mullerfour

Members

View Profile See their activity

Posts
5
Joined
June 17, 2012
Last visited
June 23, 2012

Content Type

All Activity

Events

Profiles

Forums

Topics
Posts

Everything posted by mullerfour

please help!

mullerfour replied to mullerfour's topic in Resolved Malware Removal Logs

Hello! Things still seem ok - no IP blocks, nothing found by anti-virus or Malwarebytes. I read the article and have taken some further steps to protect my computer. FYI, the browser security test link at the end of the article is no longer active.... I appear to have been cured! Again, I am extremely grateful for your guidance and assistance!
- June 21, 2012
- 10 replies
please help!

mullerfour replied to mullerfour's topic in Resolved Malware Removal Logs

OK, updated the Java and deleted the files per your instruction. All my scans come up clean, and there have been no IP blocks or anything - am I cured? I owe you a beer, for sure!
- June 20, 2012
- 10 replies
please help!

mullerfour replied to mullerfour's topic in Resolved Malware Removal Logs

Hello! OK. I uninstalled MSE. Scanned with Webroot and Malwarebytes (after updating), and am posting the malwarebytes log file, and the checkup.txt that you had me do. It won't let me post the webroot log file - too long? Awaiting further instruction...... Thank yoU! Malwarebytes Anti-Malware (Trial) 1.61.0.1400 www.malwarebytes.org Database version: v2012.06.19.06 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 four :: FOUR-HP [administrator] Protection: Enabled 6/19/2012 3:19:10 PM mbam-log-2012-06-19 (15-19-10).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 286516 Time elapsed: 5 minute(s), 6 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) Results of screen317's Security Check version 0.99.42 Windows 7 Service Pack 1 x64 (UAC is disabled!) Internet Explorer 9 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! Webroot SecureAnywhere Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware version 1.61.0.1400 Java 6 Update 30 Java version out of Date! Adobe Reader X (10.1.3) Google Chrome 19.0.1084.52 Google Chrome 19.0.1084.56 ````````Process Check: objlist.exe by Laurent```````` Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbamgui.exe Symantec Norton Online Backup NOBuAgent.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: 0% ````````````````````End of Log``````````````````````
- June 19, 2012
- 10 replies
please help!

