mullerfour Posted June 17, 2012 ID:561435 Share Posted June 17, 2012 Downloaded Malwarebytes and it keeps finding the same two items but is not successful in removing them! They are (Trojan.Agent File and Memory Process C:\Windows\svchost.exe). I am also getting repeated blocks (outgoing) to 206.161.121.6. I ran DDS per your instructions and am including the logs here. I so appreciate any help you might offer!.DDS (Ver_2011-08-26.01) - NTFSAMD64Internet Explorer: 9.0.8112.16421Run by four at 18:07:50 on 2012-06-17Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8119.5409 [GMT -4:00].AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}AV: Webroot SecureAnywhere *Enabled/Updated* {9C0666FC-6C7D-3E97-3C40-0C6B33FC7401}SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}SP: Webroot SecureAnywhere *Enabled/Updated* {27678718-4A47-3119-06F0-3719487B3EBC}SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}.============== Running Processes ===============.C:\Windows\system32\wininit.exeC:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Program Files\Webroot\WRSA.exeC:\Windows\system32\svchost.exe -k RPCSSc:\Program Files\Microsoft Security Client\MsMpEng.exeC:\Windows\system32\atiesrxx.exeC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k netsvcsC:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exeC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\svchost.exe -k NetworkServiceC:\Windows\system32\atieclxx.exeC:\Windows\System32\spoolsv.exeC:\Windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonationC:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exeC:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exeC:\Program Files (x86)\Bonjour\mDNSResponder.exeC:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exeC:\Program Files (x86)\Flip Video\FlipShareServer\FlipShareServer.exeC:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exec:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exeC:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exeC:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exeC:\Program Files (x86)\PDF Complete\pdfsvc.exeC:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exeC:\Windows\system32\taskhost.exeC:\Program Files\Webroot\WRSA.exeC:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEC:\Windows\SysWOW64\PnkBstrA.exeC:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXEC:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exeC:\Program Files (x86)\Rain City Digital LLC\TimesUpKidz\TimesUpKidzServer.exeC:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exeC:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exeC:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exeC:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exeC:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exeC:\Program Files (x86)\Common Files\Java\Java Update\jusched.exeC:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exeC:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exeC:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exeC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXEC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exeC:\Windows\system32\wbem\unsecapp.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exeC:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exeC:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXEC:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exeC:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exeC:\Windows\system32\SearchIndexer.exeC:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe-netsvcsC:\Windows\system32\conhost.exeC:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestrictedC:\Windows\system32\WUDFHost.exeC:\Program Files\Windows Media Player\wmpnetwk.exeC:\Windows\System32\svchost.exe -k LocalServicePeerNetC:\Windows\system32\DllHost.exeC:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exeC:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exeC:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exeC:\Windows\system32\wuauclt.exeC:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exeC:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exeC:\Windows\system32\SearchFilterHost.exeC:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\system32\SearchProtocolHost.exeC:\Windows\SysWOW64\cmd.exeC:\Windows\system32\conhost.exeC:\Windows\SysWOW64\cscript.exe.============== Pseudo HJT Report ===============.uStart Page = hxxp://www.google.com/iguInternet Settings,ProxyOverride = *.localuURLSearchHooks: FCToolbarURLSearchHook Class: {3d68e927-6002-6bb4-7940-c297f1177192} - C:\Program Files (x86)\Shopping4Causes Shopping Plugin\Helper.dlluURLSearchHooks: H - No FileuURLSearchHooks: H - No FilemURLSearchHooks: PhotoJoy US Toolbar: {f2c43291-151e-499c-98a7-923c120b88fa} - C:\Program Files (x86)\PhotoJoy_US\prxtbPhot.dllBHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dllBHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dllBHO: StartNow Toolbar Helper: {6e13d095-45c3-4271-9475-f3b48227dd9f} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dllBHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dllBHO: Shopping4Causes Shopping Plugin: {7c4155b9-efe5-2364-45e9-6679a6060ed5} - C:\Program Files (x86)\Shopping4Causes Shopping Plugin\Toolbar.dllBHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllBHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dllBHO: Webroot Browser Helper Object: {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} - C:\ProgramData\WRData\pkg\LPBar.dllBHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dllBHO: PhotoJoy US Toolbar: {f2c43291-151e-499c-98a7-923c120b88fa} - C:\Program Files (x86)\PhotoJoy_US\prxtbPhot.dllBHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dllTB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"TB: PhotoJoy US Toolbar: {f2c43291-151e-499c-98a7-923c120b88fa} - C:\Program Files (x86)\PhotoJoy_US\prxtbPhot.dllTB: StartNow Toolbar: {5911488e-9d1e-40ec-8cbb-06b231cc153f} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dllTB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dllTB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dllTB: Webroot Toolbar: {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\pkg\LPBar.dllTB: {5E5AB302-7F65-44CD-8211-C1D4CAACCEA3} - No FileuRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"uRun: [Facebook Update] "C:\Users\four\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserveruRun: [HydraVisionDesktopManager] "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exemRun: [iJNetworkScanUtility] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exemRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottimemRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"mRun: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exemRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"mRun: [WRSVC] "C:\Program Files\Webroot\WRSA.exe" -ulmRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttraymRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRunmRun: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" amldRun: [Exetender] "C:\Program Files (x86)\Free Ride Games\GPlayer.exe" /runonstartupStartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\TIMESU~1.LNK - C:\Windows\Installer\{837DA79C-B12B-4709-9B9B-16D1468E418A}\_79F931C029ED8E76188721.exeuPolicies-explorer: NoViewOnDrive = 0 (0x0)uPolicies-explorer: DisableLocalMachineRun = 0 (0x0)uPolicies-explorer: DisableLocalMachineRunOnce = 0 (0x0)uPolicies-explorer: DisableCurrentUserRun = 0 (0x0)uPolicies-explorer: DisableCurrentUserRunOnce = 0 (0x0)uPolicies-explorer: NoFile = 0 (0x0)uPolicies-explorer: HideClock = 0 (0x0)uPolicies-explorer: NoDevMgrUpdate = 0 (0x0)uPolicies-explorer: NoDFSTab = 0 (0x0)uPolicies-explorer: NoWindowsUpdate = 0 (0x0)uPolicies-explorer: NoEncryptOnMove = 0 (0x0)uPolicies-explorer: NoResolveTrack = 0 (0x0)uPolicies-explorer: NoStartMenuSubFolders = 0 (0x0)uPolicies-system: NoDispAppearancePage = 0 (0x0)uPolicies-system: NoDispSettingsPage = 0 (0x0)mPolicies-explorer: NoActiveDesktop = 1 (0x1)mPolicies-explorer: NoViewOnDrive = 0 (0x0)mPolicies-explorer: DisableLocalMachineRun = 0 (0x0)mPolicies-explorer: DisableLocalMachineRunOnce = 0 (0x0)mPolicies-explorer: DisableCurrentUserRun = 0 (0x0)mPolicies-explorer: DisableCurrentUserRunOnce = 0 (0x0)mPolicies-explorer: NoFile = 0 (0x0)mPolicies-explorer: HideClock = 0 (0x0)mPolicies-explorer: NoDevMgrUpdate = 0 (0x0)mPolicies-explorer: NoDFSTab = 0 (0x0)mPolicies-explorer: NoWindowsUpdate = 0 (0x0)mPolicies-explorer: NoEncryptOnMove = 0 (0x0)mPolicies-explorer: NoResolveTrack = 0 (0x0)mPolicies-explorer: NoStartMenuSubFolders = 0 (0x0)mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)mPolicies-system: EnableUIADesktopToggle = 0 (0x0)mPolicies-system: PromptOnSecureDesktop = 0 (0x0)mPolicies-system: EnableLUA = 0 (0x0)mPolicies-system: NoDispAppearancePage = 0 (0x0)mPolicies-system: NoDispSettingsPage = 0 (0x0)dPolicies-explorer: NoViewOnDrive = 0 (0x0)dPolicies-explorer: DisableLocalMachineRun = 0 (0x0)dPolicies-explorer: DisableLocalMachineRunOnce = 0 (0x0)dPolicies-explorer: DisableCurrentUserRun = 0 (0x0)dPolicies-explorer: DisableCurrentUserRunOnce = 0 (0x0)dPolicies-explorer: NoFile = 0 (0x0)dPolicies-explorer: HideClock = 0 (0x0)dPolicies-explorer: NoDevMgrUpdate = 0 (0x0)dPolicies-explorer: NoDFSTab = 0 (0x0)dPolicies-explorer: NoWindowsUpdate = 0 (0x0)dPolicies-explorer: NoEncryptOnMove = 0 (0x0)dPolicies-explorer: NoResolveTrack = 0 (0x0)dPolicies-explorer: NoStartMenuSubFolders = 0 (0x0)dPolicies-system: NoDispAppearancePage = 0 (0x0)dPolicies-system: NoDispSettingsPage = 0 (0x0)IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dllIE: {43699cd0-e34f-11de-8a39-0800200c9a66} - {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} - C:\ProgramData\WRData\pkg\LPBar.dllDPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} -DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cabDPF: {C53BDC3D-19A0-4062-BF34-0897A4E6A6A2} - hxxps://www.wildpockets.com/common/WildPocketsLoader-17822.cabDPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cabDPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cabTCP: DhcpNameServer = 10.0.1.1TCP: Interfaces\{143481A9-ABDD-4EC4-B7EB-D5EE3A722FA3} : DhcpNameServer = 10.0.1.1Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dllBHO-X64: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dllBHO-X64: 0x1 - No FileBHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dllBHO-X64: AcroIEHelperStub - No FileBHO-X64: StartNow Toolbar Helper: {6E13D095-45C3-4271-9475-F3B48227DD9F} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dllBHO-X64: StartNow Toolbar Helper - No FileBHO-X64: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dllBHO-X64: Shopping4Causes Shopping Plugin: {7C4155B9-EFE5-2364-45E9-6679A6060ED5} - C:\Program Files (x86)\Shopping4Causes Shopping Plugin\Toolbar.dllBHO-X64: FCTBPos00Pos - No FileBHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllBHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dllBHO-X64: Webroot Browser Helper Object: {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} - C:\ProgramData\WRData\pkg\LPBar.dllBHO-X64: Webroot Browser Helper Object - No FileBHO-X64: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dllBHO-X64: PhotoJoy US Toolbar: {f2c43291-151e-499c-98a7-923c120b88fa} - C:\Program Files (x86)\PhotoJoy_US\prxtbPhot.dllBHO-X64: PhotoJoy US - No FileBHO-X64: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dllTB-X64: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"TB-X64: PhotoJoy US Toolbar: {f2c43291-151e-499c-98a7-923c120b88fa} - C:\Program Files (x86)\PhotoJoy_US\prxtbPhot.dllTB-X64: StartNow Toolbar: {5911488E-9D1E-40ec-8CBB-06B231CC153F} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dllTB-X64: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dllTB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dllTB-X64: Webroot Toolbar: {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\pkg\LPBar.dllTB-X64: {5E5AB302-7F65-44CD-8211-C1D4CAACCEA3} - No FilemRun-x64: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exemRun-x64: [iJNetworkScanUtility] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exemRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottimemRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"mRun-x64: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exemRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"mRun-x64: [WRSVC] "C:\Program Files\Webroot\WRSA.exe" -ulmRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttraymRun-x64: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRunmRun-x64: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml.============= SERVICES / DRIVERS ===============.R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?]R0 WRkrn;WRkrn;C:\Windows\system32\drivers\WRkrn.sys --> C:\Windows\system32\drivers\WRkrn.sys [?]R1 MpKsl54f09428;MpKsl54f09428;C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{731234C3-A99A-41AC-960B-52ED82FEFD9A}\MpKsl54f09428.sys [2012-6-17 35664]R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928]R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]R2 FlipShareServer;FlipShare Server;C:\Program Files (x86)\Flip Video\FlipShareServer\FlipShareServer.exe [2011-5-6 1085440]R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2010-10-14 92216]R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-8-20 13336]R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-6-16 654408]R2 NOBU;Norton Online Backup;C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2010-6-1 2804568]R2 pdfcDispatcher;PDF Document Manager;C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2010-8-20 635416]R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2010-11-27 398176]R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]R2 TimesUpKidz;TimesUpKidz;C:\Program Files (x86)\Rain City Digital LLC\TimesUpKidz\TimesUpKidzServer.exe [2010-12-19 11264]R2 UMVPFSrv;UMVPFSrv;C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe [2012-1-18 450848]R2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-8-20 2320920]R2 WRSVC;WRSVC;C:\Program Files\Webroot\WRSA.exe [2012-6-6 684240]R2 X5XSEx;X5XSEx;C:\Program Files (x86)\Free Ride Games\X5XSEx.sys [2012-1-16 55400]R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]R3 HECIx64;Intel® Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\system32\DRIVERS\netr28x.sys --> C:\Windows\system32\DRIVERS\netr28x.sys [?]R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]R3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sys --> C:\Windows\system32\DRIVERS\Sftfslh.sys [?]R3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftplaylh.sys --> C:\Windows\system32\DRIVERS\Sftplaylh.sys [?]R3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftredirlh.sys --> C:\Windows\system32\DRIVERS\Sftredirlh.sys [?]R3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh.sys --> C:\Windows\system32\DRIVERS\Sftvollh.sys [?]R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]S2 CLKMSVC10_C6F09094;CyberLink Product - 2010/08/20 19:23:26;C:\Program Files (x86)\Hewlett-Packard\Media\DVD\Kernel\HDDVD\NavFilter\kmsvc.exe [2010-8-20 245232]S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-9-14 136176]S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-23 257224]S3 DCamUSBVM;Lenovo Q350 USB PC Camera;C:\Windows\system32\Drivers\usbVM31b.sys --> C:\Windows\system32\Drivers\usbVM31b.sys [?]S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-9-14 136176]S3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\system32\DRIVERS\lvrs64.sys --> C:\Windows\system32\DRIVERS\lvrs64.sys [?]S3 LVUVC64;Logitech Webcam Pro 9000(UVC);C:\Windows\system32\DRIVERS\lvuvc64.sys --> C:\Windows\system32\DRIVERS\lvuvc64.sys [?]S3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?]S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-3-26 291696]S3 npggsvc;nProtect GameGuard Service;C:\Windows\system32\GameMon.des -service --> C:\Windows\system32\GameMon.des -service [?]S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]S4 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-3-15 183560]S4 CinemaNow Service;CinemaNow Service;C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe [2010-6-12 400368]S4 Updater Service for StartNow Toolbar;Updater Service for StartNow Toolbar;C:\Program Files (x86)\StartNow Toolbar\ToolbarUpdaterService.exe [2011-10-25 244960].=============== File Associations ===============.inffile=%SystemRoot%\SysWow64\NOTEPAD.EXE %1inifile=%SystemRoot%\SysWow64\NOTEPAD.EXE %1JSEFile="%SystemRoot%\System32\WScript.exe" "%1" %*txtfile=%SystemRoot%\SysWow64\NOTEPAD.EXE %1.=============== Created Last 30 ================.2012-06-17 15:38:11 69000 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{731234C3-A99A-41AC-960B-52ED82FEFD9A}\offreg.dll2012-06-17 15:38:04 20480 ----a-w- C:\Windows\svchost.exe2012-06-17 15:37:12 35664 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{731234C3-A99A-41AC-960B-52ED82FEFD9A}\MpKsl54f09428.sys2012-06-17 15:16:57 -------- d-----w- C:\ProgramData\AMD2012-06-17 15:16:56 -------- d-----w- C:\Program Files (x86)\AMD AVT2012-06-17 15:16:55 -------- d-----w- C:\Program Files (x86)\AMD APP2012-06-17 14:32:00 8955792 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{731234C3-A99A-41AC-960B-52ED82FEFD9A}\mpengine.dll2012-06-16 20:38:59 -------- d-----w- C:\Users\four\AppData\Roaming\Malwarebytes2012-06-16 20:38:51 -------- d-----w- C:\ProgramData\Malwarebytes2012-06-16 20:38:50 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys2012-06-16 20:38:50 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware2012-06-16 00:22:51 8955792 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll2012-06-13 12:48:35 927800 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{2D34FC98-D238-4B71-AF93-0280343646EE}\gapaengine.dll2012-06-13 10:31:04 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe2012-06-13 10:31:04 77312 ----a-w- C:\Windows\System32\rdpwsx.dll2012-06-13 10:31:04 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll2012-06-13 10:31:01 209920 ----a-w- C:\Windows\System32\profsvc.dll2012-06-13 10:30:56 3146752 ----a-w- C:\Windows\System32\win32k.sys2012-06-13 10:30:54 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys2012-06-13 10:30:51 3216384 ----a-w- C:\Windows\System32\msi.dll2012-06-13 10:30:49 2342400 ----a-w- C:\Windows\SysWow64\msi.dll2012-06-13 10:30:43 1462272 ----a-w- C:\Windows\System32\crypt32.dll2012-06-13 10:30:42 184320 ----a-w- C:\Windows\System32\cryptsvc.dll2012-06-13 10:30:42 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll2012-06-13 10:30:42 140288 ----a-w- C:\Windows\System32\cryptnet.dll2012-06-13 10:30:42 1158656 ----a-w- C:\Windows\SysWow64\crypt32.dll2012-06-13 10:30:42 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll2012-06-10 20:41:03 -------- d-----w- C:\Users\four\AppData\Roaming\.edmiester7772012-06-08 20:25:20 -------- d-----w- C:\Users\four\AppData\Local\pesterchum2012-06-08 20:24:45 -------- d-----w- C:\Pesterchum2012-06-07 02:16:24 7021336 ----a-w- C:\Program Files (x86)\Common Files\wruninstall.exe2012-06-07 02:16:00 -------- d-----w- C:\Users\four\AppData\Local\lptmp9816897262012-06-07 02:15:18 148664 ----a-w- C:\Windows\SysWow64\WRusr.dll2012-06-07 02:15:18 101808 ----a-w- C:\Windows\System32\WRusr.dll2012-06-07 02:15:17 112656 ----a-w- C:\Windows\System32\drivers\WRkrn.sys2012-06-07 02:15:15 -------- d-----w- C:\Program Files\Webroot2012-06-07 02:15:14 -------- d-----w- C:\ProgramData\WRData2012-06-04 23:22:22 -------- d-----w- C:\Users\four\AppData\Local\{4A0D9C50-76C6-45B0-A609-850E959DE7F7}2012-06-04 23:22:12 -------- d-----w- C:\Users\four\AppData\Local\{8208C93B-1E1F-4F9E-AFA7-D3E0DA89C082}2012-06-04 22:42:35 -------- d-----w- C:\Users\four\AppData\Local\{491DBD74-B6BA-47C3-BD06-970FFDFD94BC}2012-06-04 22:42:25 -------- d-----w- C:\Users\four\AppData\Local\{6C60F1A4-6A30-4751-85C1-E1A0B5830C9B}2012-06-03 22:15:50 -------- d-----w- C:\Users\four\AppData\Local\Facebook2012-05-20 13:32:34 -------- d-----w- C:\Users\four\jagexcache2012-05-19 20:49:10 -------- d-----w- C:\Program Files (x86)\Doomsday.==================== Find3M ====================.2012-06-16 23:13:50 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl2012-06-16 23:13:50 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe2012-05-18 02:06:48 2311680 ----a-w- C:\Windows\System32\jscript9.dll2012-05-18 01:59:14 1392128 ----a-w- C:\Windows\System32\wininet.dll2012-05-18 01:58:39 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl2012-05-18 01:55:22 173056 ----a-w- C:\Windows\System32\ieUnatt.exe2012-05-18 01:51:30 2382848 ----a-w- C:\Windows\System32\mshtml.tlb2012-05-17 22:45:37 1800192 ----a-w- C:\Windows\SysWow64\jscript9.dll2012-05-17 22:35:47 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll2012-05-17 22:35:39 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl2012-05-17 22:29:45 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe2012-05-17 22:24:45 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb2012-05-05 09:16:20 8744608 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe2012-04-28 15:17:14 466456 ----a-w- C:\Windows\System32\wrap_oal.dll2012-04-28 15:17:14 444952 ----a-w- C:\Windows\SysWow64\wrap_oal.dll2012-04-28 15:17:14 122904 ----a-w- C:\Windows\System32\OpenAL32.dll2012-04-28 15:17:14 109080 ----a-w- C:\Windows\SysWow64\OpenAL32.dll2012-04-06 05:22:40 11174400 ----a-w- C:\Windows\System32\drivers\atikmdag.sys2012-04-06 02:34:26 187392 ----a-w- C:\Windows\System32\clinfo.exe2012-04-06 02:34:10 74752 ----a-w- C:\Windows\System32\OpenVideo64.dll2012-04-06 02:34:04 64512 ----a-w- C:\Windows\SysWow64\OpenVideo.dll2012-04-06 02:33:56 63488 ----a-w- C:\Windows\System32\OVDecode64.dll2012-04-06 02:33:52 56320 ----a-w- C:\Windows\SysWow64\OVDecode.dll2012-04-06 02:33:44 16457216 ----a-w- C:\Windows\System32\amdocl64.dll2012-04-06 02:32:56 13007872 ----a-w- C:\Windows\SysWow64\amdocl.dll2012-04-06 02:32:08 54784 ----a-w- C:\Windows\System32\OpenCL.dll2012-04-06 02:32:04 50176 ----a-w- C:\Windows\SysWow64\OpenCL.dll2012-04-06 02:22:00 159744 ----a-w- C:\Windows\System32\atiapfxx.exe2012-04-06 02:21:52 909312 ----a-w- C:\Windows\SysWow64\aticfx32.dll2012-04-06 02:20:04 1067520 ----a-w- C:\Windows\System32\aticfx64.dll2012-04-06 02:16:52 442368 ----a-w- C:\Windows\System32\ATIDEMGX.dll2012-04-06 02:16:46 503808 ----a-w- C:\Windows\System32\atieclxx.exe2012-04-06 02:16:02 236544 ----a-w- C:\Windows\System32\atiesrxx.exe2012-04-06 02:14:44 120320 ----a-w- C:\Windows\System32\atitmm64.dll2012-04-06 02:14:30 21504 ----a-w- C:\Windows\System32\atimuixx.dll2012-04-06 02:14:26 59392 ----a-w- C:\Windows\System32\atiedu64.dll2012-04-06 02:14:20 43520 ----a-w- C:\Windows\SysWow64\ati2edxx.dll2012-04-06 02:13:42 6800896 ----a-w- C:\Windows\SysWow64\atidxx32.dll2012-04-06 02:10:50 26181632 ----a-w- C:\Windows\System32\atio6axx.dll2012-04-06 02:00:10 64000 ----a-w- C:\Windows\System32\coinst.dll2012-04-06 01:54:46 7479296 ----a-w- C:\Windows\System32\atidxx64.dll2012-04-06 01:50:56 19753984 ----a-w- C:\Windows\SysWow64\atioglxx.dll2012-04-06 01:35:24 1120768 ----a-w- C:\Windows\System32\atiumd6v.dll2012-04-06 01:34:50 1831424 ----a-w- C:\Windows\SysWow64\atiumdmv.dll2012-04-06 01:34:34 4731904 ----a-w- C:\Windows\System32\atiumd6a.dll2012-04-06 01:34:04 6203392 ----a-w- C:\Windows\SysWow64\atiumdag.dll2012-04-06 01:30:16 51200 ----a-w- C:\Windows\System32\aticalrt64.dll2012-04-06 01:30:14 46080 ----a-w- C:\Windows\SysWow64\aticalrt.dll2012-04-06 01:30:08 44544 ----a-w- C:\Windows\System32\aticalcl64.dll2012-04-06 01:30:06 44032 ----a-w- C:\Windows\SysWow64\aticalcl.dll2012-04-06 01:29:54 16090624 ----a-w- C:\Windows\System32\aticaldd64.dll2012-04-06 01:25:30 13764096 ----a-w- C:\Windows\SysWow64\aticaldd.dll2012-04-06 01:23:24 7431680 ----a-w- C:\Windows\System32\atiumd64.dll2012-04-06 01:22:54 4795904 ----a-w- C:\Windows\SysWow64\atiumdva.dll2012-04-06 01:11:28 514560 ----a-w- C:\Windows\System32\atiadlxx.dll2012-04-06 01:11:20 360448 ----a-w- C:\Windows\SysWow64\atiadlxy.dll2012-04-06 01:11:06 17408 ----a-w- C:\Windows\System32\atig6pxx.dll2012-04-06 01:11:04 14848 ----a-w- C:\Windows\SysWow64\atiglpxx.dll2012-04-06 01:11:04 14848 ----a-w- C:\Windows\System32\atiglpxx.dll2012-04-06 01:11:00 41984 ----a-w- C:\Windows\System32\atig6txx.dll2012-04-06 01:10:52 33280 ----a-w- C:\Windows\SysWow64\atigktxx.dll2012-04-06 01:10:44 343040 ----a-w- C:\Windows\System32\drivers\atikmpag.sys2012-04-06 01:09:56 54784 ----a-w- C:\Windows\System32\atiuxp64.dll2012-04-06 01:09:48 41984 ----a-w- C:\Windows\SysWow64\atiuxpag.dll2012-04-06 01:09:42 44544 ----a-w- C:\Windows\System32\atiu9p64.dll2012-04-06 01:09:34 32256 ----a-w- C:\Windows\SysWow64\atiu9pag.dll2012-04-06 01:09:02 53248 ----a-w- C:\Windows\System32\drivers\ati2erec.dll2012-04-06 01:06:08 54784 ----a-w- C:\Windows\System32\atimpc64.dll2012-04-06 01:06:08 54784 ----a-w- C:\Windows\System32\amdpcom64.dll2012-04-06 01:06:04 53760 ----a-w- C:\Windows\SysWow64\atimpc32.dll2012-04-06 01:06:04 53760 ----a-w- C:\Windows\SysWow64\amdpcom32.dll2012-03-31 06:05:57 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe2012-03-31 04:39:37 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe2012-03-31 04:39:37 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe2012-03-30 11:35:47 1918320 ----a-w- C:\Windows\System32\drivers\tcpip.sys2012-03-21 00:44:12 98688 ----a-w- C:\Windows\System32\drivers\NisDrvWFP.sys2012-03-21 00:44:12 203888 ----a-w- C:\Windows\System32\drivers\MpFilter.sys.============= FINISH: 18:09:17.35 ===============UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2011-08-26.01).Microsoft Windows 7 Home PremiumBoot Device: \Device\HarddiskVolume1Install Date: 11/28/2010 6:47:57 AMSystem Uptime: 6/17/2012 11:36:24 AM (7 hours ago).Motherboard: MSI | | 2A9CProcessor: Intel® Core i5 CPU 650 @ 3.20GHz | CPU 1 | 3201/133mhz.==== Disk Partitions =========================.C: is FIXED (NTFS) - 919 GiB total, 547.534 GiB free.D: is FIXED (NTFS) - 12 GiB total, 1.484 GiB free.E: is CDROM ()G: is RemovableH: is RemovableI: is RemovableJ: is Removable.==== Disabled Device Manager Items =============.==== System Restore Points ===================.RP217: 6/14/2012 3:00:11 AM - Windows UpdateRP218: 6/15/2012 3:00:12 AM - Windows UpdateRP219: 6/16/2012 3:00:11 AM - Windows UpdateRP220: 6/17/2012 3:00:12 AM - Windows UpdateRP221: 6/17/2012 11:17:42 AM - Windows Update.