Having issues with malware(I think it's malware) and MBAM never finds anything. Web pages freeze, not responding, slows down...Windows defender will not turn on.
I am using:
OS Version: Microsoft Windows 8, 64 bit
Processor: AMD E-300 APU with Radeon(tm) HD Graphics, AMD64 Family 20 Model 2 Stepping 0
Processor Count: 2
RAM: 3682 Mb
Graphics Card: AMD Radeon HD 6310, 384 Mb
Hard Drives: C: Total - 280502 MB, Free - 158837 MB; D: Total - 23952 MB, Free - 2892 MB;
Motherboard: Hewlett-Packard, 188B
Antivirus: Windows Defender, Disabled
ANY help is greatly appreciated!! =)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:08:10 AM, on 3/6/2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.16798)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MMLoadDrv.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Secunia\PSI\PSI_TRAY.exe
C:\Windows\SysWOW64\NOTEPAD.EXE
C:\Users\Meand3midgets\Downloads\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT13/1
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT13/1
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT13/1
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT13/1
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/HPNOT13/1
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coIEPlg.dll
O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\IPS\IPSBHO.DLL
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coIEPlg.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
O4 - HKCU\..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
O4 - HKCU\..\Run: [Power2GoExpress8] "C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe"
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files (x86)\McAfee Security Scan\3.0.285\SSScheduler.exe
O4 - Global Startup: Secunia PSI Tray.lnk = C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\3.0.285\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\PSIA.exe
O23 - Service: Secunia Update Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\sua.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 10241 bytes
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16798
Run by Meand3midgets at 9:11:39 on 2014-03-06
Microsoft Windows 8 6.2.9200.0.1252.1.1033.18.3682.2209 [GMT -6:00]
.
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Internet Security *Disabled/Outdated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton Internet Security *Disabled/Outdated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ===============
.
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\dwm.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
C:\Windows\system32\svchost.exe -k apphost
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\dashost.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\atieclxx.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\system32\taskhostex.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
C:\Windows\system32\SearchIndexer.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MMLoadDrv.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Secunia\PSI\PSIA.exe
C:\Program Files (x86)\Secunia\PSI\PSI_TRAY.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
mWinlogon: Userinit = userinit.exe
BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coieplg.dll
BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ips\ipsbho.dll
BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coieplg.dll
uRun: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
uRun: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
uRun: [Power2GoExpress8] "C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe"
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\MCAFEE~1.LNK - C:\Program Files (x86)\McAfee Security Scan\3.0.285\SSScheduler.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\SECUNI~1.LNK - C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
TCP: NameServer = 172.20.10.1
TCP: Interfaces\{39664B65-F028-4D27-9E40-9EC612759E06} : DHCPNameServer = 172.20.10.1
TCP: Interfaces\{5A8F9880-A059-4C46-A0E7-52AC684AB36E} : DHCPNameServer = 172.20.10.1
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
x64-RunOnce: [NCPluginUpdater] "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Meand3midgets\AppData\Roaming\Mozilla\Firefox\Profiles\8hcl2pnn.de fault\
FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1209149.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll
.
============= SERVICES / DRIVERS ===============
.
R0 amd_sata;amd_sata;C:\Windows\System32\Drivers\amd_sata.sys [2012-7-23 79528]
R0 amd_xata;amd_xata;C:\Windows\System32\Drivers\amd_xata.sys [2012-7-23 26280]
R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2013-8-13 98208]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-8-2 239616]
R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-8-6 361984]
R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2012-8-10 85504]
R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2012-9-7 35232]
R2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2014-3-2 2468496]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-12-18 418376]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-12-18 701512]
R2 NIS;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccsvchst.exe [2013-12-16 144368]
R2 RtkAudioService;Realtek Audio Service;C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE [2014-3-2 245832]
R2 Secunia PSI Agent;Secunia PSI Agent;C:\Program Files (x86)\Secunia\PSI\psia.exe [2013-12-6 1229528]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\Drivers\AtihdW86.sys [2012-7-17 98472]
R3 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\BASHDefs\20131203.001\BHDrvx64.sys [2013-12-3 1526488]
R3 ccSet_NIS;Norton Internet Security Settings Manager;C:\Windows\System32\Drivers\NISx64\1404000.028\ccsetx64.sys [2013-12-16 169048]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2013-12-19 137648]
R3 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\IPSDefs\20131223.001\IDSviA64.sys [2013-12-23 521944]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\Drivers\mbam.sys [2013-12-18 25928]
R3 PSI;PSI;C:\Windows\System32\Drivers\psi_mf_amd64.sys [2013-12-6 18456]
R3 RSP2STOR;Realtek PCIE CardReader Driver - P2;C:\Windows\System32\Drivers\RtsP2Stor.sys [2012-6-13 288328]
R3 RTL8168;Realtek 8168 NT Driver;C:\Windows\System32\Drivers\Rt630x64.sys [2014-3-2 760032]
R3 SymDS;Symantec Data Store;C:\Windows\System32\Drivers\NISx64\1404000.028\symds64.sys [2013-12-16 493656]
R3 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\Drivers\NISx64\1404000.028\symefa64.sys [2013-12-16 1139800]
R3 SymIRON;Symantec Iron Driver;C:\Windows\System32\Drivers\NISx64\1404000.028\ironx64.sys [2013-12-16 224416]
R3 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\Drivers\NISx64\1404000.028\symnets.sys [2013-12-16 433752]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\Drivers\usbfilter.sys [2013-8-13 57000]
R3 WirelessButtonDriver;HP Wireless Button Driver Service;C:\Windows\System32\Drivers\WirelessButtonDriver64.sys [2013-6-27 20800]
S1 CLVirtualDrive;CLVirtualDrive;C:\Windows\System32\Drivers\CLVirtualDrive.sy s [2014-3-2 92536]
S2 Secunia Update Agent;Secunia Update Agent;C:\Program Files (x86)\Secunia\PSI\sua.exe [2013-12-6 662232]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 iaStorA;iaStorA;C:\Windows\System32\Drivers\iaStorA.sys [2012-7-31 645952]
S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files (x86)\McAfee Security Scan\3.0.285\McCHSvc.exe [2012-9-5 234776]
S3 Netaapl;Apple Mobile Device Ethernet Service;C:\Windows\System32\Drivers\netaapl64.sys [2013-8-6 23040]
S3 SmbDrv;SmbDrv;C:\Windows\System32\Drivers\Smb_driver_AMDASF.sys [2013-8-13 41272]
S3 SmbDrvI;SmbDrvI;C:\Windows\System32\Drivers\Smb_driver_Intel.sys [2013-8-13 43832]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\Drivers\usbaapl64.sys [2013-3-18 54784]
S3 WUDFWpdMtp;WUDFWpdMtp;C:\Windows\System32\Drivers\WUDFRd.sys [2012-7-25 198656]
S4 SymELAM;Symantec ELAM Driver;C:\Windows\System32\Drivers\NISx64\1404000.028\symelam.sys [2013-12-16 23448]
.
