26 posts in this topic

MWB keeps blocking an IP address every couple minutes

Successfully blocked access to a potentially malicious website: 195.16.88.68 - updater.exe

Type: outgoing

Port: varies (many ports used as shown in log), Process: updater.exe

I've included a log for today (April 13th, 2012), and the requested files after running the DDS application. I've ran a scan with MWB and a couple things came up and deleted, but it keeps popping up. I don't know if I am infected or not, but I'd rather be safe than sorry, so any help would be greatly appreciated! :)

protection-log-2012-04-13.txtAttach.txtDDS.txt

Share this post


Link to post
Share on other sites

Hello and :welcome:

Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!

  • Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
    Vista/Windows 7 users right-click and select Run As Administrator.
  • If TDSSKiller does not run, try renaming it.
  • To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
  • Click the Start Scan button.
  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
  • A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the contents of that file in your next reply.

Share this post


Link to post
Share on other sites

16:36:12.0929 1900 TDSS rootkit removing tool 2.7.28.0 Apr 10 2012 16:54:05

16:36:13.0366 1900 ============================================================

16:36:13.0366 1900 Current date / time: 2012/04/14 16:36:13.0366

16:36:13.0366 1900 SystemInfo:

16:36:13.0366 1900

16:36:13.0366 1900 OS Version: 6.1.7601 ServicePack: 1.0

16:36:13.0366 1900 Product type: Workstation

16:36:13.0366 1900 ComputerName: OMX-PC

16:36:13.0366 1900 UserName: omx

16:36:13.0366 1900 Windows directory: C:\windows

16:36:13.0366 1900 System windows directory: C:\windows

16:36:13.0366 1900 Running under WOW64

16:36:13.0366 1900 Processor architecture: Intel x64

16:36:13.0366 1900 Number of processors: 4

16:36:13.0366 1900 Page size: 0x1000

16:36:13.0366 1900 Boot type: Normal boot

16:36:13.0366 1900 ============================================================

16:36:13.0834 1900 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

16:36:13.0881 1900 \Device\Harddisk0\DR0:

16:36:13.0881 1900 MBR used

16:36:13.0881 1900 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x4893B000

16:36:13.0912 1900 Initialize success

16:36:13.0912 1900 ============================================================

16:36:26.0236 1484 ============================================================

16:36:26.0236 1484 Scan started

16:36:26.0236 1484 Mode: Manual;

16:36:26.0236 1484 ============================================================

16:36:26.0501 1484 1394ohci (a87d604aea360176311474c87a63bb88) C:\windows\system32\drivers\1394ohci.sys

16:36:26.0501 1484 1394ohci - ok

16:36:26.0548 1484 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\windows\system32\drivers\ACPI.sys

16:36:26.0548 1484 ACPI - ok

16:36:26.0579 1484 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\windows\system32\drivers\acpipmi.sys

16:36:26.0579 1484 AcpiPmi - ok

16:36:26.0673 1484 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

16:36:26.0689 1484 AdobeARMservice - ok

16:36:26.0813 1484 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\windows\system32\drivers\adp94xx.sys

16:36:26.0829 1484 adp94xx - ok

16:36:26.0891 1484 adpahci (597f78224ee9224ea1a13d6350ced962) C:\windows\system32\drivers\adpahci.sys

16:36:26.0891 1484 adpahci - ok

16:36:26.0923 1484 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\windows\system32\drivers\adpu320.sys

16:36:26.0923 1484 adpu320 - ok

16:36:26.0969 1484 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\windows\System32\aelupsvc.dll

16:36:26.0969 1484 AeLookupSvc - ok

16:36:27.0047 1484 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\windows\system32\drivers\afd.sys

16:36:27.0047 1484 AFD - ok

16:36:27.0141 1484 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\windows\system32\drivers\agp440.sys

16:36:27.0141 1484 agp440 - ok

16:36:27.0157 1484 ALG (3290d6946b5e30e70414990574883ddb) C:\windows\System32\alg.exe

16:36:27.0157 1484 ALG - ok

16:36:27.0188 1484 aliide (5812713a477a3ad7363c7438ca2ee038) C:\windows\system32\drivers\aliide.sys

16:36:27.0188 1484 aliide - ok

16:36:27.0203 1484 amdide (1ff8b4431c353ce385c875f194924c0c) C:\windows\system32\drivers\amdide.sys

16:36:27.0203 1484 amdide - ok

16:36:27.0235 1484 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\windows\system32\drivers\amdk8.sys

16:36:27.0235 1484 AmdK8 - ok

16:36:27.0250 1484 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\windows\system32\drivers\amdppm.sys

16:36:27.0266 1484 AmdPPM - ok

16:36:27.0359 1484 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\windows\system32\drivers\amdsata.sys

16:36:27.0359 1484 amdsata - ok

16:36:27.0391 1484 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\windows\system32\drivers\amdsbs.sys

16:36:27.0406 1484 amdsbs - ok

16:36:27.0422 1484 amdxata (540daf1cea6094886d72126fd7c33048) C:\windows\system32\drivers\amdxata.sys

16:36:27.0422 1484 amdxata - ok

16:36:27.0547 1484 AOL ACS (85180cf88c5ebad73b452a43a004ca51) C:\Program Files (x86)\Common Files\AOL\ACS\AOLAcsd.exe

16:36:27.0547 1484 AOL ACS - ok

16:36:27.0625 1484 AppID (89a69c3f2f319b43379399547526d952) C:\windows\system32\drivers\appid.sys

16:36:27.0625 1484 AppID - ok

16:36:27.0656 1484 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\windows\System32\appidsvc.dll

16:36:27.0671 1484 AppIDSvc - ok

16:36:27.0687 1484 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\windows\System32\appinfo.dll

16:36:27.0703 1484 Appinfo - ok

16:36:27.0734 1484 arc (c484f8ceb1717c540242531db7845c4e) C:\windows\system32\drivers\arc.sys

16:36:27.0734 1484 arc - ok

16:36:27.0796 1484 arcsas (019af6924aefe7839f61c830227fe79c) C:\windows\system32\drivers\arcsas.sys

16:36:27.0812 1484 arcsas - ok

16:36:27.0843 1484 AsyncMac (769765ce2cc62867468cea93969b2242) C:\windows\system32\DRIVERS\asyncmac.sys

16:36:27.0843 1484 AsyncMac - ok

16:36:27.0874 1484 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\windows\system32\drivers\atapi.sys

16:36:27.0874 1484 atapi - ok

16:36:27.0952 1484 athr (b2931c83cfb12a3223a47b180473ae1a) C:\windows\system32\DRIVERS\athrx.sys

16:36:27.0999 1484 athr - ok

16:36:28.0077 1484 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\windows\System32\Audiosrv.dll

16:36:28.0093 1484 AudioEndpointBuilder - ok

16:36:28.0108 1484 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\windows\System32\Audiosrv.dll

16:36:28.0108 1484 AudioSrv - ok

16:36:28.0155 1484 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\windows\System32\AxInstSV.dll

16:36:28.0155 1484 AxInstSV - ok

16:36:28.0217 1484 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\windows\system32\drivers\bxvbda.sys

16:36:28.0233 1484 b06bdrv - ok

16:36:28.0295 1484 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\windows\system32\DRIVERS\b57nd60a.sys

16:36:28.0295 1484 b57nd60a - ok

16:36:28.0358 1484 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\windows\System32\bdesvc.dll

16:36:28.0358 1484 BDESVC - ok

16:36:28.0405 1484 Beep (16a47ce2decc9b099349a5f840654746) C:\windows\system32\drivers\Beep.sys

16:36:28.0405 1484 Beep - ok

16:36:28.0483 1484 BFE (82974d6a2fd19445cc5171fc378668a4) C:\windows\System32\bfe.dll

16:36:28.0498 1484 BFE - ok

16:36:28.0545 1484 BITS (1ea7969e3271cbc59e1730697dc74682) C:\windows\System32\qmgr.dll

16:36:28.0592 1484 BITS - ok

16:36:28.0654 1484 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\windows\system32\drivers\blbdrive.sys

16:36:28.0654 1484 blbdrive - ok

16:36:28.0685 1484 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\windows\system32\DRIVERS\bowser.sys

16:36:28.0701 1484 bowser - ok

16:36:28.0732 1484 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\windows\system32\drivers\BrFiltLo.sys

16:36:28.0732 1484 BrFiltLo - ok

16:36:28.0748 1484 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\windows\system32\drivers\BrFiltUp.sys

16:36:28.0748 1484 BrFiltUp - ok

16:36:28.0795 1484 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\windows\System32\browser.dll

16:36:28.0795 1484 Browser - ok

16:36:28.0841 1484 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\windows\System32\Drivers\Brserid.sys

16:36:28.0857 1484 Brserid - ok

16:36:28.0919 1484 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\windows\System32\Drivers\BrSerWdm.sys

16:36:28.0919 1484 BrSerWdm - ok

16:36:28.0966 1484 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\windows\System32\Drivers\BrUsbMdm.sys

16:36:28.0966 1484 BrUsbMdm - ok

16:36:28.0997 1484 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\windows\System32\Drivers\BrUsbSer.sys

16:36:28.0997 1484 BrUsbSer - ok

16:36:29.0060 1484 BTCFilterService - ok

16:36:29.0122 1484 BtFilter (2347abbd13bada65826fdab4caafe357) C:\windows\system32\DRIVERS\btfilter.sys

16:36:29.0138 1484 BtFilter - ok

16:36:29.0216 1484 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\windows\system32\drivers\bthmodem.sys

16:36:29.0216 1484 BTHMODEM - ok

16:36:29.0294 1484 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\windows\system32\bthserv.dll

