Solved Yet another Patched.64 (and other) issues

F1forever · Nov 26, 2012

Hi, my name is Bob. My wife has apparently infected he computer in a big way. I am not a novice but I am no expert either so bear with me. She has gotten patched 64 and other trojans and viruses. One issue up front is that her computer has touble booting in normal mode. Don't know if this is a result of trojan but ssems to coincide, so can I run in safe mode? If not I may be away for a bit to get this thing to boot. Also I can only browse reliably via AOL for some reason. I will post MBAM Annd DDS logs soon, unless I crash again. Thanks in advance for your help.

F1forever · Nov 26, 2012

Sorry I meant to say Patched.a

F1forever · Nov 26, 2012

MBAM Scan results:
2012/11/26 01:00:42 -0500 PAM-PC (null) MESSAGE Executing scheduled update: Daily
2012/11/26 01:00:50 -0500 PAM-PC (null) MESSAGE Scheduled update executed successfully: database updated from version v2012.11.23.06 to version v2012.11.26.01
2012/11/26 08:34:08 -0500 PAM-PC Pam MESSAGE Starting protection
2012/11/26 08:34:08 -0500 PAM-PC Pam MESSAGE Protection started successfully
2012/11/26 08:34:08 -0500 PAM-PC Pam MESSAGE Starting IP protection
2012/11/26 08:34:08 -0500 PAM-PC Pam ERROR IP protection failed: FwpmEngineOpen0 failed with error code 1753
2012/11/26 08:34:08 -0500 PAM-PC Pam MESSAGE Starting database refresh
2012/11/26 08:34:09 -0500 PAM-PC Pam MESSAGE Database refreshed successfully
2012/11/26 15:38:22 -0500 PAM-PC Pam MESSAGE Starting protection
2012/11/26 15:38:22 -0500 PAM-PC Pam MESSAGE Protection started successfully
2012/11/26 15:38:22 -0500 PAM-PC Pam MESSAGE Starting IP protection
2012/11/26 15:38:22 -0500 PAM-PC Pam ERROR IP protection failed: FwpmEngineOpen0 failed with error code 1753
2012/11/26 15:38:46 -0500 PAM-PC Pam DETECTION C:\Windows\Installer\{75e5ac81-c8d7-a73a-fc39-04499a001110}\U\80000032.@ Rootkit.0Access QUARANTINE
2012/11/26 15:39:01 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent QUARANTINE
2012/11/26 15:48:32 -0500 PAM-PC Pam MESSAGE Starting protection
2012/11/26 15:48:32 -0500 PAM-PC Pam MESSAGE Protection started successfully
2012/11/26 15:48:32 -0500 PAM-PC Pam MESSAGE Starting IP protection
2012/11/26 15:48:32 -0500 PAM-PC Pam ERROR IP protection failed: FwpmEngineOpen0 failed with error code 1753
2012/11/26 15:53:55 -0500 PAM-PC Pam MESSAGE Starting protection
2012/11/26 15:53:55 -0500 PAM-PC Pam MESSAGE Protection started successfully
2012/11/26 15:53:55 -0500 PAM-PC Pam MESSAGE Starting IP protection
2012/11/26 15:53:55 -0500 PAM-PC Pam ERROR IP protection failed: FwpmEngineOpen0 failed with error code 1753
2012/11/26 15:54:29 -0500 PAM-PC Pam DETECTION C:\Windows\Installer\{75e5ac81-c8d7-a73a-fc39-04499a001110}\U\80000032.@ Rootkit.0Access QUARANTINE
2012/11/26 15:54:39 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent QUARANTINE
2012/11/26 15:55:28 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 15:55:39 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 15:55:51 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 15:56:09 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 15:56:20 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 15:56:30 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 15:56:40 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 15:56:51 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 15:57:01 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 15:57:11 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 15:57:22 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 15:57:32 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 15:57:42 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 15:57:52 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 15:58:02 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:03:17 -0500 PAM-PC Pam DETECTION c:\windows\installer\{75e5ac81-c8d7-a73a-fc39-04499a001110}\u\80000032.@ Rootkit.0Access DENY
2012/11/26 16:03:17 -0500 PAM-PC Pam DETECTION C:\Windows\Installer\{75e5ac81-c8d7-a73a-fc39-04499a001110}\U\000000cb.@ Rootkit.0Access QUARANTINE
2012/11/26 16:03:17 -0500 PAM-PC Pam DETECTION c:\windows\installer\{75e5ac81-c8d7-a73a-fc39-04499a001110}\u\80000032.@ Rootkit.0Access DENY
2012/11/26 16:03:17 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:03:28 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:03:38 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:03:49 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:03:49 -0500 PAM-PC Pam DETECTION C:\Windows\Installer\{75e5ac81-c8d7-a73a-fc39-04499a001110}\U\80000032.@ Rootkit.0Access DENY
2012/11/26 16:03:50 -0500 PAM-PC Pam DETECTION C:\Windows\Installer\{75e5ac81-c8d7-a73a-fc39-04499a001110}\U\80000032.@ Rootkit.0Access DENY
2012/11/26 16:03:59 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:04:09 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:04:20 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:04:30 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:04:41 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:04:51 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:05:01 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:05:11 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:05:21 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:05:31 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:05:41 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:05:52 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:06:02 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:06:12 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:06:22 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:06:28 -0500 PAM-PC Pam DETECTION C:\Windows\Installer\{75e5ac81-c8d7-a73a-fc39-04499a001110}\U\000000cb.@ Rootkit.0Access DENY
2012/11/26 16:06:32 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:06:42 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:06:52 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:07:02 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:07:13 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:07:23 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:07:33 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:07:47 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:07:57 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:08:07 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:08:17 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:08:28 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:08:38 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:08:48 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:08:58 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:09:08 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:09:18 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:09:28 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:09:39 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:09:49 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:09:59 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:10:09 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:10:19 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:10:29 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:10:40 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:10:50 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:11:01 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:11:12 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:11:22 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:11:32 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:11:42 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:11:53 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:12:03 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:12:13 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:12:23 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:12:33 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:12:43 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:12:53 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:13:03 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:13:14 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:13:24 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:13:34 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:13:44 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:13:54 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:14:04 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:14:14 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:14:24 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:14:34 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:14:45 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:14:55 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:15:05 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:15:15 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:15:25 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:15:35 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:15:45 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:15:55 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:16:05 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:16:15 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:16:26 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:16:36 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:16:46 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:16:56 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:17:06 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:17:16 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:17:26 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:17:36 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:17:47 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:17:57 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:18:07 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:18:17 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:18:27 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:18:37 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:18:47 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:18:57 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:19:07 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:19:17 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:19:28 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:19:38 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:19:48 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:19:58 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:20:08 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:20:18 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:20:20 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:20:21 -0500 PAM-PC Pam DETECTION c:\windows\installer\{75e5ac81-c8d7-a73a-fc39-04499a001110}\u\80000032.@ Rootkit.0Access DENY
2012/11/26 16:20:23 -0500 PAM-PC Pam DETECTION c:\windows\installer\{75e5ac81-c8d7-a73a-fc39-04499a001110}\u\80000032.@ Rootkit.0Access DENY
2012/11/26 16:20:28 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:20:39 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:20:49 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:20:59 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:21:09 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:21:19 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:21:29 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:21:39 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:21:50 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:22:00 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:22:10 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:22:20 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:22:30 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:22:40 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:22:50 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:23:00 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:23:10 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:23:21 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:23:31 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:23:41 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:23:51 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:24:01 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:24:11 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:24:21 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:24:31 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:24:41 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:24:52 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:25:02 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:25:12 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:25:22 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:25:32 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:25:42 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:25:52 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:26:02 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:26:12 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:26:22 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:26:32 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:26:43 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:26:53 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:27:03 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:27:13 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:27:23 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:27:33 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:27:43 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:27:53 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:28:03 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:28:14 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:28:24 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:28:34 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:28:44 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:28:54 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:29:04 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:29:14 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:29:24 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:29:34 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:29:44 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:29:54 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:30:05 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:30:15 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:30:25 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:30:35 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:30:45 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:30:55 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:31:05 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:31:15 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:31:25 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:31:36 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:31:46 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:31:56 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:32:06 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:32:16 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:32:26 