=============== Created Last 30 ================
.
2014-03-06 14:52:06 -------- d-----w- C:\Users\Meand3midgets\AppData\Local\Secunia PSI
2014-03-06 14:51:55 -------- d-----w- C:\Program Files (x86)\Secunia
2014-03-02 17:58:35 92536 ----a-w- C:\Windows\System32\drivers\CLVirtualDrive.sys
2014-03-02 17:58:26 -------- d-----w- C:\Program Files (x86)\Common Files\CyberLink
2014-03-02 16:38:20 78304 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-03-02 16:38:20 694240 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-03-02 16:06:42 3786752 ----a-w- C:\Windows\System32\drivers\athw8x.sys
2014-03-02 16:02:48 -------- d-----w- C:\Windows\System32\SRSLabs
2014-03-02 16:02:08 3441992 ----a-w- C:\Windows\System32\drivers\RTKVHD64.sys
2014-03-02 16:02:08 2794056 ----a-w- C:\Windows\System32\RtPgEx64.dll
2014-03-02 16:02:08 1662024 ----a-w- C:\Windows\System32\RTSnMg64.cpl
2014-03-02 16:02:07 613448 ----a-w- C:\Windows\System32\RtDataProc64.dll
2014-03-02 16:02:07 3744328 ----a-w- C:\Windows\System32\RtkAPO64.dll
2014-03-02 16:02:07 1284680 ----a-w- C:\Windows\System32\RTCOM64.dll
2014-03-02 16:02:07 1003592 ----a-w- C:\Windows\System32\RtkApi64.dll
2014-03-02 16:02:06 26987520 ----a-w- C:\Windows\System32\RCoRes64.dat
2014-03-02 16:02:06 142920 ----a-w- C:\Windows\System32\RCoInstII64.dll
2014-03-02 16:02:02 208072 ----a-w- C:\Windows\System32\AERTAC64.dll
2014-03-02 16:02:02 110592 ----a-w- C:\Windows\System32\CONEQMSAPOGUILibrary.dll
2014-03-02 15:47:06 -------- d-----w- C:\Windows\SysWow64\sda
2014-03-02 15:44:01 760032 ----a-w- C:\Windows\System32\drivers\Rt630x64.sys
2014-03-02 15:44:01 74344 ----a-w- C:\Windows\System32\RtNicProp64.dll
2014-02-28 19:51:17 255664 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10234.bin
2014-02-23 18:49:30 -------- d-----w- C:\Users\Meand3midgets\AppData\Local\CrashDumps
2014-02-23 12:51:50 1184256 ----a-w- C:\Windows\System32\Display.dll
2014-02-23 12:51:50 1164800 ----a-w- C:\Windows\SysWow64\Display.dll
2014-02-23 12:51:49 7168 ----a-w- C:\Windows\System32\KBDKURD.DLL
2014-02-23 12:51:49 6656 ----a-w- C:\Windows\SysWow64\KBDKURD.DLL
2014-02-23 12:51:34 109568 ----a-w- C:\Windows\System32\dskquota.dll
2014-02-23 12:51:33 82944 ----a-w- C:\Windows\SysWow64\dskquota.dll
2014-02-23 12:50:44 929792 ----a-w- C:\Windows\SysWow64\mfnetsrc.dll
2014-02-23 12:50:44 1172992 ----a-w- C:\Windows\System32\mfnetsrc.dll
2014-02-23 12:50:43 677888 ----a-w- C:\Windows\System32\mfnetcore.dll
2014-02-23 12:50:43 673280 ----a-w- C:\Windows\System32\mfmpeg2srcsnk.dll
2014-02-23 12:50:43 568832 ----a-w- C:\Windows\SysWow64\mfnetcore.dll
2014-02-23 12:50:42 513024 ----a-w- C:\Windows\SysWow64\mfmpeg2srcsnk.dll
2014-02-23 12:48:59 62976 ----a-w- C:\Windows\System32\dhcpcsvc6.dll
2014-02-23 12:47:38 893952 ----a-w- C:\Windows\SysWow64\msctf.dll
2014-02-23 12:47:38 1125888 ----a-w- C:\Windows\System32\msctf.dll
2014-02-23 12:47:37 1107968 ----a-w- C:\Program Files\Common Files\System\Ole DB\oledb32.dll
2014-02-23 12:47:35 941056 ----a-w- C:\Program Files (x86)\Common Files\System\Ole DB\oledb32.dll
2014-02-23 12:47:35 448512 ----a-w- C:\Windows\System32\SettingSync.dll
2014-02-23 12:47:34 356352 ----a-w- C:\Windows\SysWow64\SettingSync.dll
2014-02-23 12:47:34 225280 ----a-w- C:\Windows\System32\mbsmsapi.dll
2014-02-23 12:47:34 158208 ----a-w- C:\Windows\SysWow64\mbsmsapi.dll
2014-02-23 12:47:34 128512 ----a-w- C:\Windows\System32\SettingSyncInfo.dll
2014-02-23 12:46:48 566784 ----a-w- C:\Windows\System32\wvc.dll
2014-02-23 12:46:48 1374208 ----a-w- C:\Windows\System32\wdc.dll
2014-02-23 12:46:47 462336 ----a-w- C:\Windows\System32\sysmon.ocx
2014-02-23 12:46:47 1245696 ----a-w- C:\Windows\SysWow64\wdc.dll
2014-02-23 12:46:44 399360 ----a-w- C:\Windows\SysWow64\sysmon.ocx
2014-02-23 12:46:43 437248 ----a-w- C:\Windows\SysWow64\wvc.dll
2014-02-23 12:42:54 2219520 ----a-w- C:\Windows\System32\dwmcore.dll
2014-02-23 12:41:41 997632 ----a-w- C:\Windows\System32\drivers\ndis.sys
2014-02-23 12:40:07 11459584 ----a-w- C:\Windows\System32\glcndFilter.dll
2014-02-23 12:38:55 212992 ----a-w- C:\Windows\System32\bthprops.cpl
2014-02-23 12:37:56 9728 ----a-w- C:\Windows\SysWow64\wlanhlp.dll
2014-02-23 12:37:56 9728 ----a-w- C:\Windows\System32\wlanhlp.dll
2014-02-23 12:37:45 16384 ----a-w- C:\Windows\System32\iscsilog.dll
2014-02-23 10:48:57 3265256 ----a-w- C:\Windows\System32\drivers\evbda.sys
2014-02-23 10:48:33 2397184 ----a-w- C:\Windows\System32\WpcMon.exe
2014-02-23 10:48:20 3964416 ----a-w- C:\Windows\System32\WinSAT.exe
2014-02-23 10:48:12 533224 ----a-w- C:\Windows\System32\drivers\bxvbda.sys
2014-02-23 10:48:04 1513984 ----a-w- C:\Windows\System32\vssapi.dll
