Jump to content

tehwerldzbesstspelr

Members
 View Profile  See their activity

  • Posts

    12

  • Joined

  • Last visited

 Content Type 

Everything posted by tehwerldzbesstspelr

  1. tehwerldzbesstspelr
    Well, it looks like it still shows up when I manually open OpenOffice, but I didn't give it enough time to crash if it still will.
  2. tehwerldzbesstspelr
    The prompt didn't show up. Not sure what was causing that. :/
  3. tehwerldzbesstspelr
    After uninstalling OpenOffice, it stopped showing up. It essentially said that I already had an active window and if I had multiples it might cause continuity errors and if I didn't click out of it, my computer would bluescreen. It fif it on start-up, so I hadn't actually touched OpenOffice when the prompt showed up. But it hasn't come up after uninstalling the program. On the other hand, it was still doing it after all these scans and whatnot. So, whatever the problem was either got fixed from uninstalling it or is still there. I could reinstall the program to see what happens when I reboot, I guess.
  4. tehwerldzbesstspelr
    I haven't been redirected for a while. Though, yesterday when I turned the laptop back on, I got the OpenOffice prompt again. And,having momentarily forgotten to avoid uninstalling things without being instructed to, I uninstalled that, and it seemed to solve that problem, but I don't know what was causing it to open on its own.
  5. tehwerldzbesstspelr
    aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software Run date: 2012-07-10 11:39:44 ----------------------------- 11:39:44.829 OS Version: Windows x64 6.1.7601 Service Pack 1 11:39:44.829 Number of processors: 4 586 0x2A07 11:39:44.829 ComputerName: OWNER-PC UserName: owner 11:39:46.765 Initialize success 11:40:14.147 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 11:40:14.148 Disk 0 Vendor: WDC_WD64 01.0 Size: 610480MB BusType: 3 11:40:14.164 Disk 0 MBR read successfully 11:40:14.166 Disk 0 MBR scan 11:40:14.167 Disk 0 Windows 7 default MBR code 11:40:14.173 Disk 0 Partition 1 00 1C Hidd FAT32 LBA MSDOS5.0 25600 MB offset 2048 11:40:14.193 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 584878 MB offset 52430848 11:40:14.213 Disk 0 scanning C:\Windows\system32\drivers 11:40:19.440 Service scanning 11:41:09.446 Modules scanning 11:41:09.451 Disk 0 trace - called modules: 11:41:09.472 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys hal.dll 11:41:09.475 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800883c060] 11:41:09.477 3 CLASSPNP.SYS[fffff88001a1743f] -> nt!IofCallDriver -> [0xfffffa8005f78e40] 11:41:09.494 5 ACPI.sys[fffff88000f7f7a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8005f7b050] 11:41:09.497 Scan finished successfully 11:41:48.224 Disk 0 MBR has been saved successfully to "C:\Users\owner\Downloads\MBR.dat" 11:41:48.227 The log file has been saved successfully to "C:\Users\owner\Downloads\aswMBR.txt" MBR.zip
  6. tehwerldzbesstspelr
    16:52:52.0869 1524 TDSS rootkit removing tool 2.7.44.0 Jul 2 2012 20:01:08 16:52:53.0302 1524 ============================================================ 16:52:53.0302 1524 Current date / time: 2012/07/08 16:52:53.0302 16:52:53.0302 1524 SystemInfo: 16:52:53.0302 1524 16:52:53.0302 1524 OS Version: 6.1.7601 ServicePack: 1.0 16:52:53.0302 1524 Product type: Workstation 16:52:53.0302 1524 ComputerName: OWNER-PC 16:52:53.0302 1524 UserName: owner 16:52:53.0302 1524 Windows directory: C:\Windows 16:52:53.0302 1524 System windows directory: C:\Windows 16:52:53.0302 1524 Running under WOW64 16:52:53.0302 1524 Processor architecture: Intel x64 16:52:53.0302 1524 Number of processors: 4 16:52:53.0302 1524 Page size: 0x1000 16:52:53.0302 1524 Boot type: Normal boot 16:52:53.0302 1524 ============================================================ 16:52:53.0685 1524 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 16:52:53.0690 1524 ============================================================ 16:52:53.0690 1524 \Device\Harddisk0\DR0: 16:52:53.0690 1524 MBR partitions: 16:52:53.0690 1524 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3200800, BlocksNum 0x476572B0 16:52:53.0690 1524 ============================================================ 16:52:53.0721 1524 C: <-> \Device\Harddisk0\DR0\Partition0 16:52:53.0721 1524 ============================================================ 16:52:53.0721 1524 Initialize success 16:52:53.0721 1524 ============================================================ 16:52:56.0880 0748 ============================================================ 16:52:56.0880 0748 Scan started 16:52:56.0880 0748 Mode: Manual; 16:52:56.0880 0748 ============================================================ 16:52:57.0506 0748 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys 16:52:57.0507 0748 1394ohci - ok 16:52:57.0561 0748 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys 16:52:57.0563 0748 ACPI - ok 16:52:57.0580 0748 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys 16:52:57.0580 0748 AcpiPmi - ok 16:52:57.0679 0748 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys 16:52:57.0681 0748 adp94xx - ok 16:52:57.0736 0748 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys 16:52:57.0738 0748 adpahci - ok 16:52:57.0774 0748 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys 16:52:57.0775 0748 adpu320 - ok 16:52:57.0834 0748 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll 16:52:57.0834 0748 AeLookupSvc - ok 16:52:57.0911 0748 AFBAgent (69fd46fac0d9c4a8ecd522ac6a7481f5) C:\Windows\system32\FBAgent.exe 16:52:57.0913 0748 AFBAgent - ok 16:52:58.0039 0748 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys 16:52:58.0042 0748 AFD - ok 16:52:58.0099 0748 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys 16:52:58.0099 0748 agp440 - ok 16:52:58.0151 0748 AiCharger (14370049d8c9912eac7603809a77c378) C:\Windows\system32\DRIVERS\AiCharger.sys 16:52:58.0152 0748 AiCharger - ok 16:52:58.0201 0748 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe 16:52:58.0202 0748 ALG - ok 16:52:58.0250 0748 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys 16:52:58.0250 0748 aliide - ok 16:52:58.0255 0748 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys 16:52:58.0255 0748 amdide - ok 16:52:58.0283 0748 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys 16:52:58.0283 0748 AmdK8 - ok 16:52:58.0294 0748 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys 16:52:58.0294 0748 AmdPPM - ok 16:52:58.0320 0748 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys 16:52:58.0320 0748 amdsata - ok 16:52:58.0362 0748 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys 16:52:58.0363 0748 amdsbs - ok 16:52:58.0392 0748 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys 16:52:58.0392 0748 amdxata - ok 16:52:58.0439 0748 AmUStor (92a848f962da91c631147d566414bb7e) C:\Windows\system32\drivers\AmUStor.SYS 16:52:58.0439 0748 AmUStor - ok 16:52:58.0488 0748 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys 16:52:58.0489 0748 AppID - ok 16:52:58.0518 0748 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll 16:52:58.0519 0748 AppIDSvc - ok 16:52:58.0543 0748 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll 16:52:58.0543 0748 Appinfo - ok 16:52:58.0573 0748 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys 16:52:58.0574 0748 arc - ok 16:52:58.0586 0748 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys 16:52:58.0587 0748 arcsas - ok 16:52:58.0694 0748 ASLDRService (18e5c2f937f9deb8c282df66a3761925) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe 16:52:58.0694 0748 ASLDRService - ok 16:52:58.0746 0748 ASMMAP64 (4c016fd76ed5c05e84ca8cab77993961) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys 16:52:58.0746 0748 ASMMAP64 - ok 16:52:58.0789 0748 asmthub3 (0aa7a996792fb0287b33a57a8093ae44) C:\Windows\system32\DRIVERS\asmthub3.sys 16:52:58.0790 0748 asmthub3 - ok 16:52:58.0846 0748 asmtxhci (125dc3abf5bfccfe82ad17d078e0b9ec) C:\Windows\system32\DRIVERS\asmtxhci.sys 16:52:58.0848 0748 asmtxhci - ok 16:52:58.0933 0748 assd (06f30358a657cba22115c4368b4001f9) C:\Windows\system32\drivers\assd.sys 16:52:58.0933 0748 assd - ok 16:52:58.0961 0748 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 16:52:58.0961 0748 AsyncMac - ok 16:52:59.0003 0748 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys 16:52:59.0003 0748 atapi - ok 16:52:59.0232 0748 athr (0acc06fcf46f64ed4f11e57ee461c1f4) C:\Windows\system32\DRIVERS\athrx.sys 16:52:59.0239 0748 athr - ok 16:52:59.0346 0748 ATKGFNEXSrv (7910158929571214a959d5a6d16dd9c0) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe 16:52:59.0347 0748 ATKGFNEXSrv - ok 16:52:59.0383 0748 ATKWMIACPIIO (ac31727f9946e9009480708e4d1b9986) C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys 16:52:59.0384 0748 ATKWMIACPIIO - ok 16:52:59.0624 0748 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll 16:52:59.0627 0748 AudioEndpointBuilder - ok 16:52:59.0632 0748 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll 16:52:59.0635 0748 AudioSrv - ok 16:52:59.0687 0748 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll 16:52:59.0688 0748 AxInstSV - ok 16:52:59.0803 0748 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys 16:52:59.0805 0748 b06bdrv - ok 16:52:59.0885 0748 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys 16:52:59.0886 0748 b57nd60a - ok 16:53:00.0030 0748 BBSvc (93ee7d9c35ae7e9ffda148d7805f1421) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE 16:53:00.0031 0748 BBSvc - ok 16:53:00.0086 0748 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll 16:53:00.0087 0748 BDESVC - ok 16:53:00.0102 0748 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 16:53:00.0103 0748 Beep - ok 16:53:00.0184 0748 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll 16:53:00.0188 0748 BFE - ok 16:53:00.0301 0748 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\system32\qmgr.dll 16:53:00.0306 0748 BITS - ok 16:53:00.0411 0748 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys 16:53:00.0411 0748 blbdrive - ok 16:53:00.0434 0748 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys 16:53:00.0434 0748 bowser - ok 16:53:00.0472 0748 bpenum (56e4345f392f17d66683225e214840cb) C:\Windows\system32\DRIVERS\bpenum.sys 16:53:00.0472 0748 bpenum - ok 16:53:00.0510 0748 bpmp (d50b07c4d7afec4ca6ac8fcb72583c5b) C:\Windows\system32\DRIVERS\bpmp.sys 16:53:00.0511 0748 bpmp - ok 16:53:00.0600 0748 bpusb (a85ba55e4fe9cb2f342f281aaf7de810) C:\Windows\system32\Drivers\bpusb.sys 16:53:00.0601 0748 bpusb - ok 16:53:00.0622 0748 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys 16:53:00.0623 0748 BrFiltLo - ok 16:53:00.0640 0748 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys 16:53:00.0641 0748 BrFiltUp - ok 16:53:00.0651 0748 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys 16:53:00.0652 0748 BridgeMP - ok 16:53:00.0707 0748 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll 16:53:00.0708 0748 Browser - ok 16:53:00.0757 0748 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 16:53:00.0758 0748 Brserid - ok 16:53:00.0763 0748 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 16:53:00.0764 0748 BrSerWdm - ok 16:53:00.0767 0748 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 16:53:00.0767 0748 BrUsbMdm - ok 16:53:00.0770 0748 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 16:53:00.0770 0748 BrUsbSer - ok 16:53:00.0808 0748 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys 16:53:00.0809 0748 BthEnum - ok 16:53:00.0818 0748 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys 16:53:00.0818 0748 BTHMODEM - ok 16:53:00.0831 0748 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys 16:53:00.0831 0748 BthPan - ok 16:53:00.0888 0748 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys 16:53:00.0891 0748 BTHPORT - ok 16:53:00.0926 0748 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll 16:53:00.0927 0748 bthserv - ok 16:53:00.0949 0748 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys 16:53:00.0950 0748 BTHUSB - ok 16:53:00.0972 0748 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 16:53:00.0973 0748 cdfs - ok 16:53:01.0015 0748 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys 16:53:01.0016 0748 cdrom - ok 16:53:01.0051 0748 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll 16:53:01.0052 0748 CertPropSvc - ok 16:53:01.0080 0748 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys 16:53:01.0080 0748 circlass - ok 16:53:01.0122 0748 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 16:53:01.0123 0748 CLFS - ok 16:53:01.0180 0748 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 16:53:01.0181 0748 clr_optimization_v2.0.50727_32 - ok 16:53:01.0243 0748 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 16:53:01.0244 0748 clr_optimization_v2.0.50727_64 - ok 16:53:01.0296 0748 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 16:53:01.0297 0748 clr_optimization_v4.0.30319_32 - ok 16:53:01.0370 0748 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 16:53:01.0371 0748 clr_optimization_v4.0.30319_64 - ok 16:53:01.0397 0748 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys 16:53:01.0397 0748 CmBatt - ok 16:53:01.0423 0748 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys 16:53:01.0423 0748 cmdide - ok 16:53:01.0512 0748 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys 16:53:01.0514 0748 CNG - ok 16:53:01.0550 0748 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys 16:53:01.0551 0748 Compbatt - ok 16:53:01.0560 0748 