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:32:36 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:32:46 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:32:56 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:33:07 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:33:17 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:33:27 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:33:37 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:33:47 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:33:57 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:34:07 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:34:17 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:34:28 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:34:38 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:34:48 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:34:58 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:35:08 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:35:18 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:35:28 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:35:38 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:35:48 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:35:58 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:36:08 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:36:18 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:36:29 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:36:39 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:36:49 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:36:59 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:37:09 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:37:20 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:37:30 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:37:40 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:37:50 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:38:00 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:38:10 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:38:20 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:38:30 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:38:40 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:38:50 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:39:00 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:39:10 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:39:21 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:39:31 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:39:41 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:39:51 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:40:01 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:40:11 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:40:21 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:40:31 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:40:41 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:40:52 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:41:02 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:41:12 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:41:22 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:41:32 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:41:42 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:41:52 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:42:02 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:42:12 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:42:22 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:42:32 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:42:42 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:42:52 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:43:03 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:43:13 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:43:23 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:43:33 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:43:43 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:43:53 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:44:04 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:44:14 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:44:24 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:44:34 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:44:44 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:44:54 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:45:04 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:45:14 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:45:24 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:45:34 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:45:45 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:45:55 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:46:05 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:46:15 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:46:25 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:46:35 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:46:45 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:46:55 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:47:05 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:47:15 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:47:25 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:47:35 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:47:45 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:47:56 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:48:06 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:48:16 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:48:26 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:48:36 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:48:46 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:48:56 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:49:06 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:49:16 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:49:26 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:49:36 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:49:46 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:49:56 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:50:07 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:50:17 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:50:27 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:50:37 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:50:47 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:50:57 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:51:07 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:51:17 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:51:28 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:51:38 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:51:48 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:51:58 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:52:08 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:52:18 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:52:28 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:52:38 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:52:48 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:52:59 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:53:09 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:53:19 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:53:29 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:53:39 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:53:49 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:53:59 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:54:09 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:54:20 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:54:30 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:54:40 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:54:50 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:55:00 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:55:10 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:55:20 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:55:30 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:55:40 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:55:51 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:56:01 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:56:11 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:56:21 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:56:31 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:56:41 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:56:51 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:57:01 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:57:11 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:57:22 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:57:32 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:57:42 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:57:52 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:58:02 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:58:12 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:58:22 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:58:32 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:58:43 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:58:53 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:59:03 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:59:13 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:59:23 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:59:33 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:59:43 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 16:59:53 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 17:00:03 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 17:00:13 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 17:00:23 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 17:00:33 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 17:00:43 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 17:00:54 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 17:01:04 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 17:01:14 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 17:01:24 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 17:01:34 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 17:01:44 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 17:01:54 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 17:02:04 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 17:02:14 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 17:02:25 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 17:02:35 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 17:02:45 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 17:02:56 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 17:03:06 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 17:03:16 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 17:03:27 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 17:03:37 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 17:03:47 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 17:03:58 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 17:04:08 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 17:04:19 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 17:04:30 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 17:04:41 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 17:04:51 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 17:05:01 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 17:05:11 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 17:05:22 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 17:05:32 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 17:05:43 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 17:05:53 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 17:06:03 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 17:06:13 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 17:06:25 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 17:06:35 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 17:06:45 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 17:06:56 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 17:07:14 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 17:07:24 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 17:07:34 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 17:07:45 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 17:07:55 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 17:08:05 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 17:08:15 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 17:08:26 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 17:08:36 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 17:08:47 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 17:08:57 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 17:09:07 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 17:09:17 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 17:09:27 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 17:09:38 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 17:09:48 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 17:09:58 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 17:10:08 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 17:10:18 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 17:10:28 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 17:10:39 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 17:10:49 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 17:10:59 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 17:11:09 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 17:11:19 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 17:11:29 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 17:11:39 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 17:11:49 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 17:11:59 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 17:12:09 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 17:12:20 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 17:12:30 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 17:12:40 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 17:12:50 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 17:13:00 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 17:13:10 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 17:13:20 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 17:13:30 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 17:13:41 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 17:13:51 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 17:14:01 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 17:14:11 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 17:14:21 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 17:14:31 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 17:14:41 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 17:14:52 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY
2012/11/26 17:15:02 -0500 PAM-PC Pam DETECTION C:\Windows\svchost.exe Trojan.Agent DENY