2014-02-23 10:46:58 545280 ----a-w- C:\Windows\System32\taskeng.exe
2014-02-23 10:45:59 270336 ----a-w- C:\Windows\SysWow64\mfsvr.dll
2014-02-23 10:44:57 27648 ----a-w- C:\Windows\System32\sspisrv.dll
2014-02-23 10:44:55 17408 ----a-w- C:\Windows\System32\eventcls.dll
2014-02-23 10:44:54 37888 ----a-w- C:\Windows\System32\LangCleanupSysprepAction.dll
2014-02-23 10:44:54 15360 ----a-w- C:\Windows\SysWow64\eventcls.dll
2014-02-23 10:44:53 13824 ----a-w- C:\Windows\System32\MUILanguageCleanup.dll
2014-02-23 10:44:52 8704 ----a-w- C:\Windows\System32\lpksetupproxyserv.dll
2014-02-23 10:44:51 6656 ----a-w- C:\Windows\System32\shimeng.dll
2014-02-23 10:44:51 5632 ----a-w- C:\Windows\SysWow64\shimeng.dll
2014-02-23 10:44:50 98816 ----a-w- C:\Windows\SysWow64\sspicli.dll
2014-02-23 10:44:50 71168 ----a-w- C:\Windows\System32\drivers\hdaudbus.sys
2014-02-23 10:31:59 775344 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe
2014-02-23 10:30:25 3960320 ----a-w- C:\Windows\System32\jscript9.dll
2014-02-23 10:30:23 2877952 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-02-23 10:29:56 108032 ----a-w- C:\Program Files (x86)\Internet Explorer\jsdebuggeride.dll
2014-02-23 09:45:08 76288 ----a-w- C:\Windows\System32\newdev.exe
2014-02-23 09:45:08 75264 ----a-w- C:\Windows\System32\ndadmin.exe
2014-02-23 09:45:08 74240 ----a-w- C:\Windows\SysWow64\newdev.exe
2014-02-23 09:45:08 73728 ----a-w- C:\Windows\SysWow64\ndadmin.exe
2014-02-23 09:45:08 301568 ----a-w- C:\Windows\System32\newdev.dll
2014-02-23 09:45:08 275968 ----a-w- C:\Windows\SysWow64\newdev.dll
2014-02-23 09:44:52 1845248 ----a-w- C:\Windows\System32\msxml3.dll
2014-02-23 09:44:52 1419264 ----a-w- C:\Windows\SysWow64\msxml3.dll
2014-02-23 09:34:04 600064 ----a-w- C:\Windows\System32\vbscript.dll
2014-02-23 09:34:04 2232664 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2014-02-23 09:34:03 523776 ----a-w- C:\Windows\SysWow64\vbscript.dll
2014-02-23 09:31:39 83968 ----a-w- C:\Windows\System32\drivers\hidclass.sys
2014-02-23 09:30:53 583680 ----a-w- C:\Windows\System32\msdrm.dll
2014-02-23 09:30:52 451072 ----a-w- C:\Windows\SysWow64\msdrm.dll
2014-02-23 09:25:55 3842560 ----a-w- C:\Windows\System32\d2d1.dll
2014-02-23 09:25:54 2238976 ----a-w- C:\Windows\System32\d3d10warp.dll
2014-02-23 09:25:53 3288576 ----a-w- C:\Windows\SysWow64\d2d1.dll
2014-02-23 09:25:52 2032640 ----a-w- C:\Windows\SysWow64\d3d10warp.dll
2014-02-23 09:19:50 -------- d-----w- C:\Users\Meand3midgets\AppData\Local\Apple Computer
2014-02-23 09:19:36 33240 ----a-w- C:\Windows\System32\drivers\GEARAspiWDM.sys
2014-02-23 09:19:23 688640 ----a-w- C:\Windows\System32\WSShared.dll
2014-02-23 09:19:23 562688 ----a-w- C:\Windows\SysWow64\WSShared.dll
2014-02-23 09:19:22 163840 ----a-w- C:\Windows\System32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-02-23 09:19:22 124928 ----a-w- C:\Windows\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-02-23 09:18:42 -------- d-----w- C:\Program Files\iPod
2014-02-23 09:18:41 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-02-23 09:18:41 -------- d-----w- C:\Program Files\iTunes
2014-02-23 09:18:41 -------- d-----w- C:\Program Files (x86)\iTunes
2014-02-23 09:16:51 -------- d-----w- C:\Users\Meand3midgets\AppData\Local\Apple
.
==================== Find3M ====================
.
2014-03-02 16:00:42 2079816 ----a-w- C:\Windows\RtlExUpd.dll
2014-03-02 15:55:56 9889352 ----a-w- C:\Windows\SysWow64\RtsP2StorIcon.dll
2014-03-02 15:55:56 288328 ----a-w- C:\Windows\System32\drivers\RtsP2Stor.sys
2014-02-01 09:19:49 2241536 ----a-w- C:\Windows\System32\wininet.dll
2014-02-01 09:19:36 915968 ----a-w- C:\Windows\System32\uxtheme.dll
2014-02-01 09:19:36 53760 ----a-w- C:\Windows\System32\UXInit.dll
2014-02-01 09:18:21 67072 ----a-w- C:\Windows\System32\iesetup.dll
2014-02-01 09:18:21 136704 ----a-w- C:\Windows\System32\iesysprep.dll
2014-02-01 07:58:31 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-02-01 07:58:24 44032 ----a-w- C:\Windows\SysWow64\UXInit.dll
2014-02-01 07:57:16 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-02-01 07:57:16 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2014-02-01 07:40:43 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
2014-02-01 07:34:53 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-02-01 05:08:52 534528 ----a-w- C:\Windows\SysWow64\uxtheme.dll
2013-12-16 14:53:42 177312 ----a-w- C:\Windows\System32\drivers\SYMEVENT64x86.SYS
.
============= FINISH: 9:12:19.14 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 8
Boot Device: \Device\HarddiskVolume2
Install Date: 12/15/2013 10:25:27 AM
System Uptime: 3/2/2014 10:36:34 AM (95 hours ago)
.