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys 16:53:01.0560 0748 CompositeBus - ok 16:53:01.0577 0748 COMSysApp - ok 16:53:01.0596 0748 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys 16:53:01.0596 0748 crcdisk - ok 16:53:01.0651 0748 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll 16:53:01.0652 0748 CryptSvc - ok 16:53:01.0838 0748 cvhsvc (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE 16:53:01.0842 0748 cvhsvc - ok 16:53:01.0910 0748 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll 16:53:01.0914 0748 DcomLaunch - ok 16:53:01.0955 0748 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll 16:53:01.0957 0748 defragsvc - ok 16:53:02.0015 0748 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys 16:53:02.0016 0748 DfsC - ok 16:53:02.0059 0748 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll 16:53:02.0061 0748 Dhcp - ok 16:53:02.0081 0748 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 16:53:02.0081 0748 discache - ok 16:53:02.0110 0748 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys 16:53:02.0111 0748 Disk - ok 16:53:02.0218 0748 DMAgent (e7b489fa5b15d2fec3e52066e015b788) C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe 16:53:02.0220 0748 DMAgent - ok 16:53:02.0258 0748 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll 16:53:02.0260 0748 Dnscache - ok 16:53:02.0296 0748 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll 16:53:02.0298 0748 dot3svc - ok 16:53:02.0328 0748 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll 16:53:02.0329 0748 DPS - ok 16:53:02.0349 0748 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 16:53:02.0349 0748 drmkaud - ok 16:53:02.0454 0748 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys 16:53:02.0459 0748 DXGKrnl - ok 16:53:02.0508 0748 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll 16:53:02.0509 0748 EapHost - ok 16:53:02.0760 0748 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys 16:53:02.0775 0748 ebdrv - ok 16:53:02.0925 0748 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe 16:53:02.0926 0748 EFS - ok 16:53:03.0047 0748 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe 16:53:03.0051 0748 ehRecvr - ok 16:53:03.0075 0748 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe 16:53:03.0076 0748 ehSched - ok 16:53:03.0181 0748 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys 16:53:03.0184 0748 elxstor - ok 16:53:03.0198 0748 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys 16:53:03.0198 0748 ErrDev - ok 16:53:03.0269 0748 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll 16:53:03.0271 0748 EventSystem - ok 16:53:03.0509 0748 EvtEng (54fc81b0162478a72a93dbbeafb35671) C:\Program Files\Intel\WiFi\bin\EvtEng.exe 16:53:03.0515 0748 EvtEng - ok 16:53:03.0670 0748 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 16:53:03.0671 0748 exfat - ok 16:53:03.0707 0748 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 16:53:03.0708 0748 fastfat - ok 16:53:03.0807 0748 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe 16:53:03.0810 0748 Fax - ok 16:53:03.0826 0748 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys 16:53:03.0826 0748 fdc - ok 16:53:03.0859 0748 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll 16:53:03.0860 0748 fdPHost - ok 16:53:03.0878 0748 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll 16:53:03.0879 0748 FDResPub - ok 16:53:03.0907 0748 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 16:53:03.0907 0748 FileInfo - ok 16:53:03.0922 0748 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 16:53:03.0922 0748 Filetrace - ok 16:53:03.0936 0748 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys 16:53:03.0936 0748 flpydisk - ok 16:53:03.0980 0748 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys 16:53:03.0981 0748 FltMgr - ok 16:53:04.0085 0748 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll 16:53:04.0091 0748 FontCache - ok 16:53:04.0171 0748 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 16:53:04.0171 0748 FontCache3.0.0.0 - ok 16:53:04.0215 0748 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 16:53:04.0216 0748 FsDepends - ok 16:53:04.0265 0748 fssfltr (dc0dce4ec2c5d2cf6472f9fd6aa9a7dc) C:\Windows\system32\DRIVERS\fssfltr.sys 16:53:04.0265 0748 fssfltr - ok 16:53:04.0572 0748 fsssvc (40cdfad174b3d5e80f95dda003c0b97f) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe 16:53:04.0579 0748 fsssvc - ok 16:53:04.0715 0748 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys 16:53:04.0715 0748 Fs_Rec - ok 16:53:04.0782 0748 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys 16:53:04.0783 0748 fvevol - ok 16:53:04.0818 0748 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys 16:53:04.0818 0748 gagp30kx - ok 16:53:04.0912 0748 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll 16:53:04.0916 0748 gpsvc - ok 16:53:04.0929 0748 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 16:53:04.0930 0748 hcw85cir - ok 16:53:04.0993 0748 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys 16:53:04.0995 0748 HdAudAddService - ok 16:53:05.0023 0748 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys 16:53:05.0024 0748 HDAudBus - ok 16:53:05.0071 0748 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys 16:53:05.0072 0748 HidBatt - ok 16:53:05.0081 0748 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys 16:53:05.0081 0748 HidBth - ok 16:53:05.0097 0748 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys 16:53:05.0097 0748 HidIr - ok 16:53:05.0118 0748 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll 16:53:05.0119 0748 hidserv - ok 16:53:05.0139 0748 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys 16:53:05.0139 0748 HidUsb - ok 16:53:05.0176 0748 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll 16:53:05.0178 0748 hkmsvc - ok 16:53:05.0253 0748 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll 16:53:05.0255 0748 HomeGroupListener - ok 16:53:05.0317 0748 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll 16:53:05.0319 0748 HomeGroupProvider - ok 16:53:05.0361 0748 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys 16:53:05.0361 0748 HpSAMD - ok 16:53:05.0445 0748 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys 16:53:05.0448 0748 HTTP - ok 16:53:05.0477 0748 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys 16:53:05.0477 0748 hwpolicy - ok 16:53:05.0500 0748 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys 16:53:05.0501 0748 i8042prt - ok 16:53:05.0578 0748 iaStor (26cf4275034214ecedd8ec17b0a18a99) C:\Windows\system32\DRIVERS\iaStor.sys 16:53:05.0580 0748 iaStor - ok 16:53:05.0630 0748 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys 16:53:05.0632 0748 iaStorV - ok 16:53:05.0770 0748 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 16:53:05.0774 0748 idsvc - ok 16:53:06.0551 0748 igfx (e15a809273ea164a7479d2fa64d18988) C:\Windows\system32\DRIVERS\igdkmd64.sys 16:53:06.0604 0748 igfx - ok 16:53:06.0769 0748 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys 16:53:06.0769 0748 iirsp - ok 16:53:06.0867 0748 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll 16:53:06.0871 0748 IKEEXT - ok 16:53:06.0913 0748 intaud_WaveExtensible (caddf0927dac63edae48f5c35a61d87d) C:\Windows\system32\drivers\intelaud.sys 16:53:06.0914 0748 intaud_WaveExtensible - ok 16:53:07.0165 0748 IntcAzAudAddService (a3c9367a02b2a1fc22536add3601b64f) C:\Windows\system32\drivers\RTKVHD64.sys 16:53:07.0178 0748 IntcAzAudAddService - ok 16:53:07.0354 0748 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys 16:53:07.0355 0748 IntcDAud - ok 16:53:07.0388 0748 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys 16:53:07.0389 0748 intelide - ok 16:53:07.0423 0748 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys 16:53:07.0424 0748 intelppm - ok 16:53:07.0456 0748 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll 16:53:07.0457 0748 IPBusEnum - ok 16:53:07.0480 0748 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys 16:53:07.0481 0748 IpFilterDriver - ok 16:53:07.0553 0748 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll 16:53:07.0556 0748 iphlpsvc - ok 16:53:07.0574 0748 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys 16:53:07.0574 0748 IPMIDRV - ok 16:53:07.0586 0748 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 16:53:07.0587 0748 IPNAT - ok 16:53:07.0612 0748 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 16:53:07.0612 0748 IRENUM - ok 16:53:07.0617 0748 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys 16:53:07.0617 0748 isapnp - ok 16:53:07.0656 0748 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys 16:53:07.0657 0748 iScsiPrt - ok 16:53:07.0696 0748 iwdbus (716f66336f10885d935b08174dc54242) C:\Windows\system32\DRIVERS\iwdbus.sys 16:53:07.0696 0748 iwdbus - ok 16:53:07.0710 0748 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys 16:53:07.0711 0748 kbdclass - ok 16:53:07.0728 0748 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys 16:53:07.0729 0748 kbdhid - ok 16:53:07.0759 0748 kbfiltr (e63ef8c3271d014f14e2469ce75fecb4) C:\Windows\system32\DRIVERS\kbfiltr.sys 16:53:07.0760 0748 kbfiltr - ok 16:53:07.0802 0748 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 16:53:07.0803 0748 KeyIso - ok 16:53:07.0852 0748 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys 16:53:07.0853 0748 KSecDD - ok 16:53:07.0878 0748 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys 16:53:07.0879 0748 KSecPkg - ok 16:53:07.0917 0748 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 16:53:07.0917 0748 ksthunk - ok 16:53:07.0969 0748 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll 16:53:07.0971 0748 KtmRm - ok 16:53:08.0030 0748 L1C (655a5d8e80869781cce23760ada7e695) C:\Windows\system32\DRIVERS\L1C62x64.sys 16:53:08.0031 0748 L1C - ok 16:53:08.0080 0748 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\System32\srvsvc.dll 16:53:08.0083 0748 LanmanServer - ok 16:53:08.0118 0748 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll 16:53:08.0120 0748 LanmanWorkstation - ok 16:53:08.0162 0748 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 16:53:08.0162 0748 lltdio - ok 16:53:08.0313 0748 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll 16:53:08.0315 0748 lltdsvc - ok 16:53:08.0338 0748 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll 16:53:08.0339 0748 lmhosts - ok 16:53:08.0448 0748 LMS (7f32d4c47a50e7223491e8fb9359907d) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe 16:53:08.0450 0748 LMS - ok 16:53:08.0499 0748 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys 16:53:08.0499 0748 LSI_FC - ok 16:53:08.0519 0748 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys 16:53:08.0520 0748 LSI_SAS - ok 16:53:08.0527 0748 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys 16:53:08.0528 0748 LSI_SAS2 - ok 16:53:08.0542 0748 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys 16:53:08.0543 0748 LSI_SCSI - ok 16:53:08.0571 0748 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 16:53:08.0572 0748 luafv - ok 16:53:08.0595 0748 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll 16:53:08.0596 0748 Mcx2Svc - ok 16:53:08.0602 0748 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys 16:53:08.0602 0748 megasas - ok 16:53:08.0743 0748 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys 16:53:08.0745 0748 MegaSR - ok 16:53:08.0795 0748 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys 16:53:08.0795 0748 MEIx64 - ok 16:53:08.0828 0748 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 16:53:08.0829 0748 MMCSS - ok 16:53:08.0843 0748 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 16:53:08.0844 0748 Modem - ok 16:53:08.0877 0748 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 16:53:08.0877 0748 monitor - ok 16:53:08.0916 0748 motmodem (0ef6b989af403c1c1b6ebcbd2a280612) C:\Windows\system32\DRIVERS\motmodem.sys 16:53:08.0916 0748 motmodem - ok 16:53:09.0080 0748 MotoHelper (290750346f5937b02f62594b8eb03215) C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe 16:53:09.0081 0748 MotoHelper - ok 16:53:09.0111 0748 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys 16:53:09.0111 0748 mouclass - ok 16:53:09.0135 0748 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 16:53:09.0135 0748 mouhid - ok 16:53:09.0170 0748 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys 16:53:09.0171 0748 mountmgr - ok 16:53:09.0231 0748 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys 16:53:09.0232 0748 mpio - ok 16:53:09.0259 0748 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 16:53:09.0259 0748 mpsdrv - ok 16:53:09.0347 0748 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll 16:53:09.0352 0748 MpsSvc - ok 16:53:09.0364 0748 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys 16:53:09.0365 0748 MRxDAV - ok 16:53:09.0395 0748 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys 16:53:09.0396 0748 mrxsmb - ok 16:53:09.0441 0748 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys 16:53:09.0443 0748 mrxsmb10 - ok 16:53:09.0460 0748 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys 16:53:09.0461 0748 mrxsmb20 - ok 16:53:09.0480 0748 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys 16:53:09.0481 0748 msahci - ok 16:53:09.0511 0748 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys 16:53:09.0512 0748 msdsm - ok 16:53:09.0545 0748 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe 16:53:09.0546 0748 MSDTC - ok 16:53:09.0565 0748 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 16:53:09.0565 0748 Msfs - ok 16:53:09.0577 0748 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 16:53:09.0578 0748 mshidkmdf - ok 16:53:09.0594 0748 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys 16:53:09.0594 0748 msisadrv - ok 16:53:09.0646 0748 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll 16:53:09.0647 0748 MSiSCSI - ok 16:53:09.0651 0748 msiserver - ok 16:53:09.0673 0748 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 16:53:09.0674 0748 MSKSSRV - ok 16:53:09.0682 0748 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 16:53:09.0682 0748 MSPCLOCK - ok 16:53:09.0693 0748 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 16:53:09.0693 0748 MSPQM - ok 16:53:09.0741 0748 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys 16:53:09.0743 0748 MsRPC - ok 16:53:09.0785 0748 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys 16:53:09.0785 0748 mssmbios - ok 16:53:09.0823 0748 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 16:53:09.0823 0748 MSTEE - ok 16:53:09.0836 0748 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys 16:53:09.0837 0748 MTConfig - ok 16:53:09.0851 0748 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 16:53:09.0851 0748 Mup - ok 16:53:09.0958 0748 MyWiFiDHCPDNS (4bbb9d9c4df259fae2d172c5bb25ddd0) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe 16:53:09.0960 0748 MyWiFiDHCPDNS - ok 16:53:10.0021 0748 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll 16:53:10.0024 0748 napagent - ok 16:53:10.0084 0748 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 16:53:10.0086 0748 NativeWifiP - ok 16:53:10.0207 0748 NDIS (c38b8ae57f78915905064a9a24dc1586) C:\Windows\system32\drivers\ndis.sys 16:53:10.0212 0748 NDIS - ok 16:53:10.0238 0748 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 16:53:10.0239 0748 NdisCap - ok 16:53:10.0263 0748 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 16:53:10.0263 0748 NdisTapi - ok 16:53:10.0282 0748 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys 16:53:10.0283 0748 Ndisuio - ok 16:53:10.0311 0748 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys 16:53:10.0312 0748 NdisWan - ok 16:53:10.0342 0748 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys 16:53:10.0342 0748 NDProxy - ok 16:53:10.0362 0748 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 16:53:10.0363 0748 NetBIOS - ok 16:53:10.0399 0748 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys 16:53:10.0400 0748 NetBT - ok 16:53:10.0447 0748 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 16:53:10.0448 0748 Netlogon - ok 16:53:10.0512 0748 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll 16:53:10.0515 0748 Netman - ok 16:53:10.0585 0748 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll 16:53:10.0588 0748 netprofm - ok 16:53:10.0654 0748 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe 16:53:10.0655 0748 NetTcpPortSharing - ok 16:53:11.0264 0748 NETwNs64 (ac69618de5bcce8747c9ab0aae1003c1) C:\Windows\system32\DRIVERS\NETwNs64.sys 16:53:11.0301 0748 NETwNs64 - ok 16:53:11.0451 0748 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys 16:53:11.0452 0748 nfrd960 - ok 16:53:11.0511 0748 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll 16:53:11.0513 0748 NlaSvc - ok 16:53:11.0526 0748 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 16:53:11.0527 0748 Npfs - ok 16:53:11.0550 0748 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll 16:53:11.0551 0748 nsi - ok 16:53:11.0559 0748 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 16:53:11.0559 0748 nsiproxy - ok 16:53:11.0720 0748 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys 16:53:11.0727 0748 Ntfs - ok 16:53:11.0868 0748 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 16:53:11.0869 0748 Null - ok 16:53:11.0918 0748 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys 16:53:11.0919 0748 nvraid - ok 16:53:11.0934 0748 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys 16:53:11.0935 0748 nvstor - ok 16:53:11.0948 0748 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys 16:53:11.0949 0748 nv_agp - ok 16:53:11.0958 0748 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys 16:53:11.0959 0748 ohci1394 - ok 16:53:12.0051 0748 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 16:53:12.0052 0748 ose - ok 16:53:12.0402 0748 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 16:53:12.0424 0748 osppsvc - ok 16:53:12.0586 0748 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 16:53:12.0588 0748 p2pimsvc - ok 16:53:12.0636 0748 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll 16:53:12.0639 0748 p2psvc - ok 16:53:12.0783 0748 PanService (20bd38241edd66d8fdc9e3496a1762a3) C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe 16:53:12.0786 0748 PanService - ok 16:53:12.0906 0748 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys 16:53:12.0907 0748 Parport - ok 16:53:12.0950 0748 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys 16:53:12.0951 0748 partmgr - ok 16:53:12.0984 0748 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll 16:53:12.0986 0748 PcaSvc - ok 16:53:13.0017 0748 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys 16:53:13.0018 0748 pci - ok 16:53:13.0032 0748 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys 16:53:13.0032 0748 pciide - ok 16:53:13.0064 0748 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys 16:53:13.0066 0748 pcmcia - ok 16:53:13.0086 0748 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 16:53:13.0086 0748 pcw - ok 16:53:13.0159 0748 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 16:53:13.0162 0748 PEAUTH - ok 16:53:13.0247 0748 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe 16:53:13.0248 0748 PerfHost - ok 16:53:13.0414 0748 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll 16:53:13.0421 0748 pla - ok 16:53:13.0495 0748 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll 16:53:13.0498 0748 PlugPlay - ok 16:53:13.0509 0748 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll 16:53:13.0510 0748 PNRPAutoReg - ok 16:53:13.0553 0748 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 16:53:13.0555 0748 PNRPsvc - ok 16:53:13.0625 0748 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll 16:53:13.0628 0748 PolicyAgent - ok 16:53:13.0671 0748 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll 16:53:13.0673 0748 Power - ok 16:53:13.0744 0748 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys 16:53:13.0745 0748 PptpMiniport - ok 16:53:13.0769 0748 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys 16:53:13.0769 0748 Processor - ok 16:53:13.0824 0748 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll 16:53:13.0826 0748 ProfSvc - ok 16:53:13.0881 0748 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 16:53:13.0882 0748 ProtectedStorage - ok 16:53:13.0923 0748 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys 16:53:13.0923 0748 Psched - ok 16:53:14.0089 0748 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys 16:53:14.0095 0748 ql2300 - ok 16:53:14.0253 0748 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys 16:53:14.0253 0748 ql40xx - ok 16:53:14.0304 0748 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll 16:53:14.0306 0748 QWAVE - ok 16:53:14.0330 0748 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 16:53:14.0330 0748 QWAVEdrv - ok 16:53:14.0339 0748 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 16:53:14.0340 0748 RasAcd - ok 16:53:14.0381 0748 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 16:53:14.0382 0748 RasAgileVpn - ok 16:53:14.0406 0748 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll 16:53:14.0407 0748 RasAuto - ok 16:53:14.0431 0748 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys 16:53:14.0432 0748 Rasl2tp - ok 16:53:14.0474 0748 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll 16:53:14.0476 0748 RasMan - ok 16:53:14.0504 0748 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 16:53:14.0504 0748 RasPppoe - ok 16:53:14.0527 0748 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 16:53:14.0527 0748 RasSstp - ok 16:53:14.0567 0748 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys 16:53:14.0569 0748 rdbss - ok 16:53:14.0579 0748 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys 16:53:14.0580 0748 rdpbus - ok 16:53:14.0606 0748 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 16:53:14.0606 0748 RDPCDD - ok 16:53:14.0626 0748 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 16:53:14.0626 0748 RDPENCDD - ok 16:53:14.0635 0748 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 16:53:14.0636 0748 RDPREFMP - ok 16:53:14.0691 0748 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys 16:53:14.0692 0748 RDPWD - ok 16:53:14.0728 0748 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys 16:53:14.0729 0748 rdyboost - ok 16:53:14.0870 0748 RegSrvc (a436f5e7d80bbdbb0826d0f176d5bea8) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe 16:53:14.0874 0748 RegSrvc - ok 16:53:14.0908 0748 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll 16:53:14.0909 0748 RemoteAccess - ok 16:53:14.0953 0748 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll 16:53:14.0954 0748 RemoteRegistry - ok 16:53:15.0025 0748 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys 16:53:15.0026 0748 RFCOMM - ok 16:53:15.0053 0748 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll 16:53:15.0054 0748 RpcEptMapper - ok 16:53:15.0083 0748 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe 16:53:15.0084 0748 RpcLocator - ok 16:53:15.0143 0748 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll 16:53:15.0147 0748 RpcSs - ok 16:53:15.0164 0748 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 16:53:15.0165 0748 rspndr - ok 16:53:15.0203 0748 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 16:53:15.0204 0748 SamSs - ok 16:53:15.0216 0748 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys 16:53:15.0217 0748 sbp2port - ok 16:53:15.0258 0748 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll 16:53:15.0260 0748 SCardSvr - ok 16:53:15.0287 0748 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys 16:53:15.0288 0748 scfilter - ok 16:53:15.0413 0748 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll 16:53:15.0418 0748 Schedule - ok 16:53:15.0464 0748 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll 16:53:15.0465 0748 SCPolicySvc - ok 16:53:15.0489 0748 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll 16:53:15.0491 0748 SDRSVC - ok 16:53:15.0739 0748 SeaPort (cc781378e7eda615d2cdca3b17829fa4) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE 16:53:15.0740 0748 SeaPort - ok 16:53:15.0823 0748 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 16:53:15.0824 0748 secdrv - ok 16:53:15.0880 0748 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll 16:53:15.0882 0748 seclogon - ok 16:53:15.0899 0748 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll 16:53:15.0900 0748 SENS - ok 16:53:15.0929 0748 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll 16:53:15.0930 0748 SensrSvc - ok 16:53:15.0952 0748 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys 16:53:15.0952 0748 Serenum - ok 16:53:15.0988 0748 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys 16:53:15.0989 0748 Serial - ok 16:53:15.0994 0748 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys 16:53:15.0995 0748 sermouse - ok 16:53:16.0032 0748 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll 16:53:16.0034 0748 SessionEnv - ok 16:53:16.0037 0748 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys 16:53:16.0037 0748 sffdisk - ok 16:53:16.0056 0748 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys 16:53:16.0056 0748 sffp_mmc - ok 16:53:16.0060 0748 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys 16:53:16.0061 0748 sffp_sd - ok 16:53:16.0064 0748 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys 16:53:16.0065 0748 sfloppy - ok 16:53:16.0176 0748 Sftfs (c6cc9297bd53e5229653303e556aa539) C:\Windows\system32\DRIVERS\Sftfslh.sys 16:53:16.0179 0748 Sftfs - ok 16:53:16.0325 0748 sftlist (13693b6354dd6e72dc5131da7d764b90) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe 16:53:16.0327 0748 sftlist - ok 16:53:16.0378 0748 Sftplay (390aa7bc52cee43f6790cdea1e776703) C:\Windows\system32\DRIVERS\Sftplaylh.sys 16:53:16.0379 0748 Sftplay - ok 16:53:16.0394 0748 Sftredir (617e29a0b0a2807466560d4c4e338d3e) C:\Windows\system32\DRIVERS\Sftredirlh.sys 16:53:16.0394 0748 Sftredir - ok 16:53:16.0408 0748 Sftvol (8f571f016fa1976f445147e9e6c8ae9b) C:\Windows\system32\DRIVERS\Sftvollh.sys 16:53:16.0409 0748 Sftvol - ok 16:53:16.0440 0748 sftvsa (c3cddd18f43d44ab713cf8c4916f7696) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe 16:53:16.0441 0748 sftvsa - ok 16:53:16.0500 0748 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll 16:53:16.0502 0748 SharedAccess - ok 16:53:16.0560 0748 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll 16:53:16.0563 0748 ShellHWDetection - ok 16:53:16.0599 0748 SiSGbeLH (1bc348cf6baa90ec8e533ef6e6a69933) C:\Windows\system32\DRIVERS\SiSG664.sys 16:53:16.0599 0748 SiSGbeLH - ok 16:53:16.0614 0748 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys 16:53:16.0615 0748 SiSRaid2 - ok 16:53:16.0624 0748 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys 16:53:16.0624 0748 SiSRaid4 - ok 16:53:16.0649 0748 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 16:53:16.0649 0748 Smb - ok 16:53:16.0674 0748 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe 16:53:16.0675 0748 SNMPTRAP - ok 16:53:16.0684 0748 