==== Installed Programs ======================.7-Zip 9.20ActiveCheck component for HP Active Support LibraryAdobe AIRAdobe Flash Player 11 PluginAdobe Reader X (10.1.3)Age of ChivalryAlien Zombie MegadeathAlliance of Valiant ArmsAmnesia: The Dark Descent DemoAnime Studio Debut 7.0APB ReloadedApple Application SupportApple Software UpdateAudacity 1.2.6Bandisoft MPEG-1 DecoderBattle.netBejeweled 2 DeluxeBing BarBing Rewards Client InstallerBlackhawk Striker 2Bloodline ChampionsBrawl BustersBrickForce 1.4.40Build-a-lot 2Build Your Own Net Dream (remove only)Burn Zombie BurnCall of Duty® - World at WarCameraHelperMsiCamStudio OSS Desktop RecorderCanon IJ Network Scan UtilityCanon IJ Network ToolCanon MP Navigator 2.2Catalyst Control CenterCatalyst Control Center - BrandingCatalyst Control Center Graphics Previews CommonCatalyst Control Center InstallProxyCatalyst Control Center Localization AllCCC Help Chinese StandardCCC Help Chinese TraditionalCCC Help CzechCCC Help DanishCCC Help DutchCCC Help EnglishCCC Help FinnishCCC Help FrenchCCC Help GermanCCC Help GreekCCC Help HungarianCCC Help ItalianCCC Help JapaneseCCC Help KoreanCCC Help NorwegianCCC Help PolishCCC Help PortugueseCCC Help RussianCCC Help SpanishCCC Help SwedishCCC Help ThaiCCC Help TurkishChuzzle DeluxeCinemaNow Media ManagerCounter-Strike: SourceCounter-Strike: Source BetaCrimecraft: BLEEDOUTCubemenCyberLink DVD Suite DeluxeD3DX10Darkest of Days - DemoDiabloDiablo IIIDiablo III BetaDiner Dash 2 Restaurant RescueDoomsday Engine 1.9.8Dora's Carnival AdventureDungeon Defenders DemoDVD Menu Pack for HP MediaSmart VideoEmpireserLTEscape Rosecliff IslandFacebook Video Calling 1.2.0.159Fallout: New VegasFATEFinal Drive NitroFlipShareForeign Legion: Buckets of BloodFPS Creator FreeFrapsFree Ride Games PlayerGame Maker 8.0GameSpy ArcadeGarry's ModGoogle ChromeGoogle Toolbar for Internet ExplorerGoogle Update HelperGotham City ImpostorsHalf-Life 2Half-Life 2: Lost CoastHalf-Life Deathmatch: SourceHalf-Life: SourceHelicopter Strike ForceHeroes of Hellas 2 - OlympiaHot WheelsHot Wheels Stunt Track ChallengeHP AdvisorHP Customer Experience EnhancementsHP GamesHP MediaSmart CinemaNow 2.0HP MediaSmart DVDHP MediaSmart MusicHP MediaSmart PhotoHP MediaSmart VideoHP MediaSmart/TouchSmart NetflixHP OdometerHP SetupHP Support AssistantHP Support InformationHP UpdateHPAsset component for HP Active Support LibraryHulu DesktopHydraVisioniLividIntel® Management Engine ComponentsIntel® Rapid Storage TechnologyJava Auto UpdaterJava 6 Update 30Jed's Half-Life Model Viewer 1.3.6Jewel Quest 3Jewel Quest Solitaire 2Junk Mail filter updateKilling FloorKilling Floor Mod: Defence Alliance 2KoboLabelPrintLeft 4 DeadLeft 4 Dead 2Left 4 Dead 2 Add-on SupportLightScribe System SoftwareLogitech Vid HDLogitech Webcam SoftwareLWS FacebookLWS GalleryLWS Help_mainLWS LauncherLWS Motion DetectionLWS Pictures And VideoLWS TwitterLWS Video Mask MakerLWS Webcam SoftwareLWS WLM PluginLWS YouTube PluginMalwarebytes Anti-Malware version 1.61.0.1400Mastercam XMedal of Honor AirborneMicrosoft .NET Framework 1.1Microsoft Games for Windows - LIVE RedistributableMicrosoft Games for Windows MarketplaceMicrosoft Office 2010Microsoft Office Click-to-Run 2010Microsoft Office Starter 2010 - EnglishMicrosoft SQL Server 2005 Compact Edition [ENU]Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053Microsoft Visual C++ 2005 RedistributableMicrosoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219Microsoft Windows Media Video 9 VCMMicrosoft Works 6-9 ConverterMicrosoft WSE 3.0 RuntimeMicrosoft XNA Framework Redistributable 3.1Microsoft XNA Framework Redistributable 4.0Monster Madness: Battle for SuburbiaMortal Kombat KollectionMovie Theme Pack for HP MediaSmart VideoMP4 playerMSVCRTMSVCRT_amd64MSXML 4.0 SP2 (KB954430)MSXML 4.0 SP2 (KB973688)MSXML 4.0 SP3 ParserMSXML 4.0 SP3 Parser (KB973685)Norton Online BackupNorton Security ScanNVIDIA PhysXOblivionOpenALOpenOffice.org 3.2Pando Media BoosterPDF Complete Special EditionPenguins!PESTERCHUMPhotoJoyPhotoJoy US ToolbarPhotoNow!Plants vs. ZombiesPMBPoker Superstars IIIPolar BowlerPolar GolferPortal 2Pound of Ground DemoPower2GoPowerDirectorPressReaderProject BlackoutPunkBuster ServicesQuake Live Internet Explorer PluginQuickTimeRalink RT2860 Wireless LAN CardRealm of the Mad GodRealtek High Definition Audio DriverRecovery ManagerRollerCoaster Tycoon 3 PlatinumRoxio CinemaNow 2.0Security Update for CAPICOM (KB931906)Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)Security Update for Microsoft .NET Framework 4 Extended (KB2416472)Security Update for Microsoft .NET Framework 4 Extended (KB2487367)Security Update for Microsoft .NET Framework 4 Extended (KB2656351)Serious Sam 2Shank 2 DemoShoot Many RobotsShopping4Causes Shopping PluginSpongeBob SquarePants Employee of the MonthStartNow ToolbarSteamStop Motion Animation Companion CD 1.3Stunt Track DriverSuper Monday Night CombatSynergyTeam Fortress 2Team Fortress 2 BetaTerrariaThe Binding Of IsaacThe Fairly OddParents - Shadow Showdown (remove only)TimesUpKidzTomb Raider: LegendU.B. FunkeysUnity Web PlayerUpdate for Microsoft .NET Framework 4 Client Profile (KB2468871)Update for Microsoft .NET Framework 4 Client Profile (KB2473228)Update for Microsoft .NET Framework 4 Client Profile (KB2533523)Update for Microsoft .NET Framework 4 Client Profile (KB2600217)Update for Microsoft .NET Framework 4 Extended (KB2468871)Update for Microsoft .NET Framework 4 Extended (KB2533523)Update for Microsoft .NET Framework 4 Extended (KB2600217)Update Installer for WildTangent Games AppVirtual FamiliesVirtual Villagers - The Secret CityVLC media player 1.1.11Webroot SecureAnywhereWheel of Fortune 2WildTangent Games App (HP Games)Windows Live Communications PlatformWindows Live EssentialsWindows Live InstallerWindows Live MailWindows Live MessengerWindows Live Movie MakerWindows Live Photo CommonWindows Live Photo GalleryWindows Live PIMT PlatformWindows Live SOXEWindows Live SOXE DefinitionsWindows Live SyncWindows Live UX PlatformWindows Live UX Platform Language PackWindows Live WriterWindows Live Writer ResourcesWorld of WarcraftWorld of Warcraft BetaYahoo! Software UpdateYahoo! ToolbarZinio Reader 4Zuma Deluxe.==== Event Viewer Messages From Past Week ========.6/17/2012 11:38:57 AM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:DOS/Alureon.A&threatid=2147636949 Name: Trojan:DOS/Alureon.A ID: 2147636949 Severity: Severe Category: Trojan Path: rootkit:_Alureon->Mbr::Alureon Detection Origin: Unknown Detection Type: Concrete Detection Source: System User: NT AUTHORITY\SYSTEM Process Name: Unknown Action: Quarantine Action Status: To finish removing malware and other potentially unwanted software, restart the computer. To see how to finish removing malware and other potentially unwanted software, see the support article on the Microsoft Security website. Error Code: 0x80070032 Error description: The request is not supported. Signature Version: AV: 1.127.2172.0, AS: 1.127.2172.0, NIS: 11.137.0.0 Engine Version: AM: 1.1.8403.0, NIS: 2.0.8001.06/17/2012 11:37:08 AM, Error: Service Control Manager [7000] - The Hardlock service failed to start due to the following error: This driver has been blocked from loading6/17/2012 11:37:08 AM, Error: Application Popup [1060] - \??\C:\Windows\SysWow64\drivers\hardlock.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.6/17/2012 11:35:50 AM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.6/17/2012 11:27:31 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}6/17/2012 11:19:43 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}6/17/2012 11:19:43 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}6/17/2012 11:19:41 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}6/17/2012 11:19:40 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}6/17/2012 11:19:34 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}6/17/2012 11:19:16 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD DfsC discache MpFilter NetBIOS NetBT nsiproxy Psched rdbss spldr tdx vwififlt Wanarpv6 WfpLwf6/17/2012 11:19:13 AM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.6/17/2012 11:19:13 AM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.6/17/2012 11:19:13 AM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.6/17/2012 11:19:13 AM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.6/17/2012 11:19:13 AM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.6/17/2012 11:19:13 AM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.6/17/2012 11:19:13 AM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.6/17/2012 11:19:13 AM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.6/17/2012 11:19:13 AM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.6/17/2012 11:19:13 AM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.6/17/2012 11:19:13 AM, Error: Service Control Manager [7001] - The Client Virtualization Handler service depends on the Application Virtualization Client service which failed to start because of the following error: The dependency service or group failed to start.6/17/2012 11:18:01 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Windows 7 for x64-based Systems (KB2709715).6/17/2012 11:14:30 AM, Error: Service Control Manager [7009] - A timeout was reached (60001 milliseconds) while waiting for the AMD External Events Utility service to connect.6/17/2012 11:14:30 AM, Error: Service Control Manager [7000] - The AMD External Events Utility service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.6/17/2012 10:22:23 AM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:DOS/Alureon.A&threatid=2147636949 Name: Trojan:DOS/Alureon.A ID: 2147636949 Severity: Severe Category: Trojan Path: rootkit:_Alureon->Mbr::Alureon Detection Origin: Unknown Detection Type: Concrete Detection Source: System User: NT AUTHORITY\SYSTEM Process Name: Unknown Action: Quarantine Action Status: To finish removing malware and other potentially unwanted software, restart the computer. To see how to finish removing malware and other potentially unwanted software, see the support article on the Microsoft Security website. Error Code: 0x80070032 Error description: The request is not supported. Signature Version: AV: 1.127.2110.0, AS: 1.127.2110.0, NIS: 11.137.0.0 Engine Version: AM: 1.1.8403.0, NIS: 2.0.8001.06/16/2012 7:18:16 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:DOS/Alureon.A&threatid=2147636949 Name: Trojan:DOS/Alureon.A ID: 2147636949 Severity: Severe Category: Trojan Path: rootkit:_Alureon->Mbr::Alureon Detection Origin: Unknown Detection Type: Concrete Detection Source: System User: NT AUTHORITY\SYSTEM Process Name: Unknown Action: Quarantine Action Status: To finish removing malware and other potentially unwanted software, restart the computer. To see how to finish removing malware and other potentially unwanted software, see the support article on the Microsoft Security website. Error Code: 0x80070032 Error description: The request is not supported. Signature Version: AV: 1.127.2110.0, AS: 1.127.2110.0, NIS: 11.137.0.0 Engine Version: AM: 1.1.8403.0, NIS: 2.0.8001.06/16/2012 7:13:33 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:DOS/Alureon.A&threatid=2147636949 Name: Trojan:DOS/Alureon.A ID: 2147636949 Severity: Severe Category: Trojan Path: rootkit:_Alureon->Mbr::Alureon Detection Origin: Unknown Detection Type: Concrete Detection Source: System User: NT AUTHORITY\SYSTEM Process Name: Unknown Action: Quarantine Action Status: To finish removing malware and other potentially unwanted software, restart the computer. To see how to finish removing malware and other potentially unwanted software, see the support article on the Microsoft Security website. Error Code: 0x80070032 Error description: The request is not supported. Signature Version: AV: 1.127.2110.0, AS: 1.127.2110.0, NIS: 11.137.0.0 Engine Version: AM: 1.1.8403.0, NIS: 2.0.8001.06/14/2012 8:11:51 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:DOS/Alureon.A&threatid=2147636949 Name: Trojan:DOS/Alureon.A ID: 2147636949 Severity: Severe Category: Trojan Path: rootkit:_Alureon->Mbr::Alureon Detection Origin: Unknown Detection Type: Concrete Detection Source: System User: NT AUTHORITY\SYSTEM Process Name: Unknown Action: Quarantine Action Status: To finish removing malware and other potentially unwanted software, restart the computer. To see how to finish removing malware and other potentially unwanted software, see the support article on the Microsoft Security website. Error Code: 0x80070032 Error description: The request is not supported. Signature Version: AV: 1.127.2024.0, AS: 1.127.2024.0, NIS: 11.137.0.0 Engine Version: AM: 1.1.8403.0, NIS: 2.0.8001.06/14/2012 7:06:10 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:DOS/Alureon.A&threatid=2147636949 Name: Trojan:DOS/Alureon.A ID: 2147636949 Severity: Severe Category: Trojan Path: rootkit:_Alureon->Mbr::Alureon Detection Origin: Unknown Detection Type: Concrete Detection Source: System User: NT AUTHORITY\SYSTEM Process Name: Unknown Action: Quarantine Action Status: To finish removing malware and other potentially unwanted software, restart the computer. To see how to finish removing malware and other potentially unwanted software, see the support article on the Microsoft Security website. Error Code: 0x80070032 Error description: The request is not supported. Signature Version: AV: 1.127.1891.0, AS: 1.127.1891.0, NIS: 11.137.0.0 Engine Version: AM: 1.1.8403.0, NIS: 2.0.8001.06/14/2012 3:28:55 AM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:DOS/Alureon.A&threatid=2147636949 Name: Trojan:DOS/Alureon.A ID: 2147636949 Severity: Severe Category: Trojan Path: rootkit:_Alureon->Mbr::Alureon Detection Origin: Unknown Detection Type: Concrete Detection Source: System User: NT AUTHORITY\SYSTEM Process Name: Unknown Action: Quarantine Action Status: To finish removing malware and other potentially unwanted software, restart the computer. To see how to finish removing malware and other potentially unwanted software, see the support article on the Microsoft Security website. Error Code: 0x80070032 Error description: The request is not supported. Signature Version: AV: 1.127.1891.0, AS: 1.127.1891.0, NIS: 11.137.0.0 Engine Version: AM: 1.1.8403.0, NIS: 2.0.8001.06/11/2012 3:53:52 AM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:DOS/Alureon.A&threatid=2147636949 Name: Trojan:DOS/Alureon.A ID: 2147636949 Severity: Severe Category: Trojan Path: rootkit:_Alureon->Mbr::Alureon Detection Origin: Unknown Detection Type: Concrete Detection Source: System User: NT AUTHORITY\SYSTEM Process Name: Unknown Action: Quarantine Action Status: To finish removing malware and other potentially unwanted software, restart the computer. To see how to finish removing malware and other potentially unwanted software, see the support article on the Microsoft Security website. Error Code: 0x80070032 Error description: The request is not supported. Signature Version: AV: 1.127.1726.0, AS: 1.127.1726.0, NIS: 11.0.0.0 Engine Version: AM: 1.1.8403.0, NIS: 2.0.8001.06/10/2012 4:52:31 PM, Error: Service Control Manager [7031] - The WRSVC service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service..