16:36:29.0294 1484 bthserv - ok

16:36:29.0341 1484 cdfs (b8bd2bb284668c84865658c77574381a) C:\windows\system32\DRIVERS\cdfs.sys

16:36:29.0341 1484 cdfs - ok

16:36:29.0403 1484 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\windows\system32\DRIVERS\cdrom.sys

16:36:29.0434 1484 cdrom - ok

16:36:29.0481 1484 CeKbFilter (a965b206921c55f2d1481789d609b711) C:\windows\system32\DRIVERS\CeKbFilter.sys

16:36:29.0497 1484 CeKbFilter - ok

16:36:29.0543 1484 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\windows\System32\certprop.dll

16:36:29.0543 1484 CertPropSvc - ok

16:36:29.0606 1484 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\windows\system32\drivers\circlass.sys

16:36:29.0621 1484 circlass - ok

16:36:29.0637 1484 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\windows\system32\CLFS.sys

16:36:29.0653 1484 CLFS - ok

16:36:29.0684 1484 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

16:36:29.0699 1484 clr_optimization_v2.0.50727_32 - ok

16:36:29.0731 1484 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

16:36:29.0731 1484 clr_optimization_v2.0.50727_64 - ok

16:36:29.0793 1484 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

16:36:29.0824 1484 clr_optimization_v4.0.30319_32 - ok

16:36:29.0871 1484 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

16:36:29.0887 1484 clr_optimization_v4.0.30319_64 - ok

16:36:29.0949 1484 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\windows\system32\drivers\CmBatt.sys

16:36:29.0949 1484 CmBatt - ok

16:36:29.0980 1484 cmdide (e19d3f095812725d88f9001985b94edd) C:\windows\system32\drivers\cmdide.sys

16:36:29.0980 1484 cmdide - ok

16:36:30.0058 1484 CNG (c4943b6c962e4b82197542447ad599f4) C:\windows\system32\Drivers\cng.sys

16:36:30.0074 1484 CNG - ok

16:36:30.0152 1484 Compbatt (102de219c3f61415f964c88e9085ad14) C:\windows\system32\drivers\compbatt.sys

16:36:30.0152 1484 Compbatt - ok

16:36:30.0183 1484 CompositeBus (03edb043586cceba243d689bdda370a8) C:\windows\system32\drivers\CompositeBus.sys

16:36:30.0183 1484 CompositeBus - ok

16:36:30.0214 1484 COMSysApp - ok

16:36:30.0292 1484 cpuz135 (c08063f052308b6f5882482615387f30) C:\windows\system32\drivers\cpuz135_x64.sys

16:36:30.0292 1484 cpuz135 - ok

16:36:30.0355 1484 crcdisk (1c827878a998c18847245fe1f34ee597) C:\windows\system32\drivers\crcdisk.sys

16:36:30.0355 1484 crcdisk - ok

16:36:30.0433 1484 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\windows\system32\cryptsvc.dll

16:36:30.0448 1484 CryptSvc - ok

16:36:30.0557 1484 cvhsvc (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE

16:36:30.0573 1484 cvhsvc - ok

16:36:30.0667 1484 dc3d (1ca90212a99db6975c344826d11055c9) C:\windows\system32\DRIVERS\dc3d.sys

16:36:30.0667 1484 dc3d - ok

16:36:30.0729 1484 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\windows\system32\rpcss.dll

16:36:30.0760 1484 DcomLaunch - ok

16:36:30.0807 1484 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\windows\System32\defragsvc.dll

16:36:30.0807 1484 defragsvc - ok

16:36:30.0838 1484 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\windows\system32\Drivers\dfsc.sys

16:36:30.0838 1484 DfsC - ok

16:36:30.0916 1484 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\windows\system32\dhcpcore.dll

16:36:30.0916 1484 Dhcp - ok

16:36:30.0947 1484 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\windows\system32\drivers\discache.sys

16:36:30.0947 1484 discache - ok

16:36:30.0963 1484 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\windows\system32\drivers\disk.sys

16:36:30.0979 1484 Disk - ok

16:36:31.0057 1484 DiskManager (39bbdf25986d56fffebec8bdee8a1d5d) C:\DiskManager\Updater.exe

16:36:31.0072 1484 DiskManager - ok

16:36:31.0135 1484 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\windows\System32\dnsrslvr.dll

16:36:31.0135 1484 Dnscache - ok

16:36:31.0166 1484 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\windows\System32\dot3svc.dll

16:36:31.0166 1484 dot3svc - ok

16:36:31.0197 1484 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\windows\system32\dps.dll

16:36:31.0197 1484 DPS - ok

16:36:31.0244 1484 drmkaud (9b19f34400d24df84c858a421c205754) C:\windows\system32\drivers\drmkaud.sys

16:36:31.0244 1484 drmkaud - ok

16:36:31.0306 1484 dtsoftbus01 (821bf177a24172f5f0ee9b322f58516c) C:\windows\system32\DRIVERS\dtsoftbus01.sys

16:36:31.0306 1484 dtsoftbus01 - ok

16:36:31.0400 1484 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\windows\System32\drivers\dxgkrnl.sys

16:36:31.0415 1484 DXGKrnl - ok

16:36:31.0462 1484 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\windows\System32\eapsvc.dll

16:36:31.0462 1484 EapHost - ok

16:36:31.0571 1484 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\windows\system32\drivers\evbda.sys

16:36:31.0618 1484 ebdrv - ok

16:36:31.0696 1484 EFS (c118a82cd78818c29ab228366ebf81c3) C:\windows\System32\lsass.exe

16:36:31.0696 1484 EFS - ok

16:36:31.0743 1484 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\windows\ehome\ehRecvr.exe

16:36:31.0759 1484 ehRecvr - ok

16:36:31.0774 1484 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\windows\ehome\ehsched.exe

16:36:31.0774 1484 ehSched - ok

16:36:31.0837 1484 elxstor (0e5da5369a0fcaea12456dd852545184) C:\windows\system32\drivers\elxstor.sys

16:36:31.0837 1484 elxstor - ok

16:36:31.0899 1484 ErrDev (34a3c54752046e79a126e15c51db409b) C:\windows\system32\drivers\errdev.sys

16:36:31.0899 1484 ErrDev - ok

16:36:31.0961 1484 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\windows\system32\es.dll

16:36:31.0961 1484 EventSystem - ok

16:36:31.0993 1484 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\windows\system32\drivers\exfat.sys

16:36:32.0008 1484 exfat - ok

16:36:32.0039 1484 fastfat (0adc83218b66a6db380c330836f3e36d) C:\windows\system32\drivers\fastfat.sys

16:36:32.0055 1484 fastfat - ok

16:36:32.0117 1484 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\windows\system32\fxssvc.exe

16:36:32.0133 1484 Fax - ok

16:36:32.0180 1484 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\windows\system32\drivers\fdc.sys

16:36:32.0180 1484 fdc - ok

16:36:32.0211 1484 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\windows\system32\fdPHost.dll

16:36:32.0227 1484 fdPHost - ok

16:36:32.0242 1484 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\windows\system32\fdrespub.dll

16:36:32.0242 1484 FDResPub - ok

16:36:32.0289 1484 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\windows\system32\drivers\fileinfo.sys

16:36:32.0289 1484 FileInfo - ok

16:36:32.0351 1484 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\windows\system32\drivers\filetrace.sys

16:36:32.0351 1484 Filetrace - ok

16:36:32.0383 1484 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\windows\system32\drivers\flpydisk.sys

16:36:32.0383 1484 flpydisk - ok

16:36:32.0414 1484 FltMgr (da6b67270fd9db3697b20fce94950741) C:\windows\system32\drivers\fltmgr.sys

16:36:32.0414 1484 FltMgr - ok

16:36:32.0461 1484 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\windows\system32\FntCache.dll

16:36:32.0476 1484 FontCache - ok

16:36:32.0523 1484 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

16:36:32.0523 1484 FontCache3.0.0.0 - ok

16:36:32.0585 1484 FsDepends (d43703496149971890703b4b1b723eac) C:\windows\system32\drivers\FsDepends.sys

16:36:32.0601 1484 FsDepends - ok

16:36:32.0632 1484 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\windows\system32\drivers\Fs_Rec.sys

16:36:32.0632 1484 Fs_Rec - ok

16:36:32.0663 1484 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\windows\system32\DRIVERS\fvevol.sys

16:36:32.0663 1484 fvevol - ok

16:36:32.0726 1484 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\windows\system32\drivers\gagp30kx.sys

16:36:32.0726 1484 gagp30kx - ok

16:36:32.0804 1484 GamesAppService (c403c5db49a0f9aaf4f2128edc0106d8) C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe

16:36:32.0819 1484 GamesAppService - ok

16:36:32.0897 1484 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\windows\System32\gpsvc.dll

16:36:32.0913 1484 gpsvc - ok

16:36:32.0975 1484 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

16:36:32.0975 1484 gupdate - ok

16:36:32.0991 1484 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

16:36:33.0007 1484 gupdatem - ok

16:36:33.0053 1484 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

16:36:33.0053 1484 gusvc - ok

16:36:33.0131 1484 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\windows\system32\drivers\hcw85cir.sys

16:36:33.0131 1484 hcw85cir - ok

16:36:33.0178 1484 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\windows\system32\drivers\HdAudio.sys

16:36:33.0194 1484 HdAudAddService - ok

16:36:33.0241 1484 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\windows\system32\drivers\HDAudBus.sys

16:36:33.0241 1484 HDAudBus - ok

16:36:33.0256 1484 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\windows\system32\drivers\HidBatt.sys

