Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Please Help for Malware Removal [Closed]

Started by kingfisher3210 , Sep 23 2012 08:29 AM

  • This topic is locked This topic is locked

#16
Essexboy
Posted 25 September 2012 - 01:57 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK that job has returned .. Now I need to determine why and how

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following
    Posted Image

    :OTL
O4 - HKU\S-1-5-21-3807445768-3563054489-1376992915-1000..\Run: [Wisdom-soft ScreenHunter 5.1 Plus] 0 File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
[2012/09/22 00:52:29 | 000,000,318 | ---- | C] () -- C:\Windows\tasks\wkqvwvtid.job
[2012/09/22 00:52:28 | 000,126,976 | RHS- | C] () -- C:\Windows\System32\difxapid.dll
[2012/02/13 22:47:25 | 000,004,037 | ---- | C] () -- C:\Windows\System32\doc-0o-4.com-viewer-securedownload-5sj8mc9cp1vsrvk6n9j6e1hdqqd6fhce-umh5ev1fv5oufk72sfjgcqlasjd3ief4-1329152400000-Z21haWw=-AGZ5hq_U1cWSHHkQejQOuHY9ERti-MTM1NzdiNDZiYjIxZmZkZXwwLjEuMC4xLjAuMQ==.lnk

:Commands
[purity]
[resethosts]
[emptytemp]
[CREATERESTOREPOINT]
[Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

THEN

Not all options will be available on the following programme

Scanning with GMER

Before scanning, make sure all other running programs are closed and no other actions like a scheduled antivirus scan will occur while the scan is being performed. Do not use your computer for anything else during the scan.

Posted Image
Download GMER Rootkit Scanner from here or here.
  • Extract the contents of the zipped file to desktop.
  • Double click GMER.exe. If asked to allow gmer.sys driver to load, please consent .
  • If it gives you a warning about rootkit activity and asks if you want to run scan...click on NO.

    Posted Image
    Click the image to enlarge it
  • In the right panel, you will see several boxes that have been checked. Uncheck the following ...
    • IAT/EAT
    • Drives/Partition other than Systemdrive (typically C:\)
    • Show All (don't miss this one)
  • Then click the Scan button & wait for it to finish.
  • Once done click on the [Save..] button, and in the File name area, type in "Gmer.txt" or it will save as a .log file which cannot be uploaded to your post.
  • Save it where you can easily find it, such as your desktop, and attach it in your reply.

Notes:
[I]**Caution**
Rootkit scans often produce false positives. Do NOT take any action on any "<--- ROOKIT" entries

[i]-- If you encounter any problems, try running GMER in safe mode.
-- If GMER crashes or keeps resulting in a BSODs, uncheck Devices on the right side before scanning
  • 0

Advertisements

#17
kingfisher3210
Posted 25 September 2012 - 02:23 PM

kingfisher3210

    Member

  • Topic Starter
  • Member
  • PipPip
  • 42 posts
I just observed i missed notepad/combo fix step. I have now done that step. I will do OTL and GMER step.