==== End Of File =========================== Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted June 17, 2012 Root Admin ID:561456 Share Posted June 17, 2012 Please download and run the following scanner from Kaspersky. If possible please temporarily disable your Anti-Virus until this scanner has completed running. On the "change parameters" please enable the other 2 options and scan your system and send me back the log please.Do not take any action against unsigned files at this time.tdsskiller.exeNote:* The utility has graphical user interface.* The utility supports 32-bit and 64-bit operation systems.* The utility can be run in Normal Mode and Safe Mode.Please send me back the log so that I can review what if anything was found. By default, the utility outputs the log to root folder of C:Logs have names like: UtilityName.Version_Date_Time_log.txt.E.g. C:\TDSSKiller.2.4.7_23.07.2010_15.31.43_log.txtThank you Link to post Share on other sites More sharing options...
mullerfour Posted June 18, 2012 Author ID:561780 Share Posted June 18, 2012 Thank you so much for your help. I hope I am doing this right. When the scan completed, there were some "unsigned files" and the default action was skip. There was also something for which the default was "cure" - I didn't change anything, just hit continue. It asked me to reboot, and I managed to find this log - I hope it is what I am supposed to be sending? I really appreciate your assistance....17:42:18.0412 13568 TDSS rootkit removing tool 2.7.40.0 Jun 15 2012 15:13:3117:42:18.0802 13568 ============================================================17:42:18.0802 13568 Current date / time: 2012/06/18 17:42:18.080217:42:18.0802 13568 SystemInfo:17:42:18.0802 1356817:42:18.0802 13568 OS Version: 6.1.7601 ServicePack: 1.017:42:18.0802 13568 Product type: Workstation17:42:18.0802 13568 ComputerName: FOUR-HP17:42:18.0802 13568 UserName: four17:42:18.0802 13568 Windows directory: C:\Windows17:42:18.0802 13568 System windows directory: C:\Windows17:42:18.0802 13568 Running under WOW6417:42:18.0802 13568 Processor architecture: Intel x6417:42:18.0802 13568 Number of processors: 417:42:18.0802 13568 Page size: 0x100017:42:18.0802 13568 Boot type: Normal boot17:42:18.0802 13568 ============================================================17:42:19.0129 13568 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x0000004017:42:19.0160 13568 ============================================================17:42:19.0160 13568 \Device\Harddisk0\DR0:17:42:19.0160 13568 MBR partitions:17:42:19.0160 13568 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3200017:42:19.0160 13568 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x72E8D00017:42:19.0160 13568 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x72EBF800, BlocksNum 0x184680017:42:19.0160 13568 ============================================================17:42:19.0192 13568 C: <-> \Device\Harddisk0\DR0\Partition117:42:19.0238 13568 D: <-> \Device\Harddisk0\DR0\Partition217:42:19.0238 13568 ============================================================17:42:19.0238 13568 Initialize success17:42:19.0238 13568 ============================================================17:42:26.0758 17704 ============================================================17:42:26.0758 17704 Scan started17:42:26.0758 17704 Mode: Manual; SigCheck; TDLFS;17:42:26.0758 17704 ============================================================17:42:27.0709 17704 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys17:42:27.0881 17704 1394ohci - ok17:42:27.0974 17704 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys17:42:27.0974 17704 ACPI - ok17:42:28.0021 17704 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys17:42:28.0146 17704 AcpiPmi - ok17:42:28.0271 17704 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe17:42:28.0286 17704 AdobeARMservice - ok17:42:28.0583 17704 AdobeFlashPlayerUpdateSvc (f3cd7b20b27d1772c946df993ff3635c) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe17:42:28.0598 17704 AdobeFlashPlayerUpdateSvc - ok17:42:28.0676 17704 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys17:42:28.0708 17704 adp94xx - ok17:42:28.0754 17704 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys17:42:28.0786 17704 adpahci - ok17:42:28.0801 17704 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys17:42:28.0817 17704 adpu320 - ok17:42:28.0848 17704 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll17:42:28.0988 17704 AeLookupSvc - ok17:42:29.0066 17704 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys17:42:29.0082 17704 AFD - ok17:42:29.0129 17704 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys17:42:29.0144 17704 agp440 - ok17:42:29.0160 17704 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe17:42:29.0238 17704 ALG - ok17:42:29.0254 17704 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys17:42:29.0269 17704 aliide - ok17:42:29.0347 17704 AMD External Events Utility (20c8a3e435a47f0408a1ea674afa6194) C:\Windows\system32\atiesrxx.exe17:42:29.0441 17704 AMD External Events Utility - ok17:42:29.0472 17704 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys17:42:29.0472 17704 amdide - ok17:42:29.0503 17704 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys17:42:29.0534 17704 AmdK8 - ok17:42:30.0205 17704 amdkmdag (0b45c18b0f3ee996d25baa4e74884b83) C:\Windows\system32\DRIVERS\atikmdag.sys17:42:30.0424 17704 amdkmdag - ok17:42:30.0642 17704 amdkmdap (0e57258e5cc4cc7a9a9a877afdf0cec6) C:\Windows\system32\DRIVERS\atikmpag.sys17:42:30.0704 17704 amdkmdap - ok17:42:30.0736 17704 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys17:42:30.0782 17704 AmdPPM - ok17:42:30.0845 17704 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys17:42:30.0860 17704 amdsata - ok17:42:30.0892 17704 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys17:42:30.0907 17704 amdsbs - ok17:42:30.0923 17704 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys17:42:30.0938 17704 amdxata - ok17:42:30.0985 17704 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys17:42:31.0126 17704 AppID - ok17:42:31.0141 17704 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll17:42:31.0219 17704 AppIDSvc - ok17:42:31.0282 17704 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll17:42:31.0360 17704 Appinfo - ok17:42:31.0453 17704 Apple Mobile Device (018857ead9a077a56aedfc0e5ef7a24a) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe17:42:31.0469 17704 Apple Mobile Device - ok17:42:31.0500 17704 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys17:42:31.0516 17704 arc - ok17:42:31.0531 17704 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys17:42:31.0547 17704 arcsas - ok17:42:31.0656 17704 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe17:42:31.0672 17704 aspnet_state - ok17:42:31.0703 17704 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys17:42:31.0750 17704 AsyncMac - ok17:42:31.0796 17704 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys17:42:31.0812 17704 atapi - ok17:42:31.0843 17704 AtiHdmiService (637e0753bd6deb8ea5314a5c357ec1a0) C:\Windows\system32\drivers\AtiHdmi.sys17:42:31.0859 17704 AtiHdmiService - ok17:42:31.0952 17704 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll17:42:32.0046 17704 AudioEndpointBuilder - ok17:42:32.0062 17704 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll17:42:32.0093 17704 AudioSrv - ok17:42:32.0155 17704 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll17:42:32.0233 17704 AxInstSV - ok17:42:32.0280 17704 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys17:42:32.0327 17704 b06bdrv - ok17:42:32.0374 17704 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys17:42:32.0420 17704 b57nd60a - ok17:42:32.0530 17704 BBSvc (dbf43db0c648db9101d61041e00df5c4) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE17:42:32.0561 17704 BBSvc - ok17:42:32.0576 17704 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll17:42:32.0592 17704 BDESVC - ok17:42:32.0608 17704 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys17:42:32.0670 17704 Beep - ok17:42:32.0748 17704 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll17:42:32.0826 17704 BFE - ok17:42:32.0920 17704 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll17:42:32.0998 17704 BITS - ok17:42:33.0060 17704 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys17:42:33.0060 17704 blbdrive - ok17:42:33.0154 17704 Bonjour Service (f832f1505ad8b83474bd9a5b1b985e01) C:\Program Files (x86)\Bonjour\mDNSResponder.exe17:42:33.0169 17704 Bonjour Service - ok17:42:33.0232 17704 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys17:42:33.0263 17704 bowser - ok17:42:33.0278 17704 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys17:42:33.0325 17704 BrFiltLo - ok17:42:33.0341 17704 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys17:42:33.0356 17704 BrFiltUp - ok17:42:33.0419 17704 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll17:42:33.0481 17704 Browser - ok17:42:33.0512 17704 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys17:42:33.0559 17704 Brserid - ok17:42:33.0575 17704 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys17:42:33.0590 17704 BrSerWdm - ok17:42:33.0622 17704 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys17:42:33.0653 17704 BrUsbMdm - ok17:42:33.0668 17704 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys17:42:33.0700 17704 BrUsbSer - ok17:42:33.0715 17704 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys17:42:33.0746 17704 BTHMODEM - ok17:42:33.0793 17704 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll17:42:33.0856 17704 bthserv - ok17:42:33.0902 17704 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys17:42:33.0949 17704 cdfs - ok17:42:34.0012 17704 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys17:42:34.0043 17704 cdrom - ok17:42:34.0121 17704 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll17:42:34.0214 17704 CertPropSvc - ok17:42:34.0292 17704 CinemaNow Service (ea3333db9ab03106eec0d6d9d487ed01) C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe17:42:34.0308 17704 CinemaNow Service - ok17:42:34.0339 17704 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys17:42:34.0386 17704 circlass - ok17:42:34.0448 17704 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys17:42:34.0480 17704 CLFS - ok17:42:34.0558 17704 CLKMSVC10_C6F09094 (dede5ec7dc09d840d5d74e06ff4de127) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\Kernel\HDDVD\NavFilter\kmsvc.exe17:42:34.0573 17704 CLKMSVC10_C6F09094 - ok17:42:34.0667 17704 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe17:42:34.0682 17704 clr_optimization_v2.0.50727_32 - ok17:42:34.0714 17704 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe17:42:34.0714 17704 clr_optimization_v2.0.50727_64 - ok17:42:34.0807 17704 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe17:42:34.0823 17704 clr_optimization_v4.0.30319_32 - ok17:42:34.0854 17704 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe17:42:34.0870 17704 clr_optimization_v4.0.30319_64 - ok17:42:34.0948 17704 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys17:42:34.0979 17704 CmBatt - ok17:42:35.0010 17704 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys17:42:35.0041 17704 cmdide - ok17:42:35.0119 17704 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys17:42:35.0150 17704 CNG - ok17:42:35.0182 17704 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys17:42:35.0197 17704 Compbatt - ok17:42:35.0213 17704 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys17:42:35.0244 17704 CompositeBus - ok17:42:35.0244 17704 COMSysApp - ok17:42:35.0260 17704 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys17:42:35.0275 17704 crcdisk - ok17:42:35.0338 17704 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll17:42:35.0369 17704 CryptSvc - ok17:42:35.0525 17704 cvhsvc (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE17:42:35.0556 17704 cvhsvc - ok17:42:35.0712 17704 DCamUSBVM (6e53d1058b900443949c69ec6215d98f) C:\Windows\system32\Drivers\usbVM31b.sys17:42:35.0806 17704 DCamUSBVM - ok17:42:35.0946 17704 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll17:42:35.0993 17704 DcomLaunch - ok17:42:36.0024 17704 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll17:42:36.0086 17704 defragsvc - ok17:42:36.0164 17704 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys17:42:36.0227 17704 DfsC - ok17:42:36.0305 17704 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll17:42:36.0383 17704 Dhcp - ok17:42:36.0414 17704 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys17:42:36.0476 17704 discache - ok17:42:36.0508 17704 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys17:42:36.0539 17704 Disk - ok17:42:36.0586 17704 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll17:42:36.0632 17704 Dnscache - ok17:42:36.0695 17704 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll17:42:36.0757 17704 dot3svc - ok17:42:36.0757 17704 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll17:42:36.0804 17704 DPS - ok17:42:36.0820 17704 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys17:42:36.0835 17704 drmkaud - ok17:42:36.0960 17704 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys17:42:36.0976 17704 DXGKrnl - ok17:42:37.0038 17704 EagleX64 - ok17:42:37.0069 17704 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll17:42:37.0132 17704 EapHost - ok17:42:37.0444 17704 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys17:42:37.0537 17704 ebdrv - ok17:42:37.0646 17704 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe17:42:37.0740 17704 EFS - ok17:42:37.0834 17704 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe17:42:37.0912 17704 ehRecvr - ok17:42:37.0943 17704 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe17:42:38.0005 17704 ehSched - ok17:42:38.0083 17704 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys17:42:38.0114 17704 elxstor - ok17:42:38.0161 17704 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys17:42:38.0192 17704 ErrDev - ok17:42:38.0224 17704 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll17:42:38.0317 17704 EventSystem - ok17:42:38.0348 17704 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys17:42:38.0380 17704 exfat - ok17:42:38.0411 17704 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys17:42:38.0458 17704 fastfat - ok17:42:38.0551 17704 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe17:42:38.0614 17704 Fax - ok17:42:38.0629 17704 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys17:42:38.0660 17704 fdc - ok17:42:38.0692 17704 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll17:42:38.0770 17704 fdPHost - ok17:42:38.0801 17704 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll17:42:38.0879 17704 FDResPub - ok17:42:38.0894 17704 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys17:42:38.0910 17704 FileInfo - ok17:42:38.0926 17704 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys17:42:38.0972 17704 Filetrace - ok17:42:38.0988 17704 fkxltbee - ok17:42:39.0097 17704 FlipShare Service (b8602c90d3c427d8a86ce60437615cf5) C:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exe17:42:39.0113 17704 FlipShare Service - ok17:42:39.0222 17704 FlipShareServer (ac5fb7094f31534594cae48306972cbd) C:\Program Files (x86)\Flip Video\FlipShareServer\FlipShareServer.exe17:42:39.0269 17704 FlipShareServer ( UnsignedFile.Multi.Generic ) - warning17:42:39.0269 17704 FlipShareServer - detected UnsignedFile.Multi.Generic (1)17:42:39.0362 17704 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys17:42:39.0378 17704 flpydisk - ok17:42:39.0425 17704 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys17:42:39.0456 17704 FltMgr - ok17:42:39.0565 17704 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll17:42:39.0643 17704 FontCache - ok17:42:39.0706 17704 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe17:42:39.0721 17704 FontCache3.0.0.0 - ok17:42:39.0768 17704 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys17:42:39.0784 17704 FsDepends - ok17:42:39.0830 17704 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys17:42:39.0846 17704 Fs_Rec - ok17:42:39.0846 17704 ftejopyi - ok17:42:39.0908 17704 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys17:42:39.0924 17704 fvevol - ok17:42:39.0955 17704 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys17:42:39.0971 17704 gagp30kx - ok17:42:40.0127 17704 GamesAppService (c403c5db49a0f9aaf4f2128edc0106d8) C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe17:42:40.0142 17704 GamesAppService - ok17:42:40.0174 17704 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys17:42:40.0189 17704 GEARAspiWDM - ok17:42:40.0283 17704 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll17:42:40.0361 17704 gpsvc - ok17:42:40.0470 17704 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe17:42:40.0486 17704 gupdate - ok17:42:40.0517 17704 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe17:42:40.0532 17704 gupdatem - ok17:42:40.0548 17704 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe17:42:40.0564 17704 gusvc - ok17:42:40.0564 17704 Hardlock - ok17:42:40.0579 17704 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys17:42:40.0657 17704 hcw85cir - ok17:42:40.0720 17704 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys17:42:40.0751 17704 HdAudAddService - ok17:42:40.0782 17704 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys17:42:40.0829 17704 HDAudBus - ok17:42:40.0876 17704 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys17:42:40.0891 17704 HECIx64 - ok17:42:40.0907 17704 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys17:42:40.0922 17704 HidBatt - ok17:42:40.0954 17704 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys17:42:40.0969 17704 HidBth - ok17:42:40.0985 17704 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys17:42:41.0016 17704 HidIr - ok17:42:41.0047 17704 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll17:42:41.0110 17704 hidserv - ok17:42:41.0172 17704 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys17:42:41.0188 17704 HidUsb - ok17:42:41.0234 17704 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll17:42:41.0312 17704 hkmsvc - ok17:42:41.0375 17704 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll17:42:41.0422 17704 HomeGroupListener - ok17:42:41.0468 17704 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll17:42:41.0500 17704 HomeGroupProvider - ok17:42:41.0578 17704 HP Health Check Service (be78357fb49759b79ccc01894bcfdddb) C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe17:42:41.0593 17704 HP Health Check Service - ok17:42:41.0656 17704 HPDrvMntSvc.exe (2dfb151fd34df104dac0adf070eda83c) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe17:42:41.0671 17704 HPDrvMntSvc.exe - ok17:42:41.0734 17704 hpqwmiex (184c500cb9f69585f3fe85e1d2667cd8) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe17:42:41.0765 17704 hpqwmiex - ok17:42:41.0827 17704 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys17:42:41.0843 17704 HpSAMD - ok17:42:41.0936 17704 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys17:42:42.0030 17704 HTTP - ok17:42:42.0077 17704 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys17:42:42.0077 17704 hwpolicy - ok17:42:42.0170 17704 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys17:42:42.0186 17704 i8042prt - ok17:42:42.0248 17704 iaStor (abbf174cb394f5c437410a788b7e404a) C:\Windows\system32\DRIVERS\iaStor.sys17:42:42.0264 17704 iaStor - ok17:42:42.0389 17704 IAStorDataMgrSvc (31a0e93cdf29007d6c6fffb632f375ed) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe17:42:42.0404 17704 IAStorDataMgrSvc - ok17:42:42.0514 17704 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys17:42:42.0560 17704 iaStorV - ok17:42:42.0685 17704 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe17:42:42.0685 17704 IDriverT ( UnsignedFile.Multi.Generic ) - warning17:42:42.0685 17704 IDriverT - detected UnsignedFile.Multi.Generic (1)17:42:42.0857 17704 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe17:42:42.0888 17704 idsvc - ok17:42:42.0966 17704 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys17:42:42.0982 17704 iirsp - ok17:42:43.0091 17704 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll17:42:43.0184 17704 IKEEXT - ok17:42:43.0340 17704 IntcAzAudAddService (2b888bbdf6962e608a5e1a1d7a626adf) C:\Windows\system32\drivers\RTKVHD64.sys17:42:43.0387 17704 IntcAzAudAddService - ok17:42:43.0543 17704 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys17:42:43.0574 17704 intelide - ok17:42:43.0606 17704 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys17:42:43.0637 17704 intelppm - ok17:42:43.0652 17704 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll17:42:43.0699 17704 IPBusEnum - ok17:42:43.0746 17704 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys17:42:43.0808 17704 IpFilterDriver - ok17:42:43.0902 17704 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll17:42:43.0980 17704 iphlpsvc - ok17:42:44.0058 17704 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys17:42:44.0089 17704 IPMIDRV - ok17:42:44.0152 17704 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys17:42:44.0230 17704 IPNAT - ok17:42:44.0354 17704 iPod Service (9b812a3484d89eb934982d67fb7d9313) C:\Program Files\iPod\bin\iPodService.exe17:42:44.0370 17704 iPod Service - ok17:42:44.0386 17704 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys17:42:44.0432 17704 IRENUM - ok17:42:44.0479 17704 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys17:42:44.0479 17704 isapnp - ok17:42:44.0510 17704 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys17:42:44.0526 17704 iScsiPrt - ok17:42:44.0542 17704 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys17:42:44.0557 17704 kbdclass - ok17:42:44.0573 17704 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys17:42:44.0604 17704 kbdhid - ok17:42:44.0651 17704 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe17:42:44.0666 17704 KeyIso - ok17:42:44.0698 17704 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys17:42:44.0698 17704 KSecDD - ok17:42:44.0729 17704 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys17:42:44.0744 17704 KSecPkg - ok17:42:44.0760 17704 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys17:42:44.0807 17704 ksthunk - ok17:42:44.0869 17704 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll17:42:44.0916 17704 KtmRm - ok17:42:44.0994 17704 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll17:42:45.0041 17704 LanmanServer - ok17:42:45.0088 17704 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll17:42:45.0134 17704 LanmanWorkstation - ok17:42:45.0212 17704 LightScribeService (7550d101bf49fdb1f92666a233ee36c4) c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe17:42:45.0228 17704 LightScribeService ( UnsignedFile.Multi.Generic ) - warning17:42:45.0228 17704 LightScribeService - detected UnsignedFile.Multi.Generic (1)17:42:45.0228 17704 llqyqiad - ok17:42:45.0259 17704 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys17:42:45.0337 17704 lltdio - ok17:42:45.0384 17704 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll17:42:45.0446 17704 lltdsvc - ok17:42:45.0462 17704 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll17:42:45.0493 17704 lmhosts - ok17:42:45.0556 17704 LMS (e38775922d4a4c05b5d96733ab4ce169) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe17:42:45.0587 17704 LMS - ok17:42:45.0634 17704 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys17:42:45.0649 17704 LSI_FC - ok17:42:45.0665 17704 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys17:42:45.0680 17704 LSI_SAS - ok17:42:45.0696 17704 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys17:42:45.0696 17704 LSI_SAS2 - ok17:42:45.0727 17704 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys17:42:45.0727 17704 LSI_SCSI - ok17:42:45.0758 17704 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys17:42:45.0790 17704 luafv - ok17:42:45.0852 17704 LVRS64 (0c85b2b6fb74b36a251792d45e0ef860) C:\Windows\system32\DRIVERS\lvrs64.sys17:42:45.0868 17704 LVRS64 - ok17:42:46.0180 17704 LVUVC64 (ff3a488924b0032b1a9ca6948c1fa9e8) C:\Windows\system32\DRIVERS\lvuvc64.sys17:42:46.0258 17704 LVUVC64 - ok17:42:46.0429 17704 MBAMProtector (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys17:42:46.0445 17704 MBAMProtector - ok17:42:46.0492 17704 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe17:42:46.0507 17704 MBAMService - ok17:42:46.0554 17704 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll17:42:46.0570 17704 Mcx2Svc - ok17:42:46.0601 17704 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys17:42:46.0601 17704 megasas - ok17:42:46.0632 17704 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys17:42:46.0632 17704 MegaSR - ok17:42:46.0648 17704 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll17:42:46.0679 17704 MMCSS - ok17:42:46.0694 17704 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys17:42:46.0741 17704 Modem - ok17:42:46.0757 17704 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys17:42:46.0804 17704 monitor - ok17:42:46.0928 17704 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys17:42:46.0928 17704 mouclass - ok17:42:46.0975 17704 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys17:42:47.0006 