please help!

mullerfour · June 17, 2012

Downloaded Malwarebytes and it keeps finding the same two items but is not successful in removing them! They are (Trojan.Agent File and Memory Process C:\Windows\svchost.exe). I am also getting repeated blocks (outgoing) to 206.161.121.6. I ran DDS per your instructions and am including the logs here. I so appreciate any help you might offer!

.

DDS (Ver_2011-08-26.01) - NTFSAMD64

Internet Explorer: 9.0.8112.16421

Run by four at 18:07:50 on 2012-06-17

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8119.5409 [GMT -4:00]

.

AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}

AV: Webroot SecureAnywhere *Enabled/Updated* {9C0666FC-6C7D-3E97-3C40-0C6B33FC7401}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: Webroot SecureAnywhere *Enabled/Updated* {27678718-4A47-3119-06F0-3719487B3EBC}

SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Program Files\Webroot\WRSA.exe

C:\Windows\system32\svchost.exe -k RPCSS

c:\Program Files\Microsoft Security Client\MsMpEng.exe

C:\Windows\system32\atiesrxx.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\atieclxx.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files (x86)\Bonjour\mDNSResponder.exe

C:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exe

C:\Program Files (x86)\Flip Video\FlipShareServer\FlipShareServer.exe

C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe

c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe

C:\Program Files (x86)\PDF Complete\pdfsvc.exe

C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe

C:\Windows\system32\taskhost.exe

C:\Program Files\Webroot\WRSA.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\SysWOW64\PnkBstrA.exe

C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE

C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

C:\Program Files (x86)\Rain City Digital LLC\TimesUpKidz\TimesUpKidzServer.exe

C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe

C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe

C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE

C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe

-netsvcs

C:\Windows\system32\conhost.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\WUDFHost.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Windows\system32\DllHost.exe

C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

C:\Windows\system32\wuauclt.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\conhost.exe

C:\Windows\SysWOW64\cscript.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.com/ig

uInternet Settings,ProxyOverride = *.local

uURLSearchHooks: FCToolbarURLSearchHook Class: {3d68e927-6002-6bb4-7940-c297f1177192} - C:\Program Files (x86)\Shopping4Causes Shopping Plugin\Helper.dll

uURLSearchHooks: H - No File

mURLSearchHooks: PhotoJoy US Toolbar: {f2c43291-151e-499c-98a7-923c120b88fa} - C:\Program Files (x86)\PhotoJoy_US\prxtbPhot.dll

BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: StartNow Toolbar Helper: {6e13d095-45c3-4271-9475-f3b48227dd9f} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll

BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll

BHO: Shopping4Causes Shopping Plugin: {7c4155b9-efe5-2364-45e9-6679a6060ed5} - C:\Program Files (x86)\Shopping4Causes Shopping Plugin\Toolbar.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

BHO: Webroot Browser Helper Object: {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} - C:\ProgramData\WRData\pkg\LPBar.dll

BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

BHO: PhotoJoy US Toolbar: {f2c43291-151e-499c-98a7-923c120b88fa} - C:\Program Files (x86)\PhotoJoy_US\prxtbPhot.dll

BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll

TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"

TB: PhotoJoy US Toolbar: {f2c43291-151e-499c-98a7-923c120b88fa} - C:\Program Files (x86)\PhotoJoy_US\prxtbPhot.dll

TB: StartNow Toolbar: {5911488e-9d1e-40ec-8cbb-06b231cc153f} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll

TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll

TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

TB: Webroot Toolbar: {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\pkg\LPBar.dll

TB: {5E5AB302-7F65-44CD-8211-C1D4CAACCEA3} - No File

uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

uRun: [Facebook Update] "C:\Users\four\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver

uRun: [HydraVisionDesktopManager] "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"

mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

mRun: [iJNetworkScanUtility] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe

mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [WRSVC] "C:\Program Files\Webroot\WRSA.exe" -ul

mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

mRun: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml

dRun: [Exetender] "C:\Program Files (x86)\Free Ride Games\GPlayer.exe" /runonstartup

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\TIMESU~1.LNK - C:\Windows\Installer\{837DA79C-B12B-4709-9B9B-16D1468E418A}\_79F931C029ED8E76188721.exe

uPolicies-explorer: NoViewOnDrive = 0 (0x0)

uPolicies-explorer: DisableLocalMachineRun = 0 (0x0)

uPolicies-explorer: DisableLocalMachineRunOnce = 0 (0x0)

uPolicies-explorer: DisableCurrentUserRun = 0 (0x0)

uPolicies-explorer: DisableCurrentUserRunOnce = 0 (0x0)

uPolicies-explorer: NoFile = 0 (0x0)

uPolicies-explorer: HideClock = 0 (0x0)

uPolicies-explorer: NoDevMgrUpdate = 0 (0x0)

uPolicies-explorer: NoDFSTab = 0 (0x0)

uPolicies-explorer: NoWindowsUpdate = 0 (0x0)

uPolicies-explorer: NoEncryptOnMove = 0 (0x0)

uPolicies-explorer: NoResolveTrack = 0 (0x0)

uPolicies-explorer: NoStartMenuSubFolders = 0 (0x0)

uPolicies-system: NoDispAppearancePage = 0 (0x0)

uPolicies-system: NoDispSettingsPage = 0 (0x0)

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-explorer: NoViewOnDrive = 0 (0x0)

mPolicies-explorer: DisableLocalMachineRun = 0 (0x0)

mPolicies-explorer: DisableLocalMachineRunOnce = 0 (0x0)

mPolicies-explorer: DisableCurrentUserRun = 0 (0x0)

mPolicies-explorer: DisableCurrentUserRunOnce = 0 (0x0)

mPolicies-explorer: NoFile = 0 (0x0)

mPolicies-explorer: HideClock = 0 (0x0)

mPolicies-explorer: NoDevMgrUpdate = 0 (0x0)

mPolicies-explorer: NoDFSTab = 0 (0x0)

mPolicies-explorer: NoWindowsUpdate = 0 (0x0)

mPolicies-explorer: NoEncryptOnMove = 0 (0x0)

mPolicies-explorer: NoResolveTrack = 0 (0x0)

mPolicies-explorer: NoStartMenuSubFolders = 0 (0x0)

mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

mPolicies-system: PromptOnSecureDesktop = 0 (0x0)

mPolicies-system: EnableLUA = 0 (0x0)

mPolicies-system: NoDispAppearancePage = 0 (0x0)

mPolicies-system: NoDispSettingsPage = 0 (0x0)

dPolicies-explorer: NoViewOnDrive = 0 (0x0)

dPolicies-explorer: DisableLocalMachineRun = 0 (0x0)

dPolicies-explorer: DisableLocalMachineRunOnce = 0 (0x0)

dPolicies-explorer: DisableCurrentUserRun = 0 (0x0)

dPolicies-explorer: DisableCurrentUserRunOnce = 0 (0x0)

dPolicies-explorer: NoFile = 0 (0x0)

dPolicies-explorer: HideClock = 0 (0x0)

dPolicies-explorer: NoDevMgrUpdate = 0 (0x0)

dPolicies-explorer: NoDFSTab = 0 (0x0)

dPolicies-explorer: NoWindowsUpdate = 0 (0x0)

dPolicies-explorer: NoEncryptOnMove = 0 (0x0)

dPolicies-explorer: NoResolveTrack = 0 (0x0)

dPolicies-explorer: NoStartMenuSubFolders = 0 (0x0)

dPolicies-system: NoDispAppearancePage = 0 (0x0)

dPolicies-system: NoDispSettingsPage = 0 (0x0)

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {43699cd0-e34f-11de-8a39-0800200c9a66} - {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} - C:\ProgramData\WRData\pkg\LPBar.dll

DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} -

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab

DPF: {C53BDC3D-19A0-4062-BF34-0897A4E6A6A2} - hxxps://www.wildpockets.com/common/WildPocketsLoader-17822.cab

DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab

TCP: DhcpNameServer = 10.0.1.1

TCP: Interfaces\{143481A9-ABDD-4EC4-B7EB-D5EE3A722FA3} : DhcpNameServer = 10.0.1.1

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

BHO-X64: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll

BHO-X64: 0x1 - No File

BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO-X64: AcroIEHelperStub - No File

BHO-X64: StartNow Toolbar Helper: {6E13D095-45C3-4271-9475-F3B48227DD9F} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll

BHO-X64: StartNow Toolbar Helper - No File

BHO-X64: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll

BHO-X64: Shopping4Causes Shopping Plugin: {7C4155B9-EFE5-2364-45E9-6679A6060ED5} - C:\Program Files (x86)\Shopping4Causes Shopping Plugin\Toolbar.dll

BHO-X64: FCTBPos00Pos - No File

BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

BHO-X64: Webroot Browser Helper Object: {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} - C:\ProgramData\WRData\pkg\LPBar.dll

BHO-X64: Webroot Browser Helper Object - No File

BHO-X64: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"

BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

BHO-X64: PhotoJoy US Toolbar: {f2c43291-151e-499c-98a7-923c120b88fa} - C:\Program Files (x86)\PhotoJoy_US\prxtbPhot.dll

BHO-X64: PhotoJoy US - No File

BHO-X64: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll

TB-X64: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"

TB-X64: PhotoJoy US Toolbar: {f2c43291-151e-499c-98a7-923c120b88fa} - C:\Program Files (x86)\PhotoJoy_US\prxtbPhot.dll

TB-X64: StartNow Toolbar: {5911488E-9D1E-40ec-8CBB-06B231CC153F} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll

TB-X64: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll

TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

TB-X64: Webroot Toolbar: {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\pkg\LPBar.dll

TB-X64: {5E5AB302-7F65-44CD-8211-C1D4CAACCEA3} - No File

mRun-x64: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

mRun-x64: [iJNetworkScanUtility] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe

mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun-x64: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe

mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun-x64: [WRSVC] "C:\Program Files\Webroot\WRSA.exe" -ul

mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

mRun-x64: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

mRun-x64: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml

.

============= SERVICES / DRIVERS ===============

.

R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?]

R0 WRkrn;WRkrn;C:\Windows\system32\drivers\WRkrn.sys --> C:\Windows\system32\drivers\WRkrn.sys [?]

R1 MpKsl54f09428;MpKsl54f09428;C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{731234C3-A99A-41AC-960B-52ED82FEFD9A}\MpKsl54f09428.sys [2012-6-17 35664]

R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]

R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928]

R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]

R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]

R2 FlipShareServer;FlipShare Server;C:\Program Files (x86)\Flip Video\FlipShareServer\FlipShareServer.exe [2011-5-6 1085440]

R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2010-10-14 92216]

R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-8-20 13336]

R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-6-16 654408]

R2 NOBU;Norton Online Backup;C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2010-6-1 2804568]

R2 pdfcDispatcher;PDF Document Manager;C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2010-8-20 635416]

R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2010-11-27 398176]

R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]

R2 TimesUpKidz;TimesUpKidz;C:\Program Files (x86)\Rain City Digital LLC\TimesUpKidz\TimesUpKidzServer.exe [2010-12-19 11264]

R2 UMVPFSrv;UMVPFSrv;C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe [2012-1-18 450848]

R2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-8-20 2320920]

R2 WRSVC;WRSVC;C:\Program Files\Webroot\WRSA.exe [2012-6-6 684240]

R2 X5XSEx;X5XSEx;C:\Program Files (x86)\Free Ride Games\X5XSEx.sys [2012-1-16 55400]

R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]

R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]

R3 HECIx64;Intel® Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]

R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]

R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\system32\DRIVERS\netr28x.sys --> C:\Windows\system32\DRIVERS\netr28x.sys [?]

R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]

R3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sys --> C:\Windows\system32\DRIVERS\Sftfslh.sys [?]

R3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftplaylh.sys --> C:\Windows\system32\DRIVERS\Sftplaylh.sys [?]

R3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftredirlh.sys --> C:\Windows\system32\DRIVERS\Sftredirlh.sys [?]

R3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh.sys --> C:\Windows\system32\DRIVERS\Sftvollh.sys [?]

R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]

R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]

S2 CLKMSVC10_C6F09094;CyberLink Product - 2010/08/20 19:23:26;C:\Program Files (x86)\Hewlett-Packard\Media\DVD\Kernel\HDDVD\NavFilter\kmsvc.exe [2010-8-20 245232]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-9-14 136176]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-23 257224]

S3 DCamUSBVM;Lenovo Q350 USB PC Camera;C:\Windows\system32\Drivers\usbVM31b.sys --> C:\Windows\system32\Drivers\usbVM31b.sys [?]

S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]

S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-9-14 136176]

S3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\system32\DRIVERS\lvrs64.sys --> C:\Windows\system32\DRIVERS\lvrs64.sys [?]

