Jump to content

Zatrei

Members
  • Posts

    10
  • Joined

  • Last visited

Reputation

0 Neutral
  1. They appear to be fine, no problems with MBAM, and nothing else strange, thank you for your help.
  2. There were no detections found, and there is no Log.
  3. ESET Log - ESETSmartInstaller@High as CAB hook log: OnlineScanner64.ocx - registred OK OnlineScanner.ocx - registred OK
  4. ComboFix 12-07-07.02 - Michael 07/07/2012 1:21.4.4 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8191.6614 [GMT -7:00] Running from: c:\users\Michael\Desktop\ComboFix.exe Command switches used :: c:\users\Michael\Desktop\CFScript.txt SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\windows\TEMP\logishrd\LVPrcInj01.dll . . . . Failed to delete . . ((((((((((((((((((((((((( Files Created from 2012-06-07 to 2012-07-07 ))))))))))))))))))))))))))))))) . . 2012-07-07 08:30 . 2012-07-07 08:30 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-07-06 08:41 . 2012-05-31 04:04 9013136 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{7604B74A-0F48-469A-BD1B-56BE17516E85}\mpengine.dll 2012-07-04 21:20 . 2012-07-04 21:20 -------- dc----w- c:\windows\system32\DRVSTORE 2012-07-04 21:20 . 2012-03-09 01:40 48488 ----a-w- c:\windows\system32\drivers\fssfltr.sys 2012-07-04 21:16 . 2012-07-04 21:16 7450888 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\483450051cd5a2a01\bingbarsetup.exe 2012-07-04 06:28 . 2012-07-03 20:41 3130440 ----a-w- c:\windows\SysWow64\pbsvc_blr.exe 2012-07-04 06:28 . 2012-07-04 06:28 -------- d-----w- c:\program files (x86)\NVIDIA Corporation 2012-06-24 20:36 . 2012-06-24 20:36 -------- d-----w- c:\users\Michael\AppData\Roaming\WildTangent 2012-06-24 05:11 . 2012-06-24 05:11 -------- d-----w- c:\users\Michael\AppData\Local\Macromedia 2012-06-23 05:44 . 2012-06-23 05:44 -------- d-----w- c:\windows\en 2012-06-23 05:23 . 2012-06-23 05:23 15712 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\60bf162a1cd510002\MeshBetaRemover.exe 2012-06-23 05:23 . 2012-06-23 05:23 89944 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\5fee559b1cd510001\DSETUP.dll 2012-06-23 05:23 . 2012-06-23 05:23 537432 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\5fee559b1cd510001\DXSETUP.exe 2012-06-23 05:23 . 2012-06-23 05:23 1801048 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\5fee559b1cd510001\dsetup32.dll 2012-06-21 08:48 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe 2012-06-21 08:48 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll 2012-06-21 08:48 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll 2012-06-21 08:48 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll 2012-06-21 08:48 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll 2012-06-21 08:48 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll 2012-06-21 08:48 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll 2012-06-21 08:48 . 2012-06-02 22:19 186752 ----a-w- c:\windows\system32\wuwebv.dll 2012-06-21 08:48 . 2012-06-02 22:15 36864 ----a-w- c:\windows\system32\wuapp.exe 2012-06-13 17:02 . 2012-06-13 17:02 770384 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcr100.dll 2012-06-13 17:02 . 2012-06-13 17:02 421200 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcp100.dll 2012-06-13 05:05 . 2012-04-26 05:41 77312 ----a-w- c:\windows\system32\rdpwsx.dll 2012-06-07 23:42 . 2012-06-07 23:42 -------- d-----w- c:\users\Michael\AppData\Local\Chromium 2012-06-07 19:02 . 2012-06-07 23:42 -------- d-----w- c:\program files (x86)\Guild Wars 2 . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-07-05 00:33 . 2011-10-10 22:04 298016 ----a-w- c:\windows\SysWow64\PnkBstrB.exe 2012-07-05 00:33 . 2011-10-10 22:04 298016 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr 2012-07-04 19:04 . 2011-10-10 22:04 298016 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0 2012-07-04 06:33 . 2011-10-10 22:04 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe 2012-06-23 23:10 . 2012-04-12 19:07 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2012-06-23 23:10 . 2011-08-08 13:38 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-05-31 10:02 . 2012-05-30 06:17 112832 ----a-w- c:\programdata\Microsoft\VCExpress\10.0\1033\ResourceCache.dll . . ((((((((((((((((((((((((((((( SnapShot@2012-07-06_17.28.02 ))))))))))))))))))))))))))))))))))))))))) . + 2010-11-21 03:09 . 2012-07-07 08:33 42028 c:\windows\system64\wdi\ShutdownPerformanceDiagnostics_SystemData.bin + 2009-07-14 05:10 . 2012-07-07 08:33 35284 c:\windows\system64\wdi\BootPerformanceDiagnostics_SystemData.bin + 2010-11-21 03:09 . 2012-07-07 08:33 42028 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin + 2009-07-14 05:10 . 2012-07-07 08:33 35284 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin + 2011-08-09 00:05 . 2012-07-07 08:33 6410 c:\windows\system64\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-692133383-766868520-1159784434-1001_UserData.bin + 2011-08-09 00:05 . 2012-07-07 08:33 6410 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-692133383-766868520-1159784434-1001_UserData.bin - 2012-07-06 17:27 . 2012-07-06 17:27 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat + 2012-07-07 08:31 . 2012-07-07 08:31 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat - 2012-07-06 17:27 . 2012-07-06 17:27 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat + 2012-07-07 08:31 . 2012-07-07 08:31 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat + 2012-07-07 08:31 . 2009-10-07 08:46 131608 c:\windows\Temp\logishrd\LVPrcInj02.dll - 2012-07-06 17:27 . 2009-10-07 08:46 131608 c:\windows\Temp\logishrd\LVPrcInj02.dll + 2012-07-07 08:31 . 2009-10-07 08:47 109080 c:\windows\Temp\logishrd\LVPrcInj01.dll - 2012-07-06 17:27 . 2009-10-07 08:47 109080 c:\windows\Temp\logishrd\LVPrcInj01.dll - 2009-07-14 02:36 . 2012-07-04 06:07 668982 c:\windows\system64\perfh009.dat + 2009-07-14 02:36 . 2012-07-06 18:36 668982 c:\windows\system64\perfh009.dat + 2009-07-14 02:36 . 2012-07-06 18:36 125168 c:\windows\system64\perfc009.dat - 2009-07-14 02:36 . 2012-07-04 06:07 125168 c:\windows\system64\perfc009.dat + 2009-07-14 02:36 . 2012-07-06 18:36 668982 c:\windows\system32\perfh009.dat - 2009-07-14 02:36 . 2012-07-04 06:07 668982 c:\windows\system32\perfh009.dat + 2009-07-14 02:36 . 2012-07-06 18:36 125168 c:\windows\system32\perfc009.dat - 2009-07-14 02:36 . 2012-07-04 06:07 125168 c:\windows\system32\perfc009.dat - 2009-07-14 05:01 . 2012-07-06 17:25 229568 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat + 2009-07-14 05:01 . 2012-07-07 08:30 229568 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat - 2011-08-08 14:38 . 2012-07-06 17:25 49247172 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-692133383-766868520-1159784434-1001-8192.dat + 2011-08-08 14:38 . 2012-07-07 08:30 49247172 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-692133383-766868520-1159784434-1001-8192.dat . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal] @="{C5994560-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}] 2011-06-13 17:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified] @="{C5994561-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}] 2011-06-13 17:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict] @="{C5994562-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}] 2011-06-13 17:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked] @="{C5994563-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}] 2011-06-13 17:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly] @="{C5994564-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}] 2011-06-13 17:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted] @="{C5994565-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}] 2011-06-13 17:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded] @="{C5994566-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}] 2011-06-13 17:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored] @="{C5994567-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}] 2011-06-13 17:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned] @="{C5994568-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}] 2011-06-13 17:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CrossRiderPlugin"="c:\program files (x86)\CrossriderWebApps\Crossrider.exe" [2011-05-15 478720] "Akamai NetSession Interface"="c:\users\Michael\AppData\Local\Akamai\netsession_win.exe" [2012-05-26 4327744] "ISUSPM Startup"="c:\progra~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-06-16 221184] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "AMD AVT"="start AMD Accelerated Video Transcoding device initialization" [X] "HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576] "DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696] "Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408] "ISUSScheduler"="c:\program files (x86)\Common Files\InstallShield\UpdateService\issch.exe" [2004-06-16 81920] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "aux3"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-01-31 158856] R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-23 250056] R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-04-01 183560] R3 DRIVER_B;DRIVER_B;c:\windows\system32\Drivers\DRIVER_BIN64 [2012-01-10 26424] R3 dump_wmimmc;dump_wmimmc;c:\sega\PHANTASY STAR UNIVERSE Illuminus\GameGuard\dump_wmimmc.sys [x] R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x] R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072] R3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys [2009-10-07 327704] R3 LVUVC64;Logitech QuickCam E3500(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys [2009-10-07 6379288] R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-06-21 113120] R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [x] R3 tapoas;TAP-Win32 Adapter OAS;c:\windows\system32\DRIVERS\tapoas.sys [2011-08-19 30720] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392] R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232] R3 vproiah;vproiah;c:\windows\system32\DRIVERS\vproiah.sys [2011-07-06 27848] R3 vtany;vtany;c:\windows\vtany.sys [x] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-08-10 1255736] R3 X6va005;X6va005;c:\users\Michael\AppData\Local\Temp\005AF0B.tmp [x] R3 X6va008;X6va008;c:\users\Michael\AppData\Local\Temp\00875CF.tmp [x] R3 xsherlock;xsherlock;c:\windows\system32\xsherlock.xem [x] R3 YMIDUSBW;Yamaha USB-MIDI Driver (WDM);c:\windows\system32\drivers\ymidusbx64.sys [2011-11-01 51016] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184] S0 amd_sata;amd_sata;c:\windows\system32\drivers\amd_sata.sys [2010-11-04 75904] S0 amd_xata;amd_xata;c:\windows\system32\drivers\amd_xata.sys [2010-11-04 38016] S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-10-21 270912] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2009-07-14 27136] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-04-06 236544] S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-04-06 361984] S2 AODDriver4.01;AODDriver4.01;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-03-05 53888] S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168] S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-01-26 92216] S2 LVPrcS64;Process Monitor;c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2009-10-07 191000] S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408] S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe [2011-02-01 1127448] S2 RoxioNow Service;RoxioNow Service;c:\program files (x86)\Roxio\RoxioNow Player\RNowSvc.exe [2010-11-26 399344] S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368] S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136] S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2012-04-06 11174400] S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2012-04-06 343040] S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2012-02-23 95760] S3 LVPr2M64;Logitech LVPr2M64 Driver;c:\windows\system32\DRIVERS\LVPr2M64.sys [2009-10-07 30232] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-04-04 24904] S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys [2010-11-05 1041760] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-12-28 412776] S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\drivers\usbfilter.sys [2009-12-22 38456] . . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost] Akamai REG_MULTI_SZ Akamai . Contents of the 'Scheduled Tasks' folder . 