Jump to content

Hijack this log - helkp please


Recommended Posts

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 3:53:46 PM, on 7/31/2012

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v9.00 (9.00.8112.16447)

Boot mode: Normal

Running processes:

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe

C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe

C:\Program Files\Windows Media Player\wmplayer.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Windows\system32\Taskmgr.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.myspace.com/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=73&bd=Pavilion&pf=desktop

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=73&bd=Pavilion&pf=desktop

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [Conime] %windir%\system32\conime.exe

O4 - HKLM\..\Run: [RIMBBLaunchAgent.exe] "C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe"

O4 - HKLM\..\Run: [NBAgent] "C:\Program Files\Nero\Nero 11\Nero BackItUp\NBAgent.exe" /WinStart

O4 - HKLM\..\Run: [Verizon Custom Uninstall Tracking] "C:\Users\Owner\AppData\Local\Temp\InstallHelper.exe" /uninstalltrackingvendor=Verizon

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [spySweeper] C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe /startintray

O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe

O4 - HKCU\..\Run: [RunSpySweeperScheduleAtStartup] "C:\Program Files\hewlett-packard\sdp\ceement\HPCEE.exe" /ScheduleSweep=HPCeeScheduleForOwner

O4 - HKCU\..\Run: [Verizon Media Manager] "C:\Program Files\Verizon\Verizon Media Manager\Release\Verizon Media Manager.exe" 0

O4 - HKCU\..\Run: [spotify] "C:\Users\Owner\AppData\Roaming\Spotify\spotify.exe" /uri spotify:autostart

O4 - HKCU\..\Run: [{8851B142-7EF1-5E95-C75F-F9CF1D88C315}] C:\Users\Owner\AppData\Roaming\Ribaz\bosaic.exe

O4 - HKCU\..\Run: [spotify Web Helper] "C:\Users\Owner\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\RunOnce: [KodakHomeCenter] "C:\Program Files\Kodak\AiO\Center\AiOHomeCenter.exe" (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\RunOnce: [KodakHomeCenter] "C:\Program Files\Kodak\AiO\Center\AiOHomeCenter.exe" (User 'Default user')

O4 - Global Startup: MRI_DISABLED

O8 - Extra context menu item: &AIM Toolbar Search - C:\ProgramData\AIM Toolbar\ieToolbar\resources\en-US\local\search.html

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000

O9 - Extra button: AIM Toolbar - {0b83c99c-1efa-4259-858f-bcb33e007a5b} - C:\Program Files\AIM Toolbar\aimtb.dll (file missing)

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O13 - Gopher Prefix:

O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebook.com/controls/FacebookPhotoUploader5.cab

O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: IHA_MessageCenter - Verizon - C:\Program Files\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Kodak AiO Network Discovery Service - Eastman Kodak Company - C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe

O23 - Service: Kodak AiO Status Monitor Service - Eastman Kodak Company - C:\Program Files\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe

O23 - Service: LeapFrog Connect Device Service - LeapFrog Enterprises, Inc. - C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe

O23 - Service: Trend Micro Central Control Component (SfCtlCom) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe

O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe

O23 - Service: Trend Micro Unauthorized Change Prevention Service (TMBMServer) - Trend Micro Inc. - C:\Program Files\Trend Micro\BM\TMBMSRV.exe

O23 - Service: Trend Micro Proxy Service (TmProxy) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\TmProxy.exe

O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe

O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--

End of file - 7774 bytes

Link to post
Share on other sites

Welcome to the forum, What are your concerns with the computer?

Please start at the link below:

http://forums.malwar...?showtopic=9573

Post back the 2 logs.....DDS.txt and Attach.txt

<====><====><====><====><====><====><====><====>

Next.......

Please remove any usb or external drives from the computer before you run this scan!

Please download and run RogueKiller to your desktop.

For Windows XP, double-click to start.

For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.

Click Scan to scan the system.

When the scan completes > Close out the program > Don't Fix anything!

Don't run any other options, they're not all bad!!!!!!!

Post back the report which should be located on your desktop.

MrC

Link to post
Share on other sites

I am having a multitude of issues. It shuts down all of the time on its own. There are a number of messages that come up to solve computer issues. also, there appear to be changes in browsers that I never made. Below are the reports you requested. Any help is appreciated.

.DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_23

Run by Owner at 19:09:01 on 2012-08-01

Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.1918.786 [GMT -4:00]

.

AV: Trend Micro AntiVirus *Enabled/Updated* {68F968AC-2AA0-091D-848C-803E83E35902}

SP: Trend Micro AntiVirus *Enabled/Updated* {D3988948-0C9A-0693-BE3C-BB4CF86413BF}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\svchost.exe -k rpcss

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\SLsvc.exe

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\rundll32.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\taskeng.exe

C:\Program Files\Trend Micro\BM\TMBMSRV.exe

C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Windows\system32\svchost.exe -k hpdevmgmt

C:\Program Files\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe

C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe

C:\Program Files\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe

C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe

C:\Windows\System32\svchost.exe -k HPZ12

C:\Windows\System32\svchost.exe -k HPZ12

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files\Trend Micro\Internet Security\TmProxy.exe

C:\Program Files\Viewpoint\Common\ViewpointService.exe

C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe

C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe

C:\Windows\System32\svchost.exe -k WerSvcGroup

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\DRIVERS\xaudio.exe

C:\Windows\system32\WUDFHost.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe

C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe

C:\Users\Owner\AppData\Roaming\Spotify\spotify.exe

C:\Users\Owner\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe

C:\Windows\system32\taskeng.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\system32\wbem\unsecapp.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files\Webroot\Spy Sweeper\SSU.EXE

C:\PROGRAM FILES\KODAK\AIO\STATUSMONITOR\EKStatusMonitor.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Mozilla Firefox\plugin-container.exe

C:\Program Files\Mozilla Firefox\plugin-container.exe

C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_268.exe

C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_268.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.myspace.com/

mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=73&bd=Pavilion&pf=desktop

mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=73&bd=Pavilion&pf=desktop

uInternet Settings,ProxyOverride = <local>;*.local

mURLSearchHooks: AIM Toolbar Search Class: {03402f96-3dc7-4285-bc50-9e81fefafe43} - c:\program files\aim toolbar\aimtb.dll

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

TB: {4E7BD74F-2B8D-469E-8CB0-AB60BB9AAE22} - No File

TB: {E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} - No File

TB: {5BED3930-2E9E-76D8-BACC-80DF2188D455} - No File

TB: AIM Toolbar: {61539ecd-cc67-4437-a03c-9aaccbd14326} - c:\program files\aim toolbar\aimtb.dll

TB: {977AE9CC-AF83-45E8-9E03-E2798216E2D5} - No File

TB: {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - No File

uRun: [RunSpySweeperScheduleAtStartup] "c:\program files\hewlett-packard\sdp\ceement\HPCEE.exe" /ScheduleSweep=HPCeeScheduleForOwner

uRun: [Verizon Media Manager] "c:\program files\verizon\verizon media manager\release\Verizon Media Manager.exe" 0

uRun: [spotify] "c:\users\owner\appdata\roaming\spotify\spotify.exe" /uri spotify:autostart

uRun: [{8851B142-7EF1-5E95-C75F-F9CF1D88C315}] c:\users\owner\appdata\roaming\ribaz\bosaic.exe

uRun: [spotify Web Helper] "c:\users\owner\appdata\roaming\spotify\data\SpotifyWebHelper.exe"

mRun: [Malwarebytes Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

mRun: [Conime] %windir%\system32\conime.exe

mRun: [RIMBBLaunchAgent.exe] "c:\program files\common files\research in motion\usb drivers\RIMBBLaunchAgent.exe"

mRun: [NBAgent] "c:\program files\nero\nero 11\nero backitup\NBAgent.exe" /WinStart

mRun: [Verizon Custom Uninstall Tracking] "c:\users\owner\appdata\local\temp\InstallHelper.exe" /uninstalltrackingvendor=Verizon

mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"

mRun: [spySweeper] "c:\program files\webroot\spy sweeper\SpySweeperUI.exe" /startintray

mRunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe

dRunOnce: [KodakHomeCenter] "c:\program files\kodak\aio\center\AiOHomeCenter.exe"

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\mri_di~1\snapfi~1.lnk - c:\program files\snapfish media detector\SnapfishMediaDetector.exe

uPolicies-explorer: NoDesktopCleanupWizard = 1 (0x1)

mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

mPolicies-system: EnableLinkedConnections = 1 (0x1)

IE: &AIM Toolbar Search - c:\programdata\aim toolbar\ietoolbar\resources\en-us\local\search.html

IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000

IE: {0b83c99c-1efa-4259-858f-bcb33e007a5b} - {61539ecd-cc67-4437-a03c-9aaccbd14326} - c:\program files\aim toolbar\aimtb.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL

DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/FacebookPhotoUploader5.cab

DPF: {48DD0448-9209-4F81-9F6D-D83562940134} - hxxp://lads.myspace.com/upload/MySpaceUploader1006.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab

DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab

DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

TCP: DhcpNameServer = 192.168.1.1 68.238.112.12

TCP: Interfaces\{E7290651-9D3D-43CA-81B8-906877A714B3} : DhcpNameServer = 192.168.1.1 68.238.112.12

Notify: WRNotifier - WRLogonNTF.dll

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\users\owner\appdata\roaming\mozilla\firefox\profiles\rntmox69.default\

FF - prefs.js: browser.search.defaulturl - hxxp://search.aol.com/search/search?query={searchTerms}&invocationType=tb50-ff-aimright-chromesbox-en-us&tb_uuid=20120220014518212&tb_oid=20-08-2009&tb_mrud=21-07-2012

FF - prefs.js: browser.search.selectedEngine - Google

FF - prefs.js: browser.startup.homepage - hxxp://www.aol.com/?mtmhp=hyplogusaolp00000013

FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2786678&q=

FF - component: c:\users\owner\appdata\roaming\mozilla\firefox\profiles\rntmox69.default\extensions\{37153479-1976-43c3-a1ee-557513977b64}\components\RadioWMPCoreGecko10.dll

FF - component: c:\users\owner\appdata\roaming\mozilla\firefox\profiles\rntmox69.default\extensions\{37153479-1976-43c3-a1ee-557513977b64}\components\RadioWMPCoreGecko19.dll

FF - component: c:\users\owner\appdata\roaming\mozilla\firefox\profiles\rntmox69.default\extensions\{37153479-1976-43c3-a1ee-557513977b64}\components\RadioWMPCoreGecko5.dll

FF - component: c:\users\owner\appdata\roaming\mozilla\firefox\profiles\rntmox69.default\extensions\{37153479-1976-43c3-a1ee-557513977b64}\components\RadioWMPCoreGecko6.dll

FF - component: c:\users\owner\appdata\roaming\mozilla\firefox\profiles\rntmox69.default\extensions\{37153479-1976-43c3-a1ee-557513977b64}\components\RadioWMPCoreGecko7.dll

FF - component: c:\users\owner\appdata\roaming\mozilla\firefox\profiles\rntmox69.default\extensions\{37153479-1976-43c3-a1ee-557513977b64}\components\RadioWMPCoreGecko8.dll

FF - component: c:\users\owner\appdata\roaming\mozilla\firefox\profiles\rntmox69.default\extensions\{37153479-1976-43c3-a1ee-557513977b64}\components\RadioWMPCoreGecko9.dll

FF - component: c:\users\owner\appdata\roaming\mozilla\firefox\profiles\rntmox69.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\components\RadioWMPCoreGecko10.dll

FF - component: c:\users\owner\appdata\roaming\mozilla\firefox\profiles\rntmox69.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\components\RadioWMPCoreGecko19.dll

FF - component: c:\users\owner\appdata\roaming\mozilla\firefox\profiles\rntmox69.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\components\RadioWMPCoreGecko5.dll

FF - component: c:\users\owner\appdata\roaming\mozilla\firefox\profiles\rntmox69.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\components\RadioWMPCoreGecko6.dll

FF - component: c:\users\owner\appdata\roaming\mozilla\firefox\profiles\rntmox69.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\components\RadioWMPCoreGecko7.dll

FF - component: c:\users\owner\appdata\roaming\mozilla\firefox\profiles\rntmox69.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\components\RadioWMPCoreGecko8.dll

FF - component: c:\users\owner\appdata\roaming\mozilla\firefox\profiles\rntmox69.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\components\RadioWMPCoreGecko9.dll

FF - component: c:\users\owner\appdata\roaming\mozilla\firefox\profiles\rntmox69.default\extensions\{c2f863cd-0429-48c7-bb54-db756a951760}\components\MailUtil.dll

FF - component: c:\users\owner\appdata\roaming\mozilla\firefox\profiles\rntmox69.default\extensions\{c9b68337-e93a-44ea-94dc-cb300ec06444}\components\Engine.dll

FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll

FF - plugin: c:\program files\amazon\mp3 downloader\npAmazonMP3DownloaderPlugin.dll

FF - plugin: c:\program files\common files\research in motion\bbwebsllauncher\NPWebSLLauncher.dll

FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\program files\mozilla firefox\plugins\NPcol400.dll

FF - plugin: c:\program files\mozilla firefox\plugins\NPcol500.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npCouponPrinter.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npdnu.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npdnupdater2.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npMozCouponPrinter.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npViewpoint.dll

FF - plugin: c:\program files\viewpoint\viewpoint media player\npViewpoint.dll

FF - plugin: c:\users\owner\appdata\roaming\facebook\npfbplugin_1_0_1.dll

FF - plugin: c:\users\owner\appdata\roaming\facebook\npfbplugin_1_0_3.dll

FF - plugin: c:\users\owner\appdata\roaming\mozilla\firefox\profiles\rntmox69.default\extensions\{37153479-1976-43c3-a1ee-557513977b64}\plugins\np-mswmp.dll

FF - plugin: c:\users\owner\appdata\roaming\mozilla\firefox\profiles\rntmox69.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\plugins\np-mswmp.dll

FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_3_300_268.dll

.

