mullerfour
-
Posts
5 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Posts posted by mullerfour
-
-
OK, updated the Java and deleted the files per your instruction. All my scans come up clean, and there have been no IP blocks or anything - am I cured? I owe you a beer, for sure!
-
Hello!
OK. I uninstalled MSE. Scanned with Webroot and Malwarebytes (after updating), and am posting the malwarebytes log file, and the checkup.txt that you had me do. It won't let me post the webroot log file - too long? Awaiting further instruction...... Thank yoU!
Malwarebytes Anti-Malware (Trial) 1.61.0.1400
Database version: v2012.06.19.06
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
four :: FOUR-HP [administrator]
Protection: Enabled
6/19/2012 3:19:10 PM
mbam-log-2012-06-19 (15-19-10).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 286516
Time elapsed: 5 minute(s), 6 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
Results of screen317's Security Check version 0.99.42
Windows 7 Service Pack 1 x64 (UAC is disabled!)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Webroot SecureAnywhere
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware version 1.61.0.1400
Java 6 Update 30
Java version out of Date!
Adobe Reader X (10.1.3)
Google Chrome 19.0.1084.52
Google Chrome 19.0.1084.56
````````Process Check: objlist.exe by Laurent````````
Malwarebytes Anti-Malware mbamservice.exe
Malwarebytes Anti-Malware mbamgui.exe
Symantec Norton Online Backup NOBuAgent.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 0%
````````````````````End of Log``````````````````````
-
Thank you so much for your help. I hope I am doing this right. When the scan completed, there were some "unsigned files" and the default action was skip. There was also something for which the default was "cure" - I didn't change anything, just hit continue. It asked me to reboot, and I managed to find this log - I hope it is what I am supposed to be sending? I really appreciate your assistance....
17:42:18.0412 13568 TDSS rootkit removing tool 2.7.40.0 Jun 15 2012 15:13:31
17:42:18.0802 13568 ============================================================
17:42:18.0802 13568 Current date / time: 2012/06/18 17:42:18.0802
17:42:18.0802 13568 SystemInfo:
17:42:18.0802 13568
17:42:18.0802 13568 OS Version: 6.1.7601 ServicePack: 1.0
17:42:18.0802 13568 Product type: Workstation
17:42:18.0802 13568 ComputerName: FOUR-HP
17:42:18.0802 13568 UserName: four
17:42:18.0802 13568 Windows directory: C:\Windows
17:42:18.0802 13568 System windows directory: C:\Windows
17:42:18.0802 13568 Running under WOW64
17:42:18.0802 13568 Processor architecture: Intel x64
17:42:18.0802 13568 Number of processors: 4
17:42:18.0802 13568 Page size: 0x1000
17:42:18.0802 13568 Boot type: Normal boot
17:42:18.0802 13568 ============================================================
17:42:19.0129 13568 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:42:19.0160 13568 ============================================================
17:42:19.0160 13568 \Device\Harddisk0\DR0:
17:42:19.0160 13568 MBR partitions:
17:42:19.0160 13568 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
17:42:19.0160 13568 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x72E8D000
17:42:19.0160 13568 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x72EBF800, BlocksNum 0x1846800
17:42:19.0160 13568 ============================================================
17:42:19.0192 13568 C: <-> \Device\Harddisk0\DR0\Partition1
17:42:19.0238 13568 D: <-> \Device\Harddisk0\DR0\Partition2
17:42:19.0238 13568 ============================================================
17:42:19.0238 13568 Initialize success
17:42:19.0238 13568 ============================================================
17:42:26.0758 17704 ============================================================
17:42:26.0758 17704 Scan started
17:42:26.0758 17704 Mode: Manual; SigCheck; TDLFS;
17:42:26.0758 17704 ============================================================
17:42:27.0709 17704 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
17:42:27.0881 17704 1394ohci - ok
17:42:27.0974 17704 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
17:42:27.0974 17704 ACPI - ok
17:42:28.0021 17704 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
17:42:28.0146 17704 AcpiPmi - ok
17:42:28.0271 17704 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:42:28.0286 17704 AdobeARMservice - ok
17:42:28.0583 17704 AdobeFlashPlayerUpdateSvc (f3cd7b20b27d1772c946df993ff3635c) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:42:28.0598 17704 AdobeFlashPlayerUpdateSvc - ok
17:42:28.0676 17704 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
17:42:28.0708 17704 adp94xx - ok
17:42:28.0754 17704 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
17:42:28.0786 17704 adpahci - ok
17:42:28.0801 17704 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
17:42:28.0817 17704 adpu320 - ok
17:42:28.0848 17704 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
17:42:28.0988 17704 AeLookupSvc - ok
17:42:29.0066 17704 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
17:42:29.0082 17704 AFD - ok
17:42:29.0129 17704 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
17:42:29.0144 17704 agp440 - ok
17:42:29.0160 17704 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
17:42:29.0238 17704 ALG - ok
17:42:29.0254 17704 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
17:42:29.0269 17704 aliide - ok
17:42:29.0347 17704 AMD External Events Utility (20c8a3e435a47f0408a1ea674afa6194) C:\Windows\system32\atiesrxx.exe
17:42:29.0441 17704 AMD External Events Utility - ok
17:42:29.0472 17704 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
17:42:29.0472 17704 amdide - ok
17:42:29.0503 17704 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
17:42:29.0534 17704 AmdK8 - ok
17:42:30.0205 17704 amdkmdag (0b45c18b0f3ee996d25baa4e74884b83) C:\Windows\system32\DRIVERS\atikmdag.sys
17:42:30.0424 17704 amdkmdag - ok
17:42:30.0642 17704 amdkmdap (0e57258e5cc4cc7a9a9a877afdf0cec6) C:\Windows\system32\DRIVERS\atikmpag.sys
17:42:30.0704 17704 amdkmdap - ok
17:42:30.0736 17704 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
17:42:30.0782 17704 AmdPPM - ok
17:42:30.0845 17704 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
17:42:30.0860 17704 amdsata - ok
17:42:30.0892 17704 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
17:42:30.0907 17704 amdsbs - ok
17:42:30.0923 17704 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
17:42:30.0938 17704 amdxata - ok
17:42:30.0985 17704 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
17:42:31.0126 17704 AppID - ok
17:42:31.0141 17704 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
17:42:31.0219 17704 AppIDSvc - ok
17:42:31.0282 17704 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
17:42:31.0360 17704 Appinfo - ok
17:42:31.0453 17704 Apple Mobile Device (018857ead9a077a56aedfc0e5ef7a24a) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
17:42:31.0469 17704 Apple Mobile Device - ok
17:42:31.0500 17704 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
17:42:31.0516 17704 arc - ok
17:42:31.0531 17704 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
17:42:31.0547 17704 arcsas - ok
17:42:31.0656 17704 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
17:42:31.0672 17704 aspnet_state - ok
17:42:31.0703 17704 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
17:42:31.0750 17704 AsyncMac - ok
17:42:31.0796 17704 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
17:42:31.0812 17704 atapi - ok
17:42:31.0843 17704 AtiHdmiService (637e0753bd6deb8ea5314a5c357ec1a0) C:\Windows\system32\drivers\AtiHdmi.sys
17:42:31.0859 17704 AtiHdmiService - ok
17:42:31.0952 17704 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
17:42:32.0046 17704 AudioEndpointBuilder - ok
17:42:32.0062 17704 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
17:42:32.0093 17704 AudioSrv - ok
17:42:32.0155 17704 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
17:42:32.0233 17704 AxInstSV - ok
17:42:32.0280 17704 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
17:42:32.0327 17704 b06bdrv - ok
17:42:32.0374 17704 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
17:42:32.0420 17704 b57nd60a - ok
17:42:32.0530 17704 BBSvc (dbf43db0c648db9101d61041e00df5c4) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
17:42:32.0561 17704 BBSvc - ok
17:42:32.0576 17704 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
17:42:32.0592 17704 BDESVC - ok
17:42:32.0608 17704 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
17:42:32.0670 17704 Beep - ok
17:42:32.0748 17704 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
17:42:32.0826 17704 BFE - ok
17:42:32.0920 17704 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
17:42:32.0998 17704 BITS - ok
17:42:33.0060 17704 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
17:42:33.0060 17704 blbdrive - ok
17:42:33.0154 17704 Bonjour Service (f832f1505ad8b83474bd9a5b1b985e01) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
17:42:33.0169 17704 Bonjour Service - ok
17:42:33.0232 17704 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
17:42:33.0263 17704 bowser - ok
17:42:33.0278 17704 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
17:42:33.0325 17704 BrFiltLo - ok
17:42:33.0341 17704 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
17:42:33.0356 17704 BrFiltUp - ok
17:42:33.0419 17704 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
17:42:33.0481 17704 Browser - ok
17:42:33.0512 17704 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
17:42:33.0559 17704 Brserid - ok
17:42:33.0575 17704 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
17:42:33.0590 17704 BrSerWdm - ok
17:42:33.0622 17704 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
17:42:33.0653 17704 BrUsbMdm - ok
17:42:33.0668 17704 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
17:42:33.0700 17704 BrUsbSer - ok
17:42:33.0715 17704 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
17:42:33.0746 17704 BTHMODEM - ok
17:42:33.0793 17704 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
17:42:33.0856 17704 bthserv - ok
17:42:33.0902 17704 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
17:42:33.0949 17704 cdfs - ok
17:42:34.0012 17704 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
17:42:34.0043 17704 cdrom - ok
17:42:34.0121 17704 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
17:42:34.0214 17704 CertPropSvc - ok
17:42:34.0292 17704 CinemaNow Service (ea3333db9ab03106eec0d6d9d487ed01) C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe
17:42:34.0308 17704 CinemaNow Service - ok
17:42:34.0339 17704 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
17:42:34.0386 17704 circlass - ok
17:42:34.0448 17704 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
17:42:34.0480 17704 CLFS - ok
17:42:34.0558 17704 CLKMSVC10_C6F09094 (dede5ec7dc09d840d5d74e06ff4de127) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\Kernel\HDDVD\NavFilter\kmsvc.exe
17:42:34.0573 17704 CLKMSVC10_C6F09094 - ok
17:42:34.0667 17704 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:42:34.0682 17704 clr_optimization_v2.0.50727_32 - ok
17:42:34.0714 17704 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:42:34.0714 17704 clr_optimization_v2.0.50727_64 - ok
17:42:34.0807 17704 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:42:34.0823 17704 clr_optimization_v4.0.30319_32 - ok
17:42:34.0854 17704 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:42:34.0870 17704 clr_optimization_v4.0.30319_64 - ok
17:42:34.0948 17704 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
17:42:34.0979 17704 CmBatt - ok
17:42:35.0010 17704 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
17:42:35.0041 17704 cmdide - ok
17:42:35.0119 17704 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
17:42:35.0150 17704 CNG - ok
17:42:35.0182 17704 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
17:42:35.0197 17704 Compbatt - ok
17:42:35.0213 17704 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
17:42:35.0244 17704 CompositeBus - ok
17:42:35.0244 17704 COMSysApp - ok
17:42:35.0260 17704 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
17:42:35.0275 17704 crcdisk - ok
17:42:35.0338 17704 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
17:42:35.0369 17704 CryptSvc - ok
17:42:35.0525 17704 cvhsvc (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
17:42:35.0556 17704 cvhsvc - ok
17:42:35.0712 17704 DCamUSBVM (6e53d1058b900443949c69ec6215d98f) C:\Windows\system32\Drivers\usbVM31b.sys
17:42:35.0806 17704 DCamUSBVM - ok
17:42:35.0946 17704 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
17:42:35.0993 17704 DcomLaunch - ok
17:42:36.0024 17704 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
17:42:36.0086 17704 defragsvc - ok
17:42:36.0164 17704 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
17:42:36.0227 17704 DfsC - ok
17:42:36.0305 17704 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
17:42:36.0383 17704 Dhcp - ok
17:42:36.0414 17704 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