16:36:33.0256 1484 HidBatt - ok

16:36:33.0272 1484 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\windows\system32\drivers\hidbth.sys

16:36:33.0272 1484 HidBth - ok

16:36:33.0350 1484 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\windows\system32\drivers\hidir.sys

16:36:33.0350 1484 HidIr - ok

16:36:33.0381 1484 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\windows\system32\hidserv.dll

16:36:33.0381 1484 hidserv - ok

16:36:33.0428 1484 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\windows\system32\DRIVERS\hidusb.sys

16:36:33.0428 1484 HidUsb - ok

16:36:33.0459 1484 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\windows\system32\kmsvc.dll

16:36:33.0459 1484 hkmsvc - ok

16:36:33.0521 1484 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\windows\system32\ListSvc.dll

16:36:33.0521 1484 HomeGroupListener - ok

16:36:33.0553 1484 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\windows\system32\provsvc.dll

16:36:33.0553 1484 HomeGroupProvider - ok

16:36:33.0615 1484 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\windows\system32\drivers\HpSAMD.sys

16:36:33.0615 1484 HpSAMD - ok

16:36:33.0662 1484 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\windows\system32\drivers\HTTP.sys

16:36:33.0677 1484 HTTP - ok

16:36:33.0724 1484 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\windows\system32\drivers\hwpolicy.sys

16:36:33.0724 1484 hwpolicy - ok

16:36:33.0755 1484 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\windows\system32\drivers\i8042prt.sys

16:36:33.0755 1484 i8042prt - ok

16:36:33.0818 1484 iaStor (d469b77687e12fe43e344806740b624d) C:\windows\system32\DRIVERS\iaStor.sys

16:36:33.0818 1484 iaStor - ok

16:36:33.0880 1484 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\windows\system32\drivers\iaStorV.sys

16:36:33.0896 1484 iaStorV - ok

16:36:33.0989 1484 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

16:36:34.0005 1484 idsvc - ok

16:36:34.0270 1484 igfx (370c2a8629b30f910f740387795ddc6f) C:\windows\system32\DRIVERS\igdkmd64.sys

16:36:34.0489 1484 igfx - ok

16:36:34.0567 1484 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\windows\system32\drivers\iirsp.sys

16:36:34.0567 1484 iirsp - ok

16:36:34.0613 1484 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\windows\System32\ikeext.dll

16:36:34.0629 1484 IKEEXT - ok

16:36:34.0707 1484 IntcAzAudAddService (a1fa448078c94e4d011ebd241821ff9e) C:\windows\system32\drivers\RTKVHD64.sys

16:36:34.0754 1484 IntcAzAudAddService - ok

16:36:34.0847 1484 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\windows\system32\DRIVERS\IntcDAud.sys

16:36:34.0847 1484 IntcDAud - ok

16:36:34.0879 1484 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\windows\system32\drivers\intelide.sys

16:36:34.0879 1484 intelide - ok

16:36:34.0910 1484 intelppm (ada036632c664caa754079041cf1f8c1) C:\windows\system32\DRIVERS\intelppm.sys

16:36:34.0910 1484 intelppm - ok

16:36:34.0941 1484 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\windows\system32\ipbusenum.dll

16:36:34.0941 1484 IPBusEnum - ok

16:36:34.0972 1484 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\windows\system32\DRIVERS\ipfltdrv.sys

16:36:34.0972 1484 IpFilterDriver - ok

16:36:35.0050 1484 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\windows\System32\iphlpsvc.dll

16:36:35.0066 1484 iphlpsvc - ok

16:36:35.0097 1484 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\windows\system32\drivers\IPMIDrv.sys

16:36:35.0113 1484 IPMIDRV - ok

16:36:35.0128 1484 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\windows\system32\drivers\ipnat.sys

16:36:35.0144 1484 IPNAT - ok

16:36:35.0175 1484 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\windows\system32\drivers\irenum.sys

16:36:35.0175 1484 IRENUM - ok

16:36:35.0191 1484 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\windows\system32\drivers\isapnp.sys

16:36:35.0206 1484 isapnp - ok

16:36:35.0269 1484 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\windows\system32\drivers\msiscsi.sys

16:36:35.0284 1484 iScsiPrt - ok

16:36:35.0331 1484 JMCR (935301dd8306ceeaef0b84dd6abffdc6) C:\windows\system32\DRIVERS\jmcr.sys

16:36:35.0331 1484 JMCR - ok

16:36:35.0378 1484 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\windows\system32\DRIVERS\kbdclass.sys

16:36:35.0378 1484 kbdclass - ok

16:36:35.0440 1484 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\windows\system32\DRIVERS\kbdhid.sys

16:36:35.0440 1484 kbdhid - ok

16:36:35.0487 1484 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe

16:36:35.0487 1484 KeyIso - ok

16:36:35.0518 1484 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\windows\system32\Drivers\ksecdd.sys

16:36:35.0518 1484 KSecDD - ok

16:36:35.0534 1484 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\windows\system32\Drivers\ksecpkg.sys

16:36:35.0549 1484 KSecPkg - ok

16:36:35.0581 1484 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\windows\system32\drivers\ksthunk.sys

16:36:35.0581 1484 ksthunk - ok

16:36:35.0659 1484 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\windows\system32\msdtckrm.dll

16:36:35.0659 1484 KtmRm - ok

16:36:35.0705 1484 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\windows\system32\srvsvc.dll

16:36:35.0721 1484 LanmanServer - ok

16:36:35.0737 1484 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\windows\System32\wkssvc.dll

16:36:35.0752 1484 LanmanWorkstation - ok

16:36:35.0815 1484 lltdio (1538831cf8ad2979a04c423779465827) C:\windows\system32\DRIVERS\lltdio.sys

16:36:35.0815 1484 lltdio - ok

16:36:35.0877 1484 lltdsvc (c1185803384ab3feed115f79f109427f) C:\windows\System32\lltdsvc.dll

16:36:35.0877 1484 lltdsvc - ok

16:36:35.0908 1484 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\windows\System32\lmhsvc.dll

16:36:35.0908 1484 lmhosts - ok

16:36:35.0971 1484 LMS (50c7ce53ef461870410355f1f2e7d515) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

16:36:35.0986 1484 LMS - ok

16:36:36.0017 1484 LPCFilter (2825a71e7501cb33b3b9f856610c729d) C:\windows\system32\DRIVERS\LPCFilter.sys

16:36:36.0017 1484 LPCFilter - ok

16:36:36.0095 1484 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\windows\system32\drivers\lsi_fc.sys

16:36:36.0095 1484 LSI_FC - ok

16:36:36.0111 1484 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\windows\system32\drivers\lsi_sas.sys

16:36:36.0127 1484 LSI_SAS - ok

16:36:36.0142 1484 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\windows\system32\drivers\lsi_sas2.sys

16:36:36.0142 1484 LSI_SAS2 - ok

16:36:36.0173 1484 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\windows\system32\drivers\lsi_scsi.sys

16:36:36.0173 1484 LSI_SCSI - ok

16:36:36.0205 1484 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\windows\system32\drivers\luafv.sys

16:36:36.0205 1484 luafv - ok

16:36:36.0314 1484 MBAMProtector (dbc08862a71459e74f7538b432c114cc) C:\windows\system32\drivers\mbam.sys

16:36:36.0314 1484 MBAMProtector - ok

16:36:36.0392 1484 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

16:36:36.0407 1484 MBAMService - ok

16:36:36.0439 1484 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\windows\system32\Mcx2Svc.dll

16:36:36.0439 1484 Mcx2Svc - ok

16:36:36.0470 1484 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\windows\system32\drivers\megasas.sys

16:36:36.0470 1484 megasas - ok

16:36:36.0548 1484 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\windows\system32\drivers\MegaSR.sys

16:36:36.0548 1484 MegaSR - ok

16:36:36.0595 1484 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\windows\system32\DRIVERS\HECIx64.sys

16:36:36.0595 1484 MEIx64 - ok

16:36:36.0657 1484 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll

16:36:36.0657 1484 MMCSS - ok

16:36:36.0719 1484 Modem (800ba92f7010378b09f9ed9270f07137) C:\windows\system32\drivers\modem.sys

16:36:36.0719 1484 Modem - ok

16:36:36.0735 1484 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\windows\system32\DRIVERS\monitor.sys

16:36:36.0735 1484 monitor - ok

16:36:36.0766 1484 motccgp - ok

16:36:36.0782 1484 motccgpfl - ok

16:36:36.0813 1484 motmodem - ok

16:36:36.0891 1484 MotoHelper (9dfd34e6841c460b5d992a1c5327ae69) C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe

16:36:36.0891 1484 MotoHelper - ok

16:36:36.0938 1484 MotoSwitchService - ok

16:36:36.0953 1484 Motousbnet - ok

16:36:36.0969 1484 motusbdevice - ok

16:36:37.0000 1484 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\windows\system32\DRIVERS\mouclass.sys

16:36:37.0000 1484 mouclass - ok

16:36:37.0031 1484 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\windows\system32\DRIVERS\mouhid.sys

16:36:37.0047 1484 mouhid - ok

16:36:37.0078 1484 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\windows\system32\drivers\mountmgr.sys

16:36:37.0094 1484 mountmgr - ok

16:36:37.0172 1484 MpFilter (c177a7ebf5e8a0b596f618870516cab8) C:\windows\system32\DRIVERS\MpFilter.sys

16:36:37.0172 1484 MpFilter - ok

16:36:37.0234 1484 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\windows\system32\drivers\mpio.sys