S3 LVUVC64;Logitech Webcam Pro 9000(UVC);C:\Windows\system32\DRIVERS\lvuvc64.sys --> C:\Windows\system32\DRIVERS\lvuvc64.sys [?]

S3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?]

S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-3-26 291696]

S3 npggsvc;nProtect GameGuard Service;C:\Windows\system32\GameMon.des -service --> C:\Windows\system32\GameMon.des -service [?]

S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]

S4 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-3-15 183560]

S4 CinemaNow Service;CinemaNow Service;C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe [2010-6-12 400368]

S4 Updater Service for StartNow Toolbar;Updater Service for StartNow Toolbar;C:\Program Files (x86)\StartNow Toolbar\ToolbarUpdaterService.exe [2011-10-25 244960]

.

=============== File Associations ===============

.

inffile=%SystemRoot%\SysWow64\NOTEPAD.EXE %1

inifile=%SystemRoot%\SysWow64\NOTEPAD.EXE %1

JSEFile="%SystemRoot%\System32\WScript.exe" "%1" %*

txtfile=%SystemRoot%\SysWow64\NOTEPAD.EXE %1

.

=============== Created Last 30 ================

.

2012-06-17 15:38:11 69000 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{731234C3-A99A-41AC-960B-52ED82FEFD9A}\offreg.dll

2012-06-17 15:38:04 20480 ----a-w- C:\Windows\svchost.exe

2012-06-17 15:37:12 35664 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{731234C3-A99A-41AC-960B-52ED82FEFD9A}\MpKsl54f09428.sys

2012-06-17 15:16:57 -------- d-----w- C:\ProgramData\AMD

2012-06-17 15:16:56 -------- d-----w- C:\Program Files (x86)\AMD AVT

2012-06-17 15:16:55 -------- d-----w- C:\Program Files (x86)\AMD APP

2012-06-17 14:32:00 8955792 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{731234C3-A99A-41AC-960B-52ED82FEFD9A}\mpengine.dll

2012-06-16 20:38:59 -------- d-----w- C:\Users\four\AppData\Roaming\Malwarebytes

2012-06-16 20:38:51 -------- d-----w- C:\ProgramData\Malwarebytes

2012-06-16 20:38:50 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys

2012-06-16 20:38:50 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2012-06-16 00:22:51 8955792 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll

2012-06-13 12:48:35 927800 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{2D34FC98-D238-4B71-AF93-0280343646EE}\gapaengine.dll

2012-06-13 10:31:04 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe

2012-06-13 10:31:04 77312 ----a-w- C:\Windows\System32\rdpwsx.dll

2012-06-13 10:31:04 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll

2012-06-13 10:31:01 209920 ----a-w- C:\Windows\System32\profsvc.dll

2012-06-13 10:30:56 3146752 ----a-w- C:\Windows\System32\win32k.sys

2012-06-13 10:30:54 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys

2012-06-13 10:30:51 3216384 ----a-w- C:\Windows\System32\msi.dll

2012-06-13 10:30:49 2342400 ----a-w- C:\Windows\SysWow64\msi.dll

2012-06-13 10:30:43 1462272 ----a-w- C:\Windows\System32\crypt32.dll

2012-06-13 10:30:42 184320 ----a-w- C:\Windows\System32\cryptsvc.dll

2012-06-13 10:30:42 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll

2012-06-13 10:30:42 140288 ----a-w- C:\Windows\System32\cryptnet.dll

2012-06-13 10:30:42 1158656 ----a-w- C:\Windows\SysWow64\crypt32.dll

2012-06-13 10:30:42 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll

2012-06-10 20:41:03 -------- d-----w- C:\Users\four\AppData\Roaming\.edmiester777

2012-06-08 20:25:20 -------- d-----w- C:\Users\four\AppData\Local\pesterchum

2012-06-08 20:24:45 -------- d-----w- C:\Pesterchum

2012-06-07 02:16:24 7021336 ----a-w- C:\Program Files (x86)\Common Files\wruninstall.exe

2012-06-07 02:16:00 -------- d-----w- C:\Users\four\AppData\Local\lptmp981689726

2012-06-07 02:15:18 148664 ----a-w- C:\Windows\SysWow64\WRusr.dll

2012-06-07 02:15:18 101808 ----a-w- C:\Windows\System32\WRusr.dll

2012-06-07 02:15:17 112656 ----a-w- C:\Windows\System32\drivers\WRkrn.sys

2012-06-07 02:15:15 -------- d-----w- C:\Program Files\Webroot

2012-06-07 02:15:14 -------- d-----w- C:\ProgramData\WRData

2012-06-04 23:22:22 -------- d-----w- C:\Users\four\AppData\Local\{4A0D9C50-76C6-45B0-A609-850E959DE7F7}

2012-06-04 23:22:12 -------- d-----w- C:\Users\four\AppData\Local\{8208C93B-1E1F-4F9E-AFA7-D3E0DA89C082}

2012-06-04 22:42:35 -------- d-----w- C:\Users\four\AppData\Local\{491DBD74-B6BA-47C3-BD06-970FFDFD94BC}

2012-06-04 22:42:25 -------- d-----w- C:\Users\four\AppData\Local\{6C60F1A4-6A30-4751-85C1-E1A0B5830C9B}

2012-06-03 22:15:50 -------- d-----w- C:\Users\four\AppData\Local\Facebook

2012-05-20 13:32:34 -------- d-----w- C:\Users\four\jagexcache

2012-05-19 20:49:10 -------- d-----w- C:\Program Files (x86)\Doomsday

.

==================== Find3M ====================

.

2012-06-16 23:13:50 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2012-06-16 23:13:50 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2012-05-18 02:06:48 2311680 ----a-w- C:\Windows\System32\jscript9.dll

2012-05-18 01:59:14 1392128 ----a-w- C:\Windows\System32\wininet.dll

2012-05-18 01:58:39 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl

2012-05-18 01:55:22 173056 ----a-w- C:\Windows\System32\ieUnatt.exe

2012-05-18 01:51:30 2382848 ----a-w- C:\Windows\System32\mshtml.tlb

2012-05-17 22:45:37 1800192 ----a-w- C:\Windows\SysWow64\jscript9.dll

2012-05-17 22:35:47 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll

2012-05-17 22:35:39 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl

2012-05-17 22:29:45 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe

2012-05-17 22:24:45 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2012-05-05 09:16:20 8744608 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe

2012-04-28 15:17:14 466456 ----a-w- C:\Windows\System32\wrap_oal.dll

2012-04-28 15:17:14 444952 ----a-w- C:\Windows\SysWow64\wrap_oal.dll

2012-04-28 15:17:14 122904 ----a-w- C:\Windows\System32\OpenAL32.dll

2012-04-28 15:17:14 109080 ----a-w- C:\Windows\SysWow64\OpenAL32.dll

2012-04-06 05:22:40 11174400 ----a-w- C:\Windows\System32\drivers\atikmdag.sys

2012-04-06 02:34:26 187392 ----a-w- C:\Windows\System32\clinfo.exe

2012-04-06 02:34:10 74752 ----a-w- C:\Windows\System32\OpenVideo64.dll

2012-04-06 02:34:04 64512 ----a-w- C:\Windows\SysWow64\OpenVideo.dll

2012-04-06 02:33:56 63488 ----a-w- C:\Windows\System32\OVDecode64.dll

2012-04-06 02:33:52 56320 ----a-w- C:\Windows\SysWow64\OVDecode.dll

2012-04-06 02:33:44 16457216 ----a-w- C:\Windows\System32\amdocl64.dll

2012-04-06 02:32:56 13007872 ----a-w- C:\Windows\SysWow64\amdocl.dll

2012-04-06 02:32:08 54784 ----a-w- C:\Windows\System32\OpenCL.dll

2012-04-06 02:32:04 50176 ----a-w- C:\Windows\SysWow64\OpenCL.dll

2012-04-06 02:22:00 159744 ----a-w- C:\Windows\System32\atiapfxx.exe

2012-04-06 02:21:52 909312 ----a-w- C:\Windows\SysWow64\aticfx32.dll

2012-04-06 02:20:04 1067520 ----a-w- C:\Windows\System32\aticfx64.dll

2012-04-06 02:16:52 442368 ----a-w- C:\Windows\System32\ATIDEMGX.dll

2012-04-06 02:16:46 503808 ----a-w- C:\Windows\System32\atieclxx.exe

2012-04-06 02:16:02 236544 ----a-w- C:\Windows\System32\atiesrxx.exe

2012-04-06 02:14:44 120320 ----a-w- C:\Windows\System32\atitmm64.dll

2012-04-06 02:14:30 21504 ----a-w- C:\Windows\System32\atimuixx.dll

2012-04-06 02:14:26 59392 ----a-w- C:\Windows\System32\atiedu64.dll

2012-04-06 02:14:20 43520 ----a-w- C:\Windows\SysWow64\ati2edxx.dll

2012-04-06 02:13:42 6800896 ----a-w- C:\Windows\SysWow64\atidxx32.dll

2012-04-06 02:10:50 26181632 ----a-w- C:\Windows\System32\atio6axx.dll

2012-04-06 02:00:10 64000 ----a-w- C:\Windows\System32\coinst.dll

2012-04-06 01:54:46 7479296 ----a-w- C:\Windows\System32\atidxx64.dll

2012-04-06 01:50:56 19753984 ----a-w- C:\Windows\SysWow64\atioglxx.dll

2012-04-06 01:35:24 1120768 ----a-w- C:\Windows\System32\atiumd6v.dll

2012-04-06 01:34:50 1831424 ----a-w- C:\Windows\SysWow64\atiumdmv.dll

2012-04-06 01:34:34 4731904 ----a-w- C:\Windows\System32\atiumd6a.dll

2012-04-06 01:34:04 6203392 ----a-w- C:\Windows\SysWow64\atiumdag.dll

2012-04-06 01:30:16 51200 ----a-w- C:\Windows\System32\aticalrt64.dll

2012-04-06 01:30:14 46080 ----a-w- C:\Windows\SysWow64\aticalrt.dll

2012-04-06 01:30:08 44544 ----a-w- C:\Windows\System32\aticalcl64.dll

2012-04-06 01:30:06 44032 ----a-w- C:\Windows\SysWow64\aticalcl.dll

2012-04-06 01:29:54 16090624 ----a-w- C:\Windows\System32\aticaldd64.dll

2012-04-06 01:25:30 13764096 ----a-w- C:\Windows\SysWow64\aticaldd.dll

2012-04-06 01:23:24 7431680 ----a-w- C:\Windows\System32\atiumd64.dll

2012-04-06 01:22:54 4795904 ----a-w- C:\Windows\SysWow64\atiumdva.dll

2012-04-06 01:11:28 514560 ----a-w- C:\Windows\System32\atiadlxx.dll

2012-04-06 01:11:20 360448 ----a-w- C:\Windows\SysWow64\atiadlxy.dll

2012-04-06 01:11:06 17408 ----a-w- C:\Windows\System32\atig6pxx.dll

2012-04-06 01:11:04 14848 ----a-w- C:\Windows\SysWow64\atiglpxx.dll

2012-04-06 01:11:04 14848 ----a-w- C:\Windows\System32\atiglpxx.dll

2012-04-06 01:11:00 41984 ----a-w- C:\Windows\System32\atig6txx.dll

2012-04-06 01:10:52 33280 ----a-w- C:\Windows\SysWow64\atigktxx.dll

2012-04-06 01:10:44 343040 ----a-w- C:\Windows\System32\drivers\atikmpag.sys

2012-04-06 01:09:56 54784 ----a-w- C:\Windows\System32\atiuxp64.dll

2012-04-06 01:09:48 41984 ----a-w- C:\Windows\SysWow64\atiuxpag.dll

2012-04-06 01:09:42 44544 ----a-w- C:\Windows\System32\atiu9p64.dll

2012-04-06 01:09:34 32256 ----a-w- C:\Windows\SysWow64\atiu9pag.dll

2012-04-06 01:09:02 53248 ----a-w- C:\Windows\System32\drivers\ati2erec.dll

2012-04-06 01:06:08 54784 ----a-w- C:\Windows\System32\atimpc64.dll

2012-04-06 01:06:08 54784 ----a-w- C:\Windows\System32\amdpcom64.dll

2012-04-06 01:06:04 53760 ----a-w- C:\Windows\SysWow64\atimpc32.dll

2012-04-06 01:06:04 53760 ----a-w- C:\Windows\SysWow64\amdpcom32.dll

2012-03-31 06:05:57 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe

2012-03-31 04:39:37 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe

2012-03-31 04:39:37 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe

2012-03-30 11:35:47 1918320 ----a-w- C:\Windows\System32\drivers\tcpip.sys

2012-03-21 00:44:12 98688 ----a-w- C:\Windows\System32\drivers\NisDrvWFP.sys

2012-03-21 00:44:12 203888 ----a-w- C:\Windows\System32\drivers\MpFilter.sys

.