17:42:36.0476 17704 discache - ok
17:42:36.0508 17704 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
17:42:36.0539 17704 Disk - ok
17:42:36.0586 17704 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
17:42:36.0632 17704 Dnscache - ok
17:42:36.0695 17704 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
17:42:36.0757 17704 dot3svc - ok
17:42:36.0757 17704 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
17:42:36.0804 17704 DPS - ok
17:42:36.0820 17704 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
17:42:36.0835 17704 drmkaud - ok
17:42:36.0960 17704 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
17:42:36.0976 17704 DXGKrnl - ok
17:42:37.0038 17704 EagleX64 - ok
17:42:37.0069 17704 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
17:42:37.0132 17704 EapHost - ok
17:42:37.0444 17704 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
17:42:37.0537 17704 ebdrv - ok
17:42:37.0646 17704 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
17:42:37.0740 17704 EFS - ok
17:42:37.0834 17704 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
17:42:37.0912 17704 ehRecvr - ok
17:42:37.0943 17704 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
17:42:38.0005 17704 ehSched - ok
17:42:38.0083 17704 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
17:42:38.0114 17704 elxstor - ok
17:42:38.0161 17704 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
17:42:38.0192 17704 ErrDev - ok
17:42:38.0224 17704 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
17:42:38.0317 17704 EventSystem - ok
17:42:38.0348 17704 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
17:42:38.0380 17704 exfat - ok
17:42:38.0411 17704 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
17:42:38.0458 17704 fastfat - ok
17:42:38.0551 17704 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
17:42:38.0614 17704 Fax - ok
17:42:38.0629 17704 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
17:42:38.0660 17704 fdc - ok
17:42:38.0692 17704 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
17:42:38.0770 17704 fdPHost - ok
17:42:38.0801 17704 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
17:42:38.0879 17704 FDResPub - ok
17:42:38.0894 17704 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
17:42:38.0910 17704 FileInfo - ok
17:42:38.0926 17704 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
17:42:38.0972 17704 Filetrace - ok
17:42:38.0988 17704 fkxltbee - ok
17:42:39.0097 17704 FlipShare Service (b8602c90d3c427d8a86ce60437615cf5) C:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exe
17:42:39.0113 17704 FlipShare Service - ok
17:42:39.0222 17704 FlipShareServer (ac5fb7094f31534594cae48306972cbd) C:\Program Files (x86)\Flip Video\FlipShareServer\FlipShareServer.exe
17:42:39.0269 17704 FlipShareServer ( UnsignedFile.Multi.Generic ) - warning
17:42:39.0269 17704 FlipShareServer - detected UnsignedFile.Multi.Generic (1)
17:42:39.0362 17704 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
17:42:39.0378 17704 flpydisk - ok
17:42:39.0425 17704 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
17:42:39.0456 17704 FltMgr - ok
17:42:39.0565 17704 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
17:42:39.0643 17704 FontCache - ok
17:42:39.0706 17704 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:42:39.0721 17704 FontCache3.0.0.0 - ok
17:42:39.0768 17704 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
17:42:39.0784 17704 FsDepends - ok
17:42:39.0830 17704 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
17:42:39.0846 17704 Fs_Rec - ok
17:42:39.0846 17704 ftejopyi - ok
17:42:39.0908 17704 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
17:42:39.0924 17704 fvevol - ok
17:42:39.0955 17704 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
17:42:39.0971 17704 gagp30kx - ok
17:42:40.0127 17704 GamesAppService (c403c5db49a0f9aaf4f2128edc0106d8) C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
17:42:40.0142 17704 GamesAppService - ok
17:42:40.0174 17704 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
17:42:40.0189 17704 GEARAspiWDM - ok
17:42:40.0283 17704 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
17:42:40.0361 17704 gpsvc - ok
17:42:40.0470 17704 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:42:40.0486 17704 gupdate - ok
17:42:40.0517 17704 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:42:40.0532 17704 gupdatem - ok
17:42:40.0548 17704 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
17:42:40.0564 17704 gusvc - ok
17:42:40.0564 17704 Hardlock - ok
17:42:40.0579 17704 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
17:42:40.0657 17704 hcw85cir - ok
17:42:40.0720 17704 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
17:42:40.0751 17704 HdAudAddService - ok
17:42:40.0782 17704 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
17:42:40.0829 17704 HDAudBus - ok
17:42:40.0876 17704 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
17:42:40.0891 17704 HECIx64 - ok
17:42:40.0907 17704 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
17:42:40.0922 17704 HidBatt - ok
17:42:40.0954 17704 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
17:42:40.0969 17704 HidBth - ok
17:42:40.0985 17704 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
17:42:41.0016 17704 HidIr - ok
17:42:41.0047 17704 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
17:42:41.0110 17704 hidserv - ok
17:42:41.0172 17704 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
17:42:41.0188 17704 HidUsb - ok
17:42:41.0234 17704 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
17:42:41.0312 17704 hkmsvc - ok
17:42:41.0375 17704 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
17:42:41.0422 17704 HomeGroupListener - ok
17:42:41.0468 17704 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
17:42:41.0500 17704 HomeGroupProvider - ok
17:42:41.0578 17704 HP Health Check Service (be78357fb49759b79ccc01894bcfdddb) C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
17:42:41.0593 17704 HP Health Check Service - ok
17:42:41.0656 17704 HPDrvMntSvc.exe (2dfb151fd34df104dac0adf070eda83c) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
17:42:41.0671 17704 HPDrvMntSvc.exe - ok
17:42:41.0734 17704 hpqwmiex (184c500cb9f69585f3fe85e1d2667cd8) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
17:42:41.0765 17704 hpqwmiex - ok
17:42:41.0827 17704 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
17:42:41.0843 17704 HpSAMD - ok
17:42:41.0936 17704 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
17:42:42.0030 17704 HTTP - ok
17:42:42.0077 17704 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
17:42:42.0077 17704 hwpolicy - ok
17:42:42.0170 17704 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
17:42:42.0186 17704 i8042prt - ok
17:42:42.0248 17704 iaStor (abbf174cb394f5c437410a788b7e404a) C:\Windows\system32\DRIVERS\iaStor.sys
17:42:42.0264 17704 iaStor - ok
17:42:42.0389 17704 IAStorDataMgrSvc (31a0e93cdf29007d6c6fffb632f375ed) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
17:42:42.0404 17704 IAStorDataMgrSvc - ok
17:42:42.0514 17704 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
17:42:42.0560 17704 iaStorV - ok
17:42:42.0685 17704 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
17:42:42.0685 17704 IDriverT ( UnsignedFile.Multi.Generic ) - warning
17:42:42.0685 17704 IDriverT - detected UnsignedFile.Multi.Generic (1)
17:42:42.0857 17704 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:42:42.0888 17704 idsvc - ok
17:42:42.0966 17704 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
17:42:42.0982 17704 iirsp - ok
17:42:43.0091 17704 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
17:42:43.0184 17704 IKEEXT - ok
17:42:43.0340 17704 IntcAzAudAddService (2b888bbdf6962e608a5e1a1d7a626adf) C:\Windows\system32\drivers\RTKVHD64.sys
17:42:43.0387 17704 IntcAzAudAddService - ok
17:42:43.0543 17704 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
17:42:43.0574 17704 intelide - ok
17:42:43.0606 17704 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
17:42:43.0637 17704 intelppm - ok
17:42:43.0652 17704 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
17:42:43.0699 17704 IPBusEnum - ok
17:42:43.0746 17704 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:42:43.0808 17704 IpFilterDriver - ok
17:42:43.0902 17704 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
17:42:43.0980 17704 iphlpsvc - ok
17:42:44.0058 17704 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
17:42:44.0089 17704 IPMIDRV - ok
17:42:44.0152 17704 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
17:42:44.0230 17704 IPNAT - ok
17:42:44.0354 17704 iPod Service (9b812a3484d89eb934982d67fb7d9313) C:\Program Files\iPod\bin\iPodService.exe
17:42:44.0370 17704 iPod Service - ok
17:42:44.0386 17704 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
17:42:44.0432 17704 IRENUM - ok
17:42:44.0479 17704 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
17:42:44.0479 17704 isapnp - ok
17:42:44.0510 17704 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
17:42:44.0526 17704 iScsiPrt - ok
17:42:44.0542 17704 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
17:42:44.0557 17704 kbdclass - ok
17:42:44.0573 17704 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
17:42:44.0604 17704 kbdhid - ok
17:42:44.0651 17704 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
17:42:44.0666 17704 KeyIso - ok
17:42:44.0698 17704 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
17:42:44.0698 17704 KSecDD - ok
17:42:44.0729 17704 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
17:42:44.0744 17704 KSecPkg - ok
17:42:44.0760 17704 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
17:42:44.0807 17704 ksthunk - ok
17:42:44.0869 17704 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
17:42:44.0916 17704 KtmRm - ok
17:42:44.0994 17704 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
17:42:45.0041 17704 LanmanServer - ok
17:42:45.0088 17704 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
17:42:45.0134 17704 LanmanWorkstation - ok
17:42:45.0212 17704 LightScribeService (7550d101bf49fdb1f92666a233ee36c4) c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
17:42:45.0228 17704 LightScribeService ( UnsignedFile.Multi.Generic ) - warning
17:42:45.0228 17704 LightScribeService - detected UnsignedFile.Multi.Generic (1)
17:42:45.0228 17704 llqyqiad - ok
17:42:45.0259 17704 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
17:42:45.0337 17704 lltdio - ok
17:42:45.0384 17704 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
17:42:45.0446 17704 lltdsvc - ok
17:42:45.0462 17704 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
17:42:45.0493 17704 lmhosts - ok
17:42:45.0556 17704 LMS (e38775922d4a4c05b5d96733ab4ce169) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
17:42:45.0587 17704 LMS - ok
17:42:45.0634 17704 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
17:42:45.0649 17704 LSI_FC - ok
17:42:45.0665 17704 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
17:42:45.0680 17704 LSI_SAS - ok
17:42:45.0696 17704 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
17:42:45.0696 17704 LSI_SAS2 - ok
17:42:45.0727 17704 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
17:42:45.0727 17704 LSI_SCSI - ok
17:42:45.0758 17704 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
17:42:45.0790 17704 luafv - ok
17:42:45.0852 17704 LVRS64 (0c85b2b6fb74b36a251792d45e0ef860) C:\Windows\system32\DRIVERS\lvrs64.sys
17:42:45.0868 17704 LVRS64 - ok
17:42:46.0180 17704 LVUVC64 (ff3a488924b0032b1a9ca6948c1fa9e8) C:\Windows\system32\DRIVERS\lvuvc64.sys
17:42:46.0258 17704 LVUVC64 - ok
17:42:46.0429 17704 MBAMProtector (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys
17:42:46.0445 17704 MBAMProtector - ok
17:42:46.0492 17704 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
17:42:46.0507 17704 MBAMService - ok
17:42:46.0554 17704 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
17:42:46.0570 17704 Mcx2Svc - ok
17:42:46.0601 17704 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
17:42:46.0601 17704 megasas - ok
17:42:46.0632 17704 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
17:42:46.0632 17704 MegaSR - ok
17:42:46.0648 17704 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
17:42:46.0679 17704 MMCSS - ok
17:42:46.0694 17704 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
17:42:46.0741 17704 Modem - ok
17:42:46.0757 17704 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
17:42:46.0804 17704 monitor - ok
17:42:46.0928 17704 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
17:42:46.0928 17704 mouclass - ok
17:42:46.0975 17704 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
17:42:47.0006 17704 mouhid - ok
17:42:47.0053 17704 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
17:42:47.0069 17704 mountmgr - ok
17:42:47.0162 17704 MpFilter (94c66ededcdb6a126880472f9a704d8e) C:\Windows\system32\DRIVERS\MpFilter.sys
17:42:47.0194 17704 MpFilter - ok
17:42:47.0225 17704 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
17:42:47.0240 17704 mpio - ok
17:42:47.0287 17704 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