16:36:37.0250 1484 mpio - ok

16:36:37.0281 1484 MpNWMon (8fbf6b31fe8af1833d93c5913d5b4d55) C:\windows\system32\DRIVERS\MpNWMon.sys

16:36:37.0281 1484 MpNWMon - ok

16:36:37.0312 1484 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\windows\system32\drivers\mpsdrv.sys

16:36:37.0312 1484 mpsdrv - ok

16:36:37.0375 1484 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\windows\system32\mpssvc.dll

16:36:37.0406 1484 MpsSvc - ok

16:36:37.0437 1484 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\windows\system32\drivers\mrxdav.sys

16:36:37.0453 1484 MRxDAV - ok

16:36:37.0484 1484 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\windows\system32\DRIVERS\mrxsmb.sys

16:36:37.0499 1484 mrxsmb - ok

16:36:37.0515 1484 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\windows\system32\DRIVERS\mrxsmb10.sys

16:36:37.0531 1484 mrxsmb10 - ok

16:36:37.0562 1484 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\windows\system32\DRIVERS\mrxsmb20.sys

16:36:37.0577 1484 mrxsmb20 - ok

16:36:37.0609 1484 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\windows\system32\DRIVERS\msahci.sys

16:36:37.0609 1484 msahci - ok

16:36:37.0655 1484 msdsm (db801a638d011b9633829eb6f663c900) C:\windows\system32\drivers\msdsm.sys

16:36:37.0655 1484 msdsm - ok

16:36:37.0687 1484 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\windows\System32\msdtc.exe

16:36:37.0687 1484 MSDTC - ok

16:36:37.0749 1484 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\windows\system32\drivers\Msfs.sys

16:36:37.0749 1484 Msfs - ok

16:36:37.0811 1484 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\windows\System32\drivers\mshidkmdf.sys

16:36:37.0811 1484 mshidkmdf - ok

16:36:37.0843 1484 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\windows\system32\drivers\msisadrv.sys

16:36:37.0843 1484 msisadrv - ok

16:36:37.0874 1484 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\windows\system32\iscsiexe.dll

16:36:37.0874 1484 MSiSCSI - ok

16:36:37.0905 1484 msiserver - ok

16:36:37.0936 1484 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\windows\system32\drivers\MSKSSRV.sys

16:36:37.0936 1484 MSKSSRV - ok

16:36:38.0030 1484 MsMpSvc (157e9e498206a3366baa7e4697bdd947) c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe

16:36:38.0030 1484 MsMpSvc - ok

16:36:38.0108 1484 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\windows\system32\drivers\MSPCLOCK.sys

16:36:38.0108 1484 MSPCLOCK - ok

16:36:38.0155 1484 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\windows\system32\drivers\MSPQM.sys

16:36:38.0155 1484 MSPQM - ok

16:36:38.0186 1484 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\windows\system32\drivers\MsRPC.sys

16:36:38.0186 1484 MsRPC - ok

16:36:38.0217 1484 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\windows\system32\drivers\mssmbios.sys

16:36:38.0217 1484 mssmbios - ok

16:36:38.0233 1484 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\windows\system32\drivers\MSTEE.sys

16:36:38.0248 1484 MSTEE - ok

16:36:38.0264 1484 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\windows\system32\drivers\MTConfig.sys

16:36:38.0264 1484 MTConfig - ok

16:36:38.0326 1484 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\windows\system32\Drivers\mup.sys

16:36:38.0326 1484 Mup - ok

16:36:38.0373 1484 napagent (582ac6d9873e31dfa28a4547270862dd) C:\windows\system32\qagentRT.dll

16:36:38.0373 1484 napagent - ok

16:36:38.0420 1484 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\windows\system32\DRIVERS\nwifi.sys

16:36:38.0435 1484 NativeWifiP - ok

16:36:38.0467 1484 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\windows\system32\drivers\ndis.sys

16:36:38.0498 1484 NDIS - ok

16:36:38.0560 1484 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\windows\system32\DRIVERS\ndiscap.sys

16:36:38.0560 1484 NdisCap - ok

16:36:38.0607 1484 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\windows\system32\DRIVERS\ndistapi.sys

16:36:38.0607 1484 NdisTapi - ok

16:36:38.0623 1484 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\windows\system32\DRIVERS\ndisuio.sys

16:36:38.0638 1484 Ndisuio - ok

16:36:38.0654 1484 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\windows\system32\DRIVERS\ndiswan.sys

16:36:38.0669 1484 NdisWan - ok

16:36:38.0685 1484 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\windows\system32\drivers\NDProxy.sys

16:36:38.0685 1484 NDProxy - ok

16:36:38.0779 1484 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\windows\system32\DRIVERS\netbios.sys

16:36:38.0779 1484 NetBIOS - ok

16:36:38.0794 1484 NetBT (09594d1089c523423b32a4229263f068) C:\windows\system32\DRIVERS\netbt.sys

16:36:38.0810 1484 NetBT - ok

16:36:38.0857 1484 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe

16:36:38.0857 1484 Netlogon - ok

16:36:38.0903 1484 Netman (847d3ae376c0817161a14a82c8922a9e) C:\windows\System32\netman.dll

16:36:38.0919 1484 Netman - ok

16:36:38.0981 1484 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\windows\System32\netprofm.dll

16:36:38.0981 1484 netprofm - ok

16:36:39.0028 1484 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe

16:36:39.0028 1484 NetTcpPortSharing - ok

16:36:39.0091 1484 nfrd960 (77889813be4d166cdab78ddba990da92) C:\windows\system32\drivers\nfrd960.sys

16:36:39.0106 1484 nfrd960 - ok

16:36:39.0137 1484 NisDrv (5f7d72cbcdd025af1f38fdeee5646968) C:\windows\system32\DRIVERS\NisDrvWFP.sys

16:36:39.0137 1484 NisDrv - ok

16:36:39.0231 1484 NisSrv (566ddd5d82520da01d75f81428ac4c38) c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe

16:36:39.0247 1484 NisSrv - ok

16:36:39.0325 1484 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\windows\System32\nlasvc.dll

16:36:39.0340 1484 NlaSvc - ok

16:36:39.0371 1484 Norton PC Checkup Application Launcher - ok

16:36:39.0418 1484 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\windows\system32\drivers\Npfs.sys

16:36:39.0418 1484 Npfs - ok

16:36:39.0434 1484 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\windows\system32\nsisvc.dll

16:36:39.0449 1484 nsi - ok

16:36:39.0465 1484 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\windows\system32\drivers\nsiproxy.sys

16:36:39.0465 1484 nsiproxy - ok

16:36:39.0590 1484 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\windows\system32\drivers\Ntfs.sys

16:36:39.0621 1484 Ntfs - ok

16:36:39.0652 1484 Null (9899284589f75fa8724ff3d16aed75c1) C:\windows\system32\drivers\Null.sys

16:36:39.0652 1484 Null - ok

16:36:39.0683 1484 nusb3hub (0ebc9d13cd96c15b1b18d8678a609e4b) C:\windows\system32\DRIVERS\nusb3hub.sys

16:36:39.0699 1484 nusb3hub - ok

16:36:39.0715 1484 nusb3xhc (7bdec000d56d485021d9c1e63c2f81ca) C:\windows\system32\DRIVERS\nusb3xhc.sys

16:36:39.0715 1484 nusb3xhc - ok

16:36:40.0042 1484 nvlddmkm (685cc16c261952f833ef56af4ec3bf0d) C:\windows\system32\DRIVERS\nvlddmkm.sys

16:36:40.0245 1484 nvlddmkm - ok

16:36:40.0339 1484 nvpciflt (d9c08f27936810db50363fdcf2496d0e) C:\windows\system32\DRIVERS\nvpciflt.sys

16:36:40.0339 1484 nvpciflt - ok

16:36:40.0401 1484 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\windows\system32\drivers\nvraid.sys

16:36:40.0401 1484 nvraid - ok

16:36:40.0432 1484 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\windows\system32\drivers\nvstor.sys

16:36:40.0432 1484 nvstor - ok

16:36:40.0479 1484 NVSvc (9ec6631832cebe137cbfed2d9186b76e) C:\windows\system32\nvvsvc.exe

16:36:40.0495 1484 NVSvc - ok

16:36:40.0588 1484 nvUpdatusService (6336a844fb153957dfbb1652ad5b46bb) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

16:36:40.0604 1484 nvUpdatusService - ok

16:36:40.0682 1484 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\windows\system32\drivers\nv_agp.sys

16:36:40.0682 1484 nv_agp - ok

16:36:40.0697 1484 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\windows\system32\drivers\ohci1394.sys

16:36:40.0697 1484 ohci1394 - ok

16:36:40.0775 1484 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

16:36:40.0791 1484 ose - ok

16:36:40.0994 1484 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

16:36:41.0041 1484 osppsvc - ok

16:36:41.0119 1484 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll

16:36:41.0134 1484 p2pimsvc - ok

16:36:41.0165 1484 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\windows\system32\p2psvc.dll

16:36:41.0181 1484 p2psvc - ok

16:36:41.0212 1484 Parport (0086431c29c35be1dbc43f52cc273887) C:\windows\system32\drivers\parport.sys

16:36:41.0212 1484 Parport - ok

16:36:41.0228 1484 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\windows\system32\drivers\partmgr.sys

16:36:41.0228 1484 partmgr - ok

16:36:41.0259 1484 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\windows\System32\pcasvc.dll

16:36:41.0259 1484 PcaSvc - ok

16:36:41.0306 1484 PCCUJobMgr (2f86be1818c2d7ac90478e3323ee7fcb) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\ccSvcHst.exe