---- FIREFOX POLICIES ----

FF - user.js: network.cookie.cookieBehavior - 0

FF - user.js: privacy.clearOnShutdown.cookies - false

FF - user.js: security.warn_viewing_mixed - false

FF - user.js: security.warn_viewing_mixed.show_once - false

FF - user.js: security.warn_submit_insecure - false

FF - user.js: security.warn_submit_insecure.show_once - false

.

============= SERVICES / DRIVERS ===============

.

R0 NBVol;Nero Backup Volume Filter Driver;c:\windows\system32\drivers\NBVol.sys [2012-2-4 56496]

R0 NBVolUp;Nero Backup Volume Upper Filter Driver;c:\windows\system32\drivers\NBVolUp.sys [2012-2-4 12464]

R2 tmevtmgr;tmevtmgr;c:\windows\system32\drivers\tmevtmgr.sys [2008-7-30 50256]

R2 tmpreflt;tmpreflt;c:\windows\system32\drivers\tmpreflt.sys [2011-9-6 36624]

S3 PCD5SRVC{BD6912E3-AC9D80E8-05010004};PCD5SRVC{BD6912E3-AC9D80E8-05010004} - PCDR Kernel Mode Service Helper Driver;c:\progra~1\pc-doc~1\PCD5SRVC.pkms [2007-3-2 28144]

.

=============== Created Last 30 ================

.

2012-08-01 22:48:18 60416 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\EKAiO2PPR.dll

2012-07-27 23:32:10 9821896 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe

2012-07-22 07:52:57 2047488 ----a-w- c:\windows\system32\win32k.sys

2012-07-21 15:09:27 -------- d-----w- c:\users\owner\appdata\local\Macromedia

2012-07-21 15:07:11 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2012-07-21 14:07:27 708608 ----a-w- c:\program files\common files\system\ado\msado15.dll

2012-07-21 14:07:13 1401856 ----a-w- c:\windows\system32\msxml6.dll

2012-07-21 14:07:12 1248768 ----a-w- c:\windows\system32\msxml3.dll

2012-07-21 14:06:10 440704 ----a-w- c:\windows\system32\drivers\ksecdd.sys

2012-07-21 14:06:10 278528 ----a-w- c:\windows\system32\schannel.dll

2012-07-21 14:06:10 204288 ----a-w- c:\windows\system32\ncrypt.dll

2012-07-21 13:50:58 -------- d-----w- c:\program files\Amazon

.

==================== Find3M ====================

.

2012-07-27 23:32:54 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-06-25 20:04:24 1394248 ----a-w- c:\windows\system32\msxml4.dll

2012-06-12 13:48:04 1371648 ----a-w- c:\windows\system32\EKAiO2MON.dll

2012-06-12 13:47:38 160256 ----a-w- c:\windows\system32\EKAiO2COI09.dll

2012-06-02 22:12:32 2422272 ----a-w- c:\windows\system32\wucltux.dll

2012-06-02 19:19:42 171904 ----a-w- c:\windows\system32\wuwebv.dll

2012-06-02 19:12:20 33792 ----a-w- c:\windows\system32\wuapp.exe

2012-06-02 08:33:25 1800192 ----a-w- c:\windows\system32\jscript9.dll

2012-06-02 08:25:08 1129472 ----a-w- c:\windows\system32\wininet.dll

2012-06-02 08:25:03 1427968 ----a-w- c:\windows\system32\inetcpl.cpl

2012-06-02 08:20:33 142848 ----a-w- c:\windows\system32\ieUnatt.exe

2012-06-02 08:16:52 2382848 ----a-w- c:\windows\system32\mshtml.tlb

2012-05-28 15:33:19 319456 ----a-w- c:\windows\DIFxAPI.dll

.

============= FINISH: 19:12:17.96 ===============

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft® Windows Vista™ Home Premium

Boot Device: \Device\HarddiskVolume1

Install Date: 5/21/2007 2:18:26 PM

System Uptime: 8/1/2012 6:43:52 PM (1 hours ago)

.

Motherboard: ASUSTek Computer INC. | | NARRA2

Processor: AMD Athlon 64 X2 Dual Core Processor 4400+ | Socket AM2 | 2300/200mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 289 GiB total, 27.592 GiB free.

D: is FIXED (NTFS) - 9 GiB total, 1.005 GiB free.

E: is CDROM ()

F: is Removable

G: is Removable

H: is Removable

I: is Removable

J: is Removable

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

.

==== Installed Programs ======================

.

Update for Microsoft Office 2007 (KB2508958)

µTorrent

32 Bit HP CIO Components Installer

Activation Assistant for the 2007 Microsoft Office suites

Adobe AIR

Adobe Flash Player 10 ActiveX

Adobe Flash Player 11 Plugin

Adobe Reader X (10.1.1)

Adobe Shockwave Player 11.6

AIO_Scan

aioscnnr

Amazon MP3 Downloader 1.0.15

Apple Application Support

Apple Mobile Device Support

Apple Software Update

Applian FLV and Media Player 3.1.1.12

Ask Toolbar

BlackBerry Desktop Software 6.1

Bonjour

BufferChm

C4USelfUpdater

CCleaner

center

Copy

Coupon Printer for Windows

CustomerResearchQFolder

Destinations

DeviceManagementQFolder

DJ_AIO_ProductContext

DJ_AIO_Software

DJ_AIO_Software_min

Download Updater (AOL LLC)

DVD Flick 1.3.0.7

Enhanced Multimedia Keyboard Solution

essentials

eSupportQFolder

F4100_Help

Facebook Plug-In

Hardware Diagnostic Tools

HijackThis 2.0.2

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

HP Advisor

HP Customer Experience Enhancements

HP Customer Feedback

HP Customer Participation Program 8.0

HP Deskjet All-In-One Software 8.0

HP Easy Setup - Frontend

HP Imaging Device Functions 8.0

HP On-Screen Cap/Num/Scroll Lock Indicator

HP Photosmart Essential

HP Photosmart Essential 2.0

HP Photosmart Essential2.5

HP Picasso Media Center Add-In

HP Product Assistant

HP Solution Center 8.0

HP Update

HPProductAssistant

HPSSupply

IHA_MessageCenter

iTunes

Java Auto Updater

Java 6 Update 2

Java 6 Update 23

Java 6 Update 5

Java 6 Update 7

Kodak AIO Printer

KODAK AiO Software

Last.fm 1.5.4.27091

LeapFrog Connect

LeapFrog My Pals Plugin

Malwarebytes' Anti-Malware

MarketResearch

Microsoft .NET Framework 3.5 SP1

Microsoft .NET Framework 4 Client Profile

Microsoft Office 2007 Service Pack 3 (SP3)

Microsoft Office Excel MUI (English) 2007

Microsoft Office File Validation Add-In

Microsoft Office Home and Student 2007

Microsoft Office OneNote MUI (English) 2007

Microsoft Office PowerPoint MUI (English) 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (English) 2007

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office Word MUI (English) 2007

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

Microsoft Works

MobileMe Control Panel

Mozilla Firefox 10.0.2 (x86 en-US)

MSXML 4.0 SP2 (KB936181)

MSXML 4.0 SP2 (KB941833)

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

MSXML 4.0 SP3 Parser (KB2721691)

MSXML 4.0 SP3 Parser (KB973685)

muvee autoProducer 6.0

My HP Games

Nero 11 Mini Repack

Nero Backup Drivers

Norton Security Scan

NVIDIA Drivers

ocr

OGA Notifier 2.0.0048.0

OpenOffice.org Installer 1.0

PeerBlock 1.1 (r518)

PreReq

PSSWCORE

Python 2.4.3

QuickTime

Realtek High Definition Audio Driver

Redist

RewardsArcadeSuite

Rhapsody Player Engine

Roxio Activation Module

Roxio Creator Audio

Roxio Creator Copy

Roxio Creator Data

Roxio Creator EasyArchive

Roxio Creator Tools

Roxio Express Labeler 3

Roxio MyDVD Basic v9

Safari

Scan

Security Update for CAPICOM (KB931906)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596880) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2598041) 32-Bit Edition

Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition

Security Update for Microsoft Office InfoPath 2007 (KB2596786) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition

Security Update for Microsoft Office Word 2007 (KB2596917) 32-Bit Edition

Soft Data Fax Modem with SmartCP

SolutionCenter

Spotify

Spy Sweeper

Status

swMSM

Toolbox

TrayApp

Trend Micro AntiVirus

UnloadSupport

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft Office 2007 Help for Common Features (KB963673)

Update for Microsoft Office Excel 2007 Help (KB963678)

Update for Microsoft Office OneNote 2007 Help (KB963670)

Update for Microsoft Office Powerpoint 2007 Help (KB963669)

Update for Microsoft Office Script Editor Help (KB963671)

Update for Microsoft Office Word 2007 Help (KB963665)

Use the entry named LeapFrog Connect to uninstall (LeapFrog My Pals Plugin)

Verizon Media Manager

Viewpoint Media Player

Vz In Home Agent

WebReg

WinRAR archiver

Wise Registry Cleaner 7.22

.

==== Event Viewer Messages From Past Week ========

.

8/1/2012 6:45:58 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: SYMTDI

8/1/2012 6:45:58 PM, Error: Service Control Manager [7000] - The Parallel port driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

8/1/2012 6:44:18 PM, Error: EventLog [6008] - The previous system shutdown at 6:23:34 PM on 8/1/2012 was unexpected.

7/31/2012 5:43:59 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.

7/31/2012 3:33:29 PM, Error: EventLog [6008] - The previous system shutdown at 7:43:22 AM on 7/30/2012 was unexpected.

7/29/2012 9:31:48 AM, Error: EventLog [6008] - The previous system shutdown at 1:35:48 PM on 7/28/2012 was unexpected.

7/27/2012 7:33:54 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Volume Shadow Copy service to connect.

7/27/2012 7:33:54 PM, Error: Service Control Manager [7000] - The Volume Shadow Copy service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

7/27/2012 7:33:54 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service VSS with arguments "" in order to run the server: {E579AB5F-1CC4-44B4-BED9-DE0991FF0623}

.

==== End Of File ===========================

RogueKiller V7.6.4 [07/17/2012] by Tigzy

mail: tigzyRK<at>gmail<dot>com

Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/

Blog: http://tigzyrk.blogspot.com

Operating System: Windows Vista (6.0.6002 Service Pack 2) 32 bits version

Started in : Normal mode

User: Owner [Admin rights]

Mode: Scan -- Date: 08/01/2012 19:21:27

¤¤¤ Bad processes: 0 ¤¤¤

¤¤¤ Registry Entries: 7 ¤¤¤

[sUSP PATH] HKCU\[...]\Run : {8851B142-7EF1-5E95-C75F-F9CF1D88C315} (C:\Users\Owner\AppData\Roaming\Ribaz\bosaic.exe) -> FOUND

[sUSP PATH] HKLM\[...]\Run : Verizon Custom Uninstall Tracking ("C:\Users\Owner\AppData\Local\Temp\InstallHelper.exe" /uninstalltrackingvendor=Verizon) -> FOUND

[sUSP PATH] HKUS\S-1-5-21-284622508-2456909913-3442383758-1000[...]\Run : {8851B142-7EF1-5E95-C75F-F9CF1D88C315} (C:\Users\Owner\AppData\Roaming\Ribaz\bosaic.exe) -> FOUND

[PROXY IE] HKCU\[...]\Internet Settings : ProxyEnable (1) -> FOUND

[HJ] HKCU\[...]\Advanced : Start_ShowSetProgramAccessAndDefaults (0) -> FOUND

[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND

[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver: [LOADED] ¤¤¤

SSDT[18] : NtAllocateVirtualMemory @ 0x82C834FB -> HOOKED (Unknown @ 0x84D7ADF8)

SSDT[64] : NtCreateKey @ 0x82C2A140 -> HOOKED (Unknown @ 0x9DB35000)

SSDT[72] : NtCreateProcess @ 0x82CCCDAB -> HOOKED (Unknown @ 0x9DB34240)

SSDT[73] : NtCreateProcessEx @ 0x82CCCDF6 -> HOOKED (Unknown @ 0x9DB34500)

SSDT[78] : NtCreateThread @ 0x82CCCBE0 -> HOOKED (Unknown @ 0x9DB35E60)

SSDT[123] : NtDeleteKey @ 0x82BED727 -> HOOKED (Unknown @ 0x9DB35580)

SSDT[126] : NtDeleteValueKey @ 0x82BE8CC8 -> HOOKED (Unknown @ 0x9DB35840)

SSDT[165] : NtLoadDriver @ 0x82BA6DEE -> HOOKED (Unknown @ 0x9DB361A0)

SSDT[194] : NtOpenProcess @ 0x82C5BFAE -> HOOKED (Unknown @ 0x9DB34A80)

SSDT[255] : NtQueueApcThread @ 0x82BEC867 -> HOOKED (Unknown @ 0x84D7AE70)

SSDT[261] : NtReadVirtualMemory @ 0x82C0D9F1 -> HOOKED (Unknown @ 0x84D7AD08)

SSDT[267] : NtRenameKey @ 0x82C8F6AC -> HOOKED (Unknown @ 0x849B0618)

SSDT[289] : NtSetContextThread @ 0x82CCE06F -> HOOKED (Unknown @ 0x85740248)

SSDT[303] : NtSetInformationKey @ 0x82C8EB55 -> HOOKED (Unknown @ 0x849741A0)

SSDT[305] : NtSetInformationProcess @ 0x82C4F8C8 -> HOOKED (Unknown @ 0x857404A0)