17704 mouhid - ok17:42:47.0053 17704 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys17:42:47.0069 17704 mountmgr - ok17:42:47.0162 17704 MpFilter (94c66ededcdb6a126880472f9a704d8e) C:\Windows\system32\DRIVERS\MpFilter.sys17:42:47.0194 17704 MpFilter - ok17:42:47.0225 17704 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys17:42:47.0240 17704 mpio - ok17:42:47.0287 17704 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys17:42:47.0303 17704 mpsdrv - ok17:42:47.0396 17704 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll17:42:47.0459 17704 MpsSvc - ok17:42:47.0506 17704 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys17:42:47.0537 17704 MRxDAV - ok17:42:47.0599 17704 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys17:42:47.0630 17704 mrxsmb - ok17:42:47.0677 17704 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys17:42:47.0740 17704 mrxsmb10 - ok17:42:47.0771 17704 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys17:42:47.0786 17704 mrxsmb20 - ok17:42:47.0833 17704 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys17:42:47.0864 17704 msahci - ok17:42:47.0896 17704 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys17:42:47.0927 17704 msdsm - ok17:42:47.0974 17704 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe17:42:48.0005 17704 MSDTC - ok17:42:48.0036 17704 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys17:42:48.0067 17704 Msfs - ok17:42:48.0083 17704 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys17:42:48.0114 17704 mshidkmdf - ok17:42:48.0130 17704 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys17:42:48.0145 17704 msisadrv - ok17:42:48.0176 17704 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll17:42:48.0223 17704 MSiSCSI - ok17:42:48.0223 17704 msiserver - ok17:42:48.0239 17704 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys17:42:48.0286 17704 MSKSSRV - ok17:42:48.0364 17704 MsMpSvc (59faaf2c83c8169ea20f9e335e418907) c:\Program Files\Microsoft Security Client\MsMpEng.exe17:42:48.0379 17704 MsMpSvc - ok17:42:48.0395 17704 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys17:42:48.0457 17704 MSPCLOCK - ok17:42:48.0457 17704 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys17:42:48.0504 17704 MSPQM - ok17:42:48.0566 17704 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys17:42:48.0582 17704 MsRPC - ok17:42:48.0629 17704 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys17:42:48.0644 17704 mssmbios - ok17:42:48.0660 17704 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys17:42:48.0707 17704 MSTEE - ok17:42:48.0722 17704 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys17:42:48.0722 17704 MTConfig - ok17:42:48.0738 17704 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys17:42:48.0769 17704 Mup - ok17:42:48.0847 17704 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll17:42:48.0910 17704 napagent - ok17:42:48.0988 17704 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys17:42:49.0034 17704 NativeWifiP - ok17:42:49.0112 17704 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys17:42:49.0144 17704 NDIS - ok17:42:49.0159 17704 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys17:42:49.0190 17704 NdisCap - ok17:42:49.0206 17704 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys17:42:49.0237 17704 NdisTapi - ok17:42:49.0284 17704 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys17:42:49.0362 17704 Ndisuio - ok17:42:49.0409 17704 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys17:42:49.0487 17704 NdisWan - ok17:42:49.0518 17704 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys17:42:49.0565 17704 NDProxy - ok17:42:49.0580 17704 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys17:42:49.0643 17704 NetBIOS - ok17:42:49.0690 17704 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys17:42:49.0752 17704 NetBT - ok17:42:49.0799 17704 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe17:42:49.0799 17704 Netlogon - ok17:42:49.0861 17704 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll17:42:49.0924 17704 Netman - ok17:42:50.0033 17704 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe17:42:50.0048 17704 NetMsmqActivator - ok17:42:50.0048 17704 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe17:42:50.0064 17704 NetPipeActivator - ok17:42:50.0111 17704 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll17:42:50.0173 17704 netprofm - ok17:42:50.0267 17704 netr28x (064ab63c9a588d2611306ae16d017e7e) C:\Windows\system32\DRIVERS\netr28x.sys17:42:50.0298 17704 netr28x - ok17:42:50.0392 17704 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe17:42:50.0407 17704 NetTcpActivator - ok17:42:50.0423 17704 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe17:42:50.0438 17704 NetTcpPortSharing - ok17:42:50.0470 17704 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys17:42:50.0470 17704 nfrd960 - ok17:42:50.0532 17704 NisDrv (91b4e0273d2f6c24ef845f2b41311289) C:\Windows\system32\DRIVERS\NisDrvWFP.sys17:42:50.0563 17704 NisDrv - ok17:42:50.0626 17704 NisSrv (10a43829a9e606af3eef25a1c1665923) c:\Program Files\Microsoft Security Client\NisSrv.exe17:42:50.0641 17704 NisSrv - ok17:42:50.0704 17704 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll17:42:50.0766 17704 NlaSvc - ok17:42:50.0984 17704 NOBU (5839a8027d6d324a7cd494051a96628c) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe17:42:51.0031 17704 NOBU - ok17:42:51.0125 17704 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys17:42:51.0172 17704 Npfs - ok17:42:51.0187 17704 npggsvc - ok17:42:51.0203 17704 NPPTNT2 - ok17:42:51.0234 17704 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll17:42:51.0281 17704 nsi - ok17:42:51.0296 17704 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys17:42:51.0328 17704 nsiproxy - ok17:42:51.0452 17704 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys17:42:51.0484 17704 Ntfs - ok17:42:51.0593 17704 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys17:42:51.0655 17704 Null - ok17:42:51.0671 17704 nvarvpwb - ok17:42:51.0718 17704 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys17:42:51.0733 17704 nvraid - ok17:42:51.0749 17704 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys17:42:51.0764 17704 nvstor - ok17:42:51.0796 17704 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys17:42:51.0811 17704 nv_agp - ok17:42:51.0827 17704 oblswhjx - ok17:42:51.0842 17704 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys17:42:51.0858 17704 ohci1394 - ok17:42:51.0936 17704 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE17:42:51.0952 17704 ose - ok17:42:52.0357 17704 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE17:42:52.0466 17704 osppsvc - ok17:42:52.0544 17704 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll17:42:52.0607 17704 p2pimsvc - ok17:42:52.0638 17704 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll17:42:52.0669 17704 p2psvc - ok17:42:52.0716 17704 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys17:42:52.0732 17704 Parport - ok17:42:52.0763 17704 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys17:42:52.0778 17704 partmgr - ok17:42:52.0794 17704 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll17:42:52.0825 17704 PcaSvc - ok17:42:52.0872 17704 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys17:42:52.0903 17704 pci - ok17:42:52.0903 17704 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys17:42:52.0919 17704 pciide - ok17:42:52.0950 17704 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys17:42:52.0950 17704 pcmcia - ok17:42:52.0981 17704 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys17:42:52.0981 17704 pcw - ok17:42:53.0012 17704 pdfcDispatcher - ok17:42:53.0059 17704 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys17:42:53.0106 17704 PEAUTH - ok17:42:53.0200 17704 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe17:42:53.0231 17704 PerfHost - ok17:42:53.0449 17704 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll17:42:53.0512 17704 pla - ok17:42:53.0574 17704 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll17:42:53.0621 17704 PlugPlay - ok17:42:53.0730 17704 PMBDeviceInfoProvider (63694c307273062a2167ae4ce80730ef) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe17:42:53.0746 17704 PMBDeviceInfoProvider - ok17:42:53.0761 17704 PnkBstrA - ok17:42:53.0777 17704 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll17:42:53.0808 17704 PNRPAutoReg - ok17:42:53.0855 17704 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll17:42:53.0886 17704 PNRPsvc - ok17:42:53.0995 17704 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll17:42:54.0042 17704 PolicyAgent - ok17:42:54.0073 17704 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll17:42:54.0120 17704 Power - ok17:42:54.0198 17704 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys17:42:54.0260 17704 PptpMiniport - ok17:42:54.0292 17704 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys17:42:54.0307 17704 Processor - ok17:42:54.0354 17704 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll17:42:54.0401 17704 ProfSvc - ok17:42:54.0432 17704 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe17:42:54.0448 17704 ProtectedStorage - ok17:42:54.0494 17704 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys17:42:54.0557 17704 Psched - ok17:42:54.0666 17704 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys17:42:54.0728 17704 ql2300 - ok17:42:54.0822 17704 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys17:42:54.0838 17704 ql40xx - ok17:42:54.0869 17704 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll17:42:54.0900 17704 QWAVE - ok17:42:54.0916 17704 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys17:42:54.0962 17704 QWAVEdrv - ok17:42:55.0056 17704 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys17:42:55.0150 17704 RasAcd - ok17:42:55.0181 17704 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys17:42:55.0228 17704 RasAgileVpn - ok17:42:55.0259 17704 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll17:42:55.0290 17704 RasAuto - ok17:42:55.0337 17704 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys17:42:55.0384 17704 Rasl2tp - ok17:42:55.0415 17704 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll17:42:55.0462 17704 RasMan - ok17:42:55.0477 17704 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys17:42:55.0524 17704 RasPppoe - ok17:42:55.0555 17704 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys17:42:55.0602 17704 RasSstp - ok17:42:55.0633 17704 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys17:42:55.0680 17704 rdbss - ok17:42:55.0696 17704 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys17:42:55.0711 17704 rdpbus - ok17:42:55.0711 17704 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys17:42:55.0758 17704 RDPCDD - ok17:42:55.0758 17704 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys17:42:55.0805 17704 RDPENCDD - ok17:42:55.0836 17704 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys17:42:55.0852 17704 RDPREFMP - ok17:42:55.0898 17704 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys17:42:55.0930 17704 RDPWD - ok17:42:55.0992 17704 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys17:42:56.0023 17704 rdyboost - ok17:42:56.0070 17704 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll17:42:56.0132 17704 RemoteAccess - ok17:42:56.0164 17704 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll17:42:56.0226 17704 RemoteRegistry - ok17:42:56.0242 17704 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll17:42:56.0288 17704 RpcEptMapper - ok17:42:56.0320 17704 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe17:42:56.0366 17704 RpcLocator - ok17:42:56.0429 17704 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll17:42:56.0476 17704 RpcSs - ok17:42:56.0522 17704 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys17:42:56.0569 17704 rspndr - ok17:42:56.0632 17704 RTL8167 (7ea8d2eb9bbfd2ab8a3117a1e96d3b3a) C:\Windows\system32\DRIVERS\Rt64win7.sys17:42:56.0663 17704 RTL8167 - ok17:42:56.0694 17704 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe17:42:56.0725 17704 SamSs - ok17:42:56.0772 17704 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys17:42:56.0788 17704 sbp2port - ok17:42:56.0803 17704 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll17:42:56.0866 17704 SCardSvr - ok17:42:56.0881 17704 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys17:42:56.0912 17704 scfilter - ok17:42:57.0006 17704 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll17:42:57.0068 17704 Schedule - ok17:42:57.0084 17704 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll17:42:57.0115 17704 SCPolicySvc - ok17:42:57.0131 17704 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll17:42:57.0146 17704 SDRSVC - ok17:42:57.0240 17704 SeaPort (78779ee07231c658b483b1f38b5088df) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE17:42:57.0271 17704 SeaPort - ok17:42:57.0302 17704 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys17:42:57.0365 17704 secdrv - ok17:42:57.0412 17704 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll17:42:57.0474 17704 seclogon - ok17:42:57.0474 17704 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll17:42:57.0505 17704 SENS - ok17:42:57.0521 17704 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll17:42:57.0536 17704 SensrSvc - ok17:42:57.0552 17704 