ComboFix 12-09-24.03 - Akhil Baveja 26-09-2012 1:32.2.4 - x86
Microsoft Windows 7 Starter 6.1.7601.1.1252.91.1033.18.1012.346 [GMT 5.5:30]
Running from: c:\users\Akhil Baveja\Downloads\ComboFix.exe
Command switches used :: c:\users\Akhil Baveja\Downloads\CFScript.txt
AV: Microsoft Security Essentials *Enabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
SP: Microsoft Security Essentials *Enabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\system32\difxapid.dll"
"c:\windows\Tasks\wkqvwvtid.job"
.
.
((((((((((((((((((((((((( Files Created from 2012-08-25 to 2012-09-25 )))))))))))))))))))))))))))))))
.
.
2012-09-25 20:15 . 2012-09-25 20:15 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-09-25 05:59 . 2012-09-25 05:59 -------- d-----w- c:\users\Akhil Baveja\AppData\Roaming\Malwarebytes
2012-09-25 05:59 . 2012-09-25 05:59 -------- d-----w- c:\programdata\Malwarebytes
2012-09-25 05:59 . 2012-09-25 05:59 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-09-25 05:59 . 2012-09-07 11:34 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-09-24 19:46 . 2012-08-30 08:17 6980552 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1B6CB562-0603-41FB-81AF-3D4161BD3FF8}\mpengine.dll
2012-09-23 20:04 . 2012-09-23 20:04 -------- d-----w- C:\_OTL
2012-09-22 15:51 . 2012-09-22 15:51 388096 ----a-r- c:\users\Akhil Baveja\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-09-22 15:51 . 2012-09-22 15:51 -------- d-----w- c:\program files\Trend Micro
2012-09-21 19:22 . 2012-09-21 19:22 126976 --sha-r- c:\windows\system32\difxapid.dll
2012-09-21 12:54 . 2012-08-30 08:17 6980552 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-09-12 16:15 . 2012-08-22 17:16 712048 ----a-w- c:\windows\system32\drivers\ndis.sys
2012-09-12 16:15 . 2012-07-04 19:45 33280 ----a-w- c:\windows\system32\drivers\RNDISMP.sys
2012-09-12 16:15 . 2012-08-22 17:16 1292144 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-09-12 16:15 . 2012-08-22 17:16 240496 ----a-w- c:\windows\system32\drivers\netio.sys
2012-09-12 16:15 . 2012-08-22 17:16 187760 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2012-09-12 16:14 . 2012-08-02 16:57 490496 ----a-w- c:\windows\system32\d3d10level9.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-18 17:47 . 2012-08-16 07:33 2345984 ----a-w- c:\windows\system32\win32k.sys
2012-07-06 19:23 . 2012-08-16 21:34 393728 ----a-w- c:\windows\system32\drivers\bthport.sys
2012-07-04 21:14 . 2012-08-16 07:32 41984 ----a-w- c:\windows\system32\browcli.dll
2012-07-04 21:14 . 2012-08-16 07:32 102912 ----a-w- c:\windows\system32\browser.dll
2012-04-05 10:49 . 2011-12-23 09:33 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Wisdom-soft ScreenHunter 5.1 Plus"="0" [X]
"Messenger (Yahoo!)"="e:\\Messenger\YahooMessenger.exe" [2011-06-16 6276408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2010-11-06 283160]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2011-02-11 10025576]
"SuiteTray"="c:\program files\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [2010-09-28 340336]
"EgisTecPMMUpdate"="c:\program files\EgisTec IPS\PmmUpdate.exe" [2010-09-17 407920]
"EgisUpdate"="c:\program files\EgisTec IPS\EgisUpdate.exe" [2010-09-17 201584]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-01-11 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-01-11 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-01-11 150552]
"LManager"="c:\program files\Launch Manager\LManager.exe" [2011-03-14 1081424]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-10-08 1934632]
"Power Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2011-02-23 715368]
"iSyncData"="c:\program files\Acer\Android Manager\iSync.exe" [2011-05-10 408128]
"AndroidManager"="c:\program files\Acer\Android Manager\AML.exe" [2011-05-10 508992]
"iPatchData"="c:\program files\Acer\Updater\iUpdate.exe" [2011-05-10 492096]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 931200]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"IsMyWinLockerReboot"="msiexec.exe" [2010-11-20 73216]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Acer VCM.lnk - c:\program files\Acer\Acer VCM\AcerVCM.exe [2011-5-12 704104]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R1 MpKsl00cf017c;MpKsl00cf017c;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{592C9A2B-F81E-4140-8296-5836472582C4}\MpKsl00cf017c.sys [x]
R1 MpKsl016e5b84;MpKsl016e5b84;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{7A811974-143C-4192-810F-E526ED6E58C9}\MpKsl016e5b84.sys [x]
R1 MpKsl02dbef18;MpKsl02dbef18;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E6731360-4E36-484C-AE4A-C964F375BDE1}\MpKsl02dbef18.sys [x]
R1 MpKsl030b0605;MpKsl030b0605;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{65B39A30-6E27-4BFC-B148-2F8BD88F9875}\MpKsl030b0605.sys [x]
R1 MpKsl04819391;MpKsl04819391;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{0C8F2FC8-5167-435F-8DBD-2605F723E28B}\MpKsl04819391.sys [x]
R1 MpKsl0641446a;MpKsl0641446a;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{2435138B-C207-4436-9C21-7BCBD68F10CE}\MpKsl0641446a.sys [x]
R1 MpKsl065c61dd;MpKsl065c61dd;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{817BB6C2-512A-4B9F-9E65-F1D79D1BDD5A}\MpKsl065c61dd.sys [x]
R1 MpKsl06ad743b;MpKsl06ad743b;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{763AB2EA-F204-4FCB-8628-DF53D9D5B85C}\MpKsl06ad743b.sys [x]
R1 MpKsl0800b086;MpKsl0800b086;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4AAF7265-7C68-4649-97CD-87153FA28C59}\MpKsl0800b086.sys [x]
R1 MpKsl084932dc;MpKsl084932dc;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{6AA6604E-B3CD-4B84-B64D-743B9BE26E39}\MpKsl084932dc.sys [x]
R1 MpKsl0afc50cc;MpKsl0afc50cc;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{C9200220-4401-46EB-9B7B-0D7578DFE4CA}\MpKsl0afc50cc.sys [x]
R1 MpKsl0d77b33e;MpKsl0d77b33e;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A4F46F46-F4EA-46AA-8BF0-91F8C42026D2}\MpKsl0d77b33e.sys [x]
R1 MpKsl0db3a256;MpKsl0db3a256;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{686F8D9F-7DFB-4123-962E-D524A41B8F07}\MpKsl0db3a256.sys [x]
R1 MpKsl0e82d3ac;MpKsl0e82d3ac;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F1DAEE56-5BF9-4C3A-9888-2BF33891348E}\MpKsl0e82d3ac.sys [x]
R1 MpKsl1010d031;MpKsl1010d031;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{C693B576-85EA-4AF2-9527-B45F01B372F1}\MpKsl1010d031.sys [x]
R1 MpKsl10d13f7d;MpKsl10d13f7d;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E67270D3-2F8E-4AD2-9928-B3FBCE43821E}\MpKsl10d13f7d.sys [x]
R1 MpKsl1543184b;MpKsl1543184b;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{35C15002-65A0-4EB0-8392-17CCE6A9CD82}\MpKsl1543184b.sys [x]
R1 MpKsl16c6f296;MpKsl16c6f296;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{C93BCF6E-CBF5-4FF2-ADCF-1128BDE2E0C5}\MpKsl16c6f296.sys [x]
R1 MpKsl175c11c3;MpKsl175c11c3;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{6801923D-6C98-4F19-9935-1AF0D75C79CC}\MpKsl175c11c3.sys [x]
R1 MpKsl175dbe8b;MpKsl175dbe8b;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4AAF7265-7C68-4649-97CD-87153FA28C59}\MpKsl175dbe8b.sys [x]
R1 MpKsl1a1cb220;MpKsl1a1cb220;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{75F901F6-310E-453C-8A7B-15403DEE0D7A}\MpKsl1a1cb220.sys [x]
R1 MpKsl1a8bab1e;MpKsl1a8bab1e;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{507FFA38-3D20-4DB9-9990-16B8C2986AA9}\MpKsl1a8bab1e.sys [x]
R1 MpKsl1b0a817c;MpKsl1b0a817c;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{39EDEA56-4AF3-4675-952A-85AB8E21BDDD}\MpKsl1b0a817c.sys [x]
R1 MpKsl1bc93270;MpKsl1bc93270;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{61699DE3-FAF0-4100-AD28-E139BBBEA028}\MpKsl1bc93270.sys [x]
R1 MpKsl1c8a8c50;MpKsl1c8a8c50;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BA7CDA28-6FE4-41D5-ABC9-428C8B897FE7}\MpKsl1c8a8c50.sys [x]
R1 MpKsl1ff5b50f;MpKsl1ff5b50f;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D466E7F0-ABFE-4BF9-AEFF-7A6B470ECE95}\MpKsl1ff5b50f.sys [x]
R1 MpKsl215a7d0e;MpKsl215a7d0e;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D7775643-145D-4848-B4BC-51957DD2C503}\MpKsl215a7d0e.sys [x]
R1 MpKsl22b466c0;MpKsl22b466c0;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{639B94F3-05D4-4638-84E3-96A97557F47B}\MpKsl22b466c0.sys [x]
R1 MpKsl23511d90;MpKsl23511d90;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{DDA39423-3BEE-4887-ADB5-C7B142041B80}\MpKsl23511d90.sys [x]
R1 MpKsl247b440a;MpKsl247b440a;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{77AC7797-FA37-4A49-BF05-9B96F1429127}\MpKsl247b440a.sys [x]
R1 MpKsl25974fdd;MpKsl25974fdd;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{6F84F3CA-5817-457F-9F30-E2FC39965926}\MpKsl25974fdd.sys [x]
R1 MpKsl26fd884d;MpKsl26fd884d;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B64014E5-4136-4CD0-8113-847453D219CB}\MpKsl26fd884d.sys [x]
R1 MpKsl2951948a;MpKsl2951948a;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{96C20DD7-AFBB-4FD0-9D47-84D326542D45}\MpKsl2951948a.sys [x]
R1 MpKsl299db2bf;MpKsl299db2bf;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{89129128-A246-425E-9064-A163F30156C3}\MpKsl299db2bf.sys [x]
R1 MpKsl2c092542;MpKsl2c092542;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{9F723B4E-1363-43E7-93FB-F7DBD1A734D0}\MpKsl2c092542.sys [x]
R1 MpKsl321d210f;MpKsl321d210f;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{61EAD053-A5E4-4463-BBE2-D1FDF9DF45D4}\MpKsl321d210f.sys [x]
R1 MpKsl3552e5d9;MpKsl3552e5d9;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4F555093-FEEC-4BA3-8179-821EBDF1E619}\MpKsl3552e5d9.sys [x]
R1 MpKsl37aaca1d;MpKsl37aaca1d;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{503E92E6-27C7-403C-9BA6-301930245543}\MpKsl37aaca1d.sys [x]
R1 MpKsl3822fce0;MpKsl3822fce0;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{DA18841B-A5BF-419F-B25E-5A87AE455070}\MpKsl3822fce0.sys [x]
R1 MpKsl388a373f;MpKsl388a373f;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{AE0F988F-6461-4644-926A-826A7993D796}\MpKsl388a373f.sys [x]
R1 MpKsl3a89a42b;MpKsl3a89a42b;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B64014E5-4136-4CD0-8113-847453D219CB}\MpKsl3a89a42b.sys [x]
R1 MpKsl3e1e6704;MpKsl3e1e6704;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A60C0A22-96CB-4543-B8F1-E5F76A9EA7BD}\MpKsl3e1e6704.sys [x]
R1 MpKsl4395796c;MpKsl4395796c;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{2E9FB65E-1258-4CBD-AC75-F7769C4DE9E1}\MpKsl4395796c.sys [x]
R1 MpKsl45b6953f;MpKsl45b6953f;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{6AA6604E-B3CD-4B84-B64D-743B9BE26E39}\MpKsl45b6953f.sys [x]
R1 MpKsl45db01c1;MpKsl45db01c1;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{40A9D23C-78A1-49C6-8C8E-8996360F1093}\MpKsl45db01c1.sys [x]
R1 MpKsl466e1bef;MpKsl466e1bef;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{62CAF5F3-0C4F-4CBB-B696-519E85DF46CA}\MpKsl466e1bef.sys [x]
R1 MpKsl47853568;MpKsl47853568;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{6F84F3CA-5817-457F-9F30-E2FC39965926}\MpKsl47853568.sys [x]
R1 MpKsl4a2ec07c;MpKsl4a2ec07c;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{457223A7-0ED2-4E74-961A-A5C3BF5C1654}\MpKsl4a2ec07c.sys [x]
R1 MpKsl4a4e1391;MpKsl4a4e1391;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{65B39A30-6E27-4BFC-B148-2F8BD88F9875}\MpKsl4a4e1391.sys [x]
R1 MpKsl4c5c63dd;MpKsl4c5c63dd;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4EF603EF-F10D-45C9-9968-0DFBC777A294}\MpKsl4c5c63dd.sys [x]
R1 MpKsl4d30669b;MpKsl4d30669b;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{C9200220-4401-46EB-9B7B-0D7578DFE4CA}\MpKsl4d30669b.sys [x]
R1 MpKsl4d4d2db8;MpKsl4d4d2db8;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{30054914-C736-47C1-BBE4-951997B4221D}\MpKsl4d4d2db8.sys [x]
R1 MpKsl4e13e741;MpKsl4e13e741;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{AE09BD0F-6E5C-40AF-B220-7086D4CC6570}\MpKsl4e13e741.sys [x]
R1 MpKsl4ec6c2a0;MpKsl4ec6c2a0;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{10A420C9-DAD7-4A60-A46C-ABEE2355C0B4}\MpKsl4ec6c2a0.sys [x]
R1 MpKsl5022c774;MpKsl5022c774;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{7A510B5A-7392-4414-9931-2D017F817EB2}\MpKsl5022c774.sys [x]
R1 MpKsl52616f74;MpKsl52616f74;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{6801923D-6C98-4F19-9935-1AF0D75C79CC}\MpKsl52616f74.sys [x]
R1 MpKsl52944419;MpKsl52944419;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{AC3374BA-9E78-4EC4-83D3-7AB6B6B04046}\MpKsl52944419.sys [x]
R1 MpKsl550588d0;MpKsl550588d0;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{65B39A30-6E27-4BFC-B148-2F8BD88F9875}\MpKsl550588d0.sys [x]
R1 MpKsl55b1c7dc;MpKsl55b1c7dc;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{2435138B-C207-4436-9C21-7BCBD68F10CE}\MpKsl55b1c7dc.sys [x]
R1 MpKsl56dcf45a;MpKsl56dcf45a;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{FEAD3384-A148-4DAE-B8B7-4C5A0E2ECF20}\MpKsl56dcf45a.sys [x]
R1 MpKsl588727c3;MpKsl588727c3;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{96C05351-F320-4153-909F-9E0650990025}\MpKsl588727c3.sys [x]
R1 MpKsl595fe79e;MpKsl595fe79e;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{9AFD9547-F4A9-4980-92C4-EA0B73808D85}\MpKsl595fe79e.sys [x]