Motherboard: Hewlett-Packard | | 188B
Processor: AMD E-300 APU with Radeon(tm) HD Graphics | Socket FT1 | 1300/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 274 GiB total, 155.114 GiB free.
D: is FIXED (NTFS) - 23 GiB total, 2.824 GiB free.
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP6: 2/23/2014 3:17:03 AM - Installed iTunes
RP7: 2/26/2014 3:13:00 AM - HPSF Applying updates
RP8: 2/26/2014 3:13:00 AM - HPSF Applying updates
RP9: 2/28/2014 10:24:30 AM - HPSF Applying updates
RP10: 2/28/2014 10:31:28 AM - HPSF Applying updates
RP11: 3/2/2014 9:42:16 AM - HPSF Applying updates
.
==== Installed Programs ======================
.
4 Elements II
Adobe Flash Player 12 Plugin
Adobe Shockwave Player 12.0
AMD APP SDK Runtime
AMD Catalyst Install Manager
AMD Fuel
AMD VISION Engine Control Center
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Bejeweled 3
Bonjour
Build-a-lot 4 - Power Source
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-utility64
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
Chuzzle Deluxe
Cradle Of Egypt Collector's Edition
Cradle of Rome 2
CyberLink LabelPrint
CyberLink Media Suite 10
CyberLink Power2Go 8
CyberLink PowerDVD
CyberLink YouCam
D3DX10
Energy Star
Farm Frenzy
FATE: The Cursed King
Final Drive Fury
FlatOut 2
Governor of Poker 2 Premium Edition
Hewlett-Packard ACLM.NET v1.2.0.0
Hoyle Card Games
HP Customer Experience Enhancements
HP Documentation
HP Games
HP MyRoom
HP Postscript Converter
HP Quick Launch
HP Quick Start
HP Recovery Manager
HP Registration Service
HP Software Framework
HP Support Assistant
HP Utility Center
HP Wireless Button Driver
iCloud
iTunes
Jewel Match 3
John Deere Drive Green
Luxor Evolved
Mahjongg Dimensions Deluxe: Tiles in Time
Malwarebytes Anti-Malware version 1.75.0.1300
McAfee Security Scan Plus
Microsoft Application Error Reporting
Microsoft Office
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
Mortimer Beckett and the Crimson Thief Premium Edition
Mozilla Firefox 27.0.1 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
Mystery P.I. - Curious Case of Counterfeit Cove
Norton Internet Security
Peggle Nights
Penguins!
Polar Bowler
Polar Golfer
Qualcomm Atheros Driver Installation Program
Realtek Ethernet Controller Driver
Realtek High Definition Audio Driver
Realtek PCIE Card Reader
Roads of Rome 3
Secunia PSI (3.0.0.9016)
swMSM
Synaptics Pointing Device Driver
Tales of Lagoona
Update Installer for WildTangent Games App
Vacation Quest - Australia
WildTangent Games
WildTangent Games App
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Language Selector
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Zuma's Revenge
.
==== Event Viewer Messages From Past Week ========
.
3/2/2014 11:58:36 AM, Error: Service Control Manager [7000] - The CLVirtualDrive service failed to start due to the following error: The system cannot find the file specified.
3/2/2014 10:24:13 AM, Error: Service Control Manager [7030] - The HPWMISVC service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
2/28/2014 10:34:21 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HPWMISVC service.
.
==== End Of File ===========================
GMER 2.1.19357 - http://www.gmer.net
Rootkit scan 2014-03-06 09:21:06
Windows 6.2.9200 x64 \Device\Harddisk0\DR0 -> \Device\00000032 WDC_WD3200LPVX-60V0TT0 rev.01.01A01 298.09GB
Running: 288x8ivf.exe; Driver: C:\Users\MEAND3~1\AppData\Local\Temp\pgloypow.sys
---- Kernel code sections - GMER 2.1 ----
.text C:\Windows\System32\win32k.sys!W32pServiceTable fffff960000dd100 7 bytes [40, 4F, 82, 01, 00, 51, F2]
.text C:\Windows\System32\win32k.sys!W32pServiceTable + 8 fffff960000dd108 7 bytes [01, 15, C0, FF, 00, 12, DB]
---- User code sections - GMER 2.1 ----
.text C:\Windows\system32\atiesrxx.exe[900] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 306 000007fac1b0177a 4 bytes [B0, C1, FA, 07]
.text C:\Windows\system32\atiesrxx.exe[900] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 314 000007fac1b01782 4 bytes [B0, C1, FA, 07]
.text C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[1192] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007fabb721532 4 bytes [72, BB, FA, 07]
.text C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[1192] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007fabb72153a 4 bytes [72, BB, FA, 07]
.text C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[1192] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007fabb72165a 4 bytes [72, BB, FA, 07]
.text C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe[1880] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007fabb721532 4 bytes [72, BB, FA, 07]
.text C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe[1880] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007fabb72153a 4 bytes [72, BB, FA, 07]
.text C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe[1880] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007fabb72165a 4 bytes [72, BB, FA, 07]
.text C:\Windows\system32\atieclxx.exe[2540] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 306 000007fac1b0177a 4 bytes [B0, C1, FA, 07]
.text C:\Windows\system32\atieclxx.exe[2540] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 314 000007fac1b01782 4 bytes [B0, C1, FA, 07]
.text C:\Windows\system32\atieclxx.exe[2540] C:\Windows\system32\WSOCK32.dll!recvfrom + 742 000007fabbb51b32 4 bytes [B5, BB, FA, 07]
.text C:\Windows\system32\atieclxx.exe[2540] C:\Windows\system32\WSOCK32.dll!recvfrom + 750 000007fabbb51b3a 4 bytes [B5, BB, FA, 07]
.text C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe[2484] C:\Windows\system32\psapi.dll!GetProcessImageFileNameA + 306 000007fac1b0177a 4 bytes [B0, C1, FA, 07]
.text C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe[2484] C:\Windows\system32\psapi.dll!GetProcessImageFileNameA + 314 000007fac1b01782 4 bytes [B0, C1, FA, 07]
.text C:\Windows\Explorer.EXE[292] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 306 000007fac1b0177a 4 bytes [B0, C1, FA, 07]
.text C:\Windows\Explorer.EXE[292] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 314 000007fac1b01782 4 bytes [B0, C1, FA, 07]
---- Threads - GMER 2.1 ----
Thread C:\Windows\system32\csrss.exe [608:632] fffff960009ba5e8
---- Disk sectors - GMER 2.1 ----
Disk \Device\Harddisk0\DR0 unknown MBR code
---- EOF - GMER 2.1 ----
I am using:
OS Version: Microsoft Windows 8, 64 bit
Processor: AMD E-300 APU with Radeon(tm) HD Graphics, AMD64 Family 20 Model 2 Stepping 0
Processor Count: 2
RAM: 3682 Mb
Graphics Card: AMD Radeon HD 6310, 384 Mb
Hard Drives: C: Total - 280502 MB, Free - 158837 MB; D: Total - 23952 MB, Free - 2892 MB;
Motherboard: Hewlett-Packard, 188B
Antivirus: Windows Defender, Disabled
ANY help is greatly appreciated!! =)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:08:10 AM, on 3/6/2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.16798)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MMLoadDrv.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Secunia\PSI\PSI_TRAY.exe
C:\Windows\SysWOW64\NOTEPAD.EXE
C:\Users\Meand3midgets\Downloads\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT13/1
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT13/1
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT13/1
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT13/1
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/HPNOT13/1
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coIEPlg.dll
O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\IPS\IPSBHO.DLL
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coIEPlg.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
O4 - HKCU\..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
O4 - HKCU\..\Run: [Power2GoExpress8] "C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe"
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files (x86)\McAfee Security Scan\3.0.285\SSScheduler.exe
O4 - Global Startup: Secunia PSI Tray.lnk = C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\3.0.285\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\PSIA.exe
O23 - Service: Secunia Update Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\sua.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 10241 bytes
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16798
Run by Meand3midgets at 9:11:39 on 2014-03-06
Microsoft Windows 8 6.2.9200.0.1252.1.1033.18.3682.2209 [GMT -6:00]
.