Jay Pfoutz · Nov 26, 2012

Hello, and welcome to TechSpot.

Please see here for the board rules and other FAQ.

Please feel free to introduce yourself, after you follow the steps below to get started.

Information

From this point on, please do not make any more changes to your computer; such as install/uninstall programs, use special fix tools, delete files, edit the registry, etc. - unless advised by a malware removal helper.
Please do not ask for help elsewhere (in this site or other sites). Doing so can result in system changes, which may not show up in the logs you post.
If you have already asked for help somewhere, please post the link to the topic you were helped.
We try our best to reply quickly, but for any reason we do not reply in two days, please reply to this topic with the word BUMP!
Lastly, keep in mind that we are volunteers, so you do not have to pay for malware removal. Persist in this topic until its close, and your computer is declared clean.

Farbar Recovery Scan Tool x64

Download Farbar Recovery Scan Tool and save it to a flash drive.

Please make sure to get the 64-bit version

Plug the flashdrive into the infected PC.

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:

Restart the computer.
As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
Use the arrow keys to select the Repair your computer menu item.
Choose your language settings, and then click Next.
Select the operating system you want to repair, and then click Next.
Select your user account and click Next.

To enter System Recovery Options by using Windows installation disc:

Insert the installation disc.
Restart your computer.
If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
Click Repair your computer.
Choose your language settings, and then click Next.
Select the operating system you want to repair, and then click Next.
Select your user account an click Next.

On the System Recovery Options menu you will get the following options:

- Startup Repair
  System Restore
  Windows Complete PC Restore
  Windows Memory Diagnostic Tool
  Command Prompt
Select Command Prompt
In the command window type in notepad and press Enter.
The notepad opens. Under File menu select Open.
Select "Computer" and find your flash drive letter and close the notepad.
In the command window type e:\frst.exe and press Enter
Note: Replace letter e with the drive letter of your flash drive.
The tool will start to run.
When the tool opens click Yes to the disclaimer.
Place a check next to List Drivers MD5 as well as the default check marks that are already there
Press Scan button. It will do its scan and save a log on your flash drive.
Close out of the message after that, then type in the text services.exe in to the "Search:" text box. Then, press the Search file(s) button, just as below:

When done searching, FRST makes a log, Search.txt, on the C:\ drive or on your flash drive.
Type exit in the Command Prompt window and reboot the computer normally
FRST will make a log (FRST.txt) on the flash drive and also the search.txt logfile, please copy and paste the logs in your reply.

F1forever · Nov 26, 2012

Quick note before I do Farbar. Downloaded DDS as per initial instuctions and it has bee running for about an hour with no results. Can't seem to stop or restart it.

F1forever · Nov 26, 2012

I know Farbar is OK on my flash, but when I try to run it on the infected computer from the command prompt by typing "g:\frst.exe" I get the response "not recognized as an internal or external command, operable program, or batch file".

Jay Pfoutz · Nov 27, 2012

Yours might be named frst64.exe, try that.

F1forever · Nov 28, 2012

Thanks that did the trick. Here's the log. It may be a while before I get back as computer went into Chkdsk on reboot and seems to have been at the same point for an hour or two but HD is working so I hope it finishes.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 23-11-2012
Ran by SYSTEM at 27-11-2012 19:19:08
Running from F:\
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
The current controlset is ControlSet001

==================== Registry (Whitelisted) ===================

HKLM\...\Run: [DellStage] "C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\start.umj" --startup [207350 2011-01-25] ()
HKLM-x32\...\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe [1117528 2010-08-25] (Dell, Inc.)
HKLM-x32\...\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey [1674896 2011-09-16] (McAfee, Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [35736 2012-04-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [843712 2012-01-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] [x]
HKLM-x32\...\Run: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe" [240112 2010-11-25] (Sonic Solutions)
HKLM-x32\...\Run: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe" [514544 2010-11-17] ()
HKLM-x32\...\Run: [HostManager] C:\Program Files (x86)\Common Files\AOL\1318811360\ee\AOLSoftware.exe [41800 2010-03-08] (AOL Inc.)
HKLM-x32\...\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [254696 2011-06-09] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY [3143800 2012-11-06] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe" [997320 2012-11-08] ()
HKLM-x32\...\Run: [ROC_ROC_NT] "C:\Program Files (x86)\AVG Secure Search\ROC_ROC_NT.exe" / /PROMPT /CMPID=ROC_NT [856160 2012-09-20] ()
HKU\Pam\...\Run: [AOL Fast Start] "C:\Program Files (x86)\AOL Desktop 9.6\AOL.EXE" -b [42320 2011-04-25] (AOL Inc.)
Winlogon\Notify\GoToAssist: C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll [X]
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

==================== Services (Whitelisted) ===================

2 AVGIDSAgent; "C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe" [5814392 2012-11-06] (AVG Technologies CZ, s.r.o.)
2 avgwd; "C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe" [196664 2012-10-22] (AVG Technologies CZ, s.r.o.)
2 DefaultTabUpdate; "C:\Users\Pam\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe" [107520 2012-11-26] ()
2 MBAMScheduler; "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe" [399432 2012-09-29] (Malwarebytes Corporation)
2 MBAMService; "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe" [676936 2012-09-29] (Malwarebytes Corporation)
3 McAWFwk; C:\PROGRA~1\mcafee\msc\mcawfwk.exe [220528 2010-08-30] (McAfee, Inc.)
2 McMPFSvc; "C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [249936 2011-01-27] (McAfee, Inc.)
2 mcmscsvc; "C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [249936 2011-01-27] (McAfee, Inc.)
2 McNaiAnn; "C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [249936 2011-01-27] (McAfee, Inc.)
2 McNASvc; "C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [249936 2011-01-27] (McAfee, Inc.)
3 McODS; "C:\Program Files\mcafee\VirusScan\mcods.exe" [501768 2011-06-23] (McAfee, Inc.)
4 McOobeSv; "C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [249936 2011-01-27] (McAfee, Inc.)
2 McProxy; "C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [249936 2011-01-27] (McAfee, Inc.)
2 McShield; "C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe" [199272 2011-10-18] (McAfee, Inc.)
2 mfefire; "C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe" [208536 2011-10-18] (McAfee, Inc.)
2 mfevtp; "C:\Windows\system32\mfevtps.exe" [161168 2011-10-18] (McAfee, Inc.)
2 MSK80Service; "C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [249936 2011-01-27] (McAfee, Inc.)
2 vToolbarUpdater13.2.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe [711112 2012-11-08] ()
2 ZDManager Service; "C:\Program Files (x86)\ZD Systems\ZD Manager\ZDManagerService.exe" /run [176640 2012-10-18] ()

