escapee

Honorary Members

View Profile See their activity

Posts
31
Joined
August 13, 2012
Last visited
December 17, 2013

Content Type

All Activity

Events

Profiles

Forums

Topics
Posts

Everything posted by escapee

Help: Malwarebytes hangs at 1or2 secs, PC very slow

escapee replied to escapee's topic in Resolved Malware Removal Logs

Attached is ComboFix Log: ComboFix 12-08-14.05 - Michael 08/15/2012 10:58:11.1.2 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3318.2809 [GMT -4:00] Running from: c:\documents and settings\Michael\Michael's Documents\Downloads\ComboFix.exe AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF} . WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . . . . . c:\documents and settings\All Users\Application Data\hpe7AD.dll c:\documents and settings\All Users\Application Data\TEMP c:\documents and settings\All Users\Application Data\TEMP\AVG\avgmfapx.exe c:\documents and settings\All Users\Application Data\TEMP\AVG\avgmfarx.dll c:\documents and settings\All Users\Application Data\TEMP\AVG\avgntdumpx.exe c:\documents and settings\All Users\Application Data\TEMP\AVG\avgrunasx.exe c:\documents and settings\All Users\Application Data\TEMP\AVG\compat.ini c:\documents and settings\All Users\Application Data\TEMP\AVG\htmlayout.dll c:\documents and settings\All Users\Application Data\TEMP\AVG\incavi.avm c:\documents and settings\All Users\Application Data\TEMP\AVG\license_cz.htm c:\documents and settings\All Users\Application Data\TEMP\AVG\license_da.htm c:\documents and settings\All Users\Application Data\TEMP\AVG\license_es.htm c:\documents and settings\All Users\Application Data\TEMP\AVG\license_fr.htm c:\documents and settings\All Users\Application Data\TEMP\AVG\license_ge.htm c:\documents and settings\All Users\Application Data\TEMP\AVG\license_hu.htm c:\documents and settings\All Users\Application Data\TEMP\AVG\license_id.htm c:\documents and settings\All Users\Application Data\TEMP\AVG\license_in.htm c:\documents and settings\All Users\Application Data\TEMP\AVG\license_it.htm c:\documents and settings\All Users\Application Data\TEMP\AVG\license_jp.htm c:\documents and settings\All Users\Application Data\TEMP\AVG\license_ko.htm c:\documents and settings\All Users\Application Data\TEMP\AVG\license_ms.htm c:\documents and settings\All Users\Application Data\TEMP\AVG\license_nl.htm c:\documents and settings\All Users\Application Data\TEMP\AVG\license_pb.htm c:\documents and settings\All Users\Application Data\TEMP\AVG\license_pl.htm c:\documents and settings\All Users\Application Data\TEMP\AVG\license_pt.htm c:\documents and settings\All Users\Application Data\TEMP\AVG\license_ru.htm c:\documents and settings\All Users\Application Data\TEMP\AVG\license_sc.htm c:\documents and settings\All Users\Application Data\TEMP\AVG\license_sk.htm c:\documents and settings\All Users\Application Data\TEMP\AVG\license_sp.htm c:\documents and settings\All Users\Application Data\TEMP\AVG\license_tr.htm c:\documents and settings\All Users\Application Data\TEMP\AVG\license_us.htm c:\documents and settings\All Users\Application Data\TEMP\AVG\license_zh.htm c:\documents and settings\All Users\Application Data\TEMP\AVG\license_zt.htm c:\documents and settings\All Users\Application Data\TEMP\AVG\mfaconf.txt c:\documents and settings\All Users\Application Data\TEMP\AVG\mfacz.lns c:\documents and settings\All Users\Application Data\TEMP\AVG\mfada.lns c:\documents and settings\All Users\Application Data\TEMP\AVG\mfaes.lns c:\documents and settings\All Users\Application Data\TEMP\AVG\mfafr.lns c:\documents and settings\All Users\Application Data\TEMP\AVG\mfage.lns c:\documents and settings\All Users\Application Data\TEMP\AVG\mfahu.lns c:\documents and settings\All Users\Application Data\TEMP\AVG\mfaid.lns c:\documents and settings\All Users\Application Data\TEMP\AVG\mfain.lns c:\documents and settings\All Users\Application Data\TEMP\AVG\mfait.lns c:\documents and settings\All Users\Application Data\TEMP\AVG\mfajp.lns c:\documents and settings\All Users\Application Data\TEMP\AVG\mfako.lns c:\documents and settings\All Users\Application Data\TEMP\AVG\mfams.lns c:\documents and settings\All Users\Application Data\TEMP\AVG\mfanl.lns c:\documents and settings\All Users\Application Data\TEMP\AVG\mfapb.lns c:\documents and settings\All Users\Application Data\TEMP\AVG\mfapl.lns c:\documents and settings\All Users\Application Data\TEMP\AVG\mfapt.lns c:\documents and settings\All Users\Application Data\TEMP\AVG\mfaru.lns c:\documents and settings\All Users\Application Data\TEMP\AVG\mfasc.lns c:\documents and settings\All Users\Application Data\TEMP\AVG\mfask.lns c:\documents and settings\All Users\Application Data\TEMP\AVG\mfasp.lns c:\documents and settings\All Users\Application Data\TEMP\AVG\mfatr.lns c:\documents and settings\All Users\Application Data\TEMP\AVG\mfaus.lns c:\documents and settings\All Users\Application Data\TEMP\AVG\mfavera.txt c:\documents and settings\All Users\Application Data\TEMP\AVG\mfaverx.txt c:\documents and settings\All Users\Application Data\TEMP\AVG\mfazh.lns c:\documents and settings\All Users\Application Data\TEMP\AVG\mfazt.lns c:\documents and settings\All Users\Application Data\TEMP\AVG\setup.exe c:\documents and settings\All Users\Application Data\TEMP\AVG\setup.ini c:\documents and settings\Michael\Application Data\ldr.ini c:\documents and settings\Michael\Application Data\mIRC\logs\status.log c:\documents and settings\Michael\Application Data\ZXwkUVrlOtPuSiDOpenCloud Security.ico c:\documents and settings\Michael\g2mdlhlpx.exe C:\Install.exe c:\program files\Mozilla Firefox\searchplugins\search.xml c:\windows\$NtUninstallKB58590$ c:\windows\$NtUninstallKB58590$\3296582740 c:\windows\$NtUninstallKB58590$\334432462\@ c:\windows\$NtUninstallKB58590$\334432462\bckfg.tmp c:\windows\$NtUninstallKB58590$\334432462\cfg.ini c:\windows\$NtUninstallKB58590$\334432462\Desktop.ini c:\windows\$NtUninstallKB58590$\334432462\keywords c:\windows\$NtUninstallKB58590$\334432462\kwrd.dll c:\windows\$NtUninstallKB58590$\334432462\L\iictbgmh c:\windows\$NtUninstallKB58590$\334432462\lsflt7.ver c:\windows\$NtUninstallKB58590$\334432462\U\00000001.@ c:\windows\$NtUninstallKB58590$\334432462\U\00000002.@ c:\windows\$NtUninstallKB58590$\334432462\U\80000000.@ c:\windows\$NtUninstallKB58590$\334432462\U\80000032.@ c:\windows\ST6UNST.000 c:\windows\system32\html c:\windows\system32\html\calendar.html c:\windows\system32\html\calendarbottom.html c:\windows\system32\html\calendartop.html c:\windows\system32\html\crystalexportdialog.htm c:\windows\system32\html\crystalprinthost.html c:\windows\system32\images c:\windows\system32\images\toolbar\calendar.gif c:\windows\system32\images\toolbar\crlogo.gif c:\windows\system32\images\toolbar\export.gif c:\windows\system32\images\toolbar\export_over.gif c:\windows\system32\images\toolbar\exportd.gif c:\windows\system32\images\toolbar\First.gif c:\windows\system32\images\toolbar\first_over.gif c:\windows\system32\images\toolbar\Firstd.gif c:\windows\system32\images\toolbar\gotopage.gif c:\windows\system32\images\toolbar\gotopage_over.gif c:\windows\system32\images\toolbar\gotopaged.gif c:\windows\system32\images\toolbar\grouptree.gif c:\windows\system32\images\toolbar\grouptree_over.gif c:\windows\system32\images\toolbar\grouptreed.gif c:\windows\system32\images\toolbar\grouptreepressed.gif c:\windows\system32\images\toolbar\Last.gif c:\windows\system32\images\toolbar\last_over.gif c:\windows\system32\images\toolbar\Lastd.gif c:\windows\system32\images\toolbar\Next.gif c:\windows\system32\images\toolbar\next_over.gif c:\windows\system32\images\toolbar\Nextd.gif c:\windows\system32\images\toolbar\Prev.gif c:\windows\system32\images\toolbar\prev_over.gif c:\windows\system32\images\toolbar\Prevd.gif c:\windows\system32\images\toolbar\print.gif c:\windows\system32\images\toolbar\print_over.gif c:\windows\system32\images\toolbar\printd.gif c:\windows\system32\images\toolbar\Refresh.gif c:\windows\system32\images\toolbar\refresh_over.gif c:\windows\system32\images\toolbar\refreshd.gif c:\windows\system32\images\toolbar\Search.gif c:\windows\system32\images\toolbar\search_over.gif c:\windows\system32\images\toolbar\searchd.gif c:\windows\system32\images\toolbar\up.gif c:\windows\system32\images\toolbar\up_over.gif c:\windows\system32\images\toolbar\upd.gif c:\windows\system32\images\tree\begindots.gif c:\windows\system32\images\tree\beginminus.gif c:\windows\system32\images\tree\beginplus.gif c:\windows\system32\images\tree\blank.gif c:\windows\system32\images\tree\blankdots.gif c:\windows\system32\images\tree\dots.gif c:\windows\system32\images\tree\lastdots.gif c:\windows\system32\images\tree\lastminus.gif c:\windows\system32\images\tree\lastplus.gif c:\windows\system32\images\tree\Magnify.gif c:\windows\system32\images\tree\minus.gif c:\windows\system32\images\tree\minusbox.gif c:\windows\system32\images\tree\plus.gif c:\windows\system32\images\tree\plusbox.gif c:\windows\system32\images\tree\singleminus.gif c:\windows\system32\images\tree\singleplus.gif c:\windows\system32\lsprst7.dll c:\windows\system32\prsgrc.dll c:\windows\system32\SET40.tmp c:\windows\system32\SET44.tmp c:\windows\system32\SET45.tmp c:\windows\system32\SET4C.tmp c:\windows\system32\ssprs.dll c:\windows\system32\URTTemp c:\windows\system32\URTTemp\regtlib.exe c:\windows\system32\vcsdvjh.dll . . . . . 2012-08-14 16:50 . 2012-08-14 16:50 -------- d-----w- C:\TDSSKiller_Quarantine 2012-08-13 18:18 . 2012-08-13 18:18 -------- d-----w- c:\documents and settings\Michael\Application Data\Malwarebytes 2012-08-13 18:18 . 2012-08-13 18:18 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2012-08-13 18:18 . 2012-08-13 18:18 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-08-13 18:18 . 2012-07-03 17:46 22344 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-08-09 19:26 . 2012-08-09 19:26 -------- d-----w- c:\program files\Test99 . . . . . 2012-08-15 02:24 . 2012-04-06 19:23 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-08-15 02:24 . 2011-05-17 22:08 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-07-12 20:53 . 2011-01-13 21:22 52128 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\LMIproc.dll 2012-07-12 20:53 . 2011-01-13 21:22 83392 ----a-w- c:\windows\system32\LMIRfsClientNP.dll 2012-07-12 20:53 . 2011-01-13 21:22 30624 ----a-w- c:\windows\system32\LMIport.dll 2012-07-12 20:53 . 2011-01-13 21:22 87456 ----a-w- c:\windows\system32\LMIinit.dll 2012-07-06 13:58 . 2004-08-04 12:00 78336 ----a-w- c:\windows\system32\browser.dll 2012-07-04 14:05 . 2009-07-29 13:47 139784 ----a-w- c:\windows\system32\drivers\rdpwd.sys 2012-07-03 13:40 . 2004-08-04 12:00 1866112 ----a-w- c:\windows\system32\win32k.sys 2012-07-02 17:49 . 2004-08-04 12:00 916992 ----a-w- c:\windows\system32\wininet.dll 2012-07-02 17:49 . 2004-08-04 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll 2012-07-02 17:49 . 2004-08-04 12:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl 2012-07-02 17:37 . 2012-07-02 17:37 6918144 ----a-w- c:\documents and settings\Michael\PCPE_3.0.msi 2012-07-02 12:05 . 2004-08-04 12:00 385024 ----a-w- c:\windows\system32\html.iec 2012-07-01 20:09 . 2012-07-01 20:09 73728 ----a-w- c:\windows\system32\javacpl.cpl 2012-07-01 20:09 . 2012-07-01 20:09 476936 ----a-w- c:\windows\system32\npdeployJava1.dll 2012-07-01 20:09 . 2010-08-23 18:32 472840 ----a-w- c:\windows\system32\deployJava1.dll 2012-06-06 12:49 . 2012-06-06 12:49 1070152 ----a-w- c:\windows\system32\MSCOMCTL.OCX 2012-06-05 15:50 . 2009-08-19 21:07 1372672 ------w- c:\windows\system32\msxml6.dll 2012-06-05 15:50 . 2004-08-04 12:00 1172480 ----a-w- c:\windows\system32\msxml3.dll 2012-06-04 04:32 . 2004-08-04 12:00 152576 ----a-w- c:\windows\system32\schannel.dll 2012-06-02 19:19 . 2008-10-16 18:09 22040 ----a-w- c:\windows\system32\wucltui.dll.mui 2012-06-02 19:19 . 2009-07-29 13:49 329240 ----a-w- c:\windows\system32\wucltui.dll 2012-06-02 19:19 . 2009-07-29 13:49 219160 ----a-w- c:\windows\system32\wuaucpl.cpl 2012-06-02 19:19 . 2009-07-29 13:49 210968 ----a-w- c:\windows\system32\wuweb.dll 2012-06-02 19:19 . 2008-10-16 18:07 15384 ----a-w- c:\windows\system32\wuaucpl.cpl.mui 2012-06-02 19:19 . 2009-07-29 13:49 53784 ----a-w- c:\windows\system32\wuauclt.exe 2012-06-02 19:19 . 2009-07-29 13:49 35864 ----a-w- c:\windows\system32\wups.dll 2012-06-02 19:19 . 2008-10-16 18:09 45080 ----a-w- c:\windows\system32\wups2.dll 2012-06-02 19:19 . 2008-10-16 18:07 15384 ----a-w- c:\windows\system32\wuapi.dll.mui 2012-06-02 19:19 . 2004-08-04 12:00 97304 ----a-w- c:\windows\system32\cdm.dll 2012-06-02 19:19 . 2008-10-16 18:07 17944 ----a-w- c:\windows\system32\wuaueng.dll.mui 2012-06-02 19:19 . 2009-07-29 13:49 577048 ----a-w- c:\windows\system32\wuapi.dll 2012-06-02 19:19 . 2009-07-29 13:49 1933848 ----a-w- c:\windows\system32\wuaueng.dll 2012-06-02 19:18 . 2010-10-22 18:23 275696 ----a-w- c:\windows\system32\mucltui.dll 2012-06-02 19:18 . 2010-10-22 18:23 214256 ----a-w- c:\windows\system32\muweb.dll 2012-06-02 19:18 . 2010-10-22 18:23 17136 ----a-w- c:\windows\system32\mucltui.dll.mui 2012-05-31 13:22 . 2004-08-04 12:00 599040 ----a-w- c:\windows\system32\crypt32.dll 2012-05-21 15:58 . 2011-01-13 21:22 83360 ----a-w- c:\windows\system32\LMIRfsClientNP.dll.000.bak 2012-05-21 15:58 . 2011-01-13 21:22 87424 ----a-w- c:\windows\system32\LMIinit.dll.000.bak 2012-07-19 22:12 . 