============= FINISH: 18:09:17.35 ===============

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows 7 Home Premium

Boot Device: \Device\HarddiskVolume1

Install Date: 11/28/2010 6:47:57 AM

System Uptime: 6/17/2012 11:36:24 AM (7 hours ago)

.

Motherboard: MSI | | 2A9C

Processor: Intel® Core i5 CPU 650 @ 3.20GHz | CPU 1 | 3201/133mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 919 GiB total, 547.534 GiB free.

D: is FIXED (NTFS) - 12 GiB total, 1.484 GiB free.

E: is CDROM ()

G: is Removable

H: is Removable

I: is Removable

J: is Removable

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP217: 6/14/2012 3:00:11 AM - Windows Update

RP218: 6/15/2012 3:00:12 AM - Windows Update

RP219: 6/16/2012 3:00:11 AM - Windows Update

RP220: 6/17/2012 3:00:12 AM - Windows Update

RP221: 6/17/2012 11:17:42 AM - Windows Update

.

==== Installed Programs ======================

.

7-Zip 9.20

ActiveCheck component for HP Active Support Library

Adobe AIR

Adobe Flash Player 11 Plugin

Adobe Reader X (10.1.3)

Age of Chivalry

Alien Zombie Megadeath

Alliance of Valiant Arms

Amnesia: The Dark Descent Demo

Anime Studio Debut 7.0

APB Reloaded

Apple Application Support

Apple Software Update

Audacity 1.2.6

Bandisoft MPEG-1 Decoder

Battle.net

Bejeweled 2 Deluxe

Bing Bar

Bing Rewards Client Installer

Blackhawk Striker 2

Bloodline Champions

Brawl Busters

BrickForce 1.4.40

Build-a-lot 2

Build Your Own Net Dream (remove only)

Burn Zombie Burn

Call of Duty® - World at War

CameraHelperMsi

CamStudio OSS Desktop Recorder

Canon IJ Network Scan Utility

Canon IJ Network Tool

Canon MP Navigator 2.2

Catalyst Control Center

Catalyst Control Center - Branding

Catalyst Control Center Graphics Previews Common

Catalyst Control Center InstallProxy

Catalyst Control Center Localization All

CCC Help Chinese Standard

CCC Help Chinese Traditional

CCC Help Czech

CCC Help Danish

CCC Help Dutch

CCC Help English

CCC Help Finnish

CCC Help French

CCC Help German

CCC Help Greek

CCC Help Hungarian

CCC Help Italian

CCC Help Japanese

CCC Help Korean

CCC Help Norwegian

CCC Help Polish

CCC Help Portuguese

CCC Help Russian

CCC Help Spanish

CCC Help Swedish

CCC Help Thai

CCC Help Turkish

Chuzzle Deluxe

CinemaNow Media Manager

Counter-Strike: Source

Counter-Strike: Source Beta

Crimecraft: BLEEDOUT

Cubemen

CyberLink DVD Suite Deluxe

D3DX10

Darkest of Days - Demo

Diablo

Diablo III

Diablo III Beta

Diner Dash 2 Restaurant Rescue

Doomsday Engine 1.9.8

Dora's Carnival Adventure

Dungeon Defenders Demo

DVD Menu Pack for HP MediaSmart Video

Empires

erLT

Escape Rosecliff Island

Facebook Video Calling 1.2.0.159

Fallout: New Vegas

FATE

Final Drive Nitro

FlipShare

Foreign Legion: Buckets of Blood

FPS Creator Free

Fraps

Free Ride Games Player

Game Maker 8.0

GameSpy Arcade

Garry's Mod

Google Chrome

Google Toolbar for Internet Explorer

Google Update Helper

Gotham City Impostors

Half-Life 2

Half-Life 2: Lost Coast

Half-Life Deathmatch: Source

Half-Life: Source

Helicopter Strike Force

Heroes of Hellas 2 - Olympia

Hot Wheels

Hot Wheels Stunt Track Challenge

HP Advisor

HP Customer Experience Enhancements

HP Games

HP MediaSmart CinemaNow 2.0

HP MediaSmart DVD

HP MediaSmart Music

HP MediaSmart Photo

HP MediaSmart Video

HP MediaSmart/TouchSmart Netflix

HP Odometer

HP Setup

HP Support Assistant

HP Support Information

HP Update

HPAsset component for HP Active Support Library

Hulu Desktop

HydraVision

iLivid

Intel® Management Engine Components

Intel® Rapid Storage Technology

Java Auto Updater

Java 6 Update 30

Jed's Half-Life Model Viewer 1.3.6

Jewel Quest 3

Jewel Quest Solitaire 2

Junk Mail filter update

Killing Floor

Killing Floor Mod: Defence Alliance 2

Kobo

LabelPrint

Left 4 Dead

Left 4 Dead 2

Left 4 Dead 2 Add-on Support

LightScribe System Software

Logitech Vid HD

Logitech Webcam Software

LWS Facebook

LWS Gallery

LWS Help_main

LWS Launcher

LWS Motion Detection

LWS Pictures And Video

LWS Twitter

LWS Video Mask Maker

LWS Webcam Software

LWS WLM Plugin

LWS YouTube Plugin

Malwarebytes Anti-Malware version 1.61.0.1400

Mastercam X

Medal of Honor Airborne

Microsoft .NET Framework 1.1

Microsoft Games for Windows - LIVE Redistributable

Microsoft Games for Windows Marketplace

Microsoft Office 2010

Microsoft Office Click-to-Run 2010

Microsoft Office Starter 2010 - English

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

Microsoft Windows Media Video 9 VCM

Microsoft Works 6-9 Converter

Microsoft WSE 3.0 Runtime

Microsoft XNA Framework Redistributable 3.1

Microsoft XNA Framework Redistributable 4.0

Monster Madness: Battle for Suburbia

Mortal Kombat Kollection

Movie Theme Pack for HP MediaSmart Video

MP4 player

MSVCRT

MSVCRT_amd64

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

MSXML 4.0 SP3 Parser

MSXML 4.0 SP3 Parser (KB973685)

Norton Online Backup

Norton Security Scan

NVIDIA PhysX

Oblivion

OpenAL

OpenOffice.org 3.2

Pando Media Booster

PDF Complete Special Edition

Penguins!

PESTERCHUM

PhotoJoy

PhotoJoy US Toolbar

PhotoNow!

Plants vs. Zombies

PMB

Poker Superstars III

Polar Bowler

Polar Golfer

Portal 2

Pound of Ground Demo

Power2Go

PowerDirector

PressReader

Project Blackout

PunkBuster Services

Quake Live Internet Explorer Plugin

QuickTime

Ralink RT2860 Wireless LAN Card

Realm of the Mad God

Realtek High Definition Audio Driver

Recovery Manager

RollerCoaster Tycoon 3 Platinum

Roxio CinemaNow 2.0

Security Update for CAPICOM (KB931906)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft .NET Framework 4 Extended (KB2416472)

Security Update for Microsoft .NET Framework 4 Extended (KB2487367)

Security Update for Microsoft .NET Framework 4 Extended (KB2656351)

Serious Sam 2

Shank 2 Demo

Shoot Many Robots

Shopping4Causes Shopping Plugin

SpongeBob SquarePants Employee of the Month

StartNow Toolbar

Steam

Stop Motion Animation Companion CD 1.3

Stunt Track Driver

Super Monday Night Combat

Synergy

Team Fortress 2

Team Fortress 2 Beta

Terraria

The Binding Of Isaac

The Fairly OddParents - Shadow Showdown (remove only)

TimesUpKidz

Tomb Raider: Legend

U.B. Funkeys

Unity Web Player

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2473228)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft .NET Framework 4 Extended (KB2468871)

Update for Microsoft .NET Framework 4 Extended (KB2533523)

Update for Microsoft .NET Framework 4 Extended (KB2600217)

Update Installer for WildTangent Games App

Virtual Families

Virtual Villagers - The Secret City

VLC media player 1.1.11

Webroot SecureAnywhere

Wheel of Fortune 2

WildTangent Games App (HP Games)

Windows Live Communications Platform

Windows Live Essentials

Windows Live Installer

Windows Live Mail

Windows Live Messenger

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live Sync

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

World of Warcraft

World of Warcraft Beta

Yahoo! Software Update

Yahoo! Toolbar

Zinio Reader 4

Zuma Deluxe

.

==== Event Viewer Messages From Past Week ========

.

6/17/2012 11:38:57 AM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:DOS/Alureon.A&threatid=2147636949 Name: Trojan:DOS/Alureon.A ID: 2147636949 Severity: Severe Category: Trojan Path: rootkit:_Alureon->Mbr::Alureon Detection Origin: Unknown Detection Type: Concrete Detection Source: System User: NT AUTHORITY\SYSTEM Process Name: Unknown Action: Quarantine Action Status: To finish removing malware and other potentially unwanted software, restart the computer. To see how to finish removing malware and other potentially unwanted software, see the support article on the Microsoft Security website. Error Code: 0x80070032 Error description: The request is not supported. Signature Version: AV: 1.127.2172.0, AS: 1.127.2172.0, NIS: 11.137.0.0 Engine Version: AM: 1.1.8403.0, NIS: 2.0.8001.0

6/17/2012 11:37:08 AM, Error: Service Control Manager [7000] - The Hardlock service failed to start due to the following error: This driver has been blocked from loading

6/17/2012 11:37:08 AM, Error: Application Popup [1060] - \??\C:\Windows\SysWow64\drivers\hardlock.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

6/17/2012 11:35:50 AM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.

6/17/2012 11:27:31 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}

6/17/2012 11:19:43 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}

6/17/2012 11:19:43 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

6/17/2012 11:19:41 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}

6/17/2012 11:19:40 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

6/17/2012 11:19:34 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}

6/17/2012 11:19:16 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD DfsC discache MpFilter NetBIOS NetBT nsiproxy Psched rdbss spldr tdx vwififlt Wanarpv6 WfpLwf

6/17/2012 11:19:13 AM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

6/17/2012 11:19:13 AM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.

6/17/2012 11:19:13 AM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.

6/17/2012 11:19:13 AM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.

6/17/2012 11:19:13 AM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.

6/17/2012 11:19:13 AM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.

6/17/2012 11:19:13 AM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

6/17/2012 11:19:13 AM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

6/17/2012 11:19:13 AM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.

6/17/2012 11:19:13 AM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.

6/17/2012 11:19:13 AM, Error: Service Control Manager [7001] - The Client Virtualization Handler service depends on the Application Virtualization Client service which failed to start because of the following error: The dependency service or group failed to start.

6/17/2012 11:18:01 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Windows 7 for x64-based Systems (KB2709715).

6/17/2012 11:14:30 AM, Error: Service Control Manager [7009] - A timeout was reached (60001 milliseconds) while waiting for the AMD External Events Utility service to connect.

