mikeyluke

Members

View Profile See their activity

Posts
4
Joined
June 18, 2012
Last visited
June 23, 2012

Reputation

0 Neutral

Hijacked..

mikeyluke replied to mikeyluke's topic in Resolved Malware Removal Logs

Thank you Mr. C! Here's the files you requested. 17:49:29.0129 2764 TDSS rootkit removing tool 2.7.41.0 Jun 20 2012 20:53:32 17:49:29.0706 2764 ============================================================ 17:49:29.0706 2764 Current date / time: 2012/06/22 17:49:29.0706 17:49:29.0706 2764 SystemInfo: 17:49:29.0706 2764 17:49:29.0706 2764 OS Version: 6.1.7601 ServicePack: 1.0 17:49:29.0706 2764 Product type: Workstation 17:49:29.0706 2764 ComputerName: OWNER-PC 17:49:29.0706 2764 UserName: owner 17:49:29.0706 2764 Windows directory: C:\Windows 17:49:29.0706 2764 System windows directory: C:\Windows 17:49:29.0706 2764 Running under WOW64 17:49:29.0706 2764 Processor architecture: Intel x64 17:49:29.0706 2764 Number of processors: 2 17:49:29.0706 2764 Page size: 0x1000 17:49:29.0706 2764 Boot type: Normal boot 17:49:29.0706 2764 ============================================================ 17:49:30.0236 2764 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 17:49:30.0252 2764 ============================================================ 17:49:30.0252 2764 \Device\Harddisk0\DR0: 17:49:30.0252 2764 MBR partitions: 17:49:30.0252 2764 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1A00800, BlocksNum 0x32000 17:49:30.0252 2764 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1A32800, BlocksNum 0x239FB800 17:49:30.0252 2764 ============================================================ 17:49:30.0267 2764 C: <-> \Device\Harddisk0\DR0\Partition1 17:49:30.0267 2764 ============================================================ 17:49:30.0267 2764 Initialize success 17:49:30.0267 2764 ============================================================ 17:54:22.0518 1096 Deinitialize success 18:01:32.0300 1120 TDSS rootkit removing tool 2.7.41.0 Jun 20 2012 20:53:32 18:01:32.0721 1120 ============================================================ 18:01:32.0721 1120 Current date / time: 2012/06/22 18:01:32.0721 18:01:32.0721 1120 SystemInfo: 18:01:32.0721 1120 18:01:32.0721 1120 OS Version: 6.1.7601 ServicePack: 1.0 18:01:32.0721 1120 Product type: Workstation 18:01:32.0721 1120 ComputerName: OWNER-PC 18:01:32.0721 1120 UserName: owner 18:01:32.0721 1120 Windows directory: C:\Windows 18:01:32.0721 1120 System windows directory: C:\Windows 18:01:32.0721 1120 Running under WOW64 18:01:32.0721 1120 Processor architecture: Intel x64 18:01:32.0721 1120 Number of processors: 2 18:01:32.0721 1120 Page size: 0x1000 18:01:32.0721 1120 Boot type: Normal boot 18:01:32.0721 1120 ============================================================ 18:01:33.0205 1120 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 18:01:33.0205 1120 ============================================================ 18:01:33.0205 1120 \Device\Harddisk0\DR0: 18:01:33.0205 1120 MBR partitions: 18:01:33.0205 1120 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1A00800, BlocksNum 0x32000 18:01:33.0205 1120 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1A32800, BlocksNum 0x239FB800 18:01:33.0205 1120 ============================================================ 18:01:33.0237 1120 C: <-> \Device\Harddisk0\DR0\Partition1 18:01:33.0237 1120 ============================================================ 18:01:33.0237 1120 Initialize success 18:01:33.0237 1120 ============================================================ 18:01:57.0033 4808 ============================================================ 18:01:57.0033 4808 Scan started 18:01:57.0033 4808 Mode: Manual; SigCheck; TDLFS; 18:01:57.0033 4808 ============================================================ 18:01:59.0389 4808 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys 18:01:59.0591 4808 1394ohci - ok 18:01:59.0669 4808 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys 18:01:59.0732 4808 ACPI - ok 18:01:59.0763 4808 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys 18:01:59.0872 4808 AcpiPmi - ok 18:02:00.0013 4808 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 18:02:00.0044 4808 AdobeARMservice - ok 18:02:00.0262 4808 AdobeFlashPlayerUpdateSvc (990dc6edc9f933194d7cd4e65146bc94) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 18:02:00.0278 4808 AdobeFlashPlayerUpdateSvc - ok 18:02:00.0387 4808 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys 18:02:00.0434 4808 adp94xx - ok 18:02:00.0496 4808 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys 18:02:00.0543 4808 adpahci - ok 18:02:00.0590 4808 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys 18:02:00.0605 4808 adpu320 - ok 18:02:00.0637 4808 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll 18:02:00.0917 4808 AeLookupSvc - ok 18:02:00.0995 4808 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys 18:02:01.0120 4808 AFD - ok 18:02:01.0183 4808 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys 18:02:01.0198 4808 agp440 - ok 18:02:01.0229 4808 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe 18:02:01.0323 4808 ALG - ok 18:02:01.0370 4808 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys 18:02:01.0385 4808 aliide - ok 18:02:01.0401 4808 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys 18:02:01.0417 4808 amdide - ok 18:02:01.0495 4808 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys 18:02:01.0573 4808 AmdK8 - ok 18:02:01.0619 4808 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys 18:02:01.0666 4808 AmdPPM - ok 18:02:01.0744 4808 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys 18:02:01.0775 4808 amdsata - ok 18:02:01.0822 4808 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys 18:02:01.0853 4808 amdsbs - ok 18:02:01.0869 4808 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys 18:02:01.0885 4808 amdxata - ok 18:02:01.0963 4808 Antispy - ok 18:02:02.0103 4808 AppHostSvc (59d01fa91962c9c1e9b4022b2d3b46db) C:\Windows\system32\inetsrv\apphostsvc.dll 18:02:02.0243 4808 AppHostSvc - ok 18:02:02.0306 4808 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys 18:02:02.0509 4808 AppID - ok 18:02:02.0540 4808 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll 18:02:02.0633 4808 AppIDSvc - ok 18:02:02.0680 4808 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll 18:02:02.0743 4808 Appinfo - ok 18:02:02.0977 4808 Apple Mobile Device (f401929ee0cc92bfe7f15161ca535383) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 18:02:03.0008 4808 Apple Mobile Device - ok 18:02:03.0055 4808 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys 18:02:03.0086 4808 arc - ok 18:02:03.0148 4808 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys 18:02:03.0179 4808 arcsas - ok 18:02:03.0304 4808 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe 18:02:03.0367 4808 aspnet_state - ok 18:02:03.0429 4808 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 18:02:03.0523 4808 AsyncMac - ok 18:02:03.0585 4808 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys 18:02:03.0601 4808 atapi - ok 18:02:03.0944 4808 athr (e642491f64e58cd5bc8fb8b347dcf65f) C:\Windows\system32\DRIVERS\athrx.sys 18:02:04.0006 4808 athr - ok 18:02:04.0303 4808 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll 18:02:04.0443 4808 AudioEndpointBuilder - ok 18:02:04.0443 4808 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll 18:02:04.0490 4808 AudioSrv - ok 18:02:04.0599 4808 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll 18:02:04.0786 4808 AxInstSV - ok 18:02:05.0020 4808 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys 18:02:05.0129 4808 b06bdrv - ok 18:02:05.0207 4808 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys 18:02:05.0332 4808 b57nd60a - ok 18:02:05.0379 4808 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll 18:02:05.0457 4808 BDESVC - ok 18:02:05.0473 4808 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 18:02:05.0566 4808 Beep - ok 18:02:05.0675 4808 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll 18:02:05.0816 4808 BFE - ok 18:02:06.0003 4808 BingDesktopUpdate (1b63f2b7ca6b5290cc124cdd07520bc9) C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe 18:02:06.0019 4808 BingDesktopUpdate - ok 18:02:06.0112 4808 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll 18:02:06.0221 4808 BITS - ok 18:02:06.0299 4808 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys 18:02:06.0362 4808 blbdrive - ok 18:02:06.0580 4808 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe 18:02:06.0627 4808 Bonjour Service - ok 18:02:06.0658 4808 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys 18:02:06.0705 4808 bowser - ok 18:02:06.0736 4808 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys 18:02:06.0830 4808 BrFiltLo - ok 18:02:06.0892 4808 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys 18:02:06.0955 4808 BrFiltUp - ok 18:02:07.0001 4808 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll 18:02:07.0079 4808 Browser - ok 18:02:07.0126 4808 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 18:02:07.0157 4808 Brserid - ok 18:02:07.0189 4808 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 18:02:07.0204 4808 BrSerWdm - ok 18:02:07.0220 4808 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 18:02:07.0235 4808 BrUsbMdm - ok 18:02:07.0251 4808 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 18:02:07.0282 4808 BrUsbSer - ok 18:02:07.0313 4808 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys 18:02:07.0345 4808 BTHMODEM - ok 18:02:07.0376 4808 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll 18:02:07.0454 4808 bthserv - ok 18:02:07.0485 4808 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 18:02:07.0594 4808 cdfs - ok 18:02:07.0672 4808 