R1 MpKsl5adf0c5d;MpKsl5adf0c5d;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{DA18841B-A5BF-419F-B25E-5A87AE455070}\MpKsl5adf0c5d.sys [x]
R1 MpKsl5b5b0756;MpKsl5b5b0756;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{92BE8BFD-CEC6-4D87-BA39-8C0C01536B81}\MpKsl5b5b0756.sys [x]
R1 MpKsl62f71e41;MpKsl62f71e41;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D1DC07D7-3A2F-46CC-8B94-AD3DB9E07DB7}\MpKsl62f71e41.sys [x]
R1 MpKsl6307e0b6;MpKsl6307e0b6;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{428C7610-9B6E-4BF7-9CE5-8F4C76F45B14}\MpKsl6307e0b6.sys [x]
R1 MpKsl63b7466e;MpKsl63b7466e;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3A3D9F2A-43D0-4FF4-85D4-FF36F131DDD8}\MpKsl63b7466e.sys [x]
R1 MpKsl65626759;MpKsl65626759;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D0993A11-546E-4055-89F0-CC6306465396}\MpKsl65626759.sys [x]
R1 MpKsl667b9d9a;MpKsl667b9d9a;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{04D1AB29-B55C-4DC2-9DCF-AFCCBB897CCB}\MpKsl667b9d9a.sys [x]
R1 MpKsl6a4aee20;MpKsl6a4aee20;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{6D871E12-EE11-4FA3-ADAC-8DDDDC61D211}\MpKsl6a4aee20.sys [x]
R1 MpKsl6cdb11b2;MpKsl6cdb11b2;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4A50C759-D9DA-4F91-9134-E796341ECA56}\MpKsl6cdb11b2.sys [x]
R1 MpKsl6e254e07;MpKsl6e254e07;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D1DC07D7-3A2F-46CC-8B94-AD3DB9E07DB7}\MpKsl6e254e07.sys [x]
R1 MpKsl6fbd6c71;MpKsl6fbd6c71;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{7382277E-3EF8-415E-B60F-3B294925D32B}\MpKsl6fbd6c71.sys [x]
R1 MpKsl7107e1bb;MpKsl7107e1bb;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{2E9FB65E-1258-4CBD-AC75-F7769C4DE9E1}\MpKsl7107e1bb.sys [x]
R1 MpKsl74b68d33;MpKsl74b68d33;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{61699DE3-FAF0-4100-AD28-E139BBBEA028}\MpKsl74b68d33.sys [x]
R1 MpKsl74cea91a;MpKsl74cea91a;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{9F723B4E-1363-43E7-93FB-F7DBD1A734D0}\MpKsl74cea91a.sys [x]
R1 MpKsl76c4500e;MpKsl76c4500e;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{04D1AB29-B55C-4DC2-9DCF-AFCCBB897CCB}\MpKsl76c4500e.sys [x]
R1 MpKsl78bb618c;MpKsl78bb618c;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1772E180-8748-4D3E-B24C-D6D2C5F9B5A3}\MpKsl78bb618c.sys [x]
R1 MpKsl79139c6f;MpKsl79139c6f;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F1DAEE56-5BF9-4C3A-9888-2BF33891348E}\MpKsl79139c6f.sys [x]
R1 MpKsl79dcca5b;MpKsl79dcca5b;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{686F8D9F-7DFB-4123-962E-D524A41B8F07}\MpKsl79dcca5b.sys [x]
R1 MpKsl80047a56;MpKsl80047a56;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{AC4E357E-FE72-4CD2-931B-9BE8F61F92C1}\MpKsl80047a56.sys [x]
R1 MpKsl808cdd75;MpKsl808cdd75;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B64014E5-4136-4CD0-8113-847453D219CB}\MpKsl808cdd75.sys [x]
R1 MpKsl810da3ce;MpKsl810da3ce;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{C06F1EB1-24A6-4A04-A4A5-CF2133B9D20A}\MpKsl810da3ce.sys [x]
R1 MpKsl825d4dcd;MpKsl825d4dcd;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F8348DFA-B2EC-4D0C-8183-8A7F1A26DBBD}\MpKsl825d4dcd.sys [x]
R1 MpKsl849ddc69;MpKsl849ddc69;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{DA18841B-A5BF-419F-B25E-5A87AE455070}\MpKsl849ddc69.sys [x]
R1 MpKsl8887dd69;MpKsl8887dd69;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D0993A11-546E-4055-89F0-CC6306465396}\MpKsl8887dd69.sys [x]
R1 MpKsl8a94550b;MpKsl8a94550b;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{39B354B6-CF95-4B9D-AC21-05762961ACB2}\MpKsl8a94550b.sys [x]
R1 MpKsl8bbf55ef;MpKsl8bbf55ef;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{507FFA38-3D20-4DB9-9990-16B8C2986AA9}\MpKsl8bbf55ef.sys [x]
R1 MpKsl8d0e4e03;MpKsl8d0e4e03;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D9A9D432-6DAD-4751-9B4C-D0746373D450}\MpKsl8d0e4e03.sys [x]
R1 MpKsl8f45d270;MpKsl8f45d270;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{8F48956F-658D-4E0B-9C3D-08A5FA7313F3}\MpKsl8f45d270.sys [x]
R1 MpKsl8f785007;MpKsl8f785007;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{29744E99-DB21-4352-8935-079363060011}\MpKsl8f785007.sys [x]
R1 MpKsl9134de0b;MpKsl9134de0b;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{89129128-A246-425E-9064-A163F30156C3}\MpKsl9134de0b.sys [x]
R1 MpKsl93e06edd;MpKsl93e06edd;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{238ABD0D-BB80-41D1-816D-101CD48DB40A}\MpKsl93e06edd.sys [x]
R1 MpKsl950dae20;MpKsl950dae20;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{08E1CB06-2276-4365-9E98-33429F68E66B}\MpKsl950dae20.sys [x]
R1 MpKsl985b3f8e;MpKsl985b3f8e;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1772E180-8748-4D3E-B24C-D6D2C5F9B5A3}\MpKsl985b3f8e.sys [x]
R1 MpKsla3b74131;MpKsla3b74131;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{40A9D23C-78A1-49C6-8C8E-8996360F1093}\MpKsla3b74131.sys [x]
R1 MpKsla47860c6;MpKsla47860c6;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{5FA0C4E3-B949-4E03-83D4-BF8433BA43D6}\MpKsla47860c6.sys [x]
R1 MpKsla536fda6;MpKsla536fda6;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{6F84F3CA-5817-457F-9F30-E2FC39965926}\MpKsla536fda6.sys [x]
R1 MpKsla5f4e6a8;MpKsla5f4e6a8;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{AE09BD0F-6E5C-40AF-B220-7086D4CC6570}\MpKsla5f4e6a8.sys [x]
R1 MpKsla75d66af;MpKsla75d66af;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{7C59764B-24A9-4C19-B28F-957B83FD0ECB}\MpKsla75d66af.sys [x]
R1 MpKsla7a69055;MpKsla7a69055;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{C93BCF6E-CBF5-4FF2-ADCF-1128BDE2E0C5}\MpKsla7a69055.sys [x]
R1 MpKslac0a44e8;MpKslac0a44e8;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BEDDC0FA-9198-4CB7-86F7-BFAA2C60D67D}\MpKslac0a44e8.sys [x]
R1 MpKslae6ebf88;MpKslae6ebf88;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{61699DE3-FAF0-4100-AD28-E139BBBEA028}\MpKslae6ebf88.sys [x]
R1 MpKslaf88753f;MpKslaf88753f;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{6AA6604E-B3CD-4B84-B64D-743B9BE26E39}\MpKslaf88753f.sys [x]
R1 MpKslafdd0155;MpKslafdd0155;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{EB476B9C-7D7B-44E0-AFE8-8D0EA879A0E7}\MpKslafdd0155.sys [x]
R1 MpKslb3776706;MpKslb3776706;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1E8E37DD-94FA-43F2-9DBC-A3863D8E5DC7}\MpKslb3776706.sys [x]
R1 MpKslb5d67722;MpKslb5d67722;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{39EDEA56-4AF3-4675-952A-85AB8E21BDDD}\MpKslb5d67722.sys [x]
R1 MpKslbb9cb6cd;MpKslbb9cb6cd;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{0C8F2FC8-5167-435F-8DBD-2605F723E28B}\MpKslbb9cb6cd.sys [x]
R1 MpKslbc59489c;MpKslbc59489c;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D0993A11-546E-4055-89F0-CC6306465396}\MpKslbc59489c.sys [x]
R1 MpKslbcf74d57;MpKslbcf74d57;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{507FFA38-3D20-4DB9-9990-16B8C2986AA9}\MpKslbcf74d57.sys [x]
R1 MpKslc39453af;MpKslc39453af;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{8F48956F-658D-4E0B-9C3D-08A5FA7313F3}\MpKslc39453af.sys [x]
R1 MpKslca589ceb;MpKslca589ceb;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BA7CDA28-6FE4-41D5-ABC9-428C8B897FE7}\MpKslca589ceb.sys [x]
R1 MpKslce9d0181;MpKslce9d0181;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{9E27DE14-7F7B-426E-810F-DEEBD5315B15}\MpKslce9d0181.sys [x]
R1 MpKsld58d6931;MpKsld58d6931;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{5285C302-45B0-4D11-A56C-63291B5ECF2F}\MpKsld58d6931.sys [x]
R1 MpKsld747c86f;MpKsld747c86f;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{77AC7797-FA37-4A49-BF05-9B96F1429127}\MpKsld747c86f.sys [x]
R1 MpKsld7e586c6;MpKsld7e586c6;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4A50C759-D9DA-4F91-9134-E796341ECA56}\MpKsld7e586c6.sys [x]
R1 MpKslda6e4aea;MpKslda6e4aea;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1E8E37DD-94FA-43F2-9DBC-A3863D8E5DC7}\MpKslda6e4aea.sys [x]
R1 MpKsldd51ab34;MpKsldd51ab34;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{DD038CBD-6BC7-4FA0-B48C-2000FCCEBFEF}\MpKsldd51ab34.sys [x]
R1 MpKslde1c7de5;MpKslde1c7de5;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D466E7F0-ABFE-4BF9-AEFF-7A6B470ECE95}\MpKslde1c7de5.sys [x]
R1 MpKslde60af67;MpKslde60af67;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{2EA92FCE-24B9-4DA5-9300-FA693A1B29C9}\MpKslde60af67.sys [x]
R1 MpKsle1761ce5;MpKsle1761ce5;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{78A3BB43-3DFD-4D78-B724-8EF2653FBF4A}\MpKsle1761ce5.sys [x]
R1 MpKsle56f7b4f;MpKsle56f7b4f;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{FB37A0B6-824F-49B5-A446-F75B2D66AE11}\MpKsle56f7b4f.sys [x]
R1 MpKsle572f6ba;MpKsle572f6ba;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{AC4E357E-FE72-4CD2-931B-9BE8F61F92C1}\MpKsle572f6ba.sys [x]
R1 MpKsle6ae4d60;MpKsle6ae4d60;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{CA5A3ABB-2E07-4C39-8276-A7501DF24765}\MpKsle6ae4d60.sys [x]
R1 MpKsle729d806;MpKsle729d806;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{75F901F6-310E-453C-8A7B-15403DEE0D7A}\MpKsle729d806.sys [x]
R1 MpKsle910a5f5;MpKsle910a5f5;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{63C8D80E-9686-4207-A43F-A347CA09CE39}\MpKsle910a5f5.sys [x]
R1 MpKsle923b9a6;MpKsle923b9a6;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D466E7F0-ABFE-4BF9-AEFF-7A6B470ECE95}\MpKsle923b9a6.sys [x]
R1 MpKslea8ca7cb;MpKslea8ca7cb;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{AC3374BA-9E78-4EC4-83D3-7AB6B6B04046}\MpKslea8ca7cb.sys [x]
R1 MpKslecb2691b;MpKslecb2691b;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D7775643-145D-4848-B4BC-51957DD2C503}\MpKslecb2691b.sys [x]
R1 MpKslecd217de;MpKslecd217de;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{7A811974-143C-4192-810F-E526ED6E58C9}\MpKslecd217de.sys [x]
R1 MpKsledb5f72c;MpKsledb5f72c;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4EF603EF-F10D-45C9-9968-0DFBC777A294}\MpKsledb5f72c.sys [x]
R1 MpKslee01476d;MpKslee01476d;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{125A2177-586F-4CBC-A2A1-E4CDC3131FF5}\MpKslee01476d.sys [x]
R1 MpKslf006b12e;MpKslf006b12e;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{7C59764B-24A9-4C19-B28F-957B83FD0ECB}\MpKslf006b12e.sys [x]
R1 MpKslf1433579;MpKslf1433579;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3382A8A9-8112-4889-841B-36C4CCE7D63D}\MpKslf1433579.sys [x]
R1 MpKslf48e10b4;MpKslf48e10b4;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BEDDC0FA-9198-4CB7-86F7-BFAA2C60D67D}\MpKslf48e10b4.sys [x]
R1 MpKslf6b04e98;MpKslf6b04e98;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E67270D3-2F8E-4AD2-9928-B3FBCE43821E}\MpKslf6b04e98.sys [x]
R1 MpKslf8244d8a;MpKslf8244d8a;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{6F84F3CA-5817-457F-9F30-E2FC39965926}\MpKslf8244d8a.sys [x]
R1 MpKslfbd2caf1;MpKslfbd2caf1;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BEDDC0FA-9198-4CB7-86F7-BFAA2C60D67D}\MpKslfbd2caf1.sys [x]
R1 MpKslfdbce2ee;MpKslfdbce2ee;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{39EDEA56-4AF3-4675-952A-85AB8E21BDDD}\MpKslfdbce2ee.sys [x]
R1 MpKslff8899ad;MpKslff8899ad;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{92BE8BFD-CEC6-4D87-BA39-8C0C01536B81}\MpKslff8899ad.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
R3 EgisTec Ticket Service;EgisTec Ticket Service;c:\program files\Common Files\EgisTec\Services\EgisTicketService.exe [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [x]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [x]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [x]
S2 DsiWMIService;Dritek WMI Service;c:\program files\Launch Manager\dsiwmis.exe [x]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [x]
S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 IconMan_R;IconMan_R;c:\program files\Realtek\Realtek PCIE Card Reader\RIconMan.exe [x]
S2 Live Updater Service;Live Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S2 RS_Service;Raw Socket Service;c:\program files\Acer\Acer VCM\RS_Service.exe [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc
.
Contents of the 'Scheduled Tasks' folder
.
2012-09-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3807445768-3563054489-1376992915-1000Core.job
- c:\users\Akhil Baveja\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-27 08:08]
.
2012-09-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3807445768-3563054489-1376992915-1000UA.job
- c:\users\Akhil Baveja\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-27 08:08]
.
2012-09-25 c:\windows\Tasks\wkqvwvtid.job
- c:\windows\system32\difxapid.dll [2012-09-21 19:22]
.
.
------- Supplementary Scan -------
.
uStart Page = about:blank
mStart Page = hxxp://acer.msn.com
IE: E&xport to Microsoft Excel - e:\office\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Akhil Baveja\AppData\Roaming\Mozilla\Firefox\Profiles\ayqgim5j.default\
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'Explorer.exe'(5180)
c:\program files\Acer\Acer ePower Management\SysHook.dll
.
Completion time: 2012-09-26 01:48:52
ComboFix-quarantined-files.txt 2012-09-25 20:18
ComboFix2.txt 2012-09-24 19:22
.
Pre-Run: 74,323,615,744 bytes free
Post-Run: 74,145,316,864 bytes free
.
- - End Of File - - 287EE8C0CDBD5CBE47587379DEE2F921