mullerfour replied to mullerfour's topic in Resolved Malware Removal Logs

Thank you so much for your help. I hope I am doing this right. When the scan completed, there were some "unsigned files" and the default action was skip. There was also something for which the default was "cure" - I didn't change anything, just hit continue. It asked me to reboot, and I managed to find this log - I hope it is what I am supposed to be sending? I really appreciate your assistance.... 17:42:18.0412 13568 TDSS rootkit removing tool 2.7.40.0 Jun 15 2012 15:13:31 17:42:18.0802 13568 ============================================================ 17:42:18.0802 13568 Current date / time: 2012/06/18 17:42:18.0802 17:42:18.0802 13568 SystemInfo: 17:42:18.0802 13568 17:42:18.0802 13568 OS Version: 6.1.7601 ServicePack: 1.0 17:42:18.0802 13568 Product type: Workstation 17:42:18.0802 13568 ComputerName: FOUR-HP 17:42:18.0802 13568 UserName: four 17:42:18.0802 13568 Windows directory: C:\Windows 17:42:18.0802 13568 System windows directory: C:\Windows 17:42:18.0802 13568 Running under WOW64 17:42:18.0802 13568 Processor architecture: Intel x64 17:42:18.0802 13568 Number of processors: 4 17:42:18.0802 13568 Page size: 0x1000 17:42:18.0802 13568 Boot type: Normal boot 17:42:18.0802 13568 ============================================================ 17:42:19.0129 13568 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 17:42:19.0160 13568 ============================================================ 17:42:19.0160 13568 \Device\Harddisk0\DR0: 17:42:19.0160 13568 MBR partitions: 17:42:19.0160 13568 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000 17:42:19.0160 13568 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x72E8D000 17:42:19.0160 13568 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x72EBF800, BlocksNum 0x1846800 17:42:19.0160 13568 ============================================================ 17:42:19.0192 13568 C: <-> \Device\Harddisk0\DR0\Partition1 17:42:19.0238 13568 D: <-> \Device\Harddisk0\DR0\Partition2 17:42:19.0238 13568 ============================================================ 17:42:19.0238 13568 Initialize success 17:42:19.0238 13568 ============================================================ 17:42:26.0758 17704 ============================================================ 17:42:26.0758 17704 Scan started 17:42:26.0758 17704 Mode: Manual; SigCheck; TDLFS; 17:42:26.0758 17704 ============================================================ 17:42:27.0709 17704 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys 17:42:27.0881 17704 1394ohci - ok 17:42:27.0974 17704 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys 17:42:27.0974 17704 ACPI - ok 17:42:28.0021 17704 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys 17:42:28.0146 17704 AcpiPmi - ok 17:42:28.0271 17704 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 17:42:28.0286 17704 AdobeARMservice - ok 17:42:28.0583 17704 AdobeFlashPlayerUpdateSvc (f3cd7b20b27d1772c946df993ff3635c) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 17:42:28.0598 17704 AdobeFlashPlayerUpdateSvc - ok 17:42:28.0676 17704 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys 17:42:28.0708 17704 adp94xx - ok 17:42:28.0754 17704 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys 17:42:28.0786 17704 adpahci - ok 17:42:28.0801 17704 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys 17:42:28.0817 17704 adpu320 - ok 17:42:28.0848 17704 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll 17:42:28.0988 17704 AeLookupSvc - ok 17:42:29.0066 17704 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys 17:42:29.0082 17704 AFD - ok 17:42:29.0129 17704 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys 17:42:29.0144 17704 agp440 - ok 17:42:29.0160 17704 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe 17:42:29.0238 17704 ALG - ok 17:42:29.0254 17704 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys 17:42:29.0269 17704 aliide - ok 17:42:29.0347 17704 AMD External Events Utility (20c8a3e435a47f0408a1ea674afa6194) C:\Windows\system32\atiesrxx.exe 17:42:29.0441 17704 AMD External Events Utility - ok 17:42:29.0472 17704 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys 17:42:29.0472 17704 amdide - ok 17:42:29.0503 17704 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys 17:42:29.0534 17704 AmdK8 - ok 17:42:30.0205 17704 amdkmdag (0b45c18b0f3ee996d25baa4e74884b83) C:\Windows\system32\DRIVERS\atikmdag.sys 17:42:30.0424 17704 amdkmdag - ok 17:42:30.0642 17704 amdkmdap (0e57258e5cc4cc7a9a9a877afdf0cec6) C:\Windows\system32\DRIVERS\atikmpag.sys 17:42:30.0704 17704 amdkmdap - ok 17:42:30.0736 17704 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys 17:42:30.0782 17704 AmdPPM - ok 17:42:30.0845 17704 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys 17:42:30.0860 17704 amdsata - ok 17:42:30.0892 17704 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys 17:42:30.0907 17704 amdsbs - ok 17:42:30.0923 17704 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys 17:42:30.0938 17704 amdxata - ok 17:42:30.0985 17704 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys 17:42:31.0126 17704 AppID - ok 17:42:31.0141 17704 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll 17:42:31.0219 17704 AppIDSvc - ok 17:42:31.0282 17704 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll 17:42:31.0360 17704 Appinfo - ok 17:42:31.0453 17704 Apple Mobile Device (018857ead9a077a56aedfc0e5ef7a24a) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 17:42:31.0469 17704 Apple Mobile Device - ok 17:42:31.0500 17704 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys 17:42:31.0516 17704 arc - ok 17:42:31.0531 17704 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys 17:42:31.0547 17704 arcsas - ok 17:42:31.0656 17704 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe 17:42:31.0672 17704 aspnet_state - ok 17:42:31.0703 17704 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 17:42:31.0750 17704 AsyncMac - ok 17:42:31.0796 17704 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys 17:42:31.0812 17704 atapi - ok 17:42:31.0843 17704 AtiHdmiService (637e0753bd6deb8ea5314a5c357ec1a0) C:\Windows\system32\drivers\AtiHdmi.sys 17:42:31.0859 17704 AtiHdmiService - ok 17:42:31.0952 17704 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll 17:42:32.0046 17704 AudioEndpointBuilder - ok 17:42:32.0062 17704 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll 17:42:32.0093 17704 AudioSrv - ok 17:42:32.0155 17704 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll 17:42:32.0233 17704 AxInstSV - ok 17:42:32.0280 17704 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys 17:42:32.0327 17704 b06bdrv - ok 17:42:32.0374 17704 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys 17:42:32.0420 17704 b57nd60a - ok 17:42:32.0530 17704 BBSvc (dbf43db0c648db9101d61041e00df5c4) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE 17:42:32.0561 17704 BBSvc - ok 17:42:32.0576 17704 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll 17:42:32.0592 17704 BDESVC - ok 17:42:32.0608 17704 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 17:42:32.0670 17704 Beep - ok 17:42:32.0748 17704 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll 17:42:32.0826 17704 BFE - ok 17:42:32.0920 17704 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll 17:42:32.0998 17704 BITS - ok 17:42:33.0060 17704 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys 17:42:33.0060 17704 blbdrive - ok 17:42:33.0154 17704 Bonjour Service (f832f1505ad8b83474bd9a5b1b985e01) C:\Program Files (x86)\Bonjour\mDNSResponder.exe 17:42:33.0169 17704 Bonjour Service - ok 17:42:33.0232 17704 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys 17:42:33.0263 17704 bowser - ok 17:42:33.0278 17704 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys 17:42:33.0325 17704 BrFiltLo - ok 17:42:33.0341 17704 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys 17:42:33.0356 17704 BrFiltUp - ok 17:42:33.0419 17704 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll 17:42:33.0481 17704 Browser - ok 17:42:33.0512 17704 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 17:42:33.0559 17704 Brserid - ok 17:42:33.0575 17704 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 17:42:33.0590 17704 BrSerWdm - ok 17:42:33.0622 17704 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 17:42:33.0653 17704 BrUsbMdm - ok 17:42:33.0668 17704 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 17:42:33.0700 17704 BrUsbSer - ok 17:42:33.0715 17704 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys 17:42:33.0746 17704 BTHMODEM - ok 17:42:33.0793 17704 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll 17:42:33.0856 17704 bthserv - ok 17:42:33.0902 17704 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 17:42:33.0949 17704 cdfs - ok 17:42:34.0012 17704 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys 17:42:34.0043 17704 cdrom - ok 17:42:34.0121 17704 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll 17:42:34.0214 17704 CertPropSvc - ok 17:42:34.0292 17704 CinemaNow Service (ea3333db9ab03106eec0d6d9d487ed01) C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe 17:42:34.0308 17704 CinemaNow Service - ok 17:42:34.0339 17704 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys 17:42:34.0386 17704 circlass - ok 17:42:34.0448 17704 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 17:42:34.0480 17704 CLFS - ok 17:42:34.0558 17704 CLKMSVC10_C6F09094 (dede5ec7dc09d840d5d74e06ff4de127) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\Kernel\HDDVD\NavFilter\kmsvc.exe 17:42:34.0573 17704 CLKMSVC10_C6F09094 - ok 17:42:34.0667 17704 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 17:42:34.0682 17704 clr_optimization_v2.0.50727_32 - ok 17:42:34.0714 17704 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 17:42:34.0714 17704 clr_optimization_v2.0.50727_64 - ok 17:42:34.0807 17704 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 17:42:34.0823 17704 clr_optimization_v4.0.30319_32 - ok 17:42:34.0854 17704 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 17:42:34.0870 17704 clr_optimization_v4.0.30319_64 - ok 17:42:34.0948 17704 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys 17:42:34.0979 17704 CmBatt - ok 17:42:35.0010 17704 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys 17:42:35.0041 17704 cmdide - ok 17:42:35.0119 17704 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys 17:42:35.0150 17704 CNG - ok 17:42:35.0182 17704 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys 17:42:35.0197 17704 Compbatt - ok 17:42:35.0213 17704 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys 17:42:35.0244 17704 CompositeBus - ok 17:42:35.0244 17704 COMSysApp - ok 17:42:35.0260 17704 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys 17:42:35.0275 17704 crcdisk - ok 17:42:35.0338 17704 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll 17:42:35.0369 17704 CryptSvc - ok 17:42:35.0525 17704 cvhsvc (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE 17:42:35.0556 17704 cvhsvc - ok 17:42:35.0712 17704 DCamUSBVM (6e53d1058b900443949c69ec6215d98f) C:\Windows\system32\Drivers\usbVM31b.sys 17:42:35.0806 17704 DCamUSBVM - ok 17:42:35.0946 17704 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll 17:42:35.0993 17704 DcomLaunch - ok 17:42:36.0024 17704 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll 17:42:36.0086 17704 defragsvc - ok 17:42:36.0164 17704 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys 17:42:36.0227 17704 DfsC - ok 17:42:36.0305 17704 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll 17:42:36.0383 17704 Dhcp - ok 17:42:36.0414 17704 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 17:42:36.0476 17704 discache - ok 17:42:36.0508 17704 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys 17:42:36.0539 17704 Disk - ok 17:42:36.0586 17704 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll 17:42:36.0632 17704 Dnscache - ok 17:42:36.0695 17704 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll 17:42:36.0757 17704 dot3svc - ok 17:42:36.0757 17704 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll 17:42:36.0804 17704 DPS - ok 17:42:36.0820 17704 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 17:42:36.0835 17704 drmkaud - ok 17:42:36.0960 17704 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys 17:42:36.0976 17704 DXGKrnl - ok 17:42:37.0038 17704 EagleX64 - ok 17:42:37.0069 17704 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll 17:42:37.0132 17704 EapHost - ok 17:42:37.0444 17704 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys 17:42:37.0537 17704 ebdrv - ok 17:42:37.0646 17704 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe 17:42:37.0740 17704 EFS - ok 17:42:37.0834 17704 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe 17:42:37.0912 17704 ehRecvr - ok 17:42:37.0943 17704 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe 17:42:38.0005 17704 ehSched - ok 17:42:38.0083 17704 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys 17:42:38.0114 17704 elxstor - ok 17:42:38.0161 17704 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys 17:42:38.0192 17704 ErrDev - ok 17:42:38.0224 17704 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll 17:42:38.0317 17704 EventSystem - ok 17:42:38.0348 17704 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 17:42:38.0380 17704 exfat - ok 17:42:38.0411 17704 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 17:42:38.0458 17704 fastfat - ok 17:42:38.0551 17704 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe 17:42:38.0614 17704 Fax - ok 17:42:38.0629 17704 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys 17:42:38.0660 17704 fdc - ok 17:42:38.0692 17704 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll 17:42:38.0770 17704 fdPHost - ok 17:42:38.0801 17704 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll 17:42:38.0879 17704 FDResPub - ok 17:42:38.0894 17704 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 17:42:38.0910 17704 FileInfo - ok 17:42:38.0926 17704 