2012-07-07 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-12 23:10] . 2012-07-04 c:\windows\Tasks\HPCeeScheduleForMichael.job - c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 05:15] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}] c:\program files (x86)\Hotspot Shield\HssIE\HssIE_64.dll [bU] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal] @="{C5994560-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}] 2011-06-13 17:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified] @="{C5994561-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}] 2011-06-13 17:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict] @="{C5994562-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}] 2011-06-13 17:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked] @="{C5994563-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}] 2011-06-13 17:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly] @="{C5994564-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}] 2011-06-13 17:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted] @="{C5994565-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}] 2011-06-13 17:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded] @="{C5994566-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}] 2011-06-13 17:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored] @="{C5994567-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}] 2011-06-13 17:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned] @="{C5994568-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}] 2011-06-13 17:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768] . ------- Supplementary Scan ------- . uLocal Page = c:\windows\system32\blank.htm mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = 127.0.0.1:9421;<local> Trusted Zone: clonewarsadventures.com Trusted Zone: freerealms.com Trusted Zone: soe.com Trusted Zone: sony.com TCP: DhcpNameServer = 75.75.75.75 75.75.76.76 FF - ProfilePath - c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\k64rwylw.default\ FF - prefs.js: browser.search.selectedEngine - Bing FF - prefs.js: browser.startup.homepage - google FF - user.js: yahoo.ytff.general.dontshowhpoffer - true);user_pref(general.useragent.extra.brc, . . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\pdfcDispatcher] "ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService" . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\Akamai] "ServiceDll"="c:\program files (x86)\common files\akamai/netsession_win_80c2ffa.dll" . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\DRIVER_B] "ImagePath"="\??\c:\windows\system32\Drivers\DRIVER_BIN64" . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\npggsvc] "ImagePath"="c:\windows\system32\GameMon.des -service" . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va005] "ImagePath"="\??\c:\users\Michael\AppData\Local\Temp\005AF0B.tmp" . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va008] "ImagePath"="\??\c:\users\Michael\AppData\Local\Temp\00875CF.tmp" . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\xsherlock] "ImagePath"="c:\windows\system32\xsherlock.xem" . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Other Running Processes ------------------------ . c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe c:\program files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe c:\windows\SysWOW64\PnkBstrA.exe c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE c:\program files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe . ************************************************************************** . Completion time: 2012-07-07 01:38:35 - machine was rebooted ComboFix-quarantined-files.txt 2012-07-07 08:38 ComboFix2.txt 2012-07-06 18:24 ComboFix3.txt 2012-07-06 17:58 ComboFix4.txt 2012-07-06 17:35 . Pre-Run: 1,158,698,651,648 bytes free Post-Run: 1,158,406,258,688 bytes free . - - End Of File - - B09F3BA2E75B042F48DF2285481D9F65
  5. ComboFix Log - ComboFix 12-07-06.02 - Michael 07/06/2012 11:04:25.3.4 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8191.7027 [GMT -7:00] Running from: c:\users\Michael\Desktop\ComboFix.exe SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\windows\TEMP\logishrd\LVPrcInj01.dll . . . . Failed to delete . . ((((((((((((((((((((((((( Files Created from 2012-06-06 to 2012-07-06 ))))))))))))))))))))))))))))))) . . 2012-07-06 18:15 . 2012-07-06 18:15 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-07-06 08:41 . 2012-05-31 04:04 9013136 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{7604B74A-0F48-469A-BD1B-56BE17516E85}\mpengine.dll 2012-07-04 21:20 . 2012-07-04 21:20 -------- dc----w- c:\windows\system32\DRVSTORE 2012-07-04 21:20 . 2012-03-09 01:40 48488 ----a-w- c:\windows\system32\drivers\fssfltr.sys 2012-07-04 21:16 . 2012-07-04 21:16 7450888 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\483450051cd5a2a01\bingbarsetup.exe 2012-07-04 06:28 . 2012-07-03 20:41 3130440 ----a-w- c:\windows\SysWow64\pbsvc_blr.exe 2012-07-04 06:28 . 2012-07-04 06:28 -------- d-----w- c:\program files (x86)\NVIDIA Corporation 2012-06-24 20:36 . 2012-06-24 20:36 -------- d-----w- c:\users\Michael\AppData\Roaming\WildTangent 2012-06-24 05:11 . 2012-06-24 05:11 -------- d-----w- c:\users\Michael\AppData\Local\Macromedia 2012-06-23 05:44 . 2012-06-23 05:44 -------- d-----w- c:\windows\en 2012-06-23 05:23 . 2012-06-23 05:23 15712 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\60bf162a1cd510002\MeshBetaRemover.exe 2012-06-23 05:23 . 2012-06-23 05:23 89944 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\5fee559b1cd510001\DSETUP.dll 2012-06-23 05:23 . 2012-06-23 05:23 537432 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\5fee559b1cd510001\DXSETUP.exe 2012-06-23 05:23 . 2012-06-23 05:23 1801048 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\5fee559b1cd510001\dsetup32.dll 2012-06-21 08:48 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe 2012-06-21 08:48 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll 2012-06-21 08:48 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll 2012-06-21 08:48 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll 2012-06-21 08:48 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll 2012-06-21 08:48 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll 2012-06-21 08:48 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll 2012-06-21 08:48 . 2012-06-02 22:19 186752 ----a-w- c:\windows\system32\wuwebv.dll 2012-06-21 08:48 . 2012-06-02 22:15 36864 ----a-w- c:\windows\system32\wuapp.exe 2012-06-13 17:02 . 2012-06-13 17:02 770384 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcr100.dll 2012-06-13 17:02 . 2012-06-13 17:02 421200 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcp100.dll 2012-06-13 05:05 . 2012-04-26 05:41 77312 ----a-w- c:\windows\system32\rdpwsx.dll 2012-06-07 23:42 . 2012-06-07 23:42 -------- d-----w- c:\users\Michael\AppData\Local\Chromium 2012-06-07 19:02 . 2012-06-07 23:42 -------- d-----w- c:\program files (x86)\Guild Wars 2 . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-07-05 00:33 . 2011-10-10 22:04 298016 ----a-w- c:\windows\SysWow64\PnkBstrB.exe 2012-07-05 00:33 . 2011-10-10 22:04 298016 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr 2012-07-04 19:04 . 2011-10-10 22:04 298016 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0 2012-07-04 06:33 . 2011-10-10 22:04 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe 2012-06-23 23:10 . 2012-04-12 19:07 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2012-06-23 23:10 . 2011-08-08 13:38 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-05-31 10:02 . 2012-05-30 06:17 112832 ----a-w- c:\programdata\Microsoft\VCExpress\10.0\1033\ResourceCache.dll . . ((((((((((((((((((((((((((((( SnapShot@2012-07-06_17.28.02 ))))))))))))))))))))))))))))))))))))))))) . + 2010-11-21 03:09 . 2012-07-06 18:19 41790 c:\windows\system64\wdi\ShutdownPerformanceDiagnostics_SystemData.bin + 2009-07-14 05:10 . 2012-07-06 18:19 35100 c:\windows\system64\wdi\BootPerformanceDiagnostics_SystemData.bin + 2010-11-21 03:09 . 2012-07-06 18:19 41790 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin + 2009-07-14 05:10 . 2012-07-06 18:19 35100 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin + 2011-08-09 00:05 . 2012-07-06 18:19 6182 c:\windows\system64\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-692133383-766868520-1159784434-1001_UserData.bin + 2011-08-09 00:05 . 2012-07-06 18:19 6182 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-692133383-766868520-1159784434-1001_UserData.bin + 2012-07-06 18:17 . 2012-07-06 18:17 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat - 2012-07-06 17:27 . 2012-07-06 17:27 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat - 2012-07-06 17:27 . 2012-07-06 17:27 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat + 2012-07-06 18:17 . 2012-07-06 18:17 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat + 2012-07-06 18:17 . 2009-10-07 08:46 131608 c:\windows\Temp\logishrd\LVPrcInj02.dll - 2012-07-06 17:27 . 2009-10-07 08:46 131608 c:\windows\Temp\logishrd\LVPrcInj02.dll - 2012-07-06 17:27 . 2009-10-07 08:47 109080 c:\windows\Temp\logishrd\LVPrcInj01.dll + 2012-07-06 18:17 . 2009-10-07 08:47 109080 c:\windows\Temp\logishrd\LVPrcInj01.dll - 2009-07-14 02:36 . 2012-07-04 06:07 668982 c:\windows\system64\perfh009.dat + 2009-07-14 02:36 . 2012-07-06 18:07 668982 c:\windows\system64\perfh009.dat + 2009-07-14 02:36 . 2012-07-06 18:07 125168 c:\windows\system64\perfc009.dat - 2009-07-14 02:36 . 2012-07-04 06:07 125168 c:\windows\system64\perfc009.dat + 2009-07-14 02:36 . 2012-07-06 18:07 668982 c:\windows\system32\perfh009.dat - 2009-07-14 02:36 . 2012-07-04 06:07 668982 c:\windows\system32\perfh009.dat + 2009-07-14 02:36 . 2012-07-06 18:07 125168 c:\windows\system32\perfc009.dat - 2009-07-14 02:36 . 2012-07-04 06:07 125168 c:\windows\system32\perfc009.dat - 2009-07-14 05:01 . 2012-07-06 17:25 229568 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat + 2009-07-14 05:01 . 2012-07-06 18:16 229568 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal] @="{C5994560-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}] 2011-06-13 17:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified] @="{C5994561-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}] 2011-06-13 17:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict] @="{C5994562-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}] 2011-06-13 17:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked] @="{C5994563-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}] 2011-06-13 17:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly] @="{C5994564-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}] 2011-06-13 17:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted] @="{C5994565-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}] 2011-06-13 17:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded] @="{C5994566-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}] 2011-06-13 17:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored] @="{C5994567-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}] 2011-06-13 17:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned] @="{C5994568-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}] 2011-06-13 17:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CrossRiderPlugin"="c:\program files (x86)\CrossriderWebApps\Crossrider.exe" [2011-05-15 478720] "Akamai NetSession Interface"="c:\users\Michael\AppData\Local\Akamai\netsession_win.exe" [2012-05-26 4327744] "ISUSPM Startup"="c:\progra~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-06-16 221184] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "AMD AVT"="start AMD Accelerated Video Transcoding device initialization" [X] "HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576] "DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696] "Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408] "ISUSScheduler"="c:\program files (x86)\Common Files\InstallShield\UpdateService\issch.exe" [2004-06-16 81920] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "aux3"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-01-31 158856] R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-23 250056] R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-04-01 183560] R3 