16:36:41.0306 1484 PCCUJobMgr - ok

16:36:41.0368 1484 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\windows\system32\drivers\pci.sys

16:36:41.0368 1484 pci - ok

16:36:41.0384 1484 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\windows\system32\DRIVERS\pciide.sys

16:36:41.0384 1484 pciide - ok

16:36:41.0431 1484 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\windows\system32\drivers\pcmcia.sys

16:36:41.0431 1484 pcmcia - ok

16:36:41.0446 1484 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\windows\system32\drivers\pcw.sys

16:36:41.0462 1484 pcw - ok

16:36:41.0477 1484 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\windows\system32\drivers\peauth.sys

16:36:41.0493 1484 PEAUTH - ok

16:36:41.0540 1484 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\windows\SysWow64\perfhost.exe

16:36:41.0540 1484 PerfHost - ok

16:36:41.0633 1484 PGEffect (91111cebbde8015e822c46120ed9537c) C:\windows\system32\DRIVERS\pgeffect.sys

16:36:41.0633 1484 PGEffect - ok

16:36:41.0696 1484 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\windows\system32\pla.dll

16:36:41.0711 1484 pla - ok

16:36:41.0758 1484 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\windows\system32\umpnpmgr.dll

16:36:41.0758 1484 PlugPlay - ok

16:36:41.0821 1484 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\windows\system32\pnrpauto.dll

16:36:41.0821 1484 PNRPAutoReg - ok

16:36:41.0836 1484 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll

16:36:41.0836 1484 PNRPsvc - ok

16:36:41.0899 1484 Point64 (4f0878fd62d5f7444c5f1c4c66d9d293) C:\windows\system32\DRIVERS\point64.sys

16:36:41.0899 1484 Point64 - ok

16:36:41.0930 1484 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\windows\System32\ipsecsvc.dll

16:36:41.0930 1484 PolicyAgent - ok

16:36:41.0961 1484 Power (6ba9d927dded70bd1a9caded45f8b184) C:\windows\system32\umpo.dll

16:36:41.0977 1484 Power - ok

16:36:42.0039 1484 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\windows\system32\DRIVERS\raspptp.sys

16:36:42.0039 1484 PptpMiniport - ok

16:36:42.0070 1484 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\windows\system32\drivers\processr.sys

16:36:42.0070 1484 Processor - ok

16:36:42.0101 1484 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\windows\system32\profsvc.dll

16:36:42.0101 1484 ProfSvc - ok

16:36:42.0148 1484 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe

16:36:42.0148 1484 ProtectedStorage - ok

16:36:42.0179 1484 Psched (0557cf5a2556bd58e26384169d72438d) C:\windows\system32\DRIVERS\pacer.sys

16:36:42.0179 1484 Psched - ok

16:36:42.0257 1484 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\windows\system32\drivers\ql2300.sys

16:36:42.0273 1484 ql2300 - ok

16:36:42.0320 1484 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\windows\system32\drivers\ql40xx.sys

16:36:42.0320 1484 ql40xx - ok

16:36:42.0351 1484 QWAVE (906191634e99aea92c4816150bda3732) C:\windows\system32\qwave.dll

16:36:42.0367 1484 QWAVE - ok

16:36:42.0398 1484 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\windows\system32\drivers\qwavedrv.sys

16:36:42.0398 1484 QWAVEdrv - ok

16:36:42.0460 1484 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\windows\system32\DRIVERS\rasacd.sys

16:36:42.0460 1484 RasAcd - ok

16:36:42.0491 1484 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\windows\system32\DRIVERS\AgileVpn.sys

16:36:42.0491 1484 RasAgileVpn - ok

16:36:42.0523 1484 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\windows\System32\rasauto.dll

16:36:42.0523 1484 RasAuto - ok

16:36:42.0554 1484 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\windows\system32\DRIVERS\rasl2tp.sys

16:36:42.0554 1484 Rasl2tp - ok

16:36:42.0616 1484 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\windows\System32\rasmans.dll

16:36:42.0632 1484 RasMan - ok

16:36:42.0694 1484 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\windows\system32\DRIVERS\raspppoe.sys

16:36:42.0694 1484 RasPppoe - ok

16:36:42.0725 1484 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\windows\system32\DRIVERS\rassstp.sys

16:36:42.0725 1484 RasSstp - ok

16:36:42.0788 1484 rdbss (77f665941019a1594d887a74f301fa2f) C:\windows\system32\DRIVERS\rdbss.sys

16:36:42.0803 1484 rdbss - ok

16:36:42.0819 1484 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\windows\system32\drivers\rdpbus.sys

16:36:42.0819 1484 rdpbus - ok

16:36:42.0850 1484 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\windows\system32\DRIVERS\RDPCDD.sys

16:36:42.0850 1484 RDPCDD - ok

16:36:42.0913 1484 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\windows\system32\drivers\rdpencdd.sys

16:36:42.0913 1484 RDPENCDD - ok

16:36:42.0928 1484 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\windows\system32\drivers\rdprefmp.sys

16:36:42.0928 1484 RDPREFMP - ok

16:36:42.0959 1484 RDPWD (6d76e6433574b058adcb0c50df834492) C:\windows\system32\drivers\RDPWD.sys

16:36:42.0975 1484 RDPWD - ok

16:36:43.0006 1484 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\windows\system32\drivers\rdyboost.sys

16:36:43.0022 1484 rdyboost - ok

16:36:43.0053 1484 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\windows\System32\mprdim.dll

16:36:43.0053 1484 RemoteAccess - ok

16:36:43.0131 1484 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\windows\system32\regsvc.dll

16:36:43.0147 1484 RemoteRegistry - ok

16:36:43.0162 1484 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\windows\System32\RpcEpMap.dll

16:36:43.0162 1484 RpcEptMapper - ok

16:36:43.0193 1484 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\windows\system32\locator.exe

16:36:43.0193 1484 RpcLocator - ok

16:36:43.0225 1484 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\windows\system32\rpcss.dll

16:36:43.0240 1484 RpcSs - ok

16:36:43.0271 1484 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\windows\system32\DRIVERS\rspndr.sys

16:36:43.0287 1484 rspndr - ok

16:36:43.0365 1484 RTL8167 (ee082e06a82ff630351d1e0ebbd3d8d0) C:\windows\system32\DRIVERS\Rt64win7.sys

16:36:43.0381 1484 RTL8167 - ok

16:36:43.0412 1484 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe

16:36:43.0412 1484 SamSs - ok

16:36:43.0443 1484 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\windows\system32\drivers\sbp2port.sys

16:36:43.0443 1484 sbp2port - ok

16:36:43.0474 1484 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\windows\System32\SCardSvr.dll

16:36:43.0474 1484 SCardSvr - ok

16:36:43.0521 1484 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\windows\system32\DRIVERS\scfilter.sys

16:36:43.0521 1484 scfilter - ok

16:36:43.0615 1484 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\windows\system32\schedsvc.dll

16:36:43.0630 1484 Schedule - ok

16:36:43.0661 1484 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\windows\System32\certprop.dll

16:36:43.0661 1484 SCPolicySvc - ok

16:36:43.0693 1484 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\windows\system32\DRIVERS\sdbus.sys

16:36:43.0693 1484 sdbus - ok

16:36:43.0724 1484 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\windows\System32\SDRSVC.dll

16:36:43.0724 1484 SDRSVC - ok

16:36:43.0817 1484 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\windows\system32\drivers\secdrv.sys

16:36:43.0817 1484 secdrv - ok

16:36:43.0849 1484 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\windows\system32\seclogon.dll

16:36:43.0849 1484 seclogon - ok

16:36:43.0880 1484 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\windows\System32\sens.dll

16:36:43.0895 1484 SENS - ok

16:36:43.0927 1484 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\windows\system32\sensrsvc.dll

16:36:43.0927 1484 SensrSvc - ok

16:36:43.0989 1484 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\windows\system32\drivers\serenum.sys

16:36:43.0989 1484 Serenum - ok

16:36:44.0051 1484 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\windows\system32\drivers\serial.sys

16:36:44.0051 1484 Serial - ok

16:36:44.0098 1484 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\windows\system32\drivers\sermouse.sys

16:36:44.0098 1484 sermouse - ok

16:36:44.0145 1484 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\windows\system32\sessenv.dll

16:36:44.0145 1484 SessionEnv - ok

16:36:44.0192 1484 sffdisk (a554811bcd09279536440c964ae35bbf) C:\windows\system32\drivers\sffdisk.sys

16:36:44.0207 1484 sffdisk - ok

16:36:44.0223 1484 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\windows\system32\drivers\sffp_mmc.sys

16:36:44.0223 1484 sffp_mmc - ok

16:36:44.0270 1484 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\windows\system32\drivers\sffp_sd.sys

16:36:44.0270 1484 sffp_sd - ok

16:36:44.0301 1484 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\windows\system32\drivers\sfloppy.sys

16:36:44.0317 1484 sfloppy - ok

16:36:44.0363 1484 Sftfs (c6cc9297bd53e5229653303e556aa539) C:\windows\system32\DRIVERS\Sftfslh.sys

16:36:44.0379 1484 Sftfs - ok

16:36:44.0457 1484 sftlist (13693b6354dd6e72dc5131da7d764b90) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

16:36:44.0473 1484 sftlist - ok

16:36:44.0535 1484 Sftplay (390aa7bc52cee43f6790cdea1e776703) C:\windows\system32\DRIVERS\Sftplaylh.sys

16:36:44.0551 1484 Sftplay - ok

16:36:44.0566 1484 Sftredir (617e29a0b0a2807466560d4c4e338d3e) C:\windows\system32\DRIVERS\Sftredirlh.sys

