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
    19:13:55.0246 4872 srvnet - ok
    19:13:55.0292 4872 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
    19:13:55.0371 4872 SSDPSRV - ok
    19:13:55.0393 4872 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
    19:13:55.0451 4872 SstpSvc - ok
    19:13:55.0477 4872 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
    19:13:55.0493 4872 stexstor - ok
    19:13:55.0541 4872 StillCam (decacb6921ded1a38642642685d77dac) C:\Windows\system32\DRIVERS\serscan.sys
    19:13:55.0575 4872 StillCam - ok
    19:13:55.0642 4872 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
    19:13:55.0711 4872 stisvc - ok
    19:13:55.0741 4872 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
    19:13:55.0757 4872 swenum - ok
    19:13:55.0806 4872 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
    19:13:55.0889 4872 swprv - ok
    19:13:55.0941 4872 SynTP (bcf305959b53b200ceb2ad25ad22f8a7) C:\Windows\system32\DRIVERS\SynTP.sys
    19:13:55.0963 4872 SynTP - ok
    19:13:56.0133 4872 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
    19:13:56.0252 4872 SysMain - ok
    19:13:56.0397 4872 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
    19:13:56.0459 4872 TabletInputService - ok
    19:13:56.0701 4872 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
    19:13:56.0824 4872 TapiSrv - ok
    19:13:56.0848 4872 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
    19:13:56.0907 4872 TBS - ok
    19:13:57.0057 4872 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
    19:13:57.0129 4872 Tcpip - ok
    19:13:57.0374 4872 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
    19:13:57.0433 4872 TCPIP6 - ok
    19:13:57.0545 4872 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
    19:13:57.0619 4872 tcpipreg - ok
    19:13:57.0656 4872 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
    19:13:57.0699 4872 TDPIPE - ok
    19:13:57.0730 4872 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
    19:13:57.0763 4872 TDTCP - ok
    19:13:57.0803 4872 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
    19:13:57.0858 4872 tdx - ok
    19:13:57.0908 4872 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
    19:13:57.0943 4872 TermDD - ok
    19:13:58.0013 4872 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
    19:13:58.0143 4872 TermService - ok
    19:13:58.0183 4872 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
    19:13:58.0223 4872 Themes - ok
    19:13:58.0258 4872 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
    19:13:58.0319 4872 THREADORDER - ok
    19:13:58.0360 4872 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
    19:13:58.0432 4872 TrkWks - ok
    19:13:58.0503 4872 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
    19:13:58.0579 4872 TrustedInstaller - ok
    19:13:58.0620 4872 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
    19:13:58.0690 4872 tssecsrv - ok
    19:13:58.0740 4872 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
    19:13:58.0775 4872 TsUsbFlt - ok
    19:13:58.0915 4872 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
    19:13:59.0009 4872 tunnel - ok
    19:13:59.0088 4872 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
    19:13:59.0109 4872 uagp35 - ok
    19:13:59.0156 4872 UBHelper (2e22c1fd397a5a9ffef55e9d1fc96c00) C:\Windows\system32\drivers\UBHelper.sys
    19:13:59.0170 4872 UBHelper - ok
    19:13:59.0260 4872 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
    19:13:59.0328 4872 udfs - ok
    19:13:59.0379 4872 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
    19:13:59.0402 4872 UI0Detect - ok
    19:13:59.0450 4872 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
    19:13:59.0469 4872 uliagpkx - ok
    19:13:59.0508 4872 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
    19:13:59.0562 4872 umbus - ok
    19:13:59.0583 4872 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
    19:13:59.0614 4872 UmPass - ok
    19:13:59.0700 4872 Updater Service (70dde3a86dbeb1d6c3c30ad687b1877a) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
    19:13:59.0720 4872 Updater Service - ok
    19:13:59.0768 4872 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
    19:13:59.0860 4872 upnphost - ok