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys 18:02:07.0688 4808 cdrom - ok 18:02:07.0719 4808 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll 18:02:07.0781 4808 CertPropSvc - ok 18:02:07.0813 4808 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys 18:02:07.0828 4808 circlass - ok 18:02:07.0875 4808 CISVC (ff60401f1c659ca2ed4bae85d3fd14da) C:\Windows\system32\CISVC.EXE 18:02:07.0922 4808 CISVC - ok 18:02:07.0969 4808 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 18:02:08.0000 4808 CLFS - ok 18:02:08.0125 4808 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 18:02:08.0140 4808 clr_optimization_v2.0.50727_32 - ok 18:02:08.0265 4808 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 18:02:08.0281 4808 clr_optimization_v2.0.50727_64 - ok 18:02:08.0390 4808 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 18:02:08.0515 4808 clr_optimization_v4.0.30319_32 - ok 18:02:08.0577 4808 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 18:02:08.0639 4808 clr_optimization_v4.0.30319_64 - ok 18:02:08.0671 4808 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys 18:02:08.0686 4808 CmBatt - ok 18:02:08.0764 4808 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys 18:02:08.0795 4808 cmdide - ok 18:02:08.0889 4808 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys 18:02:08.0936 4808 CNG - ok 18:02:08.0983 4808 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys 18:02:08.0998 4808 Compbatt - ok 18:02:09.0029 4808 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys 18:02:09.0076 4808 CompositeBus - ok 18:02:09.0107 4808 COMSysApp - ok 18:02:09.0217 4808 cpudrv64 (3ca734ce373e5675fbc15ca2c45228e5) C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys 18:02:09.0248 4808 cpudrv64 - ok 18:02:09.0279 4808 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys 18:02:09.0295 4808 crcdisk - ok 18:02:09.0341 4808 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll 18:02:09.0466 4808 CryptSvc - ok 18:02:09.0685 4808 cvhsvc (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE 18:02:09.0841 4808 cvhsvc - ok 18:02:09.0965 4808 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll 18:02:10.0059 4808 DcomLaunch - ok 18:02:10.0153 4808 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll 18:02:10.0231 4808 defragsvc - ok 18:02:10.0340 4808 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys 18:02:10.0418 4808 DfsC - ok 18:02:10.0480 4808 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll 18:02:10.0589 4808 Dhcp - ok 18:02:10.0621 4808 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 18:02:10.0699 4808 discache - ok 18:02:10.0730 4808 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys 18:02:10.0745 4808 Disk - ok 18:02:10.0839 4808 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll 18:02:10.0901 4808 Dnscache - ok 18:02:10.0979 4808 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll 18:02:11.0057 4808 dot3svc - ok 18:02:11.0135 4808 Dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys 18:02:11.0151 4808 Dot4 - ok 18:02:11.0167 4808 Dot4Print (e9f5969233c5d89f3c35e3a66a52a361) C:\Windows\system32\DRIVERS\Dot4Prt.sys 18:02:11.0213 4808 Dot4Print - ok 18:02:11.0245 4808 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys 18:02:11.0307 4808 dot4usb - ok 18:02:11.0354 4808 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll 18:02:11.0432 4808 DPS - ok 18:02:11.0479 4808 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 18:02:11.0510 4808 drmkaud - ok 18:02:11.0697 4808 DsiWMIService (1fca854cedfc2ccd0c22e46ea4ea18f1) C:\Program Files (x86)\Launch Manager\dsiwmis.exe 18:02:11.0713 4808 DsiWMIService - ok 18:02:11.0915 4808 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys 18:02:11.0962 4808 DXGKrnl - ok 18:02:12.0040 4808 eamonm (d00eae9c735a7dee8049e50d73d25434) C:\Windows\system32\DRIVERS\eamonm.sys 18:02:12.0071 4808 eamonm - ok 18:02:12.0134 4808 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll 18:02:12.0181 4808 EapHost - ok 18:02:12.0633 4808 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys 18:02:12.0758 4808 ebdrv - ok 18:02:12.0914 4808 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe 18:02:13.0007 4808 EFS - ok 18:02:13.0226 4808 ehdrv (e5edde3c8158dd0cbc5812f201dcded0) C:\Windows\system32\DRIVERS\ehdrv.sys 18:02:13.0241 4808 ehdrv - ok 18:02:13.0444 4808 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe 18:02:13.0569 4808 ehRecvr - ok 18:02:13.0631 4808 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe 18:02:13.0772 4808 ehSched - ok 18:02:14.0115 4808 ekrn (ad4faade819e0da9933bea7c01d2c763) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe 18:02:14.0146 4808 ekrn - ok 18:02:14.0599 4808 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys 18:02:14.0645 4808 elxstor - ok 18:02:14.0708 4808 epfwwfpr (3ebb7fd3c605262b942868a1d840f4f1) C:\Windows\system32\DRIVERS\epfwwfpr.sys 18:02:14.0723 4808 epfwwfpr - ok 18:02:14.0911 4808 ePowerSvc (3ea2c4f68a782839d97b3c83595575b6) C:\Program Files\Gateway\Gateway Power Management\ePowerSvc.exe 18:02:15.0004 4808 ePowerSvc - ok 18:02:15.0051 4808 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys 18:02:15.0098 4808 ErrDev - ok 18:02:15.0285 4808 esihdrv - ok 18:02:15.0379 4808 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll 18:02:15.0457 4808 EventSystem - ok 18:02:15.0519 4808 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 18:02:15.0597 4808 exfat - ok 18:02:15.0628 4808 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 18:02:15.0737 4808 fastfat - ok 18:02:15.0971 4808 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe 18:02:16.0112 4808 Fax - ok 18:02:16.0159 4808 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys 18:02:16.0190 4808 fdc - ok 18:02:16.0237 4808 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll 18:02:16.0315 4808 fdPHost - ok 18:02:16.0346 4808 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll 18:02:16.0393 4808 FDResPub - ok 18:02:16.0408 4808 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 18:02:16.0424 4808 FileInfo - ok 18:02:16.0439 4808 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 18:02:16.0517 4808 Filetrace - ok 18:02:16.0549 4808 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys 18:02:16.0580 4808 flpydisk - ok 18:02:16.0642 4808 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys 18:02:16.0689 4808 FltMgr - ok 18:02:16.0845 4808 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll 18:02:16.0970 4808 FontCache - ok 18:02:17.0079 4808 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 18:02:17.0095 4808 FontCache3.0.0.0 - ok 18:02:17.0204 4808 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 18:02:17.0219 4808 FsDepends - ok 18:02:17.0251 4808 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys 18:02:17.0251 4808 fssfltr - ok 18:02:17.0921 4808 fsssvc (40cdfad174b3d5e80f95dda003c0b97f) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe 18:02:17.0984 4808 fsssvc - ok 18:02:18.0530 4808 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys 18:02:18.0561 4808 Fs_Rec - ok 18:02:18.0623 4808 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys 18:02:18.0639 4808 fvevol - ok 18:02:18.0670 4808 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys 18:02:18.0686 4808 gagp30kx - ok 18:02:18.0717 4808 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 18:02:18.0748 4808 GEARAspiWDM - ok 18:02:18.0920 4808 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll 18:02:19.0060 4808 gpsvc - ok 18:02:19.0185 4808 GREGService (0191dee9b9eb7902af2cf4f67301095d) C:\Program Files (x86)\Gateway\Registration\GREGsvc.exe 18:02:19.0185 4808 GREGService - ok 18:02:19.0325 4808 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 18:02:19.0357 4808 gupdate - ok 18:02:19.0388 4808 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 18:02:19.0388 4808 gupdatem - ok 18:02:19.0435 4808 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe 18:02:19.0450 4808 gusvc - ok 18:02:19.0528 4808 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 18:02:19.0606 4808 hcw85cir - ok 18:02:19.0669 4808 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys 18:02:19.0762 4808 HdAudAddService - ok 18:02:19.0825 4808 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys 18:02:19.0871 4808 HDAudBus - ok 18:02:19.0949 4808 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys 18:02:19.0996 4808 HECIx64 - ok 18:02:19.0996 4808 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys 18:02:20.0059 4808 HidBatt - ok 18:02:20.0090 4808 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys 18:02:20.0137 4808 HidBth - ok 18:02:20.0168 4808 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys 18:02:20.0199 4808 HidIr - ok 18:02:20.0246 4808 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll 18:02:20.0324 4808 hidserv - ok 18:02:20.0339 4808 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys 18:02:20.0355 4808 HidUsb - ok 18:02:20.0417 4808 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll 18:02:20.0480 4808 hkmsvc - ok 18:02:20.0573 4808 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll 18:02:20.0667 4808 HomeGroupListener - ok 18:02:20.0729 4808 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll 18:02:20.0807 4808 HomeGroupProvider - ok 18:02:21.0057 4808 hpqcxs08 (0a3c6aa4a9fc38c20ba4eac2c3351c05) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll 18:02:21.0088 4808 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning 18:02:21.0088 4808 hpqcxs08 - detected UnsignedFile.Multi.Generic (1) 18:02:21.0135 4808 hpqddsvc (75cc8c5146a3fb76221a7606628778d5) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll 18:02:21.0166 4808 hpqddsvc ( UnsignedFile.Multi.Generic ) - warning 18:02:21.0166 4808 hpqddsvc - detected UnsignedFile.Multi.Generic (1) 18:02:21.0213 4808 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys 18:02:21.0244 4808 HpSAMD - ok 18:02:21.0400 4808 HPSLPSVC (2adf33f93991c4e24e86ffa5f906417b) C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL 18:02:21.0478 4808 HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning 18:02:21.0478 4808 HPSLPSVC - detected UnsignedFile.Multi.Generic (1) 18:02:21.0587 4808 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys 18:02:21.0697 4808 HTTP - ok 18:02:21.0743 4808 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys 18:02:21.0759 4808 hwpolicy - ok 18:02:21.0821 4808 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys 18:02:21.0853 4808 i8042prt - ok 18:02:22.0009 4808 iaStor (1384872112e8e7fd5786eceb8bddf4c9) C:\Windows\system32\DRIVERS\iaStor.sys 18:02:22.0024 4808 iaStor - ok 18:02:22.0243 4808 IAStorDataMgrSvc (6b24d1c3096de796d15571079ea5e98c) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe 18:02:22.0258 4808 IAStorDataMgrSvc - ok 18:02:22.0352 4808 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys 18:02:22.0399 4808 iaStorV - ok 18:02:22.0555 4808 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 18:02:22.0617 4808 idsvc - ok 18:02:23.0834 4808 igfx (f4f91789c7c7a159ce8215c1f69f2a85) C:\Windows\system32\DRIVERS\igdkmd64.sys 18:02:24.0224 4808 igfx - ok 18:02:24.0567 4808 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys 18:02:24.0598 4808 iirsp - ok 18:02:24.0676 4808 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll 18:02:24.0832 4808 IKEEXT - ok 18:02:24.0910 4808 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\DRIVERS\Impcd.sys 18:02:24.0988 4808 Impcd - ok 18:02:25.0316 4808 IntcAzAudAddService (235362d403d9d677514649d88db31914) C:\Windows\system32\drivers\RTKVHD64.sys 18:02:25.0409 4808 IntcAzAudAddService - ok 18:02:25.0799 4808 IntcDAud (ae594cc17c33ac146739494615e14851) C:\Windows\system32\DRIVERS\IntcDAud.sys 18:02:25.0862 4808 IntcDAud - ok 18:02:25.0877 4808 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys 18:02:25.0893 4808 intelide - ok 18:02:25.0940 4808 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys 18:02:26.0002 4808 intelppm - ok 18:02:26.0096 4808 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll 18:02:26.0299 4808 IPBusEnum - ok 18:02:26.0767 4808 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys 18:02:26.0860 4808 IpFilterDriver - ok 18:02:27.0016 4808 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll 18:02:27.0203 4808 iphlpsvc - ok 18:02:27.0281 4808 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys 18:02:27.0297 4808 IPMIDRV - ok 18:02:27.0359 4808 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 18:02:27.0469 4808 IPNAT - ok 18:02:27.0640 4808 iPod Service (a9ab99ee7d39725eafec82732d2b3271) C:\Program Files\iPod\bin\iPodService.exe 18:02:27.0671 4808 iPod Service - ok 18:02:27.0749 4808 iprip (11fe7637a49b67d9b1f895b2ad4d982f) C:\Windows\System32\iprip.dll 18:02:27.0827 4808 iprip - ok 18:02:27.0859 4808 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 18:02:27.0952 4808 IRENUM - ok 18:02:27.0999 4808 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys 18:02:28.0015 4808 isapnp - ok 18:02:28.0155 4808 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\DRIVERS\msiscsi.sys 18:02:28.0186 4808 iScsiPrt - ok 18:02:28.0280 4808 k57nd60a (37e053a2cf8f0082b689ed74106e0cec) C:\Windows\system32\DRIVERS\k57nd60a.sys 18:02:28.0311 4808 k57nd60a - ok 18:02:28.0373 4808 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys 18:02:28.0405 4808 kbdclass - ok 18:02:28.0467 4808 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys 18:02:28.0514 4808 kbdhid - ok 18:02:28.0592 4808 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 18:02:28.0607 4808 KeyIso - ok 18:02:28.0717 4808 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys 18:02:28.0779 4808 KSecDD - ok 18:02:28.0919 4808 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys 18:02:28.0951 4808 KSecPkg - ok 18:02:28.0966 4808 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 18:02:29.0029 4808 ksthunk - ok 18:02:29.0107 4808 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll 18:02:29.0263 4808 KtmRm - ok 18:02:29.0372 4808 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll 18:02:29.0450 4808 LanmanServer - ok 18:02:29.0497 4808 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll 18:02:29.0590 4808 LanmanWorkstation - ok 18:02:29.0653 4808 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 18:02:29.0746 4808 lltdio - ok 18:02:29.0840 4808 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll 18:02:29.0949 4808 lltdsvc - ok 18:02:29.0965 4808 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll 18:02:30.0027 4808 lmhosts - ok 18:02:30.0136 4808 LMS (dbc1136a62bd4decc3632df650284c2e) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe 18:02:30.0167 4808 LMS - ok 18:02:30.0261 4808 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys 18:02:30.0292 4808 LSI_FC - ok 18:02:30.0370 4808 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys 18:02:30.0401 4808 LSI_SAS - ok 18:02:30.0433 4808 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys 18:02:30.0448 4808 LSI_SAS2 - ok 18:02:30.0542 4808 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys 18:02:30.0589 4808 LSI_SCSI - ok 18:02:30.0620 4808 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 18:02:30.0713 4808 luafv - ok 18:02:30.0823 4808 MBAMProtector (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys 18:02:30.0854 4808 MBAMProtector - ok 18:02:30.0994 4808 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe 18:02:31.0010 4808 MBAMService - ok 18:02:31.0213 4808 McciCMService (e6cb119ef2e148eaa1a247343550756e) C:\Program Files (x86)\Common Files\Motive\McciCMService.exe 18:02:31.0244 4808 McciCMService ( UnsignedFile.Multi.Generic ) - warning 18:02:31.0244 4808 McciCMService - detected UnsignedFile.Multi.Generic (1) 18:02:31.0400 4808 McciCMService64 (be3d584d7c021eb7d89166eecb83c341) C:\Program Files\Common Files\Motive\McciCMService.exe 18:02:31.0462 4808 McciCMService64 ( UnsignedFile.Multi.Generic ) - warning 18:02:31.0462 4808 McciCMService64 - detected UnsignedFile.Multi.Generic (1) 18:02:31.0821 4808 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll 18:02:31.0930 4808 Mcx2Svc - ok 18:02:32.0055 4808 MDM (11f714f85530a2bd134074dc30e99fca) C:\Program Files (x86)\Common Files\Microsoft Shared\VS7Debug\mdm.exe 18:02:32.0086 4808 MDM - ok 18:02:32.0211 4808 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys 18:02:32.0258 4808 megasas - ok 18:02:32.0305 4808 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys 18:02:32.0336 4808 MegaSR - ok 18:02:32.0398 4808 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 18:02:32.0492 4808 MMCSS - ok 18:02:32.0523 4808 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 18:02:32.0617 4808 Modem - ok 18:02:32.0664 4808 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 18:02:32.0710 4808 monitor - ok 18:02:32.0788 4808 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys 18:02:32.0820 4808 mouclass - ok 18:02:32.0898 4808 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 18:02:32.0944 4808 mouhid - ok 18:02:32.0991 4808 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys 18:02:33.0007 4808 mountmgr - ok 18:02:33.0178 4808 MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 18:02:33.0210 4808 MozillaMaintenance - ok 18:02:33.0256 4808 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys 18:02:33.0272 4808 mpio - ok 18:02:33.0303 4808 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 18:02:33.0381 4808 mpsdrv - ok 18:02:33.0568 4808 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll 18:02:33.0678 4808 MpsSvc - ok 18:02:33.0787 4808 MQAC (cd22d2563039dda6793f7624719363a7) C:\Windows\system32\drivers\mqac.sys 18:02:33.0880 4808 MQAC - ok 18:02:34.0036 4808 MREMP50 (9bd4dcb5412921864a7aacdedfbd1923) C:\PROGRA~2\COMMON~1\Motive\MREMP50.SYS 18:02:34.0052 4808 MREMP50 ( UnsignedFile.Multi.Generic ) - warning 18:02:34.0052 4808 MREMP50 - detected UnsignedFile.Multi.Generic (1) 18:02:34.0099 4808 MREMP50a64 - ok 18:02:34.0099 4808 MREMPR5 - ok 18:02:34.0114 4808 MRENDIS5 - ok 18:02:34.0161 4808 MRESP50 (07c02c892e8e1a72d6bf35004f0e9c5e) C:\PROGRA~2\COMMON~1\Motive\MRESP50.SYS 18:02:34.0192 4808 MRESP50 ( UnsignedFile.Multi.Generic ) - warning 18:02:34.0192 4808 MRESP50 - detected UnsignedFile.Multi.Generic (1) 18:02:34.0192 4808 MRESP50a64 - ok 18:02:34.0255 4808 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys 18:02:34.0317 4808 MRxDAV - ok 18:02:34.0364 4808 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys 18:02:34.0426 4808 mrxsmb - ok 18:02:34.0489 4808 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys 18:02:34.0520 4808 mrxsmb10 - ok 18:02:34.0567 4808 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys 18:02:34.0598 4808 mrxsmb20 - ok 18:02:34.0692 4808 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys 18:02:34.0723 4808 msahci - ok 18:02:34.0832 4808 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys 18:02:34.0863 4808 msdsm - ok 18:02:34.0910 4808 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe 18:02:34.0972 4808 MSDTC - ok 18:02:35.0082 4808 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 18:02:35.0206 4808 Msfs - ok 18:02:35.0300 4808 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 18:02:35.0378 4808 mshidkmdf - ok 18:02:35.0472 4808 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys 18:02:35.0503 4808 msisadrv - ok 18:02:35.0581 4808 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll 18:02:35.0659 4808 MSiSCSI - ok 18:02:35.0659 4808 MSIServer - ok 18:02:35.0706 4808 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 18:02:35.0768 