==================== Drivers (Whitelisted) =====================

3 ATWPKT2; C:\Windows\SysWow64\Drivers\ATWPKT2.sys [24904 2010-07-13] (America Online)
1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [154464 2012-10-22] (AVG Technologies CZ, s.r.o. )
0 AVGIDSHA; C:\Windows\System32\Drivers\AVGIDSHA.sys [63328 2012-10-15] (AVG Technologies CZ, s.r.o. )
1 Avgldx64; C:\Windows\System32\Drivers\Avgldx64.sys [185696 2012-10-02] (AVG Technologies CZ, s.r.o.)
0 Avgloga; C:\Windows\System32\Drivers\Avgloga.sys [225120 2012-09-21] (AVG Technologies CZ, s.r.o.)
0 Avgmfx64; C:\Windows\System32\Drivers\Avgmfx64.sys [111456 2012-10-05] (AVG Technologies CZ, s.r.o.)
0 Avgrkx64; C:\Windows\System32\Drivers\Avgrkx64.sys [40800 2012-09-14] (AVG Technologies CZ, s.r.o.)
1 Avgtdia; C:\Windows\System32\Drivers\Avgtdia.sys [200032 2012-09-21] (AVG Technologies CZ, s.r.o.)
1 avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys [30568 2012-11-08] (AVG Technologies)
3 cfwids; C:\Windows\System32\Drivers\cfwids.sys [65264 2011-10-15] (McAfee, Inc.)
3 MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [25928 2012-09-29] (Malwarebytes Corporation)
3 mfeapfk; C:\Windows\System32\Drivers\mfeapfk.sys [160280 2011-10-15] (McAfee, Inc.)
3 mfeavfk; C:\Windows\System32\Drivers\mfeavfk.sys [229528 2011-10-15] (McAfee, Inc.)
3 mfefirek; C:\Windows\System32\Drivers\mfefirek.sys [481768 2011-10-15] (McAfee, Inc.)
0 mfehidk; C:\Windows\System32\Drivers\mfehidk.sys [647080 2011-10-15] (McAfee, Inc.)
1 mfenlfk; C:\Windows\System32\Drivers\mfenlfk.sys [75808 2011-10-15] (McAfee, Inc.)
3 mferkdet; C:\Windows\System32\Drivers\mferkdet.sys [100912 2011-10-15] (McAfee, Inc.)
0 mfewfpk; C:\Windows\System32\Drivers\mfewfpk.sys [284648 2011-10-15] (McAfee, Inc.)