16:36:44.0566 1484 Sftredir - ok

16:36:44.0582 1484 Sftvol (8f571f016fa1976f445147e9e6c8ae9b) C:\windows\system32\DRIVERS\Sftvollh.sys

16:36:44.0582 1484 Sftvol - ok

16:36:44.0660 1484 sftvsa (c3cddd18f43d44ab713cf8c4916f7696) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

16:36:44.0675 1484 sftvsa - ok

16:36:44.0707 1484 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\windows\System32\ipnathlp.dll

16:36:44.0722 1484 SharedAccess - ok

16:36:44.0785 1484 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\windows\System32\shsvcs.dll

16:36:44.0800 1484 ShellHWDetection - ok

16:36:44.0878 1484 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\windows\system32\drivers\SiSRaid2.sys

16:36:44.0878 1484 SiSRaid2 - ok

16:36:44.0909 1484 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\windows\system32\drivers\sisraid4.sys

16:36:44.0925 1484 SiSRaid4 - ok

16:36:45.0003 1484 SkypeUpdate (6128e98eaaed364ed1a32708d2fd22cb) C:\Program Files (x86)\Skype\Updater\Updater.exe

16:36:45.0003 1484 SkypeUpdate - ok

16:36:45.0065 1484 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\windows\system32\DRIVERS\smb.sys

16:36:45.0065 1484 Smb - ok

16:36:45.0128 1484 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\windows\System32\snmptrap.exe

16:36:45.0128 1484 SNMPTRAP - ok

16:36:45.0159 1484 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\windows\system32\drivers\spldr.sys

16:36:45.0159 1484 spldr - ok

16:36:45.0190 1484 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\windows\System32\spoolsv.exe

16:36:45.0206 1484 Spooler - ok

16:36:45.0409 1484 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\windows\system32\sppsvc.exe

16:36:45.0487 1484 sppsvc - ok

16:36:45.0518 1484 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\windows\system32\sppuinotify.dll

16:36:45.0533 1484 sppuinotify - ok

16:36:45.0611 1484 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\windows\system32\DRIVERS\srv.sys

16:36:45.0627 1484 srv - ok

16:36:45.0658 1484 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\windows\system32\DRIVERS\srv2.sys

16:36:45.0674 1484 srv2 - ok

16:36:45.0689 1484 srvnet (27e461f0be5bff5fc737328f749538c3) C:\windows\system32\DRIVERS\srvnet.sys

16:36:45.0689 1484 srvnet - ok

16:36:45.0736 1484 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\windows\System32\ssdpsrv.dll

16:36:45.0752 1484 SSDPSRV - ok

16:36:45.0799 1484 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\windows\system32\sstpsvc.dll

16:36:45.0799 1484 SstpSvc - ok

16:36:45.0892 1484 Steam Client Service - ok

16:36:45.0939 1484 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\windows\system32\drivers\stexstor.sys

16:36:45.0939 1484 stexstor - ok

16:36:46.0033 1484 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\windows\System32\wiaservc.dll

16:36:46.0048 1484 stisvc - ok

16:36:46.0064 1484 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\windows\system32\drivers\swenum.sys

16:36:46.0064 1484 swenum - ok

16:36:46.0111 1484 swprv (e08e46fdd841b7184194011ca1955a0b) C:\windows\System32\swprv.dll

16:36:46.0126 1484 swprv - ok

16:36:46.0189 1484 SynTP (f5b46df59feaa48a442aed7eeb754d4b) C:\windows\system32\DRIVERS\SynTP.sys

16:36:46.0204 1484 SynTP - ok

16:36:46.0298 1484 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\windows\system32\sysmain.dll

16:36:46.0329 1484 SysMain - ok

16:36:46.0360 1484 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\windows\System32\TabSvc.dll

16:36:46.0360 1484 TabletInputService - ok

16:36:46.0376 1484 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\windows\System32\tapisrv.dll

16:36:46.0391 1484 TapiSrv - ok

16:36:46.0407 1484 TBS (1be03ac720f4d302ea01d40f588162f6) C:\windows\System32\tbssvc.dll

16:36:46.0407 1484 TBS - ok

16:36:46.0501 1484 Tcpip (fc62769e7bff2896035aeed399108162) C:\windows\system32\drivers\tcpip.sys

16:36:46.0532 1484 Tcpip - ok

16:36:46.0625 1484 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\windows\system32\DRIVERS\tcpip.sys

16:36:46.0641 1484 TCPIP6 - ok

16:36:46.0672 1484 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\windows\system32\drivers\tcpipreg.sys

16:36:46.0672 1484 tcpipreg - ok

16:36:46.0735 1484 tdcmdpst (fd542b661bd22fa69ca789ad0ac58c29) C:\windows\system32\DRIVERS\tdcmdpst.sys

16:36:46.0735 1484 tdcmdpst - ok

16:36:46.0781 1484 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\windows\system32\drivers\tdpipe.sys

16:36:46.0781 1484 TDPIPE - ok

16:36:46.0859 1484 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\windows\system32\drivers\tdtcp.sys

16:36:46.0859 1484 TDTCP - ok

16:36:46.0891 1484 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\windows\system32\DRIVERS\tdx.sys

16:36:46.0891 1484 tdx - ok

16:36:47.0062 1484 TeamViewer7 (a4d2ce94b028ef1e437cf4ac3d8ff26c) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe

16:36:47.0093 1484 TeamViewer7 - ok

16:36:47.0156 1484 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\windows\system32\drivers\termdd.sys

16:36:47.0156 1484 TermDD - ok

16:36:47.0218 1484 TermService (2e648163254233755035b46dd7b89123) C:\windows\System32\termsrv.dll

16:36:47.0218 1484 TermService - ok

16:36:47.0249 1484 Themes (f0344071948d1a1fa732231785a0664c) C:\windows\system32\themeservice.dll

16:36:47.0249 1484 Themes - ok

16:36:47.0281 1484 Thpdrv (c013f6acaa9761f571bd28dada7c157d) C:\windows\system32\DRIVERS\thpdrv.sys

16:36:47.0281 1484 Thpdrv - ok

16:36:47.0359 1484 Thpevm (b4e609047434ed948af7bdef2fa66e38) C:\windows\system32\DRIVERS\Thpevm.SYS

16:36:47.0359 1484 Thpevm - ok

16:36:47.0405 1484 Thpsrv (9b032a63a0553a2d872815c64a0288be) C:\windows\system32\ThpSrv.exe

16:36:47.0421 1484 Thpsrv - ok

16:36:47.0452 1484 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll

16:36:47.0468 1484 THREADORDER - ok

16:36:47.0515 1484 TMachInfo (83e91963c4452be6899503cf9ebfd3ed) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe

16:36:47.0515 1484 TMachInfo - ok

16:36:47.0577 1484 TODDSrv (8e2c799d3476eac32c3ba0df7ce6af19) C:\windows\system32\TODDSrv.exe

16:36:47.0593 1484 TODDSrv - ok

16:36:47.0671 1484 TosCoSrv (63b379f8885cb1c557771bb8b16162e3) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe

16:36:47.0717 1484 TosCoSrv - ok

16:36:47.0780 1484 TOSHIBA Bluetooth Service (8f099be5db17d025e19652851399b9f1) C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe

16:36:47.0780 1484 TOSHIBA Bluetooth Service - ok

16:36:47.0827 1484 TOSHIBA eco Utility Service (2ecc833ea37cece0052d4d9adc184177) C:\Program Files\TOSHIBA\TECO\TecoService.exe

16:36:47.0827 1484 TOSHIBA eco Utility Service - ok

16:36:47.0905 1484 TOSHIBA HDD SSD Alert Service (edb4b432db13ea3d1eb2356310d33263) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe

16:36:47.0905 1484 TOSHIBA HDD SSD Alert Service - ok

16:36:47.0967 1484 Tosrfcom - ok

16:36:48.0014 1484 tosrfec (f5e3ac4cbcd154ee80849b21887fd0b0) C:\windows\system32\DRIVERS\tosrfec.sys

16:36:48.0014 1484 tosrfec - ok

16:36:48.0045 1484 Tosrfusb (7a0048693f98460ff537be31c741b927) C:\windows\system32\DRIVERS\tosrfusb.sys

16:36:48.0045 1484 Tosrfusb - ok

16:36:48.0107 1484 tos_sps64 (09ff7b0b1b5c3d225495cb6f5a9b39f8) C:\windows\system32\DRIVERS\tos_sps64.sys

16:36:48.0107 1484 tos_sps64 - ok

16:36:48.0201 1484 TPCHSrv (9f8410ccc72b3470c96da415be0cf423) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe

16:36:48.0201 1484 TPCHSrv - ok

16:36:48.0279 1484 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\windows\System32\trkwks.dll

16:36:48.0279 1484 TrkWks - ok

16:36:48.0310 1484 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\windows\servicing\TrustedInstaller.exe

16:36:48.0326 1484 TrustedInstaller - ok

16:36:48.0357 1484 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\windows\system32\DRIVERS\tssecsrv.sys

16:36:48.0357 1484 tssecsrv - ok

16:36:48.0388 1484 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\windows\system32\drivers\tsusbflt.sys

16:36:48.0404 1484 TsUsbFlt - ok

16:36:48.0419 1484 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\windows\system32\drivers\TsUsbGD.sys

16:36:48.0419 1484 TsUsbGD - ok

16:36:48.0497 1484 tunnel (3566a8daafa27af944f5d705eaa64894) C:\windows\system32\DRIVERS\tunnel.sys