    19:13:59.0952 4872 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
    19:14:00.0021 4872 USBAAPL64 - ok
    19:14:00.0080 4872 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
    19:14:00.0105 4872 usbaudio - ok
    19:14:00.0147 4872 usbbus (c85b8247fadd432fa54fe11667c8d97d) C:\Windows\system32\DRIVERS\lgx64bus.sys
    19:14:00.0176 4872 usbbus - ok
    19:14:00.0218 4872 usbccgp (481dff26b4dca8f4cbac1f7dce1d6829) C:\Windows\system32\DRIVERS\usbccgp.sys
    19:14:00.0252 4872 usbccgp - ok
    19:14:00.0257 4872 USBCCID - ok
    19:14:00.0318 4872 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
    19:14:00.0345 4872 usbcir - ok
    19:14:00.0393 4872 UsbDiag (d8cdc12f5429878f23ddb3785a0fdf95) C:\Windows\system32\DRIVERS\lgx64diag.sys
    19:14:00.0424 4872 UsbDiag - ok
    19:14:00.0470 4872 usbehci (74ee782b1d9c241efe425565854c661c) C:\Windows\system32\drivers\usbehci.sys
    19:14:00.0491 4872 usbehci - ok
    19:14:00.0522 4872 usbfilter (6648c6d7323a2ce0c4776c36cefbcb14) C:\Windows\system32\DRIVERS\usbfilter.sys
    19:14:00.0537 4872 usbfilter - ok
    19:14:00.0603 4872 usbhub (dc96bd9ccb8403251bcf25047573558e) C:\Windows\system32\drivers\usbhub.sys
    19:14:00.0647 4872 usbhub - ok
    19:14:00.0691 4872 USBModem (79fa7a22b0f6f0082f640cbc82a00fce) C:\Windows\system32\DRIVERS\lgx64modem.sys
    19:14:00.0708 4872 USBModem - ok
    19:14:00.0734 4872 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\drivers\usbohci.sys
    19:14:00.0754 4872 usbohci - ok
    19:14:00.0789 4872 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
    19:14:00.0827 4872 usbprint - ok
    19:14:00.0863 4872 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
    19:14:00.0897 4872 usbscan - ok
    19:14:00.0946 4872 USBSTOR (d76510cfa0fc09023077f22c2f979d86) C:\Windows\system32\DRIVERS\USBSTOR.SYS
    19:14:01.0008 4872 USBSTOR - ok
    19:14:01.0039 4872 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\drivers\usbuhci.sys
    19:14:01.0074 4872 usbuhci - ok
    19:14:01.0118 4872 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
    19:14:01.0145 4872 usbvideo - ok
    19:14:01.0178 4872 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
    19:14:01.0246 4872 UxSms - ok
    19:14:01.0279 4872 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
    19:14:01.0301 4872 VaultSvc - ok
    19:14:01.0339 4872 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
    19:14:01.0360 4872 vdrvroot - ok
    19:14:01.0434 4872 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
    19:14:01.0504 4872 vds - ok
    19:14:01.0540 4872 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
    19:14:01.0566 4872 vga - ok
    19:14:01.0588 4872 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
    19:14:01.0660 4872 VgaSave - ok
    19:14:01.0696 4872 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
    19:14:01.0720 4872 vhdmp - ok
    19:14:01.0766 4872 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
    19:14:01.0783 4872 viaide - ok
    19:14:01.0826 4872 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
    19:14:01.0846 4872 volmgr - ok
    19:14:01.0918 4872 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
    19:14:01.0968 4872 volmgrx - ok
    19:14:02.0040 4872 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
    19:14:02.0090 4872 volsnap - ok
    19:14:02.0146 4872 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
    19:14:02.0186 4872 vsmraid - ok
    19:14:02.0294 4872 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
    19:14:02.0398 4872 VSS - ok
    19:14:02.0507 4872 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
    19:14:02.0549 4872 vwifibus - ok
    19:14:02.0582 4872 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
    19:14:02.0629 4872 vwififlt - ok
    19:14:02.0914 4872 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
    19:14:03.0027 4872 W32Time - ok
    19:14:03.0064 4872 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
    19:14:03.0083 4872 WacomPen - ok
    19:14:03.0138 4872 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
    19:14:03.0203 4872 WANARP - ok
    19:14:03.0217 4872 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
    19:14:03.0270 4872 Wanarpv6 - ok
    19:14:03.0367 4872 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