17:42:47.0303 17704 mpsdrv - ok
17:42:47.0396 17704 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
17:42:47.0459 17704 MpsSvc - ok
17:42:47.0506 17704 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
17:42:47.0537 17704 MRxDAV - ok
17:42:47.0599 17704 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
17:42:47.0630 17704 mrxsmb - ok
17:42:47.0677 17704 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:42:47.0740 17704 mrxsmb10 - ok
17:42:47.0771 17704 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:42:47.0786 17704 mrxsmb20 - ok
17:42:47.0833 17704 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
17:42:47.0864 17704 msahci - ok
17:42:47.0896 17704 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
17:42:47.0927 17704 msdsm - ok
17:42:47.0974 17704 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
17:42:48.0005 17704 MSDTC - ok
17:42:48.0036 17704 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
17:42:48.0067 17704 Msfs - ok
17:42:48.0083 17704 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
17:42:48.0114 17704 mshidkmdf - ok
17:42:48.0130 17704 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
17:42:48.0145 17704 msisadrv - ok
17:42:48.0176 17704 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
17:42:48.0223 17704 MSiSCSI - ok
17:42:48.0223 17704 msiserver - ok
17:42:48.0239 17704 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
17:42:48.0286 17704 MSKSSRV - ok
17:42:48.0364 17704 MsMpSvc (59faaf2c83c8169ea20f9e335e418907) c:\Program Files\Microsoft Security Client\MsMpEng.exe
17:42:48.0379 17704 MsMpSvc - ok
17:42:48.0395 17704 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
17:42:48.0457 17704 MSPCLOCK - ok
17:42:48.0457 17704 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
17:42:48.0504 17704 MSPQM - ok
17:42:48.0566 17704 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
17:42:48.0582 17704 MsRPC - ok
17:42:48.0629 17704 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
17:42:48.0644 17704 mssmbios - ok
17:42:48.0660 17704 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
17:42:48.0707 17704 MSTEE - ok
17:42:48.0722 17704 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
17:42:48.0722 17704 MTConfig - ok
17:42:48.0738 17704 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
17:42:48.0769 17704 Mup - ok
17:42:48.0847 17704 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
17:42:48.0910 17704 napagent - ok
17:42:48.0988 17704 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
17:42:49.0034 17704 NativeWifiP - ok
17:42:49.0112 17704 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
17:42:49.0144 17704 NDIS - ok
17:42:49.0159 17704 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
17:42:49.0190 17704 NdisCap - ok
17:42:49.0206 17704 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
17:42:49.0237 17704 NdisTapi - ok
17:42:49.0284 17704 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
17:42:49.0362 17704 Ndisuio - ok
17:42:49.0409 17704 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
17:42:49.0487 17704 NdisWan - ok
17:42:49.0518 17704 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
17:42:49.0565 17704 NDProxy - ok
17:42:49.0580 17704 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
17:42:49.0643 17704 NetBIOS - ok
17:42:49.0690 17704 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
17:42:49.0752 17704 NetBT - ok
17:42:49.0799 17704 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
17:42:49.0799 17704 Netlogon - ok
17:42:49.0861 17704 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
17:42:49.0924 17704 Netman - ok
17:42:50.0033 17704 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:42:50.0048 17704 NetMsmqActivator - ok
17:42:50.0048 17704 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:42:50.0064 17704 NetPipeActivator - ok
17:42:50.0111 17704 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
17:42:50.0173 17704 netprofm - ok
17:42:50.0267 17704 netr28x (064ab63c9a588d2611306ae16d017e7e) C:\Windows\system32\DRIVERS\netr28x.sys
17:42:50.0298 17704 netr28x - ok
17:42:50.0392 17704 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:42:50.0407 17704 NetTcpActivator - ok
17:42:50.0423 17704 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:42:50.0438 17704 NetTcpPortSharing - ok
17:42:50.0470 17704 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
17:42:50.0470 17704 nfrd960 - ok
17:42:50.0532 17704 NisDrv (91b4e0273d2f6c24ef845f2b41311289) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
17:42:50.0563 17704 NisDrv - ok
17:42:50.0626 17704 NisSrv (10a43829a9e606af3eef25a1c1665923) c:\Program Files\Microsoft Security Client\NisSrv.exe
17:42:50.0641 17704 NisSrv - ok
17:42:50.0704 17704 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
17:42:50.0766 17704 NlaSvc - ok
17:42:50.0984 17704 NOBU (5839a8027d6d324a7cd494051a96628c) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
17:42:51.0031 17704 NOBU - ok
17:42:51.0125 17704 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
17:42:51.0172 17704 Npfs - ok
17:42:51.0187 17704 npggsvc - ok
17:42:51.0203 17704 NPPTNT2 - ok
17:42:51.0234 17704 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
17:42:51.0281 17704 nsi - ok
17:42:51.0296 17704 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
17:42:51.0328 17704 nsiproxy - ok
17:42:51.0452 17704 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
17:42:51.0484 17704 Ntfs - ok
17:42:51.0593 17704 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
17:42:51.0655 17704 Null - ok
17:42:51.0671 17704 nvarvpwb - ok
17:42:51.0718 17704 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
17:42:51.0733 17704 nvraid - ok
17:42:51.0749 17704 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
17:42:51.0764 17704 nvstor - ok
17:42:51.0796 17704 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
17:42:51.0811 17704 nv_agp - ok
17:42:51.0827 17704 oblswhjx - ok
17:42:51.0842 17704 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
17:42:51.0858 17704 ohci1394 - ok
17:42:51.0936 17704 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:42:51.0952 17704 ose - ok
17:42:52.0357 17704 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
17:42:52.0466 17704 osppsvc - ok
17:42:52.0544 17704 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
17:42:52.0607 17704 p2pimsvc - ok
17:42:52.0638 17704 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
17:42:52.0669 17704 p2psvc - ok
17:42:52.0716 17704 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
17:42:52.0732 17704 Parport - ok
17:42:52.0763 17704 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
17:42:52.0778 17704 partmgr - ok
17:42:52.0794 17704 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
17:42:52.0825 17704 PcaSvc - ok
17:42:52.0872 17704 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
17:42:52.0903 17704 pci - ok
17:42:52.0903 17704 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
17:42:52.0919 17704 pciide - ok
17:42:52.0950 17704 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
17:42:52.0950 17704 pcmcia - ok
17:42:52.0981 17704 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
17:42:52.0981 17704 pcw - ok
17:42:53.0012 17704 pdfcDispatcher - ok
17:42:53.0059 17704 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
17:42:53.0106 17704 PEAUTH - ok
17:42:53.0200 17704 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
17:42:53.0231 17704 PerfHost - ok
17:42:53.0449 17704 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
17:42:53.0512 17704 pla - ok
17:42:53.0574 17704 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
17:42:53.0621 17704 PlugPlay - ok
17:42:53.0730 17704 PMBDeviceInfoProvider (63694c307273062a2167ae4ce80730ef) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
17:42:53.0746 17704 PMBDeviceInfoProvider - ok
17:42:53.0761 17704 PnkBstrA - ok
17:42:53.0777 17704 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
17:42:53.0808 17704 PNRPAutoReg - ok
17:42:53.0855 17704 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
17:42:53.0886 17704 PNRPsvc - ok
17:42:53.0995 17704 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
17:42:54.0042 17704 PolicyAgent - ok
17:42:54.0073 17704 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
17:42:54.0120 17704 Power - ok
17:42:54.0198 17704 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
17:42:54.0260 17704 PptpMiniport - ok
17:42:54.0292 17704 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
17:42:54.0307 17704 Processor - ok
17:42:54.0354 17704 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
17:42:54.0401 17704 ProfSvc - ok
17:42:54.0432 17704 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
17:42:54.0448 17704 ProtectedStorage - ok
17:42:54.0494 17704 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
17:42:54.0557 17704 Psched - ok
17:42:54.0666 17704 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
17:42:54.0728 17704 ql2300 - ok
17:42:54.0822 17704 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
17:42:54.0838 17704 ql40xx - ok
17:42:54.0869 17704 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
17:42:54.0900 17704 QWAVE - ok
17:42:54.0916 17704 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
17:42:54.0962 17704 QWAVEdrv - ok
17:42:55.0056 17704 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
17:42:55.0150 17704 RasAcd - ok
17:42:55.0181 17704 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
17:42:55.0228 17704 RasAgileVpn - ok
17:42:55.0259 17704 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
17:42:55.0290 17704 RasAuto - ok
17:42:55.0337 17704 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
17:42:55.0384 17704 Rasl2tp - ok
17:42:55.0415 17704 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
17:42:55.0462 17704 RasMan - ok
17:42:55.0477 17704 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
17:42:55.0524 17704 RasPppoe - ok
17:42:55.0555 17704 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
17:42:55.0602 17704 RasSstp - ok
17:42:55.0633 17704 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
17:42:55.0680 17704 rdbss - ok
17:42:55.0696 17704 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
17:42:55.0711 17704 rdpbus - ok
17:42:55.0711 17704 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
17:42:55.0758 17704 RDPCDD - ok
17:42:55.0758 17704 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
17:42:55.0805 17704 RDPENCDD - ok
17:42:55.0836 17704 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
17:42:55.0852 17704 RDPREFMP - ok
17:42:55.0898 17704 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
17:42:55.0930 17704 RDPWD - ok
17:42:55.0992 17704 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
17:42:56.0023 17704 rdyboost - ok
17:42:56.0070 17704 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
17:42:56.0132 17704 RemoteAccess - ok
17:42:56.0164 17704 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
17:42:56.0226 17704 RemoteRegistry - ok
17:42:56.0242 17704 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
17:42:56.0288 17704 RpcEptMapper - ok
17:42:56.0320 17704 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
17:42:56.0366 17704 RpcLocator - ok
17:42:56.0429 17704 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
17:42:56.0476 17704 RpcSs - ok
17:42:56.0522 17704 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
17:42:56.0569 17704 rspndr - ok
17:42:56.0632 17704 RTL8167 (7ea8d2eb9bbfd2ab8a3117a1e96d3b3a) C:\Windows\system32\DRIVERS\Rt64win7.sys
17:42:56.0663 17704 RTL8167 - ok
17:42:56.0694 17704 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
17:42:56.0725 17704 SamSs - ok
17:42:56.0772 17704 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
17:42:56.0788 17704 sbp2port - ok
17:42:56.0803 17704 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
17:42:56.0866 17704 SCardSvr - ok
17:42:56.0881 17704 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
17:42:56.0912 17704 scfilter - ok
17:42:57.0006 17704 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
17:42:57.0068 17704 Schedule - ok
17:42:57.0084 17704 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
17:42:57.0115 17704 SCPolicySvc - ok
17:42:57.0131 17704 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
17:42:57.0146 17704 SDRSVC - ok
17:42:57.0240 17704 SeaPort (78779ee07231c658b483b1f38b5088df) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
17:42:57.0271 17704 SeaPort - ok
17:42:57.0302 17704 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
17:42:57.0365 17704 secdrv - ok
17:42:57.0412 17704 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
17:42:57.0474 17704 seclogon - ok
17:42:57.0474 17704 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
17:42:57.0505 17704 SENS - ok
17:42:57.0521 17704 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
17:42:57.0536 17704 SensrSvc - ok
17:42:57.0552 17704 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
17:42:57.0568 17704 Serenum - ok
17:42:57.0599 17704 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
17:42:57.0599 17704 Serial - ok