==================== NetSvcs (Whitelisted) ====================

==================== One Month Created Files and Folders ========

2012-11-27 08:08 - 2009-07-13 19:14 - 00020480 ____A (Microsoft Corporation) C:\Windows\svchost.exe
2012-11-27 08:07 - 2012-11-27 08:07 - 00262144 ____A C:\Windows\Minidump\112712-31746-01.dmp
2012-11-27 08:03 - 2012-11-27 08:03 - 00262144 ____A C:\Windows\Minidump\112712-59171-01.dmp
2012-11-27 03:01 - 2012-11-27 08:03 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2012-11-27 03:01 - 2012-11-27 03:01 - 00000618 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2012-11-26 18:34 - 2012-11-26 18:34 - 00262144 ____A C:\Windows\Minidump\112612-29000-01.dmp
2012-11-26 18:31 - 2012-11-26 18:31 - 00262144 ____A C:\Windows\Minidump\112612-29452-01.dmp
2012-11-26 17:32 - 2012-11-26 17:32 - 00262144 ____A C:\Windows\Minidump\112612-32167-01.dmp
2012-11-26 17:07 - 2012-11-26 17:07 - 00262144 ____A C:\Windows\Minidump\112612-25942-01.dmp
2012-11-26 16:51 - 2012-11-26 16:51 - 00688992 ____R (Swearware) C:\Users\Pam\Desktop\dds.com
2012-11-26 16:33 - 2012-11-26 16:33 - 00000000 ____D C:\Users\Pam\Application Data\DefaultTab
2012-11-26 16:33 - 2012-11-26 16:33 - 00000000 ____D C:\Users\Pam\AppData\Roaming\DefaultTab
2012-11-26 16:33 - 2012-11-26 16:33 - 00000000 ____D C:\Users\All Users\ZDManagerService
2012-11-26 16:33 - 2012-11-26 16:33 - 00000000 ____D C:\Users\All Users\WeCareReminder
2012-11-26 16:33 - 2012-11-26 16:33 - 00000000 ____D C:\Users\All Users\Application Data\ZDManagerService
2012-11-26 16:33 - 2012-11-26 16:33 - 00000000 ____D C:\Users\All Users\Application Data\WeCareReminder
2012-11-26 16:33 - 2012-11-26 16:33 - 00000000 ____D C:\Program Files (x86)\ZD Systems
2012-11-26 16:33 - 2012-11-26 16:33 - 00000000 ____D C:\Program Files (x86)\7-Zip
2012-11-26 16:32 - 2012-11-26 16:33 - 00000000 ____D C:\Users\All Users\Yahoo! Companion
2012-11-26 16:32 - 2012-11-26 16:33 - 00000000 ____D C:\Users\All Users\Application Data\Yahoo! Companion
2012-11-26 16:32 - 2012-11-26 16:32 - 00000000 ____D C:\Users\Pam\Application Data\Yahoo!
2012-11-26 16:32 - 2012-11-26 16:32 - 00000000 ____D C:\Users\Pam\AppData\Roaming\Yahoo!
2012-11-26 16:32 - 2012-11-26 16:32 - 00000000 ____D C:\Users\All Users\Yahoo!
2012-11-26 16:32 - 2012-11-26 16:32 - 00000000 ____D C:\Users\All Users\Application Data\Yahoo!
2012-11-26 16:32 - 2012-11-26 16:32 - 00000000 ____D C:\Program Files (x86)\Yahoo!
2012-11-26 16:30 - 2012-11-26 16:30 - 01639104 ____A (W3i, LLC) C:\Users\Pam\Desktop\7zip_bimo_d154539.exe
2012-11-26 14:41 - 2012-11-26 14:41 - 00262144 ____A C:\Windows\Minidump\112612-30560-01.dmp
2012-11-23 16:30 - 2012-11-23 16:30 - 00262144 ____A C:\Windows\Minidump\112312-26254-01.dmp
2012-11-23 16:13 - 2012-11-23 16:13 - 00262144 ____A C:\Windows\Minidump\112312-22510-01.dmp
2012-11-23 14:19 - 2012-11-23 14:19 - 00262144 ____A C:\Windows\Minidump\112312-35537-01.dmp
2012-11-23 13:05 - 2012-11-23 13:05 - 00262144 ____A C:\Windows\Minidump\112312-36223-01.dmp
2012-11-23 12:40 - 2012-11-23 12:40 - 00262144 ____A C:\Windows\Minidump\112312-27112-01.dmp
2012-11-23 11:53 - 2012-11-23 11:53 - 00001111 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2012-11-23 11:53 - 2012-11-23 11:53 - 00001111 ____A C:\Users\All Users\Desktop\Malwarebytes Anti-Malware.lnk
2012-11-23 11:53 - 2012-11-23 11:53 - 00000000 ____D C:\Users\Pam\Application Data\Malwarebytes
2012-11-23 11:53 - 2012-11-23 11:53 - 00000000 ____D C:\Users\Pam\AppData\Roaming\Malwarebytes
2012-11-23 11:52 - 2012-11-23 11:53 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-11-23 11:52 - 2012-11-23 11:52 - 00000000 ____D C:\Users\All Users\Malwarebytes
2012-11-23 11:52 - 2012-11-23 11:52 - 00000000 ____D C:\Users\All Users\Application Data\Malwarebytes
2012-11-23 11:52 - 2012-09-29 18:54 - 00025928 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2012-11-18 19:40 - 2012-11-21 19:26 - 00015856 ____A C:\Users\Pam\My Documents\BranfordCalls(Knapp)2012HolidayPartyFINAL-COMPLETED2.xlsx
2012-11-18 19:40 - 2012-11-21 19:26 - 00015856 ____A C:\Users\Pam\Documents\BranfordCalls(Knapp)2012HolidayPartyFINAL-COMPLETED2.xlsx
2012-11-18 19:29 - 2012-11-18 19:29 - 00015765 ____A C:\Users\Pam\My Documents\ranfordCalls(Knapp)2012HolidayPartyFINAL-COMPLETEDedit2.xlsx
2012-11-18 19:29 - 2012-11-18 19:29 - 00015765 ____A C:\Users\Pam\Documents\ranfordCalls(Knapp)2012HolidayPartyFINAL-COMPLETEDedit2.xlsx
2012-11-17 16:17 - 2012-11-17 16:18 - 00262144 ____A C:\Windows\Minidump\111712-39530-01.dmp
2012-11-17 16:10 - 2012-11-17 16:10 - 00262144 ____A C:\Windows\Minidump\111712-23883-01.dmp
2012-11-17 15:43 - 2012-11-17 15:43 - 00262144 ____A C:\Windows\Minidump\111712-23431-01.dmp
2012-11-17 15:33 - 2012-11-17 18:29 - 00000000 ____D C:\Users\Pam\My Documents\BranfordCalls(Knapp)2012H2