DRIVER_B;DRIVER_B;c:\windows\system32\Drivers\DRIVER_BIN64 [2012-01-10 26424] R3 dump_wmimmc;dump_wmimmc;c:\sega\PHANTASY STAR UNIVERSE Illuminus\GameGuard\dump_wmimmc.sys [x] R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x] R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072] R3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys [2009-10-07 327704] R3 LVUVC64;Logitech QuickCam E3500(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys [2009-10-07 6379288] R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-06-21 113120] R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [x] R3 tapoas;TAP-Win32 Adapter OAS;c:\windows\system32\DRIVERS\tapoas.sys [2011-08-19 30720] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392] R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232] R3 vproiah;vproiah;c:\windows\system32\DRIVERS\vproiah.sys [2011-07-06 27848] R3 vtany;vtany;c:\windows\vtany.sys [x] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-08-10 1255736] R3 X6va005;X6va005;c:\users\Michael\AppData\Local\Temp\005AF0B.tmp [x] R3 X6va008;X6va008;c:\users\Michael\AppData\Local\Temp\00875CF.tmp [x] R3 xsherlock;xsherlock;c:\windows\system32\xsherlock.xem [x] R3 YMIDUSBW;Yamaha USB-MIDI Driver (WDM);c:\windows\system32\drivers\ymidusbx64.sys [2011-11-01 51016] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184] S0 amd_sata;amd_sata;c:\windows\system32\drivers\amd_sata.sys [2010-11-04 75904] S0 amd_xata;amd_xata;c:\windows\system32\drivers\amd_xata.sys [2010-11-04 38016] S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-10-21 270912] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2009-07-14 27136] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-04-06 236544] S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-04-06 361984] S2 AODDriver4.01;AODDriver4.01;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-03-05 53888] S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168] S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-01-26 92216] S2 LVPrcS64;Process Monitor;c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2009-10-07 191000] S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408] S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe [2011-02-01 1127448] S2 RoxioNow Service;RoxioNow Service;c:\program files (x86)\Roxio\RoxioNow Player\RNowSvc.exe [2010-11-26 399344] S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368] S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136] S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2012-04-06 11174400] S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2012-04-06 343040] S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2012-02-23 95760] S3 LVPr2M64;Logitech LVPr2M64 Driver;c:\windows\system32\DRIVERS\LVPr2M64.sys [2009-10-07 30232] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-04-04 24904] S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys [2010-11-05 1041760] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-12-28 412776] S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\drivers\usbfilter.sys [2009-12-22 38456] . . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost] Akamai REG_MULTI_SZ Akamai . Contents of the 'Scheduled Tasks' folder . 2012-07-06 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-12 23:10] . 2012-07-04 c:\windows\Tasks\HPCeeScheduleForMichael.job - c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 05:15] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}] c:\program files (x86)\Hotspot Shield\HssIE\HssIE_64.dll [bU] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal] @="{C5994560-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}] 2011-06-13 17:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified] @="{C5994561-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}] 2011-06-13 17:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict] @="{C5994562-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}] 2011-06-13 17:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked] @="{C5994563-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}] 2011-06-13 17:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly] @="{C5994564-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}] 2011-06-13 17:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted] @="{C5994565-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}] 2011-06-13 17:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded] @="{C5994566-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}] 2011-06-13 17:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored] @="{C5994567-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}] 2011-06-13 17:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned] @="{C5994568-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}] 2011-06-13 17:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768] . ------- Supplementary Scan ------- . uLocal Page = c:\windows\system32\blank.htm mLocal Page = c:\windows\SysWOW64\blank.htm mStart Page = my.daemon-search.com uInternet Settings,ProxyOverride = 127.0.0.1:9421;<local> Trusted Zone: clonewarsadventures.com Trusted Zone: freerealms.com Trusted Zone: soe.com Trusted Zone: sony.com TCP: DhcpNameServer = 75.75.75.75 75.75.76.76 FF - ProfilePath - c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\k64rwylw.default\ FF - prefs.js: browser.search.selectedEngine - Bing FF - prefs.js: browser.startup.homepage - google FF - user.js: yahoo.ytff.general.dontshowhpoffer - true);user_pref(general.useragent.extra.brc, . . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\pdfcDispatcher] "ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService" . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\Akamai] "ServiceDll"="c:\program files (x86)\common files\akamai/netsession_win_80c2ffa.dll" . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\DRIVER_B] "ImagePath"="\??\c:\windows\system32\Drivers\DRIVER_BIN64" . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\npggsvc] "ImagePath"="c:\windows\system32\GameMon.des -service" . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va005] "ImagePath"="\??\c:\users\Michael\AppData\Local\Temp\005AF0B.tmp" . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va008] "ImagePath"="\??\c:\users\Michael\AppData\Local\Temp\00875CF.tmp" . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\xsherlock] "ImagePath"="c:\windows\system32\xsherlock.xem" . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Other Running Processes ------------------------ . c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe c:\program files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe c:\windows\SysWOW64\PnkBstrA.exe c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE c:\program files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe . ************************************************************************** . Completion time: 2012-07-06 11:24:02 - machine was rebooted ComboFix-quarantined-files.txt 2012-07-06 18:24 ComboFix2.txt 2012-07-06 17:58 ComboFix3.txt 2012-07-06 17:35 . Pre-Run: 1,159,326,605,312 bytes free Post-Run: 1,159,034,683,392 bytes free . - - End Of File - - 347707C6E999A9481D5805FAAAAC1203
  6. My apologies, here is the new Log - MBRCheck, version 1.2.3 © 2010, AD Command-line: Windows Version: Windows 7 Home Premium Edition Windows Information: Service Pack 1 (build 7601), 64-bit Base Board Manufacturer: FOXCONN BIOS Manufacturer: American Megatrends Inc. System Manufacturer: Hewlett-Packard System Product Name: p7-1074 Logical Drives Mask: 0x000003fc Kernel Drivers (total 190): 0x02E4A000 \SystemRoot\system32\ntoskrnl.exe 0x02E01000 \SystemRoot\system32\hal.dll 0x00BCE000 \SystemRoot\system32\kdcom.dll 0x00CF7000 \SystemRoot\system32\mcupdate_AuthenticAMD.dll 0x00D04000 \SystemRoot\system32\PSHED.dll 0x00D18000 \SystemRoot\system32\CLFS.SYS 0x00C00000 \SystemRoot\system32\CI.dll 0x00E96000 \SystemRoot\system32\drivers\Wdf01000.sys 0x00F3A000 \SystemRoot\system32\drivers\WDFLDR.SYS 0x00F49000 \SystemRoot\system32\drivers\ACPI.sys 0x00FA0000 \SystemRoot\system32\drivers\WMILIB.SYS 0x00FA9000 \SystemRoot\system32\drivers\msisadrv.sys 0x00FB3000 \SystemRoot\system32\drivers\pci.sys 0x00FE6000 \SystemRoot\system32\drivers\vdrvroot.sys 0x00E00000 \SystemRoot\System32\drivers\partmgr.sys 0x00E15000 \SystemRoot\system32\drivers\volmgr.sys 0x00E2A000 \SystemRoot\System32\drivers\volmgrx.sys 0x00CC0000 \SystemRoot\System32\drivers\mountmgr.sys 0x00CDA000 \SystemRoot\system32\drivers\amd_sata.sys 0x00D76000 \SystemRoot\system32\drivers\storport.sys 0x00E86000 \SystemRoot\system32\drivers\amd_xata.sys 0x00FF3000 \SystemRoot\system32\drivers\amdxata.sys 0x010AD000 \SystemRoot\system32\drivers\fltmgr.sys 0x010F9000 \SystemRoot\system32\drivers\fileinfo.sys 0x0124C000 \SystemRoot\System32\Drivers\Ntfs.sys 0x0110D000 \SystemRoot\System32\Drivers\msrpc.sys 0x01200000 \SystemRoot\System32\Drivers\ksecdd.sys 0x0116B000 \SystemRoot\System32\Drivers\cng.sys 0x0121B000 \SystemRoot\System32\drivers\pcw.sys 0x0122C000 \SystemRoot\System32\Drivers\Fs_Rec.sys 0x0142D000 \SystemRoot\system32\drivers\ndis.sys 0x01520000 \SystemRoot\system32\drivers\NETIO.SYS 0x01580000 \SystemRoot\System32\Drivers\ksecpkg.sys 0x0161A000 \SystemRoot\System32\drivers\tcpip.sys 0x0181D000 \SystemRoot\System32\drivers\fwpkclnt.sys 0x01867000 \SystemRoot\system32\drivers\volsnap.sys 0x018B3000 \SystemRoot\System32\Drivers\spldr.sys 0x018BB000 \SystemRoot\System32\drivers\rdyboost.sys 0x018F5000 \SystemRoot\System32\Drivers\mup.sys 0x01907000 \SystemRoot\System32\drivers\hwpolicy.sys 0x01910000 \SystemRoot\System32\DRIVERS\fvevol.sys 0x0194A000 \SystemRoot\system32\drivers\disk.sys 0x01960000 \SystemRoot\system32\drivers\CLASSPNP.SYS 0x01990000 \SystemRoot\system32\drivers\AtiPcie64.sys 0x015AB000 \SystemRoot\system32\DRIVERS\dtsoftbus01.sys 0x01400000 \SystemRoot\system32\DRIVERS\cdrom.sys 0x019D9000 \SystemRoot\System32\Drivers\Null.SYS 0x019E2000 \SystemRoot\System32\Drivers\Beep.SYS 0x019E9000 \SystemRoot\System32\drivers\vga.sys 0x01000000 \SystemRoot\System32\drivers\VIDEOPRT.SYS 0x01600000 \SystemRoot\System32\drivers\watchdog.sys 0x01610000 \SystemRoot\System32\DRIVERS\RDPCDD.sys 0x019F7000 \SystemRoot\system32\drivers\rdpencdd.sys 0x015F1000 \SystemRoot\system32\drivers\rdprefmp.sys 0x01236000 \SystemRoot\System32\Drivers\Msfs.SYS 0x013EF000 \SystemRoot\System32\Drivers\Npfs.SYS 0x01025000 \SystemRoot\system32\DRIVERS\tdx.sys 0x01047000 \SystemRoot\system32\DRIVERS\TDI.SYS 0x06611000 \SystemRoot\system32\drivers\afd.sys 0x0669A000 \SystemRoot\System32\DRIVERS\netbt.sys 0x066DF000 \SystemRoot\system32\DRIVERS\wfplwf.sys 0x066E8000 \SystemRoot\system32\DRIVERS\pacer.sys 0x0670E000 \SystemRoot\system32\DRIVERS\vwififlt.sys 0x06724000 \SystemRoot\system32\DRIVERS\netbios.sys 0x06733000 \SystemRoot\system32\DRIVERS\wanarp.sys 0x0674E000 \SystemRoot\system32\drivers\termdd.sys 0x06762000 \SystemRoot\system32\DRIVERS\rdbss.sys 0x067B3000 \SystemRoot\system32\drivers\nsiproxy.sys 0x067BF000 \SystemRoot\system32\drivers\mssmbios.sys 0x067CA000 \SystemRoot\System32\drivers\discache.sys 0x067D9000 \SystemRoot\System32\Drivers\dfsc.sys 0x06600000 \SystemRoot\system32\drivers\blbdrive.sys 0x01054000 \SystemRoot\system32\DRIVERS\tunnel.sys 0x0107A000 \SystemRoot\system32\drivers\amdppm.sys 0x0686A000 \SystemRoot\system32\DRIVERS\atikmpag.sys 0x07267000 \SystemRoot\system32\DRIVERS\atikmdag.sys 0x068C4000 \SystemRoot\System32\drivers\dxgkrnl.sys 0x07D61000 \SystemRoot\System32\drivers\dxgmms1.sys 0x07DA7000 \SystemRoot\system32\DRIVERS\HDAudBus.sys 0x06A67000 \SystemRoot\system32\DRIVERS\netr28x.sys 0x06B6C000 \SystemRoot\system32\DRIVERS\vwifibus.sys 0x06B79000 \SystemRoot\system32\DRIVERS\Rt64win7.sys 0x06BE0000 \SystemRoot\system32\DRIVERS\usbohci.sys 0x06A00000 \SystemRoot\system32\DRIVERS\USBPORT.SYS 0x06A56000 \SystemRoot\system32\drivers\usbfilter.sys 0x06BEB000 \SystemRoot\system32\DRIVERS\usbehci.sys 0x07DCB000 \SystemRoot\system32\drivers\wmiacpi.sys 0x07DD4000 \SystemRoot\system32\drivers\CompositeBus.sys 0x07DE4000 \SystemRoot\system32\DRIVERS\AgileVpn.sys 0x07200000 \SystemRoot\system32\DRIVERS\rasl2tp.sys 0x07224000 \SystemRoot\system32\DRIVERS\ndistapi.sys 0x07230000 \SystemRoot\system32\DRIVERS\ndiswan.sys 0x069B8000 \SystemRoot\system32\DRIVERS\raspppoe.sys 0x069D3000 \SystemRoot\system32\DRIVERS\raspptp.sys 0x06800000 \SystemRoot\system32\DRIVERS\rassstp.sys 0x0681A000 \SystemRoot\system32\DRIVERS\kbdclass.sys 0x06829000 \SystemRoot\system32\DRIVERS\mouclass.sys 0x06BFC000 \SystemRoot\system32\drivers\swenum.sys 0x06CB4000 \SystemRoot\system32\drivers\ks.sys 0x06CF7000 \SystemRoot\system32\DRIVERS\amdiox64.sys 0x06D0B000 \SystemRoot\system32\DRIVERS\umbus.sys 0x06D1D000 \SystemRoot\system32\DRIVERS\usbhub.sys 0x06D77000 \SystemRoot\System32\Drivers\NDProxy.SYS 0x06DA7000 \SystemRoot\system32\drivers\portcls.sys 0x06C00000 \SystemRoot\system32\drivers\drmk.sys 0x06C22000 \SystemRoot\system32\drivers\ksthunk.sys 0x09211000 \SystemRoot\system32\drivers\RTKVHD64.sys 0x09482000 \SystemRoot\system32\DRIVERS\usbccgp.sys 0x0949F000 \SystemRoot\system32\DRIVERS\USBD.SYS 0x00040000 \SystemRoot\System32\win32k.sys 0x094A1000 \SystemRoot\System32\drivers\Dxapi.sys 0x094AD000 \SystemRoot\system32\DRIVERS\hidusb.sys 0x094BB000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS 0x094D4000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS 0x094DD000 \SystemRoot\system32\DRIVERS\mouhid.sys 0x094EA000 \SystemRoot\system32\DRIVERS\USBSTOR.SYS 0x09505000 \SystemRoot\system32\DRIVERS\kbdhid.sys 0x09513000 \SystemRoot\System32\Drivers\crashdmp.sys 0x09521000 \SystemRoot\System32\Drivers\dump_diskdump.sys 0x0952B000 \SystemRoot\System32\Drivers\dump_amd_sata.sys 0x09541000 \SystemRoot\System32\Drivers\dump_dumpfve.sys 0x09554000 \SystemRoot\system32\DRIVERS\monitor.sys 0x00500000 \SystemRoot\System32\TSDDD.dll 0x007D0000 \SystemRoot\System32\cdd.dll 0x00890000 \SystemRoot\System32\ATMFD.DLL 0x09562000 \SystemRoot\system32\drivers\luafv.sys 0x09585000 \SystemRoot\system32\drivers\WudfPf.sys 0x095A6000 \SystemRoot\system32\DRIVERS\lltdio.sys 0x06C28000 \SystemRoot\system32\DRIVERS\nwifi.sys 0x095BB000 \SystemRoot\system32\DRIVERS\ndisuio.sys 0x095CE000 \SystemRoot\system32\DRIVERS\rspndr.sys 0x03AEE000 \SystemRoot\system32\drivers\HTTP.sys 0x03BB7000 \SystemRoot\system32\DRIVERS\bowser.sys 0x03BD5000 \SystemRoot\System32\drivers\mpsdrv.sys 0x03A00000 \SystemRoot\system32\DRIVERS\mrxsmb.sys 0x03A2D000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys 0x03A7B000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys 0x03A9F000 \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys 0x05430000 \SystemRoot\system32\drivers\peauth.sys 0x054D6000 \SystemRoot\System32\Drivers\secdrv.SYS 0x054E1000 \SystemRoot\System32\DRIVERS\srvnet.sys 0x05512000 \SystemRoot\System32\drivers\tcpipreg.sys 0x05524000 \SystemRoot\System32\DRIVERS\srv2.sys 0x08C43000 \SystemRoot\System32\DRIVERS\srv.sys 0x08CDB000 \SystemRoot\system32\DRIVERS\LVPr2M64.sys 0x08CE5000 \SystemRoot\system32\DRIVERS\WUDFRd.sys 0x08D16000 \SystemRoot\system32\DRIVERS\udfs.sys 0x08D6B000 \??\C:\Windows\system32\drivers\mbam.sys 0x08D75000 \??\C:\Users\Michael\AppData\Local\Temp\aswMBR.sys 0x08D84000 \SystemRoot\system32\drivers\AtihdW76.sys 0x773B0000 \Windows\System32\ntdll.dll 0x480D0000 \Windows\System32\smss.exe 0xFF6D0000 \Windows\System32\apisetschema.dll 0xFF910000 \Windows\System32\autochk.exe 0xFF620000 \Windows\System32\comdlg32.dll 0xFF5D0000 \Windows\System32\ws2_32.dll 0xFF500000 \Windows\System32\usp10.dll 0xFF480000 \Windows\System32\difxapi.dll 0x77580000 \Windows\System32\normaliz.dll 0xFF470000 \Windows\System32\lpk.dll 0xFE6E0000 \Windows\System32\shell32.dll 0xFE5D0000 \Windows\System32\msctf.dll 0xFE5A0000 \Windows\System32\imm32.dll 0x77570000 \Windows\System32\psapi.dll 0x771A0000 \Windows\System32\iertutil.dll 0xFE580000 \Windows\System32\imagehlp.dll 0xFE370000 \Windows\System32\ole32.dll 0xFE240000 \Windows\System32\rpcrt4.dll 0xFE060000 \Windows\System32\setupapi.dll 0x770A0000 \Windows\System32\user32.dll 0x76F40000 \Windows\System32\wininet.dll 0xFDFE0000 \Windows\System32\shlwapi.dll 0xFDF40000 \Windows\System32\clbcatq.dll 0x76DF0000 \Windows\System32\urlmon.dll 0xFDE60000 \Windows\System32\advapi32.dll 0xFDDC0000 \Windows\System32\msvcrt.dll 0x76CD0000 \Windows\System32\kernel32.dll 0xFDD50000 \Windows\System32\gdi32.dll 0xFDD40000 \Windows\System32\nsi.dll 0xFDCE0000 \Windows\System32\Wldap32.dll 0xFDC00000 \Windows\System32\oleaut32.dll 0xFDBE0000 \Windows\System32\sechost.dll 0xFDBA0000 \Windows\System32\cfgmgr32.dll 0xFDB00000 \Windows\System32\comctl32.dll 0xFD990000 \Windows\System32\crypt32.dll 0xFD970000 \Windows\System32\devobj.dll 0xFD930000 \Windows\System32\wintrust.dll 0xFD8C0000 \Windows\System32\KernelBase.dll 0xFD8B0000 \Windows\System32\msasn1.dll 0x76190000 \Windows\SysWOW64\normaliz.dll Processes (total 80): 0 System Idle Process 4 System 256 C:\Windows\System32\smss.exe 396 csrss.exe 476 csrss.exe 484 C:\Windows\System32\wininit.exe 524 C:\Windows\System32\winlogon.exe 580 C:\Windows\System32\services.exe 588 C:\Windows\System32\lsass.exe 596 C:\Windows\System32\lsm.exe 692 C:\Windows\System32\svchost.exe 772 C:\Windows\System32\svchost.exe 864 C:\Windows\System32\atiesrxx.exe 904 C:\Windows\System32\svchost.exe 940 C:\Windows\System32\svchost.exe 964 C:\Windows\System32\svchost.exe 416 C:\Windows\System32\svchost.exe 788 C:\Windows\System32\svchost.exe 1216 C:\Windows\System32\atieclxx.exe 1328 C:\Windows\System32\spoolsv.exe 1364 C:\Windows\System32\svchost.exe 1544 C:\Windows\SysWOW64\svchost.exe 1576 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe 1636 C:\Windows\System32\svchost.exe 1660 C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe 1748 C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe 1800 C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe 1860 C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe 1896 C:\Program Files (x86)\PDF Complete\pdfsvc.exe 1904 LVPrS64H.exe 2012 C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe 1140 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 1516 C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe 1556 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE 1884 C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe 2524 WUDFHost.exe 2636 C:\Windows\System32\svchost.exe 2876 C:\Windows\System32\taskhost.exe 2952 C:\Windows\System32\dwm.exe 3004 C:\Windows\explorer.exe 2864 C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe 3220 C:\Program Files\TortoiseSVN\bin\TSVNCache.exe 3248 C:\Program Files (x86)\CrossriderWebApps\Crossrider.exe 3324 C:\Users\Michael\AppData\Local\Akamai\netsession_win.exe 3576 C:\Users\Michael\AppData\Local\Akamai\netsession_win.exe 3608 C:\Windows\System32\SearchIndexer.exe 3620 C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe 3708 C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe 3796 C:\Program Files (x86)\Winamp\winampa.exe 3844 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe 3972 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe 4000 C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe 3716 C:\Program Files\Windows Media Player\wmpnetwk.exe 1000 C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe 4656 C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\agent.exe 4524 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe 4672 C:\Windows\System32\svchost.exe 1032 C:\Windows\System32\svchost.exe 2652 dllhost.exe 4444 C:\Program Files (x86)\Steam\Steam.exe 3940 C:\Program Files (x86)\Common Files\Steam\SteamService.exe 5012 C:\Program Files\TortoiseSVN\bin\TSVNCache.exe 3376 C:\Windows\SysWOW64\PnkBstrA.exe 2344 C:\Windows\System32\taskhost.exe 8868 C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE 8872 C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe 8848 C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe 9484 C:\Windows\SysWOW64\PnkBstrB.exe 5124 C:\Program Files (x86)\Mozilla Firefox\firefox.exe 3232 C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe 4312 C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_262.exe 5404 C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_262.exe 8932 C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe 6580 C:\Windows\System32\audiodg.exe 4504 C:\Windows\System32\dllhost.exe 7352 C:\Windows\System32\dllhost.exe 2480 C:\Windows\System32\SearchProtocolHost.exe 7036 C:\Windows\System32\SearchFilterHost.exe 5668 C:\Users\Michael\Desktop\MBRCheck.exe 8172 C:\Windows\System32\conhost.exe \\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`06500000 (NTFS) \\.\D: --> \\.\PhysicalDrive0 at offset 0x0000015a`82f00000 (NTFS) PhysicalDrive0 Model Number: WDCWD15EARS-60MVWB0, Rev: 51.0AB51 Size Device Name MBR Status -------------------------------------------- 1397 GB \\.\PhysicalDrive0 Windows 7 MBR code detected SHA1: F37A9776F0E98E38BD78E91425829D97888CEEFC Done!
  7. Here is the MBRCheck Log - MBRCheck, version 1.2.3 © 2010, AD Command-line: Windows Version: Windows 7 Home Premium Edition Windows Information: Service Pack 1 (build 7601), 64-bit Base Board Manufacturer: FOXCONN BIOS Manufacturer: American Megatrends Inc. System Manufacturer: Hewlett-Packard System Product Name: p7-1074 Logical Drives Mask: 0x000003fc Kernel Drivers (total 190): 0x02E4A000 \SystemRoot\system32\ntoskrnl.exe 0x02E01000 \SystemRoot\system32\hal.dll 0x00BCE000 \SystemRoot\system32\kdcom.dll 0x00CF7000 \SystemRoot\system32\mcupdate_AuthenticAMD.dll 0x00D04000 \SystemRoot\system32\PSHED.dll 0x00D18000 \SystemRoot\system32\CLFS.SYS 0x00C00000 \SystemRoot\system32\CI.dll 0x00E96000 \SystemRoot\system32\drivers\Wdf01000.sys 0x00F3A000 \SystemRoot\system32\drivers\WDFLDR.SYS 0x00F49000 \SystemRoot\system32\drivers\ACPI.sys 0x00FA0000 \SystemRoot\system32\drivers\WMILIB.SYS 0x00FA9000 \SystemRoot\system32\drivers\msisadrv.sys 0x00FB3000 \SystemRoot\system32\drivers\pci.sys 0x00FE6000 \SystemRoot\system32\drivers\vdrvroot.sys 0x00E00000 \SystemRoot\System32\drivers\partmgr.sys 0x00E15000 \SystemRoot\system32\drivers\volmgr.sys 0x00E2A000 \SystemRoot\System32\drivers\volmgrx.sys 0x00CC0000 \SystemRoot\System32\drivers\mountmgr.sys 0x00CDA000 \SystemRoot\system32\drivers\amd_sata.sys 0x00D76000 \SystemRoot\system32\drivers\storport.sys 0x00E86000 \SystemRoot\system32\drivers\amd_xata.sys 0x00FF3000 \SystemRoot\system32\drivers\amdxata.sys 0x010AD000 \SystemRoot\system32\drivers\fltmgr.sys 0x010F9000 \SystemRoot\system32\drivers\fileinfo.sys 0x0124C000 \SystemRoot\System32\Drivers\Ntfs.sys 0x0110D000 \SystemRoot\System32\Drivers\msrpc.sys 0x01200000 \SystemRoot\System32\Drivers\ksecdd.sys 0x0116B000 \SystemRoot\System32\Drivers\cng.sys 0x0121B000 \SystemRoot\System32\drivers\pcw.sys 0x0122C000 \SystemRoot\System32\Drivers\Fs_Rec.sys 0x0142D000 \SystemRoot\system32\drivers\ndis.sys 0x01520000 \SystemRoot\system32\drivers\NETIO.SYS 0x01580000 \SystemRoot\System32\Drivers\ksecpkg.sys 0x0161A000 \SystemRoot\System32\drivers\tcpip.sys 0x0181D000 \SystemRoot\System32\drivers\fwpkclnt.sys 0x01867000 \SystemRoot\system32\drivers\volsnap.sys 0x018B3000 \SystemRoot\System32\Drivers\spldr.sys 0x018BB000 \SystemRoot\System32\drivers\rdyboost.sys 0x018F5000 \SystemRoot\System32\Drivers\mup.sys 0x01907000 \SystemRoot\System32\drivers\hwpolicy.sys 0x01910000 \SystemRoot\System32\DRIVERS\fvevol.sys 0x0194A000 \SystemRoot\system32\drivers\disk.sys 0x01960000 \SystemRoot\system32\drivers\CLASSPNP.SYS 0x01990000 \SystemRoot\system32\drivers\AtiPcie64.sys 0x015AB000 \SystemRoot\system32\DRIVERS\dtsoftbus01.sys 0x01400000 \SystemRoot\system32\DRIVERS\cdrom.sys 0x019D9000 \SystemRoot\System32\Drivers\Null.SYS 0x019E2000 \SystemRoot\System32\Drivers\Beep.SYS 0x019E9000 \SystemRoot\System32\drivers\vga.sys 0x01000000 \SystemRoot\System32\drivers\VIDEOPRT.SYS 0x01600000 \SystemRoot\System32\drivers\watchdog.sys 0x01610000 \SystemRoot\System32\DRIVERS\RDPCDD.sys 0x019F7000 \SystemRoot\system32\drivers\rdpencdd.sys 0x015F1000 \SystemRoot\system32\drivers\rdprefmp.sys 0x01236000 \SystemRoot\System32\Drivers\Msfs.SYS 0x013EF000 \SystemRoot\System32\Drivers\Npfs.SYS 0x01025000 \SystemRoot\system32\DRIVERS\tdx.sys 0x01047000 \SystemRoot\system32\DRIVERS\TDI.SYS 0x06611000 \SystemRoot\system32\drivers\afd.sys 0x0669A000 \SystemRoot\System32\DRIVERS\netbt.sys 0x066DF000 \SystemRoot\system32\DRIVERS\wfplwf.sys 0x066E8000 \SystemRoot\system32\DRIVERS\pacer.sys 0x0670E000 \SystemRoot\system32\DRIVERS\vwififlt.sys 0x06724000 \SystemRoot\system32\DRIVERS\netbios.sys 0x06733000 \SystemRoot\system32\DRIVERS\wanarp.sys 0x0674E000 \SystemRoot\system32\drivers\termdd.sys 0x06762000 \SystemRoot\system32\DRIVERS\rdbss.sys 0x067B3000 \SystemRoot\system32\drivers\nsiproxy.sys 0x067BF000 \SystemRoot\system32\drivers\mssmbios.sys 0x067CA000 \SystemRoot\System32\drivers\discache.sys 0x067D9000 \SystemRoot\System32\Drivers\dfsc.sys 0x06600000 \SystemRoot\system32\drivers\blbdrive.sys 0x01054000 \SystemRoot\system32\DRIVERS\tunnel.sys 0x0107A000 \SystemRoot\system32\drivers\amdppm.sys 0x0686A000 \SystemRoot\system32\DRIVERS\atikmpag.sys 0x07267000 \SystemRoot\system32\DRIVERS\atikmdag.sys 0x068C4000 \SystemRoot\System32\drivers\dxgkrnl.sys 0x07D61000 \SystemRoot\System32\drivers\dxgmms1.sys 0x07DA7000 \SystemRoot\system32\DRIVERS\HDAudBus.sys 0x06A67000 \SystemRoot\system32\DRIVERS\netr28x.sys 0x06B6C000 \SystemRoot\system32\DRIVERS\vwifibus.sys 0x06B79000 \SystemRoot\system32\DRIVERS\Rt64win7.sys 0x06BE0000 \SystemRoot\system32\DRIVERS\usbohci.sys 0x06A00000 \SystemRoot\system32\DRIVERS\USBPORT.SYS 0x06A56000 \SystemRoot\system32\drivers\usbfilter.sys 0x06BEB000 \SystemRoot\system32\DRIVERS\usbehci.sys 0x07DCB000 \SystemRoot\system32\drivers\wmiacpi.sys 0x07DD4000 \SystemRoot\system32\drivers\CompositeBus.sys 0x07DE4000 \SystemRoot\system32\DRIVERS\AgileVpn.sys 0x07200000 \SystemRoot\system32\DRIVERS\rasl2tp.sys 0x07224000 \SystemRoot\system32\DRIVERS\ndistapi.sys 0x07230000 \SystemRoot\system32\DRIVERS\ndiswan.sys 0x069B8000 \SystemRoot\system32\DRIVERS\raspppoe.sys 0x069D3000 \SystemRoot\system32\DRIVERS\raspptp.sys 0x06800000 \SystemRoot\system32\DRIVERS\rassstp.sys 0x0681A000 \SystemRoot\system32\DRIVERS\kbdclass.sys 0x06829000 \SystemRoot\system32\DRIVERS\mouclass.sys 0x06BFC000 \SystemRoot\system32\drivers\swenum.sys 0x06CB4000 \SystemRoot\system32\drivers\ks.sys 0x06CF7000 \SystemRoot\system32\DRIVERS\amdiox64.sys 0x06D0B000 \SystemRoot\system32\DRIVERS\umbus.sys 0x06D1D000 \SystemRoot\system32\DRIVERS\usbhub.sys 0x06D77000 \SystemRoot\System32\Drivers\NDProxy.SYS 0x06DA7000 \SystemRoot\system32\drivers\portcls.sys 0x06C00000 \SystemRoot\system32\drivers\drmk.sys 0x06C22000 \SystemRoot\system32\drivers\ksthunk.sys 0x09211000 \SystemRoot\system32\drivers\RTKVHD64.sys 0x09482000 \SystemRoot\system32\DRIVERS\usbccgp.sys 0x0949F000 \SystemRoot\system32\DRIVERS\USBD.SYS 0x00040000 \SystemRoot\System32\win32k.sys 0x094A1000 \SystemRoot\System32\drivers\Dxapi.sys 0x094AD000 \SystemRoot\system32\DRIVERS\hidusb.sys 0x094BB000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS 0x094D4000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS 0x094DD000 \SystemRoot\system32\DRIVERS\mouhid.sys 0x094EA000 \SystemRoot\system32\DRIVERS\USBSTOR.SYS 0x09505000 \SystemRoot\system32\DRIVERS\kbdhid.sys 0x09513000 \SystemRoot\System32\Drivers\crashdmp.sys 0x09521000 \SystemRoot\System32\Drivers\dump_diskdump.sys 0x0952B000 \SystemRoot\System32\Drivers\dump_amd_sata.sys 0x09541000 \SystemRoot\System32\Drivers\dump_dumpfve.sys 0x09554000 \SystemRoot\system32\DRIVERS\monitor.sys 0x00500000 \SystemRoot\System32\TSDDD.dll 0x007D0000 \SystemRoot\System32\cdd.dll 0x00890000 \SystemRoot\System32\ATMFD.DLL 0x09562000 \SystemRoot\system32\drivers\luafv.sys 0x09585000 \SystemRoot\system32\drivers\WudfPf.sys 0x095A6000 \SystemRoot\system32\DRIVERS\lltdio.sys 0x06C28000 \SystemRoot\system32\DRIVERS\nwifi.sys 0x095BB000 \SystemRoot\system32\DRIVERS\ndisuio.sys 0x095CE000 \SystemRoot\system32\DRIVERS\rspndr.sys 0x03AEE000 \SystemRoot\system32\drivers\HTTP.sys 0x03BB7000 \SystemRoot\system32\DRIVERS\bowser.sys 0x03BD5000 \SystemRoot\System32\drivers\mpsdrv.sys 0x03A00000 \SystemRoot\system32\DRIVERS\mrxsmb.sys 0x03A2D000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys 0x03A7B000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys 0x03A9F000 \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys 0x05430000 \SystemRoot\system32\drivers\peauth.sys 0x054D6000 \SystemRoot\System32\Drivers\secdrv.SYS 0x054E1000 \SystemRoot\System32\DRIVERS\srvnet.sys 0x05512000 \SystemRoot\System32\drivers\tcpipreg.sys 0x05524000 \SystemRoot\System32\DRIVERS\srv2.sys 0x08C43000 \SystemRoot\System32\DRIVERS\srv.sys 0x08CDB000 \SystemRoot\system32\DRIVERS\LVPr2M64.sys 0x08CE5000 \SystemRoot\system32\DRIVERS\WUDFRd.sys 0x08D16000 \SystemRoot\system32\DRIVERS\udfs.sys 0x08D6B000 \??\C:\Windows\system32\drivers\mbam.sys 0x08D75000 \??\C:\Users\Michael\AppData\Local\Temp\aswMBR.sys 0x08DD5000 \SystemRoot\system32\drivers\AtihdW76.sys 0x773B0000 \Windows\System32\ntdll.dll 0x480D0000 \Windows\System32\smss.exe 0xFF6D0000 \Windows\System32\apisetschema.dll 0xFF910000 \Windows\System32\autochk.exe 0xFF620000 \Windows\System32\comdlg32.dll 0xFF5D0000 \Windows\System32\ws2_32.dll 0xFF500000 \Windows\System32\usp10.dll 0xFF480000 \Windows\System32\difxapi.dll 0x77580000 \Windows\System32\normaliz.dll 0xFF470000 \Windows\System32\lpk.dll 0xFE6E0000 \Windows\System32\shell32.dll 0xFE5D0000 \Windows\System32\msctf.dll 0xFE5A0000 \Windows\System32\imm32.dll 0x77570000 \Windows\System32\psapi.dll 0x771A0000 \Windows\System32\iertutil.dll 0xFE580000 \Windows\System32\imagehlp.dll 0xFE370000 \Windows\System32\ole32.dll 0xFE240000 \Windows\System32\rpcrt4.dll 0xFE060000 \Windows\System32\setupapi.dll 0x770A0000 \Windows\System32\user32.dll 0x76F40000 \Windows\System32\wininet.dll 0xFDFE0000 \Windows\System32\shlwapi.dll 0xFDF40000 \Windows\System32\clbcatq.dll 0x76DF0000 \Windows\System32\urlmon.dll 0xFDE60000 \Windows\System32\advapi32.dll 0xFDDC0000 \Windows\System32\msvcrt.dll 0x76CD0000 \Windows\System32\kernel32.dll 0xFDD50000 \Windows\System32\gdi32.dll 0xFDD40000 \Windows\System32\nsi.dll 0xFDCE0000 \Windows\System32\Wldap32.dll 0xFDC00000 \Windows\System32\oleaut32.dll 0xFDBE0000 \Windows\System32\sechost.dll 0xFDBA0000 \Windows\System32\cfgmgr32.dll 0xFDB00000 \Windows\System32\comctl32.dll 0xFD990000 \Windows\System32\crypt32.dll 0xFD970000 \Windows\System32\devobj.dll 0xFD930000 \Windows\System32\wintrust.dll 0xFD8C0000 \Windows\System32\KernelBase.dll 0xFD8B0000 \Windows\System32\msasn1.dll 0x76190000 \Windows\SysWOW64\normaliz.dll Processes (total 80): 0 System Idle Process 4 System 256 C:\Windows\System32\smss.exe 396 csrss.exe 476 csrss.exe 484 C:\Windows\System32\wininit.exe 524 C:\Windows\System32\winlogon.exe 580 C:\Windows\System32\services.exe 588 C:\Windows\System32\lsass.exe 596 C:\Windows\System32\lsm.exe 692 C:\Windows\System32\svchost.exe 772 C:\Windows\System32\svchost.exe 864 C:\Windows\System32\atiesrxx.exe 904 C:\Windows\System32\svchost.exe 940 C:\Windows\System32\svchost.exe 964 C:\Windows\System32\svchost.exe 416 C:\Windows\System32\svchost.exe 788 C:\Windows\System32\svchost.exe 1216 C:\Windows\System32\atieclxx.exe 1328 C:\Windows\System32\spoolsv.exe 1364 C:\Windows\System32\svchost.exe 1544 C:\Windows\SysWOW64\svchost.exe 1576 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe 1636 C:\Windows\System32\svchost.exe 1660 C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe 1748 C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe 1800 C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe 1860 C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe 1896
  8. aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software Run date: 2012-07-04 10:44:10 ----------------------------- 10:44:10.434 OS Version: Windows x64 6.1.7601 Service Pack 1 10:44:10.434 Number of processors: 4 586 0xA00 10:44:10.435 ComputerName: MICHAEL-HP UserName: Michael 10:44:14.398 Initialize success 10:44:34.662 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000056 10:44:34.666 Disk 0 Vendor: WDC_WD15 51.0 Size: 1430799MB BusType: 11 10:44:34.690 Disk 0 MBR read successfully 10:44:34.695 Disk 0 MBR scan 10:44:34.700 Disk 0 unknown MBR code 10:44:34.706 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048 10:44:34.712 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 1419210 MB offset 206848 10:44:34.743 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 11487 MB offset 2906748928 10:44:34.775 Disk 0 scanning C:\Windows\system32\drivers 10:44:40.322 Service scanning 10:44:51.304 Modules scanning 10:44:51.321 Disk 0 trace - called modules: 10:44:51.345 ntoskrnl.exe CLASSPNP.SYS disk.sys amd_xata.sys storport.sys hal.dll amd_sata.sys 10:44:51.354 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8006dc5790] 10:44:51.367 3 CLASSPNP.SYS[fffff8800196143f] -> nt!IofCallDriver -> [0xfffffa8006d07ac0] 10:44:51.379 5 amd_xata.sys[fffff88000e878b4] -> nt!IofCallDriver -> \Device\00000056[0xfffffa8006d029c0] 10:44:51.390 Scan finished successfully 10:45:22.390 Disk 0 MBR has been saved successfully to "C:\Users\Michael\Desktop\MBR.dat" 10:45:22.394 The log file has been saved successfully to "C:\Users\Michael\Desktop\aswMBR.txt" aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software Run date: 2012-07-04 18:35:15 ----------------------------- 18:35:15.015 OS Version: Windows x64 6.1.7601 Service Pack 1 18:35:15.015 Number of processors: 4 586 0xA00 18:35:15.016 ComputerName: MICHAEL-HP UserName: Michael 18:35:17.716 Initialize success 18:35:22.503 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000056 18:35:22.508 Disk 0 Vendor: WDC_WD15 51.0 Size: 1430799MB BusType: 11 18:35:22.530 Disk 0 MBR read successfully 18:35:22.536 Disk 0 MBR scan 18:35:22.541 Disk 0 unknown MBR code 18:35:22.547 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048 18:35:22.563 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 1419210 MB offset 206848 18:35:22.596 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 11487 MB offset 2906748928 18:35:22.633 Disk 0 scanning C:\Windows\system32\drivers 18:35:29.172 Service scanning 18:35:40.692 Modules scanning 18:35:40.709 Disk 0 trace - called modules: 18:35:40.733 ntoskrnl.exe CLASSPNP.SYS disk.sys amd_xata.sys storport.sys hal.dll amd_sata.sys 18:35:40.742 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8006dc5790] 18:35:41.086 3 CLASSPNP.SYS[fffff8800196143f] -> nt!IofCallDriver -> [0xfffffa8006d07ac0] 18:35:41.098 5 amd_xata.sys[fffff88000e878b4] -> nt!IofCallDriver -> \Device\00000056[0xfffffa8006d029c0] 18:35:41.111 Scan finished successfully 18:36:34.772 Verifying 18:36:44.783 Disk 0 Windows 601 MBR fixed successfully 18:36:56.875 Disk 0 MBR has been saved successfully to "C:\Users\Michael\Desktop\MBR.dat" 18:36:56.941 The log file has been saved successfully to "C:\Users\Michael\Desktop\aswMBR.txt"
  9. Well, the issue appears to have stopped, but I'm going to go ahead and post both of the logs anyway, just in case. MBAM Log - Malwarebytes Anti-Malware 1.61.0.1400 www.malwarebytes.org Database version: v2012.07.04.05 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Michael :: MICHAEL-HP [administrator] Protection: Enabled 7/4/2012 10:37:20 AM mbam-log-2012-07-04 (10-37-20).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 216170 Time elapsed: 4 minute(s), 12 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) aswMBR Log - aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software Run date: 2012-07-04 10:44:10 ----------------------------- 10:44:10.434 OS Version: Windows x64 6.1.7601 Service Pack 1 10:44:10.434 Number of processors: 4 586 0xA00 10:44:10.435 ComputerName: MICHAEL-HP UserName: Michael 10:44:14.398 Initialize success 10:44:34.662 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000056 10:44:34.666 Disk 0 Vendor: WDC_WD15 51.0 Size: 1430799MB BusType: 11 10:44:34.690 Disk 0 MBR read successfully 10:44:34.695 Disk 0 MBR scan 10:44:34.700 Disk 0 unknown MBR code 10:44:34.706 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048 10:44:34.712 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 1419210 MB offset 206848 10:44:34.743 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 11487 MB offset 2906748928 10:44:34.775 Disk 0 scanning C:\Windows\system32\drivers 10:44:40.322 Service scanning 10:44:51.304 Modules scanning 10:44:51.321 Disk 0 trace - called modules: 10:44:51.345 ntoskrnl.exe CLASSPNP.SYS disk.sys amd_xata.sys storport.sys hal.dll amd_sata.sys 10:44:51.354 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8006dc5790] 10:44:51.367 3 CLASSPNP.SYS[fffff8800196143f] -> nt!IofCallDriver -> [0xfffffa8006d07ac0] 10:44:51.379 5 amd_xata.sys[fffff88000e878b4] -> nt!IofCallDriver -> \Device\00000056[0xfffffa8006d029c0] 10:44:51.390 Scan finished successfully 10:45:22.390 Disk 0 MBR has been saved successfully to "C:\Users\Michael\Desktop\MBR.dat" 10:45:22.394 The log file has been saved successfully to "C:\Users\Michael\Desktop\aswMBR.txt" Sorry if this has been a waste of your time, and I appreciate your help either way.