SSDT[306] : NtSetInformationThread @ 0x82C342AD -> HOOKED (Unknown @ 0x857402C0)

SSDT[324] : NtSetValueKey @ 0x82C193C2 -> HOOKED (Unknown @ 0x9DB352C0)

SSDT[330] : NtSuspendProcess @ 0x82CCE4FF -> HOOKED (Unknown @ 0x85740428)

SSDT[331] : NtSuspendThread @ 0x82BD592B -> HOOKED (Unknown @ 0x857401D0)

SSDT[334] : NtTerminateProcess @ 0x82C2C143 -> HOOKED (Unknown @ 0x9DB34D40)

SSDT[335] : NtTerminateThread @ 0x82C57534 -> HOOKED (Unknown @ 0x85740338)

SSDT[358] : NtWriteVirtualMemory @ 0x82C4892D -> HOOKED (Unknown @ 0x9DB35CC0)

SSDT[382] : NtCreateThreadEx @ 0x82C56FE9 -> HOOKED (Unknown @ 0x9DB36000)

SSDT[383] : NtCreateUserProcess @ 0x82C04C11 -> HOOKED (Unknown @ 0x9DB347C0)

S_SSDT[317] : Unknown -> HOOKED (Unknown @ 0x86D11098)

S_SSDT[397] : Unknown -> HOOKED (Unknown @ 0x86CFB308)

S_SSDT[428] : Unknown -> HOOKED (Unknown @ 0x86CF5CB0)

S_SSDT[430] : Unknown -> HOOKED (Unknown @ 0xA16A21D8)

S_SSDT[479] : Unknown -> HOOKED (Unknown @ 0xA163B790)

S_SSDT[497] : Unknown -> HOOKED (Unknown @ 0xA163B718)

S_SSDT[498] : Unknown -> HOOKED (Unknown @ 0x86D12570)

S_SSDT[572] : Unknown -> HOOKED (Unknown @ 0x9DB36800)

S_SSDT[573] : Unknown -> HOOKED (Unknown @ 0x86CFB958)

S_SSDT[576] : Unknown -> HOOKED (Unknown @ 0x86F9E640)

¤¤¤ Infection : ¤¤¤

¤¤¤ HOSTS File: ¤¤¤

127.0.0.1 localhost

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: Hitachi HDT725032VLA SCSI Disk Device +++++

--- User ---

[MBR] 2da2faf2e8b758559c5b571d49070624

[bSP] 2552b2d2227b2ea2b3c92a526a1a6f5d : HP tatooed MBR Code

Partition table:

0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 296250 Mo

2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 606720240 | Size: 8992 Mo

User = LL1 ... OK!

Error reading LL2 MBR!

Finished : << RKreport[1].txt >>

RKreport[1].txt

Link to post
Share on other sites

Before we proceed further, please uninstall or disable uTorrent and any other peer-to-peer filesharing app.

Continued use of filesharing or ill-advised downloads will surely re-infect your system.

Risks of File-Sharing Technology.

P2P file sharing: Know the risks

It's also against our policy:

http://forums.malwar...showtopic=97700

----------------------------------------

Then........

Run RogueKiller again and click Scan

When the scan completes > click on the Registry tab

Put a check next to all of these and uncheck the rest:

¤¤¤ Registry Entries: 7 ¤¤¤

[sUSP PATH] HKCU\[...]\Run : {8851B142-7EF1-5E95-C75F-F9CF1D88C315} (C:\Users\Owner\AppData\Roaming\Ribaz\bosaic.exe) -> FOUND

[sUSP PATH] HKUS\S-1-5-21-284622508-2456909913-3442383758-1000[...]\Run : {8851B142-7EF1-5E95-C75F-F9CF1D88C315} (C:\Users\Owner\AppData\Roaming\Ribaz\bosaic.exe) -> FOUND

Now click Delete on the right hand column under Options

----------------------------------------

Next...........

Please make sure system restore is running and create a new restore point before continuing.

XP <===> Vista & W7

XP users > please back up the registry using ERUNT.

-----------------------------------------

Please download and run TDSSKiller to your desktop as outlined below:

Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.

For Windows XP, double-click to start.

For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.

tdss_1.jpg

-------------------------

Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.

tdss_2.jpg

------------------------

Click the Start Scan button.

tdss_3.jpg

-----------------------

If a suspicious object is detected, the default action will be Skip, click on Continue

If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose

Skip and click on Continue

tdss_4.jpg

----------------------

If malicious objects are found, they will show in the Scan results and offer three (3) options.

Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.

Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

tdss_5.jpg

--------------------

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.

Sometimes these logs can be very large, in that case please attach it or zip it up and attach it.

-------------------

Here's a summary of what to do if you would like to print it out:

If a suspicious object is detected, the default action will be Skip, click on Continue

If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose

Skip and click on Continue

If malicious objects are found, they will show in the Scan results and offer three (3) options.

Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.

Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

MrC

Link to post
Share on other sites

Removed utorrent. I don't know how that got added or what it is exactly, but with kids in the house who knows. Anyway below is the log from TDDS killer.

21:10:49.0548 0264 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32

21:10:50.0025 0264 ============================================================

21:10:50.0025 0264 Current date / time: 2012/08/02 21:10:50.0025

21:10:50.0025 0264 SystemInfo:

21:10:50.0025 0264

21:10:50.0025 0264 OS Version: 6.0.6002 ServicePack: 2.0

21:10:50.0025 0264 Product type: Workstation

21:10:50.0026 0264 ComputerName: OWNER-PC

21:10:50.0026 0264 UserName: Owner

21:10:50.0026 0264 Windows directory: C:\Windows

21:10:50.0026 0264 System windows directory: C:\Windows

21:10:50.0026 0264 Processor architecture: Intel x86

21:10:50.0026 0264 Number of processors: 2

21:10:50.0026 0264 Page size: 0x1000

21:10:50.0026 0264 Boot type: Normal boot

21:10:50.0026 0264 ============================================================

21:10:53.0432 0264 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0xA181, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000050

21:10:53.0480 0264 ============================================================

21:10:53.0480 0264 \Device\Harddisk0\DR0:

21:10:53.0481 0264 MBR partitions:

21:10:53.0481 0264 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x2429D0B1

21:10:53.0481 0264 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2429D0F0, BlocksNum 0x1190220

21:10:53.0481 0264 ============================================================

21:10:53.0520 0264 C: <-> \Device\Harddisk0\DR0\Partition0

21:10:53.0564 0264 D: <-> \Device\Harddisk0\DR0\Partition1

21:10:53.0565 0264 ============================================================

21:10:53.0565 0264 Initialize success

21:10:53.0565 0264 ============================================================

21:10:55.0570 5052 ============================================================

21:10:55.0570 5052 Scan started

21:10:55.0570 5052 Mode: Manual;

21:10:55.0570 5052 ============================================================

21:10:58.0911 5052 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys

21:10:58.0948 5052 ACPI - ok

21:10:59.0178 5052 AdobeARMservice (11a52cf7b265631deeb24c6149309eff) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

21:10:59.0208 5052 AdobeARMservice - ok

21:10:59.0305 5052 AdobeFlashPlayerUpdateSvc (f19c98ad81d2c0e1bbfd8153d2c80ee8) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

21:10:59.0378 5052 AdobeFlashPlayerUpdateSvc - ok

21:10:59.0471 5052 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys

21:10:59.0534 5052 adp94xx - ok

21:10:59.0562 5052 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys

21:10:59.0604 5052 adpahci - ok

21:10:59.0660 5052 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys

21:10:59.0686 5052 adpu160m - ok

21:10:59.0719 5052 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys

21:10:59.0745 5052 adpu320 - ok

21:10:59.0792 5052 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll

21:10:59.0794 5052 AeLookupSvc - ok

21:10:59.0904 5052 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys

21:11:00.0054 5052 AFD - ok

21:11:00.0109 5052 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys

21:11:00.0129 5052 agp440 - ok

21:11:00.0166 5052 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys

21:11:00.0190 5052 aic78xx - ok

21:11:00.0306 5052 ALG (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe

21:11:00.0309 5052 ALG - ok

21:11:00.0324 5052 aliide (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys

21:11:00.0342 5052 aliide - ok

21:11:00.0445 5052 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys

21:11:00.0466 5052 amdagp - ok

21:11:00.0493 5052 amdide (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys

21:11:00.0521 5052 amdide - ok

21:11:00.0554 5052 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys

21:11:00.0573 5052 AmdK7 - ok

21:11:00.0625 5052 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\DRIVERS\amdk8.sys

21:11:00.0646 5052 AmdK8 - ok

21:11:00.0748 5052 Appinfo (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll

21:11:00.0751 5052 Appinfo - ok

21:11:01.0526 5052 Apple Mobile Device (f401929ee0cc92bfe7f15161ca535383) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

21:11:01.0546 5052 Apple Mobile Device - ok

21:11:01.0624 5052 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys

21:11:01.0646 5052 arc - ok

21:11:01.0693 5052 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys

21:11:01.0731 5052 arcsas - ok

21:11:02.0012 5052 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys

21:11:02.0048 5052 AsyncMac - ok

21:11:02.0249 5052 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys

21:11:02.0291 5052 atapi - ok

21:11:04.0802 5052 AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll

21:11:04.0845 5052 AudioEndpointBuilder - ok

21:11:04.0853 5052 Audiosrv (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll

21:11:04.0858 5052 Audiosrv - ok

21:11:05.0154 5052 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys

21:11:05.0173 5052 Beep - ok

21:11:05.0796 5052 BFE (c789af0f724fda5852fb9a7d3a432381) C:\Windows\System32\bfe.dll

21:11:05.0818 5052 BFE - ok

21:11:06.0389 5052 BITS (93952506c6d67330367f7e7934b6a02f) C:\Windows\System32\qmgr.dll

21:11:06.0588 5052 BITS - ok

21:11:06.0609 5052 blbdrive - ok

21:11:07.0496 5052 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe

21:11:07.0530 5052 Bonjour Service - ok

21:11:07.0692 5052 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys

21:11:08.0099 5052 bowser - ok

21:11:08.0304 5052 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys

21:11:08.0328 5052 BrFiltLo - ok

21:11:08.0515 5052 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys

21:11:08.0573 5052 BrFiltUp - ok

21:11:09.0171 5052 Browser (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll

21:11:09.0174 5052 Browser - ok

21:11:09.0296 5052 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys

21:11:09.0328 5052 Brserid - ok

21:11:09.0419 5052 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys

21:11:09.0442 5052 BrSerWdm - ok

21:11:09.0478 5052 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys

21:11:09.0494 5052 BrUsbMdm - ok

21:11:09.0546 5052 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys

21:11:09.0563 5052 BrUsbSer - ok

21:11:09.0666 5052 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys

21:11:09.0695 5052 BTHMODEM - ok

21:11:10.0397 5052 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys

21:11:10.0465 5052 cdfs - ok

21:11:10.0961 5052 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys

21:11:11.0061 5052 cdrom - ok

21:11:11.0707 5052 CertPropSvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll

21:11:11.0710 5052 CertPropSvc - ok

21:11:12.0132 5052 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys

21:11:12.0173 5052 circlass - ok

21:11:12.0331 5052 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys

21:11:12.0417 5052 CLFS - ok

21:11:12.0615 5052 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

21:11:12.0695 5052 clr_optimization_v2.0.50727_32 - ok

21:11:12.0954 5052 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

21:11:12.0966 5052 clr_optimization_v4.0.30319_32 - ok

21:11:13.0000 5052 cmdide (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys

21:11:13.0028 5052 cmdide - ok

21:11:13.0045 5052 Compbatt (82b8c91d327cfecf76cb58716f7d4997) C:\Windows\system32\drivers\compbatt.sys

21:11:13.0233 5052 Compbatt - ok

21:11:13.0237 5052 COMSysApp - ok

21:11:13.0334 5052 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys

21:11:13.0352 5052 crcdisk - ok

21:11:13.0379 5052 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys

21:11:13.0396 5052 Crusoe - ok

21:11:13.0538 5052 CryptSvc (75c6a297e364014840b48eccd7525e30) C:\Windows\system32\cryptsvc.dll

21:11:13.0542 5052 CryptSvc - ok

21:11:13.0777 5052 DcomLaunch (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll

21:11:13.0808 5052 DcomLaunch - ok

21:11:13.0871 5052 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys

21:11:13.0892 5052 DfsC - ok

21:11:14.0508 5052 DFSR (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe

21:11:14.0690 5052 DFSR - ok

21:11:14.0714 5052 Scan interrupted by user!

21:11:14.0714 5052 Scan interrupted by user!

21:11:14.0714 5052 Scan interrupted by user!