2012-11-17 15:33 - 2012-11-17 18:29 - 00000000 ____D C:\Users\Pam\Documents\BranfordCalls(Knapp)2012H2
2012-11-17 15:33 - 2012-11-17 15:33 - 00155119 ____A C:\Users\Pam\My Documents\BranfordCalls(Knapp)2012H2.zip
2012-11-17 15:33 - 2012-11-17 15:33 - 00155119 ____A C:\Users\Pam\Documents\BranfordCalls(Knapp)2012H2.zip
2012-11-17 15:21 - 2012-11-17 17:05 - 00000000 ____D C:\Users\Pam\My Documents\BranfordCalls(Knapp)2012Holiday
2012-11-17 15:21 - 2012-11-17 17:05 - 00000000 ____D C:\Users\Pam\Documents\BranfordCalls(Knapp)2012Holiday
2012-11-17 15:21 - 2012-11-17 15:21 - 00155119 ____A C:\Users\Pam\My Documents\BranfordCalls(Knapp)2012Holiday.zip
2012-11-17 15:21 - 2012-11-17 15:21 - 00155119 ____A C:\Users\Pam\Documents\BranfordCalls(Knapp)2012Holiday.zip
2012-11-16 23:44 - 2012-11-17 15:39 - 95023320 ___AT C:\Users\All Users\dsgsdgdsgdsgw.pad
2012-11-16 23:44 - 2012-11-17 15:39 - 95023320 ___AT C:\Users\All Users\Application Data\dsgsdgdsgdsgw.pad
2012-11-16 23:44 - 2012-11-16 23:44 - 00000688 ____A C:\ctfmon.lnk
2012-11-15 08:38 - 2012-11-15 08:38 - 00262144 ____A C:\Windows\Minidump\111512-23150-01.dmp
2012-11-15 08:35 - 2012-11-15 08:35 - 00262144 ____A C:\Windows\Minidump\111512-48360-01.dmp
2012-11-14 14:06 - 2012-11-18 11:55 - 00000000 ____D C:\Users\Pam\My Documents\BranfordCalls(Knapp)2012HolidayParty
2012-11-14 14:06 - 2012-11-18 11:55 - 00000000 ____D C:\Users\Pam\Documents\BranfordCalls(Knapp)2012HolidayParty
2012-11-14 14:06 - 2012-11-17 15:10 - 00155119 ____A C:\Users\Pam\My Documents\BranfordCalls(Knapp)2012HolidayParty.zip
2012-11-14 14:06 - 2012-11-17 15:10 - 00155119 ____A C:\Users\Pam\Documents\BranfordCalls(Knapp)2012HolidayParty.zip
2012-11-13 08:32 - 2012-11-13 08:32 - 00262144 ____A C:\Windows\Minidump\111312-26130-01.dmp
2012-11-13 08:28 - 2012-11-13 08:28 - 00262144 ____A C:\Windows\Minidump\111312-33275-01.dmp
2012-11-13 06:51 - 2012-11-13 06:52 - 00000496 ____A C:\Users\Pam\Desktop\avgrep.txt
2012-11-13 06:49 - 2012-11-13 06:49 - 00262144 ____A C:\Windows\Minidump\111312-32604-01.dmp
2012-11-13 06:27 - 2012-11-13 06:27 - 00262144 ____A C:\Windows\Minidump\111312-33961-01.dmp
2012-11-13 06:18 - 2012-11-13 06:18 - 00262144 ____A C:\Windows\Minidump\111312-31761-01.dmp
2012-11-13 06:10 - 2012-11-13 06:10 - 00262144 ____A C:\Windows\Minidump\111312-39468-01.dmp
2012-11-11 09:02 - 2012-11-11 09:02 - 04477834 ____A C:\Users\Pam\My Documents\IMG_3174.zip
2012-11-11 09:02 - 2012-11-11 09:02 - 04477834 ____A C:\Users\Pam\Documents\IMG_3174.zip
2012-11-11 09:02 - 2012-11-11 09:02 - 00000000 ____D C:\Users\Pam\My Documents\IMG_3174
2012-11-11 09:02 - 2012-11-11 09:02 - 00000000 ____D C:\Users\Pam\Documents\IMG_3174
2012-11-09 23:39 - 2012-11-09 23:40 - 00000000 ____D C:\Users\Pam\My Documents\Foster_Survival_Guide
2012-11-09 23:39 - 2012-11-09 23:40 - 00000000 ____D C:\Users\Pam\Documents\Foster_Survival_Guide
2012-11-09 23:39 - 2012-11-09 23:39 - 00038267 ____A C:\Users\Pam\My Documents\Foster_Survival_Guide.zip
2012-11-09 23:39 - 2012-11-09 23:39 - 00038267 ____A C:\Users\Pam\Documents\Foster_Survival_Guide.zip
2012-11-08 11:17 - 2012-11-08 11:17 - 00262144 ____A C:\Windows\Minidump\110812-32323-01.dmp
2012-11-05 15:19 - 2012-11-05 15:19 - 00000932 ____A C:\Users\Public\Desktop\EPSON Scan.lnk
2012-11-05 15:19 - 2012-11-05 15:19 - 00000932 ____A C:\Users\All Users\Desktop\EPSON Scan.lnk
2012-11-05 15:19 - 2012-11-05 15:19 - 00000000 ____D C:\Program Files (x86)\epson
2012-11-05 15:19 - 2012-11-05 15:19 - 00000000 ____D C:\EPSON
2012-11-05 15:19 - 2006-10-12 23:00 - 00066560 ____A (SEIKO EPSON CORP.) C:\Windows\System32\esxcwiab.dll
2012-11-04 10:49 - 2012-11-04 10:49 - 01404004 ____A C:\Users\Pam\My Documents\Lulu1.zip
2012-11-04 10:49 - 2012-11-04 10:49 - 01404004 ____A C:\Users\Pam\Documents\Lulu1.zip
2012-11-04 10:49 - 2012-11-04 10:49 - 00000000 ____D C:\Users\Pam\My Documents\Lulu1
2012-11-04 10:49 - 2012-11-04 10:49 - 00000000 ____D C:\Users\Pam\Documents\Lulu1
2012-11-03 13:52 - 2012-11-03 13:52 - 00352419 ____A C:\Users\Pam\My Documents\joy2.zip
2012-11-03 13:52 - 2012-11-03 13:52 - 00352419 ____A C:\Users\Pam\Documents\joy2.zip
2012-11-03 13:52 - 2012-11-03 13:52 - 00000000 ____D C:\Users\Pam\My Documents\joy2
2012-11-03 13:52 - 2012-11-03 13:52 - 00000000 ____D C:\Users\Pam\Documents\joy2
2012-11-03 01:54 - 2012-11-03 01:54 - 00000009 ____A C:\END
2012-11-03 01:54 - 2012-11-03 01:54 - 00000000 ____D C:\Users\Pam\Local Settings\Conduit
2012-11-03 01:54 - 2012-11-03 01:54 - 00000000 ____D C:\Users\Pam\Local Settings\Application Data\Conduit
2012-11-03 01:54 - 2012-11-03 01:54 - 00000000 ____D C:\Users\Pam\AppData\Local\Conduit
2012-11-03 01:54 - 2012-11-03 01:54 - 00000000 ____D C:\Program Files (x86)\SocialSearchBar_App
2012-11-03 01:54 - 2012-11-03 01:54 - 00000000 ____D C:\Program Files (x86)\Conduit
2012-11-03 01:53 - 2012-11-03 01:53 - 00000000 ____D C:\Program Files (x86)\UnfriendApp