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 16:53:16.0685 0748 spldr - ok 16:53:16.0744 0748 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe 16:53:16.0748 0748 Spooler - ok 16:53:17.0001 0748 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe 16:53:17.0018 0748 sppsvc - ok 16:53:17.0206 0748 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll 16:53:17.0207 0748 sppuinotify - ok 16:53:17.0315 0748 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys 16:53:17.0317 0748 srv - ok 16:53:17.0361 0748 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys 16:53:17.0363 0748 srv2 - ok 16:53:17.0397 0748 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys 16:53:17.0398 0748 srvnet - ok 16:53:17.0435 0748 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll 16:53:17.0437 0748 SSDPSRV - ok 16:53:17.0461 0748 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll 16:53:17.0462 0748 SstpSvc - ok 16:53:17.0476 0748 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys 16:53:17.0477 0748 stexstor - ok 16:53:17.0561 0748 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll 16:53:17.0564 0748 stisvc - ok 16:53:17.0573 0748 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys 16:53:17.0573 0748 swenum - ok 16:53:17.0633 0748 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll 16:53:17.0637 0748 swprv - ok 16:53:17.0825 0748 SynTP (7e8902f9929a5d9ffd0f545332ce0f10) C:\Windows\system32\DRIVERS\SynTP.sys 16:53:17.0831 0748 SynTP - ok 16:53:18.0096 0748 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll 16:53:18.0105 0748 SysMain - ok 16:53:18.0193 0748 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll 16:53:18.0194 0748 TabletInputService - ok 16:53:18.0230 0748 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll 16:53:18.0232 0748 TapiSrv - ok 16:53:18.0268 0748 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll 16:53:18.0270 0748 TBS - ok 16:53:18.0485 0748 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys 16:53:18.0494 0748 Tcpip - ok 16:53:18.0757 0748 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys 16:53:18.0765 0748 TCPIP6 - ok 16:53:18.0857 0748 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys 16:53:18.0858 0748 tcpipreg - ok 16:53:18.0891 0748 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 16:53:18.0892 0748 TDPIPE - ok 16:53:18.0929 0748 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys 16:53:18.0930 0748 TDTCP - ok 16:53:18.0975 0748 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys 16:53:18.0976 0748 tdx - ok 16:53:18.0994 0748 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys 16:53:18.0995 0748 TermDD - ok 16:53:19.0080 0748 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll 16:53:19.0084 0748 TermService - ok 16:53:19.0108 0748 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll 16:53:19.0109 0748 Themes - ok 16:53:19.0138 0748 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 16:53:19.0139 0748 THREADORDER - ok 16:53:19.0167 0748 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll 16:53:19.0169 0748 TrkWks - ok 16:53:19.0235 0748 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe 16:53:19.0236 0748 TrustedInstaller - ok 16:53:19.0255 0748 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys 16:53:19.0255 0748 tssecsrv - ok 16:53:19.0283 0748 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys 16:53:19.0283 0748 TsUsbFlt - ok 16:53:19.0322 0748 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys 16:53:19.0323 0748 TsUsbGD - ok 16:53:19.0364 0748 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys 16:53:19.0365 0748 tunnel - ok 16:53:19.0395 0748 TurboB (fd24f98d2898be093fe926604be7db99) C:\Windows\system32\DRIVERS\TurboB.sys 16:53:19.0396 0748 TurboB - ok 16:53:19.0498 0748 TurboBoost (600b406a04d90f577fea8a88d7379f08) C:\Program Files\Intel\TurboBoost\TurboBoost.exe 16:53:19.0499 0748 TurboBoost - ok 16:53:19.0506 0748 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys 16:53:19.0507 0748 uagp35 - ok 16:53:19.0546 0748 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys 16:53:19.0548 0748 udfs - ok 16:53:19.0576 0748 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe 16:53:19.0578 0748 UI0Detect - ok 16:53:19.0603 0748 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys 16:53:19.0603 0748 uliagpkx - ok 16:53:19.0631 0748 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys 16:53:19.0632 0748 umbus - ok 16:53:19.0643 0748 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys 16:53:19.0644 0748 UmPass - ok 16:53:19.0934 0748 UNS (2c16648a12999ae69a9ebf41974b0ba2) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe 16:53:19.0946 0748 UNS - ok 16:53:20.0098 0748 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll 16:53:20.0101 0748 upnphost - ok 16:53:20.0146 0748 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys 16:53:20.0147 0748 usbccgp - ok 16:53:20.0178 0748 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys 16:53:20.0179 0748 usbcir - ok 16:53:20.0197 0748 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys 16:53:20.0198 0748 usbehci - ok 16:53:20.0258 0748 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys 16:53:20.0260 0748 usbhub - ok 16:53:20.0291 0748 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys 16:53:20.0292 0748 usbohci - ok 16:53:20.0298 0748 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys 16:53:20.0299 0748 usbprint - ok 16:53:20.0326 0748 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS 16:53:20.0326 0748 USBSTOR - ok 16:53:20.0342 0748 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys 16:53:20.0342 0748 usbuhci - ok 16:53:20.0396 0748 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys 16:53:20.0397 0748 usbvideo - ok 16:53:20.0433 0748 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll 16:53:20.0434 0748 UxSms - ok 16:53:20.0469 0748 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 16:53:20.0470 0748 VaultSvc - ok 16:53:20.0487 0748 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys 16:53:20.0487 0748 vdrvroot - ok 16:53:20.0553 0748 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe 16:53:20.0557 0748 vds - ok 16:53:20.0593 0748 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 16:53:20.0594 0748 vga - ok 16:53:20.0612 0748 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 16:53:20.0613 0748 VgaSave - ok 16:53:20.0646 0748 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys 16:53:20.0647 0748 vhdmp - ok 16:53:20.0662 0748 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys 16:53:20.0662 0748 viaide - ok 16:53:20.0688 0748 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys 16:53:20.0689 0748 volmgr - ok 16:53:20.0738 0748 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys 16:53:20.0740 0748 volmgrx - ok 16:53:20.0772 0748 volsnap (df8126bd41180351a093a3ad2fc8903b) C:\Windows\system32\drivers\volsnap.sys 16:53:20.0773 0748 volsnap - ok 16:53:20.0811 0748 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys 16:53:20.0812 0748 vsmraid - ok 16:53:20.0966 0748 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe 16:53:20.0974 0748 VSS - ok 16:53:21.0095 0748 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys 16:53:21.0096 0748 vwifibus - ok 16:53:21.0113 0748 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys 16:53:21.0114 0748 vwififlt - ok 16:53:21.0141 0748 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys 16:53:21.0141 0748 vwifimp - ok 16:53:21.0207 0748 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll 16:53:21.0210 0748 W32Time - ok 16:53:21.0301 0748 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys 16:53:21.0302 0748 WacomPen - ok 16:53:21.0361 0748 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 16:53:21.0362 0748 WANARP - ok 16:53:21.0376 0748 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 16:53:21.0377 0748 Wanarpv6 - ok 16:53:21.0536 0748 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe 16:53:21.0542 0748 WatAdminSvc - ok 16:53:21.0693 0748 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe 16:53:21.0701 0748 wbengine - ok 16:53:21.0858 0748 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll 16:53:21.0860 0748 WbioSrvc - ok 16:53:21.0908 0748 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll 16:53:21.0911 0748 wcncsvc - ok 16:53:21.0930 0748 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll 16:53:21.0932 0748 WcsPlugInService - ok 16:53:22.0005 0748 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys 16:53:22.0006 0748 Wd - ok 16:53:22.0073 0748 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 16:53:22.0076 0748 Wdf01000 - ok 16:53:22.0101 0748 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll 16:53:22.0103 0748 WdiServiceHost - ok 16:53:22.0105 0748 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll 16:53:22.0107 0748 WdiSystemHost - ok 16:53:22.0143 0748 wdkmd (63ce387483e74a0bd79ee4e5eba1fd2e) C:\Windows\system32\DRIVERS\WDKMD.sys 16:53:22.0144 0748 wdkmd - ok 16:53:22.0188 0748 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll 16:53:22.0191 0748 WebClient - ok 16:53:22.0230 0748 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll 16:53:22.0232 0748 Wecsvc - ok 16:53:22.0264 0748 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll 16:53:22.0265 0748 wercplsupport - ok 16:53:22.0295 0748 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll 16:53:22.0296 0748 WerSvc - ok 16:53:22.0334 0748 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 16:53:22.0334 0748 WfpLwf - ok 16:53:22.0496 0748 WiMAXAppSrv (245ea6a2cfae7b183ee9a14a4673b1f1) C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe 16:53:22.0501 0748 WiMAXAppSrv - ok 16:53:22.0558 0748 WimFltr (52ded146e4797e6ccf94799e8e22bb2a) C:\Windows\system32\DRIVERS\wimfltr.sys 16:53:22.0559 0748 WimFltr - ok 16:53:22.0577 0748 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 16:53:22.0577 0748 WIMMount - ok 16:53:22.0630 0748 WinDefend - ok 16:53:22.0634 0748 WinHttpAutoProxySvc - ok 16:53:22.0712 0748 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll 16:53:22.0714 0748 Winmgmt - ok 16:53:22.0895 0748 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll 16:53:22.0905 0748 WinRM - ok 16:53:23.0064 0748 WinUSB (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUSB.sys 16:53:23.0065 0748 WinUSB - ok 16:53:23.0163 0748 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll 16:53:23.0168 0748 Wlansvc - ok 16:53:23.0255 0748 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe 16:53:23.0255 0748 wlcrasvc - ok 16:53:23.0473 0748 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 16:53:23.0483 0748 wlidsvc - ok 16:53:23.0637 0748 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys 16:53:23.0638 0748 WmiAcpi - ok 16:53:23.0709 0748 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe 16:53:23.0711 0748 wmiApSrv - ok 16:53:23.0767 0748 WMPNetworkSvc - ok 16:53:23.0878 0748 WMZuneComm (83b6ca03c846fcd47f9883d77d1eb27b) C:\Program Files\Zune\WMZuneComm.exe 16:53:23.0879 0748 WMZuneComm - ok 16:53:23.0913 0748 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll 16:53:23.0914 0748 WPCSvc - ok 16:53:23.0946 0748 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll 16:53:23.0948 0748 WPDBusEnum - ok 16:53:23.0970 0748 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 16:53:23.0970 0748 ws2ifsl - ok 16:53:23.0993 0748 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\system32\wscsvc.dll 16:53:23.0995 0748 wscsvc - ok 16:53:23.0997 0748 WSearch - ok 16:53:24.0203 0748 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll 16:53:24.0215 0748 wuauserv - ok 16:53:24.0349 0748 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys 16:53:24.0350 0748 WudfPf - ok 16:53:24.0383 0748 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys 16:53:24.0384 0748 WUDFRd - ok 16:53:24.0425 0748 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll 16:53:24.0427 0748 wudfsvc - ok 16:53:24.0469 0748 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll 16:53:24.0472 0748 WwanSvc - ok 16:53:25.0059 0748 ZuneNetworkSvc (67b787c34fb2888d01b130ae007042d8) C:\Program Files\Zune\ZuneNss.exe 16:53:25.0095 0748 ZuneNetworkSvc - ok 16:53:25.0179 0748 ZuneWlanCfgSvc (4d89fc1c20cf655739efac5da81a67bc) C:\Program Files\Zune\ZuneWlanCfgSvc.exe 16:53:25.0181 0748 ZuneWlanCfgSvc - ok 16:53:25.0217 0748 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0 16:53:25.0553 0748 \Device\Harddisk0\DR0 - ok 16:53:25.0555 0748 Boot (0x1200) (5aa27af0cff779a8a4b989c1779c9de4) \Device\Harddisk0\DR0\Partition0 16:53:25.0556 0748 \Device\Harddisk0\DR0\Partition0 - ok 16:53:25.0556 0748 ============================================================ 16:53:25.0556 0748 Scan finished 16:53:25.0556 0748 ============================================================ 16:53:25.0564 3200 Detected object count: 0 16:53:25.0564 3200 Actual detected object count: 0 16:53:46.0280 2936 Deinitialize success
  7. tehwerldzbesstspelr
    I'm not sure why, but the order of the folders is out of whack with mine.Finding the route to that file isn't matching up with what I'm getting. I got to "Windows", and that too a bunch of searches since I couldn't find the right folders. But the searches stopped matching the route for anything after "Windows". Computer isn't finding anything on the file name, either. I'll run the TDSSKiller, though. One of the pages that would go to the mydomainadvisor has been coming up correctly, too. But I'll do the scan just in case.