4808 MSKSSRV - ok 18:02:35.0862 4808 MSMQ (faaeaef99e53561beee58f946ca56f0d) C:\Windows\system32\mqsvc.exe 18:02:35.0924 4808 MSMQ - ok 18:02:35.0955 4808 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 18:02:36.0018 4808 MSPCLOCK - ok 18:02:36.0064 4808 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 18:02:36.0142 4808 MSPQM - ok 18:02:36.0267 4808 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys 18:02:36.0298 4808 MsRPC - ok 18:02:36.0361 4808 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys 18:02:36.0376 4808 mssmbios - ok 18:02:36.0423 4808 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 18:02:36.0517 4808 MSTEE - ok 18:02:36.0532 4808 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys 18:02:36.0548 4808 MTConfig - ok 18:02:36.0595 4808 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 18:02:36.0626 4808 Mup - ok 18:02:36.0688 4808 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll 18:02:36.0751 4808 napagent - ok 18:02:36.0813 4808 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 18:02:36.0876 4808 NativeWifiP - ok 18:02:37.0110 4808 NAUpdate (934bb0d23a25c8c136570800a5a149b6) C:\Program Files (x86)\Nero\Update\NASvc.exe 18:02:37.0141 4808 NAUpdate - ok 18:02:37.0312 4808 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys 18:02:37.0359 4808 NDIS - ok 18:02:37.0375 4808 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 18:02:37.0437 4808 NdisCap - ok 18:02:37.0468 4808 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 18:02:37.0546 4808 NdisTapi - ok 18:02:37.0624 4808 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys 18:02:37.0734 4808 Ndisuio - ok 18:02:37.0765 4808 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys 18:02:37.0874 4808 NdisWan - ok 18:02:37.0968 4808 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys 18:02:38.0061 4808 NDProxy - ok 18:02:38.0233 4808 Nero BackItUp Scheduler 4.0 (7d2633295eb6ff2b938185874884059d) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe 18:02:38.0311 4808 Nero BackItUp Scheduler 4.0 - ok 18:02:38.0373 4808 Net Driver HPZ12 (d5ac41ae382738483faffbd7e373d49a) C:\Windows\system32\HPZinw12.dll 18:02:38.0404 4808 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning 18:02:38.0404 4808 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1) 18:02:38.0498 4808 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 18:02:38.0607 4808 NetBIOS - ok 18:02:38.0670 4808 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys 18:02:38.0748 4808 NetBT - ok 18:02:38.0779 4808 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 18:02:38.0794 4808 Netlogon - ok 18:02:38.0872 4808 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll 18:02:38.0982 4808 Netman - ok 18:02:39.0153 4808 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 18:02:39.0169 4808 NetMsmqActivator - ok 18:02:39.0200 4808 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 18:02:39.0231 4808 NetPipeActivator - ok 18:02:39.0309 4808 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll 18:02:39.0434 4808 netprofm - ok 18:02:39.0450 4808 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 18:02:39.0465 4808 NetTcpActivator - ok 18:02:39.0481 4808 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 18:02:39.0481 4808 NetTcpPortSharing - ok 18:02:39.0574 4808 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys 18:02:39.0606 4808 nfrd960 - ok 18:02:39.0684 4808 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll 18:02:39.0746 4808 NlaSvc - ok 18:02:39.0762 4808 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 18:02:39.0808 4808 Npfs - ok 18:02:39.0840 4808 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll 18:02:39.0886 4808 nsi - ok 18:02:39.0902 4808 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 18:02:39.0980 4808 nsiproxy - ok 18:02:40.0214 4808 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys 18:02:40.0276 4808 Ntfs - ok 18:02:40.0386 4808 NTI IScheduleSvc (6fd534ede2905d3c3257cfdd881f9705) C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exe 18:02:40.0417 4808 NTI IScheduleSvc - ok 18:02:40.0682 4808 NTIDrvr (64ddd0dee976302f4bd93e5efcc2f013) C:\Windows\system32\drivers\NTIDrvr.sys 18:02:40.0713 4808 NTIDrvr - ok 18:02:40.0760 4808 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 18:02:40.0854 4808 Null - ok 18:02:40.0932 4808 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys 18:02:40.0963 4808 nvraid - ok 18:02:40.0994 4808 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys 18:02:41.0010 4808 nvstor - ok 18:02:41.0041 4808 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys 18:02:41.0056 4808 nv_agp - ok 18:02:41.0088 4808 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys 18:02:41.0103 4808 ohci1394 - ok 18:02:41.0212 4808 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 18:02:41.0244 4808 ose - ok 18:02:41.0852 4808 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 18:02:42.0008 4808 osppsvc - ok 18:02:42.0351 4808 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 18:02:42.0476 4808 p2pimsvc - ok 18:02:42.0523 4808 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll 18:02:42.0601 4808 p2psvc - ok 18:02:42.0679 4808 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys 18:02:42.0726 4808 Parport - ok 18:02:42.0772 4808 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys 18:02:42.0804 4808 partmgr - ok 18:02:42.0835 4808 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll 18:02:42.0882 4808 PcaSvc - ok 18:02:43.0006 4808 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys 18:02:43.0038 4808 pci - ok 18:02:43.0053 4808 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys 18:02:43.0069 4808 pciide - ok 18:02:43.0100 4808 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys 18:02:43.0116 4808 pcmcia - ok 18:02:43.0131 4808 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 18:02:43.0147 4808 pcw - ok 18:02:43.0209 4808 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 18:02:43.0303 4808 PEAUTH - ok 18:02:43.0474 4808 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe 18:02:43.0537 4808 PerfHost - ok 18:02:43.0755 4808 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll 18:02:43.0833 4808 pla - ok 18:02:43.0927 4808 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll 18:02:43.0989 4808 PlugPlay - ok 18:02:44.0052 4808 Pml Driver HPZ12 (37f6046cdc630442d7dc087501ff6fc6) C:\Windows\system32\HPZipm12.dll 18:02:44.0052 4808 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning 18:02:44.0052 4808 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1) 18:02:44.0067 4808 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll 18:02:44.0114 4808 PNRPAutoReg - ok 18:02:44.0161 4808 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 18:02:44.0192 4808 PNRPsvc - ok 18:02:44.0332 4808 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll 18:02:44.0473 4808 PolicyAgent - ok 18:02:44.0520 4808 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll 18:02:44.0566 4808 Power - ok 18:02:44.0644 4808 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys 18:02:44.0722 4808 PptpMiniport - ok 18:02:44.0769 4808 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys 18:02:44.0800 4808 Processor - ok 18:02:44.0941 4808 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll 18:02:45.0019 4808 ProfSvc - ok 18:02:45.0050 4808 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 18:02:45.0066 4808 ProtectedStorage - ok 18:02:45.0128 4808 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys 18:02:45.0206 4808 Psched - ok 18:02:45.0253 4808 PSI (fb46e9a827a8799ebd7bfa9128c91f37) C:\Windows\system32\DRIVERS\psi_mf.sys 18:02:45.0268 4808 PSI - ok 18:02:45.0440 4808 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys 18:02:45.0502 4808 ql2300 - ok 18:02:45.0768 4808 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys 18:02:45.0783 4808 ql40xx - ok 18:02:45.0861 4808 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll 18:02:45.0908 4808 QWAVE - ok 18:02:45.0939 4808 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 18:02:45.0970 4808 QWAVEdrv - ok 18:02:46.0002 4808 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 18:02:46.0080 4808 RasAcd - ok 18:02:46.0126 4808 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 18:02:46.0204 4808 RasAgileVpn - ok 18:02:46.0236 4808 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll 18:02:46.0314 4808 RasAuto - ok 18:02:46.0360 4808 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys 18:02:46.0423 4808 Rasl2tp - ok 18:02:46.0485 4808 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll 18:02:46.0563 4808 RasMan - ok 18:02:46.0594 4808 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 18:02:46.0657 4808 RasPppoe - ok 18:02:46.0704 4808 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 18:02:46.0750 4808 RasSstp - ok 18:02:46.0813 4808 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys 18:02:46.0922 4808 rdbss - ok 18:02:46.0953 4808 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys 18:02:47.0000 4808 rdpbus - ok 18:02:47.0016 4808 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 18:02:47.0109 4808 RDPCDD - ok 18:02:47.0140 4808 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 18:02:47.0187 4808 RDPENCDD - ok 18:02:47.0187 4808 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 18:02:47.0234 4808 RDPREFMP - ok 18:02:47.0265 4808 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys 18:02:47.0359 4808 RDPWD - ok 18:02:47.0406 4808 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys 18:02:47.0421 4808 rdyboost - ok 18:02:47.0468 4808 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll 18:02:47.0515 4808 RemoteAccess - ok 18:02:47.0562 4808 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll 18:02:47.0624 4808 RemoteRegistry - ok 18:02:47.0718 4808 Revoflt (9c3ac71a9934b884fac567a8807e9c4d) C:\Windows\system32\DRIVERS\revoflt.sys 18:02:47.0733 4808 Revoflt - ok 18:02:47.0780 4808 RMCAST (caf88d6573d21cd2aa27001ddbfdc74d) C:\Windows\system32\DRIVERS\RMCAST.sys 18:02:47.0858 4808 RMCAST - ok 18:02:47.0889 4808 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll 18:02:47.0936 4808 RpcEptMapper - ok 18:02:47.0967 4808 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe 18:02:47.0983 4808 RpcLocator - ok 18:02:48.0061 4808 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll 18:02:48.0123 4808 RpcSs - ok 18:02:48.0170 4808 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 18:02:48.0264 4808 rspndr - ok 18:02:48.0326 4808 RSUSBSTOR (44ed82612403021e36998e1ecb1198f1) C:\Windows\system32\Drivers\RtsUStor.sys 18:02:48.0357 4808 RSUSBSTOR - ok 18:02:48.0388 4808 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 18:02:48.0404 4808 SamSs - ok 18:02:48.0435 4808 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys 18:02:48.0451 4808 sbp2port - ok 18:02:48.0622 4808 SBSDWSCService (794d4b48dfb6e999537c7c3947863463) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe 18:02:48.0654 4808 SBSDWSCService - ok 18:02:48.0700 4808 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll 18:02:48.0763 4808 SCardSvr - ok 18:02:48.0825 4808 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys 18:02:48.0888 4808 scfilter - ok 18:02:48.0981 4808 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll 18:02:49.0059 4808 Schedule - ok 18:02:49.0106 4808 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll 18:02:49.0184 4808 SCPolicySvc - ok 18:02:49.0200 4808 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll 18:02:49.0246 4808 SDRSVC - ok 18:02:49.0278 4808 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 18:02:49.0340 4808 secdrv - ok 18:02:49.0387 4808 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll 18:02:49.0465 4808 seclogon - ok 18:02:49.0574 4808 Secunia PSI Agent (5b66db4877bbac9f7493aa8d84421e49) C:\Program Files (x86)\Secunia\PSI\PSIA.exe 18:02:49.0621 4808 Secunia PSI Agent - ok 18:02:49.0668 4808 Secunia Update Agent (0e88fdf474f2cdd370a4a6ce77d018f0) C:\Program Files (x86)\Secunia\PSI\sua.exe 18:02:49.0699 4808 Secunia Update Agent - ok 18:02:49.0824 4808 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll 18:02:49.0917 4808 SENS - ok 18:02:49.0964 4808 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll 18:02:50.0026 4808 SensrSvc - ok 18:02:50.0058 4808 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys 18:02:50.0073 4808 Serenum - ok 18:02:50.0104 4808 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys 18:02:50.0136 4808 Serial - ok 18:02:50.0182 4808 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys 18:02:50.0229 4808 sermouse - ok 18:02:50.0292 4808 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll 18:02:50.0338 4808 SessionEnv - ok 18:02:50.0370 4808 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys 18:02:50.0432 4808 sffdisk - ok 18:02:50.0448 4808 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys 18:02:50.0479 4808 sffp_mmc - ok 18:02:50.0494 4808 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys 18:02:50.0572 4808 sffp_sd - ok 18:02:50.0588 4808 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys 18:02:50.0635 4808 sfloppy - ok 18:02:50.0744 4808 Sftfs (c6cc9297bd53e5229653303e556aa539) C:\Windows\system32\DRIVERS\Sftfslh.sys 18:02:50.0791 4808 Sftfs - ok 18:02:50.0947 4808 sftlist (13693b6354dd6e72dc5131da7d764b90) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe 18:02:51.0009 4808 sftlist - ok 18:02:51.0056 4808 Sftplay (390aa7bc52cee43f6790cdea1e776703) C:\Windows\system32\DRIVERS\Sftplaylh.sys 18:02:51.0087 4808 Sftplay - ok 18:02:51.0087 4808 Sftredir (617e29a0b0a2807466560d4c4e338d3e) C:\Windows\system32\DRIVERS\Sftredirlh.sys 18:02:51.0103 4808 Sftredir - ok 18:02:51.0103 4808 Sftvol (8f571f016fa1976f445147e9e6c8ae9b) C:\Windows\system32\DRIVERS\Sftvollh.sys 18:02:51.0118 4808 Sftvol - ok 18:02:51.0134 4808 sftvsa - ok 18:02:51.0196 4808 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll 18:02:51.0259 4808 SharedAccess - ok 18:02:51.0321 4808 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll 18:02:51.0399 4808 ShellHWDetection - ok 18:02:51.0446 4808 simptcp (e9e830d540ededed650f906628468548) C:\Windows\System32\tcpsvcs.exe 18:02:51.0462 4808 simptcp - ok 18:02:51.0477 4808 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys 18:02:51.0493 4808 SiSRaid2 - ok 18:02:51.0508 4808 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys 18:02:51.0540 4808 SiSRaid4 - ok 18:02:51.0586 4808 SkypeUpdate (6128e98eaaed364ed1a32708d2fd22cb) C:\Program Files (x86)\Skype\Updater\Updater.exe 18:02:51.0602 4808 SkypeUpdate - ok 18:02:51.0664 4808 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 18:02:51.0758 4808 Smb - ok 18:02:51.0789 4808 SNMP (ca62ae004e98374bf7f082cd765eea02) C:\Windows\System32\snmp.exe 18:02:51.0820 4808 SNMP - ok 18:02:51.0883 4808 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe 18:02:51.0930 4808 SNMPTRAP - ok 18:02:51.0945 4808 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 18:02:51.0961 4808 spldr - ok 18:02:52.0023 4808 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe 18:02:52.0101 4808 Spooler - ok 18:02:52.0382 4808 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe 18:02:52.0569 4808 sppsvc - ok 18:02:52.0678 4808 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll 18:02:52.0834 4808 sppuinotify - ok 18:02:52.0959 4808 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys 18:02:53.0053 4808 srv - ok 18:02:53.0115 4808 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys 18:02:53.0178 4808 srv2 - ok 18:02:53.0224 4808 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys 18:02:53.0256 4808 srvnet - ok 18:02:53.0302 4808 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll 18:02:53.0396 4808 SSDPSRV - ok 18:02:53.0427 4808 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll 18:02:53.0490 4808 SstpSvc - ok 18:02:53.0536 4808 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys 18:02:53.0552 4808 stexstor - ok 18:02:53.0630 4808 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll 18:02:53.0692 4808 stisvc - ok 18:02:53.0770 4808 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys 18:02:53.0786 4808 swenum - ok 18:02:53.0848 4808 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll 18:02:53.0926 4808 swprv - ok 18:02:53.0989 4808 SynTP (064a2530a4a7c7cec1be6a1945645be4) C:\Windows\system32\DRIVERS\SynTP.sys 18:02:54.0020 4808 SynTP - ok 18:02:54.0207 4808 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll 18:02:54.0285 4808 SysMain - ok 18:02:54.0410 4808 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll 18:02:54.0472 4808 TabletInputService - ok 18:02:54.0535 4808 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll 18:02:54.0628 4808 TapiSrv - ok 18:02:54.0660 4808 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll 18:02:54.0722 4808 TBS - ok 18:02:55.0050 4808 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys 18:02:55.0143 4808 Tcpip - ok 18:02:55.0393 4808 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys 18:02:55.0440 4808 TCPIP6 - ok 18:02:55.0518 4808 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys 18:02:55.0596 4808 tcpipreg - ok 18:02:55.0627 4808 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 18:02:55.0736 4808 TDPIPE - ok 18:02:55.0752 4808 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys 18:02:55.0783 4808 TDTCP - ok 18:02:55.0830 4808 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys 18:02:55.0892 4808 tdx - ok 18:02:55.0923 4808 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys 18:02:55.0939 4808 TermDD - ok 18:02:56.0001 4808 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll 18:02:56.0110 4808 TermService - ok 18:02:56.0142 4808 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll 18:02:56.0188 4808 Themes - ok 18:02:56.0235 4808 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 18:02:56.0282 4808 THREADORDER - ok 18:02:56.0313 4808 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll 18:02:56.0391 4808 TrkWks - ok 18:02:56.0469 4808 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe 18:02:56.0563 4808 TrustedInstaller - ok 18:02:56.0594 4808 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys 18:02:56.0672 4808 tssecsrv - ok 18:02:56.0719 4808 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys 18:02:56.0750 4808 TsUsbFlt - ok 18:02:56.0797 4808 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys 18:02:56.0859 4808 tunnel - ok 18:02:56.0890 4808 TurboB - ok 18:02:56.0922 4808 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys 18:02:56.0937 4808 uagp35 - ok 18:02:56.0953 4808 UBHelper (2e22c1fd397a5a9ffef55e9d1fc96c00) C:\Windows\system32\drivers\UBHelper.sys 18:02:56.0968 4808 UBHelper - ok 18:02:57.0015 4808 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys 18:02:57.0109 4808 udfs - ok 18:02:57.0140 4808 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe 18:02:57.0156 4808 UI0Detect - ok 18:02:57.0187 4808 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys 18:02:57.0187 4808 uliagpkx - ok 18:02:57.0234 4808 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys 18:02:57.0249 4808 umbus - ok 18:02:57.0265 4808 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys 18:02:57.0312 4808 UmPass - ok 18:02:57.0592 4808 UNS (7466809e6da561d60c2f1ce8ede3c73f) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe 18:02:57.0686 4808 UNS - ok 18:02:57.0811 4808 Updater Service (f9ec9acd504d823d9b9ca98a4f8d3ca2) C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe 18:02:57.0889 4808 Updater Service - ok 18:02:58.0045 4808 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll 18:02:58.0154 4808 upnphost - ok 18:02:58.0310 4808 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys 18:02:58.0341 4808 USBAAPL64 - ok 18:02:58.0388 4808 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys 18:02:58.0450 4808 usbccgp - ok 18:02:58.0497 4808 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys 18:02:58.0575 4808 usbcir - ok 18:02:58.0606 4808 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys 18:02:58.0653 4808 usbehci - ok 18:02:58.0716 4808 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys 18:02:58.0747 4808 usbhub - ok 18:02:58.0778 4808 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys 18:02:58.0809 4808 usbohci - ok 18:02:58.0856 4808 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys 18:02:58.0918 4808 usbprint - ok 18:02:58.0950 4808 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys 18:02:58.0981 4808 usbscan - ok 18:02:59.0012 4808 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS 18:02:59.0090 4808 USBSTOR - ok 18:02:59.0121 4808 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys 18:02:59.0137 4808 usbuhci - ok 18:02:59.0199 4808 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys 18:02:59.0246 4808 usbvideo - ok 18:02:59.0277 4808 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll 18:02:59.0355 4808 UxSms - ok 18:02:59.0386 4808 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 18:02:59.0402 4808 VaultSvc - ok 18:02:59.0418 4808 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys 18:02:59.0433 4808 vdrvroot - ok 18:02:59.0511 4808 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe 18:02:59.0620 4808 vds - ok 18:02:59.0714 4808 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 18:02:59.0776 4808 vga - ok 18:02:59.0792 4808 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 18:02:59.0870 4808 VgaSave - ok 18:02:59.0917 4808 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys 18:02:59.0964 4808 vhdmp - ok 18:02:59.0979 4808 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys 18:02:59.0995 4808 viaide - ok 18:03:00.0010 4808 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys 18:03:00.0026 4808 volmgr - ok 18:03:00.0088 4808 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys 18:03:00.0120 4808 volmgrx - ok 18:03:00.0166 4808 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys 18:03:00.0198 4808 volsnap - ok 18:03:00.0244 4808 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys 18:03:00.0276 4808 vsmraid - ok 18:03:00.0463 4808 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe 18:03:00.0588 4808 VSS - ok 18:03:00.0806 4808 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys 18:03:00.0868 4808 vwifibus - ok 18:03:00.0946 4808 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys 18:03:01.0009 4808 vwififlt - ok 18:03:01.0040 4808 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys 18:03:01.0087 4808 vwifimp - ok 18:03:01.0149 4808 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll 18:03:01.0227 4808 W32Time - ok 18:03:01.0383 4808 W3SVC (b32009db1972e7f2c227499289c4384a) C:\Windows\system32\inetsrv\iisw3adm.dll 18:03:01.0430 4808 W3SVC - ok 18:03:01.0477 4808 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys 18:03:01.0539 4808 WacomPen - ok 18:03:01.0586 4808 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 18:03:01.0648 4808 WANARP - ok 18:03:01.0664 4808 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 18:03:01.0711 4808 Wanarpv6 - ok 18:03:01.0742 4808 WAS (b32009db1972e7f2c227499289c4384a) C:\Windows\system32\inetsrv\iisw3adm.dll 18:03:01.0758 4808 WAS - ok 18:03:01.0882 4808 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe 18:03:01.0929 4808 WatAdminSvc - ok 18:03:02.0070 4808 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe 18:03:02.0226 4808 wbengine - ok 18:03:02.0350 4808 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll 18:03:02.0413 4808 WbioSrvc - ok 18:03:02.0491 4808 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll 18:03:02.0553 4808 wcncsvc - ok 18:03:02.0569 4808 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll 18:03:02.0600 4808 WcsPlugInService - ok 18:03:02.0740 4808 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys 18:03:02.0772 4808 Wd - ok 18:03:02.0850 4808 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 18:03:02.0896 4808 Wdf01000 - ok 18:03:02.0912 4808 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll 18:03:03.0021 4808 WdiServiceHost - ok 18:03:03.0037 4808 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll 18:03:03.0052 4808 WdiSystemHost - ok 18:03:03.0099 4808 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll 18:03:03.0177 4808 WebClient - ok 18:03:03.0224 4808 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll 18:03:03.0318 4808 Wecsvc - ok 18:03:03.0364 4808 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll 18:03:03.0427 4808 wercplsupport - ok 18:03:03.0474 4808 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll 18:03:03.0536 4808 WerSvc - ok 18:03:03.0598 4808 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 18:03:03.0676 4808 WfpLwf - ok 18:03:03.0708 4808 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 18:03:03.0723 4808 WIMMount - ok 18:03:03.0801 4808 WinDefend - ok 18:03:03.0817 4808 WinHttpAutoProxySvc - ok 18:03:03.0879 4808 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll 18:03:03.0942 4808 Winmgmt - ok 18:03:04.0129 4808 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll 18:03:04.0254 4808 WinRM - ok 18:03:04.0394 4808 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys 18:03:04.0410 4808 WinUsb - ok 18:03:04.0519 4808 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll 18:03:04.0612 4808 Wlansvc - ok 18:03:04.0706 4808 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe 18:03:04.0737 4808 wlcrasvc - ok 18:03:04.0971 4808 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 18:03:05.0080 4808 wlidsvc - ok 18:03:05.0174 4808 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys 18:03:05.0221 4808 WmiAcpi - ok 18:03:05.0314 4808 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe 18:03:05.0377 4808 wmiApSrv - ok 18:03:05.0439 4808 WMPNetworkSvc - ok 18:03:05.0470 4808 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll 18:03:05.0502 4808 WPCSvc - ok 18:03:05.0548 4808 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll 18:03:05.0595 4808 WPDBusEnum - ok 18:03:05.0611 4808 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 18:03:05.0673 4808 ws2ifsl - ok 18:03:05.0736 4808 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll 18:03:05.0782 4808 wscsvc - ok 18:03:05.0782 4808 WSearch - ok 18:03:06.0063 4808 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll 18:03:06.0141 4808 wuauserv - ok 18:03:06.0375 4808 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys 18:03:06.0438 4808 WudfPf - ok 18:03:06.0484 4808 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys 18:03:06.0594 4808 WUDFRd - ok 18:03:06.0640 4808 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll 18:03:06.0687 4808 wudfsvc - ok 18:03:06.0718 4808 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll 18:03:06.0843 4808 WwanSvc - ok 18:03:06.0968 4808 YahooAUService (dd0042f0c3b606a6a8b92d49afb18ad6) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe 18:03:06.0984 4808 YahooAUService - ok 18:03:07.0015 4808 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0 18:03:07.0452 4808 \Device\Harddisk0\DR0 - ok 18:03:07.0452 4808 Boot (0x1200) (ae9f1e5aa9deabb87e4b50ad15699b41) \Device\Harddisk0\DR0\Partition0 18:03:07.0452 4808 \Device\Harddisk0\DR0\Partition0 - ok 18:03:07.0483 4808 Boot (0x1200) (82c35759af5f712d7d5c4482558f053e) \Device\Harddisk0\DR0\Partition1 18:03:07.0483 4808 \Device\Harddisk0\DR0\Partition1 - ok 18:03:07.0483 4808 ============================================================ 18:03:07.0483 4808 Scan finished 18:03:07.0483 4808 ============================================================ 18:03:07.0498 3392 Detected object count: 9 18:03:07.0498 3392 Actual detected object count: 9 18:05:23.0671 3392 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user 18:05:23.0671 3392 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip 18:05:23.0671 3392 hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user 18:05:23.0671 3392 hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 18:05:23.0687 3392 HPSLPSVC ( UnsignedFile.Multi.Generic ) - skipped by user 18:05:23.0687 3392 HPSLPSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip 18:05:23.0687 3392 McciCMService ( UnsignedFile.Multi.Generic ) - skipped by user 18:05:23.0687 3392 McciCMService ( UnsignedFile.Multi.Generic ) - User select action: Skip 18:05:23.0687 3392 McciCMService64 ( UnsignedFile.Multi.Generic ) - skipped by user 18:05:23.0687 3392 McciCMService64 ( UnsignedFile.Multi.Generic ) - User select action: Skip 18:05:23.0687 3392 MREMP50 ( UnsignedFile.Multi.Generic ) - skipped by user 18:05:23.0687 3392 MREMP50 ( UnsignedFile.Multi.Generic ) - User select action: Skip 18:05:23.0702 3392 MRESP50 ( UnsignedFile.Multi.Generic ) - skipped by user 18:05:23.0702 3392 MRESP50 ( UnsignedFile.Multi.Generic ) - User select action: Skip 18:05:23.0702 3392 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user 18:05:23.0702 3392 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 18:05:23.0702 3392 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user 18:05:23.0702 3392 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 18:06:59.0096 2164 Deinitialize success Sorry Mr. C. I know that post was huge but I'm still learning how to zip-copy-paste. Mike
- June 23, 2012
- 10 replies
Hijacked..