  10. As the topic states, Malwarebytes is blocking something from Svchost. It comes up every 30-60 seconds or so, and it just started happening after I restarted my computer. Here is the DDS Log - . DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_29 Run by Michael at 23:19:49 on 2012-07-03 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8191.6217 [GMT -7:00] . SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\atieclxx.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\SysWOW64\svchost.exe -k Akamai C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe C:\Program Files (x86)\PDF Complete\pdfsvc.exe C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe C:\Windows\SysWOW64\PnkBstrA.exe C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe C:\Windows\system32\WUDFHost.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe C:\Program Files\TortoiseSVN\bin\TSVNCache.exe C:\Program Files (x86)\CrossriderWebApps\Crossrider.exe C:\Users\Michael\AppData\Local\Akamai\netsession_win.exe C:\Users\Michael\AppData\Local\Akamai\netsession_win.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe C:\Program Files (x86)\Winamp\winampa.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files\Windows Media Player\wmpnetwk.exe c:\program files (x86)\common files\installshield\updateservice\isuspm.exe C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\agent.exe C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Windows\System32\svchost.exe -k secsvcs C:\Windows\system32\DllHost.exe C:\Program Files (x86)\Steam\Steam.exe C:\Program Files (x86)\Common Files\Steam\SteamService.exe C:\Windows\system32\taskeng.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_262.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_262.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . mStart Page = my.daemon-search.com uInternet Settings,ProxyOverride = 127.0.0.1:9421;<local> mWinlogon: Userinit=userinit.exe, BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll BHO: CrossRider: {a876e312-7d08-401a-b7a6-fafc5dc2f292} - C:\Program Files (x86)\CrossriderWebApps\Crossrider.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll TB: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File TB: {32099AAC-C132-4136-9E9A-4E364A424E17} - No File uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background uRun: [CrossRiderPlugin] C:\Program Files (x86)\CrossriderWebApps\Crossrider.exe uRun: [Akamai NetSession Interface] "C:\Users\Michael\AppData\Local\Akamai\netsession_win.exe" uRun: [iSUSPM Startup] C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup mRun: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe mRun: [<NO NAME>] mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray mRun: [iSUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start mRun: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll Trusted Zone: clonewarsadventures.com Trusted Zone: freerealms.com Trusted Zone: soe.com Trusted Zone: sony.com DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab DPF: {99CAAA27-FA0C-4FA4-B88A-4AB1CC7A17FE} - hxxp://www.netgame.com/mplugin/mglaunch_USAv1005.cab DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab TCP: DhcpNameServer = 75.75.75.75 75.75.76.76 TCP: Interfaces\{8D032D16-3E82-4422-9DD9-4E869A6A4A15} : DhcpNameServer = 75.75.75.75 75.75.76.76 TCP: Interfaces\{8D032D16-3E82-4422-9DD9-4E869A6A4A15}\2456C6B696E6F574F575962756C6563737F5037343344364 : DhcpNameServer = 192.168.2.1 TCP: Interfaces\{8D032D16-3E82-4422-9DD9-4E869A6A4A15}\26562747 : DhcpNameServer = 192.168.1.1 TCP: Interfaces\{8D032D16-3E82-4422-9DD9-4E869A6A4A15}\84F4D454D234546423 : DhcpNameServer = 75.75.75.75 75.75.76.76 TCP: Interfaces\{8D032D16-3E82-4422-9DD9-4E869A6A4A15}\A4C616577686C696E6 : DhcpNameServer = 192.168.1.1 TCP: Interfaces\{8D032D16-3E82-4422-9DD9-4E869A6A4A15}\F43736162737845616461757162747562737D27657563747 : DhcpNameServer = 75.75.75.75 75.75.76.76 Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll BHO-X64: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File BHO-X64: 0x1 - No File BHO-X64: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll BHO-X64: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll BHO-X64: Increase performance and video formats for your HTML5 <video> - No File BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll BHO-X64: CrossRider: {A876E312-7D08-401a-B7A6-FAFC5DC2F292} - C:\Program Files (x86)\CrossriderWebApps\Crossrider.dll BHO-X64: CrossRider - No File BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll TB-X64: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File TB-X64: {32099AAC-C132-4136-9E9A-4E364A424E17} - No File mRun-x64: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe mRun-x64: [(Default)] mRun-x64: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray mRun-x64: [iSUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start mRun-x64: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\k64rwylw.default\ FF - prefs.js: browser.search.selectedEngine - Bing FF - prefs.js: browser.startup.homepage - google FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll FF - plugin: C:\Program Files (x86)\IAHgames\Playfast\npiahpd.dll FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\NPMFireLauncher.dll FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll FF - plugin: C:\Program Files (x86)\WEBZEN\BrowserExtension\NPWZCmnCtrl.dll FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\4\NP_wtapp.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll FF - plugin: C:\Users\Michael\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll FF - plugin: C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\k64rwylw.default\extensions\{000F1EA4-5E08-4564-A29B-29076F63A37A}\plugins\npsoe.dll FF - plugin: C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\k64rwylw.default\extensions\ietab@ip.cn\plugins\npCoralIETab.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_233.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll . ---- FIREFOX POLICIES ---- FF - user.js: yahoo.ytff.general.dontshowhpoffer - true);user_pref(general.useragent.extra.brc, . ============= SERVICES / DRIVERS =============== . R0 amd_sata;amd_sata;C:\Windows\system32\drivers\amd_sata.sys --> C:\Windows\system32\drivers\amd_sata.sys [?] R0 amd_xata;amd_xata;C:\Windows\system32\drivers\amd_xata.sys --> C:\Windows\system32\drivers\amd_xata.sys [?] R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\system32\DRIVERS\dtsoftbus01.sys --> C:\Windows\system32\DRIVERS\dtsoftbus01.sys [?] R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?] R2 Akamai;Akamai NetSession Interface;C:\Windows\System32\svchost.exe -k Akamai [2009-7-13 20992] R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?] R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-4-5 361984] R2 AODDriver4.01;AODDriver4.01;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2012-3-5 53888] R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168] R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-1-25 92216] R2 LVPrcS64;Process Monitor;C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe [2009-10-7 191000] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-4-24 654408] R2 pdfcDispatcher;PDF Document Manager;C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2011-5-26 1127448] R2 RoxioNow Service;RoxioNow Service;C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe [2010-11-26 399344] R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2012-5-23 1153368] R3 amdiox64;AMD IO Driver;C:\Windows\system32\DRIVERS\amdiox64.sys --> C:\Windows\system32\DRIVERS\amdiox64.sys [?] R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?] R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?] R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\system32\drivers\AtihdW76.sys --> C:\Windows\system32\drivers\AtihdW76.sys [?] R3 LVPr2M64;Logitech LVPr2M64 Driver;C:\Windows\system32\DRIVERS\LVPr2M64.sys --> C:\Windows\system32\DRIVERS\LVPr2M64.sys [?] R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?] R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\system32\DRIVERS\netr28x.sys --> C:\Windows\system32\DRIVERS\netr28x.sys [?] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?] R3 usbfilter;AMD USB Filter Driver;C:\Windows\system32\drivers\usbfilter.sys --> C:\Windows\system32\drivers\usbfilter.sys [?] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-1-31 158856] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-12 250056] S3 DRIVER_B;DRIVER_B;\??\C:\Windows\system32\Drivers\DRIVER_BIN64 --> C:\Windows\system32\Drivers\DRIVER_BIN64 [?] S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072] S3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\system32\DRIVERS\lvrs64.sys --> C:\Windows\system32\DRIVERS\lvrs64.sys [?] S3 LVUVC64;Logitech QuickCam E3500(UVC);C:\Windows\system32\DRIVERS\lvuvc64.sys --> C:\Windows\system32\DRIVERS\lvuvc64.sys [?] S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-5-1 113120] S3 npggsvc;nProtect GameGuard Service;C:\Windows\system32\GameMon.des -service --> C:\Windows\system32\GameMon.des -service [?] S3 tapoas;TAP-Win32 Adapter OAS;C:\Windows\system32\DRIVERS\tapoas.sys --> C:\Windows\system32\DRIVERS\tapoas.sys [?] S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?] S3 vproiah;vproiah;C:\Windows\system32\DRIVERS\vproiah.sys --> C:\Windows\system32\DRIVERS\vproiah.sys [?] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?] S3 xsherlock;xsherlock;C:\Windows\System32\xsherlock.xem [2012-2-12 673296] S3 YMIDUSBW;Yamaha USB-MIDI Driver (WDM);C:\Windows\system32\drivers\ymidusbx64.sys --> C:\Windows\system32\drivers\ymidusbx64.sys [?] S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184] . =============== Created Last 30 ================ . 