6/17/2012 11:14:30 AM, Error: Service Control Manager [7000] - The AMD External Events Utility service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

6/17/2012 10:22:23 AM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:DOS/Alureon.A&threatid=2147636949 Name: Trojan:DOS/Alureon.A ID: 2147636949 Severity: Severe Category: Trojan Path: rootkit:_Alureon->Mbr::Alureon Detection Origin: Unknown Detection Type: Concrete Detection Source: System User: NT AUTHORITY\SYSTEM Process Name: Unknown Action: Quarantine Action Status: To finish removing malware and other potentially unwanted software, restart the computer. To see how to finish removing malware and other potentially unwanted software, see the support article on the Microsoft Security website. Error Code: 0x80070032 Error description: The request is not supported. Signature Version: AV: 1.127.2110.0, AS: 1.127.2110.0, NIS: 11.137.0.0 Engine Version: AM: 1.1.8403.0, NIS: 2.0.8001.0

6/16/2012 7:18:16 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:DOS/Alureon.A&threatid=2147636949 Name: Trojan:DOS/Alureon.A ID: 2147636949 Severity: Severe Category: Trojan Path: rootkit:_Alureon->Mbr::Alureon Detection Origin: Unknown Detection Type: Concrete Detection Source: System User: NT AUTHORITY\SYSTEM Process Name: Unknown Action: Quarantine Action Status: To finish removing malware and other potentially unwanted software, restart the computer. To see how to finish removing malware and other potentially unwanted software, see the support article on the Microsoft Security website. Error Code: 0x80070032 Error description: The request is not supported. Signature Version: AV: 1.127.2110.0, AS: 1.127.2110.0, NIS: 11.137.0.0 Engine Version: AM: 1.1.8403.0, NIS: 2.0.8001.0

6/16/2012 7:13:33 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:DOS/Alureon.A&threatid=2147636949 Name: Trojan:DOS/Alureon.A ID: 2147636949 Severity: Severe Category: Trojan Path: rootkit:_Alureon->Mbr::Alureon Detection Origin: Unknown Detection Type: Concrete Detection Source: System User: NT AUTHORITY\SYSTEM Process Name: Unknown Action: Quarantine Action Status: To finish removing malware and other potentially unwanted software, restart the computer. To see how to finish removing malware and other potentially unwanted software, see the support article on the Microsoft Security website. Error Code: 0x80070032 Error description: The request is not supported. Signature Version: AV: 1.127.2110.0, AS: 1.127.2110.0, NIS: 11.137.0.0 Engine Version: AM: 1.1.8403.0, NIS: 2.0.8001.0

6/14/2012 8:11:51 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:DOS/Alureon.A&threatid=2147636949 Name: Trojan:DOS/Alureon.A ID: 2147636949 Severity: Severe Category: Trojan Path: rootkit:_Alureon->Mbr::Alureon Detection Origin: Unknown Detection Type: Concrete Detection Source: System User: NT AUTHORITY\SYSTEM Process Name: Unknown Action: Quarantine Action Status: To finish removing malware and other potentially unwanted software, restart the computer. To see how to finish removing malware and other potentially unwanted software, see the support article on the Microsoft Security website. Error Code: 0x80070032 Error description: The request is not supported. Signature Version: AV: 1.127.2024.0, AS: 1.127.2024.0, NIS: 11.137.0.0 Engine Version: AM: 1.1.8403.0, NIS: 2.0.8001.0

6/14/2012 7:06:10 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:DOS/Alureon.A&threatid=2147636949 Name: Trojan:DOS/Alureon.A ID: 2147636949 Severity: Severe Category: Trojan Path: rootkit:_Alureon->Mbr::Alureon Detection Origin: Unknown Detection Type: Concrete Detection Source: System User: NT AUTHORITY\SYSTEM Process Name: Unknown Action: Quarantine Action Status: To finish removing malware and other potentially unwanted software, restart the computer. To see how to finish removing malware and other potentially unwanted software, see the support article on the Microsoft Security website. Error Code: 0x80070032 Error description: The request is not supported. Signature Version: AV: 1.127.1891.0, AS: 1.127.1891.0, NIS: 11.137.0.0 Engine Version: AM: 1.1.8403.0, NIS: 2.0.8001.0

6/14/2012 3:28:55 AM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:DOS/Alureon.A&threatid=2147636949 Name: Trojan:DOS/Alureon.A ID: 2147636949 Severity: Severe Category: Trojan Path: rootkit:_Alureon->Mbr::Alureon Detection Origin: Unknown Detection Type: Concrete Detection Source: System User: NT AUTHORITY\SYSTEM Process Name: Unknown Action: Quarantine Action Status: To finish removing malware and other potentially unwanted software, restart the computer. To see how to finish removing malware and other potentially unwanted software, see the support article on the Microsoft Security website. Error Code: 0x80070032 Error description: The request is not supported. Signature Version: AV: 1.127.1891.0, AS: 1.127.1891.0, NIS: 11.137.0.0 Engine Version: AM: 1.1.8403.0, NIS: 2.0.8001.0

6/11/2012 3:53:52 AM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:DOS/Alureon.A&threatid=2147636949 Name: Trojan:DOS/Alureon.A ID: 2147636949 Severity: Severe Category: Trojan Path: rootkit:_Alureon->Mbr::Alureon Detection Origin: Unknown Detection Type: Concrete Detection Source: System User: NT AUTHORITY\SYSTEM Process Name: Unknown Action: Quarantine Action Status: To finish removing malware and other potentially unwanted software, restart the computer. To see how to finish removing malware and other potentially unwanted software, see the support article on the Microsoft Security website. Error Code: 0x80070032 Error description: The request is not supported. Signature Version: AV: 1.127.1726.0, AS: 1.127.1726.0, NIS: 11.0.0.0 Engine Version: AM: 1.1.8403.0, NIS: 2.0.8001.0

6/10/2012 4:52:31 PM, Error: Service Control Manager [7031] - The WRSVC service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

.

==== End Of File ===========================

AdvancedSetup · June 17, 2012

Please download and run the following scanner from Kaspersky. If possible please temporarily disable your Anti-Virus until this scanner has completed running. On the "change parameters" please enable the other 2 options and scan your system and send me back the log please.

Do not take any action against unsigned files at this time.

tdsskiller.exe

Note:

* The utility has graphical user interface.

* The utility supports 32-bit and 64-bit operation systems.

* The utility can be run in Normal Mode and Safe Mode.

Please send me back the log so that I can review what if anything was found.

By default, the utility outputs the log to root folder of C:

Logs have names like: UtilityName.Version_Date_Time_log.txt.

E.g. C:\TDSSKiller.2.4.7_23.07.2010_15.31.43_log.txt

Thank you

mullerfour · June 18, 2012

Thank you so much for your help. I hope I am doing this right. When the scan completed, there were some "unsigned files" and the default action was skip. There was also something for which the default was "cure" - I didn't change anything, just hit continue. It asked me to reboot, and I managed to find this log - I hope it is what I am supposed to be sending? I really appreciate your assistance....

17:42:18.0412 13568 TDSS rootkit removing tool 2.7.40.0 Jun 15 2012 15:13:31

17:42:18.0802 13568 ============================================================

17:42:18.0802 13568 Current date / time: 2012/06/18 17:42:18.0802

17:42:18.0802 13568 SystemInfo:

17:42:18.0802 13568

17:42:18.0802 13568 OS Version: 6.1.7601 ServicePack: 1.0

17:42:18.0802 13568 Product type: Workstation

17:42:18.0802 13568 ComputerName: FOUR-HP

17:42:18.0802 13568 UserName: four

17:42:18.0802 13568 Windows directory: C:\Windows

17:42:18.0802 13568 System windows directory: C:\Windows

17:42:18.0802 13568 Running under WOW64

17:42:18.0802 13568 Processor architecture: Intel x64

17:42:18.0802 13568 Number of processors: 4

17:42:18.0802 13568 Page size: 0x1000

17:42:18.0802 13568 Boot type: Normal boot

17:42:18.0802 13568 ============================================================

17:42:19.0129 13568 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

17:42:19.0160 13568 ============================================================

17:42:19.0160 13568 \Device\Harddisk0\DR0:

17:42:19.0160 13568 MBR partitions:

17:42:19.0160 13568 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000

17:42:19.0160 13568 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x72E8D000

17:42:19.0160 13568 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x72EBF800, BlocksNum 0x1846800

17:42:19.0160 13568 ============================================================

17:42:19.0192 13568 C: <-> \Device\Harddisk0\DR0\Partition1

17:42:19.0238 13568 D: <-> \Device\Harddisk0\DR0\Partition2

17:42:19.0238 13568 ============================================================

17:42:19.0238 13568 Initialize success

17:42:19.0238 13568 ============================================================

17:42:26.0758 17704 ============================================================

17:42:26.0758 17704 Scan started

17:42:26.0758 17704 Mode: Manual; SigCheck; TDLFS;

17:42:26.0758 17704 ============================================================

17:42:27.0709 17704 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys

17:42:27.0881 17704 1394ohci - ok

17:42:27.0974 17704 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys

17:42:27.0974 17704 ACPI - ok

17:42:28.0021 17704 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys

17:42:28.0146 17704 AcpiPmi - ok

17:42:28.0271 17704 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

17:42:28.0286 17704 AdobeARMservice - ok

17:42:28.0583 17704 AdobeFlashPlayerUpdateSvc (f3cd7b20b27d1772c946df993ff3635c) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

17:42:28.0598 17704 AdobeFlashPlayerUpdateSvc - ok

17:42:28.0676 17704 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys

17:42:28.0708 17704 adp94xx - ok

17:42:28.0754 17704 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys

17:42:28.0786 17704 adpahci - ok

17:42:28.0801 17704 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys

17:42:28.0817 17704 adpu320 - ok

17:42:28.0848 17704 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll

17:42:28.0988 17704 AeLookupSvc - ok

17:42:29.0066 17704 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys

17:42:29.0082 17704 AFD - ok

17:42:29.0129 17704 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys

17:42:29.0144 17704 agp440 - ok

17:42:29.0160 17704 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe

17:42:29.0238 17704 ALG - ok

17:42:29.0254 17704 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys

17:42:29.0269 17704 aliide - ok

17:42:29.0347 17704 AMD External Events Utility (20c8a3e435a47f0408a1ea674afa6194) C:\Windows\system32\atiesrxx.exe

17:42:29.0441 17704 AMD External Events Utility - ok

17:42:29.0472 17704 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys

17:42:29.0472 17704 amdide - ok

17:42:29.0503 17704 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys

17:42:29.0534 17704 AmdK8 - ok

17:42:30.0205 17704 amdkmdag (0b45c18b0f3ee996d25baa4e74884b83) C:\Windows\system32\DRIVERS\atikmdag.sys

17:42:30.0424 17704 amdkmdag - ok

17:42:30.0642 17704 amdkmdap (0e57258e5cc4cc7a9a9a877afdf0cec6) C:\Windows\system32\DRIVERS\atikmpag.sys

17:42:30.0704 17704 amdkmdap - ok

17:42:30.0736 17704 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys

17:42:30.0782 17704 AmdPPM - ok

17:42:30.0845 17704 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys

17:42:30.0860 17704 amdsata - ok

17:42:30.0892 17704 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys

17:42:30.0907 17704 amdsbs - ok

17:42:30.0923 17704 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys

17:42:30.0938 17704 amdxata - ok

17:42:30.0985 17704 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys

17:42:31.0126 17704 AppID - ok

17:42:31.0141 17704 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll

17:42:31.0219 17704 AppIDSvc - ok

17:42:31.0282 17704 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll

17:42:31.0360 17704 Appinfo - ok

17:42:31.0453 17704 Apple Mobile Device (018857ead9a077a56aedfc0e5ef7a24a) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

17:42:31.0469 17704 Apple Mobile Device - ok

17:42:31.0500 17704 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys

17:42:31.0516 17704 arc - ok

17:42:31.0531 17704 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys

17:42:31.0547 17704 arcsas - ok

17:42:31.0656 17704 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe

17:42:31.0672 17704 aspnet_state - ok

17:42:31.0703 17704 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys

17:42:31.0750 17704 AsyncMac - ok

17:42:31.0796 17704 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys

17:42:31.0812 17704 atapi - ok

17:42:31.0843 17704 AtiHdmiService (637e0753bd6deb8ea5314a5c357ec1a0) C:\Windows\system32\drivers\AtiHdmi.sys

17:42:31.0859 17704 AtiHdmiService - ok

17:42:31.0952 17704 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll

17:42:32.0046 17704 AudioEndpointBuilder - ok

17:42:32.0062 17704 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll

17:42:32.0093 17704 AudioSrv - ok

17:42:32.0155 17704 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll

17:42:32.0233 17704 AxInstSV - ok

17:42:32.0280 17704 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys

17:42:32.0327 17704 b06bdrv - ok

17:42:32.0374 17704 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys

17:42:32.0420 17704 b57nd60a - ok

17:42:32.0530 17704 BBSvc (dbf43db0c648db9101d61041e00df5c4) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE

17:42:32.0561 17704 BBSvc - ok

17:42:32.0576 17704 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll

17:42:32.0592 17704 BDESVC - ok

17:42:32.0608 17704 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys

17:42:32.0670 17704 Beep - ok

17:42:32.0748 17704 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll

17:42:32.0826 17704 BFE - ok

17:42:32.0920 17704 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll

17:42:32.0998 17704 BITS - ok

17:42:33.0060 17704 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys

17:42:33.0060 17704 blbdrive - ok

17:42:33.0154 17704 Bonjour Service (f832f1505ad8b83474bd9a5b1b985e01) C:\Program Files (x86)\Bonjour\mDNSResponder.exe

17:42:33.0169 17704 Bonjour Service - ok

17:42:33.0232 17704 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys

17:42:33.0263 17704 bowser - ok

17:42:33.0278 17704 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys

17:42:33.0325 17704 BrFiltLo - ok

17:42:33.0341 17704 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys

17:42:33.0356 17704 BrFiltUp - ok

17:42:33.0419 17704 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll

17:42:33.0481 17704 Browser - ok

17:42:33.0512 17704 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys

17:42:33.0559 17704 Brserid - ok

17:42:33.0575 17704 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys

17:42:33.0590 17704 BrSerWdm - ok

17:42:33.0622 17704 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys

17:42:33.0653 17704 BrUsbMdm - ok

17:42:33.0668 17704 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys

17:42:33.0700 17704 BrUsbSer - ok

17:42:33.0715 17704 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys

17:42:33.0746 17704 BTHMODEM - ok

17:42:33.0793 17704 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll

17:42:33.0856 17704 bthserv - ok

17:42:33.0902 17704 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys

17:42:33.0949 17704 cdfs - ok

17:42:34.0012 17704 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys

17:42:34.0043 17704 cdrom - ok

17:42:34.0121 17704 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll

17:42:34.0214 17704 CertPropSvc - ok

17:42:34.0292 17704 CinemaNow Service (ea3333db9ab03106eec0d6d9d487ed01) C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe

17:42:34.0308 17704 CinemaNow Service - ok

17:42:34.0339 17704 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys

17:42:34.0386 17704 circlass - ok

17:42:34.0448 17704 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys

17:42:34.0480 17704 CLFS - ok

17:42:34.0558 17704 CLKMSVC10_C6F09094 (dede5ec7dc09d840d5d74e06ff4de127) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\Kernel\HDDVD\NavFilter\kmsvc.exe

17:42:34.0573 17704 CLKMSVC10_C6F09094 - ok

17:42:34.0667 17704 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

17:42:34.0682 17704 clr_optimization_v2.0.50727_32 - ok

17:42:34.0714 17704 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

17:42:34.0714 17704 clr_optimization_v2.0.50727_64 - ok

17:42:34.0807 17704 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

17:42:34.0823 17704 clr_optimization_v4.0.30319_32 - ok

17:42:34.0854 17704 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

17:42:34.0870 17704 clr_optimization_v4.0.30319_64 - ok

17:42:34.0948 17704 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys

17:42:34.0979 17704 CmBatt - ok

17:42:35.0010 17704 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys

17:42:35.0041 17704 cmdide - ok

17:42:35.0119 17704 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys

17:42:35.0150 17704 CNG - ok

17:42:35.0182 17704 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys

17:42:35.0197 17704 Compbatt - ok

17:42:35.0213 17704 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys

17:42:35.0244 17704 CompositeBus - ok

17:42:35.0244 17704 COMSysApp - ok

17:42:35.0260 17704 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys

17:42:35.0275 17704 crcdisk - ok

17:42:35.0338 17704 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll

17:42:35.0369 17704 CryptSvc - ok

17:42:35.0525 17704 cvhsvc (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE

17:42:35.0556 17704 cvhsvc - ok

17:42:35.0712 17704 DCamUSBVM (6e53d1058b900443949c69ec6215d98f) C:\Windows\system32\Drivers\usbVM31b.sys

17:42:35.0806 17704 DCamUSBVM - ok

17:42:35.0946 17704 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll

17:42:35.0993 17704 DcomLaunch - ok

17:42:36.0024 17704 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll

17:42:36.0086 17704 defragsvc - ok

17:42:36.0164 17704 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys

17:42:36.0227 17704 DfsC - ok

17:42:36.0305 17704 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll

17:42:36.0383 17704 Dhcp - ok

17:42:36.0414 17704 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys

17:42:36.0476 17704 discache - ok

17:42:36.0508 17704 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys

17:42:36.0539 17704 Disk - ok

17:42:36.0586 17704 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll

17:42:36.0632 17704 Dnscache - ok

17:42:36.0695 17704 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll

17:42:36.0757 17704 dot3svc - ok

17:42:36.0757 17704 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll

17:42:36.0804 17704 DPS - ok

17:42:36.0820 17704 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys

17:42:36.0835 17704 drmkaud - ok

17:42:36.0960 17704 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys

17:42:36.0976 17704 DXGKrnl - ok

17:42:37.0038 17704 EagleX64 - ok

17:42:37.0069 17704 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll

17:42:37.0132 17704 EapHost - ok

17:42:37.0444 17704 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys

17:42:37.0537 17704 ebdrv - ok

17:42:37.0646 17704 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe

17:42:37.0740 17704 EFS - ok

17:42:37.0834 17704 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe

17:42:37.0912 17704 ehRecvr - ok

17:42:37.0943 17704 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe

17:42:38.0005 17704 ehSched - ok

17:42:38.0083 17704 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys

17:42:38.0114 17704 elxstor - ok

17:42:38.0161 17704 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys

17:42:38.0192 17704 ErrDev - ok

17:42:38.0224 17704 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll

17:42:38.0317 17704 EventSystem - ok

17:42:38.0348 17704 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys

17:42:38.0380 17704 exfat - ok

17:42:38.0411 17704 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys

17:42:38.0458 17704 fastfat - ok

17:42:38.0551 17704 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe

17:42:38.0614 17704 Fax - ok

17:42:38.0629 17704 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys

17:42:38.0660 17704 fdc - ok

17:42:38.0692 17704 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll

17:42:38.0770 17704 fdPHost - ok

17:42:38.0801 17704 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll

17:42:38.0879 17704 FDResPub - ok

17:42:38.0894 17704 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys

17:42:38.0910 17704 FileInfo - ok

17:42:38.0926 17704 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys

17:42:38.0972 17704 Filetrace - ok

17:42:38.0988 17704 fkxltbee - ok

17:42:39.0097 17704 FlipShare Service (b8602c90d3c427d8a86ce60437615cf5) C:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exe

17:42:39.0113 17704 FlipShare Service - ok

17:42:39.0222 17704 FlipShareServer (ac5fb7094f31534594cae48306972cbd) C:\Program Files (x86)\Flip Video\FlipShareServer\FlipShareServer.exe

17:42:39.0269 17704 FlipShareServer ( UnsignedFile.Multi.Generic ) - warning

17:42:39.0269 17704 FlipShareServer - detected UnsignedFile.Multi.Generic (1)

17:42:39.0362 17704 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys

17:42:39.0378 17704 flpydisk - ok

17:42:39.0425 17704 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys

17:42:39.0456 17704 FltMgr - ok

17:42:39.0565 17704 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll

17:42:39.0643 17704 FontCache - ok

17:42:39.0706 17704 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

17:42:39.0721 17704 FontCache3.0.0.0 - ok

17:42:39.0768 17704 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys

17:42:39.0784 17704 FsDepends - ok

17:42:39.0830 17704 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys

17:42:39.0846 17704 Fs_Rec - ok

17:42:39.0846 17704 ftejopyi - ok

17:42:39.0908 17704 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys

17:42:39.0924 17704 fvevol - ok

17:42:39.0955 17704 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys

17:42:39.0971 17704 gagp30kx - ok

17:42:40.0127 17704 GamesAppService (c403c5db49a0f9aaf4f2128edc0106d8) C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe

17:42:40.0142 17704 GamesAppService - ok

17:42:40.0174 17704 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

17:42:40.0189 17704 GEARAspiWDM - ok

17:42:40.0283 17704 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll

17:42:40.0361 17704 gpsvc - ok

17:42:40.0470 17704 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

17:42:40.0486 17704 gupdate - ok

17:42:40.0517 17704 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

17:42:40.0532 17704 gupdatem - ok

17:42:40.0548 17704 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

17:42:40.0564 17704 gusvc - ok

17:42:40.0564 17704 Hardlock - ok

17:42:40.0579 17704 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys

17:42:40.0657 17704 hcw85cir - ok

17:42:40.0720 17704 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys

17:42:40.0751 17704 HdAudAddService - ok

17:42:40.0782 17704 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys

17:42:40.0829 17704 HDAudBus - ok

17:42:40.0876 17704 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys

17:42:40.0891 17704 HECIx64 - ok

17:42:40.0907 17704 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys

17:42:40.0922 17704 HidBatt - ok

17:42:40.0954 17704 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys

17:42:40.0969 17704 HidBth - ok

17:42:40.0985 17704 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys

17:42:41.0016 17704 HidIr - ok

17:42:41.0047 17704 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll

17:42:41.0110 17704 hidserv - ok

17:42:41.0172 17704 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys

17:42:41.0188 17704 HidUsb - ok

17:42:41.0234 17704 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll

17:42:41.0312 17704 hkmsvc - ok

17:42:41.0375 17704 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll

17:42:41.0422 17704 HomeGroupListener - ok

17:42:41.0468 17704 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll

17:42:41.0500 17704 HomeGroupProvider - ok

17:42:41.0578 17704 HP Health Check Service (be78357fb49759b79ccc01894bcfdddb) C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe

17:42:41.0593 17704 HP Health Check Service - ok

17:42:41.0656 17704 HPDrvMntSvc.exe (2dfb151fd34df104dac0adf070eda83c) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe

17:42:41.0671 17704 HPDrvMntSvc.exe - ok

17:42:41.0734 17704 hpqwmiex (184c500cb9f69585f3fe85e1d2667cd8) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe

17:42:41.0765 17704 hpqwmiex - ok

17:42:41.0827 17704 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys

17:42:41.0843 17704 HpSAMD - ok

17:42:41.0936 17704 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys

17:42:42.0030 17704 HTTP - ok

17:42:42.0077 17704 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys

17:42:42.0077 17704 hwpolicy - ok

17:42:42.0170 17704 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys

17:42:42.0186 17704 i8042prt - ok

17:42:42.0248 17704 iaStor (abbf174cb394f5c437410a788b7e404a) C:\Windows\system32\DRIVERS\iaStor.sys

17:42:42.0264 17704 iaStor - ok

17:42:42.0389 17704 IAStorDataMgrSvc (31a0e93cdf29007d6c6fffb632f375ed) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

17:42:42.0404 17704 IAStorDataMgrSvc - ok

17:42:42.0514 17704 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys

17:42:42.0560 17704 iaStorV - ok

17:42:42.0685 17704 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

17:42:42.0685 17704 IDriverT ( UnsignedFile.Multi.Generic ) - warning

17:42:42.0685 17704 IDriverT - detected UnsignedFile.Multi.Generic (1)

17:42:42.0857 17704 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

17:42:42.0888 17704 idsvc - ok

17:42:42.0966 17704 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys

17:42:42.0982 17704 iirsp - ok

17:42:43.0091 17704 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll

17:42:43.0184 17704 IKEEXT - ok

17:42:43.0340 17704 IntcAzAudAddService (2b888bbdf6962e608a5e1a1d7a626adf) C:\Windows\system32\drivers\RTKVHD64.sys

17:42:43.0387 17704 IntcAzAudAddService - ok

17:42:43.0543 17704 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys

17:42:43.0574 17704 intelide - ok

17:42:43.0606 17704 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys

17:42:43.0637 17704 intelppm - ok

17:42:43.0652 17704 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll

17:42:43.0699 17704 IPBusEnum - ok

17:42:43.0746 17704 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys

17:42:43.0808 17704 IpFilterDriver - ok

17:42:43.0902 17704 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll

17:42:43.0980 17704 iphlpsvc - ok

17:42:44.0058 17704 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys

17:42:44.0089 17704 IPMIDRV - ok

17:42:44.0152 17704 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys

17:42:44.0230 17704 IPNAT - ok

17:42:44.0354 17704 iPod Service (9b812a3484d89eb934982d67fb7d9313) C:\Program Files\iPod\bin\iPodService.exe

17:42:44.0370 17704 iPod Service - ok

17:42:44.0386 17704 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys

17:42:44.0432 17704 IRENUM - ok

17:42:44.0479 17704 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys

17:42:44.0479 17704 isapnp - ok

17:42:44.0510 17704 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys

17:42:44.0526 17704 iScsiPrt - ok

17:42:44.0542 17704 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys

17:42:44.0557 17704 kbdclass - ok

17:42:44.0573 17704 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys

17:42:44.0604 17704 kbdhid - ok

17:42:44.0651 17704 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

17:42:44.0666 17704 KeyIso - ok

17:42:44.0698 17704 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys

17:42:44.0698 17704 KSecDD - ok

17:42:44.0729 17704 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys

17:42:44.0744 17704 KSecPkg - ok

17:42:44.0760 17704 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys

17:42:44.0807 17704 ksthunk - ok

17:42:44.0869 17704 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll

17:42:44.0916 17704 KtmRm - ok

17:42:44.0994 17704 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll

17:42:45.0041 17704 LanmanServer - ok

17:42:45.0088 17704 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll

17:42:45.0134 17704 LanmanWorkstation - ok

17:42:45.0212 17704 LightScribeService (7550d101bf49fdb1f92666a233ee36c4) c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

17:42:45.0228 17704 LightScribeService ( UnsignedFile.Multi.Generic ) - warning

17:42:45.0228 17704 LightScribeService - detected UnsignedFile.Multi.Generic (1)