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Internet Security *Disabled/Outdated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton Internet Security *Disabled/Outdated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ===============
.
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\dwm.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
C:\Windows\system32\svchost.exe -k apphost
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\dashost.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\atieclxx.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\system32\taskhostex.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
C:\Windows\system32\SearchIndexer.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MMLoadDrv.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Secunia\PSI\PSIA.exe
C:\Program Files (x86)\Secunia\PSI\PSI_TRAY.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
mWinlogon: Userinit = userinit.exe
BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coieplg.dll
BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ips\ipsbho.dll
BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coieplg.dll
uRun: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
uRun: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
uRun: [Power2GoExpress8] "C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe"
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\MCAFEE~1.LNK - C:\Program Files (x86)\McAfee Security Scan\3.0.285\SSScheduler.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\SECUNI~1.LNK - C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
TCP: NameServer = 172.20.10.1
TCP: Interfaces\{39664B65-F028-4D27-9E40-9EC612759E06} : DHCPNameServer = 172.20.10.1
TCP: Interfaces\{5A8F9880-A059-4C46-A0E7-52AC684AB36E} : DHCPNameServer = 172.20.10.1
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
x64-RunOnce: [NCPluginUpdater] "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Meand3midgets\AppData\Roaming\Mozilla\Firefox\Profiles\8hcl2pnn.de fault\
FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1209149.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll
.
============= SERVICES / DRIVERS ===============
.
R0 amd_sata;amd_sata;C:\Windows\System32\Drivers\amd_sata.sys [2012-7-23 79528]
R0 amd_xata;amd_xata;C:\Windows\System32\Drivers\amd_xata.sys [2012-7-23 26280]
R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2013-8-13 98208]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-8-2 239616]
R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-8-6 361984]
R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2012-8-10 85504]
R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2012-9-7 35232]
R2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2014-3-2 2468496]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-12-18 418376]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-12-18 701512]
R2 NIS;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccsvchst.exe [2013-12-16 144368]
R2 RtkAudioService;Realtek Audio Service;C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE [2014-3-2 245832]
R2 Secunia PSI Agent;Secunia PSI Agent;C:\Program Files (x86)\Secunia\PSI\psia.exe [2013-12-6 1229528]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\Drivers\AtihdW86.sys [2012-7-17 98472]
R3 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\BASHDefs\20131203.001\BHDrvx64.sys [2013-12-3 1526488]
R3 ccSet_NIS;Norton Internet Security Settings Manager;C:\Windows\System32\Drivers\NISx64\1404000.028\ccsetx64.sys [2013-12-16 169048]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2013-12-19 137648]
R3 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\IPSDefs\20131223.001\IDSviA64.sys [2013-12-23 521944]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\Drivers\mbam.sys [2013-12-18 25928]
R3 PSI;PSI;C:\Windows\System32\Drivers\psi_mf_amd64.sys [2013-12-6 18456]
R3 RSP2STOR;Realtek PCIE CardReader Driver - P2;C:\Windows\System32\Drivers\RtsP2Stor.sys [2012-6-13 288328]
R3 RTL8168;Realtek 8168 NT Driver;C:\Windows\System32\Drivers\Rt630x64.sys [2014-3-2 760032]
R3 SymDS;Symantec Data Store;C:\Windows\System32\Drivers\NISx64\1404000.028\symds64.sys [2013-12-16 493656]
R3 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\Drivers\NISx64\1404000.028\symefa64.sys [2013-12-16 1139800]
R3 SymIRON;Symantec Iron Driver;C:\Windows\System32\Drivers\NISx64\1404000.028\ironx64.sys [2013-12-16 224416]
R3 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\Drivers\NISx64\1404000.028\symnets.sys [2013-12-16 433752]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\Drivers\usbfilter.sys [2013-8-13 57000]
R3 WirelessButtonDriver;HP Wireless Button Driver Service;C:\Windows\System32\Drivers\WirelessButtonDriver64.sys [2013-6-27 20800]
S1 CLVirtualDrive;CLVirtualDrive;C:\Windows\System32\Drivers\CLVirtualDrive.sy s [2014-3-2 92536]
S2 Secunia Update Agent;Secunia Update Agent;C:\Program Files (x86)\Secunia\PSI\sua.exe [2013-12-6 662232]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 iaStorA;iaStorA;C:\Windows\System32\Drivers\iaStorA.sys [2012-7-31 645952]
S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files (x86)\McAfee Security Scan\3.0.285\McCHSvc.exe [2012-9-5 234776]
S3 Netaapl;Apple Mobile Device Ethernet Service;C:\Windows\System32\Drivers\netaapl64.sys [2013-8-6 23040]
S3 SmbDrv;SmbDrv;C:\Windows\System32\Drivers\Smb_driver_AMDASF.sys [2013-8-13 41272]
S3 SmbDrvI;SmbDrvI;C:\Windows\System32\Drivers\Smb_driver_Intel.sys [2013-8-13 43832]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\Drivers\usbaapl64.sys [2013-3-18 54784]
S3 WUDFWpdMtp;WUDFWpdMtp;C:\Windows\System32\Drivers\WUDFRd.sys [2012-7-25 198656]
S4 SymELAM;Symantec ELAM Driver;C:\Windows\System32\Drivers\NISx64\1404000.028\symelam.sys [2013-12-16 23448]
.