16:36:48.0497 1484 tunnel - ok

16:36:48.0575 1484 TVALZ (550b567f9364d8f7684c3fb3ea665a72) C:\windows\system32\DRIVERS\TVALZ_O.SYS

16:36:48.0575 1484 TVALZ - ok

16:36:48.0622 1484 TVALZFL (9c7191f4b2e49bff47a6c1144b5923fa) C:\windows\system32\DRIVERS\TVALZFL.sys

16:36:48.0622 1484 TVALZFL - ok

16:36:48.0685 1484 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\windows\system32\drivers\uagp35.sys

16:36:48.0685 1484 uagp35 - ok

16:36:48.0716 1484 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\windows\system32\DRIVERS\udfs.sys

16:36:48.0731 1484 udfs - ok

16:36:48.0794 1484 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\windows\system32\UI0Detect.exe

16:36:48.0794 1484 UI0Detect - ok

16:36:48.0841 1484 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\windows\system32\drivers\uliagpkx.sys

16:36:48.0841 1484 uliagpkx - ok

16:36:48.0872 1484 umbus (dc54a574663a895c8763af0fa1ff7561) C:\windows\system32\DRIVERS\umbus.sys

16:36:48.0872 1484 umbus - ok

16:36:48.0934 1484 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\windows\system32\drivers\umpass.sys

16:36:48.0934 1484 UmPass - ok

16:36:49.0075 1484 UNS (374ebda379a8f38e0cfc2211611e7167) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

16:36:49.0090 1484 UNS - ok

16:36:49.0121 1484 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\windows\System32\upnphost.dll

16:36:49.0121 1484 upnphost - ok

16:36:49.0199 1484 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\windows\system32\DRIVERS\usbccgp.sys

16:36:49.0199 1484 usbccgp - ok

16:36:49.0231 1484 usbcir (af0892a803fdda7492f595368e3b68e7) C:\windows\system32\drivers\usbcir.sys

16:36:49.0231 1484 usbcir - ok

16:36:49.0262 1484 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\windows\system32\drivers\usbehci.sys

16:36:49.0262 1484 usbehci - ok

16:36:49.0293 1484 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\windows\system32\DRIVERS\usbhub.sys

16:36:49.0309 1484 usbhub - ok

16:36:49.0340 1484 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\windows\system32\drivers\usbohci.sys

16:36:49.0340 1484 usbohci - ok

16:36:49.0402 1484 usbprint (73188f58fb384e75c4063d29413cee3d) C:\windows\system32\drivers\usbprint.sys

16:36:49.0418 1484 usbprint - ok

16:36:49.0465 1484 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\windows\system32\DRIVERS\USBSTOR.SYS

16:36:49.0465 1484 USBSTOR - ok

16:36:49.0480 1484 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\windows\system32\drivers\usbuhci.sys

16:36:49.0496 1484 usbuhci - ok

16:36:49.0511 1484 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\windows\system32\Drivers\usbvideo.sys

16:36:49.0527 1484 usbvideo - ok

16:36:49.0543 1484 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\windows\System32\uxsms.dll

16:36:49.0558 1484 UxSms - ok

16:36:49.0636 1484 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe

16:36:49.0636 1484 VaultSvc - ok

16:36:49.0683 1484 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\windows\system32\drivers\vdrvroot.sys

16:36:49.0683 1484 vdrvroot - ok

16:36:49.0714 1484 vds (8d6b481601d01a456e75c3210f1830be) C:\windows\System32\vds.exe

16:36:49.0730 1484 vds - ok

16:36:49.0745 1484 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\windows\system32\DRIVERS\vgapnp.sys

16:36:49.0745 1484 vga - ok

16:36:49.0777 1484 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\windows\System32\drivers\vga.sys

16:36:49.0777 1484 VgaSave - ok

16:36:49.0823 1484 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\windows\system32\drivers\vhdmp.sys

16:36:49.0823 1484 vhdmp - ok

16:36:49.0839 1484 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\windows\system32\drivers\viaide.sys

16:36:49.0839 1484 viaide - ok

16:36:49.0870 1484 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\windows\system32\drivers\volmgr.sys

16:36:49.0870 1484 volmgr - ok

16:36:49.0917 1484 volmgrx (a255814907c89be58b79ef2f189b843b) C:\windows\system32\drivers\volmgrx.sys

16:36:49.0917 1484 volmgrx - ok

16:36:49.0933 1484 volsnap (df8126bd41180351a093a3ad2fc8903b) C:\windows\system32\drivers\volsnap.sys

16:36:49.0948 1484 volsnap - ok

16:36:50.0011 1484 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\windows\system32\drivers\vsmraid.sys

16:36:50.0011 1484 vsmraid - ok

16:36:50.0073 1484 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\windows\system32\vssvc.exe

16:36:50.0104 1484 VSS - ok

16:36:50.0151 1484 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\windows\system32\DRIVERS\vwifibus.sys

16:36:50.0151 1484 vwifibus - ok

16:36:50.0182 1484 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\windows\system32\DRIVERS\vwififlt.sys

16:36:50.0182 1484 vwififlt - ok

16:36:50.0276 1484 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\windows\system32\w32time.dll

16:36:50.0276 1484 W32Time - ok

16:36:50.0307 1484 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\windows\system32\drivers\wacompen.sys

16:36:50.0307 1484 WacomPen - ok

16:36:50.0369 1484 WANARP (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys

16:36:50.0369 1484 WANARP - ok

16:36:50.0369 1484 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys

16:36:50.0385 1484 Wanarpv6 - ok

16:36:50.0432 1484 wanatw (eceb715bece47e101ddec06b11126066) C:\windows\system32\DRIVERS\wanatw64.sys

16:36:50.0432 1484 wanatw - ok

16:36:50.0541 1484 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\windows\system32\Wat\WatAdminSvc.exe

16:36:50.0572 1484 WatAdminSvc - ok

16:36:50.0619 1484 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\windows\system32\wbengine.exe

16:36:50.0650 1484 wbengine - ok

16:36:50.0666 1484 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\windows\System32\wbiosrvc.dll

16:36:50.0681 1484 WbioSrvc - ok

16:36:50.0697 1484 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\windows\System32\wcncsvc.dll

16:36:50.0697 1484 wcncsvc - ok

16:36:50.0775 1484 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\windows\System32\WcsPlugInService.dll

16:36:50.0775 1484 WcsPlugInService - ok

16:36:50.0822 1484 Wd (72889e16ff12ba0f235467d6091b17dc) C:\windows\system32\drivers\wd.sys

16:36:50.0822 1484 Wd - ok

16:36:50.0853 1484 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\windows\system32\drivers\Wdf01000.sys

16:36:50.0869 1484 Wdf01000 - ok

16:36:50.0900 1484 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll

16:36:50.0900 1484 WdiServiceHost - ok

16:36:50.0900 1484 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll

16:36:50.0915 1484 WdiSystemHost - ok

16:36:50.0931 1484 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\windows\System32\webclnt.dll

16:36:50.0931 1484 WebClient - ok

16:36:50.0931 1484 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\windows\system32\wecsvc.dll

16:36:50.0947 1484 Wecsvc - ok

16:36:50.0962 1484 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\windows\System32\wercplsupport.dll

16:36:50.0962 1484 wercplsupport - ok

16:36:50.0978 1484 WerSvc (6d137963730144698cbd10f202e9f251) C:\windows\System32\WerSvc.dll

16:36:50.0993 1484 WerSvc - ok

16:36:51.0071 1484 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\windows\system32\DRIVERS\wfplwf.sys

16:36:51.0071 1484 WfpLwf - ok

16:36:51.0103 1484 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\windows\system32\drivers\wimmount.sys

16:36:51.0103 1484 WIMMount - ok

16:36:51.0134 1484 WinDefend - ok

16:36:51.0134 1484 WinHttpAutoProxySvc - ok

16:36:51.0212 1484 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\windows\system32\wbem\WMIsvc.dll

16:36:51.0212 1484 Winmgmt - ok

16:36:51.0321 1484 WinRM (bcb1310604aa415c4508708975b3931e) C:\windows\system32\WsmSvc.dll

16:36:51.0352 1484 WinRM - ok

16:36:51.0430 1484 WinUsb (fe88b288356e7b47b74b13372add906d) C:\windows\system32\DRIVERS\WinUsb.sys

16:36:51.0446 1484 WinUsb - ok

16:36:51.0539 1484 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\windows\System32\wlansvc.dll

16:36:51.0555 1484 Wlansvc - ok

16:36:51.0617 1484 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe

16:36:51.0633 1484 wlcrasvc - ok

16:36:51.0711 1484 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

16:36:51.0727 1484 wlidsvc - ok

16:36:51.0805 1484 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\windows\system32\drivers\wmiacpi.sys

16:36:51.0805 1484 WmiAcpi - ok

16:36:51.0867 1484 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\windows\system32\wbem\WmiApSrv.exe

16:36:51.0883 1484 wmiApSrv - ok

16:36:51.0914 1484 WMPNetworkSvc - ok

16:36:51.0976 1484 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\windows\System32\wpcsvc.dll

16:36:51.0976 1484 WPCSvc - ok

16:36:52.0007 1484 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\windows\system32\wpdbusenum.dll

16:36:52.0007 1484 WPDBusEnum - ok

16:36:52.0054 1484 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\windows\system32\drivers\ws2ifsl.sys

16:36:52.0054 1484 ws2ifsl - ok

16:36:52.0085 1484 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\windows\System32\wscsvc.dll

16:36:52.0085 1484 wscsvc - ok

16:36:52.0085 1484 WSearch - ok

16:36:52.0148 1484 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\windows\system32\wuaueng.dll