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys17:42:57.0568 17704 Serenum - ok17:42:57.0599 17704 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys17:42:57.0599 17704 Serial - ok17:42:57.0646 17704 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys17:42:57.0677 17704 sermouse - ok17:42:57.0739 17704 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll17:42:57.0786 17704 SessionEnv - ok17:42:57.0802 17704 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys17:42:57.0833 17704 sffdisk - ok17:42:57.0848 17704 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys17:42:57.0864 17704 sffp_mmc - ok17:42:57.0880 17704 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys17:42:57.0895 17704 sffp_sd - ok17:42:57.0911 17704 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys17:42:57.0942 17704 sfloppy - ok17:42:58.0036 17704 Sftfs (c6cc9297bd53e5229653303e556aa539) C:\Windows\system32\DRIVERS\Sftfslh.sys17:42:58.0067 17704 Sftfs - ok17:42:58.0160 17704 sftlist (13693b6354dd6e72dc5131da7d764b90) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe17:42:58.0192 17704 sftlist - ok17:42:58.0223 17704 Sftplay (390aa7bc52cee43f6790cdea1e776703) C:\Windows\system32\DRIVERS\Sftplaylh.sys17:42:58.0238 17704 Sftplay - ok17:42:58.0254 17704 Sftredir (617e29a0b0a2807466560d4c4e338d3e) C:\Windows\system32\DRIVERS\Sftredirlh.sys17:42:58.0270 17704 Sftredir - ok17:42:58.0285 17704 Sftvol (8f571f016fa1976f445147e9e6c8ae9b) C:\Windows\system32\DRIVERS\Sftvollh.sys17:42:58.0301 17704 Sftvol - ok17:42:58.0316 17704 sftvsa (c3cddd18f43d44ab713cf8c4916f7696) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe17:42:58.0332 17704 sftvsa - ok17:42:58.0394 17704 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll17:42:58.0472 17704 SharedAccess - ok17:42:58.0519 17704 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll17:42:58.0597 17704 ShellHWDetection - ok17:42:58.0628 17704 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys17:42:58.0628 17704 SiSRaid2 - ok17:42:58.0644 17704 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys17:42:58.0660 17704 SiSRaid4 - ok17:42:58.0691 17704 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys17:42:58.0738 17704 Smb - ok17:42:58.0769 17704 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe17:42:58.0784 17704 SNMPTRAP - ok17:42:58.0800 17704 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys17:42:58.0816 17704 spldr - ok17:42:58.0878 17704 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe17:42:58.0909 17704 Spooler - ok17:42:59.0268 17704 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe17:42:59.0362 17704 sppsvc - ok17:42:59.0502 17704 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll17:42:59.0549 17704 sppuinotify - ok17:42:59.0627 17704 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys17:42:59.0674 17704 srv - ok17:42:59.0705 17704 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys17:42:59.0720 17704 srv2 - ok17:42:59.0736 17704 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys17:42:59.0752 17704 srvnet - ok17:42:59.0767 17704 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll17:42:59.0830 17704 SSDPSRV - ok17:42:59.0861 17704 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll17:42:59.0876 17704 SstpSvc - ok17:42:59.0923 17704 Steam Client Service - ok17:42:59.0954 17704 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys17:42:59.0970 17704 stexstor - ok17:43:00.0079 17704 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll17:43:00.0157 17704 stisvc - ok17:43:00.0204 17704 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys17:43:00.0235 17704 swenum - ok17:43:00.0282 17704 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll17:43:00.0329 17704 swprv - ok17:43:00.0469 17704 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll17:43:00.0547 17704 SysMain - ok17:43:00.0656 17704 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll17:43:00.0688 17704 TabletInputService - ok17:43:00.0734 17704 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll17:43:00.0797 17704 TapiSrv - ok17:43:00.0828 17704 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll17:43:00.0859 17704 TBS - ok17:43:01.0031 17704 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys17:43:01.0078 17704 Tcpip - ok17:43:01.0296 17704 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys17:43:01.0358 17704 TCPIP6 - ok17:43:01.0452 17704 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys17:43:01.0514 17704 tcpipreg - ok17:43:01.0530 17704 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys17:43:01.0561 17704 TDPIPE - ok17:43:01.0608 17704 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys17:43:01.0624 17704 TDTCP - ok17:43:01.0686 17704 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys17:43:01.0702 17704 tdx - ok17:43:01.0748 17704 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys17:43:01.0780 17704 TermDD - ok17:43:01.0826 17704 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll17:43:01.0889 17704 TermService - ok17:43:01.0904 17704 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll17:43:01.0951 17704 Themes - ok17:43:01.0982 17704 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll17:43:02.0014 17704 THREADORDER - ok17:43:02.0060 17704 TimesUpKidz (856026ed6ec2c8efaa3e048ca6ce5b31) C:\Program Files (x86)\Rain City Digital LLC\TimesUpKidz\TimesUpKidzServer.exe17:43:02.0076 17704 TimesUpKidz ( UnsignedFile.Multi.Generic ) - warning17:43:02.0076 17704 TimesUpKidz - detected UnsignedFile.Multi.Generic (1)17:43:02.0107 17704 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll17:43:02.0154 17704 TrkWks - ok17:43:02.0216 17704 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe17:43:02.0294 17704 TrustedInstaller - ok17:43:02.0326 17704 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys17:43:02.0388 17704 tssecsrv - ok17:43:02.0435 17704 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys17:43:02.0482 17704 TsUsbFlt - ok17:43:02.0544 17704 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys17:43:02.0591 17704 tunnel - ok17:43:02.0622 17704 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys17:43:02.0638 17704 uagp35 - ok17:43:02.0700 17704 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys17:43:02.0778 17704 udfs - ok17:43:02.0809 17704 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe17:43:02.0809 17704 UI0Detect - ok17:43:02.0856 17704 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys17:43:02.0887 17704 uliagpkx - ok17:43:02.0903 17704 uludkfpu - ok17:43:02.0918 17704 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys17:43:02.0950 17704 umbus - ok17:43:02.0981 17704 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys17:43:03.0012 17704 UmPass - ok17:43:03.0215 17704 UMVPFSrv (67a95b9d129ed5399e7965cd09cf30e7) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe17:43:03.0246 17704 UMVPFSrv - ok17:43:03.0418 17704 UNS (02c298382359653bec4c737c2ab7f9c5) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe17:43:03.0480 17704 UNS - ok17:43:03.0574 17704 Updater Service for StartNow Toolbar (70eb41a4417ba0aa36ae12bf2b4d98f6) C:\Program Files (x86)\StartNow Toolbar\ToolbarUpdaterService.exe17:43:03.0605 17704 Updater Service for StartNow Toolbar - ok17:43:03.0714 17704 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll17:43:03.0776 17704 upnphost - ok17:43:03.0839 17704 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys17:43:03.0870 17704 usbaudio - ok17:43:03.0886 17704 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys17:43:03.0917 17704 usbccgp - ok17:43:03.0948 17704 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys17:43:03.0964 17704 usbcir - ok17:43:03.0979 17704 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys17:43:04.0010 17704 usbehci - ok17:43:04.0057 17704 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys17:43:04.0104 17704 usbhub - ok17:43:04.0198 17704 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys17:43:04.0213 17704 usbohci - ok17:43:04.0244 17704 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys17:43:04.0260 17704 usbprint - ok17:43:04.0276 17704 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS17:43:04.0338 17704 USBSTOR - ok17:43:04.0354 17704 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys17:43:04.0369 17704 usbuhci - ok17:43:04.0416 17704 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys17:43:04.0447 17704 usbvideo - ok17:43:04.0463 17704 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll17:43:04.0525 17704 UxSms - ok17:43:04.0556 17704 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe17:43:04.0572 17704 VaultSvc - ok17:43:04.0588 17704 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys17:43:04.0603 17704 vdrvroot - ok17:43:04.0666 17704 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe17:43:04.0744 17704 vds - ok17:43:04.0775 17704 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys17:43:04.0790 17704 vga - ok17:43:04.0806 17704 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys17:43:04.0853 17704 VgaSave - ok17:43:04.0915 17704 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys17:43:04.0946 17704 vhdmp - ok17:43:04.0978 17704 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys17:43:04.0993 17704 viaide - ok17:43:05.0024 17704 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys17:43:05.0040 17704 volmgr - ok17:43:05.0102 17704 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys17:43:05.0134 17704 volmgrx - ok17:43:05.0149 17704 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys17:43:05.0165 17704 volsnap - ok17:43:05.0212 17704 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys17:43:05.0227 17704 vsmraid - ok17:43:05.0368 17704 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe17:43:05.0461 17704 VSS - ok17:43:05.0555 17704 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys17:43:05.0586 17704 vwifibus - ok17:43:05.0617 17704 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys17:43:05.0664 17704 vwififlt - ok17:43:05.0695 17704 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys17:43:05.0742 17704 vwifimp - ok17:43:05.0789 17704 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll17:43:05.0851 17704 W32Time - ok17:43:05.0867 17704 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys17:43:05.0898 17704 WacomPen - ok17:43:05.0960 17704 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys17:43:06.0007 17704 WANARP - ok17:43:06.0023 17704 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys17:43:06.0038 17704 Wanarpv6 - ok17:43:06.0163 17704 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe17:43:06.0210 17704 WatAdminSvc - ok17:43:06.0350 17704 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe17:43:06.0429 17704 wbengine - ok17:43:06.0538 17704 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll17:43:06.0569 17704 WbioSrvc - ok17:43:06.0631 17704 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll17:43:06.0678 17704 wcncsvc - ok17:43:06.0678 17704 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll17:43:06.0694 17704 WcsPlugInService - ok17:43:06.0741 17704 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys17:43:06.0741 17704 Wd - ok17:43:06.0787 17704 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys17:43:06.0819 17704 Wdf01000 - ok17:43:06.0834 17704 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll17:43:06.0912 17704 WdiServiceHost - ok17:43:06.0928 17704 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll17:43:06.0943 17704 WdiSystemHost - ok17:43:07.0006 17704 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll17:43:07.0068 17704 WebClient - ok17:43:07.0099 17704 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll17:43:07.0177 17704 Wecsvc - ok17:43:07.0193 17704 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll17:43:07.0240 17704 wercplsupport - ok17:43:07.0271 17704 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll17:43:07.0318 17704 WerSvc - ok17:43:07.0349 17704 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys17:43:07.0380 17704 WfpLwf - ok17:43:07.0380 17704 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys17:43:07.0396 17704 WIMMount - ok17:43:07.0427 17704 WinDefend - ok17:43:07.0427 17704 WinHttpAutoProxySvc - ok17:43:07.0489 17704 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll17:43:07.0552 17704 Winmgmt - ok17:43:07.0708 17704 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll17:43:07.0786 17704 WinRM - ok17:43:07.0926 17704 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll17:43:07.0989 17704 Wlansvc - ok17:43:08.0207 17704 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE17:43:08.0269 17704 wlidsvc - ok17:43:08.0394 17704 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys17:43:08.0425 17704 WmiAcpi - ok17:43:08.0472 17704 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe17:43:08.0503 17704 wmiApSrv - ok17:43:08.0535 17704 WMPNetworkSvc - ok17:43:08.0566 17704 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll17:43:08.0581 17704 WPCSvc - ok17:43:08.0628 17704 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll17:43:08.0644 17704 WPDBusEnum - ok17:43:08.0706 17704 WRkrn (517d7ec4178a49162e6576b143608bd0) C:\Windows\system32\drivers\WRkrn.sys17:43:08.0706 17704 WRkrn - ok17:43:08.0831 17704 WRSVC (87e02e094ea37680c9dbc394db0de1d7) C:\Program Files\Webroot\WRSA.exe17:43:08.0847 17704 WRSVC - ok17:43:08.0862 