  8. tehwerldzbesstspelr
    SystemLook 30.07.11 by jpshortstuff Log created at 14:27 on 08/07/2012 by owner Administrator - Elevation successful WARNING: SystemLook running under WOW64. Use SystemLook_x64 for accurate results. ========== regfind ========== Searching for "*blekko*" No data found. ========== filefind ========== Searching for "*blekko*" C:\Users\owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\BBBT8H7G\03ee76a1b9fb2f67_blekko[1].js --a---- 279309 bytes [23:17 04/07/2012] [23:17 04/07/2012] 03EE76A1B9FB2F675A3741B8B8BE0177 -= EOF =-
  9. tehwerldzbesstspelr
    ComboFix 12-07-07.04 - owner 07/07/2012 18:37:58.1.4 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.6049.4490 [GMT -7:00] Running from: c:\users\owner\Downloads\ComboFix.exe SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\programdata\Roaming . . ((((((((((((((((((((((((( Files Created from 2012-06-08 to 2012-07-08 ))))))))))))))))))))))))))))))) . . 2012-07-08 01:41 . 2012-07-08 01:41 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-07-07 16:03 . 2012-07-07 16:03 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{12646209-61D1-43BB-8D05-5C80CC40879E}\offreg.dll 2012-07-06 16:57 . 2012-05-31 04:04 9013136 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{12646209-61D1-43BB-8D05-5C80CC40879E}\mpengine.dll 2012-06-29 22:29 . 2012-06-29 22:29 -------- d-----w- C:\TDSSKiller_Quarantine 2012-06-22 23:07 . 2012-06-22 23:07 -------- d-----w- c:\users\owner\AppData\Local\ElevatedDiagnostics 2012-06-21 19:45 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll 2012-06-21 19:45 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe 2012-06-21 19:45 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll 2012-06-21 19:45 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll 2012-06-21 19:45 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll 2012-06-21 19:45 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll 2012-06-21 19:45 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll 2012-06-21 19:45 . 2012-06-02 22:19 186752 ----a-w- c:\windows\system32\wuwebv.dll 2012-06-21 19:45 . 2012-06-02 22:15 36864 ----a-w- c:\windows\system32\wuapp.exe 2012-06-14 05:41 . 2012-04-26 05:41 77312 ----a-w- c:\windows\system32\rdpwsx.dll 2012-06-14 05:41 . 2012-04-26 05:41 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll 2012-06-14 05:41 . 2012-04-26 05:34 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe 2012-06-14 05:41 . 2012-05-04 11:06 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-06-14 05:41 . 2012-05-01 05:40 209920 ----a-w- c:\windows\system32\profsvc.dll 2012-06-14 05:41 . 2012-05-04 10:03 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe 2012-06-14 05:41 . 2012-05-04 10:03 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe 2012-06-14 05:41 . 2012-05-15 01:32 3146752 ----a-w- c:\windows\system32\win32k.sys 2012-06-14 05:41 . 2012-04-28 03:55 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys 2012-06-14 05:41 . 2012-04-07 12:31 3216384 ----a-w- c:\windows\system32\msi.dll 2012-06-14 05:41 . 2012-04-07 11:26 2342400 ----a-w- c:\windows\SysWow64\msi.dll 2012-06-14 05:41 . 2012-04-24 05:37 1462272 ----a-w- c:\windows\system32\crypt32.dll 2012-06-14 05:40 . 2012-04-24 05:37 184320 ----a-w- c:\windows\system32\cryptsvc.dll 2012-06-14 05:40 . 2012-04-24 05:37 140288 ----a-w- c:\windows\system32\cryptnet.dll 2012-06-14 05:40 . 2012-04-24 04:36 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll 2012-06-14 05:40 . 2012-04-24 04:36 1158656 ----a-w- c:\windows\SysWow64\crypt32.dll 2012-06-14 05:40 . 2012-04-24 04:36 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll 2012-06-08 19:12 . 2012-07-01 13:37 -------- d-----w- c:\program files (x86)\PANDORA.TV 2012-06-08 19:12 . 2012-07-01 13:37 -------- d-----w- c:\program files (x86)\The KMPlayer 2012-06-08 19:11 . 2012-06-30 20:14 -------- d-----w- c:\programdata\blekko toolbars 2012-06-08 19:11 . 2012-06-08 19:11 -------- d-----w- c:\users\owner\AppData\Local\blekkotb_031 2012-06-08 19:06 . 2012-06-08 19:06 -------- d--h--w- c:\programdata\Common Files . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-07-04 23:09 . 2011-08-29 06:57 45056 ----a-w- c:\windows\SysWow64\acovcnt.exe 2012-04-29 00:30 . 2012-04-29 00:30 476960 ----a-w- c:\windows\SysWow64\npdeployJava1.dll 2012-04-29 00:30 . 2012-04-16 01:43 472864 ----a-w- c:\windows\SysWow64\deployJava1.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "Nuance PDF Reader-reminder"="c:\program files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" [2008-11-03 328992] "ASUSPRP"="c:\program files (x86)\ASUS\APRP\APRP.EXE" [2011-07-17 2984688] "SonicMasterTray"="c:\program files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe" [2010-07-10 984400] "ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2010-08-17 5732992] "ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2010-10-07 170624] "HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016] "Wireless Console 3"="c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe" [2010-09-23 1601536] "UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504] "UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504] "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696] . c:\users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ OpenOffice.org 3.3.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ AsusVibeLauncher.lnk - c:\program files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe [2011-7-17 549040] . c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Best Buy pc app.lnk - c:\programdata\Best Buy pc app\ClickOnceSetup.exe [2011-8-29 16032] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "mixer3"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [2011-03-18 74840] R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-03-02 183560] R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys [2011-05-17 34200] R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2011-05-02 340240] R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392] R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 31232] R3 TurboBoost;Intel® Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-10-24 1255736] R3 WMZuneComm;Zune Windows Mobile Connectivity Service;c:\program files\Zune\WMZuneComm.exe [2011-08-05 306400] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184] S0 assd;assd; [x] S1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-05-26 17536] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [2011-03-03 379520] S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416] S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624] S2 DMAgent;Intel® PROSet/Wireless WiMAX Red Bend Device Management Service;c:\program files\Intel\WiMAX\Bin\DMAgent.exe [2011-06-14 498688] S2 MotoHelper;MotoHelper Service;c:\program files (x86)\Motorola\MotoHelper\MotoHelperService.exe [2012-02-01 214896] S2 PanService;PandoraService;c:\program files (x86)\PANDORA.TV\PanService\PandoraService.exe [2011-12-21 578264] S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776] S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [2010-11-29 16120] S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-12-21 2656280] S2 WiMAXAppSrv;Intel® PROSet/Wireless WiMAX Service;c:\program files\Intel\WiMAX\Bin\AppSrv.exe [2011-06-14 986112] S3 AiCharger;ASUS Charger Driver;c:\windows\system32\DRIVERS\AiCharger.sys [2011-02-26 16768] S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys [2011-06-02 128488] S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys [2011-06-02 401896] S3 bpenum;Intel® Centrino® WiMAX Enumerator;c:\windows\system32\DRIVERS\bpenum.sys [2011-05-19 84480] S3 bpmp;Intel® Centrino® WiMAX 6050 Series;c:\windows\system32\DRIVERS\bpmp.sys [2011-05-19 182272] S3 bpusb;Intel® Centrino® WiMAX 6050 Series Function Driver;c:\windows\system32\Drivers\bpusb.sys [2011-05-19 83968] S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-15 317440] S3 iwdbus;IWD Bus Enumerator;c:\windows\system32\DRIVERS\iwdbus.sys [2011-05-17 25496] S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [2011-04-20 169584] S3 MEIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344] S3 NETwNs64;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETwNs64.sys [2011-05-01 8593920] S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184] S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264] S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648] S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960] S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376] S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496] S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920] S3 wdkmd;Intel WiDi KMD;c:\windows\system32\DRIVERS\WDKMD.sys [2011-05-17 42392] . . Contents of the 'Scheduled Tasks' folder . 2012-07-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2848949350-4156515593-1364991009-1000Core.job - c:\users\owner\AppData\Local\Google\Update\GoogleUpdate.exe [2011-10-23 21:38] . 2012-07-08 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2848949350-4156515593-1364991009-1000UA.job - c:\users\owner\AppData\Local\Google\Update\GoogleUpdate.exe [2011-10-23 21:38] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-06-01 168216] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-06-01 391960] "Persistence"="c:\windows\system32\igfxpers.exe" [2011-06-01 419096] "AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2011-03-21 361984] "RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-05-17 2226280] "IntelPAN"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2011-05-02 1935120] "IntelTBRunOnce"="wscript.exe" [2009-07-14 168960] "Zune Launcher"="c:\program files\Zune\ZuneLauncher.exe" [2011-08-05 163552] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "LoadAppInit_DLLs"=0x0 . ------- Supplementary Scan ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://blekko.com/ws/?source=c3348dd4&toolbarid=blekkotb_031&u=7F6547C033E3EBBF695BF04FD24E655A&tbp=homepage mStart Page = hxxp://asus.msn.com mLocal Page = c:\windows\SysWOW64\blank.htm TCP: DhcpNameServer = 75.75.75.75 75.75.76.76 . - - - - ORPHANS REMOVED - - - - . URLSearchHooks-{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file) Toolbar-Locked - (no file) Toolbar-Locked - (no file) WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file) HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe HKLM-Run-SynAsusAcpi - c:\program files (x86)\Synaptics\SynTP\SynAsusAcpi.exe HKLM-Run-Setwallpaper - c:\programdata\SetWallpaper.cmd . . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Completion time: 2012-07-07 18:43:26 ComboFix-quarantined-files.txt 2012-07-08 01:43 . Pre-Run: 387,319,889,920 bytes free Post-Run: 387,156,951,040 bytes free . - - End Of File - - 677439F2D8B6D9D1B622F1E19107E8A2 . DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 9.0.8112.16421 Run by owner at 19:23:26 on 2012-07-07 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.6049.4453 [GMT -7:00] . SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\FBAgent.exe C:\Windows\system32\WLANExt.exe C:\Windows\system32\conhost.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\Intel\WiFi\bin\EvtEng.exe C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\taskeng.exe C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe C:\Program Files\P4G\BatteryLife.exe C:\Program Files (x86)\ASUS\Splendid\ACMON.exe C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe C:\Windows\SysWOW64\ACEngSvr.exe C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe C:\Program Files\Zune\ZuneLauncher.