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 17:42:38.0972 17704 Filetrace - ok 17:42:38.0988 17704 fkxltbee - ok 17:42:39.0097 17704 FlipShare Service (b8602c90d3c427d8a86ce60437615cf5) C:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exe 17:42:39.0113 17704 FlipShare Service - ok 17:42:39.0222 17704 FlipShareServer (ac5fb7094f31534594cae48306972cbd) C:\Program Files (x86)\Flip Video\FlipShareServer\FlipShareServer.exe 17:42:39.0269 17704 FlipShareServer ( UnsignedFile.Multi.Generic ) - warning 17:42:39.0269 17704 FlipShareServer - detected UnsignedFile.Multi.Generic (1) 17:42:39.0362 17704 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys 17:42:39.0378 17704 flpydisk - ok 17:42:39.0425 17704 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys 17:42:39.0456 17704 FltMgr - ok 17:42:39.0565 17704 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll 17:42:39.0643 17704 FontCache - ok 17:42:39.0706 17704 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 17:42:39.0721 17704 FontCache3.0.0.0 - ok 17:42:39.0768 17704 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 17:42:39.0784 17704 FsDepends - ok 17:42:39.0830 17704 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys 17:42:39.0846 17704 Fs_Rec - ok 17:42:39.0846 17704 ftejopyi - ok 17:42:39.0908 17704 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys 17:42:39.0924 17704 fvevol - ok 17:42:39.0955 17704 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys 17:42:39.0971 17704 gagp30kx - ok 17:42:40.0127 17704 GamesAppService (c403c5db49a0f9aaf4f2128edc0106d8) C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe 17:42:40.0142 17704 GamesAppService - ok 17:42:40.0174 17704 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 17:42:40.0189 17704 GEARAspiWDM - ok 17:42:40.0283 17704 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll 17:42:40.0361 17704 gpsvc - ok 17:42:40.0470 17704 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 17:42:40.0486 17704 gupdate - ok 17:42:40.0517 17704 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 17:42:40.0532 17704 gupdatem - ok 17:42:40.0548 17704 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe 17:42:40.0564 17704 gusvc - ok 17:42:40.0564 17704 Hardlock - ok 17:42:40.0579 17704 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 17:42:40.0657 17704 hcw85cir - ok 17:42:40.0720 17704 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys 17:42:40.0751 17704 HdAudAddService - ok 17:42:40.0782 17704 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys 17:42:40.0829 17704 HDAudBus - ok 17:42:40.0876 17704 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys 17:42:40.0891 17704 HECIx64 - ok 17:42:40.0907 17704 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys 17:42:40.0922 17704 HidBatt - ok 17:42:40.0954 17704 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys 17:42:40.0969 17704 HidBth - ok 17:42:40.0985 17704 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys 17:42:41.0016 17704 HidIr - ok 17:42:41.0047 17704 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll 17:42:41.0110 17704 hidserv - ok 17:42:41.0172 17704 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys 17:42:41.0188 17704 HidUsb - ok 17:42:41.0234 17704 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll 17:42:41.0312 17704 hkmsvc - ok 17:42:41.0375 17704 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll 17:42:41.0422 17704 HomeGroupListener - ok 17:42:41.0468 17704 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll 17:42:41.0500 17704 HomeGroupProvider - ok 17:42:41.0578 17704 HP Health Check Service (be78357fb49759b79ccc01894bcfdddb) C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe 17:42:41.0593 17704 HP Health Check Service - ok 17:42:41.0656 17704 HPDrvMntSvc.exe (2dfb151fd34df104dac0adf070eda83c) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe 17:42:41.0671 17704 HPDrvMntSvc.exe - ok 17:42:41.0734 17704 hpqwmiex (184c500cb9f69585f3fe85e1d2667cd8) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe 17:42:41.0765 17704 hpqwmiex - ok 17:42:41.0827 17704 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys 17:42:41.0843 17704 HpSAMD - ok 17:42:41.0936 17704 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys 17:42:42.0030 17704 HTTP - ok 17:42:42.0077 17704 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys 17:42:42.0077 17704 hwpolicy - ok 17:42:42.0170 17704 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys 17:42:42.0186 17704 i8042prt - ok 17:42:42.0248 17704 iaStor (abbf174cb394f5c437410a788b7e404a) C:\Windows\system32\DRIVERS\iaStor.sys 17:42:42.0264 17704 iaStor - ok 17:42:42.0389 17704 IAStorDataMgrSvc (31a0e93cdf29007d6c6fffb632f375ed) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe 17:42:42.0404 17704 IAStorDataMgrSvc - ok 17:42:42.0514 17704 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys 17:42:42.0560 17704 iaStorV - ok 17:42:42.0685 17704 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe 17:42:42.0685 17704 IDriverT ( UnsignedFile.Multi.Generic ) - warning 17:42:42.0685 17704 IDriverT - detected UnsignedFile.Multi.Generic (1) 17:42:42.0857 17704 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 17:42:42.0888 17704 idsvc - ok 17:42:42.0966 17704 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys 17:42:42.0982 17704 iirsp - ok 17:42:43.0091 17704 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll 17:42:43.0184 17704 IKEEXT - ok 17:42:43.0340 17704 IntcAzAudAddService (2b888bbdf6962e608a5e1a1d7a626adf) C:\Windows\system32\drivers\RTKVHD64.sys 17:42:43.0387 17704 IntcAzAudAddService - ok 17:42:43.0543 17704 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys 17:42:43.0574 17704 intelide - ok 17:42:43.0606 17704 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys 17:42:43.0637 17704 intelppm - ok 17:42:43.0652 17704 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll 17:42:43.0699 17704 IPBusEnum - ok 17:42:43.0746 17704 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys 17:42:43.0808 17704 IpFilterDriver - ok 17:42:43.0902 17704 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll 17:42:43.0980 17704 iphlpsvc - ok 17:42:44.0058 17704 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys 17:42:44.0089 17704 IPMIDRV - ok 17:42:44.0152 17704 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 17:42:44.0230 17704 IPNAT - ok 17:42:44.0354 17704 iPod Service (9b812a3484d89eb934982d67fb7d9313) C:\Program Files\iPod\bin\iPodService.exe 17:42:44.0370 17704 iPod Service - ok 17:42:44.0386 17704 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 17:42:44.0432 17704 IRENUM - ok 17:42:44.0479 17704 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys 17:42:44.0479 17704 isapnp - ok 17:42:44.0510 17704 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys 17:42:44.0526 17704 iScsiPrt - ok 17:42:44.0542 17704 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys 17:42:44.0557 17704 kbdclass - ok 17:42:44.0573 17704 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys 17:42:44.0604 17704 kbdhid - ok 17:42:44.0651 17704 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 17:42:44.0666 17704 KeyIso - ok 17:42:44.0698 17704 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys 17:42:44.0698 17704 KSecDD - ok 17:42:44.0729 17704 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys 17:42:44.0744 17704 KSecPkg - ok 17:42:44.0760 17704 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 17:42:44.0807 17704 ksthunk - ok 17:42:44.0869 17704 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll 17:42:44.0916 17704 KtmRm - ok 17:42:44.0994 17704 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll 17:42:45.0041 17704 LanmanServer - ok 17:42:45.0088 17704 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll 17:42:45.0134 17704 LanmanWorkstation - ok 17:42:45.0212 17704 LightScribeService (7550d101bf49fdb1f92666a233ee36c4) c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe 17:42:45.0228 17704 LightScribeService ( UnsignedFile.Multi.Generic ) - warning 17:42:45.0228 17704 LightScribeService - detected UnsignedFile.Multi.Generic (1) 17:42:45.0228 17704 llqyqiad - ok 17:42:45.0259 17704 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 17:42:45.0337 17704 lltdio - ok 17:42:45.0384 17704 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll 17:42:45.0446 17704 lltdsvc - ok 17:42:45.0462 17704 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll 17:42:45.0493 17704 lmhosts - ok 17:42:45.0556 17704 LMS (e38775922d4a4c05b5d96733ab4ce169) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe 17:42:45.0587 17704 LMS - ok 17:42:45.0634 17704 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys 17:42:45.0649 17704 LSI_FC - ok 17:42:45.0665 17704 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys 17:42:45.0680 17704 LSI_SAS - ok 17:42:45.0696 17704 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys 17:42:45.0696 17704 LSI_SAS2 - ok 17:42:45.0727 17704 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys 17:42:45.0727 17704 LSI_SCSI - ok 17:42:45.0758 17704 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 17:42:45.0790 17704 luafv - ok 17:42:45.0852 17704 LVRS64 (0c85b2b6fb74b36a251792d45e0ef860) C:\Windows\system32\DRIVERS\lvrs64.sys 17:42:45.0868 17704 LVRS64 - ok 17:42:46.0180 17704 LVUVC64 (ff3a488924b0032b1a9ca6948c1fa9e8) C:\Windows\system32\DRIVERS\lvuvc64.sys 17:42:46.0258 17704 LVUVC64 - ok 17:42:46.0429 17704 MBAMProtector (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys 17:42:46.0445 17704 MBAMProtector - ok 17:42:46.0492 17704 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe 17:42:46.0507 17704 MBAMService - ok 17:42:46.0554 17704 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll 17:42:46.0570 17704 Mcx2Svc - ok 17:42:46.0601 17704 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys 17:42:46.0601 17704 megasas - ok 17:42:46.0632 17704 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys 17:42:46.0632 17704 MegaSR - ok 17:42:46.0648 17704 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 17:42:46.0679 17704 MMCSS - ok 17:42:46.0694 17704 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 17:42:46.0741 17704 Modem - ok 17:42:46.0757 17704 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 17:42:46.0804 17704 monitor - ok 17:42:46.0928 17704 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys 17:42:46.0928 17704 mouclass - ok 17:42:46.0975 17704 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 17:42:47.0006 17704 mouhid - ok 17:42:47.0053 17704 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys 17:42:47.0069 17704 mountmgr - ok 17:42:47.0162 17704 MpFilter (94c66ededcdb6a126880472f9a704d8e) C:\Windows\system32\DRIVERS\MpFilter.sys 17:42:47.0194 17704 MpFilter - ok 17:42:47.0225 17704 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys 17:42:47.0240 17704 mpio - ok 17:42:47.0287 17704 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 17:42:47.0303 17704 mpsdrv - ok 17:42:47.0396 17704 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll 17:42:47.0459 17704 MpsSvc - ok 17:42:47.0506 17704 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys 17:42:47.0537 17704 MRxDAV - ok 17:42:47.0599 17704 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys 17:42:47.0630 17704 mrxsmb - ok 17:42:47.0677 17704 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys 17:42:47.0740 17704 mrxsmb10 - ok 17:42:47.0771 17704 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys 17:42:47.0786 17704 mrxsmb20 - ok 17:42:47.0833 17704 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys 17:42:47.0864 17704 msahci - ok 17:42:47.0896 17704 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys 17:42:47.0927 17704 msdsm - ok 17:42:47.0974 17704 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe 17:42:48.0005 17704 MSDTC - ok 17:42:48.0036 17704 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 17:42:48.0067 17704 Msfs - ok 17:42:48.0083 17704 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 17:42:48.0114 17704 mshidkmdf - ok 17:42:48.0130 17704 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys 17:42:48.0145 17704 msisadrv - ok 17:42:48.0176 17704 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll 17:42:48.0223 17704 MSiSCSI - ok 17:42:48.0223 17704 msiserver - ok 17:42:48.0239 17704 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 17:42:48.0286 17704 MSKSSRV - ok 17:42:48.0364 17704 MsMpSvc (59faaf2c83c8169ea20f9e335e418907) c:\Program Files\Microsoft Security Client\MsMpEng.exe 17:42:48.0379 17704 MsMpSvc - ok 17:42:48.0395 17704 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 17:42:48.0457 17704 MSPCLOCK - ok 17:42:48.0457 17704 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 17:42:48.0504 17704 MSPQM - ok 17:42:48.0566 17704 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys 17:42:48.0582 17704 MsRPC - ok 17:42:48.0629 17704 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys 17:42:48.0644 17704 mssmbios - ok 17:42:48.0660 17704 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 17:42:48.0707 17704 MSTEE - ok 17:42:48.0722 17704 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys 17:42:48.0722 17704 MTConfig - ok 17:42:48.0738 17704 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 17:42:48.0769 17704 Mup - ok 17:42:48.0847 17704 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll 17:42:48.0910 17704 napagent - ok 17:42:48.0988 17704 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 17:42:49.0034 17704 NativeWifiP - ok 17:42:49.0112 17704 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys 17:42:49.0144 17704 NDIS - ok 17:42:49.0159 17704 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 17:42:49.0190 17704 NdisCap - ok 17:42:49.0206 17704 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 17:42:49.0237 17704 NdisTapi - ok 17:42:49.0284 17704 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys 17:42:49.0362 17704 Ndisuio - ok 17:42:49.0409 17704 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys 17:42:49.0487 17704 NdisWan - ok 17:42:49.0518 17704 