    19:14:03.0422 4872 WatAdminSvc - ok
    19:14:03.0533 4872 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
    19:14:03.0610 4872 wbengine - ok
    19:14:03.0732 4872 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
    19:14:03.0784 4872 WbioSrvc - ok
    19:14:03.0832 4872 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
    19:14:03.0888 4872 wcncsvc - ok
    19:14:03.0923 4872 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
    19:14:03.0954 4872 WcsPlugInService - ok
    19:14:04.0006 4872 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
    19:14:04.0023 4872 Wd - ok
    19:14:04.0069 4872 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
    19:14:04.0105 4872 Wdf01000 - ok
    19:14:04.0123 4872 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
    19:14:04.0221 4872 WdiServiceHost - ok
    19:14:04.0232 4872 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
    19:14:04.0292 4872 WdiSystemHost - ok
    19:14:04.0350 4872 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
    19:14:04.0402 4872 WebClient - ok
    19:14:04.0443 4872 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
    19:14:04.0518 4872 Wecsvc - ok
    19:14:04.0546 4872 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
    19:14:04.0625 4872 wercplsupport - ok
    19:14:04.0673 4872 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
    19:14:04.0749 4872 WerSvc - ok
    19:14:04.0802 4872 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
    19:14:04.0858 4872 WfpLwf - ok
    19:14:04.0879 4872 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
    19:14:04.0897 4872 WIMMount - ok
    19:14:04.0906 4872 WinHttpAutoProxySvc - ok
    19:14:04.0967 4872 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
    19:14:05.0044 4872 Winmgmt - ok
    19:14:05.0229 4872 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
    19:14:05.0379 4872 WinRM - ok
    19:14:05.0541 4872 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
    19:14:05.0615 4872 Wlansvc - ok
    19:14:05.0684 4872 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
    19:14:05.0722 4872 WmiAcpi - ok
    19:14:05.0799 4872 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
    19:14:05.0866 4872 wmiApSrv - ok
    19:14:05.0954 4872 WMPNetworkSvc - ok
    19:14:05.0982 4872 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
    19:14:06.0013 4872 WPCSvc - ok
    19:14:06.0052 4872 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
    19:14:06.0076 4872 WPDBusEnum - ok
    19:14:06.0098 4872 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
    19:14:06.0152 4872 ws2ifsl - ok
    19:14:06.0157 4872 WSearch - ok
    19:14:06.0371 4872 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
    19:14:06.0456 4872 wuauserv - ok
    19:14:06.0589 4872 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
    19:14:06.0646 4872 WudfPf - ok
    19:14:06.0676 4872 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
    19:14:06.0743 4872 WUDFRd - ok
    19:14:06.0787 4872 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
    19:14:06.0841 4872 wudfsvc - ok
    19:14:06.0878 4872 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
    19:14:06.0923 4872 WwanSvc - ok
    19:14:06.0969 4872 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
    19:14:08.0395 4872 \Device\Harddisk0\DR0 - ok
    19:14:08.0439 4872 Boot (0x1200) (13617ee56089c7f3460ae80446d8d77e) \Device\Harddisk0\DR0\Partition0
    19:14:08.0440 4872 \Device\Harddisk0\DR0\Partition0 - ok
    19:14:08.0455 4872 Boot (0x1200) (0f13e7e7625077c117e47defa2bc2590) \Device\Harddisk0\DR0\Partition1
    19:14:08.0457 4872 \Device\Harddisk0\DR0\Partition1 - ok
    19:14:08.0460 4872 ============================================================
    19:14:08.0460 4872 Scan finished
    19:14:08.0460 4872 ============================================================
    19:14:08.0485 4192 Detected object count: 2
    19:14:08.0485 4192 Actual detected object count: 2
    19:14:41.0476 4192 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
    19:14:41.0476 4192 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
    19:14:41.0482 4192 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
    19:14:41.0483 4192 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
     