17704 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys17:43:08.0893 17704 ws2ifsl - ok17:43:08.0925 17704 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll17:43:08.0940 17704 wscsvc - ok17:43:08.0956 17704 WSearch - ok17:43:09.0205 17704 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll17:43:09.0315 17704 wuauserv - ok17:43:09.0517 17704 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys17:43:09.0595 17704 WudfPf - ok17:43:09.0627 17704 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys17:43:09.0673 17704 WUDFRd - ok17:43:09.0720 17704 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll17:43:09.0751 17704 wudfsvc - ok17:43:09.0783 17704 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll17:43:09.0814 17704 WwanSvc - ok17:43:09.0892 17704 X5XSEx (8c6413d62c891d8da084a31da53a09e6) C:\Program Files (x86)\Free Ride Games\X5XSEx.Sys17:43:09.0892 17704 X5XSEx - ok17:43:09.0970 17704 X6va005 - ok17:43:09.0985 17704 X6va006 - ok17:43:09.0985 17704 X6va007 - ok17:43:10.0079 17704 YahooAUService (dd0042f0c3b606a6a8b92d49afb18ad6) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe17:43:10.0110 17704 YahooAUService - ok17:43:10.0344 17704 ZSMC301b (6e53d1058b900443949c69ec6215d98f) C:\Windows\system32\Drivers\usbVM31b.sys17:43:10.0391 17704 ZSMC301b - ok17:43:10.0407 17704 MBR (0x1B8) (f0e69b6eb79be64fa07d8972cfaa57c7) \Device\Harddisk0\DR017:43:10.0438 17704 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected17:43:10.0438 17704 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0)17:43:10.0485 17704 \Device\Harddisk0\DR0 ( TDSS File System ) - warning17:43:10.0485 17704 \Device\Harddisk0\DR0 - detected TDSS File System (1)17:43:10.0485 17704 Boot (0x1200) (1cf9b51bbd05da01e434c2eaa9adb45b) \Device\Harddisk0\DR0\Partition017:43:10.0485 17704 \Device\Harddisk0\DR0\Partition0 - ok17:43:10.0516 17704 Boot (0x1200) (7c13ed71ef67d7ff359954efb5a9a809) \Device\Harddisk0\DR0\Partition117:43:10.0516 17704 \Device\Harddisk0\DR0\Partition1 - ok17:43:10.0547 17704 Boot (0x1200) (a8c70fd8fc7b90e94eef0eb7d3caa80b) \Device\Harddisk0\DR0\Partition217:43:10.0563 17704 \Device\Harddisk0\DR0\Partition2 - ok17:43:10.0563 17704 ============================================================17:43:10.0563 17704 Scan finished17:43:10.0563 17704 ============================================================17:43:10.0563 14732 Detected object count: 617:43:10.0563 14732 Actual detected object count: 617:43:51.0559 14732 FlipShareServer ( UnsignedFile.Multi.Generic ) - skipped by user17:43:51.0559 14732 FlipShareServer ( UnsignedFile.Multi.Generic ) - User select action: Skip17:43:51.0575 14732 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user17:43:51.0575 14732 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip17:43:51.0575 14732 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user17:43:51.0575 14732 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip17:43:51.0575 14732 TimesUpKidz ( UnsignedFile.Multi.Generic ) - skipped by user17:43:51.0575 14732 TimesUpKidz ( UnsignedFile.Multi.Generic ) - User select action: Skip17:43:52.0355 14732 \Device\Harddisk0\DR0\# - copied to quarantine17:43:52.0355 14732 \Device\Harddisk0\DR0 - copied to quarantine17:43:52.0417 14732 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine17:43:52.0417 14732 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine17:43:52.0433 14732 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine17:43:52.0449 14732 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine17:43:52.0449 14732 \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine17:43:52.0449 14732 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine17:43:52.0449 14732 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine17:43:52.0449 14732 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine17:43:52.0449 14732 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine17:43:52.0464 14732 \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine17:43:52.0464 14732 \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine17:43:52.0464 14732 \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine17:43:52.0511 14732 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - will be cured on reboot17:43:52.0558 14732 \Device\Harddisk0\DR0 - ok17:43:52.0792 14732 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Cure17:43:52.0792 14732 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user17:43:52.0792 14732 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip17:43:55.0350 19680 Deinitialize success Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted June 18, 2012 Root Admin ID:561782 Share Posted June 18, 2012 Yes, that looks like you did it correctly.You need to decide if you want to keep Webroot SecureAnywhere or Microsoft Security Essentials as they are both Anti-Virus products and you can only have one Anti-Virus product at a time installed as it will normally cause conflicts. Please uninstall one of them and update whichever one you keep and do a System Scan with it.Also update Malwarebytes and do a Quick Scan with it as well and send me back both logs on your next reply.Next, download Security Check from here or here.Save it to your Desktop.Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.A Notepad document should open automatically called checkup.txt; please post the contents of that document on your next reply.Thanks Link to post Share on other sites More sharing options...
mullerfour Posted June 19, 2012 Author ID:562091 Share Posted June 19, 2012 Hello!OK. I uninstalled MSE. Scanned with Webroot and Malwarebytes (after updating), and am posting the malwarebytes log file, and the checkup.txt that you had me do. It won't let me post the webroot log file - too long? Awaiting further instruction...... Thank yoU!Malwarebytes Anti-Malware (Trial) 1.61.0.1400www.malwarebytes.orgDatabase version: v2012.06.19.06Windows 7 Service Pack 1 x64 NTFSInternet Explorer 9.0.8112.16421four :: FOUR-HP [administrator]Protection: Enabled6/19/2012 3:19:10 PMmbam-log-2012-06-19 (15-19-10).txtScan type: Quick scanScan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUMScan options disabled: P2PObjects scanned: 286516Time elapsed: 5 minute(s), 6 second(s)Memory Processes Detected: 0(No malicious items detected)Memory Modules Detected: 0(No malicious items detected)Registry Keys Detected: 0(No malicious items detected)Registry Values Detected: 0(No malicious items detected)Registry Data Items Detected: 0(No malicious items detected)Folders Detected: 0(No malicious items detected)Files Detected: 0(No malicious items detected)(end) Results of screen317's Security Check version 0.99.42 Windows 7 Service Pack 1 x64 (UAC is disabled!) Internet Explorer 9 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! Webroot SecureAnywhere Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware version 1.61.0.1400 Java 6 Update 30 Java version out of Date! Adobe Reader X (10.1.3) Google Chrome 19.0.1084.52 Google Chrome 19.0.1084.56 ````````Process Check: objlist.exe by Laurent```````` Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbamgui.exe Symantec Norton Online Backup NOBuAgent.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: 0%````````````````````End of Log`````````````````````` Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted June 20, 2012 Root Admin ID:562210 Share Posted June 20, 2012 Hi ,Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system. Please follow these steps to remove older version Java components and update. Download the latest version of Java Runtime Environment (JRE) 7 and Save it to your Desktop. http://www.oracle.com/technetwork/java/javase/downloads/index.html Scroll down to where it says Java SE 7u5 Click the Download button under JRE to the right. Read the License Agreement then select Accept License Agreement Click on the link to download Windows x86 Offline and save the file to your desktop. Close any programs you may have running - especially your web browser. Go to Start > Control Panel, double-click on Add or Remove Programs and remove all older versions of Java. Check (highlight) any item with Java Runtime Environment (JRE or J2SE or Java 6) in the name. Click the Remove or Change/Remove button. Repeat as many times as necessary to remove each Java versions. Reboot your computer once all Java components are removed. Then from your desktop double-click on jre-7u5-windows-i586.exe to install the newest version. After the install is complete, go into the Control Panel (using Classic View) and double-click the Java Icon. (looks like a coffee cup) On the General tab, under Temporary Internet Files, click the Settings button. Next, click on the Delete Files button There are two options in the window to clear the cache - Leave BOTH Checked Applications and Applets Trace and Log Files Click OK on Delete Temporary Files Window Note: This deletes ALL the Downloaded Applications and Applets from the CACHE. Click OK to leave the Temporary Files Window Click OK to leave the Java Control Panel.The Malwarebytes log looked clean. Are there still any IP blocks or other issues going on related to this with the computer? Link to post Share on other sites More sharing options...
mullerfour Posted June 20, 2012 Author ID:562520 Share Posted June 20, 2012 OK, updated the Java and deleted the files per your instruction. All my scans come up clean, and there have been no IP blocks or anything - am I cured? I owe you a beer, for sure! Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted June 20, 2012 Root Admin ID:562525 Share Posted June 20, 2012 If both Malwarebytes and your Anti-Virus scans are now all clean and no more IP blocks ongoing then I would say the system appears to be clean now.Please see the following post So how did I get infected in the first place?Then let me know if there are any other concerns or issues before we finish up and close our topic here. Thanks Link to post Share on other sites More sharing options...
mullerfour Posted June 21, 2012 Author ID:562963 Share Posted June 21, 2012 Hello!Things still seem ok - no IP blocks, nothing found by anti-virus or Malwarebytes. I read the article and have taken some further steps to protect my computer. FYI, the browser security test link at the end of the article is no longer active....I appear to have been cured! Again, I am extremely grateful for your guidance and assistance! Link to post Share on other sites More sharing options...
Maurice Naggar Posted June 26, 2012 ID:564431 Share Posted June 26, 2012 Hello mullerfour,Glad to see your system is well.We can wrap this up now.If you have a problem with these steps, or something does not quite work here, do let me know.The following few steps will remove tools used. Download OTC to your desktop and run itClick Yes to beginning the Cleanup process and remove these components, including this application.You will be asked to reboot the machine to finish the Cleanup process. Choose Yes.Delete TDSSKILLER.exe if still present.Safer practices & malware preventionHave a hardware router between the incoming internet-modem and your computer.Configure your Antivirus software to check for updates daily, at a time in which you are sure the computer will be on.Check in at Windows Update and install any Critical Updates offered.Make certain that Automatic Updates is enabled.How to configure and use Automatic Updates in Windowshttp://support.microsoft.com/kb/306525Check on other update issues as well, visit Secunia Online Software Inspector (OSI)See How to detect vulnerable and out-dated programs using Secunia Personal Software InspectorDownload, install, and keep updated Spyware Blaster (free): http://www.javacools...areblaster.html (all Protections should be enabled at all times)I'd recommend that you get and use MVP Mike Burgess' custom hosts file http://mvps.org/winhelp2002/hosts.htmSee the FAQ page http://mvps.org/winh...02/hostsfaq.htmThat would help to keep your browser away from known spyware/malware sites.Make regular backups of your system to removable media: DVD, USB external hard drive, etc.Having a total image backup of your system stored on DVD/CD is highly important.Get and make use of imaging-backup utilities and save them to offline media. That way you have something to fall back to if another disaster hits.Examples of image backup software: Acronis True Image, or the free (for personal use) Macrium Reflect http://www.macrium.com/reflectfree.aspor Paragon Backup & Recovery http://www.paragon-s...e/download.htmlConsider using Web of Trust WOT add-on for your browser(s)http://www.mywot.com/en/downloadhttp://www.mywot.com/en/faq/add-onOn some regular schedule, it is a good idea to do an online scan for viruses and malware. Here is a very short list of sites where this may be done:ESET Online ScannerPanda ActiveScanTrend Micro HousecallF-Secure Online ScannerSee Six tips to help you stay safer onlineNever, ever download free games, free tools, videos, mutli-media files or anything free unless you can be absolutely sure the source is safe !Best regards. Link to post Share on other sites More sharing options...
Staff screen317 Posted July 2, 2012 Staff ID:566307 Share Posted July 2, 2012 Glad we could help. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread. Thanks! Link to post Share on other sites More sharing options...
Recommended Posts