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys 17:42:49.0565 17704 NDProxy - ok 17:42:49.0580 17704 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 17:42:49.0643 17704 NetBIOS - ok 17:42:49.0690 17704 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys 17:42:49.0752 17704 NetBT - ok 17:42:49.0799 17704 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 17:42:49.0799 17704 Netlogon - ok 17:42:49.0861 17704 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll 17:42:49.0924 17704 Netman - ok 17:42:50.0033 17704 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 17:42:50.0048 17704 NetMsmqActivator - ok 17:42:50.0048 17704 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 17:42:50.0064 17704 NetPipeActivator - ok 17:42:50.0111 17704 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll 17:42:50.0173 17704 netprofm - ok 17:42:50.0267 17704 netr28x (064ab63c9a588d2611306ae16d017e7e) C:\Windows\system32\DRIVERS\netr28x.sys 17:42:50.0298 17704 netr28x - ok 17:42:50.0392 17704 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 17:42:50.0407 17704 NetTcpActivator - ok 17:42:50.0423 17704 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 17:42:50.0438 17704 NetTcpPortSharing - ok 17:42:50.0470 17704 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys 17:42:50.0470 17704 nfrd960 - ok 17:42:50.0532 17704 NisDrv (91b4e0273d2f6c24ef845f2b41311289) C:\Windows\system32\DRIVERS\NisDrvWFP.sys 17:42:50.0563 17704 NisDrv - ok 17:42:50.0626 17704 NisSrv (10a43829a9e606af3eef25a1c1665923) c:\Program Files\Microsoft Security Client\NisSrv.exe 17:42:50.0641 17704 NisSrv - ok 17:42:50.0704 17704 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll 17:42:50.0766 17704 NlaSvc - ok 17:42:50.0984 17704 NOBU (5839a8027d6d324a7cd494051a96628c) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe 17:42:51.0031 17704 NOBU - ok 17:42:51.0125 17704 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 17:42:51.0172 17704 Npfs - ok 17:42:51.0187 17704 npggsvc - ok 17:42:51.0203 17704 NPPTNT2 - ok 17:42:51.0234 17704 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll 17:42:51.0281 17704 nsi - ok 17:42:51.0296 17704 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 17:42:51.0328 17704 nsiproxy - ok 17:42:51.0452 17704 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys 17:42:51.0484 17704 Ntfs - ok 17:42:51.0593 17704 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 17:42:51.0655 17704 Null - ok 17:42:51.0671 17704 nvarvpwb - ok 17:42:51.0718 17704 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys 17:42:51.0733 17704 nvraid - ok 17:42:51.0749 17704 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys 17:42:51.0764 17704 nvstor - ok 17:42:51.0796 17704 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys 17:42:51.0811 17704 nv_agp - ok 17:42:51.0827 17704 oblswhjx - ok 17:42:51.0842 17704 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys 17:42:51.0858 17704 ohci1394 - ok 17:42:51.0936 17704 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 17:42:51.0952 17704 ose - ok 17:42:52.0357 17704 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 17:42:52.0466 17704 osppsvc - ok 17:42:52.0544 17704 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 17:42:52.0607 17704 p2pimsvc - ok 17:42:52.0638 17704 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll 17:42:52.0669 17704 p2psvc - ok 17:42:52.0716 17704 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys 17:42:52.0732 17704 Parport - ok 17:42:52.0763 17704 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys 17:42:52.0778 17704 partmgr - ok 17:42:52.0794 17704 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll 17:42:52.0825 17704 PcaSvc - ok 17:42:52.0872 17704 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys 17:42:52.0903 17704 pci - ok 17:42:52.0903 17704 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys 17:42:52.0919 17704 pciide - ok 17:42:52.0950 17704 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys 17:42:52.0950 17704 pcmcia - ok 17:42:52.0981 17704 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 17:42:52.0981 17704 pcw - ok 17:42:53.0012 17704 pdfcDispatcher - ok 17:42:53.0059 17704 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 17:42:53.0106 17704 PEAUTH - ok 17:42:53.0200 17704 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe 17:42:53.0231 17704 PerfHost - ok 17:42:53.0449 17704 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll 17:42:53.0512 17704 pla - ok 17:42:53.0574 17704 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll 17:42:53.0621 17704 PlugPlay - ok 17:42:53.0730 17704 PMBDeviceInfoProvider (63694c307273062a2167ae4ce80730ef) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe 17:42:53.0746 17704 PMBDeviceInfoProvider - ok 17:42:53.0761 17704 PnkBstrA - ok 17:42:53.0777 17704 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll 17:42:53.0808 17704 PNRPAutoReg - ok 17:42:53.0855 17704 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 17:42:53.0886 17704 PNRPsvc - ok 17:42:53.0995 17704 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll 17:42:54.0042 17704 PolicyAgent - ok 17:42:54.0073 17704 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll 17:42:54.0120 17704 Power - ok 17:42:54.0198 17704 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys 17:42:54.0260 17704 PptpMiniport - ok 17:42:54.0292 17704 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys 17:42:54.0307 17704 Processor - ok 17:42:54.0354 17704 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll 17:42:54.0401 17704 ProfSvc - ok 17:42:54.0432 17704 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 17:42:54.0448 17704 ProtectedStorage - ok 17:42:54.0494 17704 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys 17:42:54.0557 17704 Psched - ok 17:42:54.0666 17704 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys 17:42:54.0728 17704 ql2300 - ok 17:42:54.0822 17704 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys 17:42:54.0838 17704 ql40xx - ok 17:42:54.0869 17704 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll 17:42:54.0900 17704 QWAVE - ok 17:42:54.0916 17704 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 17:42:54.0962 17704 QWAVEdrv - ok 17:42:55.0056 17704 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 17:42:55.0150 17704 RasAcd - ok 17:42:55.0181 17704 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 17:42:55.0228 17704 RasAgileVpn - ok 17:42:55.0259 17704 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll 17:42:55.0290 17704 RasAuto - ok 17:42:55.0337 17704 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys 17:42:55.0384 17704 Rasl2tp - ok 17:42:55.0415 17704 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll 17:42:55.0462 17704 RasMan - ok 17:42:55.0477 17704 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 17:42:55.0524 17704 RasPppoe - ok 17:42:55.0555 17704 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 17:42:55.0602 17704 RasSstp - ok 17:42:55.0633 17704 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys 17:42:55.0680 17704 rdbss - ok 17:42:55.0696 17704 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys 17:42:55.0711 17704 rdpbus - ok 17:42:55.0711 17704 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 17:42:55.0758 17704 RDPCDD - ok 17:42:55.0758 17704 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 17:42:55.0805 17704 RDPENCDD - ok 17:42:55.0836 17704 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 17:42:55.0852 17704 RDPREFMP - ok 17:42:55.0898 17704 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys 17:42:55.0930 17704 RDPWD - ok 17:42:55.0992 17704 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys 17:42:56.0023 17704 rdyboost - ok 17:42:56.0070 17704 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll 17:42:56.0132 17704 RemoteAccess - ok 17:42:56.0164 17704 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll 17:42:56.0226 17704 RemoteRegistry - ok 17:42:56.0242 17704 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll 17:42:56.0288 17704 RpcEptMapper - ok 17:42:56.0320 17704 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe 17:42:56.0366 17704 RpcLocator - ok 17:42:56.0429 17704 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll 17:42:56.0476 17704 RpcSs - ok 17:42:56.0522 17704 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 17:42:56.0569 17704 rspndr - ok 17:42:56.0632 17704 RTL8167 (7ea8d2eb9bbfd2ab8a3117a1e96d3b3a) C:\Windows\system32\DRIVERS\Rt64win7.sys 17:42:56.0663 17704 RTL8167 - ok 17:42:56.0694 17704 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 17:42:56.0725 17704 SamSs - ok 17:42:56.0772 17704 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys 17:42:56.0788 17704 sbp2port - ok 17:42:56.0803 17704 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll 17:42:56.0866 17704 SCardSvr - ok 17:42:56.0881 17704 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys 17:42:56.0912 17704 scfilter - ok 17:42:57.0006 17704 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll 17:42:57.0068 17704 Schedule - ok 17:42:57.0084 17704 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll 17:42:57.0115 17704 SCPolicySvc - ok 17:42:57.0131 17704 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll 17:42:57.0146 17704 SDRSVC - ok 17:42:57.0240 17704 SeaPort (78779ee07231c658b483b1f38b5088df) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE 17:42:57.0271 17704 SeaPort - ok 17:42:57.0302 17704 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 17:42:57.0365 17704 secdrv - ok 17:42:57.0412 17704 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll 17:42:57.0474 17704 seclogon - ok 17:42:57.0474 17704 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll 17:42:57.0505 17704 SENS - ok 17:42:57.0521 17704 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll 17:42:57.0536 17704 SensrSvc - ok 17:42:57.0552 17704 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys 17:42:57.0568 17704 Serenum - ok 17:42:57.0599 17704 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys 17:42:57.0599 17704 Serial - ok 17:42:57.0646 17704 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys 17:42:57.0677 17704 sermouse - ok 17:42:57.0739 17704 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll 17:42:57.0786 17704 SessionEnv - ok 17:42:57.0802 17704 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys 17:42:57.0833 17704 sffdisk - ok 17:42:57.0848 17704 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys 17:42:57.0864 17704 sffp_mmc - ok 17:42:57.0880 17704 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys 17:42:57.0895 17704 sffp_sd - ok 17:42:57.0911 17704 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys 17:42:57.0942 17704 sfloppy - ok 17:42:58.0036 17704 Sftfs (c6cc9297bd53e5229653303e556aa539) C:\Windows\system32\DRIVERS\Sftfslh.sys 17:42:58.0067 17704 Sftfs - ok 17:42:58.0160 17704 sftlist (13693b6354dd6e72dc5131da7d764b90) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe 17:42:58.0192 17704 sftlist - ok 17:42:58.0223 17704 Sftplay (390aa7bc52cee43f6790cdea1e776703) C:\Windows\system32\DRIVERS\Sftplaylh.sys 17:42:58.0238 17704 Sftplay - ok 17:42:58.0254 17704 Sftredir (617e29a0b0a2807466560d4c4e338d3e) C:\Windows\system32\DRIVERS\Sftredirlh.sys 17:42:58.0270 17704 Sftredir - ok 17:42:58.0285 17704 Sftvol (8f571f016fa1976f445147e9e6c8ae9b) C:\Windows\system32\DRIVERS\Sftvollh.sys 17:42:58.0301 17704 Sftvol - ok 17:42:58.0316 17704 sftvsa (c3cddd18f43d44ab713cf8c4916f7696) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe 17:42:58.0332 17704 sftvsa - ok 17:42:58.0394 17704 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll 17:42:58.0472 17704 SharedAccess - ok 17:42:58.0519 17704 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll 17:42:58.0597 17704 ShellHWDetection - ok 17:42:58.0628 17704 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys 17:42:58.0628 17704 SiSRaid2 - ok 17:42:58.0644 17704 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys 17:42:58.0660 17704 SiSRaid4 - ok 17:42:58.0691 17704 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 17:42:58.0738 17704 Smb - ok 17:42:58.0769 17704 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe 17:42:58.0784 17704 SNMPTRAP - ok 17:42:58.0800 17704 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 17:42:58.0816 17704 spldr - ok 17:42:58.0878 17704 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe 17:42:58.0909 17704 Spooler - ok 17:42:59.0268 17704 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe 17:42:59.0362 17704 sppsvc - ok 17:42:59.0502 17704 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll 17:42:59.0549 17704 sppuinotify - ok 17:42:59.0627 17704 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys 17:42:59.0674 17704 srv - ok 17:42:59.0705 17704 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys 17:42:59.0720 17704 srv2 - ok 17:42:59.0736 17704 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys 17:42:59.0752 17704 srvnet - ok 17:42:59.0767 17704 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll 17:42:59.0830 17704 SSDPSRV - ok 17:42:59.0861 17704 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll 17:42:59.0876 17704 SstpSvc - ok 17:42:59.0923 17704 Steam Client Service - ok 17:42:59.0954 17704 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys 17:42:59.0970 17704 stexstor - ok 17:43:00.0079 17704 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll 17:43:00.0157 17704 stisvc - ok 17:43:00.0204 17704 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys 17:43:00.0235 17704 swenum - ok 17:43:00.0282 17704 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll 17:43:00.0329 17704 swprv - ok 17:43:00.0469 17704 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll 17:43:00.0547 17704 SysMain - ok 17:43:00.0656 17704 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll 17:43:00.0688 17704 TabletInputService - ok 17:43:00.0734 17704 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll 17:43:00.0797 17704 TapiSrv - ok 17:43:00.0828 17704 