16:36:52.0195 1484 wuauserv - ok

16:36:52.0226 1484 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\windows\system32\drivers\WudfPf.sys

16:36:52.0241 1484 WudfPf - ok

16:36:52.0288 1484 WUDFRd (cf8d590be3373029d57af80914190682) C:\windows\system32\DRIVERS\WUDFRd.sys

16:36:52.0304 1484 WUDFRd - ok

16:36:52.0335 1484 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\windows\System32\WUDFSvc.dll

16:36:52.0335 1484 wudfsvc - ok

16:36:52.0366 1484 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\windows\System32\wwansvc.dll

16:36:52.0382 1484 WwanSvc - ok

16:36:52.0413 1484 MBR (0x1B8) (5b5e648d12fcadc244c1ec30318e1eb9) \Device\Harddisk0\DR0

16:36:52.0444 1484 \Device\Harddisk0\DR0 - ok

16:36:52.0475 1484 Boot (0x1200) (f61ee8ff5f670de7085e40c3f340d2d2) \Device\Harddisk0\DR0\Partition0

16:36:52.0475 1484 \Device\Harddisk0\DR0\Partition0 - ok

16:36:52.0475 1484 ============================================================

16:36:52.0475 1484 Scan finished

16:36:52.0475 1484 ============================================================

16:36:52.0491 6716 Detected object count: 0

16:36:52.0491 6716 Actual detected object count: 0

16:40:52.0194 7036 Deinitialize success

Share this post


Link to post
Share on other sites

Now the IP 87.242.743.219 is popping up with the same application updater.exe and many different ports

Share this post


Link to post
Share on other sites

Hi again,

COMBOFIX

---------------

Please download ComboFix from one of these locations:


Bleepingcomputer
ForoSpyware

  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Double click on Combofix.exe and follow the prompts.
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, or if you are running Vista, ComboFix will continue it's malware removal procedures.

Query_RC.gif

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

RC_successful.gif

Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\Combofix.txt in your next reply.

Share this post


Link to post
Share on other sites

After it rebooted and I tried to open anything it said that the registry or something was scheduled for deletion, I don't know if thats normal or not, but after I rebooted again, it went away so hopefully it was fine. And the notifications are still popping up

ComboFix.txt

Share this post


Link to post
Share on other sites

Hello again,

ESET ONLINE SCANNER

----------------------------

I'd like us to scan your machine with ESET OnlineScan

  1. Hold down Control and click on this link to open ESET OnlineScan in a new window.
  2. Click the esetonlinebtn.png button.
  3. For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)

    1. Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    2. Double click on the esetsmartinstaller_enu.png
      icon on your desktop.

    3. Check "YES, I accept the Terms of Use."
    4. Click the Start button.
    5. Accept any security warnings from your browser.
    6. Under scan settings, check "Scan Archives" and "Remove found threats"
    7. Click Advanced settings and select the following:
      • Scan potentially unwanted applications
      • Scan for potentially unsafe applications
      • Enable Anti-Stealth technology

[*]ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.

[*]When the scan completes, click List Threats

[*]Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.

[*]Click the Back button.

[*]Click the Finish button.

Share this post


Link to post
Share on other sites

<p> </p>

<div>C:\Program Files (x86)\FLVPlayer\FLVPlayer.exe<span class="Apple-tab-span" style="white-space:pre"> </span>a variant of Win32/InstallCore.A application<span class="Apple-tab-span" style="white-space:pre"> </span>cleaned by deleting - quarantined</div>

<div>C:\Users\omx\Documents\games\Call of Duty 2\Call of Duty 2.exe<span class="Apple-tab-span" style="white-space:pre"> </span>a variant of Win32/Keygen.CU application<span class="Apple-tab-span" style="white-space:pre"> </span>deleted - quarantined</div>

<div>C:\Users\omx\Documents\games\Daemon Tools PRO Advanced  v5.0.0316.0317\DAEMONToolsPro500316-0317.exe<span class="Apple-tab-span" style="white-space:pre"> </span>Win32/OpenCandy application<span class="Apple-tab-span" style="white-space:pre"> </span>deleted - quarantined</div>

<div> </div>

<div>Still showing notifications</div>

<div> </div>

<div>Thanks for the help so far!</div>

Share this post


Link to post
Share on other sites

Please click Start > Programs > Accessories, right click on Command Prompt and select "run as administrator".

Type the following and press enter.

netsh advfirewall reset

netsh firewall reset

Restart the computer and let me know if you still get the pop ups.

Share this post


Link to post
Share on other sites

Hello,

Please click HERE to download Kaspersky Virus Removal Tool (click on the Download link for Version 11).

NOTE. This is quite large file, so be patient.

  • Double click on the file you just downloaded and let it install.
  • It will install to your desktop (be patient; it may take a while).
  • Accept license agreement and click "Start" button.
  • Click on Settings button p4484522.gif
    • In Scan scope leave pre-checked items as they're and also checkmark My Computer
    • In Actions checkmark Select action: (disinfect; delete if disinfection fails) instead of preselected Prompt on detection

    [*]Click on Automatic Scan tab and then click on Start scanning button.

    [*]Before it is done it may prompt for action regardless of the setting so choose delete if prompted.

    [*]When the scan is done NO log will be produced.

    [*]Click on Report button p4484523.gif then on Automatic Scan report tab.

    [*]Right click anywhere within right pane, click Select All then right click again and click Copy.

    [*]This will copy the items that it found to the clipboard you can then open notepad (go to start then run then type in notepad) and choose paste to paste the contents into Notepad.

    [*]You can save this on the desktop.

    [*]Post the contents of the document in your next reply.

Share this post


Link to post
Share on other sites

I scanned with the Kaspersky tool, and nothing came up, like no threats. The log is 103 MB so..I can't really do much with that

Share this post


Link to post
Share on other sites

Can you please post me the exact content of the pop-up you see?

Share this post


Link to post
Share on other sites

Malwarebytes Anti-Malware

Successfully blocked access to a potentially malicious website: 87.242.73.219

Type:outgoing

Port: Varies, changes each time it pops up, Process: updater.exe

Share this post


Link to post
Share on other sites

Lets run an additional scan here.

OTL

-----

Please download OTL from one of the following mirrors:

[*]Save it to your desktop.

[*]Double click on the otlicon.png icon on your desktop.

[*]Click the "Scan All Users" checkbox.

[*]Push the runscan.png button.

[*]Two reports will open, copy and paste them in a reply here:

  • OTL.txt <-- Will be opened
  • Extra.txt <-- Will be minimized

Share this post


Link to post
Share on other sites

Hi again,

CF-SCRIPT

-------------

We need to execute a CF-script.

  • Close any open browsers.
  • Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
  • Click Start > Run and in the box that opens type notepad and press enter. Copy/paste the text in the codebox below into it:


Folder::
C:\DiskManager

Save this as CFScript.txt, in the same location as ComboFix.exe

CFScriptB-4.gif

Refering to the picture above, drag CFScript into ComboFix.exe

When finished, it shall produce a log for you at C:\ComboFix.txt which I will require in your next reply.

Share this post


Link to post
Share on other sites

That seems to have done it after another restart, thank you very much for the help!!

Share this post


Link to post
Share on other sites

That is good news! :) Do you have any other problem left?

P2P WARNING

-------------------

Going over your logs I noticed that you have uTorrent installed.

  • Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs.
  • They are a security risk which can make your computer susceptible to a wide variety of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites.
  • Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users.
  • The best way to reduce the risk of infection is to avoid these types of web sites and not use any P2P applications.

It is pretty much certain that if you continue to use P2P programs, you will get infected again.

I would recommend that you uninstall uTorrent, however that choice is up to you. If you choose to remove these programs, you can do so via Start > Control Panel > Add/Remove Programs.

If you wish to keep it, please do not use it until your computer is cleaned.

Your version of Java is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system.

  • Download the latest version of Java Runtime Environment (JRE) Version 7u3.
  • Look for "JDK 7u3 (JDK or JRE).
  • Click the "Download JRE" button at the right.
  • Read the License Agreement, and then check the box that says: "Accept License Agreement".
    • Select "Windows x86 Offline" and click on jre-7-windows-i586.exe

    [*]Save it to your desktop

    [*]Close any programs you may have running - especially your web browser.

    [*]Uninstall all older versions of Java (any item with Java Runtime Environment, JRE or J2SE in the name).

    [*]Reboot your computer once all Java components are removed.

    [*]Install the newest version by double clicking (run as Administrator for Windows Vista/Seven) the downloaded file.

Please launch MBAM, update it and run a full scan. Post me the resulting log.

Share this post


Link to post
Share on other sites

They may have been installed alongside a game, but are not really malicious, more undesirable.

ESET ONLINE SCANNER

----------------------------

I'd like us to scan your machine with ESET OnlineScan

  1. Hold down Control and click on this link to open ESET OnlineScan in a new window.
  2. Click the esetonlinebtn.png button.
  3. For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)

    1. Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    2. Double click on the esetsmartinstaller_enu.png
      icon on your desktop.

    3. Check "YES, I accept the Terms of Use."
    4. Click the Start button.
    5. Accept any security warnings from your browser.
    6. Under scan settings, check "Scan Archives" and "Remove found threats"
    7. Click Advanced settings and select the following:
      • Scan potentially unwanted applications
      • Scan for potentially unsafe applications
      • Enable Anti-Stealth technology

[*]ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.

[*]When the scan completes, click List Threats

[*]Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.

[*]Click the Back button.

[*]Click the Finish button.

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

  • Recently Browsing   0 members

    No registered users viewing this page.