Edited by kingfisher3210, 25 September 2012 - 02:24 PM.

  • 0

#18
Essexboy
Posted 26 September 2012 - 02:13 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
How is the computer now ?
  • 0

#19
kingfisher3210
Posted 27 September 2012 - 02:08 PM

kingfisher3210

    Member

  • Topic Starter
  • Member
  • PipPip
  • 42 posts
All processes killed
========== OTL ==========
Registry value HKEY_USERS\S-1-5-21-3807445768-3563054489-1376992915-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Wisdom-soft ScreenHunter 5.1 Plus deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
C:\Windows\Tasks\wkqvwvtid.job moved successfully.
C:\Windows\System32\difxapid.dll moved successfully.
C:\Windows\System32\doc-0o-4.com-viewer-securedownload-5sj8mc9cp1vsrvk6n9j6e1hdqqd6fhce-umh5ev1fv5oufk72sfjgcqlasjd3ief4-1329152400000-Z21haWw=-AGZ5hq_U1cWSHHkQejQOuHY9ERti-MTM1NzdiNDZiYjIxZmZkZXwwLjEuMC4xLjAuMQ==.lnk moved successfully.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: Akhil Baveja
->Temp folder emptied: 8410464 bytes
->Temporary Internet Files folder emptied: 138054790 bytes
->Java cache emptied: 5957321 bytes
->FireFox cache emptied: 80638711 bytes
->Google Chrome cache emptied: 22328945 bytes
->Flash cache emptied: 1274744 bytes