21:11:14.0714 5052 ============================================================

21:11:14.0714 5052 Scan finished

21:11:14.0714 5052 ============================================================

21:11:14.0729 4796 Detected object count: 0

21:11:14.0729 4796 Actual detected object count: 0

21:11:46.0105 0480 ============================================================

21:11:46.0105 0480 Scan started

21:11:46.0105 0480 Mode: Manual; SigCheck; TDLFS;

21:11:46.0105 0480 ============================================================

21:11:47.0446 0480 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys

21:11:47.0603 0480 ACPI - ok

21:11:47.0669 0480 AdobeARMservice (11a52cf7b265631deeb24c6149309eff) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

21:11:47.0694 0480 AdobeARMservice - ok

21:11:47.0836 0480 AdobeFlashPlayerUpdateSvc (f19c98ad81d2c0e1bbfd8153d2c80ee8) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

21:11:47.0885 0480 AdobeFlashPlayerUpdateSvc - ok

21:11:48.0073 0480 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys

21:11:48.0250 0480 adp94xx - ok

21:11:48.0284 0480 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys

21:11:48.0318 0480 adpahci - ok

21:11:48.0357 0480 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys

21:11:48.0387 0480 adpu160m - ok

21:11:48.0453 0480 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys

21:11:48.0485 0480 adpu320 - ok

21:11:48.0658 0480 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll

21:11:48.0789 0480 AeLookupSvc - ok

21:11:48.0885 0480 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys

21:11:48.0966 0480 AFD - ok

21:11:49.0021 0480 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys

21:11:49.0046 0480 agp440 - ok

21:11:49.0103 0480 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys

21:11:49.0129 0480 aic78xx - ok

21:11:49.0182 0480 ALG (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe

21:11:49.0275 0480 ALG - ok

21:11:49.0317 0480 aliide (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys

21:11:49.0342 0480 aliide - ok

21:11:49.0473 0480 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys

21:11:49.0499 0480 amdagp - ok

21:11:49.0539 0480 amdide (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys

21:11:49.0565 0480 amdide - ok

21:11:49.0632 0480 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys

21:11:49.0765 0480 AmdK7 - ok

21:11:49.0827 0480 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\DRIVERS\amdk8.sys

21:11:49.0924 0480 AmdK8 - ok

21:11:49.0992 0480 Appinfo (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll

21:11:50.0097 0480 Appinfo - ok

21:11:50.0231 0480 Apple Mobile Device (f401929ee0cc92bfe7f15161ca535383) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

21:11:50.0284 0480 Apple Mobile Device - ok

21:11:50.0334 0480 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys

21:11:50.0364 0480 arc - ok

21:11:50.0529 0480 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys

21:11:50.0559 0480 arcsas - ok

21:11:50.0702 0480 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys

21:11:50.0847 0480 AsyncMac - ok

21:11:50.0905 0480 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys

21:11:50.0936 0480 atapi - ok

21:11:51.0023 0480 AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll

21:11:51.0116 0480 AudioEndpointBuilder - ok

21:11:51.0122 0480 Audiosrv (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll

21:11:51.0186 0480 Audiosrv - ok

21:11:51.0232 0480 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys

21:11:51.0342 0480 Beep - ok

21:11:51.0380 0480 BFE (c789af0f724fda5852fb9a7d3a432381) C:\Windows\System32\bfe.dll

21:11:51.0607 0480 BFE - ok

21:11:51.0773 0480 BITS (93952506c6d67330367f7e7934b6a02f) C:\Windows\System32\qmgr.dll

21:11:51.0958 0480 BITS - ok

21:11:51.0962 0480 blbdrive - ok

21:11:52.0062 0480 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe

21:11:52.0215 0480 Bonjour Service - ok

21:11:52.0279 0480 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys

21:11:52.0329 0480 bowser - ok

21:11:52.0362 0480 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys

21:11:52.0433 0480 BrFiltLo - ok

21:11:52.0515 0480 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys

21:11:52.0618 0480 BrFiltUp - ok

21:11:52.0823 0480 Browser (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll

21:11:52.0926 0480 Browser - ok

21:11:52.0979 0480 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys

21:11:53.0114 0480 Brserid - ok

21:11:53.0144 0480 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys

21:11:53.0259 0480 BrSerWdm - ok

21:11:53.0273 0480 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys

21:11:53.0361 0480 BrUsbMdm - ok

21:11:53.0420 0480 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys

21:11:53.0576 0480 BrUsbSer - ok

21:11:53.0809 0480 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys

21:11:53.0902 0480 BTHMODEM - ok

21:11:53.0963 0480 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys

21:11:54.0064 0480 cdfs - ok

21:11:54.0127 0480 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys

21:11:54.0204 0480 cdrom - ok

21:11:54.0284 0480 CertPropSvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll

21:11:54.0372 0480 CertPropSvc - ok

21:11:54.0414 0480 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys

21:11:54.0524 0480 circlass - ok

21:11:54.0780 0480 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys

21:11:54.0819 0480 CLFS - ok

21:11:54.0957 0480 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

21:11:54.0987 0480 clr_optimization_v2.0.50727_32 - ok

21:11:55.0127 0480 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

21:11:55.0188 0480 clr_optimization_v4.0.30319_32 - ok

21:11:55.0231 0480 cmdide (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys

21:11:55.0260 0480 cmdide - ok

21:11:55.0316 0480 Compbatt (82b8c91d327cfecf76cb58716f7d4997) C:\Windows\system32\drivers\compbatt.sys

21:11:55.0345 0480 Compbatt - ok

21:11:55.0350 0480 COMSysApp - ok

21:11:55.0409 0480 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys

21:11:55.0439 0480 crcdisk - ok

21:11:55.0699 0480 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys

21:11:55.0871 0480 Crusoe - ok

21:11:55.0957 0480 CryptSvc (75c6a297e364014840b48eccd7525e30) C:\Windows\system32\cryptsvc.dll

21:11:56.0056 0480 CryptSvc - ok

21:11:56.0281 0480 DcomLaunch (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll

21:11:56.0448 0480 DcomLaunch - ok

21:11:56.0588 0480 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys

21:11:56.0702 0480 DfsC - ok

21:11:57.0071 0480 DFSR (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe

21:11:57.0494 0480 DFSR - ok

21:11:57.0999 0480 Dhcp (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll

21:11:58.0062 0480 Dhcp - ok

21:11:58.0155 0480 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys

21:11:58.0206 0480 disk - ok

21:11:58.0298 0480 Dnscache (57d762f6f5974af0da2be88a3349baaa) C:\Windows\System32\dnsrslvr.dll

21:11:58.0459 0480 Dnscache - ok

21:11:58.0522 0480 dot3svc (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll

21:11:58.0617 0480 dot3svc - ok

21:11:58.0759 0480 Dot4 (4f59c172c094e1a1d46463a8dc061cbd) C:\Windows\system32\DRIVERS\Dot4.sys

21:11:58.0937 0480 Dot4 - ok

21:11:58.0977 0480 Dot4Print (80bf3ba09f6f2523c8f6b7cc6dbf7bd5) C:\Windows\system32\DRIVERS\Dot4Prt.sys

21:11:59.0046 0480 Dot4Print - ok

21:11:59.0106 0480 dot4usb (c55004ca6b419b6695970dfe849b122f) C:\Windows\system32\DRIVERS\dot4usb.sys

21:11:59.0224 0480 dot4usb - ok

21:11:59.0341 0480 DPS (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll

21:11:59.0416 0480 DPS - ok

21:11:59.0509 0480 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys

21:11:59.0594 0480 drmkaud - ok

21:11:59.0791 0480 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys

21:12:00.0002 0480 DXGKrnl - ok

21:12:00.0034 0480 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys

21:12:00.0147 0480 E1G60 - ok

21:12:00.0219 0480 EapHost (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll

21:12:00.0270 0480 EapHost - ok

21:12:00.0362 0480 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys

21:12:00.0410 0480 Ecache - ok

21:12:00.0471 0480 ehRecvr (9be3744d295a7701eb425332014f0797) C:\Windows\ehome\ehRecvr.exe

21:12:00.0515 0480 ehRecvr - ok

21:12:00.0568 0480 ehSched (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe

21:12:00.0633 0480 ehSched - ok

21:12:00.0685 0480 ehstart (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll

21:12:00.0756 0480 ehstart - ok

21:12:00.0824 0480 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys

21:12:00.0933 0480 elxstor - ok

21:12:01.0098 0480 EMDMgmt (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll

21:12:01.0308 0480 EMDMgmt - ok

21:12:01.0392 0480 EventSystem (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll

21:12:01.0488 0480 EventSystem - ok

21:12:01.0548 0480 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys

21:12:01.0659 0480 exfat - ok

21:12:01.0816 0480 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys

21:12:01.0949 0480 fastfat - ok

21:12:02.0006 0480 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys

21:12:02.0133 0480 fdc - ok

21:12:02.0185 0480 fdPHost (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll

21:12:02.0281 0480 fdPHost - ok

21:12:02.0322 0480 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll

21:12:02.0437 0480 FDResPub - ok

21:12:02.0513 0480 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys

21:12:02.0566 0480 FileInfo - ok

21:12:02.0594 0480 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys

21:12:02.0681 0480 Filetrace - ok

21:12:02.0752 0480 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys

21:12:02.0852 0480 flpydisk - ok

21:12:02.0924 0480 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys

21:12:02.0958 0480 FltMgr - ok

21:12:03.0129 0480 FontCache (8ce364388c8eca59b14b539179276d44) C:\Windows\system32\FntCache.dll

21:12:03.0343 0480 FontCache - ok

21:12:03.0494 0480 FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe

21:12:03.0623 0480 FontCache3.0.0.0 - ok

21:12:03.0702 0480 Fs_Rec (b972a66758577e0bfd1de0f91aaa27b5) C:\Windows\system32\drivers\Fs_Rec.sys

21:12:03.0836 0480 Fs_Rec - ok

21:12:03.0867 0480 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys

21:12:03.0919 0480 gagp30kx - ok

21:12:04.0053 0480 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\Drivers\GEARAspiWDM.sys

21:12:04.0087 0480 GEARAspiWDM - ok

21:12:04.0207 0480 gpsvc (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll

21:12:04.0440 0480 gpsvc - ok

21:12:04.0699 0480 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys

21:12:04.0843 0480 HdAudAddService - ok

21:12:04.0922 0480 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys

21:12:05.0194 0480 HDAudBus - ok

21:12:05.0220 0480 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys

21:12:05.0356 0480 HidBth - ok

21:12:05.0370 0480 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys

21:12:05.0528 0480 HidIr - ok

21:12:05.0582 0480 hidserv (84067081f3318162797385e11a8f0582) C:\Windows\system32\hidserv.dll

21:12:05.0632 0480 hidserv - ok

21:12:05.0679 0480 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys

21:12:05.0793 0480 HidUsb - ok

21:12:05.0855 0480 hkmsvc (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll

21:12:05.0982 0480 hkmsvc - ok

21:12:06.0029 0480 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys

21:12:06.0080 0480 HpCISSs - ok

21:12:06.0219 0480 hpqcxs08 (cc8a7d8a8dc9f357b57796583cf8b85f) C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll

21:12:06.0320 0480 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning

21:12:06.0320 0480 hpqcxs08 - detected UnsignedFile.Multi.Generic (1)

21:12:06.0351 0480 hpqddsvc (4c2ca71caafd2cf1a673fc8dbfd219c4) C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll

21:12:06.0426 0480 hpqddsvc ( UnsignedFile.Multi.Generic ) - warning

21:12:06.0426 0480 hpqddsvc - detected UnsignedFile.Multi.Generic (1)

21:12:06.0723 0480 HSF_DP (88749fbf8beb18c90e7d6626c8c1910b) C:\Windows\system32\DRIVERS\HSX_DP.sys

21:12:07.0024 0480 HSF_DP ( UnsignedFile.Multi.Generic ) - warning

21:12:07.0024 0480 HSF_DP - detected UnsignedFile.Multi.Generic (1)

21:12:07.0050 0480 HSXHWBS2 (fe440536bd98af772130dc3a6fe1915f) C:\Windows\system32\DRIVERS\HSXHWBS2.sys

21:12:07.0148 0480 HSXHWBS2 ( UnsignedFile.Multi.Generic ) - warning

21:12:07.0148 0480 HSXHWBS2 - detected UnsignedFile.Multi.Generic (1)

21:12:07.0240 0480 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys

21:12:07.0420 0480 HTTP - ok

21:12:07.0488 0480 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys

21:12:07.0535 0480 i2omp - ok

21:12:07.0649 0480 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys

21:12:07.0761 0480 i8042prt - ok

21:12:07.0793 0480 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys

21:12:07.0898 0480 iaStorV - ok

21:12:08.0063 0480 IDriverT (6f95324909b502e2651442c1548ab12f) c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

21:12:08.0317 0480 IDriverT ( UnsignedFile.Multi.Generic ) - warning

21:12:08.0318 0480 IDriverT - detected UnsignedFile.Multi.Generic (1)

21:12:08.0620 0480 idsvc (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

21:12:08.0932 0480 idsvc - ok

21:12:09.0078 0480 IHA_MessageCenter (c135bff15563592b8ea070ea109967f7) C:\Program Files\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe

21:12:09.0180 0480 IHA_MessageCenter - ok

21:12:09.0327 0480 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys

21:12:09.0365 0480 iirsp - ok

21:12:09.0559 0480 IKEEXT (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll

21:12:09.0727 0480 IKEEXT - ok

21:12:09.0933 0480 IntcAzAudAddService (84ed2154239f9d013bbd3220755ada8b) C:\Windows\system32\drivers\RTKVHDA.sys

21:12:10.0452 0480 IntcAzAudAddService - ok

21:12:10.0633 0480 intelide (97469037714070e45194ed318d636401) C:\Windows\system32\drivers\intelide.sys

21:12:10.0682 0480 intelide - ok

21:12:10.0724 0480 intelppm (ce44cc04262f28216dd4341e9e36a16f) C:\Windows\system32\DRIVERS\intelppm.sys

21:12:10.0905 0480 intelppm - ok

21:12:10.0968 0480 IPBusEnum (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll

21:12:11.0053 0480 IPBusEnum - ok

21:12:11.0092 0480 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys

21:12:11.0202 0480 IpFilterDriver - ok

21:12:11.0251 0480 iphlpsvc (1998bd97f950680bb55f55a7244679c2) C:\Windows\System32\iphlpsvc.dll