=============== Created Last 30 ================
.
2014-03-06 14:52:06 -------- d-----w- C:\Users\Meand3midgets\AppData\Local\Secunia PSI
2014-03-06 14:51:55 -------- d-----w- C:\Program Files (x86)\Secunia
2014-03-02 17:58:35 92536 ----a-w- C:\Windows\System32\drivers\CLVirtualDrive.sys
2014-03-02 17:58:26 -------- d-----w- C:\Program Files (x86)\Common Files\CyberLink
2014-03-02 16:38:20 78304 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-03-02 16:38:20 694240 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-03-02 16:06:42 3786752 ----a-w- C:\Windows\System32\drivers\athw8x.sys
2014-03-02 16:02:48 -------- d-----w- C:\Windows\System32\SRSLabs
2014-03-02 16:02:08 3441992 ----a-w- C:\Windows\System32\drivers\RTKVHD64.sys
2014-03-02 16:02:08 2794056 ----a-w- C:\Windows\System32\RtPgEx64.dll
2014-03-02 16:02:08 1662024 ----a-w- C:\Windows\System32\RTSnMg64.cpl
2014-03-02 16:02:07 613448 ----a-w- C:\Windows\System32\RtDataProc64.dll
2014-03-02 16:02:07 3744328 ----a-w- C:\Windows\System32\RtkAPO64.dll
2014-03-02 16:02:07 1284680 ----a-w- C:\Windows\System32\RTCOM64.dll
2014-03-02 16:02:07 1003592 ----a-w- C:\Windows\System32\RtkApi64.dll
2014-03-02 16:02:06 26987520 ----a-w- C:\Windows\System32\RCoRes64.dat
2014-03-02 16:02:06 142920 ----a-w- C:\Windows\System32\RCoInstII64.dll
2014-03-02 16:02:02 208072 ----a-w- C:\Windows\System32\AERTAC64.dll
2014-03-02 16:02:02 110592 ----a-w- C:\Windows\System32\CONEQMSAPOGUILibrary.dll
2014-03-02 15:47:06 -------- d-----w- C:\Windows\SysWow64\sda
2014-03-02 15:44:01 760032 ----a-w- C:\Windows\System32\drivers\Rt630x64.sys
2014-03-02 15:44:01 74344 ----a-w- C:\Windows\System32\RtNicProp64.dll
2014-02-28 19:51:17 255664 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10234.bin
2014-02-23 18:49:30 -------- d-----w- C:\Users\Meand3midgets\AppData\Local\CrashDumps
2014-02-23 12:51:50 1184256 ----a-w- C:\Windows\System32\Display.dll
2014-02-23 12:51:50 1164800 ----a-w- C:\Windows\SysWow64\Display.dll
2014-02-23 12:51:49 7168 ----a-w- C:\Windows\System32\KBDKURD.DLL
2014-02-23 12:51:49 6656 ----a-w- C:\Windows\SysWow64\KBDKURD.DLL
2014-02-23 12:51:34 109568 ----a-w- C:\Windows\System32\dskquota.dll
2014-02-23 12:51:33 82944 ----a-w- C:\Windows\SysWow64\dskquota.dll
2014-02-23 12:50:44 929792 ----a-w- C:\Windows\SysWow64\mfnetsrc.dll
2014-02-23 12:50:44 1172992 ----a-w- C:\Windows\System32\mfnetsrc.dll
2014-02-23 12:50:43 677888 ----a-w- C:\Windows\System32\mfnetcore.dll
2014-02-23 12:50:43 673280 ----a-w- C:\Windows\System32\mfmpeg2srcsnk.dll
2014-02-23 12:50:43 568832 ----a-w- C:\Windows\SysWow64\mfnetcore.dll
2014-02-23 12:50:42 513024 ----a-w- C:\Windows\SysWow64\mfmpeg2srcsnk.dll
2014-02-23 12:48:59 62976 ----a-w- C:\Windows\System32\dhcpcsvc6.dll
2014-02-23 12:47:38 893952 ----a-w- C:\Windows\SysWow64\msctf.dll
2014-02-23 12:47:38 1125888 ----a-w- C:\Windows\System32\msctf.dll
2014-02-23 12:47:37 1107968 ----a-w- C:\Program Files\Common Files\System\Ole DB\oledb32.dll
2014-02-23 12:47:35 941056 ----a-w- C:\Program Files (x86)\Common Files\System\Ole DB\oledb32.dll
2014-02-23 12:47:35 448512 ----a-w- C:\Windows\System32\SettingSync.dll
2014-02-23 12:47:34 356352 ----a-w- C:\Windows\SysWow64\SettingSync.dll
2014-02-23 12:47:34 225280 ----a-w- C:\Windows\System32\mbsmsapi.dll
2014-02-23 12:47:34 158208 ----a-w- C:\Windows\SysWow64\mbsmsapi.dll
2014-02-23 12:47:34 128512 ----a-w- C:\Windows\System32\SettingSyncInfo.dll
2014-02-23 12:46:48 566784 ----a-w- C:\Windows\System32\wvc.dll
2014-02-23 12:46:48 1374208 ----a-w- C:\Windows\System32\wdc.dll
2014-02-23 12:46:47 462336 ----a-w- C:\Windows\System32\sysmon.ocx
2014-02-23 12:46:47 1245696 ----a-w- C:\Windows\SysWow64\wdc.dll
2014-02-23 12:46:44 399360 ----a-w- C:\Windows\SysWow64\sysmon.ocx
2014-02-23 12:46:43 437248 ----a-w- C:\Windows\SysWow64\wvc.dll
2014-02-23 12:42:54 2219520 ----a-w- C:\Windows\System32\dwmcore.dll
2014-02-23 12:41:41 997632 ----a-w- C:\Windows\System32\drivers\ndis.sys
2014-02-23 12:40:07 11459584 ----a-w- C:\Windows\System32\glcndFilter.dll
2014-02-23 12:38:55 212992 ----a-w- C:\Windows\System32\bthprops.cpl
2014-02-23 12:37:56 9728 ----a-w- C:\Windows\SysWow64\wlanhlp.dll
2014-02-23 12:37:56 9728 ----a-w- C:\Windows\System32\wlanhlp.dll
2014-02-23 12:37:45 16384 ----a-w- C:\Windows\System32\iscsilog.dll
2014-02-23 10:48:57 3265256 ----a-w- C:\Windows\System32\drivers\evbda.sys
2014-02-23 10:48:33 2397184 ----a-w- C:\Windows\System32\WpcMon.exe
2014-02-23 10:48:20 3964416 ----a-w- C:\Windows\System32\WinSAT.exe
2014-02-23 10:48:12 533224 ----a-w- C:\Windows\System32\drivers\bxvbda.sys
2014-02-23 10:48:04 1513984 ----a-w- C:\Windows\System32\vssapi.dll