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\AsScrPro.exe C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Windows\system32\DllHost.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe C:\Windows\System32\svchost.exe -k secsvcs C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE C:\Windows\system32\notepad.exe C:\Windows\system32\WUDFHost.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://blekko.com/ws/?source=c3348dd4&toolbarid=blekkotb_031&u=7F6547C033E3EBBF695BF04FD24E655A&tbp=homepage mStart Page = hxxp://asus.msn.com BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" {e7df6bff-55a5-4eb7-a673-4ed3e9456d39} mRun: [Nuance PDF Reader-reminder] "C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini" mRun: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE" mRun: [sonicMasterTray] C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe mRun: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe mRun: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe mRun: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe mRun: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe mRun: [updateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5" mRun: [updateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" StartupFolder: C:\Users\owner\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\OPENOF~1.LNK - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ASUSVI~1.LNK - C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe uPolicies-explorer: NoDesktopCleanupWizard = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab TCP: DhcpNameServer = 75.75.75.75 75.75.76.76 TCP: Interfaces\{DAC31EF9-78B0-4A66-8221-E6F0BF517546} : DhcpNameServer = 75.75.75.75 75.75.76.76 TCP: Interfaces\{F8DD5847-1AB7-4FE8-B940-DFA3DFEF12FC} : DhcpNameServer = 75.75.75.75 75.75.76.76 TCP: Interfaces\{F8DD5847-1AB7-4FE8-B940-DFA3DFEF12FC}\845696A756E626562776D27657563747 : DhcpNameServer = 75.75.75.75 75.75.76.76 TCP: Interfaces\{F8DD5847-1AB7-4FE8-B940-DFA3DFEF12FC}\D697177756374733930373 : DhcpNameServer = 192.168.0.1 205.171.3.25 Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll BHO-X64: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO-X64: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll TB-X64: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" mRun-x64: [Nuance PDF Reader-reminder] "C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini" mRun-x64: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE" mRun-x64: [sonicMasterTray] C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe mRun-x64: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe mRun-x64: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe mRun-x64: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe mRun-x64: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe mRun-x64: [updateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5" mRun-x64: [updateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" Hosts: 127.0.0.1 www.spywareinfo.com . ============= SERVICES / DRIVERS =============== . R0 assd;assd;C:\Windows\system32\drivers\assd.sys --> C:\Windows\system32\drivers\assd.sys [?] R1 ATKWMIACPIIO;ATKWMIACPI Driver;C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-5-25 17536] R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?] R2 AFBAgent;AFBAgent;"C:\Windows\system32\FBAgent.exe" --> C:\Windows\system32\FBAgent.exe [?] R2 ASMMAP64;ASMMAP64;C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-7-2 15416] R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624] R2 DMAgent;Intel® PROSet/Wireless WiMAX Red Bend Device Management Service;C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe [2011-6-14 498688] R2 MotoHelper;MotoHelper Service;C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe [2012-2-1 214896] R2 PanService;PandoraService;C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe [2012-6-8 578264] R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776] R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\system32\DRIVERS\TurboB.sys --> C:\Windows\system32\DRIVERS\TurboB.sys [?] R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-8-28 2656280] R2 WiMAXAppSrv;Intel® PROSet/Wireless WiMAX Service;C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe [2011-6-14 986112] R3 AiCharger;ASUS Charger Driver;C:\Windows\system32\DRIVERS\AiCharger.sys --> C:\Windows\system32\DRIVERS\AiCharger.sys [?] R3 asmthub3;ASMedia USB3 Hub Service;C:\Windows\system32\DRIVERS\asmthub3.sys --> C:\Windows\system32\DRIVERS\asmthub3.sys [?] R3 asmtxhci;ASMEDIA XHCI Service;C:\Windows\system32\DRIVERS\asmtxhci.sys --> C:\Windows\system32\DRIVERS\asmtxhci.sys [?] R3 bpenum;Intel® Centrino® WiMAX Enumerator;C:\Windows\system32\DRIVERS\bpenum.sys --> C:\Windows\system32\DRIVERS\bpenum.sys [?] R3 bpmp;Intel® Centrino® WiMAX 6050 Series;C:\Windows\system32\DRIVERS\bpmp.sys --> C:\Windows\system32\DRIVERS\bpmp.sys [?] R3 bpusb;Intel® Centrino® WiMAX 6050 Series Function Driver;C:\Windows\system32\Drivers\bpusb.sys --> C:\Windows\system32\Drivers\bpusb.sys [?] R3 IntcDAud;Intel® Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?] R3 iwdbus;IWD Bus Enumerator;C:\Windows\system32\DRIVERS\iwdbus.sys --> C:\Windows\system32\DRIVERS\iwdbus.sys [?] R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\Windows\system32\DRIVERS\L1C62x64.sys --> C:\Windows\system32\DRIVERS\L1C62x64.sys [?] R3 MEIx64;Intel® Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?] R3 NETwNs64;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\system32\DRIVERS\NETwNs64.sys --> C:\Windows\system32\DRIVERS\NETwNs64.sys [?] R3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184] R3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sys --> C:\Windows\system32\DRIVERS\Sftfslh.sys [?] R3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftplaylh.sys --> C:\Windows\system32\DRIVERS\Sftplaylh.sys [?] R3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftredirlh.sys --> C:\Windows\system32\DRIVERS\Sftredirlh.sys [?] R3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh.sys --> C:\Windows\system32\DRIVERS\Sftvollh.sys [?] R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496] R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?] R3 wdkmd;Intel WiDi KMD;C:\Windows\system32\DRIVERS\WDKMD.sys --> C:\Windows\system32\DRIVERS\WDKMD.sys [?] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S3 AmUStor;AM USB Stroage Driver;C:\Windows\system32\drivers\AmUStor.SYS --> C:\Windows\system32\drivers\AmUStor.SYS [?] S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-3-1 183560] S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?] S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2011-5-13 1492840] S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\Windows\system32\drivers\intelaud.sys --> C:\Windows\system32\drivers\intelaud.sys [?] S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-5-2 340240] S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;C:\Windows\system32\DRIVERS\SiSG664.sys --> C:\Windows\system32\DRIVERS\SiSG664.sys [?] S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?] S3 TurboBoost;Intel® Turbo Boost Technology Monitor 2.0;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?] S3 WMZuneComm;Zune Windows Mobile Connectivity Service;C:\Program Files\Zune\WMZuneComm.exe [2011-8-5 306400] S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184] . =============== Created Last 30 ================ . 2012-07-08 01:36:15 98816 ----a-w- C:\Windows\sed.exe 2012-07-08 01:36:15 518144 ----a-w- C:\Windows\SWREG.exe 2012-07-08 01:36:15 256000 ----a-w- C:\Windows\PEV.exe 2012-07-08 01:36:15 208896 ----a-w- C:\Windows\MBR.exe 2012-07-07 16:03:53 69000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{12646209-61D1-43BB-8D05-5C80CC40879E}\offreg.dll 2012-07-06 16:57:59 9013136 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{12646209-61D1-43BB-8D05-5C80CC40879E}\mpengine.dll 2012-06-29 22:29:39 -------- d-----w- C:\TDSSKiller_Quarantine 2012-06-22 23:07:28 -------- d-----w- C:\Users\owner\AppData\Local\ElevatedDiagnostics 2012-06-21 19:45:59 2622464 ----a-w- C:\Windows\System32\wucltux.dll 2012-06-21 19:45:45 99840 ----a-w- C:\Windows\System32\wudriver.dll 2012-06-21 19:45:33 36864 ----a-w- C:\Windows\System32\wuapp.exe 2012-06-21 19:45:33 186752 ----a-w- C:\Windows\System32\wuwebv.dll 2012-06-14 05:41:10 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe 2012-06-14 05:41:10 77312 ----a-w- C:\Windows\System32\rdpwsx.dll 2012-06-14 05:41:10 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll 2012-06-14 05:41:08 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe 2012-06-14 05:41:08 209920 ----a-w- C:\Windows\System32\profsvc.dll 2012-06-14 05:41:06 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe 2012-06-14 05:41:06 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe 2012-06-14 05:41:04 3146752 ----a-w- C:\Windows\System32\win32k.sys 2012-06-14 05:41:03 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys 2012-06-14 05:41:02 3216384 ----a-w- C:\Windows\System32\msi.dll 2012-06-14 05:41:02 2342400 ----a-w- C:\Windows\SysWow64\msi.dll 2012-06-14 05:41:00 1462272 ----a-w- C:\Windows\System32\crypt32.dll 2012-06-14 05:40:59 184320 ----a-w- C:\Windows\System32\cryptsvc.dll 2012-06-14 05:40:59 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll 2012-06-14 05:40:59 140288 ----a-w- C:\Windows\System32\cryptnet.dll 2012-06-14 05:40:59 1158656 ----a-w- C:\Windows\SysWow64\crypt32.dll 2012-06-14 05:40:59 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll 2012-06-08 19:12:11 -------- d-----w- C:\Program Files (x86)\PANDORA.TV 2012-06-08 19:12:05 -------- d-----w- C:\Program Files (x86)\The KMPlayer 2012-06-08 19:11:38 -------- d-----w- C:\ProgramData\blekko toolbars 2012-06-08 19:11:34 -------- d-----w- C:\Users\owner\AppData\Local\blekkotb_031 2012-06-08 19:06:06 -------- d--h--w- C:\ProgramData\Common Files . ==================== Find3M ==================== . 2012-07-04 23:09:30 45056 ----a-w- C:\Windows\SysWow64\acovcnt.exe 2012-05-18 02:06:48 2311680 ----a-w- C:\Windows\System32\jscript9.dll 2012-05-18 01:59:14 1392128 ----a-w- C:\Windows\System32\wininet.dll 2012-05-18 01:58:39 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl 2012-05-18 01:55:22 173056 ----a-w- C:\Windows\System32\ieUnatt.exe 2012-05-18 01:51:30 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2012-05-17 22:45:37 1800192 ----a-w- C:\Windows\SysWow64\jscript9.dll 2012-05-17 22:35:47 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll 2012-05-17 22:35:39 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2012-05-17 22:29:45 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe 2012-05-17 22:24:45 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2012-04-29 00:30:46 476960 ----a-w- C:\Windows\SysWow64\npdeployJava1.dll 2012-04-29 00:30:46 472864 ----a-w- C:\Windows\SysWow64\deployJava1.dll . ============= FINISH: 19:23:44.40 =============== Attach.txt
  10. tehwerldzbesstspelr
    I did uninstall them, though this wasn't the first time. They aren't currently in the programs list, but after a reboot or 2 they'd probably be back. I will do the ComboFix sometime this Evening (I'm in a West coast timezone, so if it's a little later than "Evening", I apologize in advance)..