2100-01-01 05:42:07 -------- d-----w- C:\Users\Michael\AppData\Local\{A3D0E86C-2FB6-4C68-8C64-433BEFF71828} 2100-01-01 05:41:56 -------- d-----w- C:\Users\Michael\AppData\Local\{53A18179-8AD2-4ABD-9C2C-815918790A19} 2099-12-31 23:34:53 -------- d-----w- C:\Users\Michael\AppData\Local\{EB6FF9E3-D42F-4AD9-B373-FDBE4CF0DFD4} 2012-07-03 19:22:58 -------- d-----w- C:\Users\Michael\AppData\Local\{32CC01AC-81CD-4653-8500-B7BFE16F54CE} 2012-07-03 19:22:47 -------- d-----w- C:\Users\Michael\AppData\Local\{89BC27EB-24A8-4869-9D08-A1B3304CB0A9} 2012-07-03 11:33:26 69000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{A9F3D709-4FF4-4FC3-91BC-5E6F588836A6}\offreg.dll 2012-07-03 11:32:27 9013136 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{A9F3D709-4FF4-4FC3-91BC-5E6F588836A6}\mpengine.dll 2012-07-03 07:22:33 -------- d-----w- C:\Users\Michael\AppData\Local\{ED7B9221-46BB-447F-9CA8-46FD0695C864} 2012-07-03 07:22:22 -------- d-----w- C:\Users\Michael\AppData\Local\{9FBDF03A-E1AA-4516-BC6C-0E7E6DD26A06} 2012-07-02 19:21:58 -------- d-----w- C:\Users\Michael\AppData\Local\{204ED4AB-C68A-4805-B1C4-87DAC7210B74} 2012-07-02 19:21:48 -------- d-----w- C:\Users\Michael\AppData\Local\{164E7147-0B4C-4202-979D-402ACAC80638} 2012-07-02 07:21:36 -------- d-----w- C:\Users\Michael\AppData\Local\{AAA9B860-7270-4216-A487-5F3DC4B29087} 2012-07-02 07:21:26 -------- d-----w- C:\Users\Michael\AppData\Local\{5217FD70-FB36-4A14-B00D-16038A185149} 2012-07-01 19:21:15 -------- d-----w- C:\Users\Michael\AppData\Local\{69457E85-AB83-4DFC-AB32-93EB66FD0995} 2012-07-01 19:21:05 -------- d-----w- C:\Users\Michael\AppData\Local\{29C430DA-0A75-4B11-AE02-95D69BABED6D} 2012-07-01 07:20:53 -------- d-----w- C:\Users\Michael\AppData\Local\{D5D24CA2-3FBF-4674-845D-2BE308F200B1} 2012-07-01 07:20:43 -------- d-----w- C:\Users\Michael\AppData\Local\{F5440D9B-927F-43EC-9E7E-B27A9E25C136} 2012-06-30 19:20:31 -------- d-----w- C:\Users\Michael\AppData\Local\{2EA5BED4-21A8-4AF4-A20E-EB14AD2914C9} 2012-06-30 19:20:21 -------- d-----w- C:\Users\Michael\AppData\Local\{90DAADB6-E291-4EF5-A9B2-9DDC948DF7A7} 2012-06-30 07:20:10 -------- d-----w- C:\Users\Michael\AppData\Local\{FECDE6A3-32A0-45F4-AD30-9BD05058FBF5} 2012-06-30 07:20:00 -------- d-----w- C:\Users\Michael\AppData\Local\{B6400CDA-22A0-43B4-910B-786888CA59A4} 2012-06-29 19:19:48 -------- d-----w- C:\Users\Michael\AppData\Local\{01EE043A-0FDB-442A-8620-7FA43AD62824} 2012-06-29 19:19:38 -------- d-----w- C:\Users\Michael\AppData\Local\{F8BAD2A6-3456-4AAA-916B-2A14FA68C07C} 2012-06-29 07:19:27 -------- d-----w- C:\Users\Michael\AppData\Local\{3A76CD92-C733-4746-A428-EFDC7BB5F879} 2012-06-29 07:19:17 -------- d-----w- C:\Users\Michael\AppData\Local\{3BCB1ACC-2068-486A-A576-DABE8DC907BE} 2012-06-28 19:19:05 -------- d-----w- C:\Users\Michael\AppData\Local\{554A874E-3893-4FDE-B8AA-EE0E9913AF30} 2012-06-28 19:18:55 -------- d-----w- C:\Users\Michael\AppData\Local\{D91D2987-FC15-4713-A569-A7F224FE4CDB} 2012-06-28 07:18:31 -------- d-----w- C:\Users\Michael\AppData\Local\{CFD4A75C-3072-4676-8642-4C06FFC14D13} 2012-06-28 07:18:20 -------- d-----w- C:\Users\Michael\AppData\Local\{B4E2FB2B-CBAF-46A1-8C2C-346C5D5B4AFC} 2012-06-27 19:16:33 -------- d-----w- C:\Users\Michael\AppData\Local\{530F5C95-9E48-4965-908D-AB0D56FC5FDF} 2012-06-27 19:16:22 -------- d-----w- C:\Users\Michael\AppData\Local\{86A3D02A-8386-4A92-8AF8-8BD55A909AE0} 2012-06-27 07:16:10 -------- d-----w- C:\Users\Michael\AppData\Local\{69F354C0-E7E9-4768-9EB3-65E3F244A938} 2012-06-27 07:16:00 -------- d-----w- C:\Users\Michael\AppData\Local\{6C6D1F3A-E90A-4A55-B4C3-C8FA956C77B4} 2012-06-26 19:40:41 -------- d-----w- C:\Users\Michael\AppData\Local\{87BE1A09-E398-4B21-8FC3-72A2654113A8} 2012-06-26 19:40:31 -------- d-----w- C:\Users\Michael\AppData\Local\{0693A04B-A20E-4E86-8752-B7E0CFC74A38} 2012-06-26 07:40:19 -------- d-----w- C:\Users\Michael\AppData\Local\{DE892709-96E3-4323-9A2B-AE1991710DA8} 2012-06-26 07:40:09 -------- d-----w- C:\Users\Michael\AppData\Local\{BD72D4E9-7EE4-47C6-BB44-093ACF5BE05B} 2012-06-25 19:39:57 -------- d-----w- C:\Users\Michael\AppData\Local\{126E2CF4-536A-4F27-8DD1-0E800B13FB12} 2012-06-25 19:39:46 -------- d-----w- C:\Users\Michael\AppData\Local\{05BF34E9-35E4-4626-B412-FCB0A6A76006} 2012-06-25 07:39:35 -------- d-----w- C:\Users\Michael\AppData\Local\{4CD4E449-2B94-41F2-AF3C-661E657717AE} 2012-06-25 07:39:24 -------- d-----w- C:\Users\Michael\AppData\Local\{5A0DB02E-9841-4CC9-A475-34EC3DD739E3} 2012-06-24 20:36:37 -------- d-----w- C:\Users\Michael\AppData\Roaming\WildTangent 2012-06-24 19:39:12 -------- d-----w- C:\Users\Michael\AppData\Local\{A550587A-6AD2-42F7-B756-527B2013BE46} 2012-06-24 19:39:02 -------- d-----w- C:\Users\Michael\AppData\Local\{5AB01CAD-A7FF-4A03-A2E7-7B18D6A87A3B} 2012-06-24 07:38:51 -------- d-----w- C:\Users\Michael\AppData\Local\{9FFE7EA1-8199-4799-A469-107B9B51C5E3} 2012-06-24 07:38:40 -------- d-----w- C:\Users\Michael\AppData\Local\{BDBAFF4A-DA39-47B1-9575-C31BBFC37865} 2012-06-24 05:11:36 -------- d-----w- C:\Users\Michael\AppData\Local\Macromedia 2012-06-23 19:38:29 -------- d-----w- C:\Users\Michael\AppData\Local\{54F1B8CF-7F8B-4F8A-B442-C609C55F09B6} 2012-06-23 19:38:18 -------- d-----w- C:\Users\Michael\AppData\Local\{A141086A-110A-4EC3-A1EE-212A5F37597A} 2012-06-23 07:38:06 -------- d-----w- C:\Users\Michael\AppData\Local\{9CC8059A-135A-4EAA-9531-D2BADA9697A7} 2012-06-23 07:37:56 -------- d-----w- C:\Users\Michael\AppData\Local\{489DD35B-DCDE-4A0B-9593-286109E07828} 2012-06-23 05:44:50 -------- d-----w- C:\Windows\en 2012-06-23 05:34:13 -------- d-----w- C:\Users\Michael\AppData\Local\{A365479C-2CE3-4A33-9293-5BDE28D0A156} 2012-06-23 05:34:03 -------- d-----w- C:\Users\Michael\AppData\Local\{1C6957D0-BCB9-4EA3-B898-16C263A2B7A9} 2012-06-23 05:23:53 15712 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\60bf162a1cd510002\MeshBetaRemover.exe 2012-06-23 05:23:51 89944 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\5fee559b1cd510001\DSETUP.dll 2012-06-23 05:23:51 537432 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\5fee559b1cd510001\DXSETUP.exe 2012-06-23 05:23:51 1801048 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\5fee559b1cd510001\dsetup32.dll 2012-06-23 05:20:37 -------- d-----w- C:\Users\Michael\AppData\Local\{E0FAF69B-8DE7-4ED1-98A8-BE70DDF462E0} 2012-06-23 05:20:18 -------- d-----w- C:\Users\Michael\AppData\Local\{6BBE332E-6934-4107-999F-92AAE0D0010E} 2012-06-21 08:48:49 2622464 ----a-w- C:\Windows\System32\wucltux.dll 2012-06-21 08:48:23 99840 ----a-w- C:\Windows\System32\wudriver.dll 2012-06-21 08:48:05 36864 ----a-w- C:\Windows\System32\wuapp.exe 2012-06-21 08:48:05 186752 ----a-w- C:\Windows\System32\wuwebv.dll 2012-06-21 05:14:07 -------- d-----w- C:\Users\Michael\AppData\Local\{FCF6C9C1-7A03-4955-A005-46981D9864C5} 2012-06-21 05:13:40 -------- d-----w- C:\Users\Michael\AppData\Local\{CD24B7A0-83F3-41B2-AC25-6371996EED44} 2012-06-14 05:32:41 -------- d-----w- C:\Users\Michael\AppData\Local\{34EC43BB-E794-42E6-9E1D-AFB824CF9461} 2012-06-14 05:32:31 -------- d-----w- C:\Users\Michael\AppData\Local\{319F2431-CF15-4489-81E8-F3526E1CD3A5} 2012-06-13 17:02:25 770384 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcr100.dll 2012-06-13 17:02:25 421200 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcp100.dll 2012-06-13 17:01:32 -------- d-----w- C:\Users\Michael\AppData\Local\{7D242644-3069-4CA5-A21D-ABEB20F9B94C} 2012-06-13 17:01:16 -------- d-----w- C:\Users\Michael\AppData\Local\{9A1993EF-7544-4171-8C79-5CF97139F827} 2012-06-13 05:05:27 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe 2012-06-07 23:42:37 -------- d-----w- C:\Users\Michael\AppData\Local\Chromium 2012-06-07 19:02:54 -------- d-----w- C:\Program Files (x86)\Guild Wars 2 2012-06-07 05:57:13 -------- d-----w- C:\Users\Michael\AppData\Local\{3B98F9F5-6AD4-4AF4-9557-5EDE2A947F9F} 2012-06-07 05:57:03 -------- d-----w- C:\Users\Michael\AppData\Local\{7270360E-8DC3-445D-96A2-CDDDC9305AC5} . ==================== Find3M ==================== . 2012-06-23 23:10:12 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2012-06-23 23:10:12 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2012-05-18 02:06:48 2311680 ----a-w- C:\Windows\System32\jscript9.dll 2012-05-18 01:59:14 1392128 ----a-w- C:\Windows\System32\wininet.dll 2012-05-18 01:58:39 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl 2012-05-18 01:55:22 173056 ----a-w- C:\Windows\System32\ieUnatt.exe 2012-05-18 01:51:30 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2012-05-17 22:45:37 1800192 ----a-w- C:\Windows\SysWow64\jscript9.dll 2012-05-17 22:35:47 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll 2012-05-17 22:35:39 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2012-05-17 22:29:45 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe 2012-05-17 22:24:45 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2012-05-15 01:32:33 3146752 ----a-w- C:\Windows\System32\win32k.sys 2012-05-04 11:06:22 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe 2012-05-04 10:03:53 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe 2012-05-04 10:03:50 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe 2012-05-01 05:40:20 209920 ----a-w- C:\Windows\System32\profsvc.dll 2012-04-28 03:55:21 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys 2012-04-26 05:41:56 77312 ----a-w- C:\Windows\System32\rdpwsx.dll 2012-04-26 05:41:55 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll 2012-04-24 05:37:37 184320 ----a-w- C:\Windows\System32\cryptsvc.dll 2012-04-24 05:37:37 140288 ----a-w- C:\Windows\System32\cryptnet.dll 2012-04-24 05:37:36 1462272 ----a-w- C:\Windows\System32\crypt32.dll 2012-04-24 04:36:42 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll 2012-04-24 04:36:42 1158656 ----a-w- C:\Windows\SysWow64\crypt32.dll 2012-04-24 04:36:42 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll 2012-04-07 12:31:40 3216384 ----a-w- C:\Windows\System32\msi.dll 2012-04-07 11:26:29 2342400 ----a-w- C:\Windows\SysWow64\msi.dll 2012-04-06 18:15:10 38632 ----a-w- C:\Windows\System32\drivers\taphss.sys 