17:42:45.0228 17704 llqyqiad - ok

17:42:45.0259 17704 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys

17:42:45.0337 17704 lltdio - ok

17:42:45.0384 17704 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll

17:42:45.0446 17704 lltdsvc - ok

17:42:45.0462 17704 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll

17:42:45.0493 17704 lmhosts - ok

17:42:45.0556 17704 LMS (e38775922d4a4c05b5d96733ab4ce169) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

17:42:45.0587 17704 LMS - ok

17:42:45.0634 17704 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys

17:42:45.0649 17704 LSI_FC - ok

17:42:45.0665 17704 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys

17:42:45.0680 17704 LSI_SAS - ok

17:42:45.0696 17704 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys

17:42:45.0696 17704 LSI_SAS2 - ok

17:42:45.0727 17704 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys

17:42:45.0727 17704 LSI_SCSI - ok

17:42:45.0758 17704 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys

17:42:45.0790 17704 luafv - ok

17:42:45.0852 17704 LVRS64 (0c85b2b6fb74b36a251792d45e0ef860) C:\Windows\system32\DRIVERS\lvrs64.sys

17:42:45.0868 17704 LVRS64 - ok

17:42:46.0180 17704 LVUVC64 (ff3a488924b0032b1a9ca6948c1fa9e8) C:\Windows\system32\DRIVERS\lvuvc64.sys

17:42:46.0258 17704 LVUVC64 - ok

17:42:46.0429 17704 MBAMProtector (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys

17:42:46.0445 17704 MBAMProtector - ok

17:42:46.0492 17704 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

17:42:46.0507 17704 MBAMService - ok

17:42:46.0554 17704 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll

17:42:46.0570 17704 Mcx2Svc - ok

17:42:46.0601 17704 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys

17:42:46.0601 17704 megasas - ok

17:42:46.0632 17704 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys

17:42:46.0632 17704 MegaSR - ok

17:42:46.0648 17704 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll

17:42:46.0679 17704 MMCSS - ok

17:42:46.0694 17704 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys

17:42:46.0741 17704 Modem - ok

17:42:46.0757 17704 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys

17:42:46.0804 17704 monitor - ok

17:42:46.0928 17704 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys

17:42:46.0928 17704 mouclass - ok

17:42:46.0975 17704 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys

17:42:47.0006 17704 mouhid - ok

17:42:47.0053 17704 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys

17:42:47.0069 17704 mountmgr - ok

17:42:47.0162 17704 MpFilter (94c66ededcdb6a126880472f9a704d8e) C:\Windows\system32\DRIVERS\MpFilter.sys

17:42:47.0194 17704 MpFilter - ok

17:42:47.0225 17704 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys

17:42:47.0240 17704 mpio - ok

17:42:47.0287 17704 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys

17:42:47.0303 17704 mpsdrv - ok

17:42:47.0396 17704 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll

17:42:47.0459 17704 MpsSvc - ok

17:42:47.0506 17704 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys

17:42:47.0537 17704 MRxDAV - ok

17:42:47.0599 17704 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys

17:42:47.0630 17704 mrxsmb - ok

17:42:47.0677 17704 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys

17:42:47.0740 17704 mrxsmb10 - ok

17:42:47.0771 17704 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys

17:42:47.0786 17704 mrxsmb20 - ok

17:42:47.0833 17704 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys

17:42:47.0864 17704 msahci - ok

17:42:47.0896 17704 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys

17:42:47.0927 17704 msdsm - ok

17:42:47.0974 17704 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe

17:42:48.0005 17704 MSDTC - ok

17:42:48.0036 17704 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys

17:42:48.0067 17704 Msfs - ok

17:42:48.0083 17704 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys

17:42:48.0114 17704 mshidkmdf - ok

17:42:48.0130 17704 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys

17:42:48.0145 17704 msisadrv - ok

17:42:48.0176 17704 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll

17:42:48.0223 17704 MSiSCSI - ok

17:42:48.0223 17704 msiserver - ok

17:42:48.0239 17704 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys

17:42:48.0286 17704 MSKSSRV - ok

17:42:48.0364 17704 MsMpSvc (59faaf2c83c8169ea20f9e335e418907) c:\Program Files\Microsoft Security Client\MsMpEng.exe

17:42:48.0379 17704 MsMpSvc - ok

17:42:48.0395 17704 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys

17:42:48.0457 17704 MSPCLOCK - ok

17:42:48.0457 17704 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys

17:42:48.0504 17704 MSPQM - ok

17:42:48.0566 17704 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys

17:42:48.0582 17704 MsRPC - ok

17:42:48.0629 17704 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys

17:42:48.0644 17704 mssmbios - ok

17:42:48.0660 17704 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys

17:42:48.0707 17704 MSTEE - ok

17:42:48.0722 17704 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys

17:42:48.0722 17704 MTConfig - ok

17:42:48.0738 17704 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys

17:42:48.0769 17704 Mup - ok

17:42:48.0847 17704 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll

17:42:48.0910 17704 napagent - ok

17:42:48.0988 17704 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys

17:42:49.0034 17704 NativeWifiP - ok

17:42:49.0112 17704 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys

17:42:49.0144 17704 NDIS - ok

17:42:49.0159 17704 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys

17:42:49.0190 17704 NdisCap - ok

17:42:49.0206 17704 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys

17:42:49.0237 17704 NdisTapi - ok

17:42:49.0284 17704 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys

17:42:49.0362 17704 Ndisuio - ok

17:42:49.0409 17704 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys

17:42:49.0487 17704 NdisWan - ok

17:42:49.0518 17704 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys

17:42:49.0565 17704 NDProxy - ok

17:42:49.0580 17704 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys

17:42:49.0643 17704 NetBIOS - ok

17:42:49.0690 17704 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys

17:42:49.0752 17704 NetBT - ok

17:42:49.0799 17704 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

17:42:49.0799 17704 Netlogon - ok

17:42:49.0861 17704 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll

17:42:49.0924 17704 Netman - ok

17:42:50.0033 17704 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

17:42:50.0048 17704 NetMsmqActivator - ok

17:42:50.0048 17704 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

17:42:50.0064 17704 NetPipeActivator - ok

17:42:50.0111 17704 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll

17:42:50.0173 17704 netprofm - ok

17:42:50.0267 17704 netr28x (064ab63c9a588d2611306ae16d017e7e) C:\Windows\system32\DRIVERS\netr28x.sys

17:42:50.0298 17704 netr28x - ok

17:42:50.0392 17704 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

17:42:50.0407 17704 NetTcpActivator - ok

17:42:50.0423 17704 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

17:42:50.0438 17704 NetTcpPortSharing - ok

17:42:50.0470 17704 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys

17:42:50.0470 17704 nfrd960 - ok

17:42:50.0532 17704 NisDrv (91b4e0273d2f6c24ef845f2b41311289) C:\Windows\system32\DRIVERS\NisDrvWFP.sys

17:42:50.0563 17704 NisDrv - ok

17:42:50.0626 17704 NisSrv (10a43829a9e606af3eef25a1c1665923) c:\Program Files\Microsoft Security Client\NisSrv.exe

17:42:50.0641 17704 NisSrv - ok

17:42:50.0704 17704 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll

17:42:50.0766 17704 NlaSvc - ok

17:42:50.0984 17704 NOBU (5839a8027d6d324a7cd494051a96628c) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe

17:42:51.0031 17704 NOBU - ok

17:42:51.0125 17704 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys

17:42:51.0172 17704 Npfs - ok

17:42:51.0187 17704 npggsvc - ok

17:42:51.0203 17704 NPPTNT2 - ok

17:42:51.0234 17704 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll

17:42:51.0281 17704 nsi - ok

17:42:51.0296 17704 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys

17:42:51.0328 17704 nsiproxy - ok

17:42:51.0452 17704 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys

17:42:51.0484 17704 Ntfs - ok

17:42:51.0593 17704 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys

17:42:51.0655 17704 Null - ok

17:42:51.0671 17704 nvarvpwb - ok

17:42:51.0718 17704 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys

17:42:51.0733 17704 nvraid - ok

17:42:51.0749 17704 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys

17:42:51.0764 17704 nvstor - ok

17:42:51.0796 17704 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys

17:42:51.0811 17704 nv_agp - ok

17:42:51.0827 17704 oblswhjx - ok

17:42:51.0842 17704 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys

17:42:51.0858 17704 ohci1394 - ok

17:42:51.0936 17704 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

17:42:51.0952 17704 ose - ok

17:42:52.0357 17704 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

17:42:52.0466 17704 osppsvc - ok

17:42:52.0544 17704 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll

17:42:52.0607 17704 p2pimsvc - ok

17:42:52.0638 17704 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll

17:42:52.0669 17704 p2psvc - ok

17:42:52.0716 17704 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys

17:42:52.0732 17704 Parport - ok

17:42:52.0763 17704 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys

17:42:52.0778 17704 partmgr - ok

17:42:52.0794 17704 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll

17:42:52.0825 17704 PcaSvc - ok

17:42:52.0872 17704 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys

17:42:52.0903 17704 pci - ok

17:42:52.0903 17704 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys

17:42:52.0919 17704 pciide - ok

17:42:52.0950 17704 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys

17:42:52.0950 17704 pcmcia - ok

17:42:52.0981 17704 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys

17:42:52.0981 17704 pcw - ok

17:42:53.0012 17704 pdfcDispatcher - ok

17:42:53.0059 17704 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys

17:42:53.0106 17704 PEAUTH - ok

17:42:53.0200 17704 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe

17:42:53.0231 17704 PerfHost - ok

17:42:53.0449 17704 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll

17:42:53.0512 17704 pla - ok

17:42:53.0574 17704 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll

17:42:53.0621 17704 PlugPlay - ok

17:42:53.0730 17704 PMBDeviceInfoProvider (63694c307273062a2167ae4ce80730ef) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe

17:42:53.0746 17704 PMBDeviceInfoProvider - ok

17:42:53.0761 17704 PnkBstrA - ok

17:42:53.0777 17704 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll

17:42:53.0808 17704 PNRPAutoReg - ok

17:42:53.0855 17704 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll

17:42:53.0886 17704 PNRPsvc - ok

17:42:53.0995 17704 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll

17:42:54.0042 17704 PolicyAgent - ok

17:42:54.0073 17704 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll

17:42:54.0120 17704 Power - ok

17:42:54.0198 17704 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys

17:42:54.0260 17704 PptpMiniport - ok

17:42:54.0292 17704 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys

17:42:54.0307 17704 Processor - ok

17:42:54.0354 17704 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll

17:42:54.0401 17704 ProfSvc - ok

17:42:54.0432 17704 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

17:42:54.0448 17704 ProtectedStorage - ok

17:42:54.0494 17704 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys

17:42:54.0557 17704 Psched - ok

17:42:54.0666 17704 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys

17:42:54.0728 17704 ql2300 - ok

17:42:54.0822 17704 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys

17:42:54.0838 17704 ql40xx - ok

17:42:54.0869 17704 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll

17:42:54.0900 17704 QWAVE - ok

17:42:54.0916 17704 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys

17:42:54.0962 17704 QWAVEdrv - ok

17:42:55.0056 17704 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys

17:42:55.0150 17704 RasAcd - ok

17:42:55.0181 17704 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys

17:42:55.0228 17704 RasAgileVpn - ok

17:42:55.0259 17704 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll

17:42:55.0290 17704 RasAuto - ok

17:42:55.0337 17704 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys

17:42:55.0384 17704 Rasl2tp - ok

17:42:55.0415 17704 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll

17:42:55.0462 17704 RasMan - ok

17:42:55.0477 17704 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys

17:42:55.0524 17704 RasPppoe - ok

17:42:55.0555 17704 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys

17:42:55.0602 17704 RasSstp - ok

17:42:55.0633 17704 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys

17:42:55.0680 17704 rdbss - ok

17:42:55.0696 17704 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys

17:42:55.0711 17704 rdpbus - ok

17:42:55.0711 17704 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys

17:42:55.0758 17704 RDPCDD - ok

17:42:55.0758 17704 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys

17:42:55.0805 17704 RDPENCDD - ok

17:42:55.0836 17704 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys

17:42:55.0852 17704 RDPREFMP - ok

17:42:55.0898 17704 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys

17:42:55.0930 17704 RDPWD - ok

17:42:55.0992 17704 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys

17:42:56.0023 17704 rdyboost - ok

17:42:56.0070 17704 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll

17:42:56.0132 17704 RemoteAccess - ok

17:42:56.0164 17704 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll

17:42:56.0226 17704 RemoteRegistry - ok

17:42:56.0242 17704 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll

17:42:56.0288 17704 RpcEptMapper - ok

17:42:56.0320 17704 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe

17:42:56.0366 17704 RpcLocator - ok

17:42:56.0429 17704 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll

17:42:56.0476 17704 RpcSs - ok

17:42:56.0522 17704 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys

17:42:56.0569 17704 rspndr - ok

17:42:56.0632 17704 RTL8167 (7ea8d2eb9bbfd2ab8a3117a1e96d3b3a) C:\Windows\system32\DRIVERS\Rt64win7.sys