  11. tehwerldzbesstspelr
    Malwarebytes Anti-Malware 1.61.0.1400 www.malwarebytes.org Database version: v2012.07.04.06 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 owner :: OWNER-PC [administrator] 7/4/2012 4:10:19 PM mbam-log-2012-07-04 (16-10-19).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 209922 Time elapsed: 3 minute(s), 51 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 1 C:\Users\owner\Downloads\kmplayer setup.exe (PUP.AdBundle) -> No action taken. (end) . DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 9.0.8112.16421 Run by owner at 16:18:39 on 2012-07-04 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.6049.3853 [GMT -7:00] . SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Program Files (x86)\ASUS\SmartLogon\smartlogon.exe C:\Windows\system32\Dwm.exe C:\Windows\system32\WUDFHost.exe C:\Windows\Explorer.EXE C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\FBAgent.exe C:\Windows\system32\WLANExt.exe C:\Windows\system32\conhost.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\Intel\WiFi\bin\EvtEng.exe C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\taskeng.exe C:\Program Files\ASUS\ASUS Secure Delete\ADDEL.exe C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe C:\Program Files\P4G\BatteryLife.exe C:\Program Files (x86)\ASUS\Splendid\ACMON.exe C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe C:\Windows\SysWOW64\ACEngSvr.exe C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe C:\Program Files\Zune\ZuneLauncher.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe C:\Program Files (x86)\ASUS\Wireless Console 3\WimaxConsole.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\AsScrPro.exe C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Windows\system32\DllHost.exe C:\Users\owner\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\owner\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\owner\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\owner\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\SysWOW64\rundll32.exe C:\Users\owner\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\owner\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe C:\Windows\System32\svchost.exe -k secsvcs C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe C:\Windows\servicing\TrustedInstaller.exe C:\Windows\SysWOW64\NOTEPAD.EXE C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://blekko.com/ws/?source=c3348dd4&toolbarid=blekkotb_031&u=7F6547C033E3EBBF695BF04FD24E655A&tbp=homepage uDefault_Page_URL = hxxp://asus.msn.com mStart Page = hxxp://asus.msn.com uURLSearchHooks: H - No File mWinlogon: Userinit=userinit.exe, BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll BHO: blekko search bar: {8769adce-dba5-48e9-afb5-67b12cdf2e61} - C:\Program Files (x86)\blekkotb_031\blekkotb_019X.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" TB: blekko search bar: {8769adce-dba5-48e9-afb5-67b12cdf2e61} - C:\Program Files (x86)\blekkotb_031\blekkotb_019X.dll {e7df6bff-55a5-4eb7-a673-4ed3e9456d39} uRun: [Google Update] "C:\Users\owner\AppData\Local\Google\Update\GoogleUpdate.exe" /c mRun: [Nuance PDF Reader-reminder] "C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini" mRun: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE" mRun: [sonicMasterTray] C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe mRun: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe mRun: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe mRun: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe mRun: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe mRun: [updateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5" mRun: [updateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" StartupFolder: C:\Users\owner\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\OPENOF~1.LNK - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ASUSVI~1.LNK - C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe uPolicies-explorer: NoDesktopCleanupWizard = 1 (0x1) mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab TCP: DhcpNameServer = 75.75.75.75 75.75.76.76 TCP: Interfaces\{DAC31EF9-78B0-4A66-8221-E6F0BF517546} : DhcpNameServer = 75.75.75.75 75.75.76.76 TCP: Interfaces\{F8DD5847-1AB7-4FE8-B940-DFA3DFEF12FC} : DhcpNameServer = 75.75.75.75 75.75.76.76 TCP: Interfaces\{F8DD5847-1AB7-4FE8-B940-DFA3DFEF12FC}\845696A756E626562776D27657563747 : DhcpNameServer = 75.75.75.75 75.75.76.76 TCP: Interfaces\{F8DD5847-1AB7-4FE8-B940-DFA3DFEF12FC}\D697177756374733930373 : DhcpNameServer = 192.168.0.1 205.171.3.25 Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll BHO-X64: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll BHO-X64: blekko search bar: {8769adce-dba5-48e9-afb5-67b12cdf2e61} - C:\Program Files (x86)\blekkotb_031\blekkotb_019X.dll BHO-X64: blekko search bar - No File BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO-X64: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll TB-X64: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" TB-X64: blekko search bar: {8769adce-dba5-48e9-afb5-67b12cdf2e61} - C:\Program Files (x86)\blekkotb_031\blekkotb_019X.dll mRun-x64: [Nuance PDF Reader-reminder] "C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini" mRun-x64: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE" mRun-x64: [sonicMasterTray] C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe mRun-x64: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe mRun-x64: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe mRun-x64: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe mRun-x64: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe mRun-x64: [updateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5" mRun-x64: [updateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" Hosts: 127.0.0.1 www.spywareinfo.com . ============= SERVICES / DRIVERS =============== . R0 assd;assd;C:\Windows\system32\drivers\assd.sys --> C:\Windows\system32\drivers\assd.sys [?] R1 ATKWMIACPIIO;ATKWMIACPI Driver;C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-5-25 17536] R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?] R2 AFBAgent;AFBAgent;"C:\Windows\system32\FBAgent.exe" --> C:\Windows\system32\FBAgent.exe [?] R2 ASMMAP64;ASMMAP64;C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-7-2 15416] R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624] R2 DMAgent;Intel® PROSet/Wireless WiMAX Red Bend Device Management Service;C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe [2011-6-14 498688] R2 MotoHelper;MotoHelper Service;C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe [2012-2-1 214896] R2 PanService;PandoraService;C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe [2012-6-8 578264] R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776] R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\system32\DRIVERS\TurboB.sys --> C:\Windows\system32\DRIVERS\TurboB.sys [?] R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-8-28 2656280] R2 WiMAXAppSrv;Intel® PROSet/Wireless WiMAX Service;C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe [2011-6-14 986112] R3 AiCharger;ASUS Charger Driver;C:\Windows\system32\DRIVERS\AiCharger.sys --> C:\Windows\system32\DRIVERS\AiCharger.sys [?] R3 asmthub3;ASMedia USB3 Hub Service;C:\Windows\system32\DRIVERS\asmthub3.sys --> C:\Windows\system32\DRIVERS\asmthub3.sys [?] R3 asmtxhci;ASMEDIA XHCI Service;C:\Windows\system32\DRIVERS\asmtxhci.sys --> C:\Windows\system32\DRIVERS\asmtxhci.sys [?] R3 bpenum;Intel® Centrino® WiMAX Enumerator;C:\Windows\system32\DRIVERS\bpenum.sys --> C:\Windows\system32\DRIVERS\bpenum.sys [?] R3 bpmp;Intel® Centrino® WiMAX 6050 Series;C:\Windows\system32\DRIVERS\bpmp.sys --> C:\Windows\system32\DRIVERS\bpmp.sys [?] R3 bpusb;Intel® Centrino® WiMAX 6050 Series Function Driver;C:\Windows\system32\Drivers\bpusb.sys --> C:\Windows\system32\Drivers\bpusb.sys [?] R3 IntcDAud;Intel® Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?] R3 iwdbus;IWD Bus Enumerator;C:\Windows\system32\DRIVERS\iwdbus.sys --> C:\Windows\system32\DRIVERS\iwdbus.sys [?] R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\Windows\system32\DRIVERS\L1C62x64.sys --> C:\Windows\system32\DRIVERS\L1C62x64.sys [?] R3 MEIx64;Intel® Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?] R3 NETwNs64;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\system32\DRIVERS\NETwNs64.sys --> C:\Windows\system32\DRIVERS\NETwNs64.sys [?] R3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sys --> C:\Windows\system32\DRIVERS\Sftfslh.sys [?] R3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftplaylh.sys --> C:\Windows\system32\DRIVERS\Sftplaylh.sys [?] R3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftredirlh.sys --> C:\Windows\system32\DRIVERS\Sftredirlh.sys [?] R3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh.sys --> C:\Windows\system32\DRIVERS\Sftvollh.sys [?] R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496] R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?] R3 wdkmd;Intel WiDi KMD;C:\Windows\system32\DRIVERS\WDKMD.sys --> C:\Windows\system32\DRIVERS\WDKMD.sys [?] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S3 AmUStor;AM USB Stroage Driver;C:\Windows\system32\drivers\AmUStor.SYS --> C:\Windows\system32\drivers\AmUStor.SYS [?] S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-3-1 183560] S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?] S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2011-5-13 1492840] S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\Windows\system32\drivers\intelaud.sys --> C:\Windows\system32\drivers\intelaud.sys [?] S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-5-2 340240] S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184] S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;C:\Windows\system32\DRIVERS\SiSG664.sys --> C:\Windows\system32\DRIVERS\SiSG664.sys [?] S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?] S3 TurboBoost;Intel® Turbo Boost Technology Monitor 2.0;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?] S3 WMZuneComm;Zune Windows Mobile Connectivity Service;C:\Program Files\Zune\WMZuneComm.exe [2011-8-5 306400] S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184] . =============== Created Last 30 ================ . 2012-07-03 11:17:59 9013136 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E5DBDD5B-BE41-4C18-865F-8DC5816CF16C}\mpengine.dll 2012-06-29 22:29:39 -------- d-----w- C:\TDSSKiller_Quarantine 2012-06-22 23:07:28 -------- d-----w- C:\Users\owner\AppData\Local\ElevatedDiagnostics 2012-06-21 19:45:59 2622464 ----a-w- C:\Windows\System32\wucltux.dll 2012-06-21 19:45:45 99840 ----a-w- C:\Windows\System32\wudriver.dll 2012-06-21 19:45:33 36864 ----a-w- C:\Windows\System32\wuapp.exe 2012-06-21 19:45:33 186752 ----a-w- C:\Windows\System32\wuwebv.dll 2012-06-14 05:41:10 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe 2012-06-14 05:41:10 77312 ----a-w- C:\Windows\System32\rdpwsx.dll 2012-06-14 05:41:10 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll 2012-06-14 05:41:08 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe 2012-06-14 05:41:08 209920 ----a-w- C:\Windows\System32\profsvc.dll 2012-06-14 05:41:06 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe 2012-06-14 05:41:06 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe 2012-06-14 05:41:04 3146752 ----a-w- C:\Windows\System32\win32k.sys 2012-06-14 05:41:03 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys 2012-06-14 05:41:02 3216384 ----a-w- C:\Windows\System32\msi.dll 2012-06-14 05:41:02 2342400 ----a-w- C:\Windows\SysWow64\msi.dll 2012-06-14 05:41:00 1462272 ----a-w- C:\Windows\System32\crypt32.dll 2012-06-14 05:40:59 184320 ----a-w- C:\Windows\System32\cryptsvc.dll 2012-06-14 05:40:59 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll 2012-06-14 05:40:59 140288 ----a-w- C:\Windows\System32\cryptnet.dll 2012-06-14 05:40:59 1158656 ----a-w- C:\Windows\SysWow64\crypt32.dll 2012-06-14 05:40:59 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll 2012-06-08 19:12:11 -------- d-----w- C:\Program Files (x86)\PANDORA.TV 2012-06-08 19:12:05 -------- d-----w- C:\Program Files (x86)\The KMPlayer 2012-06-08 19:11:38 -------- d-----w- C:\ProgramData\blekko toolbars 2012-06-08 19:11:34 -------- d-----w- C:\Users\owner\AppData\Local\blekkotb_031 2012-06-08 19:06:06 -------- d--h--w- C:\ProgramData\Common Files . ==================== Find3M ==================== . 2012-07-04 23:09:30 45056 ----a-w- C:\Windows\SysWow64\acovcnt.exe 2012-05-18 02:06:48 2311680 ----a-w- C:\Windows\System32\jscript9.dll 2012-05-18 01:59:14 1392128 ----a-w- C:\Windows\System32\wininet.dll 2012-05-18 01:58:39 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl 2012-05-18 01:55:22 173056 ----a-w- C:\Windows\System32\ieUnatt.exe 2012-05-18 01:51:30 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2012-05-17 22:45:37 1800192 ----a-w- C:\Windows\SysWow64\jscript9.dll 2012-05-17 22:35:47 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll 2012-05-17 22:35:39 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2012-05-17 22:29:45 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe 2012-05-17 22:24:45 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2012-04-29 00:30:46 476960 ----a-w- C:\Windows\SysWow64\npdeployJava1.dll 2012-04-29 00:30:46 472864 ----a-w- C:\Windows\SysWow64\deployJava1.dll . ============= FINISH: 16:19:11.60 ===============
  12. tehwerldzbesstspelr