21:12:11.0349 0480 iphlpsvc - ok

21:12:11.0356 0480 IpInIp - ok

21:12:11.0386 0480 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys

21:12:11.0523 0480 IPMIDRV - ok

21:12:11.0609 0480 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys

21:12:11.0704 0480 IPNAT - ok

21:12:11.0945 0480 iPod Service (dcb3796e0169419618c72f0ce34c68ed) C:\Program Files\iPod\bin\iPodService.exe

21:12:12.0174 0480 iPod Service - ok

21:12:12.0254 0480 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys

21:12:12.0352 0480 IRENUM - ok

21:12:12.0463 0480 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys

21:12:12.0513 0480 isapnp - ok

21:12:12.0614 0480 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys

21:12:12.0673 0480 iScsiPrt - ok

21:12:12.0704 0480 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys

21:12:12.0754 0480 iteatapi - ok

21:12:12.0796 0480 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys

21:12:12.0844 0480 iteraid - ok

21:12:12.0902 0480 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys

21:12:12.0953 0480 kbdclass - ok

21:12:13.0022 0480 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys

21:12:13.0131 0480 kbdhid - ok

21:12:13.0187 0480 KeyIso (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe

21:12:13.0325 0480 KeyIso - ok

21:12:13.0553 0480 Kodak AiO Network Discovery Service (162a5e3a691b903111526147c8d29e6d) C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe

21:12:13.0766 0480 Kodak AiO Network Discovery Service - ok

21:12:13.0996 0480 Kodak AiO Status Monitor Service (b5e53fca219a6491e9a1ba146a5d2452) C:\Program Files\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe

21:12:14.0326 0480 Kodak AiO Status Monitor Service ( UnsignedFile.Multi.Generic ) - warning

21:12:14.0327 0480 Kodak AiO Status Monitor Service - detected UnsignedFile.Multi.Generic (1)

21:12:14.0448 0480 KSecDD (4a1445efa932a3baf5bdb02d7131ee20) C:\Windows\system32\Drivers\ksecdd.sys

21:12:14.0572 0480 KSecDD - ok

21:12:14.0647 0480 KtmRm (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll

21:12:14.0852 0480 KtmRm - ok

21:12:14.0963 0480 LanmanServer (1bf5eebfd518dd7298434d8c862f825d) C:\Windows\system32\srvsvc.dll

21:12:15.0067 0480 LanmanServer - ok

21:12:15.0189 0480 LanmanWorkstation (1db69705b695b987082c8baec0c6b34f) C:\Windows\System32\wkssvc.dll

21:12:15.0283 0480 LanmanWorkstation - ok

21:12:15.0545 0480 LeapFrog Connect Device Service (bf47086d3c3ac4fe25187a2188609027) C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe

21:12:15.0886 0480 LeapFrog Connect Device Service - ok

21:12:16.0002 0480 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys

21:12:16.0117 0480 lltdio - ok

21:12:16.0166 0480 lltdsvc (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll

21:12:16.0281 0480 lltdsvc - ok

21:12:16.0332 0480 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll

21:12:16.0416 0480 lmhosts - ok

21:12:16.0474 0480 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys

21:12:16.0530 0480 LSI_FC - ok

21:12:16.0565 0480 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys

21:12:16.0618 0480 LSI_SAS - ok

21:12:16.0649 0480 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys

21:12:16.0699 0480 LSI_SCSI - ok

21:12:16.0777 0480 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys

21:12:16.0887 0480 luafv - ok

21:12:17.0006 0480 Mcx2Svc (aef9babb8a506bc4ce0451a64aaded46) C:\Windows\system32\Mcx2Svc.dll

21:12:17.0066 0480 Mcx2Svc - ok

21:12:17.0083 0480 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys

21:12:17.0130 0480 mdmxsdk - ok

21:12:17.0193 0480 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys

21:12:17.0235 0480 megasas - ok

21:12:17.0286 0480 MMCSS (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll

21:12:17.0393 0480 MMCSS - ok

21:12:17.0425 0480 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys

21:12:17.0528 0480 Modem - ok

21:12:17.0597 0480 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys

21:12:17.0679 0480 monitor - ok

21:12:17.0742 0480 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys

21:12:17.0781 0480 mouclass - ok

21:12:17.0832 0480 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys

21:12:17.0930 0480 mouhid - ok

21:12:18.0041 0480 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys

21:12:18.0080 0480 MountMgr - ok

21:12:18.0184 0480 MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

21:12:18.0234 0480 MozillaMaintenance - ok

21:12:18.0307 0480 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys

21:12:18.0359 0480 mpio - ok

21:12:18.0418 0480 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys

21:12:18.0528 0480 mpsdrv - ok

21:12:18.0612 0480 MpsSvc (5de62c6e9108f14f6794060a9bdecaec) C:\Windows\system32\mpssvc.dll

21:12:18.0799 0480 MpsSvc - ok

21:12:18.0824 0480 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys

21:12:18.0873 0480 Mraid35x - ok

21:12:18.0920 0480 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys

21:12:19.0019 0480 MRxDAV - ok

21:12:19.0110 0480 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys

21:12:19.0249 0480 mrxsmb - ok

21:12:19.0472 0480 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys

21:12:19.0599 0480 mrxsmb10 - ok

21:12:19.0661 0480 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys

21:12:19.0734 0480 mrxsmb20 - ok

21:12:19.0841 0480 msahci (742aed7939e734c36b7e8d6228ce26b7) C:\Windows\system32\drivers\msahci.sys

21:12:19.0889 0480 msahci - ok

21:12:19.0966 0480 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys

21:12:20.0013 0480 msdsm - ok

21:12:20.0102 0480 MSDTC (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe

21:12:20.0243 0480 MSDTC - ok

21:12:20.0295 0480 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys

21:12:20.0381 0480 Msfs - ok

21:12:20.0459 0480 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys

21:12:20.0498 0480 msisadrv - ok

21:12:20.0553 0480 MSiSCSI (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll

21:12:20.0690 0480 MSiSCSI - ok

21:12:20.0695 0480 msiserver - ok

21:12:20.0769 0480 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys

21:12:20.0833 0480 MSKSSRV - ok

21:12:20.0858 0480 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys

21:12:20.0924 0480 MSPCLOCK - ok

21:12:20.0929 0480 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys

21:12:21.0025 0480 MSPQM - ok

21:12:21.0108 0480 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys

21:12:21.0158 0480 MsRPC - ok

21:12:21.0222 0480 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys

21:12:21.0266 0480 mssmbios - ok

21:12:21.0305 0480 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys

21:12:21.0424 0480 MSTEE - ok

21:12:21.0453 0480 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys

21:12:21.0503 0480 Mup - ok

21:12:21.0595 0480 napagent (e4eaf0c5c1b41b5c83386cf212ca9584) C:\Windows\system32\qagentRT.dll

21:12:21.0713 0480 napagent - ok

21:12:21.0771 0480 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys

21:12:21.0872 0480 NativeWifiP - ok

21:12:21.0961 0480 NBVol (e240f3204e86b7b6ccf266b2a2ad32b4) C:\Windows\system32\DRIVERS\NBVol.sys

21:12:22.0032 0480 NBVol - ok

21:12:22.0155 0480 NBVolUp (c0cf3cccce3c75f7280c89029ab47866) C:\Windows\system32\DRIVERS\NBVolUp.sys

21:12:22.0198 0480 NBVolUp - ok

21:12:22.0315 0480 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys

21:12:22.0607 0480 NDIS - ok

21:12:22.0660 0480 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys

21:12:22.0769 0480 NdisTapi - ok

21:12:22.0828 0480 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys

21:12:22.0908 0480 Ndisuio - ok

21:12:23.0000 0480 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys

21:12:23.0152 0480 NdisWan - ok

21:12:23.0194 0480 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys

21:12:23.0271 0480 NDProxy - ok

21:12:23.0346 0480 Net Driver HPZ12 (2969d26eee289be7422aa46fc55f4e38) C:\Windows\system32\HPZinw12.dll

21:12:23.0488 0480 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning

21:12:23.0488 0480 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)

21:12:23.0551 0480 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys

21:12:23.0670 0480 NetBIOS - ok

21:12:23.0738 0480 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys

21:12:23.0844 0480 netbt - ok

21:12:23.0903 0480 Netlogon (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe

21:12:23.0954 0480 Netlogon - ok

21:12:23.0983 0480 Netman (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll

21:12:24.0084 0480 Netman - ok

21:12:24.0149 0480 netprofm (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll

21:12:24.0348 0480 netprofm - ok

21:12:24.0497 0480 NetTcpPortSharing (d6c4e4a39a36029ac0813d476fbd0248) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe

21:12:24.0553 0480 NetTcpPortSharing - ok

21:12:24.0654 0480 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys

21:12:24.0769 0480 nfrd960 - ok

21:12:24.0969 0480 NlaSvc (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll

21:12:25.0033 0480 NlaSvc - ok

21:12:25.0160 0480 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys

21:12:25.0239 0480 Npfs - ok

21:12:25.0306 0480 nsi (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll

21:12:25.0386 0480 nsi - ok

21:12:25.0426 0480 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys

21:12:25.0538 0480 nsiproxy - ok

21:12:25.0689 0480 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys

21:12:25.0980 0480 Ntfs - ok

21:12:26.0010 0480 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys

21:12:26.0092 0480 ntrigdigi - ok

21:12:26.0145 0480 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys

21:12:26.0251 0480 Null - ok

21:12:26.0401 0480 NVENETFD (74c825c573aa6e115590d94e7bf86901) C:\Windows\system32\DRIVERS\nvmfdx32.sys

21:12:26.0654 0480 NVENETFD - ok

21:12:27.0808 0480 nvlddmkm (fbba09782f2fac5a57619df378ba9372) C:\Windows\system32\DRIVERS\nvlddmkm.sys

21:12:29.0475 0480 nvlddmkm - ok

21:12:29.0680 0480 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys

21:12:29.0735 0480 nvraid - ok

21:12:29.0788 0480 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys

21:12:29.0837 0480 nvstor - ok

21:12:29.0889 0480 nvstor32 (019054d997f65358dca63ecae5103f97) C:\Windows\system32\drivers\nvstor32.sys

21:12:29.0919 0480 nvstor32 - ok

21:12:30.0041 0480 nvsvc (cf7769f13b3ecc5e2bf1b3d1c5831ae8) C:\Windows\system32\nvvsvc.exe

21:12:30.0167 0480 nvsvc - ok

21:12:30.0222 0480 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys

21:12:30.0276 0480 nv_agp - ok

21:12:30.0281 0480 NwlnkFlt - ok

21:12:30.0288 0480 NwlnkFwd - ok

21:12:30.0538 0480 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE

21:12:30.0680 0480 odserv - ok

21:12:30.0763 0480 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys

21:12:30.0945 0480 ohci1394 - ok

21:12:31.0073 0480 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE

21:12:31.0136 0480 ose - ok

21:12:31.0245 0480 p2pimsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll

21:12:31.0577 0480 p2pimsvc - ok

21:12:31.0591 0480 p2psvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll

21:12:31.0811 0480 p2psvc - ok

21:12:31.0845 0480 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys

21:12:31.0955 0480 Parport - ok

21:12:32.0021 0480 partmgr (b9c2b89f08670e159f7181891e449cd9) C:\Windows\system32\drivers\partmgr.sys

21:12:32.0071 0480 partmgr - ok

21:12:32.0100 0480 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys

21:12:32.0228 0480 Parvdm - ok

21:12:32.0302 0480 PcaSvc (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll

21:12:32.0353 0480 PcaSvc - ok

21:12:32.0598 0480 PCD5SRVC{BD6912E3-AC9D80E8-05010004} (3846c6a3a8db78c8771fe1aae565b256) c:\progra~1\pc-doc~1\PCD5SRVC.pkms

21:12:32.0793 0480 PCD5SRVC{BD6912E3-AC9D80E8-05010004} - ok

21:12:32.0881 0480 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys

21:12:32.0939 0480 pci - ok

21:12:32.0972 0480 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys

21:12:33.0021 0480 pciide - ok

21:12:33.0080 0480 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys

21:12:33.0141 0480 pcmcia - ok

21:12:33.0226 0480 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys

21:12:33.0566 0480 PEAUTH - ok

21:12:33.0811 0480 pla (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll

21:12:34.0121 0480 pla - ok

21:12:34.0264 0480 PlugPlay (c5e7f8a996ec0a82d508fd9064a5569e) C:\Windows\system32\umpnpmgr.dll

21:12:34.0383 0480 PlugPlay - ok

21:12:34.0455 0480 Pml Driver HPZ12 (bafc9706bdf425a02b66468ab2605c59) C:\Windows\system32\HPZipm12.dll

21:12:34.0533 0480 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning

21:12:34.0533 0480 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)

21:12:34.0787 0480 PNRPAutoReg (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll

21:12:35.0058 0480 PNRPAutoReg - ok

21:12:35.0075 0480 PNRPsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll

21:12:35.0289 0480 PNRPsvc - ok

21:12:35.0376 0480 PolicyAgent (d0494460421a03cd5225cca0059aa146) C:\Windows\System32\ipsecsvc.dll

21:12:35.0602 0480 PolicyAgent - ok

21:12:35.0690 0480 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys

21:12:35.0767 0480 PptpMiniport - ok

21:12:35.0839 0480 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys

21:12:35.0965 0480 Processor - ok

21:12:36.0059 0480 ProfSvc (0508faa222d28835310b7bfca7a77346) C:\Windows\system32\profsvc.dll

21:12:36.0110 0480 ProfSvc - ok

21:12:36.0185 0480 ProtectedStorage (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe

21:12:36.0228 0480 ProtectedStorage - ok

21:12:36.0272 0480 Ps2 (390c204ced3785609ab24e9c52054a84) C:\Windows\system32\DRIVERS\PS2.sys

21:12:36.0355 0480 Ps2 - ok

21:12:36.0408 0480 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys

21:12:36.0500 0480 PSched - ok

21:12:36.0535 0480 PxHelp20 (d86b4a68565e444d76457f14172c875a) C:\Windows\system32\Drivers\PxHelp20.sys

21:12:36.0583 0480 PxHelp20 - ok

21:12:36.0686 0480 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys

21:12:37.0078 0480 ql2300 - ok

21:12:37.0152 0480 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys

21:12:37.0199 0480 ql40xx - ok

21:12:37.0289 0480 QWAVE (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll

21:12:37.0369 0480 QWAVE - ok

21:12:37.0411 0480 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys

21:12:37.0508 0480 QWAVEdrv - ok

21:12:37.0524 0480 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys

21:12:37.0603 0480 RasAcd - ok

21:12:37.0627 0480 RasAuto (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll

21:12:37.0731 0480 RasAuto - ok

21:12:37.0793 0480 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys

21:12:37.0880 0480 Rasl2tp - ok

21:12:37.0957 0480 RasMan (75d47445d70ca6f9f894b032fbc64fcf) C:\Windows\System32\rasmans.dll

21:12:38.0047 0480 RasMan - ok

21:12:38.0108 0480 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys

21:12:38.0207 0480 RasPppoe - ok

21:12:38.0272 0480 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys

21:12:38.0331 0480 RasSstp - ok

21:12:38.0404 0480 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys

21:12:38.0477 0480 rdbss - ok

21:12:38.0547 0480 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys

21:12:38.0657 0480 RDPCDD - ok

21:12:38.0699 0480 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys

21:12:38.0827 0480 rdpdr - ok

21:12:38.0868 0480 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys

21:12:38.0946 0480 RDPENCDD - ok

21:12:39.0026 0480 RDPWD (c127ebd5afab31524662c48dfceb773a) C:\Windows\system32\drivers\RDPWD.sys

21:12:39.0139 0480 RDPWD - ok

21:12:39.0200 0480 RemoteAccess (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll

21:12:39.0309 0480 RemoteAccess - ok

21:12:39.0372 0480 RemoteRegistry (9e6894ea18daff37b63e1005f83ae4ab) C:\Windows\system32\regsvc.dll

21:12:39.0432 0480 RemoteRegistry - ok

21:12:39.0516 0480 RimUsb (616eac1b0e48b236a5a9b8ae07fdb81c) C:\Windows\system32\Drivers\RimUsb.sys

21:12:39.0609 0480 RimUsb - ok

21:12:39.0625 0480 RimVSerPort (2c4fb2e9f039287767c384e46ee91030) C:\Windows\system32\DRIVERS\RimSerial.sys

21:12:39.0709 0480 RimVSerPort - ok

21:12:39.0764 0480 ROOTMODEM (75e8a6bfa7374aba833ae92bf41ae4e6) C:\Windows\system32\Drivers\RootMdm.sys

21:12:39.0872 0480 ROOTMODEM - ok

21:12:40.0051 0480 RoxMediaDB9 (062d1268cfcf569ba5fbcfd1bea88d2a) c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe

21:12:40.0400 0480 RoxMediaDB9 - ok

21:12:40.0450 0480 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe

21:12:40.0525 0480 RpcLocator - ok

21:12:40.0643 0480 RpcSs (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll

21:12:40.0814 0480 RpcSs - ok

21:12:40.0892 0480 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys

21:12:41.0017 0480 rspndr - ok

21:12:41.0109 0480 SamSs (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe

21:12:41.0161 0480 SamSs - ok

21:12:41.0195 0480 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys

21:12:41.0249 0480 sbp2port - ok

21:12:41.0319 0480 SCardSvr (77b7a11a0c3d78d3386398fbbea1b632) C:\Windows\System32\SCardSvr.dll

21:12:41.0412 0480 SCardSvr - ok

21:12:41.0539 0480 Schedule (1a58069db21d05eb2ab58ee5753ebe8d) C:\Windows\system32\schedsvc.dll

21:12:41.0805 0480 Schedule - ok

21:12:41.0865 0480 SCPolicySvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll

21:12:41.0933 0480 SCPolicySvc - ok

21:12:42.0012 0480 SDRSVC (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll

21:12:42.0073 0480 SDRSVC - ok

21:12:42.0096 0480 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys

21:12:42.0237 0480 secdrv - ok

21:12:42.0255 0480 seclogon (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll

21:12:42.0365 0480 seclogon - ok

21:12:42.0408 0480 SENS (a9bbab5759771e523f55563d6cbe140f) C:\Windows\System32\sens.dll

21:12:42.0487 0480 SENS - ok

21:12:42.0545 0480 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys

21:12:42.0669 0480 Serenum - ok

21:12:42.0691 0480 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys

21:12:42.0830 0480 Serial - ok

21:12:42.0888 0480 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys

21:12:42.0965 0480 sermouse - ok

21:12:43.0034 0480 SessionEnv (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll

21:12:43.0094 0480 SessionEnv - ok

21:12:43.0288 0480 SfCtlCom (0db2f96fcbc6cbf19e4ee8b6aed36c4a) C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe

21:12:43.0559 0480 SfCtlCom - ok

21:12:43.0624 0480 sffdisk (103b79418da647736ee95645f305f68a) C:\Windows\system32\drivers\sffdisk.sys

21:12:43.0748 0480 sffdisk - ok

21:12:43.0768 0480 sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys

21:12:43.0866 0480 sffp_mmc - ok

21:12:43.0915 0480 sffp_sd (9cfa05fcfcb7124e69cfc812b72f9614) C:\Windows\system32\drivers\sffp_sd.sys

21:12:44.0081 0480 sffp_sd - ok

21:12:44.0106 0480 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys

21:12:44.0238 0480 sfloppy - ok

21:12:44.0306 0480 SharedAccess (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll

21:12:44.0413 0480 SharedAccess - ok

21:12:44.0483 0480 ShellHWDetection (c7230fbee14437716701c15be02c27b8) C:\Windows\System32\shsvcs.dll

21:12:44.0540 0480 ShellHWDetection - ok

21:12:44.0587 0480 sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys

21:12:44.0636 0480 sisagp - ok

21:12:44.0677 0480 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys

21:12:44.0725 0480 SiSRaid2 - ok

21:12:44.0779 0480 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys

21:12:44.0834 0480 SiSRaid4 - ok

21:12:45.0445 0480 slsvc (862bb4cbc05d80c5b45be430e5ef872f) C:\Windows\system32\SLsvc.exe

21:12:46.0025 0480 slsvc - ok

21:12:46.0175 0480 SLUINotify (6edc422215cd78aa8a9cde6b30abbd35) C:\Windows\system32\SLUINotify.dll

21:12:46.0269 0480 SLUINotify - ok

21:12:46.0373 0480 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys

21:12:46.0450 0480 Smb - ok

21:12:46.0509 0480 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe

21:12:46.0603 0480 SNMPTRAP - ok

21:12:46.0662 0480 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys

21:12:46.0709 0480 spldr - ok

21:12:46.0791 0480 Spooler (8554097e5136c3bf9f69fe578a1b35f4) C:\Windows\System32\spoolsv.exe

21:12:46.0921 0480 Spooler - ok

21:12:46.0992 0480 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys

21:12:47.0107 0480 srv - ok

21:12:47.0173 0480 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys

21:12:47.0251 0480 srv2 - ok

21:12:47.0280 0480 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys

21:12:47.0355 0480 srvnet - ok

21:12:47.0432 0480 SSDPSRV (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll

21:12:47.0505 0480 SSDPSRV - ok

21:12:47.0536 0480 SSFS0BB9 (d3ad8d2e550b262694b024d1eb1efffc) C:\Windows\system32\Drivers\SSFS0BB9.SYS

21:12:47.0581 0480 SSFS0BB9 - ok

21:12:47.0588 0480 SSHRMD (4d0e7a4befad963d3aecfac12fdeff16) C:\Windows\system32\Drivers\SSHRMD.SYS

21:12:47.0623 0480 SSHRMD - ok

21:12:47.0674 0480 SSIDRV (43eeddc9b9b8accdb4a914ba893c73de) C:\Windows\system32\Drivers\SSIDRV.SYS

21:12:47.0718 0480 SSIDRV - ok

21:12:47.0745 0480 SSKBFD (8564bc9598be1705477b7fa61d657c2b) C:\Windows\system32\Drivers\sskbfd.sys

21:12:47.0780 0480 SSKBFD - ok

21:12:47.0877 0480 SstpSvc (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll

21:12:47.0925 0480 SstpSvc - ok

21:12:48.0027 0480 stisvc (5de7d67e49b88f5f07f3e53c4b92a352) C:\Windows\System32\wiaservc.dll

21:12:48.0197 0480 stisvc - ok

21:12:48.0258 0480 stllssvr (4cfeb2bd9723489da072b300940ea287) c:\Program Files\Common Files\SureThing Shared\stllssvr.exe

21:12:48.0309 0480 stllssvr - ok

21:12:48.0385 0480 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys

21:12:48.0426 0480 swenum - ok

21:12:48.0494 0480 swprv (f21fd248040681cca1fb6c9a03aaa93d) C:\Windows\System32\swprv.dll

21:12:48.0600 0480 swprv - ok

21:12:48.0652 0480 Symantec Core LC - ok

21:12:48.0729 0480 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys

21:12:48.0776 0480 Symc8xx - ok

21:12:48.0781 0480 SYMTDI - ok

21:12:48.0823 0480 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys

21:12:48.0873 0480 Sym_hi - ok

21:12:48.0917 0480 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys

21:12:48.0966 0480 Sym_u3 - ok

21:12:49.0183 0480 SysMain (9a51b04e9886aa4ee90093586b0ba88d) C:\Windows\system32\sysmain.dll

21:12:49.0315 0480 SysMain - ok

21:12:49.0340 0480 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll

21:12:49.0439 0480 TabletInputService - ok

21:12:49.0516 0480 TapiSrv (d7673e4b38ce21ee54c59eeeb65e2483) C:\Windows\System32\tapisrv.dll

21:12:49.0580 0480 TapiSrv - ok

21:12:49.0661 0480 TBS (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll

21:12:49.0834 0480 TBS - ok

21:12:50.0009 0480 Tcpip (27d470dabc77bc60d0a3b0e4deb6cb91) C:\Windows\system32\drivers\tcpip.sys

21:12:50.0586 0480 Tcpip - ok

21:12:50.0600 0480 Tcpip6 (27d470dabc77bc60d0a3b0e4deb6cb91) C:\Windows\system32\DRIVERS\tcpip.sys

21:12:50.0811 0480 Tcpip6 - ok

21:12:50.0864 0480 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys

21:12:50.0947 0480 tcpipreg - ok

21:12:51.0048 0480 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys

21:12:51.0163 0480 TDPIPE - ok

21:12:51.0183 0480 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys

21:12:51.0285 0480 TDTCP - ok

21:12:51.0368 0480 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys

21:12:51.0432 0480 tdx - ok

21:12:51.0490 0480 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys

21:12:51.0529 0480 TermDD - ok

21:12:51.0598 0480 TermService (bb95da09bef6e7a131bff3ba5032090d) C:\Windows\System32\termsrv.dll

21:12:51.0754 0480 TermService - ok

21:12:51.0831 0480 Themes (c7230fbee14437716701c15be02c27b8) C:\Windows\system32\shsvcs.dll

21:12:51.0879 0480 Themes - ok

21:12:51.0966 0480 THREADORDER (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll

21:12:52.0026 0480 THREADORDER - ok

21:12:52.0130 0480 tmactmon (02ffe7402fb07f2f64d1ac6866345087) C:\Windows\system32\DRIVERS\tmactmon.sys

21:12:52.0176 0480 tmactmon - ok

21:12:52.0327 0480 TMBMServer (6b259aa2eeb079ee8069a73038eddd71) C:\Program Files\Trend Micro\BM\TMBMSRV.exe

21:12:52.0460 0480 TMBMServer - ok

21:12:52.0531 0480 tmcomm (8762cb58a489b385feef2aea7f7718f3) C:\Windows\system32\DRIVERS\tmcomm.sys

21:12:52.0628 0480 tmcomm - ok

21:12:52.0689 0480 tmevtmgr (efe60b70fa964459dde55039c5b05be7) C:\Windows\system32\DRIVERS\tmevtmgr.sys

21:12:52.0775 0480 tmevtmgr - ok

21:12:52.0844 0480 tmpreflt (379c4f99994a56b66e11d1e32bb22a1c) C:\Windows\system32\DRIVERS\tmpreflt.sys

21:12:52.0883 0480 tmpreflt - ok

21:12:52.0970 0480 TmProxy (9457e19b32a2e2da024b9b82a027284d) C:\Program Files\Trend Micro\Internet Security\TmProxy.exe

21:12:53.0213 0480 TmProxy - ok

21:12:53.0268 0480 tmtdi (ce1321671eee4520b9b50cd513f67dad) C:\Windows\system32\DRIVERS\tmtdi.sys

21:12:53.0309 0480 tmtdi - ok

21:12:53.0374 0480 tmxpflt (717e406972bbc07f8fb2a989416cab73) C:\Windows\system32\DRIVERS\tmxpflt.sys

21:12:53.0463 0480 tmxpflt - ok

21:12:53.0535 0480 TrkWks (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll

21:12:53.0620 0480 TrkWks - ok

21:12:53.0725 0480 TrustedInstaller (97d9d6a04e3ad9b6c626b9931db78dba) C:\Windows\servicing\TrustedInstaller.exe

21:12:53.0837 0480 TrustedInstaller - ok

21:12:53.0874 0480 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys

21:12:53.0956 0480 tssecsrv - ok

21:12:54.0039 0480 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys

21:12:54.0140 0480 tunmp - ok

21:12:54.0222 0480 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys

21:12:54.0407 0480 tunnel - ok

21:12:54.0473 0480 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys

21:12:54.0524 0480 uagp35 - ok

21:12:54.0635 0480 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys

21:12:54.0720 0480 udfs - ok

21:12:54.0786 0480 UI0Detect (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe

21:12:54.0852 0480 UI0Detect - ok

21:12:54.0882 0480 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys

21:12:54.0934 0480 uliagpkx - ok

21:12:54.0972 0480 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys

21:12:55.0037 0480 uliahci - ok

21:12:55.0089 0480 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys

21:12:55.0146 0480 UlSata - ok

21:12:55.0188 0480 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys

21:12:55.0246 0480 ulsata2 - ok

21:12:55.0320 0480 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys

21:12:55.0403 0480 umbus - ok

21:12:55.0479 0480 upnphost (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll

21:12:55.0552 0480 upnphost - ok

21:12:55.0609 0480 USBAAPL (4b8a9c16b6d9258ed99c512aecb8c555) C:\Windows\system32\Drivers\usbaapl.sys

21:12:55.0684 0480 USBAAPL ( UnsignedFile.Multi.Generic ) - warning

21:12:55.0684 0480 USBAAPL - detected UnsignedFile.Multi.Generic (1)

21:12:55.0781 0480 usbaudio (32db9517628ff0d070682aab61e688f0) C:\Windows\system32\drivers\usbaudio.sys

21:12:55.0859 0480 usbaudio - ok

21:12:55.0949 0480 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys

21:12:56.0066 0480 usbccgp - ok

21:12:56.0132 0480 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys

21:12:56.0221 0480 usbcir - ok

21:12:56.0272 0480 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys

21:12:56.0376 0480 usbehci - ok

21:12:56.0444 0480 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys

21:12:56.0562 0480 usbhub - ok

21:12:56.0637 0480 usbohci (ce697fee0d479290d89bec80dfe793b7) C:\Windows\system32\DRIVERS\usbohci.sys

21:12:56.0746 0480 usbohci - ok

21:12:56.0806 0480 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys

21:12:56.0889 0480 usbprint - ok

21:12:56.0925 0480 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys

21:12:57.0040 0480 usbscan - ok

21:12:57.0087 0480 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS

21:12:57.0193 0480 USBSTOR - ok

21:12:57.0252 0480 usbuhci (325dbbacb8a36af9988ccf40eac228cc) C:\Windows\system32\DRIVERS\usbuhci.sys

21:12:57.0352 0480 usbuhci - ok

21:12:57.0414 0480 UxSms (1509e705f3ac1d474c92454a5c2dd81f) C:\Windows\System32\uxsms.dll

21:12:57.0558 0480 UxSms - ok

21:12:57.0643 0480 vds (cd88d1b7776dc17a119049742ec07eb4) C:\Windows\System32\vds.exe

21:12:57.0851 0480 vds - ok

21:12:57.0884 0480 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys

21:12:57.0971 0480 vga - ok

21:12:58.0056 0480 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys

21:12:58.0156 0480 VgaSave - ok

21:12:58.0175 0480 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys

21:12:58.0215 0480 viaagp - ok

21:12:58.0255 0480 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys

21:12:58.0340 0480 ViaC7 - ok

21:12:58.0374 0480 viaide (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys

21:12:58.0413 0480 viaide - ok

21:12:58.0580 0480 Viewpoint Manager Service (5f974fde801c73952770736becde11e7) C:\Program Files\Viewpoint\Common\ViewpointService.exe

21:12:58.0687 0480 Viewpoint Manager Service ( UnsignedFile.Multi.Generic ) - warning

21:12:58.0687 0480 Viewpoint Manager Service - detected UnsignedFile.Multi.Generic (1)

21:12:58.0773 0480 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys

21:12:58.0820 0480 volmgr - ok

21:12:58.0907 0480 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys

21:12:58.0964 0480 volmgrx - ok

21:12:59.0044 0480 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys

21:12:59.0104 0480 volsnap - ok

21:12:59.0307 0480 vsapint (642eb152cb980ad9181b2161066be629) C:\Windows\system32\DRIVERS\vsapint.sys

21:12:59.0635 0480 vsapint - ok

21:12:59.0785 0480 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys

21:12:59.0887 0480 vsmraid - ok

21:13:00.0089 0480 VSS (db3d19f850c6eb32bdcb9bc0836acddb) C:\Windows\system32\vssvc.exe

21:13:00.0374 0480 VSS - ok

21:13:00.0403 0480 W32Time (96ea68b9eb310a69c25ebb0282b2b9de) C:\Windows\system32\w32time.dll

21:13:00.0457 0480 W32Time - ok

21:13:00.0510 0480 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys

21:13:00.0633 0480 WacomPen - ok

21:13:00.0691 0480 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys

21:13:00.0764 0480 Wanarp - ok

21:13:00.0768 0480 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys

21:13:00.0822 0480 Wanarpv6 - ok

21:13:00.0954 0480 wcncsvc (a3cd60fd826381b49f03832590e069af) C:\Windows\System32\wcncsvc.dll

21:13:01.0169 0480 wcncsvc - ok

21:13:01.0192 0480 WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll

21:13:01.0256 0480 WcsPlugInService - ok

21:13:01.0284 0480 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys

21:13:01.0332 0480 Wd - ok

21:13:01.0425 0480 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys

21:13:01.0671 0480 Wdf01000 - ok

21:13:01.0746 0480 WdiServiceHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll

21:13:01.0879 0480 WdiServiceHost - ok

21:13:01.0884 0480 WdiSystemHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll

21:13:01.0953 0480 WdiSystemHost - ok

21:13:02.0053 0480 WebClient (04c37d8107320312fbae09926103d5e2) C:\Windows\System32\webclnt.dll

21:13:02.0109 0480 WebClient - ok

21:13:02.0961 0480 WebrootSpySweeperService (36de9bb8535a25a35f1bd034b9235a44) C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe

21:13:03.0733 0480 WebrootSpySweeperService - ok

21:13:03.0973 0480 Wecsvc (ae3736e7e8892241c23e4ebbb7453b60) C:\Windows\system32\wecsvc.dll

21:13:04.0073 0480 Wecsvc - ok

21:13:04.0152 0480 wercplsupport (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll

21:13:04.0233 0480 wercplsupport - ok

21:13:04.0298 0480 WerSvc (32b88481d3b326da6deb07b1d03481e7) C:\Windows\System32\WerSvc.dll

21:13:04.0347 0480 WerSvc - ok

21:13:04.0500 0480 winachsf (72cc6a8ca7891031d6380db5025c773c) C:\Windows\system32\DRIVERS\HSX_CNXT.sys

21:13:04.0716 0480 winachsf ( UnsignedFile.Multi.Generic ) - warning

21:13:04.0716 0480 winachsf - detected UnsignedFile.Multi.Generic (1)

21:13:04.0870 0480 WinDefend (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll

21:13:04.0951 0480 WinDefend - ok

21:13:04.0960 0480 WinHttpAutoProxySvc - ok

21:13:05.0122 0480 Winmgmt (6b2a1d0e80110e3d04e6863c6e62fd8a) C:\Windows\system32\wbem\WMIsvc.dll

21:13:05.0182 0480 Winmgmt - ok

21:13:05.0438 0480 WinRM (7cfe68bdc065e55aa5e8421607037511) C:\Windows\system32\WsmSvc.dll

21:13:05.0747 0480 WinRM - ok

21:13:05.0901 0480 Wlansvc (c008405e4feeb069e30da1d823910234) C:\Windows\System32\wlansvc.dll

21:13:06.0093 0480 Wlansvc - ok

21:13:06.0207 0480 WmiAcpi (701a9f884a294327e9141d73746ee279) C:\Windows\system32\drivers\wmiacpi.sys

21:13:06.0343 0480 WmiAcpi - ok

21:13:06.0542 0480 wmiApSrv (43be3875207dcb62a85c8c49970b66cc) C:\Windows\system32\wbem\WmiApSrv.exe

21:13:06.0601 0480 wmiApSrv - ok

21:13:06.0912 0480 WMPNetworkSvc (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe

21:13:07.0170 0480 WMPNetworkSvc - ok

21:13:07.0312 0480 WPCSvc (cfc5a04558f5070cee3e3a7809f3ff52) C:\Windows\System32\wpcsvc.dll

21:13:07.0366 0480 WPCSvc - ok

21:13:07.0427 0480 WPDBusEnum (801fbdb89d472b3c467eb112a0fc9246) C:\Windows\system32\wpdbusenum.dll

21:13:07.0558 0480 WPDBusEnum - ok

21:13:07.0670 0480 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys

21:13:07.0739 0480 WpdUsb - ok

21:13:08.0126 0480 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe

21:13:08.0320 0480 WPFFontCache_v0400 - ok

21:13:08.0386 0480 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys

21:13:08.0467 0480 ws2ifsl - ok

21:13:08.0553 0480 wscsvc (1ca6c40261ddc0425987980d0cd2aaab) C:\Windows\System32\wscsvc.dll

21:13:08.0643 0480 wscsvc - ok

21:13:08.0647 0480 WSearch - ok

21:13:08.0924 0480 wuauserv (fc3ec24fce372c89423e015a2ac1a31e) C:\Windows\system32\wuaueng.dll

21:13:09.0250 0480 wuauserv - ok

21:13:09.0542 0480 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys

21:13:09.0634 0480 WUDFRd - ok

21:13:09.0706 0480 wudfsvc (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll

21:13:09.0813 0480 wudfsvc - ok

21:13:09.0888 0480 XAudio (dab33cfa9dd24251aaa389ff36b64d4b) C:\Windows\system32\DRIVERS\xaudio.sys

21:13:09.0985 0480 XAudio ( UnsignedFile.Multi.Generic ) - warning

21:13:09.0985 0480 XAudio - detected UnsignedFile.Multi.Generic (1)

21:13:10.0086 0480 XAudioService (cd5f291a1161f15896d1a4d63daff5df) C:\Windows\system32\DRIVERS\xaudio.exe

21:13:10.0249 0480 XAudioService ( UnsignedFile.Multi.Generic ) - warning

21:13:10.0249 0480 XAudioService - detected UnsignedFile.Multi.Generic (1)

21:13:10.0277 0480 MBR (0x1B8) (8913823ff508ccf109db74b636c301da) \Device\Harddisk0\DR0

21:13:10.0515 0480 \Device\Harddisk0\DR0 - ok

21:13:10.0525 0480 Boot (0x1200) (f937e2f96c401f9da824140cfc961c9f) \Device\Harddisk0\DR0\Partition0

21:13:10.0529 0480 \Device\Harddisk0\DR0\Partition0 - ok

21:13:10.0542 0480 Boot (0x1200) (adf9c7ec54075cc914fa147ee742adb4) \Device\Harddisk0\DR0\Partition1

21:13:10.0545 0480 \Device\Harddisk0\DR0\Partition1 - ok

21:13:10.0547 0480 ============================================================

21:13:10.0547 0480 Scan finished

21:13:10.0547 0480 ============================================================

21:13:10.0582 4392 Detected object count: 13

21:13:10.0582 4392 Actual detected object count: 13

21:18:08.0793 4392 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user

21:18:08.0793 4392 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip

21:18:08.0794 4392 hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user

21:18:08.0794 4392 hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip

21:18:08.0795 4392 HSF_DP ( UnsignedFile.Multi.Generic ) - skipped by user

21:18:08.0795 4392 HSF_DP ( UnsignedFile.Multi.Generic ) - User select action: Skip

21:18:08.0795 4392 HSXHWBS2 ( UnsignedFile.Multi.Generic ) - skipped by user

21:18:08.0795 4392 HSXHWBS2 ( UnsignedFile.Multi.Generic ) - User select action: Skip

21:18:08.0796 4392 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user

21:18:08.0796 4392 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip

21:18:08.0796 4392 Kodak AiO Status Monitor Service ( UnsignedFile.Multi.Generic ) - skipped by user

21:18:08.0796 4392 Kodak AiO Status Monitor Service ( UnsignedFile.Multi.Generic ) - User select action: Skip

21:18:08.0801 4392 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user

21:18:08.0801 4392 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip

21:18:08.0802 4392 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user

21:18:08.0802 4392 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip

21:18:08.0811 4392 USBAAPL ( UnsignedFile.Multi.Generic ) - skipped by user

21:18:08.0811 4392 USBAAPL ( UnsignedFile.Multi.Generic ) - User select action: Skip

21:18:08.0812 4392 Viewpoint Manager Service ( UnsignedFile.Multi.Generic ) - skipped by user

21:18:08.0812 4392 Viewpoint Manager Service ( UnsignedFile.Multi.Generic ) - User select action: Skip

21:18:08.0817 4392 winachsf ( UnsignedFile.Multi.Generic ) - skipped by user

21:18:08.0817 4392 winachsf ( UnsignedFile.Multi.Generic ) - User select action: Skip

21:18:08.0818 4392 XAudio ( UnsignedFile.Multi.Generic ) - skipped by user

21:18:08.0818 4392 XAudio ( UnsignedFile.Multi.Generic ) - User select action: Skip

21:18:08.0827 4392 XAudioService ( UnsignedFile.Multi.Generic ) - skipped by user

21:18:08.0827 4392 XAudioService ( UnsignedFile.Multi.Generic ) - User select action: Skip

Link to post
Share on other sites

That scan was clean........