17:42:56.0663 17704 RTL8167 - ok

17:42:56.0694 17704 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

17:42:56.0725 17704 SamSs - ok

17:42:56.0772 17704 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys

17:42:56.0788 17704 sbp2port - ok

17:42:56.0803 17704 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll

17:42:56.0866 17704 SCardSvr - ok

17:42:56.0881 17704 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys

17:42:56.0912 17704 scfilter - ok

17:42:57.0006 17704 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll

17:42:57.0068 17704 Schedule - ok

17:42:57.0084 17704 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll

17:42:57.0115 17704 SCPolicySvc - ok

17:42:57.0131 17704 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll

17:42:57.0146 17704 SDRSVC - ok

17:42:57.0240 17704 SeaPort (78779ee07231c658b483b1f38b5088df) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE

17:42:57.0271 17704 SeaPort - ok

17:42:57.0302 17704 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys

17:42:57.0365 17704 secdrv - ok

17:42:57.0412 17704 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll

17:42:57.0474 17704 seclogon - ok

17:42:57.0474 17704 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll

17:42:57.0505 17704 SENS - ok

17:42:57.0521 17704 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll

17:42:57.0536 17704 SensrSvc - ok

17:42:57.0552 17704 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys

17:42:57.0568 17704 Serenum - ok

17:42:57.0599 17704 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys

17:42:57.0599 17704 Serial - ok

17:42:57.0646 17704 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys

17:42:57.0677 17704 sermouse - ok

17:42:57.0739 17704 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll

17:42:57.0786 17704 SessionEnv - ok

17:42:57.0802 17704 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys

17:42:57.0833 17704 sffdisk - ok

17:42:57.0848 17704 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys

17:42:57.0864 17704 sffp_mmc - ok

17:42:57.0880 17704 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys

17:42:57.0895 17704 sffp_sd - ok

17:42:57.0911 17704 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys

17:42:57.0942 17704 sfloppy - ok

17:42:58.0036 17704 Sftfs (c6cc9297bd53e5229653303e556aa539) C:\Windows\system32\DRIVERS\Sftfslh.sys

17:42:58.0067 17704 Sftfs - ok

17:42:58.0160 17704 sftlist (13693b6354dd6e72dc5131da7d764b90) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

17:42:58.0192 17704 sftlist - ok

17:42:58.0223 17704 Sftplay (390aa7bc52cee43f6790cdea1e776703) C:\Windows\system32\DRIVERS\Sftplaylh.sys

17:42:58.0238 17704 Sftplay - ok

17:42:58.0254 17704 Sftredir (617e29a0b0a2807466560d4c4e338d3e) C:\Windows\system32\DRIVERS\Sftredirlh.sys

17:42:58.0270 17704 Sftredir - ok

17:42:58.0285 17704 Sftvol (8f571f016fa1976f445147e9e6c8ae9b) C:\Windows\system32\DRIVERS\Sftvollh.sys

17:42:58.0301 17704 Sftvol - ok

17:42:58.0316 17704 sftvsa (c3cddd18f43d44ab713cf8c4916f7696) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

17:42:58.0332 17704 sftvsa - ok

17:42:58.0394 17704 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll

17:42:58.0472 17704 SharedAccess - ok

17:42:58.0519 17704 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll

17:42:58.0597 17704 ShellHWDetection - ok

17:42:58.0628 17704 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys

17:42:58.0628 17704 SiSRaid2 - ok

17:42:58.0644 17704 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys

17:42:58.0660 17704 SiSRaid4 - ok

17:42:58.0691 17704 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys

17:42:58.0738 17704 Smb - ok

17:42:58.0769 17704 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe

17:42:58.0784 17704 SNMPTRAP - ok

17:42:58.0800 17704 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys

17:42:58.0816 17704 spldr - ok

17:42:58.0878 17704 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe

17:42:58.0909 17704 Spooler - ok

17:42:59.0268 17704 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe

17:42:59.0362 17704 sppsvc - ok

17:42:59.0502 17704 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll

17:42:59.0549 17704 sppuinotify - ok

17:42:59.0627 17704 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys

17:42:59.0674 17704 srv - ok

17:42:59.0705 17704 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys

17:42:59.0720 17704 srv2 - ok

17:42:59.0736 17704 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys

17:42:59.0752 17704 srvnet - ok

17:42:59.0767 17704 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll

17:42:59.0830 17704 SSDPSRV - ok

17:42:59.0861 17704 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll

17:42:59.0876 17704 SstpSvc - ok

17:42:59.0923 17704 Steam Client Service - ok

17:42:59.0954 17704 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys

17:42:59.0970 17704 stexstor - ok

17:43:00.0079 17704 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll

17:43:00.0157 17704 stisvc - ok

17:43:00.0204 17704 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys

17:43:00.0235 17704 swenum - ok

17:43:00.0282 17704 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll

17:43:00.0329 17704 swprv - ok

17:43:00.0469 17704 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll

17:43:00.0547 17704 SysMain - ok

17:43:00.0656 17704 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll

17:43:00.0688 17704 TabletInputService - ok

17:43:00.0734 17704 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll

17:43:00.0797 17704 TapiSrv - ok

17:43:00.0828 17704 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll

17:43:00.0859 17704 TBS - ok

17:43:01.0031 17704 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys

17:43:01.0078 17704 Tcpip - ok

17:43:01.0296 17704 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys

17:43:01.0358 17704 TCPIP6 - ok

17:43:01.0452 17704 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys

17:43:01.0514 17704 tcpipreg - ok

17:43:01.0530 17704 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys

17:43:01.0561 17704 TDPIPE - ok

17:43:01.0608 17704 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys

17:43:01.0624 17704 TDTCP - ok

17:43:01.0686 17704 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys

17:43:01.0702 17704 tdx - ok

17:43:01.0748 17704 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys

17:43:01.0780 17704 TermDD - ok

17:43:01.0826 17704 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll

17:43:01.0889 17704 TermService - ok

17:43:01.0904 17704 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll

17:43:01.0951 17704 Themes - ok

17:43:01.0982 17704 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll

17:43:02.0014 17704 THREADORDER - ok

17:43:02.0060 17704 TimesUpKidz (856026ed6ec2c8efaa3e048ca6ce5b31) C:\Program Files (x86)\Rain City Digital LLC\TimesUpKidz\TimesUpKidzServer.exe

17:43:02.0076 17704 TimesUpKidz ( UnsignedFile.Multi.Generic ) - warning

17:43:02.0076 17704 TimesUpKidz - detected UnsignedFile.Multi.Generic (1)

17:43:02.0107 17704 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll

17:43:02.0154 17704 TrkWks - ok

17:43:02.0216 17704 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe

17:43:02.0294 17704 TrustedInstaller - ok

17:43:02.0326 17704 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys

17:43:02.0388 17704 tssecsrv - ok

17:43:02.0435 17704 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys

17:43:02.0482 17704 TsUsbFlt - ok

17:43:02.0544 17704 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys

17:43:02.0591 17704 tunnel - ok

17:43:02.0622 17704 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys

17:43:02.0638 17704 uagp35 - ok

17:43:02.0700 17704 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys

17:43:02.0778 17704 udfs - ok

17:43:02.0809 17704 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe

17:43:02.0809 17704 UI0Detect - ok

17:43:02.0856 17704 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys

17:43:02.0887 17704 uliagpkx - ok

17:43:02.0903 17704 uludkfpu - ok

17:43:02.0918 17704 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys

17:43:02.0950 17704 umbus - ok

17:43:02.0981 17704 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys

17:43:03.0012 17704 UmPass - ok

17:43:03.0215 17704 UMVPFSrv (67a95b9d129ed5399e7965cd09cf30e7) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe

17:43:03.0246 17704 UMVPFSrv - ok

17:43:03.0418 17704 UNS (02c298382359653bec4c737c2ab7f9c5) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

17:43:03.0480 17704 UNS - ok

17:43:03.0574 17704 Updater Service for StartNow Toolbar (70eb41a4417ba0aa36ae12bf2b4d98f6) C:\Program Files (x86)\StartNow Toolbar\ToolbarUpdaterService.exe

17:43:03.0605 17704 Updater Service for StartNow Toolbar - ok

17:43:03.0714 17704 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll

17:43:03.0776 17704 upnphost - ok

17:43:03.0839 17704 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys

17:43:03.0870 17704 usbaudio - ok

17:43:03.0886 17704 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys

17:43:03.0917 17704 usbccgp - ok

17:43:03.0948 17704 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys

17:43:03.0964 17704 usbcir - ok

17:43:03.0979 17704 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys

17:43:04.0010 17704 usbehci - ok

17:43:04.0057 17704 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys

17:43:04.0104 17704 usbhub - ok

17:43:04.0198 17704 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys

17:43:04.0213 17704 usbohci - ok

17:43:04.0244 17704 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys

17:43:04.0260 17704 usbprint - ok

17:43:04.0276 17704 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS

17:43:04.0338 17704 USBSTOR - ok

17:43:04.0354 17704 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys

17:43:04.0369 17704 usbuhci - ok

17:43:04.0416 17704 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys

17:43:04.0447 17704 usbvideo - ok

17:43:04.0463 17704 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll

17:43:04.0525 17704 UxSms - ok

17:43:04.0556 17704 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

17:43:04.0572 17704 VaultSvc - ok

17:43:04.0588 17704 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys

17:43:04.0603 17704 vdrvroot - ok

17:43:04.0666 17704 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe

17:43:04.0744 17704 vds - ok

17:43:04.0775 17704 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys

17:43:04.0790 17704 vga - ok

17:43:04.0806 17704 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys

17:43:04.0853 17704 VgaSave - ok

17:43:04.0915 17704 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys

17:43:04.0946 17704 vhdmp - ok

17:43:04.0978 17704 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys

17:43:04.0993 17704 viaide - ok

17:43:05.0024 17704 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys

17:43:05.0040 17704 volmgr - ok

17:43:05.0102 17704 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys

17:43:05.0134 17704 volmgrx - ok

17:43:05.0149 17704 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys

17:43:05.0165 17704 volsnap - ok

17:43:05.0212 17704 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys

17:43:05.0227 17704 vsmraid - ok

17:43:05.0368 17704 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe

17:43:05.0461 17704 VSS - ok

17:43:05.0555 17704 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys

17:43:05.0586 17704 vwifibus - ok

17:43:05.0617 17704 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys

17:43:05.0664 17704 vwififlt - ok

17:43:05.0695 17704 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys

17:43:05.0742 17704 vwifimp - ok

17:43:05.0789 17704 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll

17:43:05.0851 17704 W32Time - ok

17:43:05.0867 17704 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys

17:43:05.0898 17704 WacomPen - ok

17:43:05.0960 17704 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

17:43:06.0007 17704 WANARP - ok

17:43:06.0023 17704 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

17:43:06.0038 17704 Wanarpv6 - ok

17:43:06.0163 17704 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe

17:43:06.0210 17704 WatAdminSvc - ok

17:43:06.0350 17704 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe

17:43:06.0429 17704 wbengine - ok

17:43:06.0538 17704 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll

17:43:06.0569 17704 WbioSrvc - ok

17:43:06.0631 17704 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll

17:43:06.0678 17704 wcncsvc - ok

17:43:06.0678 17704 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll

17:43:06.0694 17704 WcsPlugInService - ok

17:43:06.0741 17704 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys

17:43:06.0741 17704 Wd - ok

17:43:06.0787 17704 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys

17:43:06.0819 17704 Wdf01000 - ok

17:43:06.0834 17704 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll

17:43:06.0912 17704 WdiServiceHost - ok

17:43:06.0928 17704 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll

17:43:06.0943 17704 WdiSystemHost - ok

17:43:07.0006 17704 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll

17:43:07.0068 17704 WebClient - ok

17:43:07.0099 17704 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll

17:43:07.0177 17704 Wecsvc - ok

17:43:07.0193 17704 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll

17:43:07.0240 17704 wercplsupport - ok

17:43:07.0271 17704 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll

17:43:07.0318 17704 WerSvc - ok

17:43:07.0349 17704 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys

17:43:07.0380 17704 WfpLwf - ok

17:43:07.0380 17704 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys

17:43:07.0396 17704 WIMMount - ok

17:43:07.0427 17704 WinDefend - ok

17:43:07.0427 17704 WinHttpAutoProxySvc - ok

17:43:07.0489 17704 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll

17:43:07.0552 17704 Winmgmt - ok

17:43:07.0708 17704 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll

17:43:07.0786 17704 WinRM - ok

17:43:07.0926 17704 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll

17:43:07.0989 17704 Wlansvc - ok

17:43:08.0207 17704 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

17:43:08.0269 17704 wlidsvc - ok

17:43:08.0394 17704 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys

17:43:08.0425 17704 WmiAcpi - ok

17:43:08.0472 17704 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe

17:43:08.0503 17704 wmiApSrv - ok

17:43:08.0535 17704 WMPNetworkSvc - ok

17:43:08.0566 17704 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll

17:43:08.0581 17704 WPCSvc - ok

17:43:08.0628 17704 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll

17:43:08.0644 17704 WPDBusEnum - ok

17:43:08.0706 17704 WRkrn (517d7ec4178a49162e6576b143608bd0) C:\Windows\system32\drivers\WRkrn.sys