2011-05-06 22:42 136672 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . . . . REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2007-07-18 451872] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-06-01 153136] "H/PC Connection Agent"="c:\program files\Microsoft ActiveSync\wcescomm.exe" [2006-11-13 1289000] "PMSpeed"="c:\program files\NewSoft\Presto! PageManager 8 for EP\PMSpeed.EXE" [2008-12-09 55120] "cdloader"="c:\documents and settings\Michael\Application Data\mjusbsp\cdloader2.exe" [2012-02-01 50592] "LogMeTT.exe"="c:\program files\LogMeTT\LogMeTT.exe" [2011-05-22 371712] "SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2011-09-14 4611456] "SwiftToDoList"="c:\program files\Swift To-Do List\Swift To-Do List.exe" [2011-05-14 6555928] "Akamai NetSession Interface"="c:\documents and settings\Michael\Local Settings\Application Data\Akamai\netsession_win.exe" [2012-05-26 4327744] "StartupPersonalReminder"="c:\program files\Personal Reminder\PersonalReminder.exe" [2004-07-15 266240] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2005-04-06 94208] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2005-04-06 77824] "Persistence"="c:\windows\system32\igfxpers.exe" [2005-04-06 114688] "SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2004-10-14 1404928] "ATICCC"="c:\program files\ATI Technologies\ATI.ACE\cli.exe" [2006-01-02 45056] "BlackBerryAutoUpdate"="c:\program files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe" [2009-05-14 623888] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-09-08 421888] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-09-24 421160] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712] "EEventManager"="c:\progra~1\EPSONS~1\EVENTM~1\EEventManager.exe" [2009-04-07 673616] "FUFAXSTM"="c:\program files\Epson Software\FAX Utility\FUFAXSTM.exe" [2009-06-05 843776] "WrtMon.exe"="c:\windows\system32\spool\drivers\w32x86\3\WrtMon.exe" [2008-05-24 26448] "ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-28 207424] "Adobe Acrobat Speed Launcher"="e:\program files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" [2012-03-27 40376] "Acrobat Assistant 8.0"="e:\program files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [2012-03-26 640440] "LogMeIn GUI"="e:\program files\LogMeIn\x86\LogMeInSystray.exe" [2011-01-11 63048] "TkBellExe"="c:\program files\real\realplayer\update\realsched.exe" [2011-06-27 273544] "NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136] "ToolboxFX"="c:\program files\HP\ToolboxFX\bin\HPTLBXFX.exe" [2010-04-16 58936] "WatchingService"="c:\program files\d-link\d-link d-viewcam\bin\wdsvc.exe" [2008-07-29 79104] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-03-27 37296] "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2010-12-21 519584] . c:\documents and settings\Michael\Start Menu\Programs\Startup\ Epson all-in-one Registration.lnk - d:\common\EpsonReg\EpsonReg.exe [N/A] MiniMinder.lnk - c:\program files\MiniMind\MiniMind.exe [2012-5-16 262144] TeraTerm Menu.lnk - c:\program files\teraterm\ttpmenu.exe [2011-7-1 192512] . c:\documents and settings\All Users\Start Menu\Programs\Startup\ APC UPS Status.lnk - e:\program files\APC\APC PowerChute Personal Edition\Display.exe [2010-9-14 271736] TypeItIn.lnk - c:\program files\TypeItIn\TypeItIn.exe [2011-5-10 1007104] . [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024] . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon] 2011-05-04 17:54 551296 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit] 2012-07-12 20:53 87456 ----a-w- c:\windows\system32\LMIinit.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\windows\system32\acaptuser32.dll . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 "FirewallOverride"=dword:00000001 . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) "DisableNotifications"= 1 (0x1) . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Opera\\opera.exe"= "c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager "c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager "c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application "c:\\WINDOWS\\system32\\javaw.exe"= "c:\\Program Files\\Research In Motion\\BlackBerry JDE 5.0.0\\simulator\\fledge.exe"= "c:\\Program Files\\Research In Motion\\BlackBerry Smartphone Simulators 5.0.0\\5.0.0.681 (8900)\\fledge.exe"= "c:\\Program Files\\Research In Motion\\BlackBerry JDE 4.6.1\\simulator\\fledge.exe"= "c:\\Program Files\\Research In Motion\\BlackBerry Desktop\\Rim.Desktop.exe"= "c:\\Program Files\\Mozilla Firefox\\firefox.exe"= "c:\\Program Files\\Research In Motion\\BlackBerry JDE 4.1.0\\bin\\fledge.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Epson Software\\Event Manager\\EEventManager.exe"= "c:\\Program Files\\EpsonNet\\EpsonNet Setup\\tool09\\ENEasyApp.exe"= "c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"= "c:\\Program Files\\Sony Ericsson\\Update Engine\\Sony Ericsson Update Engine.exe"= "c:\\Program Files\\HP\\csiInstaller\\5C069542-CA13-4f1b-B90C-28C6430F4992\\Installer\\hpbcsiInstaller.exe"= "c:\\Program Files\\D-Link\\D-Link D-ViewCam\\Bin\\WDSvc.exe"= "c:\\Program Files\\D-Link\\D-Link D-ViewCam\\Bin\\VideoProxy.exe"= "c:\\Program Files\\D-Link\\D-Link D-ViewCam\\Bin\\Control.exe"= "c:\\Program Files\\D-Link\\D-Link D-ViewCam\\Bin\\DVC2.0.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= "c:\\Documents and Settings\\Michael\\Application Data\\mjusbsp\\magicJack.exe"= . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service "3737:UDP"= 3737:UDP:Windows Media Format SDK (firefox.exe) "3736:UDP"= 3736:UDP:Windows Media Format SDK (firefox.exe) "8000:TCP"= 8000:TCP:UniArgus Port1 "8001:TCP"= 8001:TCP:UniArgus Port2 "1077:TCP"= 1077:TCP:Akamai NetSession Interface "5000:UDP"= 5000:UDP:Akamai NetSession Interface . R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [7/22/2011 12:27 PM 12880] R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [7/12/2011 5:55 PM 67664] R2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCore.exe [8/11/2011 7:38 PM 116608] R2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe -k Akamai [8/4/2004 8:00 AM 14336] R2 APC Data Service;APC Data Service;e:\program files\APC\APC PowerChute Personal Edition\dataserv.exe [9/14/2010 4:54 PM 21880] R2 HP LaserJet Service;HP LaserJet Service;c:\program files\HP\HPLaserJetService\HPLaserJetService.exe [4/12/2010 9:13 AM 142336] R2 IntuitUpdateServiceV4;Intuit Update Service v4;c:\program files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe [8/25/2011 6:53 PM 13672] R2 LMIGuardianSvc;LMIGuardianSvc;e:\program files\LogMeIn\x86\LMIGuardianSvc.exe [7/6/2011 4:32 PM 374184] R2 LMIInfo;LogMeIn Kernel Information Provider;e:\program files\LogMeIn\x86\rainfo.sys [1/11/2011 7:04 PM 12856] R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [8/13/2012 2:18 PM 655944] R2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [6/25/2010 1:07 PM 35088] R2 OMSI download service;Sony Ericsson OMSI download service;c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [12/14/2011 6:35 PM 90112] R2 Skype C2C Service;Skype C2C Service;c:\documents and settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe [7/5/2012 6:41 PM 3048136] R3 Linksys_adapter_H;Linksys Adapter Network Driver;c:\windows\system32\drivers\AE2500xp.sys [3/1/2012 11:10 AM 1034240] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [8/13/2012 2:18 PM 22344] S0 AVGIDSHX;AVGIDSHX;c:\windows\system32\DRIVERS\avgidshx.sys --> c:\windows\system32\DRIVERS\avgidshx.sys [?] S1 SABKUTIL;SABKUTIL;\??\c:\program files\SUPERAntiSpyware\SABKUTIL.sys --> c:\program files\SUPERAntiSpyware\SABKUTIL.sys [?] S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [4/26/2011 1:35 PM 136176] S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2/29/2012 8:50 AM 158856] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [4/6/2012 3:23 PM 250056] S3 aspmon;aspmon;c:\windows\system32\drivers\aspmon.sys [7/12/2012 7:58 PM 27528] S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdriverx.sys --> c:\windows\system32\DRIVERS\avgidsdriverx.sys [?] S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\avgidsfilterx.sys --> c:\windows\system32\DRIVERS\avgidsfilterx.sys [?] S3 AVGIDSShim;AVGIDSShim;c:\windows\system32\DRIVERS\avgidsshimx.sys --> c:\windows\system32\DRIVERS\avgidsshimx.sys [?] S3 Cebal;Cebal Driver (cebal.sys);c:\windows\system32\drivers\cebal.sys [10/29/2010 11:41 AM 22912] S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [12/14/2011 7:35 PM 13224] S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [4/26/2011 1:35 PM 136176] S3 HPFXBULKLEDM;HPFXBULKLEDM;c:\windows\system32\drivers\hppcbulkio.sys [5/14/2011 5:36 PM 20504] S3 MotDev;Motorola Inc. USB Device;c:\windows\system32\drivers\motodrv.sys [10/9/2010 8:47 PM 42112] S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [4/27/2012 5:15 PM 113120] S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [1/9/2010 9:37 PM 4640000] . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] Akamai REG_MULTI_SZ Akamai HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 . [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] 2007-07-18 21:53 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe . . . 2012-08-15 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-06 02:24] . 2012-08-14 c:\windows\Tasks\At4.job - c:\program files\HP\HPLJUT\HPLJUTSCH.exe [2010-05-03 00:02] . 2012-08-15 c:\windows\Tasks\At5.job - c:\program files\HP\HPLJUT\HPLJUTSCH.exe [2010-05-03 00:02] . 2012-08-15 c:\windows\Tasks\At6.job - c:\program files\HP\HPLJUT\HPLJUTSCH.exe [2010-05-03 00:02] . 2012-08-13 c:\windows\Tasks\At7.job - c:\program files\HP\HPLJUT\HPLJUTSCH.exe [2010-05-03 00:02] . 2012-08-14 c:\windows\Tasks\At8.job - c:\program files\HP\HPLJUT\HPLJUTSCH.exe [2010-05-03 00:02] . 2012-08-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2011-04-26 17:35] . 2012-08-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2011-04-26 17:35] . 2012-08-15 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1708537768-1085031214-725345543-1003Core.job - c:\documents and settings\user\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-08-07 04:01] . 2012-08-15 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1708537768-1085031214-725345543-1003UA.job - c:\documents and settings\user\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-08-07 04:01] . 2012-08-15 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1708537768-1085031214-725345543-1003.job - c:\program files\Real\RealUpgrade\realupgrade.exe [2011-03-29 14:47] . 2012-08-15 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1708537768-1085031214-725345543-1007.job - c:\program files\Real\RealUpgrade\realupgrade.exe [2011-03-29 14:47] . 2012-08-15 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1708537768-1085031214-725345543-500.job - c:\program files\Real\RealUpgrade\realupgrade.exe [2011-03-29 14:47] . 2012-08-12 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1708537768-1085031214-725345543-1003.job - c:\program files\Real\RealUpgrade\realupgrade.exe [2011-03-29 14:47] . 2012-08-10 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1708537768-1085031214-725345543-1007.job - c:\program files\Real\RealUpgrade\realupgrade.exe [2011-03-29 14:47] . 2012-08-08 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1708537768-1085031214-725345543-500.job - c:\program files\Real\RealUpgrade\realupgrade.exe [2011-03-29 14:47] . . ------- ------- . uStart Page = hxxp://www.msn.com uInternet Settings,ProxyOverride = *.local;127.0.0.1:9421;<local> IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: Append to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html IE: Convert Link Target to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html IE: Convert to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 Trusted Zone: intuit.com\ttlc TCP: DhcpNameServer = 192.168.1.2 FF - ProfilePath - c:\documents and settings\Michael\Application Data\Mozilla\Firefox\Profiles\7kvterbx.default\ FF - prefs.js: network.proxy.type - 0 . - - - - - - - - . HKLM-Run-gZZZqhhYCwk8234A - c:\windows\system32\zF44pmmH5sQ7dL8.exe Notify-avgrsstarter - avgrsstx.dll SafeBoot-01151205.sys . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2012-08-15 11:18 Windows 5.1.2600 Service Pack 3 NTFS . . . . . : 0 . ************************************************************************** . [HKEY_LOCAL_MACHINE\System\ControlSet004\Services\Akamai] "ServiceDll"="c:\program files\common files\akamai/netsession_win_4f7fccd.dll" . [HKEY_LOCAL_MACHINE\System\ControlSet004\Services\MySQL] "ImagePath"="\"c:\program files\MySQL\MySQL Server 5.5\bin\mysqld\" --defaults-file=\"c:\program files\MySQL\MySQL Server 5.5\my.ini\" MySQL" . --------------------- --------------------- . [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences] @Denied: (2) (LocalSystem) "88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,8f,2f,f2,78,63,d1,7a,44,97,5d,92,\ "2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,8f,2f,f2,78,63,d1,7a,44,97,5d,92,\ . --------------------- --------------------- . - - - - - - - > 'winlogon.exe'(824) c:\program files\SUPERAntiSpyware\SASWINLO.DLL c:\windows\system32\WININET.dll c:\windows\system32\Ati2evxx.dll c:\windows\system32\LMIinit.dll c:\windows\system32\LMIRfsClientNP.dll . - - - - - - - > 'explorer.exe'(5388) c:\windows\system32\WININET.dll c:\windows\system32\TypeItIn28.dll c:\windows\system32\ieframe.dll c:\windows\system32\mshtml.dll c:\windows\system32\msls31.dll c:\windows\IME\SPGRMR.DLL c:\program files\Common Files\Microsoft Shared\INK\SKCHUI.DLL c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll c:\windows\system32\LMIRfsClientNP.dll . ------------------------ ------------------------ . c:\windows\system32\Ati2evxx.exe c:\program files\Common Files\EPSON\EBAPI\eEBSVC.exe c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe e:\program files\APC\APC PowerChute Personal Edition\mainserv.exe c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\Common Files\Intuit\Update Service\IntuitUpdateService.exe c:\program files\Java\jre6\bin\jqs.exe c:\program files\Common Files\LightScribe\LSSrvc.exe e:\program files\LogMeIn\x86\RaMaint.exe e:\program files\LogMeIn\x86\LogMeIn.exe c:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe c:\program files\MySQL\MySQL Server 5.5\bin\mysqld.exe c:\windows\system32\Ati2evxx.exe c:\program files\Microsoft SQL Server\90\Shared\sqlbrowser.exe c:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exe c:\windows\system32\spool\drivers\w32x86\3\WrtProc.exe c:\program files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac c:\progra~1\MICROS~4\rapimgr.exe c:\program files\Common Files\Ahead\Lib\NMIndexingService.exe c:\program files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe e:\program files\APC\APC PowerChute Personal Edition\apcsystray.exe c:\program files\iPod\bin\iPodService.exe . ************************************************************************** . : 2012-08-15 11:29:19 - ComboFix-quarantined-files.txt 2012-08-15 15:28 . Pre-Run: 14,483,103,744 bytes free : 15,753,760,768 bytes free . - - End Of File - - 562722DFACF4FBB01B2EDE5AE97F2C80
- August 15, 2012
- 12 replies
Help: Malwarebytes hangs at 1or2 secs, PC very slow

escapee replied to escapee's topic in Resolved Malware Removal Logs

Here's the DDS dds log: . DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_33 Run by Michael at 15:59:50 on 2012-08-14 . ============== Running Processes =============== . C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe C:\Program Files\SUPERAntiSpyware\SASCORE.EXE C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\PROGRA~1\EPSONS~1\EVENTM~1\EEventManager.exe C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtMon.exe C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtProc.exe C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe C:\Program Files\MySQL\MySQL Server 5.5\bin\mysqld.exe C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe C:\WINDOWS\system32\wuauclt.exe C:\program files\d-link\d-link d-viewcam\bin\wdsvc.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\WINDOWS\System32\alg.exe C:\Documents and Settings\Michael\Michael's Documents\Downloads\dds.scr C:\WINDOWS\system32\taskmgr.exe C:\WINDOWS\system32\msiexec.exe C:\Program Files\D-Link\D-Link D-ViewCam\Bin\VideoProxy.exe C:\Program Files\D-Link\D-Link D-ViewCam\Bin\Control.exe C:\WINDOWS\System32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k NetworkService C:\WINDOWS\system32\svchost.exe -k LocalService C:\WINDOWS\system32\svchost.exe -k LocalService C:\WINDOWS\System32\svchost.exe -k Akamai C:\WINDOWS\System32\svchost.exe -k HPZ12 C:\WINDOWS\System32\svchost.exe -k HPZ12 C:\WINDOWS\system32\svchost.exe -k imgsvc . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.msn.com uDefault_Page_URL = hxxp://www.msn.com uInternet Settings,ProxyOverride = *.local;127.0.0.1:9421;<local> BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll BHO: AVG Do Not Track: {31332eef-cb9f-458f-afeb-d30e9a66b6ba} - c:\program files\avg\avg2012\avgdtiex.dll BHO: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No File BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\micros~3\office14\URLREDIR.DLL BHO: MSN Toolbar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program files\msn\toolbar\3.0.1203.0\msneshellx.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll TB: MSN Toolbar: {1e61ed7c-7cb8-49d6-b9e9-ab4c880c8414} - c:\program files\msn\toolbar\3.0.1203.0\msneshellx.dll TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File uRun: [LightScribe Control Panel] c:\program files\common files\lightscribe\LightScribeControlPanel.exe -hidden uRun: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files\ahead\lib\NMBgMonitor.exe" uRun: [H/PC Connection Agent] "c:\program files\microsoft activesync\wcescomm.exe" uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe uRun: [PMSpeed] c:\program files\newsoft\presto! pagemanager 8 for ep\PMSpeed.EXE uRun: [cdloader] "c:\documents and settings\michael\application data\mjusbsp\cdloader2.exe" MAGICJACK uRun: [LogMeTT.exe] "c:\program files\logmett\LogMeTT.exe" -startup uRun: [sUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe uRun: [swiftToDoList] "c:\program files\swift to-do list\Swift To-Do List.exe" -minimized uRun: [Akamai NetSession Interface] "c:\documents and settings\michael\local settings\application data\akamai\netsession_win.exe" uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background uRun: [WorkForce 610(Network)] c:\windows\system32\spool\drivers\w32x86\3\e_fatifja.exe /fu "c:\windows\temp\E_S982.tmp" /EF "HKCU" uRun: [EPSON WorkForce 610 Series] c:\windows\system32\spool\drivers\w32x86\3\e_fatifja.exe /fu "c:\windows\temp\E_S985.tmp" /EF "HKCU" uRun: [WorkForce 610(Network) (Copy 1)] c:\windows\system32\spool\drivers\w32x86\3\e_fatifja.exe /fu "c:\windows\temp\E_S9CF.tmp" /EF "HKCU" uRun: [startupPersonalReminder] c:\program files\personal reminder\PersonalReminder.exe mRun: [igfxTray] c:\windows\system32\igfxtray.exe mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe mRun: [Persistence] c:\windows\system32\igfxpers.exe mRun: [soundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe mRun: [ATICCC] "c:\program files\ati technologies\ati.ace\cli.exe" runtime -Delay mRun: [blackBerryAutoUpdate] c:\program files\common files\research in motion\auto update\RIMAutoUpdate.exe /background mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe" mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [EEventManager] c:\progra~1\epsons~1\eventm~1\EEventManager.exe mRun: [FUFAXSTM] "c:\program files\epson software\fax utility\FUFAXSTM.exe" mRun: [WrtMon.exe] c:\windows\system32\spool\drivers\w32x86\3\WrtMon.exe mRun: [ArcSoft Connection Service] c:\program files\common files\arcsoft\connection service\bin\ACDaemon.exe mRun: [Adobe Acrobat Speed Launcher] "e:\program files\adobe\acrobat 9.0\acrobat\Acrobat_sl.exe" mRun: [Acrobat Assistant 8.0] "e:\program files\adobe\acrobat 9.0\acrobat\Acrotray.exe" mRun: [LogMeIn GUI] "e:\program files\logmein\x86\LogMeInSystray.exe" mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot mRun: [NeroFilterCheck] c:\program files\common files\ahead\lib\NeroCheck.exe mRun: [gZZZqhhYCwk8234A] c:\windows\system32\zF44pmmH5sQ7dL8.exe mRun: [ToolboxFX] "c:\program files\hp\toolboxfx\bin\HPTLBXFX.exe" /enum:on /alerts:on /notifications:on /fl:on /fr:on /appData:on /tmcp:on mRun: [WatchingService] "c:\program files\d-link\d-link d-viewcam\bin\wdsvc.exe" sys_auto_run c:\program files\d-link\d-link d-viewcam\Bin mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" mRun: [<NO NAME>] mRun: [Display] e:\program files\apc\apc powerchute personal edition\DataCollectionLauncher.exe mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe" mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t IE: Append Link Target to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: Append to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppend.html IE: Convert Link Target to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECaptureSelLinks.html IE: Convert to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECapture.html IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office11\EXCEL.EXE/3000 IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\progra~1\micros~4\INetRepl.dll IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\progra~1\micros~4\INetRepl.dll IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - c:\program files\avg\avg2012\avgdtiex.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office11\REFIEBAR.DLL LSP: mswsock.dll Trusted Zone: intuit.com\ttlc DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab DPF: {CAFEEFAC-0015-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_22-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab TCP: DhcpNameServer = 192.168.1.2 TCP: Interfaces\{36FD7177-54AC-4C74-87B9-D8493C68691C} : DhcpNameServer = 192.168.1.2 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL Notify: AtiExtEvent - Ati2evxx.dll Notify: avgrsstarter - avgrsstx.dll Notify: igfxcui - igfxdev.dll Notify: LMIinit - LMIinit.dll AppInit_DLLs: acaptuser32.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:\program files\common files\lightscribe\LSRunOnce.exe" . ================= FIREFOX =================== . FF - ProfilePath - c:\documents and settings\michael\application data\mozilla\firefox\profiles\7kvterbx.default\ FF - prefs.js: network.proxy.type - 0 FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprpchromebrowserrecordext.dll FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll FF - plugin: c:\documents and settings\michael\application data\move networks\plugins\npqmp071706000001.dll FF - plugin: c:\documents and settings\michael\application data\mozilla\firefox\profiles\7kvterbx.default\extensions\logmeinclient@logmein.com\plugins\npLMI64.dll FF - plugin: c:\documents and settings\michael\application data\mozilla\firefox\profiles\7kvterbx.default\extensions\logmeinclient@logmein.com\plugins\npRACtrl.dll FF - plugin: c:\progra~1\micros~3\office14\NPAUTHZ.DLL FF - plugin: c:\progra~1\micros~3\office14\NPSPWRAP.DLL FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll FF - plugin: c:\program files\common files\research in motion\bbwebsllauncher\NPWebSLLauncher.dll FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll FF - plugin: c:\program files\google\update\1.3.21.115\npGoogleUpdate3.dll FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\program files\java\jre6\bin\plugin2\npdeployJava1.dll FF - plugin: c:\program files\java\jre6\bin\plugin2\npjp2.dll FF - plugin: c:\program files\microsoft silverlight\4.1.10329.0\npctrlui.dll FF - plugin: c:\program files\opera\program\plugins\np_gp.dll FF - plugin: c:\program files\opera\program\plugins\nppl3260.dll FF - plugin: c:\program files\opera\program\plugins\nprjplug.dll FF - plugin: c:\program files\opera\program\plugins\nprpjplug.dll FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_3_300_270.dll FF - plugin: c:\windows\system32\npdeployJava1.dll FF - plugin: c:\windows\system32\npptools.dll FF - plugin: e:\program files\adobe\acrobat 9.0\acrobat\air\nppdf32.dll . ============= SERVICES / DRIVERS =============== . 3 MBAMSwissArmy;MBAMSwissArmy R? AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service R? APC Data Service;APC Data Service R? aspmon;aspmon R? AVGIDSDriver;AVGIDSDriver R? AVGIDSFilter;AVGIDSFilter R? AVGIDSHX;AVGIDSHX R? AVGIDSShim;AVGIDSShim R? Cebal;Cebal Driver (cebal.sys) R? clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86 R? cpuz132;cpuz132 R? ggflt;SEMC USB Flash Driver Filter R? gupdate;Google Update Service (gupdate) R? gupdatem;Google Update Service (gupdatem) R? HP LaserJet Service;HP LaserJet Service R? HPFXBULKLEDM;HPFXBULKLEDM R? IntuitUpdateServiceV4;Intuit Update Service v4 R? LMIGuardianSvc;LMIGuardianSvc R? LMIInfo;LogMeIn Kernel Information Provider R? LMIRfsClientNP;LMIRfsClientNP R? MotDev;Motorola Inc. USB Device R? MozillaMaintenance;Mozilla Maintenance Service R? osppsvc;Office Software Protection Platform R? SABKUTIL;SABKUTIL R? SkypeUpdate;Skype Updater R? WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0 S? !SASCORE;SAS Core Service S? Akamai;Akamai NetSession Interface S? Linksys_adapter_H;Linksys Adapter Network Driver S? LMIRfsDriver;LogMeIn Remote File System Driver S? MBAMProtector;MBAMProtector S? MBAMService;MBAMService S? NPF;NetGroup Packet Filter Driver S? OMSI download service;Sony Ericsson OMSI download service S? SASDIFSV;SASDIFSV S? SASKUTIL;SASKUTIL S? Skype C2C Service;Skype C2C Service . =============== Created Last 30 ================ . 2012-08-14 16:50:35 -------- d-----w- C:\TDSSKiller_Quarantine 2012-08-13 18:18:57 -------- d-----w- c:\documents and settings\michael\application data\Malwarebytes 2012-08-13 18:18:30 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes 2012-08-13 18:18:27 22344 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-08-13 18:18:27 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-08-09 19:26:10 -------- d-----w- c:\program files\Test99 . ==================== Find3M ==================== . 2012-08-14 20:15:06 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2012-08-03 06:24:16 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-08-03 06:24:16 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-07-12 20:53:19 83392 ----a-w- c:\windows\system32\LMIRfsClientNP.dll 2012-07-12 20:53:19 52128 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\LMIproc.dll 2012-07-12 20:53:17 87456 ----a-w- c:\windows\system32\LMIinit.dll 2012-07-12 20:53:17 30624 ----a-w- c:\windows\system32\LMIport.dll 2012-07-02 17:37:09 6918144 ----a-w- c:\documents and settings\michael\PCPE_3.0.msi 2012-07-01 20:09:37 73728 ----a-w- c:\windows\system32\javacpl.cpl 2012-07-01 20:09:35 476936 ----a-w- c:\windows\system32\npdeployJava1.dll 2012-07-01 20:09:35 472840 ----a-w- c:\windows\system32\deployJava1.dll 2012-06-13 13:19:59 1866112 ----a-w- c:\windows\system32\win32k.sys 2012-06-05 15:50:25 1372672 ------w- c:\windows\system32\msxml6.dll 2012-06-05 15:50:25 1172480 ----a-w- c:\windows\system32\msxml3.dll 2012-06-04 16:13:50 204 ----a-w- c:\windows\system32\vcsdvjh.dll 2012-06-04 16:13:50 100 ----a-w- c:\windows\system32\prsgrc.dll 2012-06-04 04:32:08 152576 ----a-w- c:\windows\system32\schannel.dll 2012-06-02 19:19:44 22040 ----a-w- c:\windows\system32\wucltui.dll.mui 2012-06-02 19:19:38 219160 ----a-w- c:\windows\system32\wuaucpl.cpl 2012-06-02 19:19:38 15384 ----a-w- c:\windows\system32\wuaucpl.cpl.mui 2012-06-02 19:19:34 15384 ----a-w- c:\windows\system32\wuapi.dll.mui 2012-06-02 19:19:30 17944 ----a-w- c:\windows\system32\wuaueng.dll.mui 2012-06-02 19:18:58 275696 ----a-w- c:\windows\system32\mucltui.dll 2012-06-02 19:18:58 214256 ----a-w- c:\windows\system32\muweb.dll 2012-06-02 19:18:58 17136 ----a-w- c:\windows\system32\mucltui.dll.mui 2012-05-31 13:22:09 599040 ----a-w- c:\windows\system32\crypt32.dll 2012-05-21 15:58:11 83360 ----a-w- c:\windows\system32\LMIRfsClientNP.dll.000.bak 2012-05-21 15:58:10 87424 ----a-w- c:\windows\system32\LMIinit.dll.000.bak 2012-05-17 19:35:47 73 ----a-w- c:\windows\system32\ssprs.dll 2012-05-17 19:35:45 205 ----a-w- c:\windows\system32\lsprst7.dll 2012-05-17 18:47:12 60304 ----a-w- c:\documents and settings\michael\g2mdlhlpx.exe . ============= FINISH: 16:37:23.51 =============== And here is the DDS attach log: . ==== Installed Programs ====================== . . 232Analyzer 32 Bit HP CIO Components Installer Acrobat.com Adobe Acrobat 9 Pro Extended - English, Français, Deutsch Adobe Acrobat 9 Pro Extended - English, Français, Deutsch\0\0 Adobe Acrobat 9.5.1 - CPSID_83708 Adobe AIR Adobe Flash Player 10 ActiveX Adobe Flash Player 11 Plugin Adobe Reader 9.5.1 Adobe Shockwave Player 11.6 Adobe SVG Viewer 3.0 Advanced Serial Port Monitor Akamai NetSession Interface AnswerWorks 5.0 English Runtime APC PowerChute Personal Edition 3.0 Apple Application Support Apple Mobile Device Support Apple Software Update ArcSoft Print Creations ArcSoft Print Creations - Brochures & Flyers ArcSoft Print Creations - Photo Calendar ATI - Software Uninstall Utility ATI Catalyst Control Center ATI Display Driver ATI Parental Control & Encoder Avanquest update BitFontCreator 2.3.2 BlackBerry Desktop Software 5.0 BlackBerry Desktop Software 6.0 BlackBerry JDE 4.1.0 BlackBerry JDE 4.2.0 BlackBerry JDE 4.2.1 BlackBerry JDE 4.3.0 BlackBerry JDE 4.5.0 BlackBerry JDE 4.6.1 BlackBerry JDE 5.0.0 BlackBerry Smartphone Simulators 5.0.0.681 (8900) BlackBerry® Media Sync Bonjour Broadcom Gigabit Integrated Controller CCleaner (remove only) Color LaserJet 2600n Compatibility Pack for the 2007 Office system Corona SDK Crystal Reports Basic for Visual Studio 2008 D-Link D-ViewCam Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition Dell ResourceCD Epson Event Manager Epson FAX Utility Epson PC-FAX Driver EPSON Scan EPSON WorkForce 610 Series Printer Uninstall EpsonNet Print EpsonNet Setup FileZilla Client 3.3.5.1 FOX News Live Stream FreeCommander 2007.10a GATR Mobile GIMP 2.6.11 Google Earth Google Update Helper GoToMeeting 5.1.0.880 HHD Software Hex Editor Neo 5.01 HI-TECH C Compiler for the PIC10/12/16 MCUs V9.80PL0 Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) Hotfix for Microsoft Visual Studio 2008 Professional Edition - ENU (KB971091) Hotfix for Microsoft Visual Studio 2008 Professional Edition - ENU (KB973674) Hotfix for Windows Media Format 11 SDK (KB929399) Hotfix for Windows Media Player 11 (KB939683) Hotfix for Windows XP (KB2158563) Hotfix for Windows XP (KB2443685) Hotfix for Windows XP (KB2570791) Hotfix for Windows XP (KB2633952) Hotfix for Windows XP (KB952287) Hotfix for Windows XP (KB954550-v5) Hotfix for Windows XP (KB961118) Hotfix for Windows XP (KB981793) HP LaserJet Professional CP1520 Series HPLaserJetHelp_LearnCenter HPLJUT hppCP1520LaserJetService hppLaserJetService hppTLBXFXCP1520 hpzTLBXFX IAR Embedded Workbench for 8051 IAR Embedded Workbench for MCS-51 V7.51A iDEN i88s-i58sr R880201 Upgrade Utility Intel® Graphics Media Accelerator Driver iTunes J2SE Development Kit 5.0 Update 22 J2SE Runtime Environment 5.0 Update 22 Java Auto Updater Java 6 Update 33 Klok 2 LightScribe 1.8.15.1 LogMeIn LogMeTT 2.9.9 magicJack Malwarebytes Anti-Malware version 1.62.0.1300 Microsoft .NET Compact Framework 2.0 SP2 Microsoft .NET Compact Framework 3.5 Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Security Update (KB2656353) Microsoft .NET Framework 1.1 Security Update (KB2656370) Microsoft .NET Framework 2.0 Service Pack 2 Microsoft .NET Framework 3.0 Service Pack 2 Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Extended Microsoft ActiveSync Microsoft Compression Client Pack 1.0 for Windows XP Microsoft Device Emulator version 3.0 - ENU Microsoft Document Explorer 2008 Microsoft Kernel-Mode Driver Framework Feature Pack 1.5 Microsoft Kernel-Mode Driver Framework Feature Pack 1.7 Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office 2010 Language Pack Service Pack 1 (SP1) Microsoft Office 2010 Service Pack 1 (SP1) Microsoft Office File Validation Add-In Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (Spanish) 2010 Microsoft Office Proofing (English) 2010 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared MUI (English) 2010 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2010 Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3) Microsoft Office Standard Edition 2003 Microsoft Office Visio 2010 Microsoft Office Visio MUI (English) 2010 Microsoft Office Visual Web Developer 2007 Microsoft Office Visual Web Developer MUI (English) 2007 Microsoft Silverlight Microsoft Software Update for Web Folders (English) 14 Microsoft SQL Server 2005 Microsoft SQL Server 2005 Express Edition (SQLEXPRESS) Microsoft SQL Server 2005 Tools Express Edition Microsoft SQL Server Compact 3.5 Design Tools ENU Microsoft SQL Server Compact 3.5 ENU Microsoft SQL Server Compact 3.5 for Devices ENU Microsoft SQL Server Database Publishing Wizard 1.2 Microsoft SQL Server Native Client Microsoft SQL Server Setup Support Files (English) Microsoft SQL Server VSS Writer Microsoft User-Mode Driver Framework Feature Pack 1.0 Microsoft Visio 2010 Service Pack 1 (SP1) Microsoft Visio Professional 2010 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual Studio 2005 Tools for Office Runtime Microsoft Visual Studio 2008 Professional Edition - ENU Microsoft Visual Studio Web Authoring Component Microsoft Windows SDK for Visual Studio 2008 .NET Framework Tools Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries Microsoft Windows SDK for Visual Studio 2008 SDK Reference Assemblies and IntelliSense Microsoft Windows SDK for Visual Studio 2008 Tools Microsoft Windows SDK for Visual Studio 2008 Win32 Tools Microsoft WinUsb 1.0 MiniMinder 8.3 mIRC Motorola Driver Installation Motorola iDEN SDK for J2ME Technology Move Media Player Mozilla Firefox 14.0.1 (x86 en-US) Mozilla Maintenance Service MPLAB Tools v8.60 MSDN Library for Visual Studio 2008 - ENU MSN Toolbar MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MSXML 6 Service Pack 2 (KB973686) MWSnap 3 MySQL Server 5.5 Nero 7 Essentials neroxml OGA Notifier 2.0.0048.0 Opera 10.60 Personal Reminder v2.0.32 Perytons Protocol Analyzer PICkit 2 v2.61 Presto! PageManager 8.15.01 SE PuTTY version 0.60 Python 2.6 pygtk-2.22.0 Python 2.6 PyGTK 2.22.6 Python 2.6 pyserial-2.5 Python 2.6 pywin32-216 Python 2.6.6 Quicken 2011 QuickTime RealNetworks - Microsoft Visual C++ 2008 Runtime RealPlayer RealUpgrade 1.0 RealUpgrade 1.1 Resco Explorer Safari Security Update for 2007 Microsoft Office System (KB2288621) Security Update for 2007 Microsoft Office System (KB2584063) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424) Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Extended (KB2416472) Security Update for Microsoft .NET Framework 4 Extended (KB2487367) Security Update for Microsoft .NET Framework 4 Extended (KB2656351) Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553091) Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2589337) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2598039) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition Security Update for Microsoft Office system 2007 (KB974234) Security Update for Microsoft Visio 2010 (KB2553374) 32-Bit Edition Security Update for Microsoft Windows (KB2564958) Security Update for Windows Internet Explorer 8 (KB2360131) Security Update for Windows Internet Explorer 8 (KB2416400) Security Update for Windows Internet Explorer 8 (KB2497640) Security Update for Windows Internet Explorer 8 (KB2510531) Security Update for Windows Internet Explorer 8 (KB2530548) Security Update for Windows Internet Explorer 8 (KB2544521) Security Update for Windows Internet Explorer 8 (KB2559049) Security Update for Windows Internet Explorer 8 (KB2586448) Security Update for Windows Internet Explorer 8 (KB2618444) Security Update for Windows Internet Explorer 8 (KB2647516) Security Update for Windows Internet Explorer 8 (KB2675157) Security Update for Windows Internet Explorer 8 (KB2699988) Security Update for Windows Internet Explorer 8 (KB971961) Security Update for Windows Internet Explorer 8 (KB981332) Security Update for Windows Internet Explorer 8 (KB982381) Security Update for Windows Media Player (KB2378111) Security Update for Windows Media Player (KB952069) Security Update for Windows Media Player (KB954155) Security Update for Windows Media Player (KB973540) Security Update for Windows Media Player (KB975558) Security Update for Windows Media Player (KB978695) Security Update for Windows Media Player (KB979402) Security Update for Windows Media Player 11 (KB954154) Security Update for Windows XP (KB2079403) Security Update for Windows XP (KB2115168) Security Update for Windows XP (KB2121546) Security Update for Windows XP (KB2229593) Security Update for Windows XP (KB2259922) Security Update for Windows XP (KB2279986) Security Update for Windows XP (KB2286198) Security Update for Windows XP (KB2296011) Security Update for Windows XP (KB2296199) Security Update for Windows XP (KB2347290) Security Update for Windows XP (KB2360937) Security Update for Windows XP (KB2387149) Security Update for Windows XP (KB2393802) Security Update for Windows XP (KB2412687) Security Update for Windows XP (KB2419632) Security Update for Windows XP (KB2423089) Security Update for Windows XP (KB2436673) Security Update for Windows XP (KB2440591) Security Update for Windows XP (KB2443105) Security Update for Windows XP (KB2476490) Security Update for Windows XP (KB2476687) Security Update for Windows XP (KB2478960) Security Update for Windows XP (KB2478971) Security Update for Windows XP (KB2479943) Security Update for Windows XP (KB2481109) Security Update for Windows XP (KB2483185) Security Update for Windows XP (KB2485663) Security Update for Windows XP (KB2503658) Security Update for Windows XP (KB2503665) Security Update for Windows XP (KB2506212) Security Update for Windows XP (KB2506223) Security Update for Windows XP (KB2507618) Security Update for Windows XP (KB2507938) Security Update for Windows XP (KB2508272) Security Update for Windows XP (KB2508429) Security Update for Windows XP (KB2509553) Security Update for Windows XP (KB2511455) Security Update for Windows XP (KB2524375) Security Update for Windows XP (KB2535512) Security Update for Windows XP (KB2536276-v2) Security Update for Windows XP (KB2536276) Security Update for Windows XP (KB2544893-v2) Security Update for Windows XP (KB2544893) Security Update for Windows XP (KB2555917) Security Update for Windows XP (KB2562937) Security Update for Windows XP (KB2566454) Security Update for Windows XP (KB2567053) Security Update for Windows XP (KB2567680) Security Update for Windows XP (KB2570222) Security Update for Windows XP (KB2570947) Security Update for Windows XP (KB2584146) Security Update for Windows XP (KB2585542) Security Update for Windows XP (KB2592799) Security Update for Windows XP (KB2598479) Security Update for Windows XP (KB2603381) Security Update for Windows XP (KB2618451) Security Update for Windows XP (KB2619339) Security Update for Windows XP (KB2620712) Security Update for Windows XP (KB2621440) Security Update for Windows XP (KB2624667) Security Update for Windows XP (KB2631813) Security Update for Windows XP (KB2633171) Security Update for Windows XP (KB2639417) Security Update for Windows XP (KB2641653) Security Update for Windows XP (KB2646524) Security Update for Windows XP (KB2647518) Security Update for Windows XP (KB2653956) Security Update for Windows XP (KB2655992) Security Update for Windows XP (KB2659262) Security Update for Windows XP (KB2660465) Security Update for Windows XP (KB2661637) Security Update for Windows XP (KB2676562) Security Update for Windows XP (KB2685939) Security Update for Windows XP (KB2686509) Security Update for Windows XP (KB2691442) Security Update for Windows XP (KB2695962) Security Update for Windows XP (KB2698365) Security Update for Windows XP (KB2707511) Security Update for Windows XP (KB2709162) Security Update for Windows XP (KB2718523) Security Update for Windows XP (KB2719985) Security Update for Windows XP (KB923561) Security Update for Windows XP (KB941569) Security Update for Windows XP (KB946648) Security Update for Windows XP (KB950760) Security Update for Windows XP (KB950762) Security Update for Windows XP (KB950974) Security Update for Windows XP (KB951376-v2) Security Update for Windows XP (KB951748) Security Update for Windows XP (KB952004) Security Update for Windows XP (KB952954) Security Update for Windows XP (KB956572) Security Update for Windows XP (KB956744) Security Update for Windows XP (KB956802) Security Update for Windows XP (KB956803) Security Update for Windows XP (KB956844) Security Update for Windows XP (KB958644) Security Update for Windows XP (KB958869) Security Update for Windows XP (KB959426) Security Update for Windows XP (KB960225) Security Update for Windows XP (KB960803) Security Update for Windows XP (KB960859) Security Update for Windows XP (KB961501) Security Update for Windows XP (KB969059) Security Update for Windows XP (KB969947) Security Update for Windows XP (KB970238) Security Update for Windows XP (KB970430) Security Update for Windows XP (KB971468) Security Update for Windows XP (KB971657) Security Update for Windows XP (KB972270) Security Update for Windows XP (KB973507) Security Update for Windows XP (KB973869) Security Update for Windows XP (KB973904) Security Update for Windows XP (KB974112) Security Update for Windows XP (KB974318) Security Update for Windows XP (KB974392) Security Update for Windows XP (KB974571) Security Update for Windows XP (KB975025) Security Update for Windows XP (KB975467) Security Update for Windows XP (KB975560) Security Update for Windows XP (KB975561) Security Update for Windows XP (KB975562) Security Update for Windows XP (KB975713) Security Update for Windows XP (KB977816) Security Update for Windows XP (KB977914) Security Update for Windows XP (KB978037) Security Update for Windows XP (KB978338) Security Update for Windows XP (KB978542) Security Update for Windows XP (KB978601) Security Update for Windows XP (KB978706) Security Update for Windows XP (KB979309) Security Update for Windows XP (KB979482) Security Update for Windows XP (KB979559) Security Update for Windows XP (KB979683) Security Update for Windows XP (KB979687) Security Update for Windows XP (KB980195) Security Update for Windows XP (KB980218) Security Update for Windows XP (KB980232) Security Update for Windows XP (KB980436) Security Update for Windows XP (KB981322) Security Update for Windows XP (KB981852) Security Update for Windows XP (KB981957) Security Update for Windows XP (KB981997) Security Update for Windows XP (KB982132) Security Update for Windows XP (KB982214) Security Update for Windows XP (KB982665) Sentinel System Driver Installer 7.5.2 Skype Click to Call Skype™ 5.8 SmartRF Flash Programmer (1.12.4) SmartRF Packet Sniffer SmartRF Studio 7 Sony Ericsson PC Suite 6.011.00 Sony Ericsson Update Engine SoundMAX Spelling Dictionaries Support For Adobe Reader 9 Style Master 4.6 Demo SUPERAntiSpyware Swift To-Do List Lite 2.306 swMSM Tera Term 4.70 Texas Instruments SimpliciTI-IAR-1.1.1 Texas Instruments ZStack-CC2530-2.3.1-1.4.0 Texas Instruments ZStack-CC2530-2.5.0 Tstat_RS232_101008C Tstat_RS232_101008D TTLEditor 1.2.1 TurboTax 2010 TurboTax 2010 WinBizFedFormset TurboTax 2010 WinBizReleaseEngine TurboTax 2010 WinBizTaxSupport TurboTax 2010 WinPerFedFormset TurboTax 2010 WinPerReleaseEngine TurboTax 2010 WinPerTaxSupport TurboTax 2010 wmdiper TurboTax 2010 wrapper TurboTax 2011 TurboTax 2011 WinPerFedFormset TurboTax 2011 WinPerReleaseEngine TurboTax 2011 WinPerTaxSupport TurboTax 2011 wmdiper TurboTax 2011 wrapper TurboTax Business 2010 Ubiqua Protocol Analyzer 1.2.1899 Update for 2007 Microsoft Office System (KB2284654) Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update for Microsoft Office 2007 System (KB2539530) Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition Update for Microsoft Office 2010 (KB2566458) Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition Update for Microsoft Visual Studio 2008 Professional Edition - ENU (KB972221) Update for Windows Internet Explorer 8 (KB976662) Update for Windows XP (KB2141007) Update for Windows XP (KB2345886) Update for Windows XP (KB2467659) Update for Windows XP (KB2541763) Update for Windows XP (KB2607712) Update for Windows XP (KB2616676-v2) Update for Windows XP (KB2641690) Update for Windows XP (KB2718704) Update for Windows XP (KB951978) Update for Windows XP (KB955759) Update for Windows XP (KB967715) Update for Windows XP (KB968389) Update for Windows XP (KB971029) Update for Windows XP (KB971737) Update for Windows XP (KB973687) Update for Windows XP (KB973815) Visual Studio 2005 Tools for Office Second Edition Runtime Visual Studio Tools for the Office system 3.0 Runtime VLC media player 1.1.7 WebFldrs XP Windows Genuine Advantage Notifications (KB905474) Windows Imaging Component Windows Internet Explorer 8 Windows Media Format 11 runtime Windows Media Player 11 Windows Mobile 5.0 Pocket PC SDK Windows Mobile 5.0 SDK R2 for Pocket PC Windows Mobile 5.0 SDK R2 for Smartphone Windows XP Service Pack 3 WinPcap 4.1.2 WinZip 11.2 Wireshark 1.4.7 . ==== End Of File ===========================
- August 14, 2012
- 12 replies
Help: Malwarebytes hangs at 1or2 secs, PC very slow

escapee replied to escapee's topic in Resolved Malware Removal Logs

Maniac, While DDS is running, I notice that the program "Style Master 4.6 Demo" keeps trying to install automatically. Any idea why this might be happening? Thanks, Escapee
- August 14, 2012
- 12 replies
Help: Malwarebytes hangs at 1or2 secs, PC very slow

escapee replied to escapee's topic in Resolved Malware Removal Logs

Malwarebytes found no issues. Malwarebytes Anti-Malware 1.62.0.1300 www.malwarebytes.org Database version: v2012.08.14.04 Windows XP Service Pack 3 x86 NTFS Internet Explorer 8.0.6001.18702 Michael :: HURRICANE [administrator] Protection: Enabled 8/14/2012 1:09:51 PM mbam-log-2012-08-14 (13-09-51).txt Scan type: Quick scan Scan options enabled: Memory | Heuristics/Shuriken | PUP | PUM Scan options disabled: Startup | Registry | File System | Heuristics/Extra | P2P Objects scanned: 2991 Time elapsed: 1 hour(s), 48 minute(s), 52 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end)
- August 14, 2012
- 12 replies
Help: Malwarebytes hangs at 1or2 secs, PC very slow

escapee replied to escapee's topic in Resolved Malware Removal Logs

Maniac, Thank you for your quick response. Below is the TDSSKiller log. I'm running Malwarebytes, but its very slow. It's hanging at 3 seconds, while "Enumerating Registry Objects Prior To Scan". TDSSKiller did find, "Rootkit.Win32.PMax.gen", which was deleted. -Escapee 12:44:33.0218 0592 TDSS rootkit removing tool 2.8.6.0 Aug 13 2012 17:24:05 12:44:33.0468 0592 ============================================================ 12:44:33.0468 0592 Current date / time: 2012/08/14 12:44:33.0468 12:44:33.0468 0592 SystemInfo: 12:44:33.0468 0592 12:44:33.0468 0592 OS Version: 5.1.2600 ServicePack: 3.0 12:44:33.0468 0592 Product type: Workstation 12:44:33.0468 0592 ComputerName: HURRICANE 12:44:33.0468 0592 UserName: Douglas 12:44:33.0468 0592 Windows directory: C:\WINDOWS 12:44:33.0468 0592 System windows directory: C:\WINDOWS 12:44:33.0468 0592 Processor architecture: Intel x86 12:44:33.0468 0592 Number of processors: 2 12:44:33.0468 0592 Page size: 0x1000 12:44:33.0468 0592 Boot type: Safe boot with network 12:44:33.0468 0592 ============================================================ 12:44:41.0578 0592 Drive \Device\Harddisk0\DR0 - Size: 0x12A05F2000 (74.51 Gb), SectorSize: 0x200, Cylinders: 0x25FE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054 12:44:41.0578 0592 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054 12:44:41.0578 0592 ============================================================ 12:44:41.0578 0592 \Device\Harddisk0\DR0: 12:44:41.0578 0592 MBR partitions: 12:44:41.0578 0592 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x94FE97E 12:44:41.0578 0592 \Device\Harddisk1\DR1: 12:44:41.0578 0592 MBR partitions: 12:44:41.0578 0592 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x74705982 12:44:41.0578 0592 ============================================================ 12:44:41.0609 0592 C: <-> \Device\Harddisk0\DR0\Partition1 12:44:41.0625 0592 E: <-> \Device\Harddisk1\DR1\Partition1 12:44:41.0671 0592 ============================================================ 12:44:41.0671 0592 Initialize success 12:44:41.0671 0592 ============================================================ 12:45:23.0640 0476 ============================================================ 12:45:23.0640 0476 Scan started 12:45:23.0640 0476 Mode: Manual; SigCheck; TDLFS; 12:45:23.0640 0476 ============================================================ 12:45:38.0000 0476 ================ Scan services ============================= 12:45:38.0468 0476 [ c0393eb99a6c72c6bef9bfc4a72b33a6 ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE.EXE 12:45:38.0578 0476 !SASCORE - ok 12:45:42.0000 0476 13ef08ce ( Rootkit.Win32.PMax.gen ) - infected 12:45:42.0000 0476 13ef08ce - detected Rootkit.Win32.PMax.gen (0) 12:45:42.0343 0476 Abiosdsk - ok 12:45:42.0390 0476 abp480n5 - ok 12:45:45.0281 0476 [ adc420616c501b45d26c0fd3ef1e54e4 ] ACDaemon C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe 12:45:45.0328 0476 ACDaemon - ok 12:45:45.0437 0476 [ 8fd99680a539792a30e97944fdaecf17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys 12:45:53.0578 0476 ACPI - ok 12:45:53.0640 0476 [ 9859c0f6936e723e4892d7141b1327d5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys 12:45:53.0796 0476 ACPIEC - ok 12:45:53.0937 0476 [ f19c98ad81d2c0e1bbfd8153d2c80ee8 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe 12:45:53.0953 0476 AdobeFlashPlayerUpdateSvc - ok 12:45:54.0000 0476 adpu160m - ok 12:45:54.0093 0476 [ 8bed39e3c35d6a489438b8141717a557 ] aec C:\WINDOWS\system32\drivers\aec.sys 12:45:54.0218 0476 aec - ok 12:45:54.0312 0476 [ 1e44bc1e83d8fd2305f8d452db109cf9 ] AFD C:\WINDOWS\System32\drivers\afd.sys 12:45:54.0406 0476 AFD - ok 12:45:54.0437 0476 Aha154x - ok 12:45:54.0500 0476 aic78u2 - ok 12:45:54.0578 0476 aic78xx - ok 12:45:54.0968 0476 [ 29584f02a43e427c4227e3b1d9ff1b22 ] Akamai c:\program files\common files\akamai/netsession_win_4f7fccd.dll 12:45:54.0968 0476 Suspicious file (Hidden): c:\program files\common files\akamai/netsession_win_4f7fccd.dll. md5: 29584f02a43e427c4227e3b1d9ff1b22 12:45:54.0968 0476 Akamai ( HiddenFile.Multi.Generic ) - warning 12:45:54.0968 0476 Akamai - detected HiddenFile.Multi.Generic (1) 12:45:55.0046 0476 [ a9a3daa780ca6c9671a19d52456705b4 ] Alerter C:\WINDOWS\system32\alrsvc.dll 12:45:55.0171 0476 Alerter - ok 12:45:55.0234 0476 [ 8c515081584a38aa007909cd02020b3d ] ALG C:\WINDOWS\System32\alg.exe 12:45:55.0359 0476 ALG - ok 12:45:55.0390 0476 AliIde - ok 12:45:55.0468 0476 amsint - ok 12:45:55.0609 0476 [ 378a326ba649e01aac767355aab9e90c ] APC Data Service E:\Program Files\APC\APC PowerChute Personal Edition\dataserv.exe 12:45:58.0781 0476 Suspicious file (Hidden): E:\Program Files\APC\APC PowerChute Personal Edition\dataserv.exe. md5: 378a326ba649e01aac767355aab9e90c 12:45:58.0781 0476 APC Data Service ( HiddenFile.Multi.Generic ) - warning 12:45:58.0781 0476 APC Data Service - detected HiddenFile.Multi.Generic (1) 12:45:58.0968 0476 [ 84a1a403d2dd63ef941674cc87ff503c ] APC UPS Service E:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe 12:46:02.0140 0476 Suspicious file (Hidden): E:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe. md5: 84a1a403d2dd63ef941674cc87ff503c 12:46:02.0140 0476 APC UPS Service ( HiddenFile.Multi.Generic ) - warning 12:46:02.0140 0476 APC UPS Service - detected HiddenFile.Multi.Generic (1) 12:46:02.0265 0476 [ 70d7be78061126dd0c3accdb7e129017 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 12:46:02.0281 0476 Apple Mobile Device - ok 12:46:02.0359 0476 [ d8849f77c0b66226335a59d26cb4edc6 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll 12:46:02.0500 0476 AppMgmt - ok 12:46:02.0531 0476 asc - ok 12:46:02.0609 0476 asc3350p - ok 12:46:02.0671 0476 asc3550 - ok 12:46:02.0906 0476 [ d846c846906782cdf054829375e911ff ] aspmon C:\WINDOWS\system32\DRIVERS\aspmon.sys 12:46:02.0921 0476 aspmon - ok 12:46:03.0078 0476 [ 776acefa0ca9df0faa51a5fb2f435705 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe 12:46:03.0093 0476 aspnet_state - ok 12:46:03.0171 0476 [ b153affac761e7f5fcfa822b9c4e97bc ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys 12:46:03.0296 0476 AsyncMac - ok 12:46:03.0375 0476 [ 9f3a2f5aa6875c72bf062c712cfa2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys 12:46:03.0500 0476 atapi - ok 12:46:03.0562 0476 Atdisk - ok 12:46:03.0687 0476 [ c4b5144443a368741e6427faa44c5491 ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe 12:46:03.0718 0476 Ati HotKey Poller ( UnsignedFile.Multi.Generic ) - warning 12:46:03.0718 0476 Ati HotKey Poller - detected UnsignedFile.Multi.Generic (1) 12:46:03.0781 0476 [ 48b441dc9ce7ca32152aedbd2243fcd9 ] ATI Smart C:\WINDOWS\system32\ati2sgag.exe 12:46:03.0796 0476 ATI Smart ( UnsignedFile.Multi.Generic ) - warning 12:46:03.0796 0476 ATI Smart - detected UnsignedFile.Multi.Generic (1) 12:46:03.0875 0476 [ 221f0a33229cce7bf2f7640d3bb8845d ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys 12:46:03.0937 0476 ati2mtag ( UnsignedFile.Multi.Generic ) - warning 12:46:03.0937 0476 ati2mtag - detected UnsignedFile.Multi.Generic (1) 12:46:04.0078 0476 [ 9916c1225104ba14794209cfa8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys 12:46:04.0187 0476 Atmarpc - ok 12:46:04.0265 0476 [ def7a7882bec100fe0b2ce2549188f9d ] AudioSrv C:\WINDOWS\System32\audiosrv.dll 12:46:04.0390 0476 AudioSrv - ok 12:46:04.0468 0476 [ d9f724aa26c010a217c97606b160ed68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys 12:46:04.0578 0476 audstub - ok 12:46:04.0609 0476 AVGIDSDriver - ok 12:46:04.0687 0476 AVGIDSFilter - ok 12:46:04.0750 0476 AVGIDSHX - ok 12:46:04.0828 0476 AVGIDSShim - ok 12:46:04.0937 0476 [ 241474d01380e9ed41d4c07f4f5fd401 ] b57w2k C:\WINDOWS\system32\DRIVERS\b57xp32.sys 12:46:04.0968 0476 b57w2k - ok 12:46:05.0078 0476 [ da1f27d85e0d1525f6621372e7b685e9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys 12:46:05.0203 0476 Beep - ok 12:46:05.0296 0476 [ 574738f61fca2935f5265dc4e5691314 ] BITS C:\WINDOWS\system32\qmgr.dll 12:46:05.0421 0476 BITS - ok 12:46:05.0546 0476 [ 673cf4f6bb1fbe09331b526802fbb892 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe 12:46:05.0562 0476 Bonjour Service - ok 12:46:05.0625 0476 [ f934d1b230f84e1d19dd00ac5a7a83ed ] Bridge C:\WINDOWS\system32\DRIVERS\bridge.sys 12:46:05.0734 0476 Bridge - ok 12:46:05.0765 0476 [ f934d1b230f84e1d19dd00ac5a7a83ed ] BridgeMP C:\WINDOWS\system32\DRIVERS\bridge.sys 12:46:05.0875 0476 BridgeMP - ok 12:46:05.0937 0476 [ a06ce3399d16db864f55faeb1f1927a9 ] Browser C:\WINDOWS\System32\browser.dll 12:46:06.0046 0476 Browser - ok 12:46:06.0109 0476 [ 90a673fc8e12a79afbed2576f6a7aaf9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys 12:46:06.0234 0476 cbidf2k - ok 12:46:06.0281 0476 cd20xrnt - ok 12:46:06.0359 0476 [ c1b486a7658353d33a10cc15211a873b ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys 12:46:06.0500 0476 Cdaudio - ok 12:46:06.0562 0476 [ c885b02847f5d2fd45a24e219ed93b32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys 12:46:06.0687 0476 Cdfs - ok 12:46:06.0750 0476 [ 1f4260cc5b42272d71f79e570a27a4fe ] cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys 12:46:06.0875 0476 cdrom - ok 12:46:06.0953 0476 [ e8a13e2cb4bab34d283172ee5b80be93 ] Cebal C:\WINDOWS\system32\Drivers\cebal.sys 12:46:06.0968 0476 Cebal ( UnsignedFile.Multi.Generic ) - warning 12:46:06.0968 0476 Cebal - detected UnsignedFile.Multi.Generic (1) 12:46:07.0000 0476 Changer - ok 12:46:07.0093 0476 [ 1cfe720eb8d93a7158a4ebc3ab178bde ] CiSvc C:\WINDOWS\system32\cisvc.exe 12:46:07.0218 0476 CiSvc - ok 12:46:07.0281 0476 [ 34cbe729f38138217f9c80212a2a0c82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe 12:46:07.0406 0476 ClipSrv - ok 12:46:07.0515 0476 [ d87acaed61e417bba546ced5e7e36d9c ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 12:46:07.0531 0476 clr_optimization_v2.0.50727_32 - ok 12:46:07.0609 0476 [ c5a75eb48e2344abdc162bda79e16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 12:46:07.0625 0476 clr_optimization_v4.0.30319_32 - ok 12:46:07.0671 0476 CmdIde - ok 12:46:07.0781 0476 [ 6e4c9f21f0fae8940661144f41b13203 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys 12:46:07.0906 0476 Compbatt - ok 12:46:07.0953 0476 COMSysApp - ok 12:46:08.0093 0476 Cpqarray - ok 12:46:08.0281 0476 cpuz132 - ok 12:46:08.0343 0476 [ 3d4e199942e29207970e04315d02ad3b ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll 12:46:08.0468 0476 CryptSvc - ok 12:46:08.0515 0476 dac2w2k - ok 12:46:08.0578 0476 dac960nt - ok 12:46:08.0703 0476 [ 6b27a5c03dfb94b4245739065431322c ] DcomLaunch C:\WINDOWS\system32\rpcss.dll 12:46:08.0781 0476 DcomLaunch - ok 12:46:08.0859 0476 [ 5e38d7684a49cacfb752b046357e0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll 12:46:08.0984 0476 Dhcp - ok 12:46:09.0046 0476 [ 044452051f3e02e7963599fc8f4f3e25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys 12:46:09.0156 0476 Disk - ok 12:46:09.0203 0476 dmadmin - ok 12:46:09.0312 0476 [ d992fe1274bde0f84ad826acae022a41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys 12:46:09.0437 0476 dmboot - ok 12:46:09.0500 0476 [ 7c824cf7bbde77d95c08005717a95f6f ] dmio C:\WINDOWS\system32\drivers\dmio.sys 12:46:09.0625 0476 dmio - ok 12:46:09.0703 0476 [ e9317282a63ca4d188c0df5e09c6ac5f ] dmload C:\WINDOWS\system32\drivers\dmload.sys 12:46:09.0828 0476 dmload - ok 12:46:09.0906 0476 [ 57edec2e5f59f0335e92f35184bc8631 ] dmserver C:\WINDOWS\System32\dmserver.dll 12:46:10.0000 0476 dmserver - ok 12:46:10.0062 0476 [ 8a208dfcf89792a484e76c40e5f50b45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys 12:46:10.0187 0476 DMusic - ok 12:46:10.0250 0476 [ 5f7e24fa9eab896051ffb87f840730d2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll 12:46:10.0343 0476 Dnscache - ok 12:46:10.0421 0476 [ 0f0f6e687e5e15579ef4da8dd6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll 12:46:10.0546 0476 Dot3svc - ok 12:46:10.0578 0476 dpti2o - ok 12:46:10.0671 0476 [ 8f5fcff8e8848afac920905fbd9d33c8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys 12:46:10.0781 0476 drmkaud - ok 12:46:10.0828 0476 [ 2187855a7703adef0cef9ee4285182cc ] EapHost C:\WINDOWS\System32\eapsvc.dll 12:46:10.0968 0476 EapHost - ok 12:46:11.0093 0476 [ abdd5ad016affd34ad40e944ce94bf59 ] EpsonBidirectionalService C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe 12:46:11.0093 0476 EpsonBidirectionalService ( UnsignedFile.Multi.Generic ) - warning 12:46:11.0093 0476 EpsonBidirectionalService - detected UnsignedFile.Multi.Generic (1) 12:46:11.0140 0476 [ bc93b4a066477954555966d77fec9ecb ] ERSvc C:\WINDOWS\System32\ersvc.dll 12:46:11.0250 0476 ERSvc - ok 12:46:11.0343 0476 [ 65df52f5b8b6e9bbd183505225c37315 ] Eventlog C:\WINDOWS\system32\services.exe 12:46:11.0390 0476 Eventlog - ok 12:46:11.0484 0476 [ d4991d98f2db73c60d042f1aef79efae ] EventSystem C:\WINDOWS\system32\es.dll 12:46:11.0531 0476 EventSystem - ok 12:46:11.0578 0476 [ 38d332a6d56af32635675f132548343e ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys 12:46:11.0703 0476 Fastfat - ok 12:46:11.0765 0476 [ 99bc0b50f511924348be19c7c7313bbf ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll 12:46:11.0812 0476 FastUserSwitchingCompatibility - ok 12:46:12.0343 0476 [ 92cdd60b6730b9f50f6a1a0c1f8cdc81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys 12:46:12.0453 0476 Fdc - ok 12:46:12.0546 0476 [ d45926117eb9fa946a6af572fbe1caa3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys 12:46:12.0656 0476 Fips - ok 12:46:12.0781 0476 [ f76d04f7413b07daa029f6520b64b4e8 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe 12:46:12.0906 0476 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - warning 12:46:12.0906 0476 FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic (1) 12:46:12.0984 0476 [ 9d27e7b80bfcdf1cdd9b555862d5e7f0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys 12:46:13.0109 0476 Flpydisk - ok 12:46:15.0671 0476 [ b2cf4b0786f8212cb92ed2b50c6db6b0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys 12:46:15.0781 0476 FltMgr - ok 12:46:15.0921 0476 [ 8ba7c024070f2b7fdd98ed8a4ba41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe 12:46:15.0921 0476 FontCache3.0.0.0 - ok 12:46:15.0968 0476 [ 3e1e2bd4f39b0e2b7dc4f4d2bcc2779a ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys 12:46:16.0078 0476 Fs_Rec - ok 12:46:16.0140 0476 [ 6ac26732762483366c3969c9e4d2259d ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys 12:46:16.0250 0476 Ftdisk - ok 12:46:16.0343 0476 [ 8182ff89c65e4d38b2de4bb0fb18564e ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys 12:46:16.0359 0476 GEARAspiWDM - ok 12:46:16.0437 0476 [ 007aea2e06e7cef7372e40c277163959 ] ggflt C:\WINDOWS\system32\DRIVERS\ggflt.sys 12:46:16.0453 0476 ggflt - ok 12:46:16.0515 0476 [ c73de35960ca75c5ab4ae636b127c64e ] ggsemc C:\WINDOWS\system32\DRIVERS\ggsemc.sys 12:46:16.0531 0476 ggsemc - ok 12:46:16.0609 0476 [ 0a02c63c8b144bd8c86b103dee7c86a2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys 12:46:16.0718 0476 Gpc - ok 12:46:16.0843 0476 [ f02a533f517eb38333cb12a9e8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe 12:46:16.0859 0476 gupdate - ok 12:46:16.0890 0476 [ f02a533f517eb38333cb12a9e8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe 12:46:16.0906 0476 gupdatem - ok 12:46:17.0046 0476 [ 4fcca060dfe0c51a09dd5c3843888bcd ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll 12:46:17.0171 0476 helpsvc - ok 12:46:17.0234 0476 [ 748031ff4fe45ccc47546294905feab8 ] HidBatt C:\WINDOWS\system32\DRIVERS\HidBatt.sys 12:46:17.0375 0476 HidBatt - ok 12:46:17.0437 0476 [ deb04da35cc871b6d309b77e1443c796 ] HidServ C:\WINDOWS\System32\hidserv.dll 12:46:17.0562 0476 HidServ - ok 12:46:17.0656 0476 [ ccf82c5ec8a7326c3066de870c06daf1 ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys 12:46:17.0765 0476 hidusb - ok 12:46:17.0890 0476 [ 8878bd685e490239777bfe51320b88e9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll 12:46:18.0000 0476 hkmsvc - ok 12:46:18.0078 0476 [ 16959f84844dc9b2cef0d5b1a412370f ] HP LaserJet Service C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe 12:46:18.0093 0476 HP LaserJet Service ( UnsignedFile.Multi.Generic ) - warning 12:46:18.0093 0476 HP LaserJet Service - detected UnsignedFile.Multi.Generic (1) 12:46:18.0171 0476 [ 6f98a555acf3c1b68fcc1f50e0fd2091 ] HPFXBULKLEDM C:\WINDOWS\system32\drivers\hppcbulkio.sys 12:46:18.0187 0476 HPFXBULKLEDM - ok 12:46:18.0234 0476 hpn - ok 12:46:18.0343 0476 [ f80a415ef82cd06ffaf0d971528ead38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys 12:46:18.0406 0476 HTTP - ok 12:46:18.0437 0476 [ 6100a808600f44d999cebdef8841c7a3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll 12:46:18.0562 0476 HTTPFilter - ok 12:46:18.0609 0476 i2omgmt - ok 12:46:18.0671 0476 i2omp - ok 12:46:18.0781 0476 [ 4a0b06aa8943c1e332520f7440c0aa30 ] i8042prt C:\WINDOWS\system32\drivers\i8042prt.sys 12:46:18.0875 0476 i8042prt - ok 12:46:18.0984 0476 [ 0294a30b302ca71a2c26e582dda93486 ] ialm C:\WINDOWS\system32\DRIVERS\ialmnt5.sys 12:46:19.0046 0476 ialm ( UnsignedFile.Multi.Generic ) - warning 12:46:19.0046 0476 ialm - detected UnsignedFile.Multi.Generic (1) 12:46:19.0171 0476 [ c01ac32dc5c03076cfb852cb5da5229c ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 12:46:19.0218 0476 idsvc - ok 12:46:19.0250 0476 [ 083a052659f5310dd8b6a6cb05edcf8e ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys 12:46:19.0390 0476 Imapi - ok 12:46:19.0484 0476 [ 30deaf54a9755bb8546168cfe8a6b5e1 ] ImapiService C:\WINDOWS\system32\imapi.exe 12:46:19.0609 0476 ImapiService - ok 12:46:19.0687 0476 ini910u - ok 12:46:19.0781 0476 IntelIde - ok 12:46:19.0890 0476 [ 8c953733d8f36eb2133f5bb58808b66b ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys 12:46:20.0000 0476 intelppm - ok 12:46:20.0125 0476 [ 3dc635b66dd7412e1c9c3a77b8d78f25 ] IntuitUpdateService C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe 12:46:20.0140 0476 IntuitUpdateService - ok 12:46:20.0218 0476 [ 1663a135865f0ba6e853353e98e67f2a ] IntuitUpdateServiceV4 C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe 12:46:20.0234 0476 IntuitUpdateServiceV4 - ok 12:46:20.0281 0476 [ 3bb22519a194418d5fec05d800a19ad0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys 12:46:20.0390 0476 Ip6Fw - ok 12:46:20.0500 0476 [ 731f22ba402ee4b62748adaf6363c182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 12:46:20.0593 0476 IpFilterDriver - ok 12:46:20.0656 0476 [ b87ab476dcf76e72010632b5550955f5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys 12:46:20.0765 0476 IpInIp - ok 12:46:20.0843 0476 [ cc748ea12c6effde940ee98098bf96bb ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys 12:46:20.0953 0476 IpNat - ok 12:46:21.0062 0476 [ 32cdedd15e2d1a557cd54552ae78ff86 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe 12:46:21.0093 0476 iPod Service - ok 12:46:21.0156 0476 [ 23c74d75e36e7158768dd63d92789a91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys 12:46:21.0281 0476 IPSec - ok 12:46:21.0328 0476 [ c93c9ff7b04d772627a3646d89f7bf89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys 12:46:21.0437 0476 IRENUM - ok 12:46:21.0531 0476 [ 05a299ec56e52649b1cf2fc52d20f2d7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys 12:46:21.0656 0476 isapnp - ok 12:46:21.0859 0476 [ de5d05fd449798ef88cc34ad4b1e7f85 ] JavaQuickStarterService C:\Program Files\Java\jre6\bin\jqs.exe 12:46:21.0875 0476 JavaQuickStarterService - ok 12:46:21.0921 0476 [ 463c1ec80cd17420a542b7f36a36f128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys 12:46:22.0015 0476 Kbdclass - ok 12:46:22.0046 0476 [ 9ef487a186dea361aa06913a75b3fa99 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys 12:46:22.0187 0476 kbdhid - ok 12:46:22.0250 0476 [ 692bcf44383d056aed41b045a323d378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys 12:46:22.0359 0476 kmixer - ok 12:46:22.0421 0476 [ b467646c54cc746128904e1654c750c1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys 12:46:22.0484 0476 KSecDD - ok 12:46:22.0562 0476 [ 3a7c3cbe5d96b8ae96ce81f0b22fb527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll 12:46:22.0609 0476 lanmanserver - ok 12:46:22.0656 0476 [ a8888a5327621856c0cec4e385f69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll 12:46:22.0703 0476 lanmanworkstation - ok 12:46:22.0750 0476 lbrtfdc - ok 12:46:22.0937 0476 [ f34b35f6f74e28a460749da11d1117f8 ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe 12:46:22.0937 0476 LightScribeService - ok 12:46:23.0062 0476 [ bcdf72dce41874b3ad9143d537b493b2 ] Linksys_adapter_H C:\WINDOWS\system32\DRIVERS\AE2500xp.sys 12:46:23.0140 0476 Linksys_adapter_H - ok 12:46:23.0203 0476 [ a7db739ae99a796d91580147e919cc59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll 12:46:23.0328 0476 LmHosts - ok 12:46:23.0453 0476 [ 63daf163d1617dd611bd0ab8e41a43e8 ] LMIGuardianSvc E:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe 12:46:26.0531 0476 Suspicious file (Hidden): E:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe. md5: 63daf163d1617dd611bd0ab8e41a43e8 12:46:26.0546 0476 LMIGuardianSvc ( HiddenFile.Multi.Generic ) - warning 12:46:26.0546 0476 LMIGuardianSvc - detected HiddenFile.Multi.Generic (1) 12:46:26.0656 0476 [ 4f69faaabb7db0d43e327c0b6aab40fc ] LMIInfo E:\Program Files\LogMeIn\x86\RaInfo.sys 12:46:29.0765 0476 Suspicious file (Hidden): E:\Program Files\LogMeIn\x86\RaInfo.sys. md5: 4f69faaabb7db0d43e327c0b6aab40fc 12:46:29.0765 0476 LMIInfo ( HiddenFile.Multi.Generic ) - warning 12:46:29.0765 0476 LMIInfo - detected HiddenFile.Multi.Generic (1) 12:46:29.0875 0476 [ 175f50f37eeaa1d4d744bcccbb7cf68c ] LMIMaint E:\Program Files\LogMeIn\x86\RaMaint.exe 12:46:32.0921 0476 Suspicious file (Hidden): E:\Program Files\LogMeIn\x86\RaMaint.exe. md5: 175f50f37eeaa1d4d744bcccbb7cf68c 12:46:32.0921 0476 LMIMaint ( HiddenFile.Multi.Generic ) - warning 12:46:32.0921 0476 LMIMaint - detected HiddenFile.Multi.Generic (1) 12:46:33.0000 0476 [ 4477689e2d8ae6b78ba34c9af4cc1ed1 ] lmimirr C:\WINDOWS\system32\DRIVERS\lmimirr.sys 12:46:33.0015 0476 lmimirr - ok 12:46:33.0046 0476 LMIRfsClientNP - ok 12:46:33.0156 0476 [ 3faa563ddf853320f90259d455a01d79 ] LMIRfsDriver C:\WINDOWS\system32\drivers\LMIRfsDriver.sys 12:46:33.0171 0476 LMIRfsDriver - ok 12:46:33.0265 0476 [ 432618fa75b61059d2c57d6a7e55147a ] LogMeIn E:\Program Files\LogMeIn\x86\LogMeIn.exe 12:46:36.0359 0476 Suspicious file (Hidden): E:\Program Files\LogMeIn\x86\LogMeIn.exe. md5: 432618fa75b61059d2c57d6a7e55147a 12:46:36.0359 0476 LogMeIn ( HiddenFile.Multi.Generic ) - warning 12:46:36.0359 0476 LogMeIn - detected HiddenFile.Multi.Generic (1) 12:46:36.0421 0476 [ 6c1b3c47915a8bf6bd752c9d476b1ca5 ] mbamchameleon C:\WINDOWS\system32\drivers\mbamchameleon.sys 12:46:36.0437 0476 mbamchameleon - ok 12:46:36.0500 0476 [ 6dfe7f2e8e8a337263aa5c92a215f161 ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys 12:46:36.0515 0476 MBAMProtector - ok 12:46:36.0593 0476 [ 43683e970f008c93c9429ef428147a54 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe 12:46:36.0625 0476 MBAMService - ok 12:46:36.0765 0476 [ 11f714f85530a2bd134074dc30e99fca ] MDM C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE 12:46:36.0765 0476 Suspicious file (NoAccess): C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE. md5: 11f714f85530a2bd134074dc30e99fca 12:46:36.0765 0476 MDM ( LockedFile.Multi.Generic ) - warning 12:46:36.0765 0476 MDM - detected LockedFile.Multi.Generic (1) 12:46:36.0828 0476 [ 986b1ff5814366d71e0ac5755c88f2d3 ] Messenger C:\WINDOWS\System32\msgsvc.dll 12:46:36.0937 0476 Messenger - ok 12:46:37.0031 0476 [ 4ae068242760a1fb6e1a44bf4e16afa6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys 12:46:37.0156 0476 mnmdd - ok 12:46:37.0234 0476 [ d18f1f0c101d06a1c1adf26eed16fcdd ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe 12:46:37.0343 0476 mnmsrvc - ok 12:46:37.0421 0476 [ dfcbad3cec1c5f964962ae10e0bcc8e1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys 12:46:37.0546 0476 Modem - ok 12:46:37.0640 0476 [ 20ff89c59b0a50f53822303064988e00 ] MotDev C:\WINDOWS\system32\DRIVERS\motodrv.sys 12:46:37.0656 0476 MotDev ( UnsignedFile.Multi.Generic ) - warning 12:46:37.0656 0476 MotDev - detected UnsignedFile.Multi.Generic (1) 12:46:37.0734 0476 [ 49bc2ea84db5320b880a222e6e11b28b ] motmodem C:\WINDOWS\system32\DRIVERS\motmodem.sys 12:46:37.0765 0476 motmodem ( UnsignedFile.Multi.Generic ) - warning 12:46:37.0765 0476 motmodem - detected UnsignedFile.Multi.Generic (1) 12:46:37.0843 0476 [ 35c9e97194c8cfb8430125f8dbc34d04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys 12:46:37.0937 0476 Mouclass - ok 12:46:37.0984 0476 [ b1c303e17fb9d46e87a98e4ba6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys 12:46:38.0093 0476 mouhid - ok 12:46:38.0140 0476 [ a80b9a0bad1b73637dbcbba7df72d3fd ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys 12:46:38.0265 0476 MountMgr - ok 12:46:38.0375 0476 [ 46297fa8e30a6007f14118fc2b942fbc ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe 12:46:38.0390 0476 MozillaMaintenance - ok 12:46:38.0437 0476 mraid35x - ok 12:46:38.0515 0476 [ 11d42bb6206f33fbb3ba0288d3ef81bd ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys 12:46:38.0656 0476 MRxDAV - ok 12:46:38.0843 0476 [ 7d304a5eb4344ebeeab53a2fe3ffb9f0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 12:46:38.0937 0476 MRxSmb - ok 12:46:39.0015 0476 [ a137f1470499a205abbb9aafb3b6f2b1 ] MSDTC C:\WINDOWS\system32\msdtc.exe 12:46:39.0140 0476 MSDTC - ok 12:46:39.0281 0476 [ c941ea2454ba8350021d774daf0f1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys 12:46:39.0390 0476 Msfs - ok 12:46:39.0421 0476 MSIServer - ok 12:46:39.0750 0476 [ d1575e71568f4d9e14ca56b7b0453bf1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys 12:46:39.0890 0476 MSKSSRV - ok 12:46:40.0140 0476 [ 325bb26842fc7ccc1fcce2c457317f3e ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys 12:46:40.0312 0476 MSPCLOCK - ok 12:46:43.0265 0476 [ bad59648ba099da4a17680b39730cb3d ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys 12:46:43.0421 0476 MSPQM - ok 12:46:43.0671 0476 [ af5f4f3f14a8ea2c26de30f7a1e17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys 12:46:43.0781 0476 mssmbios - ok 12:46:44.0625 0476 MSSQL$SQLEXPRESS - ok 12:46:44.0812 0476 [ 1d89eb4e2a99cabd4e81225f4f4c4b25 ] MSSQLServerADHelper c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe 12:46:44.0890 0476 MSSQLServerADHelper - ok 12:46:45.0187 0476 [ e514d0493c272aecbac7c6c1dac635d1 ] msvsmon90 C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x86\msvsmon.exe 12:46:45.0453 0476 msvsmon90 - ok 12:46:45.0640 0476 [ de6a75f5c270e756c5508d94b6cf68f5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys 12:46:45.0703 0476 Mup - ok 12:46:45.0765 0476 MySQL - ok 12:46:45.0890 0476 [ 0102140028fad045756796e1c685d695 ] napagent C:\WINDOWS\System32\qagentrt.dll 12:46:46.0015 0476 napagent - ok 12:46:46.0203 0476 [ 6d8fcdd5bb3b676ef58fa234073492c6 ] NBService C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe 12:46:46.0250 0476 NBService - ok 12:46:46.0343 0476 [ 1df7f42665c94b825322fae71721130d ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys 12:46:46.0453 0476 NDIS - ok 12:46:46.0593 0476 [ 0109c4f3850dfbab279542515386ae22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys 12:46:46.0640 0476 NdisTapi - ok 12:46:46.0718 0476 [ f927a4434c5028758a842943ef1a3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys 12:46:46.0843 0476 Ndisuio - ok 12:46:46.0906 0476 [ edc1531a49c80614b2cfda43ca8659ab ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys 12:46:47.0031 0476 NdisWan - ok 12:46:47.0125 0476 [ 9282bd12dfb069d3889eb3fcc1000a9b ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys 12:46:47.0171 0476 NDProxy - ok 12:46:47.0250 0476 [ 80b7a96f908da13617e7e6832c5c6a64 ] Net Driver HPZ12 C:\WINDOWS\system32\HPZinw12.dll 12:46:47.0265 0476 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning 12:46:47.0265 0476 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1) 12:46:47.0343 0476 [ 5d81cf9a2f1a3a756b66cf684911cdf0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys 12:46:47.0437 0476 NetBIOS - ok 12:46:47.0515 0476 [ 74b2b2f5bea5e9a3dc021d685551bd3d ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys 12:46:47.0625 0476 NetBT - ok 12:46:47.0734 0476 [ b857ba82860d7ff85ae29b095645563b ] NetDDE C:\WINDOWS\system32\netdde.exe 12:46:47.0859 0476 NetDDE - ok 12:46:47.0890 0476 [ b857ba82860d7ff85ae29b095645563b ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe 12:46:48.0000 0476 NetDDEdsdm - ok 12:46:48.0062 0476 [ bf2466b3e18e970d8a976fb95fc1ca85 ] Netlogon C:\WINDOWS\system32\lsass.exe 12:46:48.0187 0476 Netlogon - ok 12:46:48.0250 0476 [ 13e67b55b3abd7bf3fe7aae5a0f9a9de ] Netman C:\WINDOWS\System32\netman.dll 12:46:48.0375 0476 Netman - ok 12:46:48.0453 0476 [ d34612c5d02d026535b3095d620626ae ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe 12:46:48.0468 0476 NetTcpPortSharing - ok 12:46:48.0531 0476 [ 943337d786a56729263071623bbb9de5 ] Nla C:\WINDOWS\System32\mswsock.dll 12:46:48.0562 0476 Nla - ok 12:46:48.0718 0476 [ 060daf68493ad7adf104413e5a62afa8 ] NMIndexingService C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe 12:46:48.0734 0476 NMIndexingService - ok 12:46:48.0812 0476 [ b48dc6abcd3aeff8618350ccbdc6b09a ] NPF C:\WINDOWS\system32\drivers\npf.sys 12:46:48.0828 0476 NPF - ok 12:46:48.0890 0476 [ 3182d64ae053d6fb034f44b6def8034a ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys 12:46:48.0984 0476 Npfs - ok 12:46:49.0046 0476 [ 78a08dd6a8d65e697c18e1db01c5cdca ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys 12:46:49.0171 0476 Ntfs - ok 12:46:49.0218 0476 [ bf2466b3e18e970d8a976fb95fc1ca85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe 12:46:49.0312 0476 NtLmSsp - ok 12:46:49.0421 0476 [ 156f64a3345bd23c600655fb4d10bc08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll 12:46:49.0546 0476 NtmsSvc - ok 12:46:49.0640 0476 [ 73c1e1f395918bc2c6dd67af7591a3ad ] Null C:\WINDOWS\system32\drivers\Null.sys 12:46:49.0750 0476 Null - ok 12:46:49.0812 0476 [ b305f3fad35083837ef46a0bbce2fc57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys 12:46:49.0937 0476 NwlnkFlt - ok 12:46:49.0968 0476 [ c99b3415198d1aab7227f2c88fd664b9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys 12:46:50.0093 0476 NwlnkFwd - ok 12:46:50.0171 0476 [ cec7e2c6c1fa00c7ab2f5434f848ae51 ] OMCI C:\WINDOWS\SYSTEM32\DRIVERS\OMCI.SYS 12:46:50.0187 0476 OMCI ( UnsignedFile.Multi.Generic ) - warning 12:46:50.0187 0476 OMCI - detected UnsignedFile.Multi.Generic (1) 12:46:50.0312 0476 [ da345de3b450e9e1691e7b9956d8ffc3 ] OMSI download service C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe 12:46:50.0328 0476 OMSI download service ( UnsignedFile.Multi.Generic ) - warning 12:46:50.0328 0476 OMSI download service - detected UnsignedFile.Multi.Generic (1) 12:46:50.0453 0476 [ 9d10f99a6712e28f8acd5641e3a7ea6b ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE 12:46:50.0468 0476 ose - ok 12:46:50.0718 0476 [ 358a9cca612c68eb2f07ddad4ce1d8d7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 12:46:50.0875 0476 osppsvc - ok 12:46:50.0984 0476 [ 5575faf8f97ce5e713d108c2a58d7c7c ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys 12:46:51.0109 0476 Parport - ok 12:46:51.0187 0476 [ beb3ba25197665d82ec7065b724171c6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys 12:46:51.0281 0476 PartMgr - ok 12:46:51.0359 0476 [ 70e98b3fd8e963a6a46a2e6247e0bea1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys 12:46:51.0484 0476 ParVdm - ok 12:46:51.0546 0476 [ a219903ccf74233761d92bef471a07b1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys 12:46:51.0656 0476 PCI - ok 12:46:51.0703 0476 PCIDump - ok 12:46:51.0796 0476 [ ccf5f451bb1a5a2a522a76e670000ff0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys 12:46:51.0921 0476 PCIIde - ok 12:46:51.0968 0476 [ 9e89ef60e9ee05e3f2eef2da7397f1c1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys 12:46:52.0078 0476 Pcmcia - ok 12:46:52.0109 0476 PDCOMP - ok 12:46:52.0171 0476 PDFRAME - ok 12:46:52.0250 0476 PDRELI - ok 12:46:52.0312 0476 PDRFRAME - ok 12:46:52.0390 0476 perc2 - ok 12:46:52.0453 0476 perc2hib - ok 12:46:52.0687 0476 [ 65df52f5b8b6e9bbd183505225c37315 ] PlugPlay C:\WINDOWS\system32\services.exe 12:46:52.0718 0476 PlugPlay - ok 12:46:52.0765 0476 [ 0c155c5d8942b3cbcf9506a9d376b9ad ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.dll 12:46:52.0796 0476 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning 12:46:52.0796 0476 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1) 12:46:52.0828 0476 [ bf2466b3e18e970d8a976fb95fc1ca85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe 12:46:52.0937 0476 PolicyAgent - ok 12:46:53.0015 0476 [ efeec01b1d3cf84f16ddd24d9d9d8f99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys 12:46:53.0140 0476 PptpMiniport - ok 12:46:53.0187 0476 [ bf2466b3e18e970d8a976fb95fc1ca85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe 12:46:53.0296 0476 ProtectedStorage - ok 12:46:53.0359 0476 [ 09298ec810b07e5d582cb3a3f9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys 12:46:53.0468 0476 PSched - ok 12:46:53.0531 0476 [ 80d317bd1c3dbc5d4fe7b1678c60cadd ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys 12:46:53.0656 0476 Ptilink - ok 12:46:53.0687 0476 ql1080 - ok 12:46:53.0765 0476 Ql10wnt - ok 12:46:53.0828 0476 ql12160 - ok 12:46:53.0906 0476 ql1240 - ok 12:46:53.0968 0476 ql1280 - ok 12:46:54.0046 0476 [ fe0d99d6f31e4fad8159f690d68ded9c ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys 12:46:54.0140 0476 RasAcd - ok 12:46:54.0234 0476 [ ad188be7bdf94e8df4ca0a55c00a5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll 12:46:54.0359 0476 RasAuto - ok 12:46:54.0390 0476 [ 11b4a627bc9614b885c4969bfa5ff8a6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 12:46:54.0500 0476 Rasl2tp - ok 12:46:54.0578 0476 [ 76a9a3cbeadd68cc57cda5e1d7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll 12:46:54.0718 0476 RasMan - ok 12:46:54.0750 0476 [ 5bc962f2654137c9909c3d4603587dee ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys 12:46:54.0875 0476 RasPppoe - ok 12:46:54.0921 0476 [ fdbb1d60066fcfbb7452fd8f9829b242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys 12:46:55.0046 0476 Raspti - ok 12:46:55.0109 0476 [ 7ad224ad1a1437fe28d89cf22b17780a ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys 12:46:55.0218 0476 Rdbss - ok 12:46:55.0281 0476 [ 4912d5b403614ce99c28420f75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys 12:46:55.0390 0476 RDPCDD - ok 12:46:55.0468 0476 [ 15cabd0f7c00c47c70124907916af3f1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys 12:46:55.0578 0476 rdpdr - ok 12:46:55.0718 0476 [ 6589db6e5969f8eee594cf71171c5028 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys 12:46:55.0750 0476 RDPWD - ok 12:46:55.0812 0476 [ 3c37bf86641bda977c3bf8a840f3b7fa ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe 12:46:55.0906 0476 RDSessMgr - ok 12:46:56.0000 0476 [ f828dd7e1419b6653894a8f97a0094c5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys 12:46:56.0093 0476 redbook - ok 12:46:56.0187 0476 [ 7e699ff5f59b5d9de5390e3c34c67cf5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll 12:46:56.0296 0476 RemoteAccess - ok 12:46:56.0343 0476 [ 5b19b557b0c188210a56a6b699d90b8f ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll 12:46:56.0468 0476 RemoteRegistry - ok 12:46:56.0562 0476 [ f17713d108aca124a139fde877eef68a ] RimUsb C:\WINDOWS\system32\Drivers\RimUsb.sys 12:46:56.0578 0476 RimUsb ( UnsignedFile.Multi.Generic ) - warning 12:46:56.0578 0476 RimUsb - detected UnsignedFile.Multi.Generic (1) 12:46:56.0640 0476 [ 2c4fb2e9f039287767c384e46ee91030 ] RimVSerPort C:\WINDOWS\system32\DRIVERS\RimSerial.sys 12:46:56.0640 0476 RimVSerPort ( UnsignedFile.Multi.Generic ) - warning 12:46:56.0640 0476 RimVSerPort - detected UnsignedFile.Multi.Generic (1) 12:46:56.0718 0476 [ d8b0b4ade32574b2d9c5cc34dc0dbbe7 ] ROOTMODEM C:\WINDOWS\system32\Drivers\RootMdm.sys 12:46:56.0843 0476 ROOTMODEM - ok 12:46:56.0953 0476 [ b60f58f175de20a6739194e85b035178 ] rpcapd C:\Program Files\WinPcap\rpcapd.exe 12:46:56.0968 0476 rpcapd - ok 12:46:57.0046 0476 [ aaed593f84afa419bbae8572af87cf6a ] RpcLocator C:\WINDOWS\system32\locator.exe 12:46:57.0156 0476 RpcLocator - ok 12:46:57.0218 0476 [ 6b27a5c03dfb94b4245739065431322c ] RpcSs C:\WINDOWS\system32\rpcss.dll 12:46:57.0281 0476 RpcSs - ok 12:46:57.0343 0476 [ 471b3f9741d762abe75e9deea4787e47 ] RSVP C:\WINDOWS\system32\rsvp.exe 12:46:57.0468 0476 RSVP - ok 12:46:57.0562 0476 [ 2c70c23787f8b500eccc5c1280b72e7c ] RT2500 C:\WINDOWS\system32\DRIVERS\RT2500.sys 12:46:57.0593 0476 RT2500 - ok 12:46:57.0656 0476 SABKUTIL - ok 12:46:57.0703 0476 [ bf2466b3e18e970d8a976fb95fc1ca85 ] SamSs C:\WINDOWS\system32\lsass.exe 12:46:57.0796 0476 SamSs - ok 12:46:57.0875 0476 [ 39763504067962108505bff25f024345 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS 12:46:57.0890 0476 SASDIFSV - ok 12:46:57.0921 0476 [ 77b9fc20084b48408ad3e87570eb4a85 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS 12:46:57.0937 0476 SASKUTIL - ok 12:46:58.0031 0476 [ 86d007e7a654b9a71d1d7d856b104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe 12:46:58.0171 0476 SCardSvr - ok 12:46:58.0203 0476 [ 0a9a7365a1ca4319aa7c1d6cd8e4eafa ] Schedule C:\WINDOWS\system32\schedsvc.dll 12:46:58.0343 0476 Schedule - ok 12:46:58.0484 0476 [ 90a3935d05b494a5a39d37e71f09a677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys 12:46:58.0578 0476 Secdrv - ok 12:46:58.0640 0476 [ cbe612e2bb6a10e3563336191eda1250 ] seclogon C:\WINDOWS\System32\seclogon.dll 12:46:58.0765 0476 seclogon - ok 12:46:58.0875 0476 [ b9c7617c1e8ab6fdff75d3c8dafcb4c8 ] senfilt C:\WINDOWS\system32\drivers\senfilt.sys 12:46:58.0890 0476 senfilt ( UnsignedFile.Multi.Generic ) - warning 12:46:58.0890 0476 senfilt - detected UnsignedFile.Multi.Generic (1) 12:46:58.0937 0476 [ 7fdd5d0684eca8c1f68b4d99d124dcd0 ] SENS C:\WINDOWS\system32\sens.dll 12:46:59.0062 0476 SENS - ok 12:46:59.0140 0476 [ a2cc81c30bef6ac9f27055490eef6de3 ] Sentinel C:\WINDOWS\System32\Drivers\SENTINEL.SYS 12:46:59.0156 0476 Sentinel - ok 12:46:59.0234 0476 [ b490ad520257dda26c1d587a71e527b5 ] Ser2pl C:\WINDOWS\system32\DRIVERS\ser2pl.sys 12:46:59.0296 0476 Ser2pl - ok 12:46:59.0375 0476 [ 0f29512ccd6bead730039fb4bd2c85ce ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys 12:46:59.0468 0476 serenum - ok 12:46:59.0531 0476 [ cca207a8896d4c6a0c9ce29a4ae411a7 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys 12:46:59.0656 0476 Serial - ok 12:46:59.0906 0476 [ 8e6b8c671615d126fdc553d1e2de5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys 12:47:00.0031 0476 Sfloppy - ok 12:47:00.0125 0476 [ 83f41d0d89645d7235c051ab1d9523ac ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll 12:47:00.0265 0476 SharedAccess - ok 12:47:00.0328 0476 [ 99bc0b50f511924348be19c7c7313bbf ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll 12:47:00.0343 0476 ShellHWDetection - ok 12:47:00.0406 0476 Simbad - ok 12:47:00.0687 0476 [ 0f97e7a47a52f4a36969f0fc319654c2 ] Skype C2C Service C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe 12:47:00.0796 0476 Skype C2C Service - ok 12:47:00.0921 0476 [ 6128e98eaaed364ed1a32708d2fd22cb ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe 12:47:00.0937 0476 SkypeUpdate - ok 12:47:01.0093 0476 [ c6d9959e493682f872a639b6ec1b4a08 ] smwdm C:\WINDOWS\system32\drivers\smwdm.sys 12:47:01.0125 0476 smwdm ( UnsignedFile.Multi.Generic ) - warning 12:47:01.0125 0476 smwdm - detected UnsignedFile.Multi.Generic (1) 12:47:01.0203 0476 [ 4cd88cd1891b63d0d84c1a0fa3786b47 ] SNTNLUSB C:\WINDOWS\system32\DRIVERS\SNTNLUSB.SYS 12:47:01.0218 0476 SNTNLUSB - ok 12:47:01.0296 0476 [ a1eceeaa5c5e74b2499eb51d38185b84 ] SONYPVU1 C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS 12:47:01.0406 0476 SONYPVU1 - ok 12:47:01.0437 0476 Sparrow - ok 12:47:01.0546 0476 [ ab8b92451ecb048a4d1de7c3ffcb4a9f ] splitter C:\WINDOWS\system32\drivers\splitter.sys 12:47:01.0671 0476 splitter - ok 12:47:01.0750 0476 [ 60784f891563fb1b767f70117fc2428f ] Spooler C:\WINDOWS\system32\spoolsv.exe 12:47:01.0812 0476 Spooler - ok 12:47:01.0875 0476 [ 86ebd8b1f23e743aad21f4d5b4d40985 ] SQLBrowser c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe 12:47:01.0890 0476 SQLBrowser - ok 12:47:02.0000 0476 [ d89083c4eb02daca8f944b0e05e57f9d ] SQLWriter c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe 12:47:02.0015 0476 SQLWriter - ok 12:47:02.0093 0476 [ 76bb022c2fb6902fd5bdd4f78fc13a5d ] sr C:\WINDOWS\system32\DRIVERS\sr.sys 12:47:02.0203 0476 sr - ok 12:47:02.0281 0476 [ 3805df0ac4296a34ba4bf93b346cc378 ] srservice C:\WINDOWS\system32\srsvc.dll 12:47:02.0390 0476 srservice - ok 12:47:02.0468 0476 [ 47ddfc2f003f7f9f0592c6874962a2e7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys 12:47:02.0531 0476 Srv - ok 12:47:02.0609 0476 [ 0a5679b3714edab99e357057ee88fca6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll 12:47:02.0718 0476 SSDPSRV - ok 12:47:02.0812 0476 [ 8bad69cbac032d4bbacfce0306174c30 ] stisvc C:\WINDOWS\system32\wiaservc.dll 12:47:02.0937 0476 stisvc - ok 12:47:03.0015 0476 [ 3941d127aef12e93addf6fe6ee027e0f ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys 12:47:03.0125 0476 swenum - ok 12:47:03.0203 0476 [ 8ce882bcc6cf8a62f2b2323d95cb3d01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys 12:47:03.0312 0476 swmidi - ok 12:47:03.0359 0476 SwPrv - ok 12:47:03.0453 0476 symc810 - ok 12:47:03.0531 0476 symc8xx - ok 