2012-04-06 05:22:40 11174400 ----a-w- C:\Windows\System32\drivers\atikmdag.sys 2012-04-06 02:22:00 159744 ----a-w- C:\Windows\System32\atiapfxx.exe 2012-04-06 02:21:52 909312 ----a-w- C:\Windows\SysWow64\aticfx32.dll 2012-04-06 02:20:04 1067520 ----a-w- C:\Windows\System32\aticfx64.dll 2012-04-06 02:16:52 442368 ----a-w- C:\Windows\System32\ATIDEMGX.dll 2012-04-06 02:16:46 503808 ----a-w- C:\Windows\System32\atieclxx.exe 2012-04-06 02:16:02 236544 ----a-w- C:\Windows\System32\atiesrxx.exe 2012-04-06 02:14:44 120320 ----a-w- C:\Windows\System32\atitmm64.dll 2012-04-06 02:14:30 21504 ----a-w- C:\Windows\System32\atimuixx.dll 2012-04-06 02:14:26 59392 ----a-w- C:\Windows\System32\atiedu64.dll 2012-04-06 02:14:20 43520 ----a-w- C:\Windows\SysWow64\ati2edxx.dll 2012-04-06 02:13:42 6800896 ----a-w- C:\Windows\SysWow64\atidxx32.dll 2012-04-06 02:10:50 26181632 ----a-w- C:\Windows\System32\atio6axx.dll 2012-04-06 02:00:10 64000 ----a-w- C:\Windows\System32\coinst.dll 2012-04-06 01:54:46 7479296 ----a-w- C:\Windows\System32\atidxx64.dll 2012-04-06 01:50:56 19753984 ----a-w- C:\Windows\SysWow64\atioglxx.dll 2012-04-06 01:35:24 1120768 ----a-w- C:\Windows\System32\atiumd6v.dll 2012-04-06 01:34:50 1831424 ----a-w- C:\Windows\SysWow64\atiumdmv.dll 2012-04-06 01:34:34 4731904 ----a-w- C:\Windows\System32\atiumd6a.dll 2012-04-06 01:34:04 6203392 ----a-w- C:\Windows\SysWow64\atiumdag.dll 2012-04-06 01:30:16 51200 ----a-w- C:\Windows\System32\aticalrt64.dll 2012-04-06 01:30:14 46080 ----a-w- C:\Windows\SysWow64\aticalrt.dll 2012-04-06 01:30:08 44544 ----a-w- C:\Windows\System32\aticalcl64.dll 2012-04-06 01:30:06 44032 ----a-w- C:\Windows\SysWow64\aticalcl.dll 2012-04-06 01:29:54 16090624 ----a-w- C:\Windows\System32\aticaldd64.dll 2012-04-06 01:25:30 13764096 ----a-w- C:\Windows\SysWow64\aticaldd.dll 2012-04-06 01:23:24 7431680 ----a-w- C:\Windows\System32\atiumd64.dll 2012-04-06 01:22:54 4795904 ----a-w- C:\Windows\SysWow64\atiumdva.dll 2012-04-06 01:17:04 71680 ----a-w- C:\Windows\System32\amdave64.dll 2012-04-06 01:16:58 72704 ----a-w- C:\Windows\SysWow64\amdave32.dll 2012-04-06 01:16:48 72704 ----a-w- C:\Windows\System32\atisamu64.dll 2012-04-06 01:16:42 67584 ----a-w- C:\Windows\atisamu32.dll 2012-04-06 01:11:28 514560 ----a-w- C:\Windows\System32\atiadlxx.dll 2012-04-06 01:11:20 360448 ----a-w- C:\Windows\SysWow64\atiadlxy.dll 2012-04-06 01:11:06 17408 ----a-w- C:\Windows\System32\atig6pxx.dll 2012-04-06 01:11:04 14848 ----a-w- C:\Windows\SysWow64\atiglpxx.dll 2012-04-06 01:11:04 14848 ----a-w- C:\Windows\System32\atiglpxx.dll 2012-04-06 01:11:00 41984 ----a-w- C:\Windows\System32\atig6txx.dll 2012-04-06 01:10:52 33280 ----a-w- C:\Windows\SysWow64\atigktxx.dll 2012-04-06 01:10:44 343040 ----a-w- C:\Windows\System32\drivers\atikmpag.sys 2012-04-06 01:09:56 54784 ----a-w- C:\Windows\System32\atiuxp64.dll 2012-04-06 01:09:48 41984 ----a-w- C:\Windows\SysWow64\atiuxpag.dll 2012-04-06 01:09:42 44544 ----a-w- C:\Windows\System32\atiu9p64.dll 2012-04-06 01:09:34 32256 ----a-w- C:\Windows\SysWow64\atiu9pag.dll 2012-04-06 01:09:02 53248 ----a-w- C:\Windows\System32\drivers\ati2erec.dll 2012-04-06 01:06:08 54784 ----a-w- C:\Windows\System32\atimpc64.dll 2012-04-06 01:06:08 54784 ----a-w- C:\Windows\System32\amdpcom64.dll 2012-04-06 01:06:04 53760 ----a-w- C:\Windows\SysWow64\atimpc32.dll 2012-04-06 01:06:04 53760 ----a-w- C:\Windows\SysWow64\amdpcom32.dll . ============= FINISH: 23:21:10.80 =============== And here is the Attach Log - . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume1 Install Date: 8/8/2011 4:24:50 AM System Uptime: 7/3/2012 11:00:54 PM (0 hours ago) . Motherboard: FOXCONN | | 2AB1 Processor: AMD Phenom II X4 960T Processor | CPU 1 | 3000/200mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 1386 GiB total, 1080.601 GiB free. D: is FIXED (NTFS) - 11 GiB total, 1.371 GiB free. E: is CDROM () F: is Removable G: is Removable H: is Removable I: is Removable J: is CDROM (UDF) . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP163: 6/19/2012 3:16:28 AM - Windows Update RP164: 6/21/2012 1:47:51 AM - Windows Update RP165: 6/22/2012 10:23:58 PM - Windows Live Essentials RP166: 6/22/2012 10:25:03 PM - Installed DirectX RP167: 6/22/2012 10:26:36 PM - Installed DirectX RP168: 6/22/2012 10:39:02 PM - Windows Live Essentials RP169: 6/22/2012 10:39:28 PM - Installed DirectX RP170: 6/22/2012 10:40:22 PM - Installed DirectX RP171: 6/22/2012 10:40:50 PM - WLSetup RP172: 6/26/2012 2:32:06 AM - Windows Update RP174: 6/26/2012 11:06:18 PM - HPSF Restore Point RP175: 6/28/2012 1:18:53 AM - Installed DirectX RP176: 6/28/2012 1:19:29 AM - Installed DirectX RP177: 7/2/2012 9:57:50 PM - Windows Update RP173: 12/31/2099 4:04:09 PM - Scheduled Checkpoint . ==== Installed Programs ====================== . µTorrent ActiveCheck component for HP Active Support Library Adobe AIR Adobe Flash Player 11 Plugin Agatha Christie - Peril at End House Age of Conan: Unchained Akamai NetSession Interface Atlantica Bandisoft MPEG-1 Decoder Bejeweled 2 Deluxe Bejeweled 3 Blackhawk Striker 2 Blacklight: Retribution Blasterball 3 Blio Bounce Symphony Build-a-lot 2 Cake Mania Catalyst Control Center - Branding Catalyst Control Center Graphics Previews Common Catalyst Control Center InstallProxy CCC Help Czech CCC Help Danish Chuzzle Deluxe CloudNine Combined Community Codec Pack 2011-07-30 Crossrider Web Apps D3DX10 DAEMON Tools Lite Diablo III Diner Dash 2 Restaurant Rescue DivX Setup Dora's World Adventure DVD-Cloner V8.50 Build 1012 Farm Frenzy FATE - The Traitor Soul From Dust Guild Wars 2 Hotfix for Microsoft Visual C++ 2010 Express - ENU (KB2542054) HP Customer Experience Enhancements HP Games HP LinkUp HP MediaSmart/TouchSmart Netflix HP MovieStore HP Odometer HP Setup HP Setup Manager HP Support Assistant HP Support Information HP Update HPAsset component for HP Active Support Library Java Auto Updater Java 6 Update 29 JDownloader 0.9 Junk Mail filter update LabelPrint League of Legends LightScribe System Software Lime Odyssey Logitech Vid HD MAESTIA version 201201 Magic Online Magicka Mah Jong Medley Malwarebytes Anti-Malware version 1.61.0.1400 Mesh Runtime Messenger Companion Microsoft .NET Framework 1.1 Microsoft .NET Framework 4 Multi-Targeting Pack Microsoft Application Error Reporting Microsoft Games for Windows - LIVE Redistributable Microsoft Games for Windows Marketplace Microsoft Office 2010 Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft SQL Server Compact 3.5 SP2 ENU Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 Express - ENU Microsoft WSE 3.0 Runtime Microsoft XNA Framework Redistributable 3.1 Microsoft XNA Framework Redistributable 4.0 Mozilla Firefox 13.0.1 (x86 en-US) Mozilla Maintenance Service MSVCRT MSVCRT_amd64 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Mystery P.I. - Stolen in San Francisco Namco All-Stars PAC-MAN Nexon Game Manager NVIDIA PhysX Pando Media Booster PCSX2 - Playstation 2 Emulator PDF Complete Special Edition Penguins! PHANTASY STAR UNIVERSE PHANTASY STAR UNIVERSE Ambition of the Illuminus Plants vs. Zombies - Game of the Year PlayReady PC Runtime x86 Pokemon World Online version 1.8 Poker Superstars III Polar Bowler Polar Golfer Portal PressReader Project64 1.6 Ragnarok Online RealNetworks - Microsoft Visual C++ 2008 Runtime RealPlayer Realtek High Definition Audio Driver RealUpgrade 1.1 Recovery Manager Remote Graphics Receiver Resident Evil: Operation Raccoon City RGSS-RTP Standard Rosetta Stone Version 3 RoxioNow Player RPG Maker XP SCHTHACK PSOBB Security Update for CAPICOM (KB931906) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Extended (KB2416472) Security Update for Microsoft .NET Framework 4 Extended (KB2487367) Security Update for Microsoft .NET Framework 4 Extended (KB2656351) Security Update for Microsoft Visual C++ 2010 Express - ENU (KB2251489) SimCity 4 Deluxe Skype™ 5.8 Slingo Supreme Spybot - Search & Destroy Stacking Steam Stencyl Stronghold Kingdoms Synthesia (remove only) TeamSpeak 3 Client Terraria The Guild II The Guild II - Pirates of the European Seas The Guild II: Renaissance Ubisoft Game Launcher Unified Remote Unity Web Player Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2473228) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft .NET Framework 4 Extended (KB2468871) Update for Microsoft .NET Framework 4 Extended (KB2533523) Update for Microsoft .NET Framework 4 Extended (KB2600217) Update Installer for WildTangent Games App VC80CRTRedist - 8.0.50727.6195 Ventrilo Client Virtual Villagers 4 - The Tree of Life WEBZEN Browser Extension Wheel of Fortune 2 WildTangent Games App (HP Games) Winamp Winamp Detector Plug-in Windows Live Communications Platform Windows Live Essentials Windows Live Installer Windows Live Mail Windows Live Mesh Windows Live Mesh ActiveX Control for Remote Connections Windows Live Messenger Windows Live Messenger Companion Core Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources Windows Media Player Firefox Plugin WinRAR 4.01 (32-bit) Xvid 1.2.2 final uninstall Yahoo! Messenger Yahoo! Software Update Yamaha USB-MIDI Driver Zinio Reader 4 Zuma Deluxe . ==== Event Viewer Messages From Past Week ======== . 7/3/2012 11:07:26 PM, Error: Service Control Manager [7022] - The Windows Update service hung on starting. 7/3/2012 11:04:32 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the HP Health Check Service service to connect. 7/3/2012 11:04:32 PM, Error: Service Control Manager [7000] - The HP Health Check Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 7/2/2012 9:50:46 PM, Error: Service Control Manager [7034] - The AMD FUEL Service service terminated unexpectedly. It has done this 1 time(s). 12/31/2099 3:32:24 PM, Error: Service Control Manager [7034] - The PnkBstrA service terminated unexpectedly. It has done this 1 time(s). . ==== End Of File ===========================
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.