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 5218125 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 250.00 mb

Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.66.0 log created on 09282012_012158

Files\Folders moved on Reboot...
File move failed. C:\Windows\temp\dsiwmis.log scheduled to be moved on reboot.
File move failed. C:\Windows\temp\LMutilps.log scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
  • 0

#20
kingfisher3210
Posted 27 September 2012 - 02:19 PM

kingfisher3210

    Member

  • Topic Starter
  • Member
  • PipPip
  • 42 posts
OTL logfile created on: 9/28/2012 1:39:39 AM - Run 4
OTL by OldTimer - Version 3.2.66.0 Folder = C:\Users\Akhil Baveja\Downloads
Starter Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: India | Language: ENN | Date Format: dd-MM-yyyy

1011.87 Mb Total Physical Memory | 289.08 Mb Available Physical Memory | 28.57% Memory free
1.99 Gb Paging File | 1.03 Gb Available in Paging File | 51.59% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 87.53 Gb Total Space | 68.39 Gb Free Space | 78.14% Space Free | Partition Type: NTFS
Drive D: | 4.10 Gb Total Space | 2.56 Gb Free Space | 62.45% Space Free | Partition Type: FAT32
Drive E: | 94.73 Gb Total Space | 93.55 Gb Free Space | 98.76% Space Free | Partition Type: NTFS
Drive F: | 98.63 Gb Total Space | 98.42 Gb Free Space | 99.79% Space Free | Partition Type: NTFS

Computer Name: AKHILBAVEJA-PC | User Name: Akhil Baveja | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/09/23 19:29:53 | 000,601,600 | ---- | M] (OldTimer Tools) -- C:\Users\Akhil Baveja\Downloads\OTL.exe
PRC - [2012/09/07 17:04:46 | 000,399,432 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012/07/28 02:21:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/03/26 17:08:12 | 000,931,200 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2012/03/21 12:28:22 | 010,359,568 | ---- | M] (Microsoft Corporation) -- E:\office\OFFICE11\EXCEL.EXE
PRC - [2011/06/24 09:52:20 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2011/05/10 10:31:33 | 000,492,096 | ---- | M] (Insyde Software Corp.) -- C:\Program Files\Acer\Updater\iUpdate.exe
PRC - [2011/05/10 10:31:32 | 000,408,128 | ---- | M] (Insyde Software Corp.) -- C:\Program Files\Acer\Android Manager\iSync.exe
PRC - [2011/03/14 17:14:38 | 000,414,800 | ---- | M] (Dritek System Inc.) -- C:\Program Files\Launch Manager\LMutilps32.exe
PRC - [2011/03/14 17:14:38 | 000,334,416 | ---- | M] (Dritek System Inc.) -- C:\Program Files\Launch Manager\LMworker.exe
PRC - [2011/03/14 17:14:36 | 001,081,424 | ---- | M] (Dritek System Inc.) -- C:\Program Files\Launch Manager\LManager.exe
PRC - [2011/03/14 17:14:36 | 000,352,336 | ---- | M] (Dritek System Inc.) -- C:\Program Files\Launch Manager\dsiwmis.exe
PRC - [2011/03/07 14:15:22 | 001,755,136 | ---- | M] (Realsil Microelectronics Inc.) -- C:\Program Files\Realtek\Realtek PCIE Card Reader\RIconMan.exe
PRC - [2011/02/25 11:00:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2011/02/23 09:31:10 | 000,715,368 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
PRC - [2011/02/23 09:31:08 | 000,739,944 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
PRC - [2011/02/23 09:31:02 | 000,469,608 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
PRC - [2011/02/01 02:25:14 | 000,244,624 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe
PRC - [2010/11/21 02:59:19 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010/11/06 12:24:22 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010/11/06 12:24:20 | 000,283,160 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
PRC - [2010/10/06 03:16:10 | 000,704,104 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer VCM\AcerVCM.exe
PRC - [2010/09/28 07:30:56 | 000,340,336 | ---- | M] (Egis Technology Inc.) -- C:\Program Files\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
PRC - [2010/09/18 04:40:16 | 000,407,920 | ---- | M] (Egis Technology Inc.) -- C:\Program Files\EgisTec IPS\PmmUpdate.exe
PRC - [2010/09/18 04:40:02 | 000,201,584 | ---- | M] (Egis Technology Inc.) -- C:\Program Files\EgisTec IPS\EgisUpdate.exe
PRC - [2010/01/30 05:22:58 | 000,260,640 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer VCM\RS_Service.exe


========== Modules (No Company Name) ==========

MOD - [2012/06/14 20:36:37 | 000,475,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\3ac345f23c9bf10342c5c12f2d2c5728\IAStorUtil.ni.dll
MOD - [2012/06/14 18:01:35 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\828e99a57411166ccc26d24be089ba44\System.Windows.Forms.ni.dll
MOD - [2012/06/14 18:01:10 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\502adc65e43b9d025cba1fd0bfa964a8\System.Drawing.ni.dll
MOD - [2012/05/12 15:01:55 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\23917a73056cd44ac791a08442c9848a\IAStorCommon.ni.dll
MOD - [2012/05/12 14:27:29 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\12dc22db56f7933e84654ecc590beba5\System.Runtime.Remoting.ni.dll
MOD - [2012/05/12 14:24:32 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\5b10c18a074132f1ae4a86d860cf9615\WindowsBase.ni.dll
MOD - [2012/05/12 14:24:14 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\cfb0e4de1afd3f2efbbf39a5e39f646a\System.Xml.ni.dll
MOD - [2012/05/12 14:24:03 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\2a5cbab122112cd4291b684e67460c16\System.Configuration.ni.dll
MOD - [2012/05/12 14:24:01 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9447bd5b21a91081d4275b4c4401b1f9\System.ni.dll
MOD - [2012/05/12 14:23:42 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\2ab531f4915cccb998c4e852fb7efd00\mscorlib.ni.dll