mikeyluke replied to mikeyluke's topic in Resolved Malware Removal Logs

Please dont close the post...I didnt realize I ran the scan 4 times. Sorry...how embarassing. I will post the other three. Thanks. #1RogueKiller V7.5.4 [06/07/2012] by Tigzy mail: tigzyRK<at>gmail<dot>com Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/ Blog: http://tigzyrk.blogspot.com Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Normal mode User: owner [Admin rights] Mode: DNSFix -- Date: 06/19/2012 16:33:58 ¤¤¤ Bad processes: 0 ¤¤¤ ¤¤¤ Driver: [NOT LOADED] ¤¤¤ ¤¤¤ Registry Entries: 0 ¤¤¤ Finished : << RKreport[1].txt >> RKreport[1].txt #2RogueKiller V7.5.4 [06/07/2012] by Tigzy mail: tigzyRK<at>gmail<dot>com Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/ Blog: http://tigzyrk.blogspot.com Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Normal mode User: owner [Admin rights] Mode: HOSTSFix -- Date: 06/19/2012 16:34:16 ¤¤¤ Bad processes: 0 ¤¤¤ ¤¤¤ Driver: [NOT LOADED] ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ 127.0.0.1 www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 008i.com 127.0.0.1 www.008k.com 127.0.0.1 008k.com 127.0.0.1 www.00hq.com 127.0.0.1 00hq.com 127.0.0.1 010402.com 127.0.0.1 www.032439.com 127.0.0.1 032439.com 127.0.0.1 www.0scan.com 127.0.0.1 0scan.com 127.0.0.1 www.1000gratisproben.com 127.0.0.1 1000gratisproben.com 127.0.0.1 1001namen.com 127.0.0.1 www.1001namen.com 127.0.0.1 100888290cs.com 127.0.0.1 www.100888290cs.com 127.0.0.1 www.100sexlinks.com 127.0.0.1 100sexlinks.com [...] ¤¤¤ Resetted HOSTS: ¤¤¤ 127.0.0.1 localhost Finished : << RKreport[2].txt >> RKreport[1].txt ; RKreport[2].txt I'm pretty sure i messed up on #2......I reset the local host...sorry. Dang it, I knew I would mess this up. RogueKiller V7.5.4 [06/07/2012] by Tigzy mail: tigzyRK<at>gmail<dot>com Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/ Blog: http://tigzyrk.blogspot.com Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Normal mode User: owner [Admin rights] Mode: Shortcuts HJfix -- Date: 06/19/2012 16:35:35 ¤¤¤ Bad processes: 0 ¤¤¤ ¤¤¤ Driver: [NOT LOADED] ¤¤¤ ¤¤¤ File attributes restored: ¤¤¤ Desktop: Success 1 / Fail 0 Quick launch: Success 1 / Fail 0 Programs: Success 13 / Fail 0 Start menu: Success 1 / Fail 0 User folder: Success 191 / Fail 0 My documents: Success 0 / Fail 0 My favorites: Success 0 / Fail 0 My pictures: Success 0 / Fail 0 My music: Success 36 / Fail 0 My videos: Success 0 / Fail 0 Local drives: Success 95 / Fail 0 Backup: [NOT FOUND] Drives: [C:] \Device\HarddiskVolume3 -- 0x3 --> Restored [D:] \Device\CdRom0 -- 0x5 --> Skipped [Q:] \Device\SftVol -- 0x3 --> Restored ¤¤¤ Infection : ¤¤¤ Finished : << RKreport[3].txt >> RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt RogueKiller V7.5.4 [06/07/2012] by Tigzy mail: tigzyRK<at>gmail<dot>com Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/ Blog: http://tigzyrk.blogspot.com Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Normal mode User: owner [Admin rights] Mode: Scan -- Date: 06/19/2012 16:36:57 ¤¤¤ Bad processes: 0 ¤¤¤ ¤¤¤ Registry Entries: 9 ¤¤¤ [sUSP PATH] {5E02D0CA-BB52-4807-B627-DAB85032A452}.job @ : C:\Users\owner\Desktop\Office xp\Removable Disk\INSTMSI.EXE -> FOUND [sUSP PATH] Best Buy pc app.lnk @Default : C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe -> FOUND [sUSP PATH] Best Buy pc app.lnk @Default User : C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe -> FOUND [sUSP PATH] Best Buy pc app.lnk @DefaultAppPool : C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe -> FOUND [HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ] HKCU\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND [HJ] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND [HJ] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver: [NOT LOADED] ¤¤¤ ¤¤¤ Infection : ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ 127.0.0.1 localhost ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: WDC WD3200BPVT-22ZEST0 +++++ --- User --- [MBR] 4cffa4007eebce35d682d329f906573f [bSP] 9c572e3c8ccc05fd142d469b36cad048 : Windows 7 MBR Code Partition table: 0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 13312 Mo 1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 27265024 | Size: 100 Mo 2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 27469824 | Size: 291831 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[4].txt >> RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt ; RKreport[4].txt RogueKiller V7.5.4 [06/07/2012] by Tigzy mail: tigzyRK<at>gmail<dot>com Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/ Blog: http://tigzyrk.blogspot.com Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Normal mode User: owner [Admin rights] Mode: Scan -- Date: 06/19/2012 18:55:48 ¤¤¤ Bad processes: 0 ¤¤¤ ¤¤¤ Registry Entries: 9 ¤¤¤ [sUSP PATH] {5E02D0CA-BB52-4807-B627-DAB85032A452}.job @ : C:\Users\owner\Desktop\Office xp\Removable Disk\INSTMSI.EXE -> FOUND [sUSP PATH] Best Buy pc app.lnk @Default : C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe -> FOUND [sUSP PATH] Best Buy pc app.lnk @Default User : C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe -> FOUND [sUSP PATH] Best Buy pc app.lnk @DefaultAppPool : C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe -> FOUND [HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ] HKCU\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND [HJ] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND [HJ] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver: [NOT LOADED] ¤¤¤ ¤¤¤ Infection : ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ 127.0.0.1 localhost ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: WDC WD3200BPVT-22ZEST0 +++++ --- User --- [MBR] 4cffa4007eebce35d682d329f906573f [bSP] 9c572e3c8ccc05fd142d469b36cad048 : Windows 7 MBR Code Partition table: 0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 13312 Mo 1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 27265024 | Size: 100 Mo 2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 27469824 | Size: 291831 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[5].txt >> RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt ; RKreport[4].txt ; RKreport[5].txt RogueKiller V7.5.4 [06/07/2012] by Tigzy mail: tigzyRK<at>gmail<dot>com Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/ Blog: http://tigzyrk.blogspot.com Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Normal mode User: owner [Admin rights] Mode: Scan -- Date: 06/19/2012 19:09:12 ¤¤¤ Bad processes: 0 ¤¤¤ ¤¤¤ Registry Entries: 9 ¤¤¤ [sUSP PATH] {5E02D0CA-BB52-4807-B627-DAB85032A452}.job @ : C:\Users\owner\Desktop\Office xp\Removable Disk\INSTMSI.EXE -> FOUND [sUSP PATH] Best Buy pc app.lnk @Default : C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe -> FOUND [sUSP PATH] Best Buy pc app.lnk @Default User : C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe -> FOUND [sUSP PATH] Best Buy pc app.lnk @DefaultAppPool : C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe -> FOUND [HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ] HKCU\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND [HJ] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND [HJ] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver: [NOT LOADED] ¤¤¤ ¤¤¤ Infection : ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ 127.0.0.1 localhost ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: WDC WD3200BPVT-22ZEST0 +++++ --- User --- [MBR] 4cffa4007eebce35d682d329f906573f [bSP] 9c572e3c8ccc05fd142d469b36cad048 : Windows 7 MBR Code Partition table: 0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 13312 Mo 1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 27265024 | Size: 100 Mo 2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 27469824 | Size: 291831 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[6].txt >> RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt ; RKreport[4].txt ; RKreport[5].txt ; RKreport[6].txt That's all I have. Mike
- June 22, 2012
- 10 replies
Hijacked..

mikeyluke replied to mikeyluke's topic in Resolved Malware Removal Logs

Thanks Eperts! I ran an ESET Sysinspecter scan and it found local host infiltrations. (I think) What do you think? Here is the log you requested. ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver: [NOT LOADED] ¤¤¤ ¤¤¤ Infection : ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ 127.0.0.1 localhost ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: WDC WD3200BPVT-22ZEST0 +++++ --- User --- [MBR] 4cffa4007eebce35d682d329f906573f [bSP] 9c572e3c8ccc05fd142d469b36cad048 : Windows 7 MBR Code Partition table: 0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 13312 Mo 1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 27265024 | Size: 100 Mo 2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 27469824 | Size: 291831 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[4].txt >> RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt ; RKreport[4].txt Thanks again! Mike Luikens
- June 19, 2012
- 10 replies
Hijacked..