17:42:57.0646 17704 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
17:42:57.0677 17704 sermouse - ok
17:42:57.0739 17704 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
17:42:57.0786 17704 SessionEnv - ok
17:42:57.0802 17704 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
17:42:57.0833 17704 sffdisk - ok
17:42:57.0848 17704 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
17:42:57.0864 17704 sffp_mmc - ok
17:42:57.0880 17704 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
17:42:57.0895 17704 sffp_sd - ok
17:42:57.0911 17704 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
17:42:57.0942 17704 sfloppy - ok
17:42:58.0036 17704 Sftfs (c6cc9297bd53e5229653303e556aa539) C:\Windows\system32\DRIVERS\Sftfslh.sys
17:42:58.0067 17704 Sftfs - ok
17:42:58.0160 17704 sftlist (13693b6354dd6e72dc5131da7d764b90) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
17:42:58.0192 17704 sftlist - ok
17:42:58.0223 17704 Sftplay (390aa7bc52cee43f6790cdea1e776703) C:\Windows\system32\DRIVERS\Sftplaylh.sys
17:42:58.0238 17704 Sftplay - ok
17:42:58.0254 17704 Sftredir (617e29a0b0a2807466560d4c4e338d3e) C:\Windows\system32\DRIVERS\Sftredirlh.sys
17:42:58.0270 17704 Sftredir - ok
17:42:58.0285 17704 Sftvol (8f571f016fa1976f445147e9e6c8ae9b) C:\Windows\system32\DRIVERS\Sftvollh.sys
17:42:58.0301 17704 Sftvol - ok
17:42:58.0316 17704 sftvsa (c3cddd18f43d44ab713cf8c4916f7696) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
17:42:58.0332 17704 sftvsa - ok
17:42:58.0394 17704 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
17:42:58.0472 17704 SharedAccess - ok
17:42:58.0519 17704 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
17:42:58.0597 17704 ShellHWDetection - ok
17:42:58.0628 17704 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
17:42:58.0628 17704 SiSRaid2 - ok
17:42:58.0644 17704 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
17:42:58.0660 17704 SiSRaid4 - ok
17:42:58.0691 17704 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
17:42:58.0738 17704 Smb - ok
17:42:58.0769 17704 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
17:42:58.0784 17704 SNMPTRAP - ok
17:42:58.0800 17704 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
17:42:58.0816 17704 spldr - ok
17:42:58.0878 17704 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
17:42:58.0909 17704 Spooler - ok
17:42:59.0268 17704 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
17:42:59.0362 17704 sppsvc - ok
17:42:59.0502 17704 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
17:42:59.0549 17704 sppuinotify - ok
17:42:59.0627 17704 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
17:42:59.0674 17704 srv - ok
17:42:59.0705 17704 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
17:42:59.0720 17704 srv2 - ok
17:42:59.0736 17704 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
17:42:59.0752 17704 srvnet - ok
17:42:59.0767 17704 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
17:42:59.0830 17704 SSDPSRV - ok
17:42:59.0861 17704 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
17:42:59.0876 17704 SstpSvc - ok
17:42:59.0923 17704 Steam Client Service - ok
17:42:59.0954 17704 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
17:42:59.0970 17704 stexstor - ok
17:43:00.0079 17704 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
17:43:00.0157 17704 stisvc - ok
17:43:00.0204 17704 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
17:43:00.0235 17704 swenum - ok
17:43:00.0282 17704 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
17:43:00.0329 17704 swprv - ok
17:43:00.0469 17704 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
17:43:00.0547 17704 SysMain - ok
17:43:00.0656 17704 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
17:43:00.0688 17704 TabletInputService - ok
17:43:00.0734 17704 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
17:43:00.0797 17704 TapiSrv - ok
17:43:00.0828 17704 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
17:43:00.0859 17704 TBS - ok
17:43:01.0031 17704 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
17:43:01.0078 17704 Tcpip - ok
17:43:01.0296 17704 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
17:43:01.0358 17704 TCPIP6 - ok
17:43:01.0452 17704 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
17:43:01.0514 17704 tcpipreg - ok
17:43:01.0530 17704 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
17:43:01.0561 17704 TDPIPE - ok
17:43:01.0608 17704 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
17:43:01.0624 17704 TDTCP - ok
17:43:01.0686 17704 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
17:43:01.0702 17704 tdx - ok
17:43:01.0748 17704 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
17:43:01.0780 17704 TermDD - ok
17:43:01.0826 17704 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
17:43:01.0889 17704 TermService - ok
17:43:01.0904 17704 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
17:43:01.0951 17704 Themes - ok
17:43:01.0982 17704 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
17:43:02.0014 17704 THREADORDER - ok
17:43:02.0060 17704 TimesUpKidz (856026ed6ec2c8efaa3e048ca6ce5b31) C:\Program Files (x86)\Rain City Digital LLC\TimesUpKidz\TimesUpKidzServer.exe
17:43:02.0076 17704 TimesUpKidz ( UnsignedFile.Multi.Generic ) - warning
17:43:02.0076 17704 TimesUpKidz - detected UnsignedFile.Multi.Generic (1)
17:43:02.0107 17704 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
17:43:02.0154 17704 TrkWks - ok
17:43:02.0216 17704 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
17:43:02.0294 17704 TrustedInstaller - ok
17:43:02.0326 17704 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
17:43:02.0388 17704 tssecsrv - ok
17:43:02.0435 17704 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
17:43:02.0482 17704 TsUsbFlt - ok
17:43:02.0544 17704 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
17:43:02.0591 17704 tunnel - ok
17:43:02.0622 17704 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
17:43:02.0638 17704 uagp35 - ok
17:43:02.0700 17704 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
17:43:02.0778 17704 udfs - ok
17:43:02.0809 17704 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
17:43:02.0809 17704 UI0Detect - ok
17:43:02.0856 17704 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
17:43:02.0887 17704 uliagpkx - ok
17:43:02.0903 17704 uludkfpu - ok
17:43:02.0918 17704 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
17:43:02.0950 17704 umbus - ok
17:43:02.0981 17704 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
17:43:03.0012 17704 UmPass - ok
17:43:03.0215 17704 UMVPFSrv (67a95b9d129ed5399e7965cd09cf30e7) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
17:43:03.0246 17704 UMVPFSrv - ok
17:43:03.0418 17704 UNS (02c298382359653bec4c737c2ab7f9c5) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
17:43:03.0480 17704 UNS - ok
17:43:03.0574 17704 Updater Service for StartNow Toolbar (70eb41a4417ba0aa36ae12bf2b4d98f6) C:\Program Files (x86)\StartNow Toolbar\ToolbarUpdaterService.exe
17:43:03.0605 17704 Updater Service for StartNow Toolbar - ok
17:43:03.0714 17704 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
17:43:03.0776 17704 upnphost - ok
17:43:03.0839 17704 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
17:43:03.0870 17704 usbaudio - ok
17:43:03.0886 17704 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
17:43:03.0917 17704 usbccgp - ok
17:43:03.0948 17704 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
17:43:03.0964 17704 usbcir - ok
17:43:03.0979 17704 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
17:43:04.0010 17704 usbehci - ok
17:43:04.0057 17704 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
17:43:04.0104 17704 usbhub - ok
17:43:04.0198 17704 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
17:43:04.0213 17704 usbohci - ok
17:43:04.0244 17704 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
17:43:04.0260 17704 usbprint - ok
17:43:04.0276 17704 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:43:04.0338 17704 USBSTOR - ok
17:43:04.0354 17704 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
17:43:04.0369 17704 usbuhci - ok
17:43:04.0416 17704 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
17:43:04.0447 17704 usbvideo - ok
17:43:04.0463 17704 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
17:43:04.0525 17704 UxSms - ok
17:43:04.0556 17704 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
17:43:04.0572 17704 VaultSvc - ok
17:43:04.0588 17704 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
17:43:04.0603 17704 vdrvroot - ok
17:43:04.0666 17704 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
17:43:04.0744 17704 vds - ok
17:43:04.0775 17704 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
17:43:04.0790 17704 vga - ok
17:43:04.0806 17704 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
17:43:04.0853 17704 VgaSave - ok
17:43:04.0915 17704 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
17:43:04.0946 17704 vhdmp - ok
17:43:04.0978 17704 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
17:43:04.0993 17704 viaide - ok
17:43:05.0024 17704 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
17:43:05.0040 17704 volmgr - ok
17:43:05.0102 17704 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
17:43:05.0134 17704 volmgrx - ok
17:43:05.0149 17704 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
17:43:05.0165 17704 volsnap - ok
17:43:05.0212 17704 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
17:43:05.0227 17704 vsmraid - ok
17:43:05.0368 17704 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
17:43:05.0461 17704 VSS - ok
17:43:05.0555 17704 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
17:43:05.0586 17704 vwifibus - ok
17:43:05.0617 17704 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
17:43:05.0664 17704 vwififlt - ok
17:43:05.0695 17704 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
17:43:05.0742 17704 vwifimp - ok
17:43:05.0789 17704 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
17:43:05.0851 17704 W32Time - ok
17:43:05.0867 17704 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
17:43:05.0898 17704 WacomPen - ok
17:43:05.0960 17704 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
17:43:06.0007 17704 WANARP - ok
17:43:06.0023 17704 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
17:43:06.0038 17704 Wanarpv6 - ok
17:43:06.0163 17704 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
17:43:06.0210 17704 WatAdminSvc - ok
17:43:06.0350 17704 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
17:43:06.0429 17704 wbengine - ok
17:43:06.0538 17704 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
17:43:06.0569 17704 WbioSrvc - ok
17:43:06.0631 17704 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
17:43:06.0678 17704 wcncsvc - ok
17:43:06.0678 17704 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
17:43:06.0694 17704 WcsPlugInService - ok
17:43:06.0741 17704 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
17:43:06.0741 17704 Wd - ok
17:43:06.0787 17704 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
17:43:06.0819 17704 Wdf01000 - ok
17:43:06.0834 17704 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
17:43:06.0912 17704 WdiServiceHost - ok
17:43:06.0928 17704 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
17:43:06.0943 17704 WdiSystemHost - ok
17:43:07.0006 17704 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
17:43:07.0068 17704 WebClient - ok
17:43:07.0099 17704 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
17:43:07.0177 17704 Wecsvc - ok
17:43:07.0193 17704 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
17:43:07.0240 17704 wercplsupport - ok
17:43:07.0271 17704 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
17:43:07.0318 17704 WerSvc - ok
17:43:07.0349 17704 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
17:43:07.0380 17704 WfpLwf - ok
17:43:07.0380 17704 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
17:43:07.0396 17704 WIMMount - ok
17:43:07.0427 17704 WinDefend - ok
17:43:07.0427 17704 WinHttpAutoProxySvc - ok
17:43:07.0489 17704 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
17:43:07.0552 17704 Winmgmt - ok
17:43:07.0708 17704 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
17:43:07.0786 17704 WinRM - ok
17:43:07.0926 17704 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
17:43:07.0989 17704 Wlansvc - ok
17:43:08.0207 17704 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:43:08.0269 17704 wlidsvc - ok
17:43:08.0394 17704 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
17:43:08.0425 17704 WmiAcpi - ok
17:43:08.0472 17704 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
17:43:08.0503 17704 wmiApSrv - ok
17:43:08.0535 17704 WMPNetworkSvc - ok
17:43:08.0566 17704 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
17:43:08.0581 17704 WPCSvc - ok
17:43:08.0628 17704 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
17:43:08.0644 17704 WPDBusEnum - ok
17:43:08.0706 17704 WRkrn (517d7ec4178a49162e6576b143608bd0) C:\Windows\system32\drivers\WRkrn.sys
17:43:08.0706 17704 WRkrn - ok
17:43:08.0831 17704 WRSVC (87e02e094ea37680c9dbc394db0de1d7) C:\Program Files\Webroot\WRSA.exe
17:43:08.0847 17704 WRSVC - ok
17:43:08.0862 17704 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
17:43:08.0893 17704 ws2ifsl - ok
17:43:08.0925 17704 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
17:43:08.0940 17704 wscsvc - ok
17:43:08.0956 17704 WSearch - ok
17:43:09.0205 17704 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
17:43:09.0315 17704 wuauserv - ok
17:43:09.0517 17704 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
17:43:09.0595 17704 WudfPf - ok
17:43:09.0627 17704 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
17:43:09.0673 17704 WUDFRd - ok
17:43:09.0720 17704 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
17:43:09.0751 17704 wudfsvc - ok
17:43:09.0783 17704 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
17:43:09.0814 17704 WwanSvc - ok
17:43:09.0892 17704 X5XSEx (8c6413d62c891d8da084a31da53a09e6) C:\Program Files (x86)\Free Ride Games\X5XSEx.Sys
17:43:09.0892 17704 X5XSEx - ok
17:43:09.0970 17704 X6va005 - ok
17:43:09.0985 17704 X6va006 - ok
17:43:09.0985 17704 X6va007 - ok
17:43:10.0079 17704 YahooAUService (dd0042f0c3b606a6a8b92d49afb18ad6) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
17:43:10.0110 17704 YahooAUService - ok
17:43:10.0344 17704 ZSMC301b (6e53d1058b900443949c69ec6215d98f) C:\Windows\system32\Drivers\usbVM31b.sys
17:43:10.0391 17704 ZSMC301b - ok
17:43:10.0407 17704 MBR (0x1B8) (f0e69b6eb79be64fa07d8972cfaa57c7) \Device\Harddisk0\DR0
17:43:10.0438 17704 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected
17:43:10.0438 17704 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0)
17:43:10.0485 17704 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
17:43:10.0485 17704 \Device\Harddisk0\DR0 - detected TDSS File System (1)
17:43:10.0485 17704 Boot (0x1200) (1cf9b51bbd05da01e434c2eaa9adb45b) \Device\Harddisk0\DR0\Partition0
17:43:10.0485 17704 \Device\Harddisk0\DR0\Partition0 - ok
17:43:10.0516 17704 Boot (0x1200) (7c13ed71ef67d7ff359954efb5a9a809) \Device\Harddisk0\DR0\Partition1
17:43:10.0516 17704 \Device\Harddisk0\DR0\Partition1 - ok
17:43:10.0547 17704 Boot (0x1200) (a8c70fd8fc7b90e94eef0eb7d3caa80b) \Device\Harddisk0\DR0\Partition2
17:43:10.0563 17704 \Device\Harddisk0\DR0\Partition2 - ok
17:43:10.0563 17704 ============================================================
17:43:10.0563 17704 Scan finished
17:43:10.0563 17704 ============================================================
17:43:10.0563 14732 Detected object count: 6
17:43:10.0563 14732 Actual detected object count: 6
17:43:51.0559 14732 FlipShareServer ( UnsignedFile.Multi.Generic ) - skipped by user
17:43:51.0559 14732 FlipShareServer ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:43:51.0575 14732 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
17:43:51.0575 14732 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:43:51.0575 14732 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
17:43:51.0575 14732 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:43:51.0575 14732 TimesUpKidz ( UnsignedFile.Multi.Generic ) - skipped by user
17:43:51.0575 14732 TimesUpKidz ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:43:52.0355 14732 \Device\Harddisk0\DR0\# - copied to quarantine
17:43:52.0355 14732 \Device\Harddisk0\DR0 - copied to quarantine
17:43:52.0417 14732 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
17:43:52.0417 14732 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
17:43:52.0433 14732 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
17:43:52.0449 14732 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
17:43:52.0449 14732 \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine
17:43:52.0449 14732 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine
17:43:52.0449 14732 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
17:43:52.0449 14732 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
17:43:52.0449 14732 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
17:43:52.0464 14732 \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine
17:43:52.0464 14732 \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine
17:43:52.0464 14732 \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine
17:43:52.0511 14732 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - will be cured on reboot
17:43:52.0558 14732 \Device\Harddisk0\DR0 - ok
17:43:52.0792 14732 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Cure
17:43:52.0792 14732 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
17:43:52.0792 14732 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
17:43:55.0350 19680 Deinitialize success
-
Downloaded Malwarebytes and it keeps finding the same two items but is not successful in removing them! They are (Trojan.Agent File and Memory Process C:\Windows\svchost.exe). I am also getting repeated blocks (outgoing) to 206.161.121.6. I ran DDS per your instructions and am including the logs here. I so appreciate any help you might offer!
.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by four at 18:07:50 on 2012-06-17
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8119.5409 [GMT -4:00]
.
AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
AV: Webroot SecureAnywhere *Enabled/Updated* {9C0666FC-6C7D-3E97-3C40-0C6B33FC7401}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Webroot SecureAnywhere *Enabled/Updated* {27678718-4A47-3119-06F0-3719487B3EBC}
SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files\Webroot\WRSA.exe
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atieclxx.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exe
C:\Program Files (x86)\Flip Video\FlipShareServer\FlipShareServer.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
C:\Program Files (x86)\PDF Complete\pdfsvc.exe
C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Webroot\WRSA.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Program Files (x86)\Rain City Digital LLC\TimesUpKidz\TimesUpKidzServer.exe
C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
-netsvcs
C:\Windows\system32\conhost.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe
C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/ig
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: FCToolbarURLSearchHook Class: {3d68e927-6002-6bb4-7940-c297f1177192} - C:\Program Files (x86)\Shopping4Causes Shopping Plugin\Helper.dll
uURLSearchHooks: H - No File
uURLSearchHooks: H - No File
mURLSearchHooks: PhotoJoy US Toolbar: {f2c43291-151e-499c-98a7-923c120b88fa} - C:\Program Files (x86)\PhotoJoy_US\prxtbPhot.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: StartNow Toolbar Helper: {6e13d095-45c3-4271-9475-f3b48227dd9f} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll
BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: Shopping4Causes Shopping Plugin: {7c4155b9-efe5-2364-45e9-6679a6060ed5} - C:\Program Files (x86)\Shopping4Causes Shopping Plugin\Toolbar.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Webroot Browser Helper Object: {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} - C:\ProgramData\WRData\pkg\LPBar.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: PhotoJoy US Toolbar: {f2c43291-151e-499c-98a7-923c120b88fa} - C:\Program Files (x86)\PhotoJoy_US\prxtbPhot.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
TB: PhotoJoy US Toolbar: {f2c43291-151e-499c-98a7-923c120b88fa} - C:\Program Files (x86)\PhotoJoy_US\prxtbPhot.dll
TB: StartNow Toolbar: {5911488e-9d1e-40ec-8cbb-06b231cc153f} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Webroot Toolbar: {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\pkg\LPBar.dll
TB: {5E5AB302-7F65-44CD-8211-C1D4CAACCEA3} - No File
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
uRun: [Facebook Update] "C:\Users\four\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
uRun: [HydraVisionDesktopManager] "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
mRun: [iJNetworkScanUtility] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [WRSVC] "C:\Program Files\Webroot\WRSA.exe" -ul
mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
dRun: [Exetender] "C:\Program Files (x86)\Free Ride Games\GPlayer.exe" /runonstartup
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\TIMESU~1.LNK - C:\Windows\Installer\{837DA79C-B12B-4709-9B9B-16D1468E418A}\_79F931C029ED8E76188721.exe
uPolicies-explorer: NoViewOnDrive = 0 (0x0)
uPolicies-explorer: DisableLocalMachineRun = 0 (0x0)
uPolicies-explorer: DisableLocalMachineRunOnce = 0 (0x0)
uPolicies-explorer: DisableCurrentUserRun = 0 (0x0)
uPolicies-explorer: DisableCurrentUserRunOnce = 0 (0x0)
uPolicies-explorer: NoFile = 0 (0x0)
uPolicies-explorer: HideClock = 0 (0x0)
uPolicies-explorer: NoDevMgrUpdate = 0 (0x0)
uPolicies-explorer: NoDFSTab = 0 (0x0)
uPolicies-explorer: NoWindowsUpdate = 0 (0x0)
uPolicies-explorer: NoEncryptOnMove = 0 (0x0)
uPolicies-explorer: NoResolveTrack = 0 (0x0)
uPolicies-explorer: NoStartMenuSubFolders = 0 (0x0)
uPolicies-system: NoDispAppearancePage = 0 (0x0)
uPolicies-system: NoDispSettingsPage = 0 (0x0)
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoViewOnDrive = 0 (0x0)
mPolicies-explorer: DisableLocalMachineRun = 0 (0x0)
mPolicies-explorer: DisableLocalMachineRunOnce = 0 (0x0)
mPolicies-explorer: DisableCurrentUserRun = 0 (0x0)
mPolicies-explorer: DisableCurrentUserRunOnce = 0 (0x0)
mPolicies-explorer: NoFile = 0 (0x0)
mPolicies-explorer: HideClock = 0 (0x0)
mPolicies-explorer: NoDevMgrUpdate = 0 (0x0)
mPolicies-explorer: NoDFSTab = 0 (0x0)
mPolicies-explorer: NoWindowsUpdate = 0 (0x0)
mPolicies-explorer: NoEncryptOnMove = 0 (0x0)
mPolicies-explorer: NoResolveTrack = 0 (0x0)
mPolicies-explorer: NoStartMenuSubFolders = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: NoDispAppearancePage = 0 (0x0)
mPolicies-system: NoDispSettingsPage = 0 (0x0)
dPolicies-explorer: NoViewOnDrive = 0 (0x0)
dPolicies-explorer: DisableLocalMachineRun = 0 (0x0)
dPolicies-explorer: DisableLocalMachineRunOnce = 0 (0x0)
dPolicies-explorer: DisableCurrentUserRun = 0 (0x0)
dPolicies-explorer: DisableCurrentUserRunOnce = 0 (0x0)
dPolicies-explorer: NoFile = 0 (0x0)
dPolicies-explorer: HideClock = 0 (0x0)
dPolicies-explorer: NoDevMgrUpdate = 0 (0x0)
dPolicies-explorer: NoDFSTab = 0 (0x0)
dPolicies-explorer: NoWindowsUpdate = 0 (0x0)
dPolicies-explorer: NoEncryptOnMove = 0 (0x0)
dPolicies-explorer: NoResolveTrack = 0 (0x0)
dPolicies-explorer: NoStartMenuSubFolders = 0 (0x0)
dPolicies-system: NoDispAppearancePage = 0 (0x0)
dPolicies-system: NoDispSettingsPage = 0 (0x0)
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {43699cd0-e34f-11de-8a39-0800200c9a66} - {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} - C:\ProgramData\WRData\pkg\LPBar.dll
DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} -
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {C53BDC3D-19A0-4062-BF34-0897A4E6A6A2} - hxxps://www.wildpockets.com/common/WildPocketsLoader-17822.cab
DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
TCP: DhcpNameServer = 10.0.1.1
TCP: Interfaces\{143481A9-ABDD-4EC4-B7EB-D5EE3A722FA3} : DhcpNameServer = 10.0.1.1
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
BHO-X64: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
BHO-X64: 0x1 - No File
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: StartNow Toolbar Helper: {6E13D095-45C3-4271-9475-F3B48227DD9F} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll
BHO-X64: StartNow Toolbar Helper - No File
BHO-X64: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO-X64: Shopping4Causes Shopping Plugin: {7C4155B9-EFE5-2364-45E9-6679A6060ED5} - C:\Program Files (x86)\Shopping4Causes Shopping Plugin\Toolbar.dll
BHO-X64: FCTBPos00Pos - No File
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO-X64: Webroot Browser Helper Object: {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} - C:\ProgramData\WRData\pkg\LPBar.dll
BHO-X64: Webroot Browser Helper Object - No File
BHO-X64: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO-X64: PhotoJoy US Toolbar: {f2c43291-151e-499c-98a7-923c120b88fa} - C:\Program Files (x86)\PhotoJoy_US\prxtbPhot.dll
BHO-X64: PhotoJoy US - No File
BHO-X64: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
TB-X64: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
TB-X64: PhotoJoy US Toolbar: {f2c43291-151e-499c-98a7-923c120b88fa} - C:\Program Files (x86)\PhotoJoy_US\prxtbPhot.dll
TB-X64: StartNow Toolbar: {5911488E-9D1E-40ec-8CBB-06B231CC153F} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll
TB-X64: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB-X64: Webroot Toolbar: {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\pkg\LPBar.dll
TB-X64: {5E5AB302-7F65-44CD-8211-C1D4CAACCEA3} - No File
mRun-x64: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
mRun-x64: [iJNetworkScanUtility] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [WRSVC] "C:\Program Files\Webroot\WRSA.exe" -ul
mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRun-x64: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun-x64: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?]
R0 WRkrn;WRkrn;C:\Windows\system32\drivers\WRkrn.sys --> C:\Windows\system32\drivers\WRkrn.sys [?]
R1 MpKsl54f09428;MpKsl54f09428;C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{731234C3-A99A-41AC-960B-52ED82FEFD9A}\MpKsl54f09428.sys [2012-6-17 35664]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]
R2 FlipShareServer;FlipShare Server;C:\Program Files (x86)\Flip Video\FlipShareServer\FlipShareServer.exe [2011-5-6 1085440]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2010-10-14 92216]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-8-20 13336]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-6-16 654408]
R2 NOBU;Norton Online Backup;C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2010-6-1 2804568]
R2 pdfcDispatcher;PDF Document Manager;C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2010-8-20 635416]
R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2010-11-27 398176]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]
R2 TimesUpKidz;TimesUpKidz;C:\Program Files (x86)\Rain City Digital LLC\TimesUpKidz\TimesUpKidzServer.exe [2010-12-19 11264]
R2 UMVPFSrv;UMVPFSrv;C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe [2012-1-18 450848]
R2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-8-20 2320920]
R2 WRSVC;WRSVC;C:\Program Files\Webroot\WRSA.exe [2012-6-6 684240]
R2 X5XSEx;X5XSEx;C:\Program Files (x86)\Free Ride Games\X5XSEx.sys [2012-1-16 55400]
R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]
R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]
R3 HECIx64;Intel® Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\system32\DRIVERS\netr28x.sys --> C:\Windows\system32\DRIVERS\netr28x.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
R3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sys --> C:\Windows\system32\DRIVERS\Sftfslh.sys [?]
R3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftplaylh.sys --> C:\Windows\system32\DRIVERS\Sftplaylh.sys [?]
R3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftredirlh.sys --> C:\Windows\system32\DRIVERS\Sftredirlh.sys [?]
R3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh.sys --> C:\Windows\system32\DRIVERS\Sftvollh.sys [?]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
S2 CLKMSVC10_C6F09094;CyberLink Product - 2010/08/20 19:23:26;C:\Program Files (x86)\Hewlett-Packard\Media\DVD\Kernel\HDDVD\NavFilter\kmsvc.exe [2010-8-20 245232]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-9-14 136176]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-23 257224]
S3 DCamUSBVM;Lenovo Q350 USB PC Camera;C:\Windows\system32\Drivers\usbVM31b.sys --> C:\Windows\system32\Drivers\usbVM31b.sys [?]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-9-14 136176]
S3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\system32\DRIVERS\lvrs64.sys --> C:\Windows\system32\DRIVERS\lvrs64.sys [?]
S3 LVUVC64;Logitech Webcam Pro 9000(UVC);C:\Windows\system32\DRIVERS\lvuvc64.sys --> C:\Windows\system32\DRIVERS\lvuvc64.sys [?]
S3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?]
S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-3-26 291696]
S3 npggsvc;nProtect GameGuard Service;C:\Windows\system32\GameMon.des -service --> C:\Windows\system32\GameMon.des -service [?]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S4 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-3-15 183560]
S4 CinemaNow Service;CinemaNow Service;C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe [2010-6-12 400368]
S4 Updater Service for StartNow Toolbar;Updater Service for StartNow Toolbar;C:\Program Files (x86)\StartNow Toolbar\ToolbarUpdaterService.exe [2011-10-25 244960]
.
=============== File Associations ===============
.
inffile=%SystemRoot%\SysWow64\NOTEPAD.EXE %1
inifile=%SystemRoot%\SysWow64\NOTEPAD.EXE %1
JSEFile="%SystemRoot%\System32\WScript.exe" "%1" %*
txtfile=%SystemRoot%\SysWow64\NOTEPAD.EXE %1
.
=============== Created Last 30 ================
.
2012-06-17 15:38:11 69000 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{731234C3-A99A-41AC-960B-52ED82FEFD9A}\offreg.dll
2012-06-17 15:38:04 20480 ----a-w- C:\Windows\svchost.exe
2012-06-17 15:37:12 35664 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{731234C3-A99A-41AC-960B-52ED82FEFD9A}\MpKsl54f09428.sys
2012-06-17 15:16:57 -------- d-----w- C:\ProgramData\AMD
2012-06-17 15:16:56 -------- d-----w- C:\Program Files (x86)\AMD AVT
2012-06-17 15:16:55 -------- d-----w- C:\Program Files (x86)\AMD APP
2012-06-17 14:32:00 8955792 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{731234C3-A99A-41AC-960B-52ED82FEFD9A}\mpengine.dll
2012-06-16 20:38:59 -------- d-----w- C:\Users\four\AppData\Roaming\Malwarebytes
2012-06-16 20:38:51 -------- d-----w- C:\ProgramData\Malwarebytes
2012-06-16 20:38:50 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-06-16 20:38:50 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-06-16 00:22:51 8955792 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-06-13 12:48:35 927800 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{2D34FC98-D238-4B71-AF93-0280343646EE}\gapaengine.dll
2012-06-13 10:31:04 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe
2012-06-13 10:31:04 77312 ----a-w- C:\Windows\System32\rdpwsx.dll
2012-06-13 10:31:04 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll
2012-06-13 10:31:01 209920 ----a-w- C:\Windows\System32\profsvc.dll
2012-06-13 10:30:56 3146752 ----a-w- C:\Windows\System32\win32k.sys
2012-06-13 10:30:54 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys
2012-06-13 10:30:51 3216384 ----a-w- C:\Windows\System32\msi.dll
2012-06-13 10:30:49 2342400 ----a-w- C:\Windows\SysWow64\msi.dll
2012-06-13 10:30:43 1462272 ----a-w- C:\Windows\System32\crypt32.dll
2012-06-13 10:30:42 184320 ----a-w- C:\Windows\System32\cryptsvc.dll
2012-06-13 10:30:42 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
2012-06-13 10:30:42 140288 ----a-w- C:\Windows\System32\cryptnet.dll
2012-06-13 10:30:42 1158656 ----a-w- C:\Windows\SysWow64\crypt32.dll
2012-06-13 10:30:42 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
2012-06-10 20:41:03 -------- d-----w- C:\Users\four\AppData\Roaming\.edmiester777
2012-06-08 20:25:20 -------- d-----w- C:\Users\four\AppData\Local\pesterchum
2012-06-08 20:24:45 -------- d-----w- C:\Pesterchum
2012-06-07 02:16:24 7021336 ----a-w- C:\Program Files (x86)\Common Files\wruninstall.exe
2012-06-07 02:16:00 -------- d-----w- C:\Users\four\AppData\Local\lptmp981689726
2012-06-07 02:15:18 148664 ----a-w- C:\Windows\SysWow64\WRusr.dll
2012-06-07 02:15:18 101808 ----a-w- C:\Windows\System32\WRusr.dll
2012-06-07 02:15:17 112656 ----a-w- C:\Windows\System32\drivers\WRkrn.sys
2012-06-07 02:15:15 -------- d-----w- C:\Program Files\Webroot
2012-06-07 02:15:14 -------- d-----w- C:\ProgramData\WRData
2012-06-04 23:22:22 -------- d-----w- C:\Users\four\AppData\Local\{4A0D9C50-76C6-45B0-A609-850E959DE7F7}
2012-06-04 23:22:12 -------- d-----w- C:\Users\four\AppData\Local\{8208C93B-1E1F-4F9E-AFA7-D3E0DA89C082}
2012-06-04 22:42:35 -------- d-----w- C:\Users\four\AppData\Local\{491DBD74-B6BA-47C3-BD06-970FFDFD94BC}
2012-06-04 22:42:25 -------- d-----w- C:\Users\four\AppData\Local\{6C60F1A4-6A30-4751-85C1-E1A0B5830C9B}
2012-06-03 22:15:50 -------- d-----w- C:\Users\four\AppData\Local\Facebook
2012-05-20 13:32:34 -------- d-----w- C:\Users\four\jagexcache
2012-05-19 20:49:10 -------- d-----w- C:\Program Files (x86)\Doomsday
.
==================== Find3M ====================
.
2012-06-16 23:13:50 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-06-16 23:13:50 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-05-18 02:06:48 2311680 ----a-w- C:\Windows\System32\jscript9.dll
2012-05-18 01:59:14 1392128 ----a-w- C:\Windows\System32\wininet.dll
2012-05-18 01:58:39 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-05-18 01:55:22 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2012-05-18 01:51:30 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-05-17 22:45:37 1800192 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-05-17 22:35:47 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-05-17 22:35:39 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-05-17 22:29:45 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2012-05-17 22:24:45 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-05-05 09:16:20 8744608 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe
2012-04-28 15:17:14 466456 ----a-w- C:\Windows\System32\wrap_oal.dll
2012-04-28 15:17:14 444952 ----a-w- C:\Windows\SysWow64\wrap_oal.dll
2012-04-28 15:17:14 122904 ----a-w- C:\Windows\System32\OpenAL32.dll
2012-04-28 15:17:14 109080 ----a-w- C:\Windows\SysWow64\OpenAL32.dll
2012-04-06 05:22:40 11174400 ----a-w- C:\Windows\System32\drivers\atikmdag.sys
2012-04-06 02:34:26 187392 ----a-w- C:\Windows\System32\clinfo.exe
2012-04-06 02:34:10 74752 ----a-w- C:\Windows\System32\OpenVideo64.dll
2012-04-06 02:34:04 64512 ----a-w- C:\Windows\SysWow64\OpenVideo.dll
2012-04-06 02:33:56 63488 ----a-w- C:\Windows\System32\OVDecode64.dll
2012-04-06 02:33:52 56320 ----a-w- C:\Windows\SysWow64\OVDecode.dll
2012-04-06 02:33:44 16457216 ----a-w- C:\Windows\System32\amdocl64.dll
2012-04-06 02:32:56 13007872 ----a-w- C:\Windows\SysWow64\amdocl.dll
2012-04-06 02:32:08 54784 ----a-w- C:\Windows\System32\OpenCL.dll
2012-04-06 02:32:04 50176 ----a-w- C:\Windows\SysWow64\OpenCL.dll
2012-04-06 02:22:00 159744 ----a-w- C:\Windows\System32\atiapfxx.exe
2012-04-06 02:21:52 909312 ----a-w- C:\Windows\SysWow64\aticfx32.dll
2012-04-06 02:20:04 1067520 ----a-w- C:\Windows\System32\aticfx64.dll
2012-04-06 02:16:52 442368 ----a-w- C:\Windows\System32\ATIDEMGX.dll
2012-04-06 02:16:46 503808 ----a-w- C:\Windows\System32\atieclxx.exe
2012-04-06 02:16:02 236544 ----a-w- C:\Windows\System32\atiesrxx.exe
2012-04-06 02:14:44 120320 ----a-w- C:\Windows\System32\atitmm64.dll
2012-04-06 02:14:30 21504 ----a-w- C:\Windows\System32\atimuixx.dll
2012-04-06 02:14:26 59392 ----a-w- C:\Windows\System32\atiedu64.dll
2012-04-06 02:14:20 43520 ----a-w- C:\Windows\SysWow64\ati2edxx.dll
2012-04-06 02:13:42 6800896 ----a-w- C:\Windows\SysWow64\atidxx32.dll
2012-04-06 02:10:50 26181632 ----a-w- C:\Windows\System32\atio6axx.dll
2012-04-06 02:00:10 64000 ----a-w- C:\Windows\System32\coinst.dll
2012-04-06 01:54:46 7479296 ----a-w- C:\Windows\System32\atidxx64.dll
2012-04-06 01:50:56 19753984 ----a-w- C:\Windows\SysWow64\atioglxx.dll
2012-04-06 01:35:24 1120768 ----a-w- C:\Windows\System32\atiumd6v.dll
2012-04-06 01:34:50 1831424 ----a-w- C:\Windows\SysWow64\atiumdmv.dll
2012-04-06 01:34:34 4731904 ----a-w- C:\Windows\System32\atiumd6a.dll
2012-04-06 01:34:04 6203392 ----a-w- C:\Windows\SysWow64\atiumdag.dll
2012-04-06 01:30:16 51200 ----a-w- C:\Windows\System32\aticalrt64.dll
2012-04-06 01:30:14 46080 ----a-w- C:\Windows\SysWow64\aticalrt.dll
2012-04-06 01:30:08 44544 ----a-w- C:\Windows\System32\aticalcl64.dll
2012-04-06 01:30:06 44032 ----a-w- C:\Windows\SysWow64\aticalcl.dll
2012-04-06 01:29:54 16090624 ----a-w- C:\Windows\System32\aticaldd64.dll
2012-04-06 01:25:30 13764096 ----a-w- C:\Windows\SysWow64\aticaldd.dll
2012-04-06 01:23:24 7431680 ----a-w- C:\Windows\System32\atiumd64.dll
2012-04-06 01:22:54 4795904 ----a-w- C:\Windows\SysWow64\atiumdva.dll
2012-04-06 01:11:28 514560 ----a-w- C:\Windows\System32\atiadlxx.dll
2012-04-06 01:11:20 360448 ----a-w- C:\Windows\SysWow64\atiadlxy.dll
2012-04-06 01:11:06 17408 ----a-w- C:\Windows\System32\atig6pxx.dll
2012-04-06 01:11:04 14848 ----a-w- C:\Windows\SysWow64\atiglpxx.dll
2012-04-06 01:11:04 14848 ----a-w- C:\Windows\System32\atiglpxx.dll
2012-04-06 01:11:00 41984 ----a-w- C:\Windows\System32\atig6txx.dll
2012-04-06 01:10:52 33280 ----a-w- C:\Windows\SysWow64\atigktxx.dll
2012-04-06 01:10:44 343040 ----a-w- C:\Windows\System32\drivers\atikmpag.sys
2012-04-06 01:09:56 54784 ----a-w- C:\Windows\System32\atiuxp64.dll
2012-04-06 01:09:48 41984 ----a-w- C:\Windows\SysWow64\atiuxpag.dll
2012-04-06 01:09:42 44544 ----a-w- C:\Windows\System32\atiu9p64.dll
2012-04-06 01:09:34 32256 ----a-w- C:\Windows\SysWow64\atiu9pag.dll
2012-04-06 01:09:02 53248 ----a-w- C:\Windows\System32\drivers\ati2erec.dll
2012-04-06 01:06:08 54784 ----a-w- C:\Windows\System32\atimpc64.dll
2012-04-06 01:06:08 54784 ----a-w- C:\Windows\System32\amdpcom64.dll
2012-04-06 01:06:04 53760 ----a-w- C:\Windows\SysWow64\atimpc32.dll
2012-04-06 01:06:04 53760 ----a-w- C:\Windows\SysWow64\amdpcom32.dll
2012-03-31 06:05:57 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-03-31 04:39:37 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2012-03-31 04:39:37 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2012-03-30 11:35:47 1918320 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2012-03-21 00:44:12 98688 ----a-w- C:\Windows\System32\drivers\NisDrvWFP.sys
2012-03-21 00:44:12 203888 ----a-w- C:\Windows\System32\drivers\MpFilter.sys
.
============= FINISH: 18:09:17.35 ===============
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 11/28/2010 6:47:57 AM
System Uptime: 6/17/2012 11:36:24 AM (7 hours ago)
.
Motherboard: MSI | | 2A9C
Processor: Intel® Core i5 CPU 650 @ 3.20GHz | CPU 1 | 3201/133mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 919 GiB total, 547.534 GiB free.
D: is FIXED (NTFS) - 12 GiB total, 1.484 GiB free.
E: is CDROM ()
G: is Removable
H: is Removable
I: is Removable
J: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP217: 6/14/2012 3:00:11 AM - Windows Update
RP218: 6/15/2012 3:00:12 AM - Windows Update
RP219: 6/16/2012 3:00:11 AM - Windows Update
RP220: 6/17/2012 3:00:12 AM - Windows Update
RP221: 6/17/2012 11:17:42 AM - Windows Update
.
==== Installed Programs ======================
.
7-Zip 9.20
ActiveCheck component for HP Active Support Library
Adobe AIR
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.3)
Age of Chivalry
Alien Zombie Megadeath
Alliance of Valiant Arms
Amnesia: The Dark Descent Demo
Anime Studio Debut 7.0
APB Reloaded
Apple Application Support
Apple Software Update
Audacity 1.2.6
Bandisoft MPEG-1 Decoder
Battle.net
Bejeweled 2 Deluxe
Bing Bar
Bing Rewards Client Installer
Blackhawk Striker 2
Bloodline Champions
Brawl Busters
BrickForce 1.4.40
Build-a-lot 2
Build Your Own Net Dream (remove only)
Burn Zombie Burn
Call of Duty® - World at War
CameraHelperMsi
CamStudio OSS Desktop Recorder
Canon IJ Network Scan Utility
Canon IJ Network Tool
Canon MP Navigator 2.2
Catalyst Control Center
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
Chuzzle Deluxe
CinemaNow Media Manager
Counter-Strike: Source
Counter-Strike: Source Beta
Crimecraft: BLEEDOUT
Cubemen
CyberLink DVD Suite Deluxe
D3DX10
Darkest of Days - Demo
Diablo
Diablo III
Diablo III Beta
Diner Dash 2 Restaurant Rescue
Doomsday Engine 1.9.8
Dora's Carnival Adventure
Dungeon Defenders Demo
DVD Menu Pack for HP MediaSmart Video
Empires
erLT
Escape Rosecliff Island
Facebook Video Calling 1.2.0.159
Fallout: New Vegas
FATE
Final Drive Nitro
FlipShare
Foreign Legion: Buckets of Blood
FPS Creator Free
Fraps
Free Ride Games Player
Game Maker 8.0
GameSpy Arcade
Garry's Mod
Google Chrome
Google Toolbar for Internet Explorer
Google Update Helper
Gotham City Impostors
Half-Life 2
Half-Life 2: Lost Coast
Half-Life Deathmatch: Source
Half-Life: Source
Helicopter Strike Force
Heroes of Hellas 2 - Olympia
Hot Wheels
Hot Wheels Stunt Track Challenge
HP Advisor
HP Customer Experience Enhancements
HP Games
HP MediaSmart CinemaNow 2.0
HP MediaSmart DVD
HP MediaSmart Music
HP MediaSmart Photo
HP MediaSmart Video
HP MediaSmart/TouchSmart Netflix
HP Odometer
HP Setup
HP Support Assistant
HP Support Information
HP Update
HPAsset component for HP Active Support Library
Hulu Desktop
HydraVision
iLivid
Intel® Management Engine Components
Intel® Rapid Storage Technology
Java Auto Updater
Java 6 Update 30
Jed's Half-Life Model Viewer 1.3.6
Jewel Quest 3
Jewel Quest Solitaire 2
Junk Mail filter update
Killing Floor
Killing Floor Mod: Defence Alliance 2
Kobo
LabelPrint
Left 4 Dead
Left 4 Dead 2
Left 4 Dead 2 Add-on Support
LightScribe System Software
Logitech Vid HD
Logitech Webcam Software
LWS Facebook
LWS Gallery
LWS Help_main
LWS Launcher
LWS Motion Detection
LWS Pictures And Video
LWS Twitter
LWS Video Mask Maker
LWS Webcam Software
LWS WLM Plugin
LWS YouTube Plugin
Malwarebytes Anti-Malware version 1.61.0.1400
Mastercam X
Medal of Honor Airborne
Microsoft .NET Framework 1.1
Microsoft Games for Windows - LIVE Redistributable
Microsoft Games for Windows Marketplace
Microsoft Office 2010
Microsoft Office Click-to-Run 2010
Microsoft Office Starter 2010 - English
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Windows Media Video 9 VCM
Microsoft Works 6-9 Converter
Microsoft WSE 3.0 Runtime
Microsoft XNA Framework Redistributable 3.1
Microsoft XNA Framework Redistributable 4.0
Monster Madness: Battle for Suburbia
Mortal Kombat Kollection
Movie Theme Pack for HP MediaSmart Video
MP4 player
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP3 Parser
MSXML 4.0 SP3 Parser (KB973685)
Norton Online Backup
Norton Security Scan
NVIDIA PhysX
Oblivion
OpenAL
OpenOffice.org 3.2
Pando Media Booster
PDF Complete Special Edition
Penguins!
PESTERCHUM
PhotoJoy
PhotoJoy US Toolbar
PhotoNow!
Plants vs. Zombies
PMB
Poker Superstars III
Polar Bowler
Polar Golfer
Portal 2
Pound of Ground Demo
Power2Go
PowerDirector
PressReader
Project Blackout
PunkBuster Services
Quake Live Internet Explorer Plugin
QuickTime
Ralink RT2860 Wireless LAN Card
Realm of the Mad God
Realtek High Definition Audio Driver
Recovery Manager
RollerCoaster Tycoon 3 Platinum
Roxio CinemaNow 2.0
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Serious Sam 2
Shank 2 Demo
Shoot Many Robots
Shopping4Causes Shopping Plugin
SpongeBob SquarePants Employee of the Month
StartNow Toolbar
Steam
Stop Motion Animation Companion CD 1.3
Stunt Track Driver
Super Monday Night Combat
Synergy
Team Fortress 2
Team Fortress 2 Beta
Terraria
The Binding Of Isaac
The Fairly OddParents - Shadow Showdown (remove only)
TimesUpKidz
Tomb Raider: Legend
U.B. Funkeys
Unity Web Player
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update Installer for WildTangent Games App
Virtual Families
Virtual Villagers - The Secret City
VLC media player 1.1.11
Webroot SecureAnywhere
Wheel of Fortune 2
WildTangent Games App (HP Games)
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Mail
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Sync
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
World of Warcraft
World of Warcraft Beta
Yahoo! Software Update
Yahoo! Toolbar
Zinio Reader 4
Zuma Deluxe
.
==== Event Viewer Messages From Past Week ========
.
6/17/2012 11:38:57 AM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:DOS/Alureon.A&threatid=2147636949 Name: Trojan:DOS/Alureon.A ID: 2147636949 Severity: Severe Category: Trojan Path: rootkit:_Alureon->Mbr::Alureon Detection Origin: Unknown Detection Type: Concrete Detection Source: System User: NT AUTHORITY\SYSTEM Process Name: Unknown Action: Quarantine Action Status: To finish removing malware and other potentially unwanted software, restart the computer. To see how to finish removing malware and other potentially unwanted software, see the support article on the Microsoft Security website. Error Code: 0x80070032 Error description: The request is not supported. Signature Version: AV: 1.127.2172.0, AS: 1.127.2172.0, NIS: 11.137.0.0 Engine Version: AM: 1.1.8403.0, NIS: 2.0.8001.0
6/17/2012 11:37:08 AM, Error: Service Control Manager [7000] - The Hardlock service failed to start due to the following error: This driver has been blocked from loading
6/17/2012 11:37:08 AM, Error: Application Popup [1060] - \??\C:\Windows\SysWow64\drivers\hardlock.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
6/17/2012 11:35:50 AM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.
6/17/2012 11:27:31 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
6/17/2012 11:19:43 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
6/17/2012 11:19:43 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
6/17/2012 11:19:41 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
6/17/2012 11:19:40 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
6/17/2012 11:19:34 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
6/17/2012 11:19:16 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD DfsC discache MpFilter NetBIOS NetBT nsiproxy Psched rdbss spldr tdx vwififlt Wanarpv6 WfpLwf
6/17/2012 11:19:13 AM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
6/17/2012 11:19:13 AM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
6/17/2012 11:19:13 AM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
6/17/2012 11:19:13 AM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
6/17/2012 11:19:13 AM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
6/17/2012 11:19:13 AM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.
6/17/2012 11:19:13 AM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
6/17/2012 11:19:13 AM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
6/17/2012 11:19:13 AM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.
6/17/2012 11:19:13 AM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
6/17/2012 11:19:13 AM, Error: Service Control Manager [7001] - The Client Virtualization Handler service depends on the Application Virtualization Client service which failed to start because of the following error: The dependency service or group failed to start.
6/17/2012 11:18:01 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Windows 7 for x64-based Systems (KB2709715).
6/17/2012 11:14:30 AM, Error: Service Control Manager [7009] - A timeout was reached (60001 milliseconds) while waiting for the AMD External Events Utility service to connect.
6/17/2012 11:14:30 AM, Error: Service Control Manager [7000] - The AMD External Events Utility service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
6/17/2012 10:22:23 AM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:DOS/Alureon.A&threatid=2147636949 Name: Trojan:DOS/Alureon.A ID: 2147636949 Severity: Severe Category: Trojan Path: rootkit:_Alureon->Mbr::Alureon Detection Origin: Unknown Detection Type: Concrete Detection Source: System User: NT AUTHORITY\SYSTEM Process Name: Unknown Action: Quarantine Action Status: To finish removing malware and other potentially unwanted software, restart the computer. To see how to finish removing malware and other potentially unwanted software, see the support article on the Microsoft Security website. Error Code: 0x80070032 Error description: The request is not supported. Signature Version: AV: 1.127.2110.0, AS: 1.127.2110.0, NIS: 11.137.0.0 Engine Version: AM: 1.1.8403.0, NIS: 2.0.8001.0
6/16/2012 7:18:16 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:DOS/Alureon.A&threatid=2147636949 Name: Trojan:DOS/Alureon.A ID: 2147636949 Severity: Severe Category: Trojan Path: rootkit:_Alureon->Mbr::Alureon Detection Origin: Unknown Detection Type: Concrete Detection Source: System User: NT AUTHORITY\SYSTEM Process Name: Unknown Action: Quarantine Action Status: To finish removing malware and other potentially unwanted software, restart the computer. To see how to finish removing malware and other potentially unwanted software, see the support article on the Microsoft Security website. Error Code: 0x80070032 Error description: The request is not supported. Signature Version: AV: 1.127.2110.0, AS: 1.127.2110.0, NIS: 11.137.0.0 Engine Version: AM: 1.1.8403.0, NIS: 2.0.8001.0
6/16/2012 7:13:33 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:DOS/Alureon.A&threatid=2147636949 Name: Trojan:DOS/Alureon.A ID: 2147636949 Severity: Severe Category: Trojan Path: rootkit:_Alureon->Mbr::Alureon Detection Origin: Unknown Detection Type: Concrete Detection Source: System User: NT AUTHORITY\SYSTEM Process Name: Unknown Action: Quarantine Action Status: To finish removing malware and other potentially unwanted software, restart the computer. To see how to finish removing malware and other potentially unwanted software, see the support article on the Microsoft Security website. Error Code: 0x80070032 Error description: The request is not supported. Signature Version: AV: 1.127.2110.0, AS: 1.127.2110.0, NIS: 11.137.0.0 Engine Version: AM: 1.1.8403.0, NIS: 2.0.8001.0
6/14/2012 8:11:51 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:DOS/Alureon.A&threatid=2147636949 Name: Trojan:DOS/Alureon.A ID: 2147636949 Severity: Severe Category: Trojan Path: rootkit:_Alureon->Mbr::Alureon Detection Origin: Unknown Detection Type: Concrete Detection Source: System User: NT AUTHORITY\SYSTEM Process Name: Unknown Action: Quarantine Action Status: To finish removing malware and other potentially unwanted software, restart the computer. To see how to finish removing malware and other potentially unwanted software, see the support article on the Microsoft Security website. Error Code: 0x80070032 Error description: The request is not supported. Signature Version: AV: 1.127.2024.0, AS: 1.127.2024.0, NIS: 11.137.0.0 Engine Version: AM: 1.1.8403.0, NIS: 2.0.8001.0
6/14/2012 7:06:10 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:DOS/Alureon.A&threatid=2147636949 Name: Trojan:DOS/Alureon.A ID: 2147636949 Severity: Severe Category: Trojan Path: rootkit:_Alureon->Mbr::Alureon Detection Origin: Unknown Detection Type: Concrete Detection Source: System User: NT AUTHORITY\SYSTEM Process Name: Unknown Action: Quarantine Action Status: To finish removing malware and other potentially unwanted software, restart the computer. To see how to finish removing malware and other potentially unwanted software, see the support article on the Microsoft Security website. Error Code: 0x80070032 Error description: The request is not supported. Signature Version: AV: 1.127.1891.0, AS: 1.127.1891.0, NIS: 11.137.0.0 Engine Version: AM: 1.1.8403.0, NIS: 2.0.8001.0
6/14/2012 3:28:55 AM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:DOS/Alureon.A&threatid=2147636949 Name: Trojan:DOS/Alureon.A ID: 2147636949 Severity: Severe Category: Trojan Path: rootkit:_Alureon->Mbr::Alureon Detection Origin: Unknown Detection Type: Concrete Detection Source: System User: NT AUTHORITY\SYSTEM Process Name: Unknown Action: Quarantine Action Status: To finish removing malware and other potentially unwanted software, restart the computer. To see how to finish removing malware and other potentially unwanted software, see the support article on the Microsoft Security website. Error Code: 0x80070032 Error description: The request is not supported. Signature Version: AV: 1.127.1891.0, AS: 1.127.1891.0, NIS: 11.137.0.0 Engine Version: AM: 1.1.8403.0, NIS: 2.0.8001.0
6/11/2012 3:53:52 AM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:DOS/Alureon.A&threatid=2147636949 Name: Trojan:DOS/Alureon.A ID: 2147636949 Severity: Severe Category: Trojan Path: rootkit:_Alureon->Mbr::Alureon Detection Origin: Unknown Detection Type: Concrete Detection Source: System User: NT AUTHORITY\SYSTEM Process Name: Unknown Action: Quarantine Action Status: To finish removing malware and other potentially unwanted software, restart the computer. To see how to finish removing malware and other potentially unwanted software, see the support article on the Microsoft Security website. Error Code: 0x80070032 Error description: The request is not supported. Signature Version: AV: 1.127.1726.0, AS: 1.127.1726.0, NIS: 11.0.0.0 Engine Version: AM: 1.1.8403.0, NIS: 2.0.8001.0
6/10/2012 4:52:31 PM, Error: Service Control Manager [7031] - The WRSVC service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
.
==== End Of File ===========================
please help!
in Resolved Malware Removal Logs
Posted
Hello!
Things still seem ok - no IP blocks, nothing found by anti-virus or Malwarebytes. I read the article and have taken some further steps to protect my computer. FYI, the browser security test link at the end of the article is no longer active....
I appear to have been cured! Again, I am extremely grateful for your guidance and assistance!