========== Services (SafeList) ==========

SRV - [2012/09/07 17:04:46 | 000,676,936 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/09/07 17:04:46 | 000,399,432 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/07/28 02:21:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/03/26 17:03:40 | 000,214,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2012/03/26 17:03:40 | 000,011,552 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2011/03/14 17:14:36 | 000,352,336 | ---- | M] (Dritek System Inc.) [Auto | Running] -- C:\Program Files\Launch Manager\dsiwmis.exe -- (DsiWMIService)
SRV - [2011/03/07 14:15:22 | 001,755,136 | ---- | M] (Realsil Microelectronics Inc.) [Auto | Running] -- C:\Program Files\Realtek\Realtek PCIE Card Reader\RIconMan.exe -- (IconMan_R)
SRV - [2011/02/23 09:31:08 | 000,739,944 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe -- (ePowerSvc)
SRV - [2011/02/01 02:25:14 | 000,244,624 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe -- (Live Updater Service)
SRV - [2010/11/06 12:24:22 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2010/09/28 06:39:54 | 000,172,912 | ---- | M] (Egis Technology Inc. ) [On_Demand | Stopped] -- C:\Program Files\Common Files\EgisTec\Services\EgisTicketService.exe -- (EgisTec Ticket Service)
SRV - [2010/01/30 05:22:58 | 000,260,640 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer VCM\RS_Service.exe -- (RS_Service)
SRV - [2009/07/14 06:45:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{92BE8BFD-CEC6-4D87-BA39-8C0C01536B81}\MpKslff8899ad.sys -- (MpKslff8899ad)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{39EDEA56-4AF3-4675-952A-85AB8E21BDDD}\MpKslfdbce2ee.sys -- (MpKslfdbce2ee)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BEDDC0FA-9198-4CB7-86F7-BFAA2C60D67D}\MpKslfbd2caf1.sys -- (MpKslfbd2caf1)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{6F84F3CA-5817-457F-9F30-E2FC39965926}\MpKslf8244d8a.sys -- (MpKslf8244d8a)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E67270D3-2F8E-4AD2-9928-B3FBCE43821E}\MpKslf6b04e98.sys -- (MpKslf6b04e98)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BEDDC0FA-9198-4CB7-86F7-BFAA2C60D67D}\MpKslf48e10b4.sys -- (MpKslf48e10b4)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3382A8A9-8112-4889-841B-36C4CCE7D63D}\MpKslf1433579.sys -- (MpKslf1433579)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{7C59764B-24A9-4C19-B28F-957B83FD0ECB}\MpKslf006b12e.sys -- (MpKslf006b12e)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{125A2177-586F-4CBC-A2A1-E4CDC3131FF5}\MpKslee01476d.sys -- (MpKslee01476d)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{4EF603EF-F10D-45C9-9968-0DFBC777A294}\MpKsledb5f72c.sys -- (MpKsledb5f72c)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{7A811974-143C-4192-810F-E526ED6E58C9}\MpKslecd217de.sys -- (MpKslecd217de)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{D7775643-145D-4848-B4BC-51957DD2C503}\MpKslecb2691b.sys -- (MpKslecb2691b)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{AC3374BA-9E78-4EC4-83D3-7AB6B6B04046}\MpKslea8ca7cb.sys -- (MpKslea8ca7cb)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{D466E7F0-ABFE-4BF9-AEFF-7A6B470ECE95}\MpKsle923b9a6.sys -- (MpKsle923b9a6)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{63C8D80E-9686-4207-A43F-A347CA09CE39}\MpKsle910a5f5.sys -- (MpKsle910a5f5)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{75F901F6-310E-453C-8A7B-15403DEE0D7A}\MpKsle729d806.sys -- (MpKsle729d806)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{CA5A3ABB-2E07-4C39-8276-A7501DF24765}\MpKsle6ae4d60.sys -- (MpKsle6ae4d60)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{AC4E357E-FE72-4CD2-931B-9BE8F61F92C1}\MpKsle572f6ba.sys -- (MpKsle572f6ba)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{FB37A0B6-824F-49B5-A446-F75B2D66AE11}\MpKsle56f7b4f.sys -- (MpKsle56f7b4f)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{78A3BB43-3DFD-4D78-B724-8EF2653FBF4A}\MpKsle1761ce5.sys -- (MpKsle1761ce5)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{2EA92FCE-24B9-4DA5-9300-FA693A1B29C9}\MpKslde60af67.sys -- (MpKslde60af67)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{D466E7F0-ABFE-4BF9-AEFF-7A6B470ECE95}\MpKslde1c7de5.sys -- (MpKslde1c7de5)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{DD038CBD-6BC7-4FA0-B48C-2000FCCEBFEF}\MpKsldd51ab34.sys -- (MpKsldd51ab34)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{1E8E37DD-94FA-43F2-9DBC-A3863D8E5DC7}\MpKslda6e4aea.sys -- (MpKslda6e4aea)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{4A50C759-D9DA-4F91-9134-E796341ECA56}\MpKsld7e586c6.sys -- (MpKsld7e586c6)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{77AC7797-FA37-4A49-BF05-9B96F1429127}\MpKsld747c86f.sys -- (MpKsld747c86f)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{5285C302-45B0-4D11-A56C-63291B5ECF2F}\MpKsld58d6931.sys -- (MpKsld58d6931)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{9E27DE14-7F7B-426E-810F-DEEBD5315B15}\MpKslce9d0181.sys -- (MpKslce9d0181)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BA7CDA28-6FE4-41D5-ABC9-428C8B897FE7}\MpKslca589ceb.sys -- (MpKslca589ceb)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{8F48956F-658D-4E0B-9C3D-08A5FA7313F3}\MpKslc39453af.sys -- (MpKslc39453af)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{507FFA38-3D20-4DB9-9990-16B8C2986AA9}\MpKslbcf74d57.sys -- (MpKslbcf74d57)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{D0993A11-546E-4055-89F0-CC6306465396}\MpKslbc59489c.sys -- (MpKslbc59489c)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{0C8F2FC8-5167-435F-8DBD-2605F723E28B}\MpKslbb9cb6cd.sys -- (MpKslbb9cb6cd)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{39EDEA56-4AF3-4675-952A-85AB8E21BDDD}\MpKslb5d67722.sys -- (MpKslb5d67722)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{1E8E37DD-94FA-43F2-9DBC-A3863D8E5DC7}\MpKslb3776706.sys -- (MpKslb3776706)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{EB476B9C-7D7B-44E0-AFE8-8D0EA879A0E7}\MpKslafdd0155.sys -- (MpKslafdd0155)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{6AA6604E-B3CD-4B84-B64D-743B9BE26E39}\MpKslaf88753f.sys -- (MpKslaf88753f)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{61699DE3-FAF0-4100-AD28-E139BBBEA028}\MpKslae6ebf88.sys -- (MpKslae6ebf88)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BEDDC0FA-9198-4CB7-86F7-BFAA2C60D67D}\MpKslac0a44e8.sys -- (MpKslac0a44e8)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{C93BCF6E-CBF5-4FF2-ADCF-1128BDE2E0C5}\MpKsla7a69055.sys -- (MpKsla7a69055)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{7C59764B-24A9-4C19-B28F-957B83FD0ECB}\MpKsla75d66af.sys -- (MpKsla75d66af)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{AE09BD0F-6E5C-40AF-B220-7086D4CC6570}\MpKsla5f4e6a8.sys -- (MpKsla5f4e6a8)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{6F84F3CA-5817-457F-9F30-E2FC39965926}\MpKsla536fda6.sys -- (MpKsla536fda6)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{5FA0C4E3-B949-4E03-83D4-BF8433BA43D6}\MpKsla47860c6.sys -- (MpKsla47860c6)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{40A9D23C-78A1-49C6-8C8E-8996360F1093}\MpKsla3b74131.sys -- (MpKsla3b74131)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{1772E180-8748-4D3E-B24C-D6D2C5F9B5A3}\MpKsl985b3f8e.sys -- (MpKsl985b3f8e)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{08E1CB06-2276-4365-9E98-33429F68E66B}\MpKsl950dae20.sys -- (MpKsl950dae20)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{238ABD0D-BB80-41D1-816D-101CD48DB40A}\MpKsl93e06edd.sys -- (MpKsl93e06edd)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{89129128-A246-425E-9064-A163F30156C3}\MpKsl9134de0b.sys -- (MpKsl9134de0b)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{29744E99-DB21-4352-8935-079363060011}\MpKsl8f785007.sys -- (MpKsl8f785007)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{8F48956F-658D-4E0B-9C3D-08A5FA7313F3}\MpKsl8f45d270.sys -- (MpKsl8f45d270)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{D9A9D432-6DAD-4751-9B4C-D0746373D450}\MpKsl8d0e4e03.sys -- (MpKsl8d0e4e03)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{507FFA38-3D20-4DB9-9990-16B8C2986AA9}\MpKsl8bbf55ef.sys -- (MpKsl8bbf55ef)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{39B354B6-CF95-4B9D-AC21-05762961ACB2}\MpKsl8a94550b.sys -- (MpKsl8a94550b)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{D0993A11-546E-4055-89F0-CC6306465396}\MpKsl8887dd69.sys -- (MpKsl8887dd69)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{DA18841B-A5BF-419F-B25E-5A87AE455070}\MpKsl849ddc69.sys -- (MpKsl849ddc69)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F8348DFA-B2EC-4D0C-8183-8A7F1A26DBBD}\MpKsl825d4dcd.sys -- (MpKsl825d4dcd)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{C06F1EB1-24A6-4A04-A4A5-CF2133B9D20A}\MpKsl810da3ce.sys -- (MpKsl810da3ce)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B64014E5-4136-4CD0-8113-847453D219CB}\MpKsl808cdd75.sys -- (MpKsl808cdd75)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{AC4E357E-FE72-4CD2-931B-9BE8F61F92C1}\MpKsl80047a56.sys -- (MpKsl80047a56)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{686F8D9F-7DFB-4123-962E-D524A41B8F07}\MpKsl79dcca5b.sys -- (MpKsl79dcca5b)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F1DAEE56-5BF9-4C3A-9888-2BF33891348E}\MpKsl79139c6f.sys -- (MpKsl79139c6f)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{1772E180-8748-4D3E-B24C-D6D2C5F9B5A3}\MpKsl78bb618c.sys -- (MpKsl78bb618c)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{04D1AB29-B55C-4DC2-9DCF-AFCCBB897CCB}\MpKsl76c4500e.sys -- (MpKsl76c4500e)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{9F723B4E-1363-43E7-93FB-F7DBD1A734D0}\MpKsl74cea91a.sys -- (MpKsl74cea91a)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{61699DE3-FAF0-4100-AD28-E139BBBEA028}\MpKsl74b68d33.sys -- (MpKsl74b68d33)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{2E9FB65E-1258-4CBD-AC75-F7769C4DE9E1}\MpKsl7107e1bb.sys -- (MpKsl7107e1bb)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{7382277E-3EF8-415E-B60F-3B294925D32B}\MpKsl6fbd6c71.sys -- (MpKsl6fbd6c71)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{D1DC07D7-3A2F-46CC-8B94-AD3DB9E07DB7}\MpKsl6e254e07.sys -- (MpKsl6e254e07)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{4A50C759-D9DA-4F91-9134-E796341ECA56}\MpKsl6cdb11b2.sys -- (MpKsl6cdb11b2)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{6D871E12-EE11-4FA3-ADAC-8DDDDC61D211}\MpKsl6a4aee20.sys -- (MpKsl6a4aee20)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{04D1AB29-B55C-4DC2-9DCF-AFCCBB897CCB}\MpKsl667b9d9a.sys -- (MpKsl667b9d9a)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{D0993A11-546E-4055-89F0-CC6306465396}\MpKsl65626759.sys -- (MpKsl65626759)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3A3D9F2A-43D0-4FF4-85D4-FF36F131DDD8}\MpKsl63b7466e.sys -- (MpKsl63b7466e)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{428C7610-9B6E-4BF7-9CE5-8F4C76F45B14}\MpKsl6307e0b6.sys -- (MpKsl6307e0b6)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{D1DC07D7-3A2F-46CC-8B94-AD3DB9E07DB7}\MpKsl62f71e41.sys -- (MpKsl62f71e41)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{92BE8BFD-CEC6-4D87-BA39-8C0C01536B81}\MpKsl5b5b0756.sys -- (MpKsl5b5b0756)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{DA18841B-A5BF-419F-B25E-5A87AE455070}\MpKsl5adf0c5d.sys -- (MpKsl5adf0c5d)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{9AFD9547-F4A9-4980-92C4-EA0B73808D85}\MpKsl595fe79e.sys -- (MpKsl595fe79e)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{96C05351-F320-4153-909F-9E0650990025}\MpKsl588727c3.sys -- (MpKsl588727c3)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{FEAD3384-A148-4DAE-B8B7-4C5A0E2ECF20}\MpKsl56dcf45a.sys -- (MpKsl56dcf45a)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{2435138B-C207-4436-9C21-7BCBD68F10CE}\MpKsl55b1c7dc.sys -- (MpKsl55b1c7dc)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{65B39A30-6E27-4BFC-B148-2F8BD88F9875}\MpKsl550588d0.sys -- (MpKsl550588d0)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{AC3374BA-9E78-4EC4-83D3-7AB6B6B04046}\MpKsl52944419.sys -- (MpKsl52944419)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{6801923D-6C98-4F19-9935-1AF0D75C79CC}\MpKsl52616f74.sys -- (MpKsl52616f74)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{7A510B5A-7392-4414-9931-2D017F817EB2}\MpKsl5022c774.sys -- (MpKsl5022c774)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{10A420C9-DAD7-4A60-A46C-ABEE2355C0B4}\MpKsl4ec6c2a0.sys -- (MpKsl4ec6c2a0)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{AE09BD0F-6E5C-40AF-B220-7086D4CC6570}\MpKsl4e13e741.sys -- (MpKsl4e13e741)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{30054914-C736-47C1-BBE4-951997B4221D}\MpKsl4d4d2db8.sys -- (MpKsl4d4d2db8)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{C9200220-4401-46EB-9B7B-0D7578DFE4CA}\MpKsl4d30669b.sys -- (MpKsl4d30669b)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{4EF603EF-F10D-45C9-9968-0DFBC777A294}\MpKsl4c5c63dd.sys -- (MpKsl4c5c63dd)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{65B39A30-6E27-4BFC-B148-2F8BD88F9875}\MpKsl4a4e1391.sys -- (MpKsl4a4e1391)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{457223A7-0ED2-4E74-961A-A5C3BF5C1654}\MpKsl4a2ec07c.sys -- (MpKsl4a2ec07c)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{6F84F3CA-5817-457F-9F30-E2FC39965926}\MpKsl47853568.sys -- (MpKsl47853568)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{62CAF5F3-0C4F-4CBB-B696-519E85DF46CA}\MpKsl466e1bef.sys -- (MpKsl466e1bef)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{40A9D23C-78A1-49C6-8C8E-8996360F1093}\MpKsl45db01c1.sys -- (MpKsl45db01c1)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{6AA6604E-B3CD-4B84-B64D-743B9BE26E39}\MpKsl45b6953f.sys -- (MpKsl45b6953f)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{2E9FB65E-1258-4CBD-AC75-F7769C4DE9E1}\MpKsl4395796c.sys -- (MpKsl4395796c)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{A60C0A22-96CB-4543-B8F1-E5F76A9EA7BD}\MpKsl3e1e6704.sys -- (MpKsl3e1e6704)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B64014E5-4136-4CD0-8113-847453D219CB}\MpKsl3a89a42b.sys -- (MpKsl3a89a42b)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{AE0F988F-6461-4644-926A-826A7993D796}\MpKsl388a373f.sys -- (MpKsl388a373f)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{DA18841B-A5BF-419F-B25E-5A87AE455070}\MpKsl3822fce0.sys -- (MpKsl3822fce0)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{503E92E6-27C7-403C-9BA6-301930245543}\MpKsl37aaca1d.sys -- (MpKsl37aaca1d)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{4F555093-FEEC-4BA3-8179-821EBDF1E619}\MpKsl3552e5d9.sys -- (MpKsl3552e5d9)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{61EAD053-A5E4-4463-BBE2-D1FDF9DF45D4}\MpKsl321d210f.sys -- (MpKsl321d210f)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{9F723B4E-1363-43E7-93FB-F7DBD1A734D0}\MpKsl2c092542.sys -- (MpKsl2c092542)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{89129128-A246-425E-9064-A163F30156C3}\MpKsl299db2bf.sys -- (MpKsl299db2bf)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{96C20DD7-AFBB-4FD0-9D47-84D326542D45}\MpKsl2951948a.sys -- (MpKsl2951948a)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B64014E5-4136-4CD0-8113-847453D219CB}\MpKsl26fd884d.sys -- (MpKsl26fd884d)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{6F84F3CA-5817-457F-9F30-E2FC39965926}\MpKsl25974fdd.sys -- (MpKsl25974fdd)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{77AC7797-FA37-4A49-BF05-9B96F1429127}\MpKsl247b440a.sys -- (MpKsl247b440a)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{DDA39423-3BEE-4887-ADB5-C7B142041B80}\MpKsl23511d90.sys -- (MpKsl23511d90)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{639B94F3-05D4-4638-84E3-96A97557F47B}\MpKsl22b466c0.sys -- (MpKsl22b466c0)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{D7775643-145D-4848-B4BC-51957DD2C503}\MpKsl215a7d0e.sys -- (MpKsl215a7d0e)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{D466E7F0-ABFE-4BF9-AEFF-7A6B470ECE95}\MpKsl1ff5b50f.sys -- (MpKsl1ff5b50f)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BA7CDA28-6FE4-41D5-ABC9-428C8B897FE7}\MpKsl1c8a8c50.sys -- (MpKsl1c8a8c50)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{61699DE3-FAF0-4100-AD28-E139BBBEA028}\MpKsl1bc93270.sys -- (MpKsl1bc93270)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{39EDEA56-4AF3-4675-952A-85AB8E21BDDD}\MpKsl1b0a817c.sys -- (MpKsl1b0a817c)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{507FFA38-3D20-4DB9-9990-16B8C2986AA9}\MpKsl1a8bab1e.sys -- (MpKsl1a8bab1e)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{75F901F6-310E-453C-8A7B-15403DEE0D7A}\MpKsl1a1cb220.sys -- (MpKsl1a1cb220)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{4AAF7265-7C68-4649-97CD-87153FA28C59}\MpKsl175dbe8b.sys -- (MpKsl175dbe8b)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{6801923D-6C98-4F19-9935-1AF0D75C79CC}\MpKsl175c11c3.sys -- (MpKsl175c11c3)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{C93BCF6E-CBF5-4FF2-ADCF-1128BDE2E0C5}\MpKsl16c6f296.sys -- (MpKsl16c6f296)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{35C15002-65A0-4EB0-8392-17CCE6A9CD82}\MpKsl1543184b.sys -- (MpKsl1543184b)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E67270D3-2F8E-4AD2-9928-B3FBCE43821E}\MpKsl10d13f7d.sys -- (MpKsl10d13f7d)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{C693B576-85EA-4AF2-9527-B45F01B372F1}\MpKsl1010d031.sys -- (MpKsl1010d031)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F1DAEE56-5BF9-4C3A-9888-2BF33891348E}\MpKsl0e82d3ac.sys -- (MpKsl0e82d3ac)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{686F8D9F-7DFB-4123-962E-D524A41B8F07}\MpKsl0db3a256.sys -- (MpKsl0db3a256)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{A4F46F46-F4EA-46AA-8BF0-91F8C42026D2}\MpKsl0d77b33e.sys -- (MpKsl0d77b33e)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{C9200220-4401-46EB-9B7B-0D7578DFE4CA}\MpKsl0afc50cc.sys -- (MpKsl0afc50cc)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{6AA6604E-B3CD-4B84-B64D-743B9BE26E39}\MpKsl084932dc.sys -- (MpKsl084932dc)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{4AAF7265-7C68-4649-97CD-87153FA28C59}\MpKsl0800b086.sys -- (MpKsl0800b086)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{763AB2EA-F204-4FCB-8628-DF53D9D5B85C}\MpKsl06ad743b.sys -- (MpKsl06ad743b)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{817BB6C2-512A-4B9F-9E65-F1D79D1BDD5A}\MpKsl065c61dd.sys -- (MpKsl065c61dd)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{2435138B-C207-4436-9C21-7BCBD68F10CE}\MpKsl0641446a.sys -- (MpKsl0641446a)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{0C8F2FC8-5167-435F-8DBD-2605F723E28B}\MpKsl04819391.sys -- (MpKsl04819391)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{65B39A30-6E27-4BFC-B148-2F8BD88F9875}\MpKsl030b0605.sys -- (MpKsl030b0605)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E6731360-4E36-484C-AE4A-C964F375BDE1}\MpKsl02dbef18.sys -- (MpKsl02dbef18)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{7A811974-143C-4192-810F-E526ED6E58C9}\MpKsl016e5b84.sys -- (MpKsl016e5b84)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{592C9A2B-F81E-4140-8296-5836472582C4}\MpKsl00cf017c.sys -- (MpKsl00cf017c)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\AKHILB~1\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\btwrchid.sys -- (btwrchid)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\btwl2cap.sys -- (btwl2cap)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\btwavdt.sys -- (btwavdt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\btwaudio.sys -- (btwaudio)
DRV - [2012/09/07 17:04:46 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012/03/20 20:44:12 | 000,074,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2011/05/12 16:52:14 | 000,062,048 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)
DRV - [2011/05/12 16:52:14 | 000,019,304 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\System32\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)
DRV - [2011/05/12 16:52:14 | 000,016,744 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)
DRV - [2011/03/07 09:16:26 | 000,252,520 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RtsPStor.sys -- (RSPCIESTOR)
DRV - [2010/11/21 02:59:24 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/21 02:59:03 | 000,027,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV - [2009/07/14 05:15:33 | 000,083,456 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\serial.sys -- (Serial)
DRV - [2009/07/14 03:32:46 | 001,096,704 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\athr.sys -- (athr)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://acer.msn.com
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll File not found
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Akhil Baveja\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Akhil Baveja\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/04/05 16:19:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2011/12/23 15:03:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Akhil Baveja\AppData\Roaming\Mozilla\Extensions
[2012/06/24 23:54:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Akhil Baveja\AppData\Roaming\Mozilla\Firefox\Profiles\ayqgim5j.default\extensions
[2011/12/23 15:03:08 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/04/05 16:19:56 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/04/05 16:19:49 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/04/05 16:19:49 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - homepage: http://www.google.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://www.google.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Akhil Baveja\AppData\Local\Google\Chrome\Application\21.0.1180.89\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Akhil Baveja\AppData\Local\Google\Chrome\Application\21.0.1180.89\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Akhil Baveja\AppData\Local\Google\Chrome\Application\21.0.1180.89\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Akhil Baveja\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Akhil Baveja\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - Extension: YouTube = C:\Users\Akhil Baveja\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\Akhil Baveja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Gmail = C:\Users\Akhil Baveja\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012/09/28 01:22:10 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O4 - HKLM..\Run: [AndroidManager] C:\Program Files\Acer\Android Manager\AML.exe ()
O4 - HKLM..\Run: [EgisTecPMMUpdate] C:\Program Files\EgisTec IPS\PmmUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [EgisUpdate] C:\Program Files\EgisTec IPS\EgisUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [iPatchData] C:\Program Files\Acer\Updater\iUpdate.exe (Insyde Software Corp.)
O4 - HKLM..\Run: [iSyncData] C:\Program Files\Acer\Android Manager\iSync.exe (Insyde Software Corp.)
O4 - HKLM..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Power Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated)
O4 - HKLM..\Run: [SuiteTray] C:\Program Files\EgisTec MyWinLockerSuite\x86\SuiteTray.exe (Egis Technology Inc.)
O4 - HKCU..\Run: [Messenger (Yahoo!)] E:\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: E&xport to Microsoft Excel - E:\office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\NPJPI150.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://javadl-esd.su...indows-i586.cab (Java Plug-in 1.5.0)
O16 - DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5FFBFED2-2E72-4757-9463-108CB0E9F941}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BC84C8BC-2919-4F99-B293-F3C33B4F2358}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Acer\Acer VCM\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/11 03:12:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/09/26 01:47:56 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012/09/25 11:29:36 | 000,000,000 | ---D | C] -- C:\Users\Akhil Baveja\AppData\Roaming\Malwarebytes
[2012/09/25 11:29:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/09/25 11:29:20 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012/09/25 11:29:20 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012/09/24 23:41:07 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012/09/24 23:41:07 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012/09/24 23:41:07 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012/09/24 23:40:24 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/09/24 23:39:41 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2012/09/24 01:34:39 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/09/22 21:21:25 | 000,000,000 | ---D | C] -- C:\Users\Akhil Baveja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
[2012/09/22 21:21:24 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro

========== Files - Modified Within 30 Days ==========

[2012/09/28 01:35:44 | 000,016,160 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/09/28 01:35:44 | 000,016,160 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/09/28 01:28:36 | 000,016,384 | ---- | M] () -- C:\Windows\System32\Ikeext.etl
[2012/09/28 01:28:30 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/09/28 01:28:18 | 795,762,688 | -HS- | M] () -- C:\hiberfil.sys
[2012/09/28 01:22:10 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts
[2012/09/28 01:22:09 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3807445768-3563054489-1376992915-1000UA.job
[2012/09/27 11:14:01 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3807445768-3563054489-1376992915-1000Core.job
[2012/09/25 11:29:23 | 000,001,075 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/09/23 15:35:04 | 000,630,560 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/09/23 15:35:04 | 000,111,612 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/09/22 21:21:25 | 000,002,995 | ---- | M] () -- C:\Users\Akhil Baveja\Desktop\HiJackThis.lnk
[2012/09/07 17:04:46 | 000,022,856 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys

========== Files Created - No Company Name ==========

[2012/09/25 11:29:23 | 000,001,075 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/09/24 23:41:07 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/09/24 23:41:07 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/09/24 23:41:07 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/09/24 23:41:07 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/09/24 23:41:07 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/09/22 21:21:25 | 000,002,995 | ---- | C] () -- C:\Users\Akhil Baveja\Desktop\HiJackThis.lnk
[2011/08/17 11:59:31 | 000,000,065 | ---- | C] () -- C:\Windows\wininit.ini
[2011/08/01 01:30:43 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2011/05/12 16:04:53 | 000,039,672 | ---- | C] () -- C:\Windows\System32\drivers\RtPCEE3.DAT
[2011/05/12 16:04:53 | 000,029,494 | ---- | C] () -- C:\Windows\System32\drivers\RtPCEE4.DAT
[2011/05/12 16:04:53 | 000,001,448 | ---- | C] () -- C:\Windows\System32\drivers\RtHdatEx.dat
[2011/05/12 16:04:53 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX3.dat
[2011/05/12 16:04:53 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX2.dat
[2011/05/12 16:04:53 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX1.dat
[2011/05/12 16:04:53 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX0.dat
[2011/05/12 16:04:53 | 000,000,176 | ---- | C] () -- C:\Windows\System32\drivers\RTHDAEQ1.dat
[2011/05/12 16:04:53 | 000,000,040 | ---- | C] () -- C:\Windows\System32\drivers\rtkhdaud.dat
[2011/05/12 16:04:52 | 000,247,560 | ---- | C] () -- C:\Windows\System32\drivers\RTConvEQ.dat
[2011/05/12 16:01:42 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll

========== ZeroAccess Check ==========

[2009/07/14 10:12:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 10:11:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 06:46:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2012/01/19 13:28:58 | 000,000,000 | ---D | M] -- C:\Users\Akhil Baveja\AppData\Roaming\Binreader
[2012/05/08 07:18:12 | 000,000,000 | ---D | M] -- C:\Users\Akhil Baveja\AppData\Roaming\BitTorrent
[2012/01/11 13:06:34 | 000,000,000 | ---D | M] -- C:\Users\Akhil Baveja\AppData\Roaming\FreeCall
[2012/06/07 14:58:11 | 000,000,000 | ---D | M] -- C:\Users\Akhil Baveja\AppData\Roaming\Gleim
[2011/12/01 19:51:38 | 000,000,000 | ---D | M] -- C:\Users\Akhil Baveja\AppData\Roaming\Mobipocket
[2012/01/10 13:02:50 | 000,000,000 | ---D | M] -- C:\Users\Akhil Baveja\AppData\Roaming\Rebtel
[2012/04/24 02:45:26 | 000,000,000 | ---D | M] -- C:\Users\Akhil Baveja\AppData\Roaming\SoftGrid Client
[2011/08/05 12:59:11 | 000,000,000 | ---D | M] -- C:\Users\Akhil Baveja\AppData\Roaming\TP
[2011/08/05 01:34:45 | 000,000,000 | ---D | M] -- C:\Users\Akhil Baveja\AppData\Roaming\Windows Live Writer

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 129 bytes -> C:\ProgramData\Temp:C46995DA

< End of report >
  • 0

#21
Essexboy
Posted 27 September 2012 - 03:36 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
What problems remain ?
  • 0

#22
Essexboy
Posted 01 October 2012 - 08:01 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP