Talking Voice in background and Computer randomly shutting down

[ksimmons01]

Hello,

I have ran my Trend Micro and it did not find anything. When I ran Malwarebytes, it did find a couple malware as well as a trojan virus. When I ran it again in safe mode, it did not detect anything further. I am now coming to you and following instructions in order to get further assistance on this issue.

I have been having problem with a voice talking in the background of my computer saying, "you just won!".

For about a month now, I will be doing work on my computer and then it will just shut down and tell me that it has detected something. I will run it in safe mode and when all seems fine, I put it back in regular mode.

Then 2 days ago when I was starting up my computer it was performing a system repair and prompting me to do a system restore. I am not sure what is in my computer, but there is definitely something. Please help?!?!?

Thank you soooo much and I will wait to hear from you:)

DDS.txt

Attach.txt

[MrCharlie]

Welcome to the forum.

Please uninstall "StartNow Toolbar" from add/remove programs.

Then........

Please remove any usb or external drives from the computer before you run this scan!

Please download and run RogueKiller.

For Windows XP, double-click to start.

For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.

Click Scan to scan the system (don't run any other options, they're not all bad!)

Post back the report.

MrC

[ksimmons01]

Hi MrC,

Thanks so much for your help. Attached is the report. Please let me know what I should do next. Thanks:)

RKreport1.txt

[MrCharlie]

From the RogueKiller log...this one is definitely bad, we'll fix it later:

¤¤¤ Registry Entries: 7 ¤¤¤

[PROXY IE] HKCU\[...]\Internet Settings : ProxyServer (http=127.0.0.1:57737) -> FOUND

Did you set up DNS server:

[DNS] HKLM\[...]\ControlSet001\Parameters\Interfaces\{20975043-9851-4242-8D27-A53777FF3E41} : NameServer (206.28.216.6,206.28.216.7) -> FOUND

------------------------------------

Next.......

Please make sure system restore is running and create a new restore point before continuing.

XP <===> Vista & W7

XP users > please back up the registry using ERUNT.

-----------------------------------------

Please download and run TDSSKiller to your desktop as outlined below:

Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.

For Windows XP, double-click to start.

For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.

-------------------------

Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.

------------------------

Click the Start Scan button.

-----------------------

If a suspicious object is detected, the default action will be Skip, click on Continue

If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose

Skip and click on Continue

Any entries like this: \Device\Harddisk0\DR0 ( TDSS File System ) - please choose delete.

----------------------

If malicious objects are found, they will show in the Scan results and offer three (3) options.

Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.

Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

--------------------

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.

-------------------

Here's a summary of what to do if you would like to print it out:

If a suspicious object is detected, the default action will be Skip, click on Continue

If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose

Skip and click on Continue

Any entries like this: \Device\Harddisk0\DR0 ( TDSS File System ) - please choose delete.

If malicious objects are found, they will show in the Scan results and offer three (3) options.

Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.

Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

MrC

[ksimmons01]

Sorry it took me so long to reply. I was waiting for your reply and did not know that I needed to sign out and back in to see your reply. I will do these steps right now. What is DNS server? You had asked if I set it up. Is it possible for you to email me when you reply that way I do not take long to reply back? Thanks

[MrCharlie]

All you have to do is keep refreshing the page once in a while to see if I replied.

Hit F5 will do that.

[DNS] HKLM\[...]\ControlSet001\Parameters\Interfaces\{20975043-9851-4242-8D27-A53777FF3E41} : NameServer (206.28.216.6,206.28.216.7) -> FOUND

I think these are OK...do they look familiar to you?

MrC

[ksimmons01]

Hello MrC-

Here is the report for the TDS S KILLER:

09:46:12.0459 5732 TDSS rootkit removing tool 2.7.36.0 May 21 2012 16:40:16

09:46:13.0083 5732 ============================================================

09:46:13.0083 5732 Current date / time: 2012/06/08 09:46:13.0083

09:46:13.0083 5732 SystemInfo:

09:46:13.0083 5732

09:46:13.0083 5732 OS Version: 6.1.7601 ServicePack: 1.0

09:46:13.0083 5732 Product type: Workstation

09:46:13.0083 5732 ComputerName: KARA-PC

09:46:13.0084 5732 UserName: Kara

09:46:13.0084 5732 Windows directory: C:\Windows

09:46:13.0084 5732 System windows directory: C:\Windows

09:46:13.0084 5732 Running under WOW64

09:46:13.0084 5732 Processor architecture: Intel x64

09:46:13.0084 5732 Number of processors: 4

09:46:13.0084 5732 Page size: 0x1000

09:46:13.0084 5732 Boot type: Normal boot

09:46:13.0084 5732 ============================================================

09:46:14.0053 5732 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

09:46:14.0066 5732 ============================================================

09:46:14.0066 5732 \Device\Harddisk0\DR0:

09:46:14.0067 5732 MBR partitions:

09:46:14.0067 5732 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x2AF98B5, BlocksNum 0xE8E0360

09:46:14.0082 5732 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x113DA800, BlocksNum 0x28FAB000

09:46:14.0082 5732 ============================================================

09:46:14.0116 5732 C: <-> \Device\Harddisk0\DR0\Partition0

09:46:14.0153 5732 D: <-> \Device\Harddisk0\DR0\Partition1

09:46:14.0153 5732 ============================================================

09:46:14.0153 5732 Initialize success

09:46:14.0153 5732 ============================================================

09:46:21.0300 6544 ============================================================

09:46:21.0300 6544 Scan started

09:46:21.0300 6544 Mode: Manual; SigCheck; TDLFS;

09:46:21.0300 6544 ============================================================

09:46:22.0572 6544 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys

09:46:22.0809 6544 1394ohci - ok

09:46:22.0866 6544 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys

09:46:22.0976 6544 ACPI - ok

09:46:23.0034 6544 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys

09:46:23.0175 6544 AcpiPmi - ok

09:46:23.0295 6544 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

09:46:23.0385 6544 AdobeARMservice - ok

09:46:23.0579 6544 AdobeFlashPlayerUpdateSvc (0d4c486a24a711a45fd83acdf4d18506) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

09:46:23.0668 6544 AdobeFlashPlayerUpdateSvc - ok

09:46:23.0749 6544 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys

09:46:23.0882 6544 adp94xx - ok

09:46:23.0923 6544 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys

09:46:24.0026 6544 adpahci - ok

09:46:24.0075 6544 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys

09:46:24.0152 6544 adpu320 - ok

09:46:24.0194 6544 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll

09:46:24.0421 6544 AeLookupSvc - ok

09:46:24.0515 6544 AFBAgent (6e79a119b0ce418fe44e0c824bf3f039) C:\Windows\system32\FBAgent.exe

09:46:24.0693 6544 AFBAgent - ok

09:46:24.0774 6544 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys

09:46:24.0873 6544 AFD - ok

09:46:24.0921 6544 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys

09:46:24.0978 6544 agp440 - ok

09:46:25.0037 6544 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe

09:46:25.0141 6544 ALG - ok

09:46:25.0191 6544 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys

09:46:25.0243 6544 aliide - ok

09:46:25.0261 6544 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys

09:46:25.0311 6544 amdide - ok

09:46:25.0371 6544 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys

09:46:25.0468 6544 AmdK8 - ok

09:46:25.0491 6544 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys

09:46:25.0581 6544 AmdPPM - ok

09:46:25.0632 6544 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys

09:46:25.0689 6544 amdsata - ok

09:46:25.0721 6544 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys

09:46:25.0797 6544 amdsbs - ok

09:46:25.0823 6544 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys

09:46:25.0875 6544 amdxata - ok

09:46:25.0973 6544 Amsp (1b7d1f0a0dfadbc797c16364792a7aa5) C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe

09:46:26.0051 6544 Amsp - ok

09:46:26.0092 6544 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys

09:46:26.0241 6544 AppID - ok

09:46:26.0264 6544 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll

09:46:26.0406 6544 AppIDSvc - ok

09:46:26.0443 6544 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll

09:46:26.0583 6544 Appinfo - ok

09:46:26.0652 6544 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys

09:46:26.0708 6544 arc - ok

09:46:26.0730 6544 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys

09:46:26.0787 6544 arcsas - ok

09:46:26.0863 6544 ASLDRService (18e5c2f937f9deb8c282df66a3761925) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe

09:46:26.0934 6544 ASLDRService - ok

09:46:26.0978 6544 ASMMAP64 (4c016fd76ed5c05e84ca8cab77993961) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys

09:46:27.0026 6544 ASMMAP64 - ok

09:46:27.0062 6544 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys

09:46:27.0217 6544 AsyncMac - ok

09:46:27.0257 6544 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys

09:46:27.0307 6544 atapi - ok

09:46:27.0552 6544 athr (a5e770426d18f8ef332a593f3289da91) C:\Windows\system32\DRIVERS\athrx.sys

09:46:27.0808 6544 athr - ok

09:46:27.0877 6544 ATKGFNEXSrv (7910158929571214a959d5a6d16dd9c0) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe

09:46:27.0966 6544 ATKGFNEXSrv - ok

09:46:28.0044 6544 ATKWMIACPIIO (1f7238a37389ed92e9d8eee975cabd54) C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys

09:46:28.0091 6544 ATKWMIACPIIO - ok

09:46:28.0259 6544 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll

09:46:28.0455 6544 AudioEndpointBuilder - ok

09:46:28.0472 6544 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll

09:46:28.0595 6544 AudioSrv - ok

09:46:28.0667 6544 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll

09:46:28.0780 6544 AxInstSV - ok

09:46:28.0872 6544 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys

09:46:29.0005 6544 b06bdrv - ok

09:46:29.0064 6544 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys

09:46:29.0172 6544 b57nd60a - ok

09:46:29.0217 6544 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll

09:46:29.0311 6544 BDESVC - ok

09:46:29.0326 6544 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys

09:46:29.0463 6544 Beep - ok

09:46:29.0546 6544 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll

09:46:29.0717 6544 BFE - ok

09:46:29.0794 6544 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\system32\qmgr.dll

09:46:30.0047 6544 BITS - ok

09:46:30.0118 6544 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys

09:46:30.0223 6544 blbdrive - ok

09:46:30.0296 6544 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys

09:46:30.0445 6544 bowser - ok

09:46:30.0485 6544 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys

09:46:30.0612 6544 BrFiltLo - ok

09:46:30.0635 6544 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys

09:46:30.0739 6544 BrFiltUp - ok

09:46:30.0811 6544 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll

09:46:30.0963 6544 Browser - ok

09:46:31.0046 6544 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys

09:46:31.0233 6544 Brserid - ok

09:46:31.0263 6544 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys

09:46:31.0362 6544 BrSerWdm - ok

09:46:31.0382 6544 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys

09:46:31.0482 6544 BrUsbMdm - ok

09:46:31.0505 6544 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys

09:46:31.0591 6544 BrUsbSer - ok

09:46:31.0612 6544 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys

09:46:31.0711 6544 BTHMODEM - ok

09:46:31.0771 6544 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll

09:46:31.0924 6544 bthserv - ok

09:46:31.0963 6544 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys

09:46:32.0108 6544 cdfs - ok

09:46:32.0166 6544 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys

09:46:32.0257 6544 cdrom - ok

09:46:32.0301 6544 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll

09:46:32.0445 6544 CertPropSvc - ok

09:46:32.0481 6544 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys

09:46:32.0562 6544 circlass - ok

09:46:32.0628 6544 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys

09:46:32.0685 6544 CLFS - ok

09:46:32.0793 6544 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

09:46:32.0860 6544 clr_optimization_v2.0.50727_32 - ok

09:46:32.0922 6544 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

09:46:32.0990 6544 clr_optimization_v2.0.50727_64 - ok

09:46:33.0078 6544 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

09:46:33.0164 6544 clr_optimization_v4.0.30319_32 - ok

09:46:33.0222 6544 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

09:46:33.0300 6544 clr_optimization_v4.0.30319_64 - ok

09:46:33.0342 6544 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys

09:46:33.0417 6544 CmBatt - ok

09:46:33.0441 6544 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys

09:46:33.0492 6544 cmdide - ok

09:46:33.0564 6544 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys

09:46:33.0686 6544 CNG - ok

09:46:33.0732 6544 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys

09:46:33.0796 6544 Compbatt - ok

09:46:33.0836 6544 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys

09:46:33.0924 6544 CompositeBus - ok

09:46:33.0948 6544 COMSysApp - ok

09:46:33.0965 6544 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys

09:46:34.0016 6544 crcdisk - ok

09:46:34.0070 6544 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll

09:46:34.0238 6544 CryptSvc - ok

09:46:34.0276 6544 CVirtA (44bddeb03c84a1c993c992ffb5700357) C:\Windows\system32\DRIVERS\CVirtA64.sys

09:46:34.0323 6544 CVirtA - ok

09:46:34.0519 6544 CVPND (66257cb4e4fb69887cddc71663741435) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe

09:46:34.0620 6544 CVPND - ok

09:46:34.0808 6544 CVPNDRVA (cc8e52daa9826064ba464dbe531f2bb5) C:\Windows\system32\Drivers\CVPNDRVA.sys

09:46:34.0891 6544 CVPNDRVA - ok

09:46:34.0961 6544 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll

09:46:35.0102 6544 DcomLaunch - ok

09:46:35.0154 6544 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll

09:46:35.0304 6544 defragsvc - ok

09:46:35.0380 6544 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys

09:46:35.0559 6544 DfsC - ok

09:46:35.0656 6544 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll

09:46:35.0831 6544 Dhcp - ok

09:46:35.0884 6544 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys

09:46:36.0008 6544 discache - ok

09:46:36.0051 6544 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys

09:46:36.0128 6544 Disk - ok

09:46:36.0188 6544 DNE (05cb5910b3ca6019fc3cca815ee06ffb) C:\Windows\system32\DRIVERS\dne64x.sys

09:46:36.0283 6544 DNE - ok

09:46:36.0346 6544 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll

09:46:36.0485 6544 Dnscache - ok

09:46:36.0548 6544 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll

09:46:36.0757 6544 dot3svc - ok

09:46:36.0823 6544 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll

09:46:37.0047 6544 DPS - ok

09:46:37.0094 6544 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys

09:46:37.0229 6544 drmkaud - ok

09:46:37.0326 6544 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys

09:46:37.0491 6544 DXGKrnl - ok

09:46:37.0552 6544 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll

09:46:37.0762 6544 EapHost - ok

09:46:38.0041 6544 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys

09:46:38.0639 6544 ebdrv - ok

09:46:38.0782 6544 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe

09:46:38.0889 6544 EFS - ok

09:46:38.0983 6544 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe

09:46:39.0121 6544 ehRecvr - ok

09:46:39.0157 6544 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe

09:46:39.0282 6544 ehSched - ok

09:46:39.0408 6544 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys

09:46:39.0506 6544 elxstor - ok

09:46:39.0529 6544 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys

09:46:39.0605 6544 ErrDev - ok

09:46:39.0686 6544 ETD (4c120d2b2ea269eae7a5744794eb6db1) C:\Windows\system32\DRIVERS\ETD.sys

09:46:39.0760 6544 ETD - ok

09:46:39.0821 6544 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll

09:46:39.0945 6544 EventSystem - ok

09:46:40.0005 6544 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys

09:46:40.0170 6544 exfat - ok

09:46:40.0208 6544 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys

09:46:40.0373 6544 fastfat - ok

09:46:40.0476 6544 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe

09:46:40.0611 6544 Fax - ok

09:46:40.0642 6544 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys

09:46:40.0727 6544 fdc - ok

09:46:40.0771 6544 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll

09:46:40.0913 6544 fdPHost - ok

09:46:40.0933 6544 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll

09:46:41.0058 6544 FDResPub - ok

09:46:41.0097 6544 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys

09:46:41.0154 6544 FileInfo - ok

09:46:41.0171 6544 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys

09:46:41.0317 6544 Filetrace - ok

09:46:41.0350 6544 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys

09:46:41.0414 6544 flpydisk - ok

09:46:41.0461 6544 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys

09:46:41.0527 6544 FltMgr - ok

09:46:41.0633 6544 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll

09:46:41.0792 6544 FontCache - ok

09:46:41.0858 6544 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

09:46:41.0912 6544 FontCache3.0.0.0 - ok

09:46:41.0964 6544 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys

09:46:42.0016 6544 FsDepends - ok

09:46:42.0053 6544 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys

09:46:42.0104 6544 fssfltr - ok

09:46:42.0256 6544 fsssvc (4ce9dac1518ff7e77bd213e6394b9d77) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe

09:46:42.0505 6544 fsssvc - ok

09:46:42.0632 6544 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys

09:46:42.0683 6544 Fs_Rec - ok

09:46:42.0730 6544 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys

09:46:42.0780 6544 fvevol - ok

09:46:42.0824 6544 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys

09:46:42.0881 6544 gagp30kx - ok

09:46:42.0974 6544 GoToAssist (80d6ea9c46904608cea146c4996a824a) C:\Program Files (x86)\Citrix\GoToAssist\822\g2aservice.exe

09:46:43.0036 6544 GoToAssist - ok

09:46:43.0160 6544 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll

09:46:43.0337 6544 gpsvc - ok

09:46:43.0387 6544 gupdate - ok

09:46:43.0412 6544 gupdatem - ok

09:46:43.0482 6544 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

09:46:43.0824 6544 gusvc - ok

09:46:43.0862 6544 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys

09:46:43.0996 6544 hcw85cir - ok

09:46:44.0090 6544 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys

09:46:44.0213 6544 HdAudAddService - ok

09:46:44.0263 6544 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys

09:46:44.0354 6544 HDAudBus - ok

09:46:44.0395 6544 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys

09:46:44.0485 6544 HidBatt - ok

09:46:44.0518 6544 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys

09:46:44.0681 6544 HidBth - ok

09:46:44.0730 6544 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys

09:46:44.0862 6544 HidIr - ok

09:46:44.0924 6544 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll

09:46:45.0085 6544 hidserv - ok

09:46:45.0141 6544 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys

09:46:45.0220 6544 HidUsb - ok

09:46:45.0268 6544 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll

09:46:45.0503 6544 hkmsvc - ok

09:46:45.0562 6544 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll

09:46:45.0685 6544 HomeGroupListener - ok

09:46:45.0716 6544 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll

09:46:45.0816 6544 HomeGroupProvider - ok

09:46:45.0863 6544 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys

09:46:45.0918 6544 HpSAMD - ok

09:46:45.0991 6544 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys

09:46:46.0129 6544 HTTP - ok

09:46:46.0171 6544 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys

09:46:46.0203 6544 hwpolicy - ok

09:46:46.0234 6544 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys

09:46:46.0316 6544 i8042prt - ok

09:46:46.0372 6544 iaStor (d7921d5a870b11cc1adab198a519d50a) C:\Windows\system32\DRIVERS\iaStor.sys

09:46:46.0418 6544 iaStor - ok

09:46:46.0487 6544 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys

09:46:46.0596 6544 iaStorV - ok

09:46:46.0689 6544 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

09:46:46.0843 6544 IDriverT ( UnsignedFile.Multi.Generic ) - warning

09:46:46.0843 6544 IDriverT - detected UnsignedFile.Multi.Generic (1)

09:46:46.0955 6544 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

09:46:47.0075 6544 idsvc - ok

09:46:47.0826 6544 igfx (0d1b8c64bdf0e5cdc523a1409ffb5ef0) C:\Windows\system32\DRIVERS\igdkmd64.sys

09:46:48.0552 6544 igfx - ok

09:46:48.0687 6544 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys

09:46:48.0739 6544 iirsp - ok

09:46:48.0841 6544 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll

09:46:49.0023 6544 IKEEXT - ok

09:46:49.0219 6544 IntcAzAudAddService (02c93ebaa4421418411448fe7fdfd815) C:\Windows\system32\drivers\RTKVHD64.sys

09:46:49.0483 6544 IntcAzAudAddService - ok

09:46:49.0626 6544 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys

09:46:49.0746 6544 IntcDAud - ok

09:46:49.0778 6544 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys

09:46:49.0829 6544 intelide - ok

09:46:49.0868 6544 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys

09:46:49.0947 6544 intelppm - ok

09:46:49.0995 6544 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll

09:46:50.0146 6544 IPBusEnum - ok

09:46:50.0185 6544 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys

09:46:50.0324 6544 IpFilterDriver - ok

09:46:50.0388 6544 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll

09:46:50.0551 6544 iphlpsvc - ok

09:46:50.0606 6544 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys

09:46:50.0706 6544 IPMIDRV - ok

09:46:50.0773 6544 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys

09:46:50.0971 6544 IPNAT - ok

09:46:51.0003 6544 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys

09:46:51.0125 6544 IRENUM - ok

09:46:51.0152 6544 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys

09:46:51.0212 6544 isapnp - ok

09:46:51.0251 6544 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys

09:46:51.0336 6544 iScsiPrt - ok

09:46:51.0363 6544 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys

09:46:51.0424 6544 kbdclass - ok

09:46:51.0466 6544 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys

09:46:51.0550 6544 kbdhid - ok

09:46:51.0590 6544 kbfiltr (e63ef8c3271d014f14e2469ce75fecb4) C:\Windows\system32\DRIVERS\kbfiltr.sys

09:46:51.0638 6544 kbfiltr - ok

09:46:51.0682 6544 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

09:46:51.0740 6544 KeyIso - ok

09:46:51.0765 6544 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys

09:46:51.0833 6544 KSecDD - ok

09:46:51.0861 6544 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys

09:46:51.0929 6544 KSecPkg - ok

09:46:51.0974 6544 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys

09:46:52.0107 6544 ksthunk - ok

09:46:52.0183 6544 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll

09:46:52.0347 6544 KtmRm - ok

09:46:52.0405 6544 L1C (a4a9ca24e54e81c6c3e469eaeb4b3f42) C:\Windows\system32\DRIVERS\L1C62x64.sys

09:46:52.0467 6544 L1C - ok

09:46:52.0526 6544 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\System32\srvsvc.dll

09:46:52.0670 6544 LanmanServer - ok

09:46:52.0713 6544 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll

09:46:52.0863 6544 LanmanWorkstation - ok

09:46:52.0912 6544 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys

09:46:53.0050 6544 lltdio - ok

09:46:53.0104 6544 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll

09:46:53.0242 6544 lltdsvc - ok

09:46:53.0259 6544 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll

09:46:53.0383 6544 lmhosts - ok

09:46:53.0567 6544 LMS (0803906d607a9b83184447b75b60ecc2) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

09:46:53.0713 6544 LMS - ok

09:46:53.0773 6544 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys

09:46:53.0856 6544 LSI_FC - ok

09:46:53.0888 6544 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys

09:46:53.0950 6544 LSI_SAS - ok

09:46:53.0976 6544 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys

09:46:54.0042 6544 LSI_SAS2 - ok

09:46:54.0067 6544 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys

09:46:54.0128 6544 LSI_SCSI - ok

09:46:54.0159 6544 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys

09:46:54.0306 6544 luafv - ok

09:46:54.0334 6544 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll

09:46:54.0408 6544 Mcx2Svc - ok

09:46:54.0432 6544 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys

09:46:54.0501 6544 megasas - ok

09:46:54.0555 6544 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys

09:46:54.0646 6544 MegaSR - ok

09:46:54.0681 6544 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys

09:46:54.0732 6544 MEIx64 - ok

09:46:54.0857 6544 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe

09:46:54.0905 6544 Microsoft Office Groove Audit Service - ok

09:46:54.0952 6544 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll

09:46:55.0101 6544 MMCSS - ok

09:46:55.0138 6544 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys

09:46:55.0277 6544 Modem - ok

09:46:55.0341 6544 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys

09:46:55.0431 6544 monitor - ok

09:46:55.0476 6544 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys

09:46:55.0534 6544 mouclass - ok

09:46:55.0586 6544 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys

09:46:55.0710 6544 mouhid - ok

09:46:55.0758 6544 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys

09:46:55.0795 6544 mountmgr - ok

09:46:55.0832 6544 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys

09:46:55.0905 6544 mpio - ok

09:46:55.0943 6544 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys

09:46:56.0074 6544 mpsdrv - ok

09:46:56.0155 6544 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll

09:46:56.0296 6544 MpsSvc - ok

09:46:56.0334 6544 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys

09:46:56.0432 6544 MRxDAV - ok

09:46:56.0482 6544 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys

09:46:56.0595 6544 mrxsmb - ok

09:46:56.0643 6544 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys

09:46:56.0734 6544 mrxsmb10 - ok

09:46:56.0761 6544 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys

09:46:56.0872 6544 mrxsmb20 - ok

09:46:56.0913 6544 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys

09:46:56.0973 6544 msahci - ok

09:46:57.0013 6544 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys

09:46:57.0080 6544 msdsm - ok

09:46:57.0121 6544 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe

09:46:57.0260 6544 MSDTC - ok

09:46:57.0320 6544 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys

09:46:57.0477 6544 Msfs - ok

09:46:57.0503 6544 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys

09:46:57.0665 6544 mshidkmdf - ok

09:46:57.0703 6544 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys

09:46:57.0755 6544 msisadrv - ok

09:46:57.0847 6544 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll

09:46:58.0087 6544 MSiSCSI - ok

09:46:58.0096 6544 msiserver - ok

09:46:58.0131 6544 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys

09:46:58.0268 6544 MSKSSRV - ok

09:46:58.0309 6544 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys

09:46:58.0444 6544 MSPCLOCK - ok

09:46:58.0469 6544 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys

09:46:58.0609 6544 MSPQM - ok

09:46:58.0667 6544 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys

09:46:58.0751 6544 MsRPC - ok

09:46:58.0796 6544 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys

09:46:58.0857 6544 mssmbios - ok

09:46:58.0948 6544 MSSQL$DOCNET - ok

09:46:59.0016 6544 MSSQLServerADHelper (1d89eb4e2a99cabd4e81225f4f4c4b25) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqladhlp90.exe

09:46:59.0074 6544 MSSQLServerADHelper - ok

09:46:59.0170 6544 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys

09:46:59.0321 6544 MSTEE - ok

09:46:59.0344 6544 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys

09:46:59.0418 6544 MTConfig - ok

09:46:59.0438 6544 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys

09:46:59.0490 6544 Mup - ok

09:46:59.0548 6544 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll

09:46:59.0710 6544 napagent - ok

09:46:59.0780 6544 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys

09:46:59.0898 6544 NativeWifiP - ok

09:47:00.0016 6544 NDIS (c38b8ae57f78915905064a9a24dc1586) C:\Windows\system32\drivers\ndis.sys

09:47:00.0090 6544 NDIS - ok

09:47:00.0124 6544 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys

09:47:00.0292 6544 NdisCap - ok

09:47:00.0331 6544 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys

09:47:00.0476 6544 NdisTapi - ok

09:47:00.0517 6544 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys

09:47:00.0682 6544 Ndisuio - ok

09:47:00.0746 6544 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys

09:47:00.0899 6544 NdisWan - ok

09:47:00.0962 6544 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys

09:47:01.0096 6544 NDProxy - ok

09:47:01.0143 6544 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys

09:47:01.0289 6544 NetBIOS - ok

09:47:01.0344 6544 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys

09:47:01.0473 6544 NetBT - ok

09:47:01.0518 6544 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

09:47:01.0564 6544 Netlogon - ok

09:47:01.0630 6544 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll

09:47:01.0805 6544 Netman - ok

09:47:01.0855 6544 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll

09:47:01.0987 6544 netprofm - ok

09:47:02.0071 6544 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe

09:47:02.0136 6544 NetTcpPortSharing - ok

09:47:02.0172 6544 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys

09:47:02.0227 6544 nfrd960 - ok

09:47:02.0285 6544 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll

09:47:02.0457 6544 NlaSvc - ok

09:47:02.0486 6544 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys

09:47:02.0630 6544 Npfs - ok

09:47:02.0665 6544 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll

09:47:02.0808 6544 nsi - ok

09:47:02.0851 6544 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys

09:47:02.0964 6544 nsiproxy - ok

09:47:03.0087 6544 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys

09:47:03.0252 6544 Ntfs - ok

09:47:03.0387 6544 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys

09:47:03.0522 6544 Null - ok

09:47:03.0574 6544 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys

09:47:03.0652 6544 nvraid - ok

09:47:03.0720 6544 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys

09:47:03.0787 6544 nvstor - ok

09:47:03.0826 6544 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys

09:47:03.0894 6544 nv_agp - ok

09:47:04.0027 6544 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE

09:47:04.0132 6544 odserv - ok

09:47:04.0158 6544 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys

09:47:04.0247 6544 ohci1394 - ok

09:47:04.0313 6544 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

09:47:04.0629 6544 ose - ok

09:47:04.0685 6544 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll

09:47:04.0797 6544 p2pimsvc - ok

09:47:04.0855 6544 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll

09:47:04.0961 6544 p2psvc - ok

09:47:04.0993 6544 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys

09:47:05.0063 6544 Parport - ok

09:47:05.0088 6544 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys

09:47:05.0141 6544 partmgr - ok

09:47:05.0170 6544 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll

09:47:05.0279 6544 PcaSvc - ok

09:47:05.0329 6544 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys

09:47:05.0409 6544 pci - ok

09:47:05.0428 6544 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys

09:47:05.0477 6544 pciide - ok

09:47:05.0524 6544 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys

09:47:05.0608 6544 pcmcia - ok

09:47:05.0637 6544 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys

09:47:05.0693 6544 pcw - ok

09:47:05.0787 6544 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys

09:47:05.0990 6544 PEAUTH - ok

09:47:06.0088 6544 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe

09:47:06.0175 6544 PerfHost - ok

09:47:06.0298 6544 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll

09:47:06.0500 6544 pla - ok

09:47:06.0601 6544 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll

09:47:06.0722 6544 PlugPlay - ok

09:47:06.0767 6544 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll

09:47:06.0850 6544 PNRPAutoReg - ok

09:47:06.0909 6544 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll

09:47:06.0960 6544 PNRPsvc - ok

09:47:07.0013 6544 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll

09:47:07.0201 6544 PolicyAgent - ok

09:47:07.0257 6544 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll

09:47:07.0415 6544 Power - ok

09:47:07.0478 6544 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys

09:47:07.0628 6544 PptpMiniport - ok

09:47:07.0662 6544 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys

09:47:07.0725 6544 Processor - ok

09:47:07.0761 6544 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll

09:47:07.0909 6544 ProfSvc - ok

09:47:07.0944 6544 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

09:47:07.0986 6544 ProtectedStorage - ok

09:47:08.0040 6544 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys

09:47:08.0159 6544 Psched - ok

09:47:08.0294 6544 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys

09:47:08.0445 6544 ql2300 - ok

09:47:08.0628 6544 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys

09:47:08.0684 6544 ql40xx - ok

09:47:08.0734 6544 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll

09:47:08.0823 6544 QWAVE - ok

09:47:08.0865 6544 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys

09:47:08.0964 6544 QWAVEdrv - ok

09:47:08.0990 6544 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys

09:47:09.0131 6544 RasAcd - ok

09:47:09.0176 6544 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys

09:47:09.0321 6544 RasAgileVpn - ok

09:47:09.0372 6544 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll

09:47:09.0518 6544 RasAuto - ok

09:47:09.0561 6544 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys

09:47:09.0716 6544 Rasl2tp - ok

09:47:09.0784 6544 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll

09:47:09.0943 6544 RasMan - ok

09:47:09.0991 6544 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys

09:47:10.0141 6544 RasPppoe - ok

09:47:10.0168 6544 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys

09:47:10.0298 6544 RasSstp - ok

09:47:10.0354 6544 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys

09:47:10.0513 6544 rdbss - ok

09:47:10.0540 6544 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys

09:47:10.0627 6544 rdpbus - ok

09:47:10.0656 6544 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys

09:47:10.0772 6544 RDPCDD - ok

09:47:10.0834 6544 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys

09:47:10.0937 6544 RDPENCDD - ok

09:47:10.0961 6544 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys

09:47:11.0073 6544 RDPREFMP - ok

09:47:11.0144 6544 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys

09:47:11.0253 6544 RDPWD - ok

09:47:11.0305 6544 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys

09:47:11.0390 6544 rdyboost - ok

09:47:11.0420 6544 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll

09:47:11.0572 6544 RemoteAccess - ok

09:47:11.0628 6544 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll

09:47:11.0787 6544 RemoteRegistry - ok

09:47:11.0834 6544 RimUsb (5790bca445cc40df8b38c2c48608aac2) C:\Windows\system32\Drivers\RimUsb_AMD64.sys

09:47:11.0907 6544 RimUsb - ok

09:47:11.0941 6544 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll

09:47:12.0074 6544 RpcEptMapper - ok

09:47:12.0108 6544 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe

09:47:12.0189 6544 RpcLocator - ok

09:47:12.0242 6544 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll

09:47:12.0359 6544 RpcSs - ok

09:47:12.0401 6544 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys

09:47:12.0547 6544 rspndr - ok

09:47:12.0577 6544 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

09:47:12.0622 6544 SamSs - ok

09:47:12.0704 6544 SASDIFSV - ok

09:47:12.0745 6544 SASKUTIL - ok

09:47:12.0779 6544 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys

09:47:12.0839 6544 sbp2port - ok

09:47:12.0878 6544 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll

09:47:13.0021 6544 SCardSvr - ok

09:47:13.0053 6544 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys

09:47:13.0187 6544 scfilter - ok

09:47:13.0284 6544 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll

09:47:13.0474 6544 Schedule - ok

09:47:13.0513 6544 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll

09:47:13.0614 6544 SCPolicySvc - ok

09:47:13.0655 6544 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll

09:47:13.0778 6544 SDRSVC - ok

09:47:13.0836 6544 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys

09:47:13.0976 6544 secdrv - ok

09:47:14.0008 6544 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll

09:47:14.0143 6544 seclogon - ok

09:47:14.0193 6544 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll

09:47:14.0331 6544 SENS - ok

09:47:14.0374 6544 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll

09:47:14.0460 6544 SensrSvc - ok

09:47:14.0488 6544 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys

09:47:14.0560 6544 Serenum - ok

09:47:14.0617 6544 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys

09:47:14.0702 6544 Serial - ok

09:47:14.0728 6544 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys

09:47:14.0811 6544 sermouse - ok

09:47:14.0868 6544 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll

09:47:15.0008 6544 SessionEnv - ok

09:47:15.0029 6544 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys

09:47:15.0117 6544 sffdisk - ok

09:47:15.0141 6544 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys

09:47:15.0210 6544 sffp_mmc - ok

09:47:15.0227 6544 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys

09:47:15.0310 6544 sffp_sd - ok

09:47:15.0343 6544 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys

09:47:15.0413 6544 sfloppy - ok

09:47:15.0477 6544 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll

09:47:15.0627 6544 SharedAccess - ok

09:47:15.0679 6544 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll

09:47:15.0849 6544 ShellHWDetection - ok

09:47:15.0916 6544 SiSGbeLH (1bc348cf6baa90ec8e533ef6e6a69933) C:\Windows\system32\DRIVERS\SiSG664.sys

09:47:16.0001 6544 SiSGbeLH - ok

09:47:16.0034 6544 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys

09:47:16.0085 6544 SiSRaid2 - ok

09:47:16.0133 6544 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys

09:47:16.0188 6544 SiSRaid4 - ok

09:47:16.0234 6544 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys

09:47:16.0380 6544 Smb - ok

09:47:16.0435 6544 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe

09:47:16.0508 6544 SNMPTRAP - ok

09:47:16.0549 6544 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys

09:47:16.0599 6544 spldr - ok

09:47:16.0658 6544 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe

09:47:16.0820 6544 Spooler - ok

09:47:17.0039 6544 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe

09:47:17.0276 6544 sppsvc - ok

09:47:17.0394 6544 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll

09:47:17.0527 6544 sppuinotify - ok

09:47:17.0628 6544 SQLBrowser (86ebd8b1f23e743aad21f4d5b4d40985) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe

09:47:17.0681 6544 SQLBrowser - ok

09:47:17.0792 6544 SQLWriter (3c432a96363097870995e2a3c8b66abd) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

09:47:17.0898 6544 SQLWriter - ok

09:47:18.0041 6544 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys

09:47:18.0189 6544 srv - ok

09:47:18.0247 6544 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys

09:47:18.0364 6544 srv2 - ok

09:47:18.0412 6544 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys

09:47:18.0506 6544 srvnet - ok

09:47:18.0573 6544 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll

09:47:18.0734 6544 SSDPSRV - ok

09:47:18.0764 6544 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll

09:47:18.0894 6544 SstpSvc - ok

09:47:18.0936 6544 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys

09:47:18.0988 6544 stexstor - ok

09:47:19.0011 6544 StillCam (decacb6921ded1a38642642685d77dac) C:\Windows\system32\DRIVERS\serscan.sys

09:47:19.0099 6544 StillCam - ok

09:47:19.0174 6544 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll

09:47:19.0297 6544 stisvc - ok

09:47:19.0329 6544 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys

09:47:19.0379 6544 swenum - ok

09:47:19.0449 6544 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll

09:47:19.0592 6544 swprv - ok

09:47:19.0715 6544 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll

09:47:19.0839 6544 SysMain - ok

09:47:19.0950 6544 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll

09:47:20.0045 6544 TabletInputService - ok

09:47:20.0096 6544 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll

09:47:20.0237 6544 TapiSrv - ok

09:47:20.0269 6544 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll

09:47:20.0408 6544 TBS - ok

09:47:20.0577 6544 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys

09:47:20.0721 6544 Tcpip - ok

09:47:21.0034 6544 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys

09:47:21.0143 6544 TCPIP6 - ok

09:47:21.0307 6544 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys

09:47:21.0451 6544 tcpipreg - ok

09:47:21.0497 6544 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys

09:47:21.0577 6544 TDPIPE - ok

09:47:21.0606 6544 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys

09:47:21.0678 6544 TDTCP - ok

09:47:21.0727 6544 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys

09:47:21.0883 6544 tdx - ok

09:47:21.0922 6544 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys

09:47:21.0977 6544 TermDD - ok

09:47:22.0039 6544 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll

09:47:22.0195 6544 TermService - ok

09:47:22.0212 6544 TfFsMon - ok

09:47:22.0225 6544 TfNetMon - ok

09:47:22.0254 6544 TfSysMon - ok

09:47:22.0280 6544 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll

09:47:22.0365 6544 Themes - ok

09:47:22.0411 6544 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll

09:47:22.0515 6544 THREADORDER - ok

09:47:22.0557 6544 tmactmon (e386dd8ec68c67ca3e2a3abdc1df5c56) C:\Windows\system32\DRIVERS\tmactmon.sys

09:47:22.0617 6544 tmactmon - ok

09:47:22.0794 6544 tmcomm (ab011c569487fd65c8944ddf8cbb2572) C:\Windows\system32\DRIVERS\tmcomm.sys

09:47:22.0868 6544 tmcomm - ok

09:47:22.0921 6544 tmevtmgr (8870a3d7305455b47adccd226f8e51bc) C:\Windows\system32\DRIVERS\tmevtmgr.sys

09:47:22.0972 6544 tmevtmgr - ok

09:47:23.0024 6544 tmtdi (065cb7d9278d778fb9ef62cead01433f) C:\Windows\system32\DRIVERS\tmtdi.sys

09:47:23.0081 6544 tmtdi - ok

09:47:23.0108 6544 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll

09:47:23.0260 6544 TrkWks - ok

09:47:23.0328 6544 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe

09:47:23.0502 6544 TrustedInstaller - ok

09:47:23.0542 6544 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys

09:47:23.0904 6544 tssecsrv - ok

09:47:23.0944 6544 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys

09:47:24.0035 6544 TsUsbFlt - ok

09:47:24.0091 6544 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys

09:47:24.0232 6544 tunnel - ok

09:47:24.0269 6544 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys

09:47:24.0328 6544 uagp35 - ok

09:47:24.0384 6544 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys

09:47:24.0542 6544 udfs - ok

09:47:24.0583 6544 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe

09:47:24.0653 6544 UI0Detect - ok

09:47:24.0696 6544 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys

09:47:24.0751 6544 uliagpkx - ok

09:47:24.0787 6544 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys

09:47:24.0863 6544 umbus - ok

09:47:24.0903 6544 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys

09:47:24.0978 6544 UmPass - ok

09:47:25.0194 6544 UNS (eb79c6c91a99930015ef29ae7fa802d1) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

09:47:25.0432 6544 UNS - ok

09:47:25.0574 6544 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll

09:47:25.0723 6544 upnphost - ok

09:47:25.0779 6544 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys

09:47:25.0862 6544 usbccgp - ok

09:47:25.0885 6544 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys

09:47:25.0968 6544 usbcir - ok

09:47:26.0003 6544 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys

09:47:26.0078 6544 usbehci - ok

09:47:26.0149 6544 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys

09:47:26.0248 6544 usbhub - ok

09:47:26.0273 6544 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys

09:47:26.0349 6544 usbohci - ok

09:47:26.0392 6544 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys

09:47:26.0472 6544 usbprint - ok

09:47:26.0509 6544 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS

09:47:26.0588 6544 USBSTOR - ok

09:47:26.0616 6544 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys

09:47:26.0707 6544 usbuhci - ok

09:47:26.0763 6544 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys

09:47:26.0869 6544 usbvideo - ok

09:47:26.0911 6544 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll

09:47:27.0087 6544 UxSms - ok

09:47:27.0125 6544 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

09:47:27.0162 6544 VaultSvc - ok

09:47:27.0196 6544 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys

09:47:27.0250 6544 vdrvroot - ok

09:47:27.0323 6544 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe

09:47:27.0499 6544 vds - ok

09:47:27.0533 6544 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys

09:47:27.0604 6544 vga - ok

09:47:27.0625 6544 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys

09:47:27.0748 6544 VgaSave - ok

09:47:27.0788 6544 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys

09:47:27.0871 6544 vhdmp - ok

09:47:27.0890 6544 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys

09:47:27.0938 6544 viaide - ok

09:47:27.0959 6544 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys

09:47:28.0014 6544 volmgr - ok

09:47:28.0072 6544 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys

09:47:28.0115 6544 volmgrx - ok

09:47:28.0151 6544 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys

09:47:28.0234 6544 volsnap - ok

09:47:28.0242 6544 vpnva - ok

09:47:28.0305 6544 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys

09:47:28.0370 6544 vsmraid - ok

09:47:28.0493 6544 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe

09:47:28.0644 6544 VSS - ok

09:47:28.0771 6544 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys

09:47:28.0847 6544 vwifibus - ok

09:47:28.0878 6544 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys

09:47:28.0968 6544 vwififlt - ok

09:47:28.0999 6544 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys

09:47:29.0085 6544 vwifimp - ok

09:47:29.0168 6544 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll

09:47:29.0313 6544 W32Time - ok

09:47:29.0354 6544 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys

09:47:29.0431 6544 WacomPen - ok

09:47:29.0488 6544 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

09:47:29.0634 6544 WANARP - ok

09:47:29.0659 6544 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

09:47:29.0771 6544 Wanarpv6 - ok

09:47:29.0964 6544 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe

09:47:30.0118 6544 WatAdminSvc - ok

09:47:30.0299 6544 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe

09:47:30.0569 6544 wbengine - ok

09:47:30.0770 6544 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll

09:47:30.0927 6544 WbioSrvc - ok

09:47:30.0999 6544 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll

09:47:31.0113 6544 wcncsvc - ok

09:47:31.0153 6544 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll

09:47:31.0245 6544 WcsPlugInService - ok

09:47:31.0332 6544 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys

09:47:31.0382 6544 Wd - ok

09:47:31.0453 6544 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys

09:47:31.0547 6544 Wdf01000 - ok

09:47:31.0566 6544 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll

09:47:31.0656 6544 WdiServiceHost - ok

09:47:31.0663 6544 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll

09:47:31.0723 6544 WdiSystemHost - ok

09:47:32.0248 6544 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll

09:47:32.0343 6544 WebClient - ok

09:47:32.0396 6544 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll

09:47:32.0548 6544 Wecsvc - ok

09:47:32.0589 6544 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll

09:47:32.0717 6544 wercplsupport - ok

09:47:32.0763 6544 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll

09:47:32.0901 6544 WerSvc - ok

09:47:32.0977 6544 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys

09:47:33.0098 6544 WfpLwf - ok

09:47:33.0138 6544 WimFltr (52ded146e4797e6ccf94799e8e22bb2a) C:\Windows\system32\DRIVERS\wimfltr.sys

09:47:33.0207 6544 WimFltr - ok

09:47:33.0246 6544 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys

09:47:33.0296 6544 WIMMount - ok

09:47:33.0341 6544 WinDefend - ok

09:47:33.0353 6544 WinHttpAutoProxySvc - ok

09:47:33.0424 6544 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll

09:47:33.0583 6544 Winmgmt - ok

09:47:33.0725 6544 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll

09:47:33.0966 6544 WinRM - ok

09:47:34.0138 6544 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys

09:47:34.0206 6544 WinUsb - ok

09:47:34.0287 6544 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll

09:47:34.0412 6544 Wlansvc - ok

09:47:34.0475 6544 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe

09:47:34.0527 6544 wlcrasvc - ok

09:47:34.0725 6544 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

09:47:34.0914 6544 wlidsvc - ok

09:47:35.0065 6544 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys

09:47:35.0145 6544 WmiAcpi - ok

09:47:35.0240 6544 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe

09:47:35.0337 6544 wmiApSrv - ok

09:47:35.0406 6544 WMPNetworkSvc - ok

09:47:35.0443 6544 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll

09:47:35.0532 6544 WPCSvc - ok

09:47:35.0584 6544 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll

09:47:35.0680 6544 WPDBusEnum - ok

09:47:35.0722 6544 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys

09:47:35.0856 6544 ws2ifsl - ok

09:47:35.0924 6544 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\system32\wscsvc.dll

09:47:36.0030 6544 wscsvc - ok

09:47:36.0048 6544 WSearch - ok

09:47:36.0339 6544 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll

09:47:36.0696 6544 wuauserv - ok

09:47:36.0959 6544 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys

09:47:37.0116 6544 WudfPf - ok

09:47:37.0196 6544 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys

09:47:37.0381 6544 WUDFRd - ok

09:47:37.0431 6544 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll

09:47:37.0602 6544 wudfsvc - ok

09:47:37.0647 6544 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll

09:47:37.0758 6544 WwanSvc - ok

09:47:37.0882 6544 YahooAUService (dd0042f0c3b606a6a8b92d49afb18ad6) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe

09:47:37.0986 6544 YahooAUService - ok

09:47:38.0031 6544 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0

09:47:38.0495 6544 \Device\Harddisk0\DR0 - ok

09:47:38.0532 6544 Boot (0x1200) (c668681bc793f897aafa98acf583c78e) \Device\Harddisk0\DR0\Partition0

09:47:38.0536 6544 \Device\Harddisk0\DR0\Partition0 - ok

09:47:38.0558 6544 Boot (0x1200) (793e391d6b48f20967e6ce48a85fcc46) \Device\Harddisk0\DR0\Partition1

09:47:38.0562 6544 \Device\Harddisk0\DR0\Partition1 - ok

09:47:38.0566 6544 ============================================================

09:47:38.0566 6544 Scan finished

09:47:38.0566 6544 ============================================================

09:47:38.0593 7356 Detected object count: 1

09:47:38.0593 7356 Actual detected object count: 1

09:54:45.0669 7356 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user

09:54:45.0669 7356 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip

[ksimmons01]

As for the IP2 Location, I am not located in Morton, IL

I am in Flagstaff, AZ

[MrCharlie]

We'll worry about them later, the scan was clean from TDSSKiller, please do this......

Click on the link that pertains to your country and see if it comes up green.

http://www.dns-ok.us/ <--------for USA

http://www.dcwg.org/detect/ <---other countries

---------------------------------

Next.....

Please download and run ComboFix.

The most important things to remember when running it is to disable all your malware programs and run Combofix from your desktop.

Please visit this webpage for download links, and instructions for running ComboFix

http://www.bleepingc...to-use-combofix

Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Information on disabling your malware programs can be found Here.

Make sure you run ComboFix from your desktop.

Give it at least 30-45 minutes to finish if needed.

Please include the C:\ComboFix.txt in your next reply for further review.

---------->NOTE<----------

If you get the message Illegal operation attempted on registry key that has been marked for deletion after you run ComboFix....please reboot the computer, this should resolve the problem. You may have to do this several times if needed.

MrC

[ksimmons01]

Hello,

The DNS came back green! Attached is the report for ComboFix. Thanks!

ComboFix.txt

[MrCharlie]

Please do this.....

1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

3. Open notepad and copy/paste the text in the quotebox below into it:

4. If ComboFix wants to update.....please allow it to.

DDS::

uInternet Settings,ProxyServer = http=127.0.0.1:57737

Firefox::

FF - ProfilePath - c:\users\Kara\AppData\Roaming\Mozilla\Firefox\Profiles\snv56y96.default\

FF - prefs.js: network.proxy.http - 127.0.0.1

FF - prefs.js: network.proxy.http_port - 57737

Save this as CFScript.txt, in the same location as ComboFix.exe

Refering to the picture above, drag CFScript into ComboFix.exe

CAUTION: Do not mouse-click ComboFix while it is running. It may cause it to stall.

After reboot, (in case it asks to reboot)......

Please provide the contents of the ComboFix log (C:\ComboFix.txt) in your next reply.

MrC

[ksimmons01]

Hello,

Here is the second ComboFix report.

ComboFix.txt

[MrCharlie]

Please Update and run a Quick Scan with MBAM, post the report.

Make sure that everything is checked, and click Remove Selected.

Please let me know how it is, MrC

[ksimmons01]

There was nothing to check in the malwarebytes quick scan. It did not detect anything. Here is the report:

Malwarebytes Anti-Malware 1.61.0.1400

www.malwarebytes.org

Database version: v2012.06.08.05

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 8.0.7601.17514

Kara :: KARA-PC [administrator]

6/8/2012 12:55:10 PM

mbam-log-2012-06-08 (12-55-10).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 234619

Time elapsed: 10 minute(s), 2 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

[MrCharlie]

How is it??? MrC

[ksimmons01]

I sent the malware bytes report- how did it look? It all seems to be acting fine. I really appreciate your help:)

[MrCharlie]

Great, the MB log was OK

A little clean up to do.....

Please Uninstall ComboFix:

Press the Windows logo key + R to bring up the "run box"

Copy and paste next command in the field:

ComboFix /uninstall

Make sure there's a space between Combofix and /

Then hit enter.

This will uninstall Combofix, delete its related folders and files, hide file extensions, hide the system/hidden files and clears System Restore cache and create new Restore point

---------------------------------

Please download OTL from one of the links below:

http://oldtimer.geekstogo.com/OTL.exe

http://oldtimer.geekstogo.com/OTL.com

Save it to your desktop.

Run OTL and hit the CleanUp button. (This will cleanup the tools and logs used including itself)

Any other programs or logs you can manually delete.

-----------------------------------

Any questions...please post back.

If you think I've helped you, please leave a comment > click on my avatar picture > click Profile Feed.

Take a look at My Preventive Maintenance to avoid being infected again.

Good Luck and Thanks for using the forum, MrC

[ksimmons01]

WHEN I HIT ENTER, IT DOES NOT UNINSTALL- IT ASKS ME IF I WANT TO RUN IT

Then hit enter.

This will uninstall Combofix, delete its related folders and files, hide file extensions, hide the system/hidden files and clears System Restore cache and create new Restore point

[MrCharlie]

Rename ComboFix.exe to Uninstall.exe and then double click on it.

That should do it, MrC

[Maurice Naggar]

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!