Please download and run ComboFix.

The most important things to remember when running it is to disable all your malware programs and run Combofix from your desktop.

Please visit this webpage for download links, and instructions for running ComboFix

http://www.bleepingc...to-use-combofix

Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Information on disabling your malware programs can be found Here.

Make sure you run ComboFix from your desktop.

Give it at least 30-45 minutes to finish if needed.

Please include the C:\ComboFix.txt in your next reply for further review.

---------->NOTE<----------

If you get the message Illegal operation attempted on registry key that has been marked for deletion after you run ComboFix....please reboot the computer, this should resolve the problem. You may have to do this several times if needed.

MrC

Link to post
Share on other sites

ComboFix 12-07-31.06 - Owner 08/03/2012 13:56:20.1.2 - x86

Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.1918.740 [GMT -4:00]

Running from: c:\users\Owner\Downloads\ComboFix.exe

AV: Trend Micro AntiVirus *Disabled/Updated* {68F968AC-2AA0-091D-848C-803E83E35902}

SP: Trend Micro AntiVirus *Disabled/Updated* {D3988948-0C9A-0693-BE3C-BB4CF86413BF}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\users\Default\AppData\Roaming\DPInst.exe

c:\users\Default\AppData\Roaming\gacutil.exe

c:\users\Default\AppData\Roaming\PnPutil.exe

c:\users\Owner\AppData\Roaming\Ribaz\bosaic.exe

c:\windows\system32\service

c:\windows\system32\service\10112011_TIS17_SfFniAU.log

c:\windows\system32\service\27092010_TIS17_SfFniAU.log

.

.

((((((((((((((((((((((((( Files Created from 2012-07-03 to 2012-08-03 )))))))))))))))))))))))))))))))

.

.

2012-08-03 18:16 . 2012-08-03 18:16 -------- d-----w- c:\users\Default\AppData\Local\temp

2012-08-03 17:47 . 2012-08-03 17:47 -------- d-----w- c:\users\Owner\AppData\Roaming\CBS Interactive

2012-08-03 00:49 . 2012-08-03 00:49 -------- d-----w- c:\program files\Mozilla Maintenance Service

2012-08-03 00:49 . 2012-08-03 00:49 588728 ----a-w- c:\program files\Mozilla Firefox\gkmedias.dll

2012-08-03 00:49 . 2012-08-03 00:49 157352 ----a-w- c:\program files\Mozilla Firefox\maintenanceservice_installer.exe

2012-08-03 00:49 . 2012-08-03 00:49 129976 ----a-w- c:\program files\Mozilla Firefox\maintenanceservice.exe

2012-08-03 00:49 . 2012-08-03 00:49 43960 ----a-w- c:\program files\Mozilla Firefox\mozglue.dll

2012-08-01 22:48 . 2012-06-28 16:13 60416 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\EKAiO2PPR.dll

2012-07-30 11:04 . 2012-07-30 11:04 -------- d-----w- c:\users\Default\AppData\Roaming\KODAK AiO Home Center1259226498

2012-07-22 07:52 . 2012-06-13 13:40 2047488 ----a-w- c:\windows\system32\win32k.sys

2012-07-21 15:09 . 2012-07-21 15:09 -------- d-----w- c:\users\Owner\AppData\Local\Macromedia

2012-07-21 15:07 . 2012-08-03 00:33 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2012-07-21 14:07 . 2012-06-05 16:47 708608 ----a-w- c:\program files\Common Files\System\ado\msado15.dll

2012-07-21 14:07 . 2012-06-05 16:47 1401856 ----a-w- c:\windows\system32\msxml6.dll

2012-07-21 14:07 . 2012-06-05 16:47 1248768 ----a-w- c:\windows\system32\msxml3.dll

2012-07-21 14:06 . 2012-06-04 15:26 440704 ----a-w- c:\windows\system32\drivers\ksecdd.sys

2012-07-21 14:06 . 2012-06-02 00:04 278528 ----a-w- c:\windows\system32\schannel.dll

2012-07-21 14:06 . 2012-06-02 00:03 204288 ----a-w- c:\windows\system32\ncrypt.dll

2012-07-21 13:56 . 2012-07-21 13:56 -------- d-----w- c:\users\Owner\AppData\Roaming\Amazon

2012-07-21 13:50 . 2012-07-21 13:50 -------- d-----w- c:\program files\Amazon

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-08-03 00:33 . 2011-09-03 00:06 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-06-25 20:04 . 2012-06-25 20:04 1394248 ----a-w- c:\windows\system32\msxml4.dll

2012-06-12 13:48 . 2012-06-12 13:48 1371648 ----a-w- c:\windows\system32\EKAiO2MON.dll

2012-06-12 13:47 . 2012-06-12 13:47 160256 ----a-w- c:\windows\system32\EKAiO2COI09.dll

2012-06-02 22:19 . 2012-06-24 17:39 53784 ----a-w- c:\windows\system32\wuauclt.exe

2012-06-02 22:19 . 2012-06-24 17:39 45080 ----a-w- c:\windows\system32\wups2.dll

2012-06-02 22:19 . 2012-06-24 17:38 35864 ----a-w- c:\windows\system32\wups.dll

2012-06-02 22:19 . 2012-06-24 17:38 577048 ----a-w- c:\windows\system32\wuapi.dll

2012-06-02 22:19 . 2012-06-24 17:39 1933848 ----a-w- c:\windows\system32\wuaueng.dll

2012-06-02 22:12 . 2012-06-24 17:39 2422272 ----a-w- c:\windows\system32\wucltux.dll

2012-06-02 22:12 . 2012-06-24 17:38 88576 ----a-w- c:\windows\system32\wudriver.dll

2012-06-02 19:19 . 2012-06-24 17:37 171904 ----a-w- c:\windows\system32\wuwebv.dll

2012-06-02 19:12 . 2012-06-24 17:37 33792 ----a-w- c:\windows\system32\wuapp.exe

2012-05-28 15:33 . 2007-04-24 18:17 319456 ----a-w- c:\windows\DIFxAPI.dll

2012-08-03 00:49 . 2012-02-22 21:49 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RunSpySweeperScheduleAtStartup"="c:\program files\hewlett-packard\sdp\ceement\HPCEE.exe" [2007-03-07 86016]

"Verizon Media Manager"="c:\program files\Verizon\Verizon Media Manager\Release\Verizon Media Manager.exe" [2011-10-14 1499136]

"Spotify"="c:\users\Owner\AppData\Roaming\Spotify\spotify.exe" [2012-07-31 7601880]

"Spotify Web Helper"="c:\users\Owner\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2012-07-31 1193176]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-01-07 1394000]

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-09-01 421160]

"Conime"="c:\windows\system32\conime.exe" [2009-04-11 69120]

"RIMBBLaunchAgent.exe"="c:\program files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe" [2011-02-18 79192]

"NBAgent"="c:\program files\Nero\Nero 11\Nero BackItUp\NBAgent.exe" [2011-09-20 1493288]

"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-31 59280]

"SpySweeper"="c:\program files\Webroot\Spy Sweeper\SpySweeperUI.exe" [2008-01-05 5367664]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]

"Launcher"="c:\windows\SMINST\launcher.exe" [2007-03-07 44168]

.

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"KodakHomeCenter"="c:\program files\Kodak\AiO\Center\AiOHomeCenter.exe" [2012-06-19 2234840]

.

c:\users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

CNET TechTracker.lnk - c:\users\Owner\AppData\Roaming\CBS Interactive\CNET TechTracker\TechTracker.exe [2011-8-30 2620416]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\MRI_DISABLED

Snapfish Media Detector.lnk - c:\program files\Snapfish Media Detector\SnapfishMediaDetector.exe [N/A]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableUIADesktopToggle"= 0 (0x0)

"EnableLinkedConnections"= 1 (0x1)

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WebrootSpySweeperService]

@="Service"

.

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]

path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk

backup=c:\windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup

backupExtension=.CommonStartup

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]

2006-12-11 01:52 49152 ----a-w- c:\program files\HP\HP Software Update\hpwuSchd2.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]

2008-01-19 07:38 1008184 ----a-w- c:\program files\Windows Defender\MSASCui.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]

"Symantec Core LC"=3 (0x3)

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]

"DisableMonitoring"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]

"DisableMonitoring"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]

"DisableMonitoring"=dword:00000001

.

R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x]

S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [x]

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12

hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache

.

Contents of the 'Scheduled Tasks' folder

.

2012-08-03 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-21 00:33]

.

2012-07-21 c:\windows\Tasks\HPCeeScheduleForOwner.job

- c:\program files\hewlett-packard\sdp\ceement\HPCEE.exe [2007-04-24 18:56]

.

2012-08-03 c:\windows\Tasks\Norton Security Scan for Owner.job

- c:\progra~1\NORTON~2\Engine\361~1.11\Nss.exe [2012-01-25 07:47]

.

2012-05-28 c:\windows\Tasks\wrSpySweeper_LCA0725880A47433EA0C2321B23CBCACC.job

- c:\program files\Webroot\Spy Sweeper\SpySweeperUI.exe [2007-10-02 00:56]

.

2012-05-28 c:\windows\Tasks\wrSpySweeper_LCA0725880A47433EA0C2321B23CBCACC.job

- c:\program files\Webroot\Spy Sweeper\SpySweeperUI.exe [2007-10-02 00:56]

.

.

------- Supplementary Scan -------

.

uStart Page = hxxp://www.myspace.com/

mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=73&bd=Pavilion&pf=desktop

uInternet Settings,ProxyOverride = <local>;*.local

IE: &AIM Toolbar Search - c:\programdata\AIM Toolbar\ieToolbar\resources\en-US\local\search.html

IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000

TCP: DhcpNameServer = 192.168.1.1 68.238.112.12

FF - ProfilePath - c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\rntmox69.default\

FF - prefs.js: browser.search.defaulturl - hxxp://search.aol.com/search/search?query={searchTerms}&invocationType=tb50-ff-aimright-chromesbox-en-us&tb_uuid=20120220014518212&tb_oid=20-08-2009&tb_mrud=21-07-2012

FF - prefs.js: browser.startup.homepage - hxxp://www.aol.com/?mtmhp=hyplogusaolp00000013

FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2786678&q=

FF - user.js: network.cookie.cookieBehavior - 0

FF - user.js: privacy.clearOnShutdown.cookies - false

FF - user.js: security.warn_viewing_mixed - false

FF - user.js: security.warn_viewing_mixed.show_once - false

FF - user.js: security.warn_submit_insecure - false

FF - user.js: security.warn_submit_insecure.show_once - false

.

- - - - ORPHANS REMOVED - - - -

.

WebBrowser-{977AE9CC-AF83-45E8-9E03-E2798216E2D5} - (no file)

WebBrowser-{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - (no file)

HKCU-Run-{8851B142-7EF1-5E95-C75F-F9CF1D88C315} - c:\users\Owner\AppData\Roaming\Ribaz\bosaic.exe

MSConfigStartUp-SnapfishMediaDetector - c:\program files\Snapfish Media Detector\SnapfishMediaDetector.exe

.

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2012-08-03 14:16

Windows 6.0.6002 Service Pack 2 NTFS

.

scanning hidden processes ...

.

scanning hidden autostart entries ...

.

scanning hidden files ...

.

scan completed successfully

hidden files: 0

.

**************************************************************************

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\PCD5SRVC{BD6912E3-AC9D80E8-05010004}]

"ImagePath"="\??\c:\progra~1\pc-doc~1\PCD5SRVC.pkms"

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

Completion time: 2012-08-03 14:21:37

ComboFix-quarantined-files.txt 2012-08-03 18:21

.

Pre-Run: 28,400,316,416 bytes free

Post-Run: 28,357,410,816 bytes free

.

- - End Of File - - 5CCE461C881204920BFE62B64790BFC4

Link to post
Share on other sites

Everything seems to be running very well now. Below is the report, which found nothing. Thank you for all of your help.

Malwarebytes' Anti-Malware 1.44

Database version: 3835

Windows 6.0.6002 Service Pack 2

Internet Explorer 9.0.8112.16421

8/5/2012 10:34:40 AM

mbam-log-2012-08-05 (10-34-40).txt

Scan type: Quick Scan

Objects scanned: 107845

Time elapsed: 13 minute(s), 37 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

Link to post
Share on other sites

Great thumbsup.gif

A little clean up to do....

Please Uninstall ComboFix: (if you used it)

Press the Windows logo key + R to bring up the "run box"

Copy and paste next command in the field:

ComboFix /uninstall

Make sure there's a space between Combofix and /

cf2.jpg

Then hit enter.

This will uninstall Combofix, delete its related folders and files, hide file extensions, hide the system/hidden files and clears System Restore cache and create new Restore point

(If that doesn't work.....you can simply rename ComboFix.exe to Uninstall.exe and double click it to complete the uninstall)

---------------------------------

Please download OTL from one of the links below: (you may already have OTL on the system)

http://oldtimer.geekstogo.com/OTL.exe

http://oldtimer.geekstogo.com/OTL.com

http://www.itxassociates.com/OT-Tools/OTL.exe

Save it to your desktop.

Run OTL and hit the CleanUp button. (This will cleanup the tools and logs used including itself)

Any other programs or logs you can manually delete.

IE: RogueKiller.exe, RKreport.txt, RK_Quarantine folder, etc....

-------------------------------

Any questions...please post back.

If you think I've helped you, please leave a comment > click on my avatar picture > click Profile Feed.

Take a look at My Preventive Maintenance to avoid being infected again.

Good Luck and Thanks for using the forum, MrC

Link to post
Share on other sites

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.