12:47:03.0593 0476 sym_hi - ok 12:47:03.0671 0476 sym_u3 - ok 12:47:03.0765 0476 [ 8b83f3ed0f1688b4958f77cd6d2bf290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys 12:47:03.0875 0476 sysaudio - ok 12:47:03.0937 0476 [ c7abbc59b43274b1109df6b24d617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe 12:47:04.0062 0476 SysmonLog - ok 12:47:04.0125 0476 [ 3cb78c17bb664637787c9a1c98f79c38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll 12:47:04.0234 0476 TapiSrv - ok 12:47:04.0328 0476 [ 9aefa14bd6b182d61e3119fa5f436d3d ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys 12:47:04.0359 0476 Tcpip - ok 12:47:04.0437 0476 [ 6471a66807f5e104e4885f5b67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys 12:47:04.0562 0476 TDPIPE - ok 12:47:04.0609 0476 [ c56b6d0402371cf3700eb322ef3aaf61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys 12:47:04.0718 0476 TDTCP - ok 12:47:04.0781 0476 [ 88155247177638048422893737429d9e ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys 12:47:04.0875 0476 TermDD - ok 12:47:04.0937 0476 [ ff3477c03be7201c294c35f684b3479f ] TermService C:\WINDOWS\System32\termsrv.dll 12:47:05.0078 0476 TermService - ok 12:47:05.0125 0476 [ 99bc0b50f511924348be19c7c7313bbf ] Themes C:\WINDOWS\System32\shsvcs.dll 12:47:05.0140 0476 Themes - ok 12:47:05.0218 0476 [ db7205804759ff62c34e3efd8a4cc76a ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe 12:47:05.0343 0476 TlntSvr - ok 12:47:05.0375 0476 TosIde - ok 12:47:05.0468 0476 [ 55bca12f7f523d35ca3cb833c725f54e ] TrkWks C:\WINDOWS\system32\trkwks.dll 12:47:05.0593 0476 TrkWks - ok 12:47:05.0687 0476 [ 5787b80c2e3c5e2f56c2a233d91fa2c9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys 12:47:05.0812 0476 Udfs - ok 12:47:05.0843 0476 ultra - ok 12:47:05.0953 0476 [ 402ddc88356b1bac0ee3dd1580c76a31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys 12:47:06.0062 0476 Update - ok 12:47:06.0125 0476 [ 1ebafeb9a3fbdc41b8d9c7f0f687ad91 ] upnphost C:\WINDOWS\System32\upnphost.dll 12:47:06.0234 0476 upnphost - ok 12:47:06.0296 0476 [ 05365fb38fca1e98f7a566aaaf5d1815 ] UPS C:\WINDOWS\System32\ups.exe 12:47:06.0406 0476 UPS - ok 12:47:06.0484 0476 [ 4b8a9c16b6d9258ed99c512aecb8c555 ] USBAAPL C:\WINDOWS\system32\Drivers\usbaapl.sys 12:47:06.0484 0476 USBAAPL ( UnsignedFile.Multi.Generic ) - warning 12:47:06.0484 0476 USBAAPL - detected UnsignedFile.Multi.Generic (1) 12:47:06.0578 0476 [ e919708db44ed8543a7c017953148330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys 12:47:06.0687 0476 usbaudio - ok 12:47:06.0765 0476 [ 173f317ce0db8e21322e71b7e60a27e8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys 12:47:06.0890 0476 usbccgp - ok 12:47:06.0937 0476 [ 65dcf09d0e37d4c6b11b5b0b76d470a7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys 12:47:07.0046 0476 usbehci - ok 12:47:07.0093 0476 [ 1ab3cdde553b6e064d2e754efe20285c ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys 12:47:07.0218 0476 usbhub - ok 12:47:07.0281 0476 [ a717c8721046828520c9edf31288fc00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys 12:47:07.0390 0476 usbprint - ok 12:47:07.0453 0476 [ a0b8cf9deb1184fbdd20784a58fa75d4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys 12:47:07.0578 0476 usbscan - ok 12:47:07.0609 0476 [ a32426d9b14a089eaa1d922e0c5801a9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 12:47:07.0703 0476 USBSTOR - ok 12:47:07.0781 0476 [ 26496f9dee2d787fc3e61ad54821ffe6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys 12:47:07.0875 0476 usbuhci - ok 12:47:07.0921 0476 [ b6cc50279d6cd28e090a5d33244adc9a ] usb_rndisx C:\WINDOWS\system32\DRIVERS\usb8023x.sys 12:47:08.0031 0476 usb_rndisx - ok 12:47:08.0093 0476 [ 0d3a8fafceacd8b7625cd549757a7df1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys 12:47:08.0187 0476 VgaSave - ok 12:47:08.0218 0476 ViaIde - ok 12:47:08.0296 0476 [ 4c8fcb5cc53aab716d810740fe59d025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys 12:47:08.0421 0476 VolSnap - ok 12:47:08.0484 0476 [ 7a9db3a67c333bf0bd42e42b8596854b ] VSS C:\WINDOWS\System32\vssvc.exe 12:47:08.0593 0476 VSS - ok 12:47:08.0687 0476 [ 54af4b1d5459500ef0937f6d33b1914f ] W32Time C:\WINDOWS\system32\w32time.dll 12:47:08.0812 0476 W32Time - ok 12:47:08.0906 0476 [ e20b95baedb550f32dd489265c1da1f6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys 12:47:09.0015 0476 Wanarp - ok 12:47:09.0078 0476 [ bbcfeab7e871cddac2d397ee7fa91fdc ] Wdf01000 C:\WINDOWS\system32\DRIVERS\Wdf01000.sys 12:47:09.0109 0476 Wdf01000 - ok 12:47:09.0156 0476 WDICA - ok 12:47:09.0250 0476 [ 6768acf64b18196494413695f0c3a00f ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys 12:47:09.0343 0476 wdmaud - ok 12:47:09.0453 0476 [ 77a354e28153ad2d5e120a5a8687bc06 ] WebClient C:\WINDOWS\System32\webclnt.dll 12:47:09.0578 0476 WebClient - ok 12:47:09.0750 0476 [ 2d0e4ed081963804ccc196a0929275b5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll 12:47:09.0859 0476 winmgmt - ok 12:47:10.0046 0476 [ fd600b032e741eb6aab509fc630f7c42 ] WinUSB C:\WINDOWS\system32\DRIVERS\WinUSB.sys 12:47:10.0062 0476 WinUSB - ok 12:47:10.0140 0476 [ c51b4a5c05a5475708e3c81c7765b71d ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll 12:47:10.0171 0476 WmdmPmSN - ok 12:47:10.0250 0476 [ e76f8807070ed04e7408a86d6d3a6137 ] Wmi C:\WINDOWS\System32\advapi32.dll 12:47:10.0296 0476 Wmi - ok 12:47:10.0421 0476 [ e0673f1106e62a68d2257e376079f821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe 12:47:10.0546 0476 WmiApSrv - ok 12:47:10.0687 0476 [ f74e3d9a7fa9556c3bbb14d4e5e63d3b ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe 12:47:10.0734 0476 WMPNetworkSvc - ok 12:47:10.0906 0476 [ dcf3e3edf5109ee8bc02fe6e1f045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe 12:47:10.0937 0476 WPFFontCache_v0400 - ok 12:47:11.0062 0476 [ 7c278e6408d1dce642230c0585a854d5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll 12:47:11.0187 0476 wscsvc - ok 12:47:11.0250 0476 [ 35321fb577cdc98ce3eb3a3eb9e4610a ] wuauserv C:\WINDOWS\system32\wuauserv.dll 12:47:11.0375 0476 wuauserv - ok 12:47:11.0453 0476 [ f15feafffbb3644ccc80c5da584e6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys 12:47:11.0500 0476 WudfPf - ok 12:47:11.0546 0476 [ 28b524262bce6de1f7ef9f510ba3985b ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys 12:47:11.0578 0476 WudfRd - ok 12:47:11.0625 0476 [ 05231c04253c5bc30b26cbaae680ed89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll 12:47:11.0656 0476 WudfSvc - ok 12:47:11.0765 0476 [ 81dc3f549f44b1c1fff022dec9ecf30b ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll 12:47:11.0890 0476 WZCSVC - ok 12:47:12.0046 0476 [ 295d21f14c335b53cb8154e5b1f892b9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll 12:47:12.0234 0476 xmlprov - ok 12:47:12.0421 0476 ================ Scan global =============================== 12:47:15.0031 0476 (42f1f4c0afb08410e5f02d4b13ebb623) C:\WINDOWS\system32\basesrv.dll 12:47:15.0078 0476 (8c7dca4b158bf16894120786a7a5f366) C:\WINDOWS\system32\winsrv.dll 12:47:15.0093 0476 (8c7dca4b158bf16894120786a7a5f366) C:\WINDOWS\system32\winsrv.dll 12:47:15.0140 0476 (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe 12:47:15.0140 0476 [Global] - ok 12:47:15.0171 0476 ================ Scan MBR ================================== 12:47:15.0218 0476 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0 12:47:15.0562 0476 \Device\Harddisk0\DR0 - ok 12:47:15.0609 0476 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR1 12:47:15.0671 0476 \Device\Harddisk1\DR1 - ok 12:47:15.0671 0476 ================ Scan VBR ================================== 12:47:15.0734 0476 Boot (0x1200) (012ca5cedb452d75a8bcc5b6ae631922) \Device\Harddisk0\DR0\Partition1 12:47:15.0750 0476 \Device\Harddisk0\DR0\Partition1 - ok 12:47:15.0781 0476 Boot (0x1200) (455dcb6d401dccba2ffa585e52105ac6) \Device\Harddisk1\DR1\Partition1 12:47:15.0781 0476 \Device\Harddisk1\DR1\Partition1 - ok 12:47:15.0812 0476 ============================================================ 12:47:15.0812 0476 Scan finished 12:47:15.0812 0476 ============================================================ 12:47:16.0015 2008 Detected object count: 28 12:47:16.0015 2008 Actual detected object count: 28 12:50:35.0562 2008 HKLM\SYSTEM\ControlSet001\services\13ef08ce - will be deleted on reboot 12:50:35.0593 2008 HKLM\SYSTEM\ControlSet002\services\13ef08ce - will be deleted on reboot 12:50:35.0609 2008 HKLM\SYSTEM\ControlSet004\services\13ef08ce - will be deleted on reboot 12:50:35.0609 2008 C:\WINDOWS\3456691987:3960534833.exe - will be deleted on reboot 12:50:35.0609 2008 13ef08ce ( Rootkit.Win32.PMax.gen ) - User select action: Delete 12:50:35.0640 2008 Akamai ( HiddenFile.Multi.Generic ) - skipped by user 12:50:35.0640 2008 Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip 12:50:35.0687 2008 APC Data Service ( HiddenFile.Multi.Generic ) - skipped by user 12:50:35.0687 2008 APC Data Service ( HiddenFile.Multi.Generic ) - User select action: Skip 12:50:35.0718 2008 APC UPS Service ( HiddenFile.Multi.Generic ) - skipped by user 12:50:35.0718 2008 APC UPS Service ( HiddenFile.Multi.Generic ) - User select action: Skip 12:50:35.0750 2008 Ati HotKey Poller ( UnsignedFile.Multi.Generic ) - skipped by user 12:50:35.0750 2008 Ati HotKey Poller ( UnsignedFile.Multi.Generic ) - User select action: Skip 12:50:35.0781 2008 ATI Smart ( UnsignedFile.Multi.Generic ) - skipped by user 12:50:35.0781 2008 ATI Smart ( UnsignedFile.Multi.Generic ) - User select action: Skip 12:50:35.0812 2008 ati2mtag ( UnsignedFile.Multi.Generic ) - skipped by user 12:50:35.0812 2008 ati2mtag ( UnsignedFile.Multi.Generic ) - User select action: Skip 12:50:35.0859 2008 Cebal ( UnsignedFile.Multi.Generic ) - skipped by user 12:50:35.0859 2008 Cebal ( UnsignedFile.Multi.Generic ) - User select action: Skip 12:50:35.0890 2008 EpsonBidirectionalService ( UnsignedFile.Multi.Generic ) - skipped by user 12:50:35.0890 2008 EpsonBidirectionalService ( UnsignedFile.Multi.Generic ) - User select action: Skip 12:50:35.0921 2008 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user 12:50:35.0921 2008 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 12:50:35.0968 2008 HP LaserJet Service ( UnsignedFile.Multi.Generic ) - skipped by user 12:50:35.0968 2008 HP LaserJet Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 12:50:36.0000 2008 ialm ( UnsignedFile.Multi.Generic ) - skipped by user 12:50:36.0000 2008 ialm ( UnsignedFile.Multi.Generic ) - User select action: Skip 12:50:36.0031 2008 LMIGuardianSvc ( HiddenFile.Multi.Generic ) - skipped by user 12:50:36.0031 2008 LMIGuardianSvc ( HiddenFile.Multi.Generic ) - User select action: Skip 12:50:36.0031 2008 LMIInfo ( HiddenFile.Multi.Generic ) - skipped by user 12:50:36.0031 2008 LMIInfo ( HiddenFile.Multi.Generic ) - User select action: Skip 12:50:36.0093 2008 LMIMaint ( HiddenFile.Multi.Generic ) - skipped by user 12:50:36.0093 2008 LMIMaint ( HiddenFile.Multi.Generic ) - User select action: Skip 12:50:36.0140 2008 LogMeIn ( HiddenFile.Multi.Generic ) - skipped by user 12:50:36.0140 2008 LogMeIn ( HiddenFile.Multi.Generic ) - User select action: Skip 12:50:36.0140 2008 MDM ( LockedFile.Multi.Generic ) - skipped by user 12:50:36.0140 2008 MDM ( LockedFile.Multi.Generic ) - User select action: Skip 12:50:36.0171 2008 MotDev ( UnsignedFile.Multi.Generic ) - skipped by user 12:50:36.0171 2008 MotDev ( UnsignedFile.Multi.Generic ) - User select action: Skip 12:50:36.0203 2008 motmodem ( UnsignedFile.Multi.Generic ) - skipped by user 12:50:36.0203 2008 motmodem ( UnsignedFile.Multi.Generic ) - User select action: Skip 12:50:36.0250 2008 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user 12:50:36.0250 2008 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 12:50:36.0281 2008 OMCI ( UnsignedFile.Multi.Generic ) - skipped by user 12:50:36.0281 2008 OMCI ( UnsignedFile.Multi.Generic ) - User select action: Skip 12:50:36.0281 2008 OMSI download service ( UnsignedFile.Multi.Generic ) - skipped by user 12:50:36.0281 2008 OMSI download service ( UnsignedFile.Multi.Generic ) - User select action: Skip 12:50:36.0312 2008 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user 12:50:36.0312 2008 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 12:50:36.0343 2008 RimUsb ( UnsignedFile.Multi.Generic ) - skipped by user 12:50:36.0343 2008 RimUsb ( UnsignedFile.Multi.Generic ) - User select action: Skip 12:50:36.0390 2008 RimVSerPort ( UnsignedFile.Multi.Generic ) - skipped by user 12:50:36.0390 2008 RimVSerPort ( UnsignedFile.Multi.Generic ) - User select action: Skip 12:50:36.0453 2008 senfilt ( UnsignedFile.Multi.Generic ) - skipped by user 12:50:36.0453 2008 senfilt ( UnsignedFile.Multi.Generic ) - User select action: Skip 12:50:36.0484 2008 smwdm ( UnsignedFile.Multi.Generic ) - skipped by user 12:50:36.0484 2008 smwdm ( UnsignedFile.Multi.Generic ) - User select action: Skip 12:50:36.0515 2008 USBAAPL ( UnsignedFile.Multi.Generic ) - skipped by user 12:50:36.0515 2008 USBAAPL ( UnsignedFile.Multi.Generic ) - User select action: Skip 12:51:38.0203 0496 Deinitialize success
- August 14, 2012
- 12 replies
Help: Malwarebytes hangs at 1or2 secs, PC very slow

escapee posted a topic in Resolved Malware Removal Logs

Hi, Need a little help. Malwarebytes is hanging at 1 or 2 seconds. Chamelon does the same thing after starting up the app. Took long time for DDS to run. I see applications trying to install automatically that are already installed. Very strange behaviour. Also, Malwarebytes would not run in safemode. Thanks, Escapee attach.txt dds.txt
- August 14, 2012
- 12 replies

Sign In

escapee

Posts

Joined

Last visited

Content Type

Events

Profiles

Forums

Everything posted by escapee

Help: Malwarebytes hangs at 1or2 secs, PC very slow

Help: Malwarebytes hangs at 1or2 secs, PC very slow

Help: Malwarebytes hangs at 1or2 secs, PC very slow

Help: Malwarebytes hangs at 1or2 secs, PC very slow

Help: Malwarebytes hangs at 1or2 secs, PC very slow

Help: Malwarebytes hangs at 1or2 secs, PC very slow

Browse

Activity

Personal

Business

Business Modules

Partners

Learn

Start here

Type of malware/attacks

How does it get on my computer?

Scams and grifts

Support

Important Information