    Attached Files:

  6. Gizzy

    Gizzy Malware Specialist

    Joined:
    Aug 2, 2005
    Messages:
    3,832
    Backdoor Trojan
    I'm afraid I have some bad news for you, Your DDS logs show that you have a Zero Access rootkit infection. This infection has remote access capabilities.
    It likely came from using the computer without an antivirus program.

    Backdoor Trojans are the most dangerous and most widespread type of Trojan. Backdoor Trojans provide the author or "master" of the Trojan with remote "administration" of victims machines. Unlike legitimate remote administration utilities, they install, launch and run invisibly, without the consent or knowledge of the user. Once installed, Backdoor Trojans can be instructed to send, receive, execute and delete files, harvest confidential data from the computer, log activity on the computer, change settings on the computer and more. Please read this article by Roger A. Grimes on Remote Access Trojans it will give you an Idea of the severity of the type of infection you have.

    What are Remote Access Trojans and why are they dangerous


    You are strongly advised to do the following:

    • Disconnect the computer from the Internet and from any networked computers until it is cleaned.
    • Back up all your important data except programs. The programs can be reinstalled back from the original disc or from the Net.
    • Call all your banks, financial institutions, credit card companies and inform them that you may be a victim of identity theft and put a watch on your accounts. If you don't mind the hassle, change all your account numbers.
    • From a clean computer, change all your passwords (ISP login password, your email address(es) passwords, financial accounts, PayPal, eBay, Amazon, online groups and forums and any other online activities you carry out which require a username and password).

    Do NOT change your passwords from this computer as the attacker will be able to get all the new passwords and transaction records.


    How do I respond to possible identity theft and how do I prevent it


    Because of the severity and the capabilities of this type of virus, (it cannot be known what changes to your system it has made or if it opened up other ways into your system) The only responsible course of action I can advise is to reformat your computer and reinstall windows.

    Further reading:
    When should I do a reformat and reinstallation of my OS
    Windows 7 Backup and Restore
    How To Use Backup and Restore in Windows 7


    Some versions of this infection are extremely difficult to remove, and if you opt for us to clean your computer there is a possibility that you may lose connection to the internet, in which case you'll need to have access to another computer so you can contact us. We will of course attempt to resolve the connection issues if they happen, but I can give no guarantee that you may not have to reformat after all.

    Please let me know how you would like to proceed.
    Should you have any questions please feel free to ask.
     
  7. rjf322

    rjf322 Thread Starter

    Joined:
    Jun 24, 2012
    Messages:
    5
    Wow that is indeed not good news, but thank you so much for your help in diagnosing!

    I am going to reformat windows.

    To confirm, reformatting will 100% remove the virus from the machine, and I'll be able to install the proper protection so we avoid reinfection?

    Thanks Gizzy!
     
  8. Gizzy

    Gizzy Malware Specialist

    Joined:
    Aug 2, 2005
    Messages:
    3,832
    Hi rjf322,
    Reformatting is the best option.

    Yes a complete reformat will remove the malware.

    Here is a great guide I recommend you read to help avoid being infected again - COMPUTER SECURITY - a short guide to staying safer online

    I'd be grateful if you could reply to this post so that I know you have read it, and if you have no other questions, the thread can be marked solved.
     
  9. rjf322

    rjf322 Thread Starter

    Joined:
    Jun 24, 2012
    Messages:
    5
    Thank you Gizzy - we can close this thread!
     
  10. Gizzy

    Gizzy Malware Specialist

    Joined:
    Aug 2, 2005
    Messages:
    3,832
    You're welcome. :)
     
  11. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1058381