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll 17:43:00.0859 17704 TBS - ok 17:43:01.0031 17704 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys 17:43:01.0078 17704 Tcpip - ok 17:43:01.0296 17704 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys 17:43:01.0358 17704 TCPIP6 - ok 17:43:01.0452 17704 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys 17:43:01.0514 17704 tcpipreg - ok 17:43:01.0530 17704 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 17:43:01.0561 17704 TDPIPE - ok 17:43:01.0608 17704 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys 17:43:01.0624 17704 TDTCP - ok 17:43:01.0686 17704 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys 17:43:01.0702 17704 tdx - ok 17:43:01.0748 17704 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys 17:43:01.0780 17704 TermDD - ok 17:43:01.0826 17704 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll 17:43:01.0889 17704 TermService - ok 17:43:01.0904 17704 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll 17:43:01.0951 17704 Themes - ok 17:43:01.0982 17704 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 17:43:02.0014 17704 THREADORDER - ok 17:43:02.0060 17704 TimesUpKidz (856026ed6ec2c8efaa3e048ca6ce5b31) C:\Program Files (x86)\Rain City Digital LLC\TimesUpKidz\TimesUpKidzServer.exe 17:43:02.0076 17704 TimesUpKidz ( UnsignedFile.Multi.Generic ) - warning 17:43:02.0076 17704 TimesUpKidz - detected UnsignedFile.Multi.Generic (1) 17:43:02.0107 17704 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll 17:43:02.0154 17704 TrkWks - ok 17:43:02.0216 17704 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe 17:43:02.0294 17704 TrustedInstaller - ok 17:43:02.0326 17704 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys 17:43:02.0388 17704 tssecsrv - ok 17:43:02.0435 17704 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys 17:43:02.0482 17704 TsUsbFlt - ok 17:43:02.0544 17704 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys 17:43:02.0591 17704 tunnel - ok 17:43:02.0622 17704 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys 17:43:02.0638 17704 uagp35 - ok 17:43:02.0700 17704 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys 17:43:02.0778 17704 udfs - ok 17:43:02.0809 17704 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe 17:43:02.0809 17704 UI0Detect - ok 17:43:02.0856 17704 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys 17:43:02.0887 17704 uliagpkx - ok 17:43:02.0903 17704 uludkfpu - ok 17:43:02.0918 17704 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys 17:43:02.0950 17704 umbus - ok 17:43:02.0981 17704 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys 17:43:03.0012 17704 UmPass - ok 17:43:03.0215 17704 UMVPFSrv (67a95b9d129ed5399e7965cd09cf30e7) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe 17:43:03.0246 17704 UMVPFSrv - ok 17:43:03.0418 17704 UNS (02c298382359653bec4c737c2ab7f9c5) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe 17:43:03.0480 17704 UNS - ok 17:43:03.0574 17704 Updater Service for StartNow Toolbar (70eb41a4417ba0aa36ae12bf2b4d98f6) C:\Program Files (x86)\StartNow Toolbar\ToolbarUpdaterService.exe 17:43:03.0605 17704 Updater Service for StartNow Toolbar - ok 17:43:03.0714 17704 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll 17:43:03.0776 17704 upnphost - ok 17:43:03.0839 17704 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys 17:43:03.0870 17704 usbaudio - ok 17:43:03.0886 17704 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys 17:43:03.0917 17704 usbccgp - ok 17:43:03.0948 17704 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys 17:43:03.0964 17704 usbcir - ok 17:43:03.0979 17704 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys 17:43:04.0010 17704 usbehci - ok 17:43:04.0057 17704 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys 17:43:04.0104 17704 usbhub - ok 17:43:04.0198 17704 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys 17:43:04.0213 17704 usbohci - ok 17:43:04.0244 17704 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys 17:43:04.0260 17704 usbprint - ok 17:43:04.0276 17704 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS 17:43:04.0338 17704 USBSTOR - ok 17:43:04.0354 17704 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys 17:43:04.0369 17704 usbuhci - ok 17:43:04.0416 17704 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys 17:43:04.0447 17704 usbvideo - ok 17:43:04.0463 17704 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll 17:43:04.0525 17704 UxSms - ok 17:43:04.0556 17704 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 17:43:04.0572 17704 VaultSvc - ok 17:43:04.0588 17704 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys 17:43:04.0603 17704 vdrvroot - ok 17:43:04.0666 17704 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe 17:43:04.0744 17704 vds - ok 17:43:04.0775 17704 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 17:43:04.0790 17704 vga - ok 17:43:04.0806 17704 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 17:43:04.0853 17704 VgaSave - ok 17:43:04.0915 17704 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys 17:43:04.0946 17704 vhdmp - ok 17:43:04.0978 17704 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys 17:43:04.0993 17704 viaide - ok 17:43:05.0024 17704 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys 17:43:05.0040 17704 volmgr - ok 17:43:05.0102 17704 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys 17:43:05.0134 17704 volmgrx - ok 17:43:05.0149 17704 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys 17:43:05.0165 17704 volsnap - ok 17:43:05.0212 17704 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys 17:43:05.0227 17704 vsmraid - ok 17:43:05.0368 17704 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe 17:43:05.0461 17704 VSS - ok 17:43:05.0555 17704 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys 17:43:05.0586 17704 vwifibus - ok 17:43:05.0617 17704 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys 17:43:05.0664 17704 vwififlt - ok 17:43:05.0695 17704 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys 17:43:05.0742 17704 vwifimp - ok 17:43:05.0789 17704 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll 17:43:05.0851 17704 W32Time - ok 17:43:05.0867 17704 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys 17:43:05.0898 17704 WacomPen - ok 17:43:05.0960 17704 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 17:43:06.0007 17704 WANARP - ok 17:43:06.0023 17704 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 17:43:06.0038 17704 Wanarpv6 - ok 17:43:06.0163 17704 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe 17:43:06.0210 17704 WatAdminSvc - ok 17:43:06.0350 17704 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe 17:43:06.0429 17704 wbengine - ok 17:43:06.0538 17704 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll 17:43:06.0569 17704 WbioSrvc - ok 17:43:06.0631 17704 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll 17:43:06.0678 17704 wcncsvc - ok 17:43:06.0678 17704 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll 17:43:06.0694 17704 WcsPlugInService - ok 17:43:06.0741 17704 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys 17:43:06.0741 17704 Wd - ok 17:43:06.0787 17704 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 17:43:06.0819 17704 Wdf01000 - ok 17:43:06.0834 17704 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll 17:43:06.0912 17704 WdiServiceHost - ok 17:43:06.0928 17704 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll 17:43:06.0943 17704 WdiSystemHost - ok 17:43:07.0006 17704 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll 17:43:07.0068 17704 WebClient - ok 17:43:07.0099 17704 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll 17:43:07.0177 17704 Wecsvc - ok 17:43:07.0193 17704 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll 17:43:07.0240 17704 wercplsupport - ok 17:43:07.0271 17704 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll 17:43:07.0318 17704 WerSvc - ok 17:43:07.0349 17704 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 17:43:07.0380 17704 WfpLwf - ok 17:43:07.0380 17704 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 17:43:07.0396 17704 WIMMount - ok 17:43:07.0427 17704 WinDefend - ok 17:43:07.0427 17704 WinHttpAutoProxySvc - ok 17:43:07.0489 17704 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll 17:43:07.0552 17704 Winmgmt - ok 17:43:07.0708 17704 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll 17:43:07.0786 17704 WinRM - ok 17:43:07.0926 17704 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll 17:43:07.0989 17704 Wlansvc - ok 17:43:08.0207 17704 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 17:43:08.0269 17704 wlidsvc - ok 17:43:08.0394 17704 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys 17:43:08.0425 17704 WmiAcpi - ok 17:43:08.0472 17704 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe 17:43:08.0503 17704 wmiApSrv - ok 17:43:08.0535 17704 WMPNetworkSvc - ok 17:43:08.0566 17704 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll 17:43:08.0581 17704 WPCSvc - ok 17:43:08.0628 17704 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll 17:43:08.0644 17704 WPDBusEnum - ok 17:43:08.0706 17704 WRkrn (517d7ec4178a49162e6576b143608bd0) C:\Windows\system32\drivers\WRkrn.sys 17:43:08.0706 17704 WRkrn - ok 17:43:08.0831 17704 WRSVC (87e02e094ea37680c9dbc394db0de1d7) C:\Program Files\Webroot\WRSA.exe 17:43:08.0847 17704 WRSVC - ok 17:43:08.0862 17704 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 17:43:08.0893 17704 ws2ifsl - ok 17:43:08.0925 17704 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll 17:43:08.0940 17704 wscsvc - ok 17:43:08.0956 17704 WSearch - ok 17:43:09.0205 17704 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll 17:43:09.0315 17704 wuauserv - ok 17:43:09.0517 17704 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys 17:43:09.0595 17704 WudfPf - ok 17:43:09.0627 17704 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys 17:43:09.0673 17704 WUDFRd - ok 17:43:09.0720 17704 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll 17:43:09.0751 17704 wudfsvc - ok 17:43:09.0783 17704 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll 17:43:09.0814 17704 WwanSvc - ok 17:43:09.0892 17704 X5XSEx (8c6413d62c891d8da084a31da53a09e6) C:\Program Files (x86)\Free Ride Games\X5XSEx.Sys 17:43:09.0892 17704 X5XSEx - ok 17:43:09.0970 17704 X6va005 - ok 17:43:09.0985 17704 X6va006 - ok 17:43:09.0985 17704 X6va007 - ok 17:43:10.0079 17704 YahooAUService (dd0042f0c3b606a6a8b92d49afb18ad6) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe 17:43:10.0110 17704 YahooAUService - ok 17:43:10.0344 17704 ZSMC301b (6e53d1058b900443949c69ec6215d98f) C:\Windows\system32\Drivers\usbVM31b.sys 17:43:10.0391 17704 ZSMC301b - ok 17:43:10.0407 17704 MBR (0x1B8) (f0e69b6eb79be64fa07d8972cfaa57c7) \Device\Harddisk0\DR0 17:43:10.0438 17704 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected 17:43:10.0438 17704 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0) 17:43:10.0485 17704 \Device\Harddisk0\DR0 ( TDSS File System ) - warning 17:43:10.0485 17704 \Device\Harddisk0\DR0 - detected TDSS File System (1) 17:43:10.0485 17704 Boot (0x1200) (1cf9b51bbd05da01e434c2eaa9adb45b) \Device\Harddisk0\DR0\Partition0 17:43:10.0485 17704 \Device\Harddisk0\DR0\Partition0 - ok 17:43:10.0516 17704 Boot (0x1200) (7c13ed71ef67d7ff359954efb5a9a809) \Device\Harddisk0\DR0\Partition1 17:43:10.0516 17704 \Device\Harddisk0\DR0\Partition1 - ok 17:43:10.0547 17704 Boot (0x1200) (a8c70fd8fc7b90e94eef0eb7d3caa80b) \Device\Harddisk0\DR0\Partition2 17:43:10.0563 17704 \Device\Harddisk0\DR0\Partition2 - ok 17:43:10.0563 17704 ============================================================ 17:43:10.0563 17704 Scan finished 17:43:10.0563 17704 ============================================================ 17:43:10.0563 14732 Detected object count: 6 17:43:10.0563 14732 Actual detected object count: 6 17:43:51.0559 14732 FlipShareServer ( UnsignedFile.Multi.Generic ) - skipped by user 17:43:51.0559 14732 FlipShareServer ( UnsignedFile.Multi.Generic ) - User select action: Skip 17:43:51.0575 14732 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user 17:43:51.0575 14732 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip 17:43:51.0575 14732 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user 17:43:51.0575 14732 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip 17:43:51.0575 14732 TimesUpKidz ( UnsignedFile.Multi.Generic ) - skipped by user 17:43:51.0575 14732 TimesUpKidz ( UnsignedFile.Multi.Generic ) - User select action: Skip 17:43:52.0355 14732 \Device\Harddisk0\DR0\# - copied to quarantine 17:43:52.0355 14732 \Device\Harddisk0\DR0 - copied to quarantine 17:43:52.0417 14732 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine 17:43:52.0417 14732 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine 17:43:52.0433 14732 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine 17:43:52.0449 14732 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine 17:43:52.0449 14732 \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine 17:43:52.0449 14732 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine 17:43:52.0449 14732 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine 17:43:52.0449 14732 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine 17:43:52.0449 14732 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine 17:43:52.0464 14732 \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine 17:43:52.0464 14732 \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine 17:43:52.0464 14732 \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine 17:43:52.0511 14732 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - will be cured on reboot 17:43:52.0558 14732 \Device\Harddisk0\DR0 - ok 17:43:52.0792 14732 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Cure 17:43:52.0792 14732 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user 17:43:52.0792 14732 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip 17:43:55.0350 19680 Deinitialize success
- June 18, 2012
- 10 replies
please help!