2014-02-23 10:46:58 545280 ----a-w- C:\Windows\System32\taskeng.exe
2014-02-23 10:45:59 270336 ----a-w- C:\Windows\SysWow64\mfsvr.dll
2014-02-23 10:44:57 27648 ----a-w- C:\Windows\System32\sspisrv.dll
2014-02-23 10:44:55 17408 ----a-w- C:\Windows\System32\eventcls.dll
2014-02-23 10:44:54 37888 ----a-w- C:\Windows\System32\LangCleanupSysprepAction.dll
2014-02-23 10:44:54 15360 ----a-w- C:\Windows\SysWow64\eventcls.dll
2014-02-23 10:44:53 13824 ----a-w- C:\Windows\System32\MUILanguageCleanup.dll
2014-02-23 10:44:52 8704 ----a-w- C:\Windows\System32\lpksetupproxyserv.dll
2014-02-23 10:44:51 6656 ----a-w- C:\Windows\System32\shimeng.dll
2014-02-23 10:44:51 5632 ----a-w- C:\Windows\SysWow64\shimeng.dll
2014-02-23 10:44:50 98816 ----a-w- C:\Windows\SysWow64\sspicli.dll
2014-02-23 10:44:50 71168 ----a-w- C:\Windows\System32\drivers\hdaudbus.sys
2014-02-23 10:31:59 775344 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe
2014-02-23 10:30:25 3960320 ----a-w- C:\Windows\System32\jscript9.dll
2014-02-23 10:30:23 2877952 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-02-23 10:29:56 108032 ----a-w- C:\Program Files (x86)\Internet Explorer\jsdebuggeride.dll
2014-02-23 09:45:08 76288 ----a-w- C:\Windows\System32\newdev.exe
2014-02-23 09:45:08 75264 ----a-w- C:\Windows\System32\ndadmin.exe
2014-02-23 09:45:08 74240 ----a-w- C:\Windows\SysWow64\newdev.exe
2014-02-23 09:45:08 73728 ----a-w- C:\Windows\SysWow64\ndadmin.exe
2014-02-23 09:45:08 301568 ----a-w- C:\Windows\System32\newdev.dll
2014-02-23 09:45:08 275968 ----a-w- C:\Windows\SysWow64\newdev.dll
2014-02-23 09:44:52 1845248 ----a-w- C:\Windows\System32\msxml3.dll
2014-02-23 09:44:52 1419264 ----a-w- C:\Windows\SysWow64\msxml3.dll
2014-02-23 09:34:04 600064 ----a-w- C:\Windows\System32\vbscript.dll
2014-02-23 09:34:04 2232664 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2014-02-23 09:34:03 523776 ----a-w- C:\Windows\SysWow64\vbscript.dll
2014-02-23 09:31:39 83968 ----a-w- C:\Windows\System32\drivers\hidclass.sys
2014-02-23 09:30:53 583680 ----a-w- C:\Windows\System32\msdrm.dll
2014-02-23 09:30:52 451072 ----a-w- C:\Windows\SysWow64\msdrm.dll
2014-02-23 09:25:55 3842560 ----a-w- C:\Windows\System32\d2d1.dll
2014-02-23 09:25:54 2238976 ----a-w- C:\Windows\System32\d3d10warp.dll
2014-02-23 09:25:53 3288576 ----a-w- C:\Windows\SysWow64\d2d1.dll
2014-02-23 09:25:52 2032640 ----a-w- C:\Windows\SysWow64\d3d10warp.dll
2014-02-23 09:19:50 -------- d-----w- C:\Users\Meand3midgets\AppData\Local\Apple Computer
2014-02-23 09:19:36 33240 ----a-w- C:\Windows\System32\drivers\GEARAspiWDM.sys
2014-02-23 09:19:23 688640 ----a-w- C:\Windows\System32\WSShared.dll
2014-02-23 09:19:23 562688 ----a-w- C:\Windows\SysWow64\WSShared.dll
2014-02-23 09:19:22 163840 ----a-w- C:\Windows\System32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-02-23 09:19:22 124928 ----a-w- C:\Windows\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-02-23 09:18:42 -------- d-----w- C:\Program Files\iPod
2014-02-23 09:18:41 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-02-23 09:18:41 -------- d-----w- C:\Program Files\iTunes
2014-02-23 09:18:41 -------- d-----w- C:\Program Files (x86)\iTunes
2014-02-23 09:16:51 -------- d-----w- C:\Users\Meand3midgets\AppData\Local\Apple
.
==================== Find3M ====================
.
2014-03-02 16:00:42 2079816 ----a-w- C:\Windows\RtlExUpd.dll
2014-03-02 15:55:56 9889352 ----a-w- C:\Windows\SysWow64\RtsP2StorIcon.dll
2014-03-02 15:55:56 288328 ----a-w- C:\Windows\System32\drivers\RtsP2Stor.sys
2014-02-01 09:19:49 2241536 ----a-w- C:\Windows\System32\wininet.dll
2014-02-01 09:19:36 915968 ----a-w- C:\Windows\System32\uxtheme.dll
2014-02-01 09:19:36 53760 ----a-w- C:\Windows\System32\UXInit.dll
2014-02-01 09:18:21 67072 ----a-w- C:\Windows\System32\iesetup.dll
2014-02-01 09:18:21 136704 ----a-w- C:\Windows\System32\iesysprep.dll
2014-02-01 07:58:31 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-02-01 07:58:24 44032 ----a-w- C:\Windows\SysWow64\UXInit.dll
2014-02-01 07:57:16 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-02-01 07:57:16 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2014-02-01 07:40:43 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
2014-02-01 07:34:53 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-02-01 05:08:52 534528 ----a-w- C:\Windows\SysWow64\uxtheme.dll
2013-12-16 14:53:42 177312 ----a-w- C:\Windows\System32\drivers\SYMEVENT64x86.SYS
.
============= FINISH: 9:12:19.14 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 8
Boot Device: \Device\HarddiskVolume2
Install Date: 12/15/2013 10:25:27 AM
System Uptime: 3/2/2014 10:36:34 AM (95 hours ago)
.