==================== One Month Modified Files and Folders =======

2012-11-27 19:18 - 2012-11-27 19:18 - 00000000 ____D C:\FRST
2012-11-27 08:13 - 2009-07-13 23:13 - 00782748 ____A C:\Windows\System32\PerfStringBackup.INI
2012-11-27 08:07 - 2012-11-27 08:07 - 00262144 ____A C:\Windows\Minidump\112712-31746-01.dmp
2012-11-27 08:07 - 2012-09-02 13:02 - 459995047 ____A C:\Windows\MEMORY.DMP
2012-11-27 08:07 - 2012-09-02 13:02 - 00000000 ____D C:\Windows\Minidump
2012-11-27 08:05 - 2011-05-28 00:42 - 00000000 ____D C:\Program Files (x86)\Dell DataSafe Local Backup
2012-11-27 08:03 - 2012-11-27 08:03 - 00262144 ____A C:\Windows\Minidump\112712-59171-01.dmp
2012-11-27 08:03 - 2012-11-27 03:01 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2012-11-27 08:03 - 2009-07-13 22:51 - 00039111 ____A C:\Windows\setupact.log
2012-11-27 03:10 - 2009-07-13 22:45 - 00021296 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2012-11-27 03:10 - 2009-07-13 22:45 - 00021296 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2012-11-27 03:01 - 2012-11-27 03:01 - 00000618 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2012-11-26 18:48 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\registration
2012-11-26 18:34 - 2012-11-26 18:34 - 00262144 ____A C:\Windows\Minidump\112612-29000-01.dmp
2012-11-26 18:31 - 2012-11-26 18:31 - 00262144 ____A C:\Windows\Minidump\112612-29452-01.dmp
2012-11-26 17:32 - 2012-11-26 17:32 - 00262144 ____A C:\Windows\Minidump\112612-32167-01.dmp
2012-11-26 17:12 - 2012-09-20 07:15 - 00000000 ____D C:\Users\All Users\MFAData
2012-11-26 17:12 - 2012-09-20 07:15 - 00000000 ____D C:\Users\All Users\Application Data\MFAData
2012-11-26 17:07 - 2012-11-26 17:07 - 00262144 ____A C:\Windows\Minidump\112612-25942-01.dmp
2012-11-26 16:51 - 2012-11-26 16:51 - 00688992 ____R (Swearware) C:\Users\Pam\Desktop\dds.com
2012-11-26 16:33 - 2012-11-26 16:33 - 00000000 ____D C:\Users\Pam\Application Data\DefaultTab
2012-11-26 16:33 - 2012-11-26 16:33 - 00000000 ____D C:\Users\Pam\AppData\Roaming\DefaultTab
2012-11-26 16:33 - 2012-11-26 16:33 - 00000000 ____D C:\Users\All Users\ZDManagerService
2012-11-26 16:33 - 2012-11-26 16:33 - 00000000 ____D C:\Users\All Users\WeCareReminder
2012-11-26 16:33 - 2012-11-26 16:33 - 00000000 ____D C:\Users\All Users\Application Data\ZDManagerService
2012-11-26 16:33 - 2012-11-26 16:33 - 00000000 ____D C:\Users\All Users\Application Data\WeCareReminder
2012-11-26 16:33 - 2012-11-26 16:33 - 00000000 ____D C:\Program Files (x86)\ZD Systems
2012-11-26 16:33 - 2012-11-26 16:33 - 00000000 ____D C:\Program Files (x86)\7-Zip
2012-11-26 16:33 - 2012-11-26 16:32 - 00000000 ____D C:\Users\All Users\Yahoo! Companion
2012-11-26 16:33 - 2012-11-26 16:32 - 00000000 ____D C:\Users\All Users\Application Data\Yahoo! Companion
2012-11-26 16:32 - 2012-11-26 16:32 - 00000000 ____D C:\Users\Pam\Application Data\Yahoo!
2012-11-26 16:32 - 2012-11-26 16:32 - 00000000 ____D C:\Users\Pam\AppData\Roaming\Yahoo!
2012-11-26 16:32 - 2012-11-26 16:32 - 00000000 ____D C:\Users\All Users\Yahoo!
2012-11-26 16:32 - 2012-11-26 16:32 - 00000000 ____D C:\Users\All Users\Application Data\Yahoo!
2012-11-26 16:32 - 2012-11-26 16:32 - 00000000 ____D C:\Program Files (x86)\Yahoo!
2012-11-26 16:30 - 2012-11-26 16:30 - 01639104 ____A (W3i, LLC) C:\Users\Pam\Desktop\7zip_bimo_d154539.exe
2012-11-26 14:41 - 2012-11-26 14:41 - 00262144 ____A C:\Windows\Minidump\112612-30560-01.dmp
2012-11-23 16:30 - 2012-11-23 16:30 - 00262144 ____A C:\Windows\Minidump\112312-26254-01.dmp
2012-11-23 16:13 - 2012-11-23 16:13 - 00262144 ____A C:\Windows\Minidump\112312-22510-01.dmp
2012-11-23 14:19 - 2012-11-23 14:19 - 00262144 ____A C:\Windows\Minidump\112312-35537-01.dmp
2012-11-23 13:05 - 2012-11-23 13:05 - 00262144 ____A C:\Windows\Minidump\112312-36223-01.dmp
2012-11-23 12:40 - 2012-11-23 12:40 - 00262144 ____A C:\Windows\Minidump\112312-27112-01.dmp
2012-11-23 12:30 - 2010-11-20 21:47 - 00046888 ____A C:\Windows\PFRO.log
2012-11-23 11:53 - 2012-11-23 11:53 - 00001111 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2012-11-23 11:53 - 2012-11-23 11:53 - 00001111 ____A C:\Users\All Users\Desktop\Malwarebytes Anti-Malware.lnk
2012-11-23 11:53 - 2012-11-23 11:53 - 00000000 ____D C:\Users\Pam\Application Data\Malwarebytes
2012-11-23 11:53 - 2012-11-23 11:53 - 00000000 ____D C:\Users\Pam\AppData\Roaming\Malwarebytes
2012-11-23 11:53 - 2012-11-23 11:52 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-11-23 11:52 - 2012-11-23 11:52 - 00000000 ____D C:\Users\All Users\Malwarebytes
2012-11-23 11:52 - 2012-11-23 11:52 - 00000000 ____D C:\Users\All Users\Application Data\Malwarebytes
2012-11-21 19:26 - 2012-11-18 19:40 - 00015856 ____A C:\Users\Pam\My Documents\BranfordCalls(Knapp)2012HolidayPartyFINAL-COMPLETED2.xlsx
2012-11-21 19:26 - 2012-11-18 19:40 - 00015856 ____A C:\Users\Pam\Documents\BranfordCalls(Knapp)2012HolidayPartyFINAL-COMPLETED2.xlsx
2012-11-18 19:29 - 2012-11-18 19:29 - 00015765 ____A C:\Users\Pam\My Documents\ranfordCalls(Knapp)2012HolidayPartyFINAL-COMPLETEDedit2.xlsx
2012-11-18 19:29 - 2012-11-18 19:29 - 00015765 ____A C:\Users\Pam\Documents\ranfordCalls(Knapp)2012HolidayPartyFINAL-COMPLETEDedit2.xlsx
2012-11-18 11:55 - 2012-11-14 14:06 - 00000000 ____D C:\Users\Pam\My Documents\BranfordCalls(Knapp)2012HolidayParty
2012-11-18 11:55 - 2012-11-14 14:06 - 00000000 ____D C:\Users\Pam\Documents\BranfordCalls(Knapp)2012HolidayParty
2012-11-17 18:29 - 2012-11-17 15:33 - 00000000 ____D C:\Users\Pam\My Documents\BranfordCalls(Knapp)2012H2
2012-11-17 18:29 - 2012-11-17 15:33 - 00000000 ____D C:\Users\Pam\Documents\BranfordCalls(Knapp)2012H2
2012-11-17 18:20 - 2011-10-17 18:17 - 00000000 ____D C:\Users\Pam\Local Settings\Microsoft Help
2012-11-17 18:20 - 2011-10-17 18:17 - 00000000 ____D C:\Users\Pam\Local Settings\Application Data\Microsoft Help
2012-11-17 18:20 - 2011-10-17 18:17 - 00000000 ____D C:\Users\Pam\AppData\Local\Microsoft Help
2012-11-17 17:05 - 2012-11-17 15:21 - 00000000 ____D C:\Users\Pam\My Documents\BranfordCalls(Knapp)2012Holiday
2012-11-17 17:05 - 2012-11-17 15:21 - 00000000 ____D C:\Users\Pam\Documents\BranfordCalls(Knapp)2012Holiday
2012-11-17 16:18 - 2012-11-17 16:17 - 00262144 ____A C:\Windows\Minidump\111712-39530-01.dmp