mullerfour posted a topic in Resolved Malware Removal Logs

Downloaded Malwarebytes and it keeps finding the same two items but is not successful in removing them! They are (Trojan.Agent File and Memory Process C:\Windows\svchost.exe). I am also getting repeated blocks (outgoing) to 206.161.121.6. I ran DDS per your instructions and am including the logs here. I so appreciate any help you might offer! . DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 9.0.8112.16421 Run by four at 18:07:50 on 2012-06-17 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8119.5409 [GMT -4:00] . AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6} AV: Webroot SecureAnywhere *Enabled/Updated* {9C0666FC-6C7D-3E97-3C40-0C6B33FC7401} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Webroot SecureAnywhere *Enabled/Updated* {27678718-4A47-3119-06F0-3719487B3EBC} SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Program Files\Webroot\WRSA.exe C:\Windows\system32\svchost.exe -k RPCSS c:\Program Files\Microsoft Security Client\MsMpEng.exe C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\atieclxx.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files (x86)\Bonjour\mDNSResponder.exe C:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exe C:\Program Files (x86)\Flip Video\FlipShareServer\FlipShareServer.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe C:\Program Files (x86)\PDF Complete\pdfsvc.exe C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe C:\Windows\system32\taskhost.exe C:\Program Files\Webroot\WRSA.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\SysWOW64\PnkBstrA.exe C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe C:\Program Files (x86)\Rain City Digital LLC\TimesUpKidz\TimesUpKidzServer.exe C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe -netsvcs C:\Windows\system32\conhost.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\WUDFHost.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Windows\system32\DllHost.exe C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe C:\Windows\system32\wuauclt.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe C:\Windows\system32\SearchFilterHost.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.com/ig uInternet Settings,ProxyOverride = *.local uURLSearchHooks: FCToolbarURLSearchHook Class: {3d68e927-6002-6bb4-7940-c297f1177192} - C:\Program Files (x86)\Shopping4Causes Shopping Plugin\Helper.dll uURLSearchHooks: H - No File uURLSearchHooks: H - No File mURLSearchHooks: PhotoJoy US Toolbar: {f2c43291-151e-499c-98a7-923c120b88fa} - C:\Program Files (x86)\PhotoJoy_US\prxtbPhot.dll BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: StartNow Toolbar Helper: {6e13d095-45c3-4271-9475-f3b48227dd9f} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll BHO: Shopping4Causes Shopping Plugin: {7c4155b9-efe5-2364-45e9-6679a6060ed5} - C:\Program Files (x86)\Shopping4Causes Shopping Plugin\Toolbar.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll BHO: Webroot Browser Helper Object: {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} - C:\ProgramData\WRData\pkg\LPBar.dll BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll BHO: PhotoJoy US Toolbar: {f2c43291-151e-499c-98a7-923c120b88fa} - C:\Program Files (x86)\PhotoJoy_US\prxtbPhot.dll BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" TB: PhotoJoy US Toolbar: {f2c43291-151e-499c-98a7-923c120b88fa} - C:\Program Files (x86)\PhotoJoy_US\prxtbPhot.dll TB: StartNow Toolbar: {5911488e-9d1e-40ec-8cbb-06b231cc153f} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll TB: Webroot Toolbar: {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\pkg\LPBar.dll TB: {5E5AB302-7F65-44CD-8211-C1D4CAACCEA3} - No File uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" uRun: [Facebook Update] "C:\Users\four\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver uRun: [HydraVisionDesktopManager] "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe" mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe mRun: [iJNetworkScanUtility] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [WRSVC] "C:\Program Files\Webroot\WRSA.exe" -ul mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun mRun: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml dRun: [Exetender] "C:\Program Files (x86)\Free Ride Games\GPlayer.exe" /runonstartup StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\TIMESU~1.LNK - C:\Windows\Installer\{837DA79C-B12B-4709-9B9B-16D1468E418A}\_79F931C029ED8E76188721.exe uPolicies-explorer: NoViewOnDrive = 0 (0x0) uPolicies-explorer: DisableLocalMachineRun = 0 (0x0) uPolicies-explorer: DisableLocalMachineRunOnce = 0 (0x0) uPolicies-explorer: DisableCurrentUserRun = 0 (0x0) uPolicies-explorer: DisableCurrentUserRunOnce = 0 (0x0) uPolicies-explorer: NoFile = 0 (0x0) uPolicies-explorer: HideClock = 0 (0x0) uPolicies-explorer: NoDevMgrUpdate = 0 (0x0) uPolicies-explorer: NoDFSTab = 0 (0x0) uPolicies-explorer: NoWindowsUpdate = 0 (0x0) uPolicies-explorer: NoEncryptOnMove = 0 (0x0) uPolicies-explorer: NoResolveTrack = 0 (0x0) uPolicies-explorer: NoStartMenuSubFolders = 0 (0x0) uPolicies-system: NoDispAppearancePage = 0 (0x0) uPolicies-system: NoDispSettingsPage = 0 (0x0) mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: NoViewOnDrive = 0 (0x0) mPolicies-explorer: DisableLocalMachineRun = 0 (0x0) mPolicies-explorer: DisableLocalMachineRunOnce = 0 (0x0) mPolicies-explorer: DisableCurrentUserRun = 0 (0x0) mPolicies-explorer: DisableCurrentUserRunOnce = 0 (0x0) mPolicies-explorer: NoFile = 0 (0x0) mPolicies-explorer: HideClock = 0 (0x0) mPolicies-explorer: NoDevMgrUpdate = 0 (0x0) mPolicies-explorer: NoDFSTab = 0 (0x0) mPolicies-explorer: NoWindowsUpdate = 0 (0x0) mPolicies-explorer: NoEncryptOnMove = 0 (0x0) mPolicies-explorer: NoResolveTrack = 0 (0x0) mPolicies-explorer: NoStartMenuSubFolders = 0 (0x0) mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) mPolicies-system: PromptOnSecureDesktop = 0 (0x0) mPolicies-system: EnableLUA = 0 (0x0) mPolicies-system: NoDispAppearancePage = 0 (0x0) mPolicies-system: NoDispSettingsPage = 0 (0x0) dPolicies-explorer: NoViewOnDrive = 0 (0x0) dPolicies-explorer: DisableLocalMachineRun = 0 (0x0) dPolicies-explorer: DisableLocalMachineRunOnce = 0 (0x0) dPolicies-explorer: DisableCurrentUserRun = 0 (0x0) dPolicies-explorer: DisableCurrentUserRunOnce = 0 (0x0) dPolicies-explorer: NoFile = 0 (0x0) dPolicies-explorer: HideClock = 0 (0x0) dPolicies-explorer: NoDevMgrUpdate = 0 (0x0) dPolicies-explorer: NoDFSTab = 0 (0x0) dPolicies-explorer: NoWindowsUpdate = 0 (0x0) dPolicies-explorer: NoEncryptOnMove = 0 (0x0) dPolicies-explorer: NoResolveTrack = 0 (0x0) dPolicies-explorer: NoStartMenuSubFolders = 0 (0x0) dPolicies-system: NoDispAppearancePage = 0 (0x0) dPolicies-system: NoDispSettingsPage = 0 (0x0) IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {43699cd0-e34f-11de-8a39-0800200c9a66} - {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} - C:\ProgramData\WRData\pkg\LPBar.dll DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab DPF: {C53BDC3D-19A0-4062-BF34-0897A4E6A6A2} - hxxps://www.wildpockets.com/common/WildPocketsLoader-17822.cab DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab TCP: DhcpNameServer = 10.0.1.1 TCP: Interfaces\{143481A9-ABDD-4EC4-B7EB-D5EE3A722FA3} : DhcpNameServer = 10.0.1.1 Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll BHO-X64: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll BHO-X64: 0x1 - No File BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO-X64: AcroIEHelperStub - No File BHO-X64: StartNow Toolbar Helper: {6E13D095-45C3-4271-9475-F3B48227DD9F} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll BHO-X64: StartNow Toolbar Helper - No File BHO-X64: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll BHO-X64: Shopping4Causes Shopping Plugin: {7C4155B9-EFE5-2364-45E9-6679A6060ED5} - C:\Program Files (x86)\Shopping4Causes Shopping Plugin\Toolbar.dll BHO-X64: FCTBPos00Pos - No File BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll BHO-X64: Webroot Browser Helper Object: {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} - C:\ProgramData\WRData\pkg\LPBar.dll BHO-X64: Webroot Browser Helper Object - No File BHO-X64: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll BHO-X64: PhotoJoy US Toolbar: {f2c43291-151e-499c-98a7-923c120b88fa} - C:\Program Files (x86)\PhotoJoy_US\prxtbPhot.dll BHO-X64: PhotoJoy US - No File BHO-X64: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll TB-X64: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" TB-X64: PhotoJoy US Toolbar: {f2c43291-151e-499c-98a7-923c120b88fa} - C:\Program Files (x86)\PhotoJoy_US\prxtbPhot.dll TB-X64: StartNow Toolbar: {5911488E-9D1E-40ec-8CBB-06B231CC153F} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll TB-X64: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll TB-X64: Webroot Toolbar: {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\pkg\LPBar.dll TB-X64: {5E5AB302-7F65-44CD-8211-C1D4CAACCEA3} - No File mRun-x64: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe mRun-x64: [iJNetworkScanUtility] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun-x64: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun-x64: [WRSVC] "C:\Program Files\Webroot\WRSA.exe" -ul mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray mRun-x64: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun mRun-x64: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml . ============= SERVICES / DRIVERS =============== . R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?] R0 WRkrn;WRkrn;C:\Windows\system32\drivers\WRkrn.sys --> C:\Windows\system32\drivers\WRkrn.sys [?] R1 MpKsl54f09428;MpKsl54f09428;C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{731234C3-A99A-41AC-960B-52ED82FEFD9A}\MpKsl54f09428.sys [2012-6-17 35664] R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?] R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928] R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?] R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624] R2 FlipShareServer;FlipShare Server;C:\Program Files (x86)\Flip Video\FlipShareServer\FlipShareServer.exe [2011-5-6 1085440] R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2010-10-14 92216] R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-8-20 13336] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-6-16 654408] R2 NOBU;Norton Online Backup;C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2010-6-1 2804568] R2 pdfcDispatcher;PDF Document Manager;C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2010-8-20 635416] R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2010-11-27 398176] R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776] R2 TimesUpKidz;TimesUpKidz;C:\Program Files (x86)\Rain City Digital LLC\TimesUpKidz\TimesUpKidzServer.exe [2010-12-19 11264] R2 UMVPFSrv;UMVPFSrv;C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe [2012-1-18 450848] R2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-8-20 2320920] R2 WRSVC;WRSVC;C:\Program Files\Webroot\WRSA.exe [2012-6-6 684240] R2 X5XSEx;X5XSEx;C:\Program Files (x86)\Free Ride Games\X5XSEx.sys [2012-1-16 55400] R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?] R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?] R3 HECIx64;Intel® Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?] R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?] R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\system32\DRIVERS\netr28x.sys --> C:\Windows\system32\DRIVERS\netr28x.sys [?] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?] R3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sys --> C:\Windows\system32\DRIVERS\Sftfslh.sys [?] R3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftplaylh.sys --> C:\Windows\system32\DRIVERS\Sftplaylh.sys [?] R3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftredirlh.sys --> C:\Windows\system32\DRIVERS\Sftredirlh.sys [?] R3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh.sys --> C:\Windows\system32\DRIVERS\Sftvollh.sys [?] R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496] R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?] S2 CLKMSVC10_C6F09094;CyberLink Product - 2010/08/20 19:23:26;C:\Program Files (x86)\Hewlett-Packard\Media\DVD\Kernel\HDDVD\NavFilter\kmsvc.exe [2010-8-20 245232] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-9-14 136176] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-23 257224] S3 DCamUSBVM;Lenovo Q350 USB PC Camera;C:\Windows\system32\Drivers\usbVM31b.sys --> C:\Windows\system32\Drivers\usbVM31b.sys [?] S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072] S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-9-14 136176] S3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\system32\DRIVERS\lvrs64.sys --> C:\Windows\system32\DRIVERS\lvrs64.sys [?] S3 LVUVC64;Logitech Webcam Pro 9000(UVC);C:\Windows\system32\DRIVERS\lvuvc64.sys --> C:\Windows\system32\DRIVERS\lvuvc64.sys [?] S3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?] S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-3-26 291696] S3 npggsvc;nProtect GameGuard Service;C:\Windows\system32\GameMon.des -service --> C:\Windows\system32\GameMon.des -service [?] S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184] S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?] S4 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-3-15 183560] S4 CinemaNow Service;CinemaNow Service;C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe [2010-6-12 400368] S4 Updater Service for StartNow Toolbar;Updater Service for StartNow Toolbar;C:\Program Files (x86)\StartNow Toolbar\ToolbarUpdaterService.exe [2011-10-25 244960] . =============== File Associations =============== . inffile=%SystemRoot%\SysWow64\NOTEPAD.EXE %1 inifile=%SystemRoot%\SysWow64\NOTEPAD.EXE %1 JSEFile="%SystemRoot%\System32\WScript.exe" "%1" %* txtfile=%SystemRoot%\SysWow64\NOTEPAD.EXE %1 . =============== Created Last 30 ================ . 