17:43:08.0706 17704 WRkrn - ok

17:43:08.0831 17704 WRSVC (87e02e094ea37680c9dbc394db0de1d7) C:\Program Files\Webroot\WRSA.exe

17:43:08.0847 17704 WRSVC - ok

17:43:08.0862 17704 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys

17:43:08.0893 17704 ws2ifsl - ok

17:43:08.0925 17704 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll

17:43:08.0940 17704 wscsvc - ok

17:43:08.0956 17704 WSearch - ok

17:43:09.0205 17704 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll

17:43:09.0315 17704 wuauserv - ok

17:43:09.0517 17704 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys

17:43:09.0595 17704 WudfPf - ok

17:43:09.0627 17704 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys

17:43:09.0673 17704 WUDFRd - ok

17:43:09.0720 17704 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll

17:43:09.0751 17704 wudfsvc - ok

17:43:09.0783 17704 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll

17:43:09.0814 17704 WwanSvc - ok

17:43:09.0892 17704 X5XSEx (8c6413d62c891d8da084a31da53a09e6) C:\Program Files (x86)\Free Ride Games\X5XSEx.Sys

17:43:09.0892 17704 X5XSEx - ok

17:43:09.0970 17704 X6va005 - ok

17:43:09.0985 17704 X6va006 - ok

17:43:09.0985 17704 X6va007 - ok

17:43:10.0079 17704 YahooAUService (dd0042f0c3b606a6a8b92d49afb18ad6) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe

17:43:10.0110 17704 YahooAUService - ok

17:43:10.0344 17704 ZSMC301b (6e53d1058b900443949c69ec6215d98f) C:\Windows\system32\Drivers\usbVM31b.sys

17:43:10.0391 17704 ZSMC301b - ok

17:43:10.0407 17704 MBR (0x1B8) (f0e69b6eb79be64fa07d8972cfaa57c7) \Device\Harddisk0\DR0

17:43:10.0438 17704 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected

17:43:10.0438 17704 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0)

17:43:10.0485 17704 \Device\Harddisk0\DR0 ( TDSS File System ) - warning

17:43:10.0485 17704 \Device\Harddisk0\DR0 - detected TDSS File System (1)

17:43:10.0485 17704 Boot (0x1200) (1cf9b51bbd05da01e434c2eaa9adb45b) \Device\Harddisk0\DR0\Partition0

17:43:10.0485 17704 \Device\Harddisk0\DR0\Partition0 - ok

17:43:10.0516 17704 Boot (0x1200) (7c13ed71ef67d7ff359954efb5a9a809) \Device\Harddisk0\DR0\Partition1

17:43:10.0516 17704 \Device\Harddisk0\DR0\Partition1 - ok

17:43:10.0547 17704 Boot (0x1200) (a8c70fd8fc7b90e94eef0eb7d3caa80b) \Device\Harddisk0\DR0\Partition2

17:43:10.0563 17704 \Device\Harddisk0\DR0\Partition2 - ok

17:43:10.0563 17704 ============================================================

17:43:10.0563 17704 Scan finished

17:43:10.0563 17704 ============================================================

17:43:10.0563 14732 Detected object count: 6

17:43:10.0563 14732 Actual detected object count: 6

17:43:51.0559 14732 FlipShareServer ( UnsignedFile.Multi.Generic ) - skipped by user

17:43:51.0559 14732 FlipShareServer ( UnsignedFile.Multi.Generic ) - User select action: Skip

17:43:51.0575 14732 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user

17:43:51.0575 14732 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip

17:43:51.0575 14732 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user

17:43:51.0575 14732 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip

17:43:51.0575 14732 TimesUpKidz ( UnsignedFile.Multi.Generic ) - skipped by user

17:43:51.0575 14732 TimesUpKidz ( UnsignedFile.Multi.Generic ) - User select action: Skip

17:43:52.0355 14732 \Device\Harddisk0\DR0\# - copied to quarantine

17:43:52.0355 14732 \Device\Harddisk0\DR0 - copied to quarantine

17:43:52.0417 14732 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine

17:43:52.0417 14732 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine

17:43:52.0433 14732 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine

17:43:52.0449 14732 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine

17:43:52.0449 14732 \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine

17:43:52.0449 14732 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine

17:43:52.0449 14732 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine

17:43:52.0449 14732 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine

17:43:52.0449 14732 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine

17:43:52.0464 14732 \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine

17:43:52.0464 14732 \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine

17:43:52.0464 14732 \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine

17:43:52.0511 14732 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - will be cured on reboot

17:43:52.0558 14732 \Device\Harddisk0\DR0 - ok

17:43:52.0792 14732 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Cure

17:43:52.0792 14732 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user

17:43:52.0792 14732 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

17:43:55.0350 19680 Deinitialize success

AdvancedSetup · June 18, 2012

Yes, that looks like you did it correctly.

You need to decide if you want to keep Webroot SecureAnywhere or Microsoft Security Essentials as they are both Anti-Virus products and you can only have one Anti-Virus product at a time installed as it will normally cause conflicts. Please uninstall one of them and update whichever one you keep and do a System Scan with it.

Also update Malwarebytes and do a Quick Scan with it as well and send me back both logs on your next reply.

Next, download Security Check from here or here.

Save it to your Desktop.
Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
A Notepad document should open automatically called checkup.txt; please post the contents of that document on your next reply.

Thanks

mullerfour · June 19, 2012

Hello!

OK. I uninstalled MSE. Scanned with Webroot and Malwarebytes (after updating), and am posting the malwarebytes log file, and the checkup.txt that you had me do. It won't let me post the webroot log file - too long? Awaiting further instruction...... Thank yoU!

Malwarebytes Anti-Malware (Trial) 1.61.0.1400

www.malwarebytes.org

Database version: v2012.06.19.06

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 9.0.8112.16421

four :: FOUR-HP [administrator]

Protection: Enabled

6/19/2012 3:19:10 PM

mbam-log-2012-06-19 (15-19-10).txt

Scan type: Quick scan

Scan options disabled: P2P

Objects scanned: 286516

Time elapsed: 5 minute(s), 6 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

Results of screen317's Security Check version 0.99.42

Windows 7 Service Pack 1 x64 (UAC is disabled!)

Internet Explorer 9

``````````````Antivirus/Firewall Check:``````````````

Windows Firewall Enabled!

Webroot SecureAnywhere

Antivirus up to date!

`````````Anti-malware/Other Utilities Check:`````````

Malwarebytes Anti-Malware version 1.61.0.1400

Java 6 Update 30

Java version out of Date!

Adobe Reader X (10.1.3)

Google Chrome 19.0.1084.52

Google Chrome 19.0.1084.56

````````Process Check: objlist.exe by Laurent````````

Malwarebytes Anti-Malware mbamservice.exe

Malwarebytes Anti-Malware mbamgui.exe

Symantec Norton Online Backup NOBuAgent.exe

`````````````````System Health check`````````````````

Total Fragmentation on Drive C: 0%

````````````````````End of Log``````````````````````

AdvancedSetup · June 20, 2012

Hi ,

Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system. Please follow these steps to remove older version Java components and update.

Download the latest version of Java Runtime Environment (JRE) 7 and Save it to your Desktop.

http://www.oracle.com/technetwork/java/javase/downloads/index.html

Scroll down to where it says Java SE 7u5

Click the Download button under JRE to the right.

Read the License Agreement then select Accept License Agreement

Click on the link to download Windows x86 Offline and save the file to your desktop.

Close any programs you may have running - especially your web browser.

Go to Start > Control Panel, double-click on Add or Remove Programs and remove all older versions of Java.

Check (highlight) any item with Java Runtime Environment (JRE or J2SE or Java 6) in the name.

Click the Remove or Change/Remove button.

Repeat as many times as necessary to remove each Java versions.

Reboot your computer once all Java components are removed.

Then from your desktop double-click on jre-7u5-windows-i586.exe to install the newest version.

After the install is complete, go into the Control Panel (using Classic View) and double-click the Java Icon. (looks like a coffee cup)

On the General tab, under Temporary Internet Files, click the Settings button.

Next, click on the Delete Files button

There are two options in the window to clear the cache - Leave BOTH Checked

Applications and Applets

Trace and Log Files

Click OK on Delete Temporary Files Window

Note: This deletes ALL the Downloaded Applications and Applets from the CACHE.

Click OK to leave the Temporary Files Window

Click OK to leave the Java Control Panel.

The Malwarebytes log looked clean. Are there still any IP blocks or other issues going on related to this with the computer?

mullerfour · June 20, 2012

OK, updated the Java and deleted the files per your instruction. All my scans come up clean, and there have been no IP blocks or anything - am I cured? I owe you a beer, for sure!

AdvancedSetup · June 20, 2012

If both Malwarebytes and your Anti-Virus scans are now all clean and no more IP blocks ongoing then I would say the system appears to be clean now.

Please see the following post So how did I get infected in the first place?

Then let me know if there are any other concerns or issues before we finish up and close our topic here.

Thanks

mullerfour · June 21, 2012

Hello!

Things still seem ok - no IP blocks, nothing found by anti-virus or Malwarebytes. I read the article and have taken some further steps to protect my computer. FYI, the browser security test link at the end of the article is no longer active....

I appear to have been cured! Again, I am extremely grateful for your guidance and assistance!

Maurice Naggar · June 26, 2012

Hello mullerfour,

Glad to see your system is well.

We can wrap this up now.

If you have a problem with these steps, or something does not quite work here, do let me know.

The following few steps will remove tools used.

Download OTC to your desktop and run it
Click Yes to beginning the Cleanup process and remove these components, including this application.
You will be asked to reboot the machine to finish the Cleanup process. Choose Yes.

Delete TDSSKILLER.exe if still present.

Safer practices & malware prevention

Have a hardware router between the incoming internet-modem and your computer.
Configure your Antivirus software to check for updates daily, at a time in which you are sure the computer will be on.
Check in at Windows Update and install any Critical Updates offered.
Make certain that Automatic Updates is enabled.
How to configure and use Automatic Updates in Windows
http://support.microsoft.com/kb/306525
Check on other update issues as well, visit Secunia Online Software Inspector (OSI)
See How to detect vulnerable and out-dated programs using Secunia Personal Software Inspector
Download, install, and keep updated Spyware Blaster (free): http://www.javacools...areblaster.html (all Protections should be enabled at all times)
I'd recommend that you get and use MVP Mike Burgess' custom hosts file http://mvps.org/winhelp2002/hosts.htm
See the FAQ page http://mvps.org/winh...02/hostsfaq.htm
That would help to keep your browser away from known spyware/malware sites.
Make regular backups of your system to removable media: DVD, USB external hard drive, etc.
Having a total image backup of your system stored on DVD/CD is highly important.
Get and make use of imaging-backup utilities and save them to offline media. That way you have something to fall back to if another disaster hits.
Examples of image backup software: Acronis True Image, or the free (for personal use) Macrium Reflect http://www.macrium.com/reflectfree.asp
or Paragon Backup & Recovery http://www.paragon-s...e/download.html
Consider using Web of Trust WOT add-on for your browser(s)
http://www.mywot.com/en/download
http://www.mywot.com/en/faq/add-on
On some regular schedule, it is a good idea to do an online scan for viruses and malware. Here is a very short list of sites where this may be done:
ESET Online Scanner
Panda ActiveScan
Trend Micro Housecall
F-Secure Online Scanner
See Six tips to help you stay safer online
Never, ever download free games, free tools, videos, mutli-media files or anything free unless you can be absolutely sure the source is safe !

Best regards.

screen317 · July 2, 2012

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

please help!

Recommended Posts

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Recently Browsing 0 members

Important Information