Motherboard: Hewlett-Packard | | 188B
Processor: AMD E-300 APU with Radeon(tm) HD Graphics | Socket FT1 | 1300/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 274 GiB total, 155.114 GiB free.
D: is FIXED (NTFS) - 23 GiB total, 2.824 GiB free.
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP6: 2/23/2014 3:17:03 AM - Installed iTunes
RP7: 2/26/2014 3:13:00 AM - HPSF Applying updates
RP8: 2/26/2014 3:13:00 AM - HPSF Applying updates
RP9: 2/28/2014 10:24:30 AM - HPSF Applying updates
RP10: 2/28/2014 10:31:28 AM - HPSF Applying updates
RP11: 3/2/2014 9:42:16 AM - HPSF Applying updates
.
==== Installed Programs ======================
.
4 Elements II
Adobe Flash Player 12 Plugin
Adobe Shockwave Player 12.0
AMD APP SDK Runtime
AMD Catalyst Install Manager
AMD Fuel
AMD VISION Engine Control Center
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Bejeweled 3
Bonjour
Build-a-lot 4 - Power Source
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-utility64
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
Chuzzle Deluxe
Cradle Of Egypt Collector's Edition
Cradle of Rome 2
CyberLink LabelPrint
CyberLink Media Suite 10
CyberLink Power2Go 8
CyberLink PowerDVD
CyberLink YouCam
D3DX10
Energy Star
Farm Frenzy
FATE: The Cursed King
Final Drive Fury
FlatOut 2
Governor of Poker 2 Premium Edition
Hewlett-Packard ACLM.NET v1.2.0.0
Hoyle Card Games
HP Customer Experience Enhancements
HP Documentation
HP Games
HP MyRoom
HP Postscript Converter
HP Quick Launch
HP Quick Start
HP Recovery Manager
HP Registration Service
HP Software Framework
HP Support Assistant
HP Utility Center
HP Wireless Button Driver
iCloud
iTunes
Jewel Match 3
John Deere Drive Green
Luxor Evolved
Mahjongg Dimensions Deluxe: Tiles in Time
Malwarebytes Anti-Malware version 1.75.0.1300
McAfee Security Scan Plus
Microsoft Application Error Reporting
Microsoft Office
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
Mortimer Beckett and the Crimson Thief Premium Edition
Mozilla Firefox 27.0.1 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
Mystery P.I. - Curious Case of Counterfeit Cove
Norton Internet Security
Peggle Nights
Penguins!
Polar Bowler
Polar Golfer
Qualcomm Atheros Driver Installation Program
Realtek Ethernet Controller Driver
Realtek High Definition Audio Driver
Realtek PCIE Card Reader
Roads of Rome 3
Secunia PSI (3.0.0.9016)
swMSM
Synaptics Pointing Device Driver
Tales of Lagoona
Update Installer for WildTangent Games App
Vacation Quest - Australia
WildTangent Games
WildTangent Games App
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Language Selector
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Zuma's Revenge
.
==== Event Viewer Messages From Past Week ========
.
3/2/2014 11:58:36 AM, Error: Service Control Manager [7000] - The CLVirtualDrive service failed to start due to the following error: The system cannot find the file specified.
3/2/2014 10:24:13 AM, Error: Service Control Manager [7030] - The HPWMISVC service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
2/28/2014 10:34:21 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HPWMISVC service.
.
==== End Of File ===========================
GMER 2.1.19357 - http://www.gmer.net
Rootkit scan 2014-03-06 09:21:06
Windows 6.2.9200 x64 \Device\Harddisk0\DR0 -> \Device\00000032 WDC_WD3200LPVX-60V0TT0 rev.01.01A01 298.09GB
Running: 288x8ivf.exe; Driver: C:\Users\MEAND3~1\AppData\Local\Temp\pgloypow.sys
---- Kernel code sections - GMER 2.1 ----
.text C:\Windows\System32\win32k.sys!W32pServiceTable fffff960000dd100 7 bytes [40, 4F, 82, 01, 00, 51, F2]
.text C:\Windows\System32\win32k.sys!W32pServiceTable + 8 fffff960000dd108 7 bytes [01, 15, C0, FF, 00, 12, DB]
---- User code sections - GMER 2.1 ----
.text C:\Windows\system32\atiesrxx.exe[900] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 306 000007fac1b0177a 4 bytes [B0, C1, FA, 07]
.text C:\Windows\system32\atiesrxx.exe[900] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 314 000007fac1b01782 4 bytes [B0, C1, FA, 07]
.text C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[1192] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007fabb721532 4 bytes [72, BB, FA, 07]
.text C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[1192] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007fabb72153a 4 bytes [72, BB, FA, 07]
.text C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[1192] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007fabb72165a 4 bytes [72, BB, FA, 07]
.text C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe[1880] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007fabb721532 4 bytes [72, BB, FA, 07]
.text C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe[1880] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007fabb72153a 4 bytes [72, BB, FA, 07]
.text C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe[1880] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007fabb72165a 4 bytes [72, BB, FA, 07]
.text C:\Windows\system32\atieclxx.exe[2540] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 306 000007fac1b0177a 4 bytes [B0, C1, FA, 07]
.text C:\Windows\system32\atieclxx.exe[2540] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 314 000007fac1b01782 4 bytes [B0, C1, FA, 07]
.text C:\Windows\system32\atieclxx.exe[2540] C:\Windows\system32\WSOCK32.dll!recvfrom + 742 000007fabbb51b32 4 bytes [B5, BB, FA, 07]
.text C:\Windows\system32\atieclxx.exe[2540] C:\Windows\system32\WSOCK32.dll!recvfrom + 750 000007fabbb51b3a 4 bytes [B5, BB, FA, 07]
.text C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe[2484] C:\Windows\system32\psapi.dll!GetProcessImageFileNameA + 306 000007fac1b0177a 4 bytes [B0, C1, FA, 07]
.text C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe[2484] C:\Windows\system32\psapi.dll!GetProcessImageFileNameA + 314 000007fac1b01782 4 bytes [B0, C1, FA, 07]
.text C:\Windows\Explorer.EXE[292] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 306 000007fac1b0177a 4 bytes [B0, C1, FA, 07]
.text C:\Windows\Explorer.EXE[292] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 314 000007fac1b01782 4 bytes [B0, C1, FA, 07]
---- Threads - GMER 2.1 ----
Thread C:\Windows\system32\csrss.exe [608:632] fffff960009ba5e8
---- Disk sectors - GMER 2.1 ----
Disk \Device\Harddisk0\DR0 unknown MBR code
---- EOF - GMER 2.1 ----