mikeyluke posted a topic in Resolved Malware Removal Logs

If someone could take a look at these files< I would be very grateful. Thanks. . DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.5.0 Run by owner at 21:03:14 on 2012-06-17 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.2807.1224 [GMT -7:00] . AV: ESET NOD32 Antivirus 5.2 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1} SP: ESET NOD32 Antivirus 5.2 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k LocalService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Windows\System32\alg.exe C:\Windows\system32\svchost.exe -k apphost C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe C:\Windows\system32\CISVC.EXE C:\Program Files (x86)\Launch Manager\dsiwmis.exe C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe C:\Program Files\Gateway\Gateway Power Management\ePowerSvc.exe C:\Program Files (x86)\Gateway\Registration\GREGsvc.exe C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt C:\Windows\System32\svchost.exe -k ipripsvc C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe C:\Windows\system32\mqsvc.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exe C:\Windows\system32\svchost.exe -k SDRSVC C:\Program Files (x86)\Secunia\PSI\PSIA.exe C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe C:\Windows\System32\tcpsvcs.exe C:\Windows\System32\snmp.exe C:\Windows\System32\svchost.exe -k swprv C:\Windows\system32\UI0Detect.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe C:\Windows\system32\vssvc.exe C:\Windows\system32\svchost.exe -k iissvcs C:\Windows\system32\svchost.exe -k wcssvc C:\Windows\System32\svchost.exe -k WerSvcGroup C:\Windows\System32\svchost.exe -k secsvcs C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE C:\Windows\system32\svchost.exe -k HPService C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files (x86)\Secunia\PSI\sua.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Windows\system32\dllhost.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files (x86)\Nero\Update\NASvc.exe C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe C:\Windows\SysWow64\perfhost.exe C:\Windows\System32\vds.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Windows\system32\Dwm.exe C:\Windows\system32\taskhost.exe C:\Windows\Explorer.EXE C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Gateway\Gateway Power Management\ePowerTray.exe C:\Program Files (x86)\Secunia\PSI\psi_tray.exe C:\Windows\system32\igfxext.exe C:\Windows\system32\igfxsrvc.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\BackupManagerTray.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files (x86)\Launch Manager\LManager.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe C:\Program Files (x86)\Launch Manager\LMworker.exe C:\Program Files\Gateway\Gateway Power Management\ePowerEvent.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files (x86)\Internet Explorer\IELowutil.exe C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe C:\Windows\system32\taskhost.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Windows\explorer.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.yahoo.com/ uDefault_Page_URL = hxxp://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&m=nv55c&r=27360111m405l0404z185a47k2j266 mDefault_Page_URL = hxxp://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&m=nv55c&r=27360111m405l0404z185a47k2j266 mStart Page = hxxp://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&m=nv55c&r=27360111m405l0404z185a47k2j266 uInternet Settings,ProxyOverride = *.local mWinlogon: Userinit=userinit.exe, BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll uRun: [spybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe mRun: [backupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\BackupManagerTray.exe" -h -k mRun: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" dRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SECUNI~1.LNK - C:\Program Files (x86)\Secunia\PSI\psi_tray.exe uPolicies-explorer: NoDesktopCleanupWizard = 1 (0x1) mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office10\EXCEL.EXE/3000 IE: {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - "C:\Program Files (x86)\Fiddler2\Fiddler.exe" IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll Trusted Zone: adobe.com\helpx Trusted Zone: adobe.com\kb2 Trusted Zone: adobe.com\www Trusted Zone: microsoft.com\www.update DPF: {15B782AF-55D8-11D1-B477-006097098764} - hxxp://download.macromedia.com/pub/shockwave/cabs/authorware/awswaxf.cab DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} - hxxp://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1325955364499 DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} - hxxp://h20614.www2.hp.com/ediags/gmd/Install/Cab/hpdetect118.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.5.3.0.cab DPF: {E0FEE963-BB53-4215-81AD-B28C77384644} - hxxps://pattcw.att.motive.com/wizlet/DSLActivation/static/installer/ATTInternetInstaller64.cab TCP: DhcpNameServer = 75.75.75.75 75.75.76.76 TCP: Interfaces\{DCE8BE87-BD14-49A1-BD56-78387D20146B} : DhcpNameServer = 75.75.75.75 75.75.76.76 Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll BHO-X64: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File BHO-X64: 0x1 - No File BHO-X64: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll BHO-X64: HP Print Enhancer - No File BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO-X64: AcroIEHelperStub - No File BHO-X64: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll BHO-X64: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll BHO-X64: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO-X64: SkypeIEPluginBHO - No File BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll BHO-X64: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll BHO-X64: HP Smart BHO Class - No File TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll EB-X64: {555D4D79-4BD2-4094-A395-CFC534424A05} - No File mRun-x64: [backupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\BackupManagerTray.exe" -h -k mRun-x64: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" IE-X64: {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - "C:\Program Files (x86)\Fiddler2\Fiddler.exe" Hosts: 127.0.0.1 www.spywareinfo.com . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\r34on5a0.default\ FF - prefs.js: browser.startup.homepage - hxxp://us.yahoo.com FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?pc=Z160&form=ZGAADF&install_date=20110913&q= FF - prefs.js: network.proxy.type - 0 FF - plugin: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Common Files\Motive\npMotive.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll FF - plugin: C:\Windows\SysWOW64\npmproxy.dll . ============= SERVICES / DRIVERS =============== . R1 eamonm;eamonm;C:\Windows\system32\DRIVERS\eamonm.sys --> C:\Windows\system32\DRIVERS\eamonm.sys [?] R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?] R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928] R2 BingDesktopUpdate;Bing Desktop Update service;C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [2012-3-30 151656] R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624] R2 DsiWMIService;Dritek WMI Service;C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2010-7-23 321104] R2 ekrn;ESET Service;C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2012-3-7 913144] R2 epfwwfpr;epfwwfpr;C:\Windows\system32\DRIVERS\epfwwfpr.sys --> C:\Windows\system32\DRIVERS\epfwwfpr.sys [?] R2 ePowerSvc;Acer ePower Service;C:\Program Files\Gateway\Gateway Power Management\ePowerSvc.exe [2010-8-23 868896] R2 GREGService;GREGService;C:\Program Files (x86)\Gateway\Registration\GREGsvc.exe [2010-1-8 23584] R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-7-22 13336] R2 iprip;RIP Listener;C:\Windows\System32\svchost.exe -k ipripsvc [2009-7-13 20992] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-5-13 654408] R2 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2011-11-25 687400] R2 NTI IScheduleSvc;NTI IScheduleSvc;C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exe [2010-5-24 255744] R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2012-6-17 1153368] R2 Secunia PSI Agent;Secunia PSI Agent;C:\Program Files (x86)\Secunia\PSI\psia.exe [2011-10-13 994360] R2 Secunia Update Agent;Secunia Update Agent;C:\Program Files (x86)\Secunia\PSI\sua.exe [2011-10-13 399416] R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776] R2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-7-22 2320920] R2 Updater Service;Updater Service;C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe [2010-7-22 243232] R3 HECIx64;Intel® Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?] R3 Impcd;Impcd;C:\Windows\system32\DRIVERS\Impcd.sys --> C:\Windows\system32\DRIVERS\Impcd.sys [?] R3 IntcDAud;Intel® Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?] R3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;C:\Windows\system32\DRIVERS\k57nd60a.sys --> C:\Windows\system32\DRIVERS\k57nd60a.sys [?] R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?] R3 PSI;PSI;C:\Windows\system32\DRIVERS\psi_mf.sys --> C:\Windows\system32\DRIVERS\psi_mf.sys [?] R3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sys --> C:\Windows\system32\DRIVERS\Sftfslh.sys [?] R3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftplaylh.sys --> C:\Windows\system32\DRIVERS\Sftplaylh.sys [?] R3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftredirlh.sys --> C:\Windows\system32\DRIVERS\Sftredirlh.sys [?] R3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh.sys --> C:\Windows\system32\DRIVERS\Sftvollh.sys [?] R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496] S2 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-8 257696] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-1-24 135664] S2 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-1-24 135664] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-2-29 158856] S2 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?] S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?] S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184] S3 Revoflt;Revoflt;C:\Windows\system32\DRIVERS\revoflt.sys --> C:\Windows\system32\DRIVERS\revoflt.sys [?] S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\system32\Drivers\RtsUStor.sys --> C:\Windows\system32\Drivers\RtsUStor.sys [?] S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?] S3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?] S4 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2011-5-13 1492840] S4 McciCMService64;McciCMService64;C:\Program Files\Common Files\Motive\McciCMService.exe [2011-8-11 517632] S4 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-4-28 129976] S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184] . =============== Created Last 30 ================ . 2012-06-17 20:18:30 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2012-06-17 20:05:11 69000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{337C8C12-228C-411A-81EC-AB3740A897D7}\offreg.dll 2012-06-15 22:43:36 8955792 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{337C8C12-228C-411A-81EC-AB3740A897D7}\mpengine.dll 2012-06-15 06:30:10 0 ----a-w- C:\Windows\SysWow64\REN6B27.tmp 2012-06-15 06:30:10 0 ----a-w- C:\Windows\SysWow64\REN6B26.tmp 2012-06-15 00:20:59 499200 ----a-w- C:\Program Files\Internet Explorer\jsdbgui.dll 2012-06-15 00:20:59 387584 ----a-w- C:\Program Files (x86)\Internet Explorer\jsdbgui.dll 2012-06-15 00:20:55 887296 ----a-w- C:\Program Files\Internet Explorer\iedvtool.dll 2012-06-15 00:20:55 678912 ----a-w- C:\Program Files (x86)\Internet Explorer\iedvtool.dll 2012-06-09 00:48:04 2622464 ----a-w- C:\Windows\System32\wucltux.dll 2012-06-09 00:47:47 99840 ----a-w- C:\Windows\System32\wudriver.dll 2012-06-09 00:47:28 36864 ----a-w- C:\Windows\System32\wuapp.exe 2012-06-09 00:47:28 186752 ----a-w- C:\Windows\System32\wuwebv.dll 2012-05-28 14:03:54 -------- d-----w- C:\Program Files\ESET 2012-05-26 20:37:15 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin7.dll 2012-05-26 20:37:15 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin6.dll 2012-05-26 20:37:15 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin5.dll 2012-05-26 20:37:15 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin4.dll 2012-05-26 20:37:15 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin3.dll 2012-05-26 20:37:15 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin2.dll 2012-05-26 20:37:15 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin.dll . ==================== Find3M ==================== . 2012-06-15 06:30:42 772592 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll 2012-06-15 06:30:42 687600 ----a-w- C:\Windows\SysWow64\deployJava1.dll 2012-06-15 06:28:17 955840 ----a-w- C:\Windows\System32\npdeployJava1.dll 2012-06-15 06:28:17 839096 ----a-w- C:\Windows\System32\deployJava1.dll 2012-05-18 02:06:48 2311680 ----a-w- C:\Windows\System32\jscript9.dll 2012-05-18 01:59:14 1392128 ----a-w- C:\Windows\System32\wininet.dll 2012-05-18 01:58:39 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl 2012-05-18 01:55:22 173056 ----a-w- C:\Windows\System32\ieUnatt.exe 2012-05-18 01:51:30 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2012-05-17 22:45:37 1800192 ----a-w- C:\Windows\SysWow64\jscript9.dll 2012-05-17 22:35:47 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll 2012-05-17 22:35:39 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2012-05-17 22:29:45 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe 2012-05-17 22:24:45 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2012-05-15 01:32:33 3146752 ----a-w- C:\Windows\System32\win32k.sys 2012-05-13 09:28:54 70304 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2012-05-13 09:28:54 419488 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2012-05-05 05:35:04 8744608 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe 2012-05-04 11:06:22 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe 2012-05-04 10:03:53 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe 2012-05-04 10:03:50 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe 2012-05-01 05:40:20 209920 ----a-w- C:\Windows\System32\profsvc.dll 2012-04-28 03:55:21 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys 2012-04-26 05:41:56 77312 ----a-w- C:\Windows\System32\rdpwsx.dll 2012-04-26 05:41:55 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll 2012-04-26 05:34:27 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe 2012-04-24 05:37:37 184320 ----a-w- C:\Windows\System32\cryptsvc.dll 2012-04-24 05:37:37 140288 ----a-w- C:\Windows\System32\cryptnet.dll 2012-04-24 05:37:36 1462272 ----a-w- C:\Windows\System32\crypt32.dll 2012-04-24 04:36:42 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll 2012-04-24 04:36:42 1158656 ----a-w- C:\Windows\SysWow64\crypt32.dll 2012-04-24 04:36:42 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll 2012-04-19 03:56:30 94208 ----a-w- C:\Windows\SysWow64\QuickTimeVR.qtx 2012-04-19 03:56:30 69632 ----a-w- C:\Windows\SysWow64\QuickTime.qts 2012-04-07 12:31:40 3216384 ----a-w- C:\Windows\System32\msi.dll 2012-04-07 11:26:29 2342400 ----a-w- C:\Windows\SysWow64\msi.dll 2012-04-04 22:56:40 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys 2012-03-30 11:35:47 1918320 ----a-w- C:\Windows\System32\drivers\tcpip.sys . ============= FINISH: 21:04:49.09 ===============
- June 18, 2012
- 10 replies

Sign In

mikeyluke

Posts

Joined

Last visited

Reputation

Hijacked..

Hijacked..

Hijacked..

Hijacked..

Browse

Activity

Personal

Business

Business Modules

Partners

Learn

Start here

Type of malware/attacks

How does it get on my computer?

Scams and grifts

Support

Important Information