2012-06-17 15:38:11 69000 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{731234C3-A99A-41AC-960B-52ED82FEFD9A}\offreg.dll 2012-06-17 15:38:04 20480 ----a-w- C:\Windows\svchost.exe 2012-06-17 15:37:12 35664 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{731234C3-A99A-41AC-960B-52ED82FEFD9A}\MpKsl54f09428.sys 2012-06-17 15:16:57 -------- d-----w- C:\ProgramData\AMD 2012-06-17 15:16:56 -------- d-----w- C:\Program Files (x86)\AMD AVT 2012-06-17 15:16:55 -------- d-----w- C:\Program Files (x86)\AMD APP 2012-06-17 14:32:00 8955792 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{731234C3-A99A-41AC-960B-52ED82FEFD9A}\mpengine.dll 2012-06-16 20:38:59 -------- d-----w- C:\Users\four\AppData\Roaming\Malwarebytes 2012-06-16 20:38:51 -------- d-----w- C:\ProgramData\Malwarebytes 2012-06-16 20:38:50 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys 2012-06-16 20:38:50 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2012-06-16 00:22:51 8955792 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2012-06-13 12:48:35 927800 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{2D34FC98-D238-4B71-AF93-0280343646EE}\gapaengine.dll 2012-06-13 10:31:04 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe 2012-06-13 10:31:04 77312 ----a-w- C:\Windows\System32\rdpwsx.dll 2012-06-13 10:31:04 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll 2012-06-13 10:31:01 209920 ----a-w- C:\Windows\System32\profsvc.dll 2012-06-13 10:30:56 3146752 ----a-w- C:\Windows\System32\win32k.sys 2012-06-13 10:30:54 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys 2012-06-13 10:30:51 3216384 ----a-w- C:\Windows\System32\msi.dll 2012-06-13 10:30:49 2342400 ----a-w- C:\Windows\SysWow64\msi.dll 2012-06-13 10:30:43 1462272 ----a-w- C:\Windows\System32\crypt32.dll 2012-06-13 10:30:42 184320 ----a-w- C:\Windows\System32\cryptsvc.dll 2012-06-13 10:30:42 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll 2012-06-13 10:30:42 140288 ----a-w- C:\Windows\System32\cryptnet.dll 2012-06-13 10:30:42 1158656 ----a-w- C:\Windows\SysWow64\crypt32.dll 2012-06-13 10:30:42 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll 2012-06-10 20:41:03 -------- d-----w- C:\Users\four\AppData\Roaming\.edmiester777 2012-06-08 20:25:20 -------- d-----w- C:\Users\four\AppData\Local\pesterchum 2012-06-08 20:24:45 -------- d-----w- C:\Pesterchum 2012-06-07 02:16:24 7021336 ----a-w- C:\Program Files (x86)\Common Files\wruninstall.exe 2012-06-07 02:16:00 -------- d-----w- C:\Users\four\AppData\Local\lptmp981689726 2012-06-07 02:15:18 148664 ----a-w- C:\Windows\SysWow64\WRusr.dll 2012-06-07 02:15:18 101808 ----a-w- C:\Windows\System32\WRusr.dll 2012-06-07 02:15:17 112656 ----a-w- C:\Windows\System32\drivers\WRkrn.sys 2012-06-07 02:15:15 -------- d-----w- C:\Program Files\Webroot 2012-06-07 02:15:14 -------- d-----w- C:\ProgramData\WRData 2012-06-04 23:22:22 -------- d-----w- C:\Users\four\AppData\Local\{4A0D9C50-76C6-45B0-A609-850E959DE7F7} 2012-06-04 23:22:12 -------- d-----w- C:\Users\four\AppData\Local\{8208C93B-1E1F-4F9E-AFA7-D3E0DA89C082} 2012-06-04 22:42:35 -------- d-----w- C:\Users\four\AppData\Local\{491DBD74-B6BA-47C3-BD06-970FFDFD94BC} 2012-06-04 22:42:25 -------- d-----w- C:\Users\four\AppData\Local\{6C60F1A4-6A30-4751-85C1-E1A0B5830C9B} 2012-06-03 22:15:50 -------- d-----w- C:\Users\four\AppData\Local\Facebook 2012-05-20 13:32:34 -------- d-----w- C:\Users\four\jagexcache 2012-05-19 20:49:10 -------- d-----w- C:\Program Files (x86)\Doomsday . ==================== Find3M ==================== . 2012-06-16 23:13:50 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2012-06-16 23:13:50 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2012-05-18 02:06:48 2311680 ----a-w- C:\Windows\System32\jscript9.dll 2012-05-18 01:59:14 1392128 ----a-w- C:\Windows\System32\wininet.dll 2012-05-18 01:58:39 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl 2012-05-18 01:55:22 173056 ----a-w- C:\Windows\System32\ieUnatt.exe 2012-05-18 01:51:30 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2012-05-17 22:45:37 1800192 ----a-w- C:\Windows\SysWow64\jscript9.dll 2012-05-17 22:35:47 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll 2012-05-17 22:35:39 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2012-05-17 22:29:45 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe 2012-05-17 22:24:45 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2012-05-05 09:16:20 8744608 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe 2012-04-28 15:17:14 466456 ----a-w- C:\Windows\System32\wrap_oal.dll 2012-04-28 15:17:14 444952 ----a-w- C:\Windows\SysWow64\wrap_oal.dll 2012-04-28 15:17:14 122904 ----a-w- C:\Windows\System32\OpenAL32.dll 2012-04-28 15:17:14 109080 ----a-w- C:\Windows\SysWow64\OpenAL32.dll 2012-04-06 05:22:40 11174400 ----a-w- C:\Windows\System32\drivers\atikmdag.sys 2012-04-06 02:34:26 187392 ----a-w- C:\Windows\System32\clinfo.exe 2012-04-06 02:34:10 74752 ----a-w- C:\Windows\System32\OpenVideo64.dll 2012-04-06 02:34:04 64512 ----a-w- C:\Windows\SysWow64\OpenVideo.dll 2012-04-06 02:33:56 63488 ----a-w- C:\Windows\System32\OVDecode64.dll 2012-04-06 02:33:52 56320 ----a-w- C:\Windows\SysWow64\OVDecode.dll 2012-04-06 02:33:44 16457216 ----a-w- C:\Windows\System32\amdocl64.dll 2012-04-06 02:32:56 13007872 ----a-w- C:\Windows\SysWow64\amdocl.dll 2012-04-06 02:32:08 54784 ----a-w- C:\Windows\System32\OpenCL.dll 2012-04-06 02:32:04 50176 ----a-w- C:\Windows\SysWow64\OpenCL.dll 2012-04-06 02:22:00 159744 ----a-w- C:\Windows\System32\atiapfxx.exe 2012-04-06 02:21:52 909312 ----a-w- C:\Windows\SysWow64\aticfx32.dll 2012-04-06 02:20:04 1067520 ----a-w- C:\Windows\System32\aticfx64.dll 2012-04-06 02:16:52 442368 ----a-w- C:\Windows\System32\ATIDEMGX.dll 2012-04-06 02:16:46 503808 ----a-w- C:\Windows\System32\atieclxx.exe 2012-04-06 02:16:02 236544 ----a-w- C:\Windows\System32\atiesrxx.exe 2012-04-06 02:14:44 120320 ----a-w- C:\Windows\System32\atitmm64.dll 2012-04-06 02:14:30 21504 ----a-w- C:\Windows\System32\atimuixx.dll 2012-04-06 02:14:26 59392 ----a-w- C:\Windows\System32\atiedu64.dll 2012-04-06 02:14:20 43520 ----a-w- C:\Windows\SysWow64\ati2edxx.dll 2012-04-06 02:13:42 6800896 ----a-w- C:\Windows\SysWow64\atidxx32.dll 2012-04-06 02:10:50 26181632 ----a-w- C:\Windows\System32\atio6axx.dll 2012-04-06 02:00:10 64000 ----a-w- C:\Windows\System32\coinst.dll 2012-04-06 01:54:46 7479296 ----a-w- C:\Windows\System32\atidxx64.dll 2012-04-06 01:50:56 19753984 ----a-w- C:\Windows\SysWow64\atioglxx.dll 2012-04-06 01:35:24 1120768 ----a-w- C:\Windows\System32\atiumd6v.dll 2012-04-06 01:34:50 1831424 ----a-w- C:\Windows\SysWow64\atiumdmv.dll 2012-04-06 01:34:34 4731904 ----a-w- C:\Windows\System32\atiumd6a.dll 2012-04-06 01:34:04 6203392 ----a-w- C:\Windows\SysWow64\atiumdag.dll 2012-04-06 01:30:16 51200 ----a-w- C:\Windows\System32\aticalrt64.dll 2012-04-06 01:30:14 46080 ----a-w- C:\Windows\SysWow64\aticalrt.dll 2012-04-06 01:30:08 44544 ----a-w- C:\Windows\System32\aticalcl64.dll 2012-04-06 01:30:06 44032 ----a-w- C:\Windows\SysWow64\aticalcl.dll 2012-04-06 01:29:54 16090624 ----a-w- C:\Windows\System32\aticaldd64.dll 2012-04-06 01:25:30 13764096 ----a-w- C:\Windows\SysWow64\aticaldd.dll 2012-04-06 01:23:24 7431680 ----a-w- C:\Windows\System32\atiumd64.dll 2012-04-06 01:22:54 4795904 ----a-w- C:\Windows\SysWow64\atiumdva.dll 2012-04-06 01:11:28 514560 ----a-w- C:\Windows\System32\atiadlxx.dll 2012-04-06 01:11:20 360448 ----a-w- C:\Windows\SysWow64\atiadlxy.dll 2012-04-06 01:11:06 17408 ----a-w- C:\Windows\System32\atig6pxx.dll 2012-04-06 01:11:04 14848 ----a-w- C:\Windows\SysWow64\atiglpxx.dll 2012-04-06 01:11:04 14848 ----a-w- C:\Windows\System32\atiglpxx.dll 2012-04-06 01:11:00 41984 ----a-w- C:\Windows\System32\atig6txx.dll 2012-04-06 01:10:52 33280 ----a-w- C:\Windows\SysWow64\atigktxx.dll 2012-04-06 01:10:44 343040 ----a-w- C:\Windows\System32\drivers\atikmpag.sys 2012-04-06 01:09:56 54784 ----a-w- C:\Windows\System32\atiuxp64.dll 2012-04-06 01:09:48 41984 ----a-w- C:\Windows\SysWow64\atiuxpag.dll 2012-04-06 01:09:42 44544 ----a-w- C:\Windows\System32\atiu9p64.dll 2012-04-06 01:09:34 32256 ----a-w- C:\Windows\SysWow64\atiu9pag.dll 2012-04-06 01:09:02 53248 ----a-w- C:\Windows\System32\drivers\ati2erec.dll 2012-04-06 01:06:08 54784 ----a-w- C:\Windows\System32\atimpc64.dll 2012-04-06 01:06:08 54784 ----a-w- C:\Windows\System32\amdpcom64.dll 2012-04-06 01:06:04 53760 ----a-w- C:\Windows\SysWow64\atimpc32.dll 2012-04-06 01:06:04 53760 ----a-w- C:\Windows\SysWow64\amdpcom32.dll 2012-03-31 06:05:57 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe 2012-03-31 04:39:37 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe 2012-03-31 04:39:37 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe 2012-03-30 11:35:47 1918320 ----a-w- C:\Windows\System32\drivers\tcpip.sys 2012-03-21 00:44:12 98688 ----a-w- C:\Windows\System32\drivers\NisDrvWFP.sys 2012-03-21 00:44:12 203888 ----a-w- C:\Windows\System32\drivers\MpFilter.sys . ============= FINISH: 18:09:17.35 =============== UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume1 Install Date: 11/28/2010 6:47:57 AM System Uptime: 6/17/2012 11:36:24 AM (7 hours ago) . Motherboard: MSI | | 2A9C Processor: Intel® Core i5 CPU 650 @ 3.20GHz | CPU 1 | 3201/133mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 919 GiB total, 547.534 GiB free. D: is FIXED (NTFS) - 12 GiB total, 1.484 GiB free. E: is CDROM () G: is Removable H: is Removable I: is Removable J: is Removable . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP217: 6/14/2012 3:00:11 AM - Windows Update RP218: 6/15/2012 3:00:12 AM - Windows Update RP219: 6/16/2012 3:00:11 AM - Windows Update RP220: 6/17/2012 3:00:12 AM - Windows Update RP221: 6/17/2012 11:17:42 AM - Windows Update . ==== Installed Programs ====================== . 7-Zip 9.20 ActiveCheck component for HP Active Support Library Adobe AIR Adobe Flash Player 11 Plugin Adobe Reader X (10.1.3) Age of Chivalry Alien Zombie Megadeath Alliance of Valiant Arms Amnesia: The Dark Descent Demo Anime Studio Debut 7.0 APB Reloaded Apple Application Support Apple Software Update Audacity 1.2.6 Bandisoft MPEG-1 Decoder Battle.net Bejeweled 2 Deluxe Bing Bar Bing Rewards Client Installer Blackhawk Striker 2 Bloodline Champions Brawl Busters BrickForce 1.4.40 Build-a-lot 2 Build Your Own Net Dream (remove only) Burn Zombie Burn Call of Duty® - World at War CameraHelperMsi CamStudio OSS Desktop Recorder Canon IJ Network Scan Utility Canon IJ Network Tool Canon MP Navigator 2.2 Catalyst Control Center Catalyst Control Center - Branding Catalyst Control Center Graphics Previews Common Catalyst Control Center InstallProxy Catalyst Control Center Localization All CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Czech CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Greek CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Polish CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish CCC Help Thai CCC Help Turkish Chuzzle Deluxe CinemaNow Media Manager Counter-Strike: Source Counter-Strike: Source Beta Crimecraft: BLEEDOUT Cubemen CyberLink DVD Suite Deluxe D3DX10 Darkest of Days - Demo Diablo Diablo III Diablo III Beta Diner Dash 2 Restaurant Rescue Doomsday Engine 1.9.8 Dora's Carnival Adventure Dungeon Defenders Demo DVD Menu Pack for HP MediaSmart Video Empires erLT Escape Rosecliff Island Facebook Video Calling 1.2.0.159 Fallout: New Vegas FATE Final Drive Nitro FlipShare Foreign Legion: Buckets of Blood FPS Creator Free Fraps Free Ride Games Player Game Maker 8.0 GameSpy Arcade Garry's Mod Google Chrome Google Toolbar for Internet Explorer Google Update Helper Gotham City Impostors Half-Life 2 Half-Life 2: Lost Coast Half-Life Deathmatch: Source Half-Life: Source Helicopter Strike Force Heroes of Hellas 2 - Olympia Hot Wheels Hot Wheels Stunt Track Challenge HP Advisor HP Customer Experience Enhancements HP Games HP MediaSmart CinemaNow 2.0 HP MediaSmart DVD HP MediaSmart Music HP MediaSmart Photo HP MediaSmart Video HP MediaSmart/TouchSmart Netflix HP Odometer HP Setup HP Support Assistant HP Support Information HP Update HPAsset component for HP Active Support Library Hulu Desktop HydraVision iLivid Intel® Management Engine Components Intel® Rapid Storage Technology Java Auto Updater Java 6 Update 30 Jed's Half-Life Model Viewer 1.3.6 Jewel Quest 3 Jewel Quest Solitaire 2 Junk Mail filter update Killing Floor Killing Floor Mod: Defence Alliance 2 Kobo LabelPrint Left 4 Dead Left 4 Dead 2 Left 4 Dead 2 Add-on Support LightScribe System Software Logitech Vid HD Logitech Webcam Software LWS Facebook LWS Gallery LWS Help_main LWS Launcher LWS Motion Detection LWS Pictures And Video LWS Twitter LWS Video Mask Maker LWS Webcam Software LWS WLM Plugin LWS YouTube Plugin Malwarebytes Anti-Malware version 1.61.0.1400 Mastercam X Medal of Honor Airborne Microsoft .NET Framework 1.1 Microsoft Games for Windows - LIVE Redistributable Microsoft Games for Windows Marketplace Microsoft Office 2010 Microsoft Office Click-to-Run 2010 Microsoft Office Starter 2010 - English Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Windows Media Video 9 VCM Microsoft Works 6-9 Converter Microsoft WSE 3.0 Runtime Microsoft XNA Framework Redistributable 3.1 Microsoft XNA Framework Redistributable 4.0 Monster Madness: Battle for Suburbia Mortal Kombat Kollection Movie Theme Pack for HP MediaSmart Video MP4 player MSVCRT MSVCRT_amd64 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MSXML 4.0 SP3 Parser MSXML 4.0 SP3 Parser (KB973685) Norton Online Backup Norton Security Scan NVIDIA PhysX Oblivion OpenAL OpenOffice.org 3.2 Pando Media Booster PDF Complete Special Edition Penguins! PESTERCHUM PhotoJoy PhotoJoy US Toolbar PhotoNow! Plants vs. Zombies PMB Poker Superstars III Polar Bowler Polar Golfer Portal 2 Pound of Ground Demo Power2Go PowerDirector PressReader Project Blackout PunkBuster Services Quake Live Internet Explorer Plugin QuickTime Ralink RT2860 Wireless LAN Card Realm of the Mad God Realtek High Definition Audio Driver Recovery Manager RollerCoaster Tycoon 3 Platinum Roxio CinemaNow 2.0 Security Update for CAPICOM (KB931906) Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Extended (KB2416472) Security Update for Microsoft .NET Framework 4 Extended (KB2487367) Security Update for Microsoft .NET Framework 4 Extended (KB2656351) Serious Sam 2 Shank 2 Demo Shoot Many Robots Shopping4Causes Shopping Plugin SpongeBob SquarePants Employee of the Month StartNow Toolbar Steam Stop Motion Animation Companion CD 1.3 Stunt Track Driver Super Monday Night Combat Synergy Team Fortress 2 Team Fortress 2 Beta Terraria The Binding Of Isaac The Fairly OddParents - Shadow Showdown (remove only) TimesUpKidz Tomb Raider: Legend U.B. Funkeys Unity Web Player Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2473228) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft .NET Framework 4 Extended (KB2468871) Update for Microsoft .NET Framework 4 Extended (KB2533523) Update for Microsoft .NET Framework 4 Extended (KB2600217) Update Installer for WildTangent Games App Virtual Families Virtual Villagers - The Secret City VLC media player 1.1.11 Webroot SecureAnywhere Wheel of Fortune 2 WildTangent Games App (HP Games) Windows Live Communications Platform Windows Live Essentials Windows Live Installer Windows Live Mail Windows Live Messenger Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live Sync Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources World of Warcraft World of Warcraft Beta Yahoo! Software Update Yahoo! Toolbar Zinio Reader 4 Zuma Deluxe . ==== Event Viewer Messages From Past Week ======== . 6/17/2012 11:38:57 AM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:DOS/Alureon.A&threatid=2147636949 Name: Trojan:DOS/Alureon.A ID: 2147636949 Severity: Severe Category: Trojan Path: rootkit:_Alureon->Mbr::Alureon Detection Origin: Unknown Detection Type: Concrete Detection Source: System User: NT AUTHORITY\SYSTEM Process Name: Unknown Action: Quarantine Action Status: To finish removing malware and other potentially unwanted software, restart the computer. To see how to finish removing malware and other potentially unwanted software, see the support article on the Microsoft Security website. Error Code: 0x80070032 Error description: The request is not supported. Signature Version: AV: 1.127.2172.0, AS: 1.127.2172.0, NIS: 11.137.0.0 Engine Version: AM: 1.1.8403.0, NIS: 2.0.8001.0 6/17/2012 11:37:08 AM, Error: Service Control Manager [7000] - The Hardlock service failed to start due to the following error: This driver has been blocked from loading 6/17/2012 11:37:08 AM, Error: Application Popup [1060] - \??\C:\Windows\SysWow64\drivers\hardlock.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver. 6/17/2012 11:35:50 AM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start. 6/17/2012 11:27:31 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89} 6/17/2012 11:19:43 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030} 6/17/2012 11:19:43 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} 6/17/2012 11:19:41 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E} 6/17/2012 11:19:40 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} 6/17/2012 11:19:34 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC} 6/17/2012 11:19:16 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD DfsC discache MpFilter NetBIOS NetBT nsiproxy Psched rdbss spldr tdx vwififlt Wanarpv6 WfpLwf 6/17/2012 11:19:13 AM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 6/17/2012 11:19:13 AM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning. 6/17/2012 11:19:13 AM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning. 6/17/2012 11:19:13 AM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start. 6/17/2012 11:19:13 AM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start. 6/17/2012 11:19:13 AM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning. 6/17/2012 11:19:13 AM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 6/17/2012 11:19:13 AM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 6/17/2012 11:19:13 AM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning. 6/17/2012 11:19:13 AM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning. 6/17/2012 11:19:13 AM, Error: Service Control Manager [7001] - The Client Virtualization Handler service depends on the Application Virtualization Client service which failed to start because of the following error: The dependency service or group failed to start. 6/17/2012 11:18:01 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Windows 7 for x64-based Systems (KB2709715). 6/17/2012 11:14:30 AM, Error: Service Control Manager [7009] - A timeout was reached (60001 milliseconds) while waiting for the AMD External Events Utility service to connect. 6/17/2012 11:14:30 AM, Error: Service Control Manager [7000] - The AMD External Events Utility service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 6/17/2012 10:22:23 AM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:DOS/Alureon.A&threatid=2147636949 Name: Trojan:DOS/Alureon.A ID: 2147636949 Severity: Severe Category: Trojan Path: rootkit:_Alureon->Mbr::Alureon Detection Origin: Unknown Detection Type: Concrete Detection Source: System User: NT AUTHORITY\SYSTEM Process Name: Unknown Action: Quarantine Action Status: To finish removing malware and other potentially unwanted software, restart the computer. To see how to finish removing malware and other potentially unwanted software, see the support article on the Microsoft Security website. Error Code: 0x80070032 Error description: The request is not supported. Signature Version: AV: 1.127.2110.0, AS: 1.127.2110.0, NIS: 11.137.0.0 Engine Version: AM: 1.1.8403.0, NIS: 2.0.8001.0 6/16/2012 7:18:16 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:DOS/Alureon.A&threatid=2147636949 Name: Trojan:DOS/Alureon.A ID: 2147636949 Severity: Severe Category: Trojan Path: rootkit:_Alureon->Mbr::Alureon Detection Origin: Unknown Detection Type: Concrete Detection Source: System User: NT AUTHORITY\SYSTEM Process Name: Unknown Action: Quarantine Action Status: To finish removing malware and other potentially unwanted software, restart the computer. To see how to finish removing malware and other potentially unwanted software, see the support article on the Microsoft Security website. Error Code: 0x80070032 Error description: The request is not supported. Signature Version: AV: 1.127.2110.0, AS: 1.127.2110.0, NIS: 11.137.0.0 Engine Version: AM: 1.1.8403.0, NIS: 2.0.8001.0 6/16/2012 7:13:33 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:DOS/Alureon.A&threatid=2147636949 Name: Trojan:DOS/Alureon.A ID: 2147636949 Severity: Severe Category: Trojan Path: rootkit:_Alureon->Mbr::Alureon Detection Origin: Unknown Detection Type: Concrete Detection Source: System User: NT AUTHORITY\SYSTEM Process Name: Unknown Action: Quarantine Action Status: To finish removing malware and other potentially unwanted software, restart the computer. To see how to finish removing malware and other potentially unwanted software, see the support article on the Microsoft Security website. Error Code: 0x80070032 Error description: The request is not supported. Signature Version: AV: 1.127.2110.0, AS: 1.127.2110.0, NIS: 11.137.0.0 Engine Version: AM: 1.1.8403.0, NIS: 2.0.8001.0 6/14/2012 8:11:51 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:DOS/Alureon.A&threatid=2147636949 Name: Trojan:DOS/Alureon.A ID: 2147636949 Severity: Severe Category: Trojan Path: rootkit:_Alureon->Mbr::Alureon Detection Origin: Unknown Detection Type: Concrete Detection Source: System User: NT AUTHORITY\SYSTEM Process Name: Unknown Action: Quarantine Action Status: To finish removing malware and other potentially unwanted software, restart the computer. To see how to finish removing malware and other potentially unwanted software, see the support article on the Microsoft Security website. Error Code: 0x80070032 Error description: The request is not supported. Signature Version: AV: 1.127.2024.0, AS: 1.127.2024.0, NIS: 11.137.0.0 Engine Version: AM: 1.1.8403.0, NIS: 2.0.8001.0 6/14/2012 7:06:10 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:DOS/Alureon.A&threatid=2147636949 Name: Trojan:DOS/Alureon.A ID: 2147636949 Severity: Severe Category: Trojan Path: rootkit:_Alureon->Mbr::Alureon Detection Origin: Unknown Detection Type: Concrete Detection Source: System User: NT AUTHORITY\SYSTEM Process Name: Unknown Action: Quarantine Action Status: To finish removing malware and other potentially unwanted software, restart the computer. To see how to finish removing malware and other potentially unwanted software, see the support article on the Microsoft Security website. Error Code: 0x80070032 Error description: The request is not supported. Signature Version: AV: 1.127.1891.0, AS: 1.127.1891.0, NIS: 11.137.0.0 Engine Version: AM: 1.1.8403.0, NIS: 2.0.8001.0 6/14/2012 3:28:55 AM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:DOS/Alureon.A&threatid=2147636949 Name: Trojan:DOS/Alureon.A ID: 2147636949 Severity: Severe Category: Trojan Path: rootkit:_Alureon->Mbr::Alureon Detection Origin: Unknown Detection Type: Concrete Detection Source: System User: NT AUTHORITY\SYSTEM Process Name: Unknown Action: Quarantine Action Status: To finish removing malware and other potentially unwanted software, restart the computer. To see how to finish removing malware and other potentially unwanted software, see the support article on the Microsoft Security website. Error Code: 0x80070032 Error description: The request is not supported. Signature Version: AV: 1.127.1891.0, AS: 1.127.1891.0, NIS: 11.137.0.0 Engine Version: AM: 1.1.8403.0, NIS: 2.0.8001.0 6/11/2012 3:53:52 AM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:DOS/Alureon.A&threatid=2147636949 Name: Trojan:DOS/Alureon.A ID: 2147636949 Severity: Severe Category: Trojan Path: rootkit:_Alureon->Mbr::Alureon Detection Origin: Unknown Detection Type: Concrete Detection Source: System User: NT AUTHORITY\SYSTEM Process Name: Unknown Action: Quarantine Action Status: To finish removing malware and other potentially unwanted software, restart the computer. To see how to finish removing malware and other potentially unwanted software, see the support article on the Microsoft Security website. Error Code: 0x80070032 Error description: The request is not supported. Signature Version: AV: 1.127.1726.0, AS: 1.127.1726.0, NIS: 11.0.0.0 Engine Version: AM: 1.1.8403.0, NIS: 2.0.8001.0 6/10/2012 4:52:31 PM, Error: Service Control Manager [7031] - The WRSVC service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. . ==== End Of File ===========================
- June 17, 2012
- 10 replies

Sign In

mullerfour

Posts

Joined

Last visited

Content Type

Events

Profiles

Forums

Everything posted by mullerfour

please help!

please help!

please help!

please help!

please help!

Browse

Activity

Personal

Business

Business Modules

Partners

Learn

Start here

Type of malware/attacks

How does it get on my computer?

Scams and grifts

Support

Important Information