    For a couple weeks, I've occasionally been redirected to a bad search result on http://partner37.mydomainadvisor.com/. I've been unable to find a good solution to it,especially since my computer hasn't been behaving the way most people have described. It on;y comes up for a couple select sites, but not many. And when I boot up my computer outside of Safe Mode, it will come up with a message telling me I already have Open Office opened and asks if I still ant to continue, though I haven't told the computer to open it. If left alone, the computer crashes, but clicking "No" stopped it from crashing. There is also a program called "Anti-phishing Domain Advisor" in my program list, as well as "blekko search bar" which has the same publisher. Unfortunately, right before reading the instructions, I used a temporary file cleaner. Figure it would be best to mention that. DDS: . DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 9.0.8112.16421 Run by owner at 6:06:04 on 2012-07-01 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.6049.4374 [GMT -7:00] . SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files (x86)\ASUS\SmartLogon\smartlogon.exe C:\Windows\system32\WLANExt.exe C:\Windows\system32\FBAgent.exe C:\Windows\system32\conhost.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\Intel\WiFi\bin\EvtEng.exe C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\taskeng.exe C:\Program Files\P4G\BatteryLife.exe C:\Program Files\ASUS\ASUS Secure Delete\ADDEL.exe C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe C:\Windows\system32\taskeng.exe C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe C:\Program Files (x86)\ASUS\Splendid\ACMON.exe C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe C:\Windows\SysWOW64\ACEngSvr.exe C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe C:\Program Files\Zune\ZuneLauncher.exe C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE C:\Windows\system32\wbem\unsecapp.exe C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe C:\Program Files (x86)\ASUS\Wireless Console 3\WimaxConsole.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Users\owner\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Users\owner\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\owner\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\system32\DllHost.exe C:\Windows\AsScrPro.exe C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe C:\Windows\System32\svchost.exe -k secsvcs C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe C:\Windows\SysWOW64\rundll32.exe C:\Users\owner\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\owner\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\owner\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\owner\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://blekko.com/ws/?source=c3348dd4&toolbarid=blekkotb_031&u=7F6547C033E3EBBF695BF04FD24E655A&tbp=homepage uDefault_Page_URL = hxxp://asus.msn.com mStart Page = hxxp://asus.msn.com uURLSearchHooks: H - No File mWinlogon: Userinit=userinit.exe, BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll BHO: blekko search bar: {8769adce-dba5-48e9-afb5-67b12cdf2e61} - C:\Program Files (x86)\blekkotb_031\blekkotb_019X.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" TB: blekko search bar: {8769adce-dba5-48e9-afb5-67b12cdf2e61} - C:\Program Files (x86)\blekkotb_031\blekkotb_019X.dll {e7df6bff-55a5-4eb7-a673-4ed3e9456d39} uRun: [Google Update] "C:\Users\owner\AppData\Local\Google\Update\GoogleUpdate.exe" /c mRun: [Nuance PDF Reader-reminder] "C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini" mRun: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE" mRun: [sonicMasterTray] C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe mRun: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe mRun: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe mRun: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe mRun: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe mRun: [updateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5" mRun: [updateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun: [Anti-phishing Domain Advisor] "C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe" StartupFolder: C:\Users\owner\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\OPENOF~1.LNK - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ASUSVI~1.LNK - C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe uPolicies-explorer: NoDesktopCleanupWizard = 1 (0x1) mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab TCP: DhcpNameServer = 75.75.75.75 75.75.76.76 TCP: Interfaces\{DAC31EF9-78B0-4A66-8221-E6F0BF517546} : DhcpNameServer = 75.75.75.75 75.75.76.76 TCP: Interfaces\{F8DD5847-1AB7-4FE8-B940-DFA3DFEF12FC} : DhcpNameServer = 75.75.75.75 75.75.76.76 TCP: Interfaces\{F8DD5847-1AB7-4FE8-B940-DFA3DFEF12FC}\845696A756E626562776D27657563747 : DhcpNameServer = 75.75.75.75 75.75.76.76 TCP: Interfaces\{F8DD5847-1AB7-4FE8-B940-DFA3DFEF12FC}\D697177756374733930373 : DhcpNameServer = 192.168.0.1 205.171.3.25 Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll BHO-X64: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll BHO-X64: blekko search bar: {8769adce-dba5-48e9-afb5-67b12cdf2e61} - C:\Program Files (x86)\blekkotb_031\blekkotb_019X.dll BHO-X64: blekko search bar - No File BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO-X64: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll TB-X64: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" TB-X64: blekko search bar: {8769adce-dba5-48e9-afb5-67b12cdf2e61} - C:\Program Files (x86)\blekkotb_031\blekkotb_019X.dll mRun-x64: [Nuance PDF Reader-reminder] "C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini" mRun-x64: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE" mRun-x64: [sonicMasterTray] C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe mRun-x64: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe mRun-x64: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe mRun-x64: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe mRun-x64: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe mRun-x64: [updateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5" mRun-x64: [updateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun-x64: [Anti-phishing Domain Advisor] "C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe" Hosts: 127.0.0.1 www.spywareinfo.com . ============= SERVICES / DRIVERS =============== . R0 assd;assd;C:\Windows\system32\drivers\assd.sys --> C:\Windows\system32\drivers\assd.sys [?] R1 ATKWMIACPIIO;ATKWMIACPI Driver;C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-5-25 17536] R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?] R2 AFBAgent;AFBAgent;"C:\Windows\system32\FBAgent.exe" --> C:\Windows\system32\FBAgent.exe [?] R2 ASMMAP64;ASMMAP64;C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-7-2 15416] R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624] R2 DMAgent;Intel® PROSet/Wireless WiMAX Red Bend Device Management Service;C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe [2011-6-14 498688] R2 MotoHelper;MotoHelper Service;C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe [2012-2-1 214896] R2 PanService;PandoraService;C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe [2012-6-8 578264] R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776] R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\system32\DRIVERS\TurboB.sys --> C:\Windows\system32\DRIVERS\TurboB.sys [?] R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-8-28 2656280] R2 WiMAXAppSrv;Intel® PROSet/Wireless WiMAX Service;C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe [2011-6-14 986112] R3 AiCharger;ASUS Charger Driver;C:\Windows\system32\DRIVERS\AiCharger.sys --> C:\Windows\system32\DRIVERS\AiCharger.sys [?] R3 asmthub3;ASMedia USB3 Hub Service;C:\Windows\system32\DRIVERS\asmthub3.sys --> C:\Windows\system32\DRIVERS\asmthub3.sys [?] R3 asmtxhci;ASMEDIA XHCI Service;C:\Windows\system32\DRIVERS\asmtxhci.sys --> C:\Windows\system32\DRIVERS\asmtxhci.sys [?] R3 bpenum;Intel® Centrino® WiMAX Enumerator;C:\Windows\system32\DRIVERS\bpenum.sys --> C:\Windows\system32\DRIVERS\bpenum.sys [?] R3 bpmp;Intel® Centrino® WiMAX 6050 Series;C:\Windows\system32\DRIVERS\bpmp.sys --> C:\Windows\system32\DRIVERS\bpmp.sys [?] R3 bpusb;Intel® Centrino® WiMAX 6050 Series Function Driver;C:\Windows\system32\Drivers\bpusb.sys --> C:\Windows\system32\Drivers\bpusb.sys [?] R3 IntcDAud;Intel® Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?] R3 iwdbus;IWD Bus Enumerator;C:\Windows\system32\DRIVERS\iwdbus.sys --> C:\Windows\system32\DRIVERS\iwdbus.sys [?] R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\Windows\system32\DRIVERS\L1C62x64.sys --> C:\Windows\system32\DRIVERS\L1C62x64.sys [?] R3 MEIx64;Intel® Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?] R3 NETwNs64;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\system32\DRIVERS\NETwNs64.sys --> C:\Windows\system32\DRIVERS\NETwNs64.sys [?] R3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sys --> C:\Windows\system32\DRIVERS\Sftfslh.sys [?] R3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftplaylh.sys --> C:\Windows\system32\DRIVERS\Sftplaylh.sys [?] R3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftredirlh.sys --> C:\Windows\system32\DRIVERS\Sftredirlh.sys [?] R3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh.sys --> C:\Windows\system32\DRIVERS\Sftvollh.sys [?] R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496] R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?] R3 wdkmd;Intel WiDi KMD;C:\Windows\system32\DRIVERS\WDKMD.sys --> C:\Windows\system32\DRIVERS\WDKMD.sys [?] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S3 AmUStor;AM USB Stroage Driver;C:\Windows\system32\drivers\AmUStor.SYS --> C:\Windows\system32\drivers\AmUStor.SYS [?] S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-3-1 183560] S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?] S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2011-5-13 1492840] S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\Windows\system32\drivers\intelaud.sys --> C:\Windows\system32\drivers\intelaud.sys [?] S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-5-2 340240] S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184] S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;C:\Windows\system32\DRIVERS\SiSG664.sys --> C:\Windows\system32\DRIVERS\SiSG664.sys [?] S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?] S3 TurboBoost;Intel® Turbo Boost Technology Monitor 2.0;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?] S3 WMZuneComm;Zune Windows Mobile Connectivity Service;C:\Program Files\Zune\WMZuneComm.exe [2011-8-5 306400] S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184] . =============== Created Last 30 ================ . 2012-07-01 12:42:41 9013136 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{8110B735-2921-4F26-ABFB-381A10ED323B}\mpengine.dll 2012-07-01 12:38:46 -------- d-----w- C:\Users\owner\AppData\Local\blekkotb 2012-06-29 22:29:39 -------- d-----w- C:\TDSSKiller_Quarantine 2012-06-22 23:07:28 -------- d-----w- C:\Users\owner\AppData\Local\ElevatedDiagnostics 2012-06-21 19:45:59 2622464 ----a-w- C:\Windows\System32\wucltux.dll 2012-06-21 19:45:45 99840 ----a-w- C:\Windows\System32\wudriver.dll 2012-06-21 19:45:33 36864 ----a-w- C:\Windows\System32\wuapp.exe 2012-06-21 19:45:33 186752 ----a-w- C:\Windows\System32\wuwebv.dll 2012-06-14 05:41:10 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe 2012-06-14 05:41:10 77312 ----a-w- C:\Windows\System32\rdpwsx.dll 2012-06-14 05:41:10 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll 2012-06-14 05:41:08 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe 2012-06-14 05:41:08 209920 ----a-w- C:\Windows\System32\profsvc.dll 2012-06-14 05:41:06 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe 2012-06-14 05:41:06 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe 2012-06-14 05:41:04 3146752 ----a-w- C:\Windows\System32\win32k.sys 2012-06-14 05:41:03 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys 2012-06-14 05:41:02 3216384 ----a-w- C:\Windows\System32\msi.dll 2012-06-14 05:41:02 2342400 ----a-w- C:\Windows\SysWow64\msi.dll 2012-06-14 05:41:00 1462272 ----a-w- C:\Windows\System32\crypt32.dll 2012-06-14 05:40:59 184320 ----a-w- C:\Windows\System32\cryptsvc.dll 2012-06-14 05:40:59 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll 2012-06-14 05:40:59 140288 ----a-w- C:\Windows\System32\cryptnet.dll 2012-06-14 05:40:59 1158656 ----a-w- C:\Windows\SysWow64\crypt32.dll 2012-06-14 05:40:59 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll 2012-06-08 19:12:11 -------- d-----w- C:\Program Files (x86)\PANDORA.TV 2012-06-08 19:12:05 -------- d-----w- C:\Program Files (x86)\The KMPlayer 2012-06-08 19:11:38 -------- d-----w- C:\ProgramData\blekko toolbars 2012-06-08 19:11:34 -------- d-----w- C:\Users\owner\AppData\Local\blekkotb_031 2012-06-08 19:11:34 -------- d-----w- C:\Program Files (x86)\blekkotb_031 2012-06-08 19:11:33 -------- d-----w- C:\ProgramData\Anti-phishing Domain Advisor 2012-06-08 19:06:06 -------- d--h--w- C:\ProgramData\Common Files . ==================== Find3M ==================== . 2012-07-01 12:38:24 45056 ----a-w- C:\Windows\SysWow64\acovcnt.exe 2012-05-18 02:06:48 2311680 ----a-w- C:\Windows\System32\jscript9.dll 2012-05-18 01:59:14 1392128 ----a-w- C:\Windows\System32\wininet.dll 2012-05-18 01:58:39 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl 2012-05-18 01:55:22 173056 ----a-w- C:\Windows\System32\ieUnatt.exe 2012-05-18 01:51:30 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2012-05-17 22:45:37 1800192 ----a-w- C:\Windows\SysWow64\jscript9.dll 2012-05-17 22:35:47 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll 2012-05-17 22:35:39 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2012-05-17 22:29:45 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe 2012-05-17 22:24:45 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2012-04-29 00:30:46 476960 ----a-w- C:\Windows\SysWow64\npdeployJava1.dll 2012-04-29 00:30:46 472864 ----a-w- C:\Windows\SysWow64\deployJava1.dll 2012-04-04 22:56:40 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys . ============= FINISH: 6:06:41.52 =============== Attach.txt
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.