2012-11-17 16:10 - 2012-11-17 16:10 - 00262144 ____A C:\Windows\Minidump\111712-23883-01.dmp
2012-11-17 15:43 - 2012-11-17 15:43 - 00262144 ____A C:\Windows\Minidump\111712-23431-01.dmp
2012-11-17 15:39 - 2012-11-16 23:44 - 95023320 ___AT C:\Users\All Users\dsgsdgdsgdsgw.pad
2012-11-17 15:39 - 2012-11-16 23:44 - 95023320 ___AT C:\Users\All Users\Application Data\dsgsdgdsgdsgw.pad
2012-11-17 15:33 - 2012-11-17 15:33 - 00155119 ____A C:\Users\Pam\My Documents\BranfordCalls(Knapp)2012H2.zip
2012-11-17 15:33 - 2012-11-17 15:33 - 00155119 ____A C:\Users\Pam\Documents\BranfordCalls(Knapp)2012H2.zip
2012-11-17 15:21 - 2012-11-17 15:21 - 00155119 ____A C:\Users\Pam\My Documents\BranfordCalls(Knapp)2012Holiday.zip
2012-11-17 15:21 - 2012-11-17 15:21 - 00155119 ____A C:\Users\Pam\Documents\BranfordCalls(Knapp)2012Holiday.zip
2012-11-17 15:10 - 2012-11-14 14:06 - 00155119 ____A C:\Users\Pam\My Documents\BranfordCalls(Knapp)2012HolidayParty.zip
2012-11-17 15:10 - 2012-11-14 14:06 - 00155119 ____A C:\Users\Pam\Documents\BranfordCalls(Knapp)2012HolidayParty.zip
2012-11-16 23:44 - 2012-11-16 23:44 - 00000688 ____A C:\ctfmon.lnk
2012-11-15 08:38 - 2012-11-15 08:38 - 00262144 ____A C:\Windows\Minidump\111512-23150-01.dmp
2012-11-15 08:35 - 2012-11-15 08:35 - 00262144 ____A C:\Windows\Minidump\111512-48360-01.dmp
2012-11-15 08:28 - 2011-05-28 01:23 - 00000000 ____D C:\Users\Default\Local Settings\SoftThinks
2012-11-15 08:28 - 2011-05-28 01:23 - 00000000 ____D C:\Users\Default\Local Settings\Application Data\SoftThinks
2012-11-15 08:28 - 2011-05-28 01:23 - 00000000 ____D C:\Users\Default\AppData\Local\SoftThinks
2012-11-15 08:28 - 2011-05-28 01:23 - 00000000 ____D C:\Users\Default User\Local Settings\SoftThinks
2012-11-15 08:28 - 2011-05-28 01:23 - 00000000 ____D C:\Users\Default User\Local Settings\Application Data\SoftThinks
2012-11-15 08:28 - 2011-05-28 01:23 - 00000000 ____D C:\Users\Default User\AppData\Local\SoftThinks
2012-11-13 08:32 - 2012-11-13 08:32 - 00262144 ____A C:\Windows\Minidump\111312-26130-01.dmp
2012-11-13 08:28 - 2012-11-13 08:28 - 00262144 ____A C:\Windows\Minidump\111312-33275-01.dmp
2012-11-13 06:52 - 2012-11-13 06:51 - 00000496 ____A C:\Users\Pam\Desktop\avgrep.txt
2012-11-13 06:51 - 2012-09-20 07:15 - 00000000 ____D C:\Users\Pam\Local Settings\Avg2013
2012-11-13 06:51 - 2012-09-20 07:15 - 00000000 ____D C:\Users\Pam\Local Settings\Application Data\Avg2013
2012-11-13 06:51 - 2012-09-20 07:15 - 00000000 ____D C:\Users\Pam\AppData\Local\Avg2013
2012-11-13 06:49 - 2012-11-13 06:49 - 00262144 ____A C:\Windows\Minidump\111312-32604-01.dmp
2012-11-13 06:27 - 2012-11-13 06:27 - 00262144 ____A C:\Windows\Minidump\111312-33961-01.dmp
2012-11-13 06:18 - 2012-11-13 06:18 - 00262144 ____A C:\Windows\Minidump\111312-31761-01.dmp
2012-11-13 06:10 - 2012-11-13 06:10 - 00262144 ____A C:\Windows\Minidump\111312-39468-01.dmp
2012-11-11 09:02 - 2012-11-11 09:02 - 04477834 ____A C:\Users\Pam\My Documents\IMG_3174.zip
2012-11-11 09:02 - 2012-11-11 09:02 - 04477834 ____A C:\Users\Pam\Documents\IMG_3174.zip
2012-11-11 09:02 - 2012-11-11 09:02 - 00000000 ____D C:\Users\Pam\My Documents\IMG_3174
2012-11-11 09:02 - 2012-11-11 09:02 - 00000000 ____D C:\Users\Pam\Documents\IMG_3174
2012-11-09 23:40 - 2012-11-09 23:39 - 00000000 ____D C:\Users\Pam\My Documents\Foster_Survival_Guide
2012-11-09 23:40 - 2012-11-09 23:39 - 00000000 ____D C:\Users\Pam\Documents\Foster_Survival_Guide
2012-11-09 23:39 - 2012-11-09 23:39 - 00038267 ____A C:\Users\Pam\My Documents\Foster_Survival_Guide.zip
2012-11-09 23:39 - 2012-11-09 23:39 - 00038267 ____A C:\Users\Pam\Documents\Foster_Survival_Guide.zip
2012-11-08 11:29 - 2012-09-20 07:25 - 00000967 ____A C:\Users\Public\Desktop\AVG 2013.lnk
2012-11-08 11:29 - 2012-09-20 07:25 - 00000967 ____A C:\Users\All Users\Desktop\AVG 2013.lnk
2012-11-08 11:17 - 2012-11-08 11:17 - 00262144 ____A C:\Windows\Minidump\110812-32323-01.dmp
2012-11-08 10:31 - 2012-09-20 07:25 - 00000000 ____D C:\Users\All Users\AVG Secure Search
2012-11-08 10:31 - 2012-09-20 07:25 - 00000000 ____D C:\Users\All Users\Application Data\AVG Secure Search
2012-11-08 10:31 - 2012-09-20 07:24 - 00030568 ____A (AVG Technologies) C:\Windows\System32\Drivers\avgtpx64.sys
2012-11-08 10:31 - 2012-09-20 07:24 - 00000000 ____D C:\Program Files (x86)\AVG Secure Search
2012-11-05 15:19 - 2012-11-05 15:19 - 00000932 ____A C:\Users\Public\Desktop\EPSON Scan.lnk
2012-11-05 15:19 - 2012-11-05 15:19 - 00000932 ____A C:\Users\All Users\Desktop\EPSON Scan.lnk
2012-11-05 15:19 - 2012-11-05 15:19 - 00000000 ____D C:\Program Files (x86)\epson
2012-11-05 15:19 - 2012-11-05 15:19 - 00000000 ____D C:\EPSON
2012-11-04 10:49 - 2012-11-04 10:49 - 01404004 ____A C:\Users\Pam\My Documents\Lulu1.zip
2012-11-04 10:49 - 2012-11-04 10:49 - 01404004 ____A C:\Users\Pam\Documents\Lulu1.zip
2012-11-04 10:49 - 2012-11-04 10:49 - 00000000 ____D C:\Users\Pam\My Documents\Lulu1
2012-11-04 10:49 - 2012-11-04 10:49 - 00000000 ____D C:\Users\Pam\Documents\Lulu1
2012-11-03 13:52 - 2012-11-03 13:52 - 00352419 ____A C:\Users\Pam\My Documents\joy2.zip
2012-11-03 13:52 - 2012-11-03 13:52 - 00352419 ____A C:\Users\Pam\Documents\joy2.zip
2012-11-03 13:52 - 2012-11-03 13:52 - 00000000 ____D C:\Users\Pam\My Documents\joy2
2012-11-03 13:52 - 2012-11-03 13:52 - 00000000 ____D C:\Users\Pam\Documents\joy2
2012-11-03 01:54 - 2012-11-03 01:54 - 00000009 ____A C:\END
2012-11-03 01:54 - 2012-11-03 01:54 - 00000000 ____D C:\Users\Pam\Local Settings\Conduit
2012-11-03 01:54 - 2012-11-03 01:54 - 00000000 ____D C:\Users\Pam\Local Settings\Application Data\Conduit
2012-11-03 01:54 - 2012-11-03 01:54 - 00000000 ____D C:\Users\Pam\AppData\Local\Conduit
2012-11-03 01:54 - 2012-11-03 01:54 - 00000000 ____D C:\Program Files (x86)\SocialSearchBar_App
2012-11-03 01:54 - 2012-11-03 01:54 - 00000000 ____D C:\Program Files (x86)\Conduit
2012-11-03 01:53 - 2012-11-03 01:53 - 00000000 ____D C:\Program Files (x86)\UnfriendApp

ZeroAccess:
C:\Windows\Installer\{75e5ac81-c8d7-a73a-fc39-04499a001110}
C:\Windows\Installer\{75e5ac81-c8d7-a73a-fc39-04499a001110}\@
C:\Windows\Installer\{75e5ac81-c8d7-a73a-fc39-04499a001110}\L
C:\Windows\Installer\{75e5ac81-c8d7-a73a-fc39-04499a001110}\U
C:\Windows\Installer\{75e5ac81-c8d7-a73a-fc39-04499a001110}\L\00000004.@
C:\Windows\Installer\{75e5ac81-c8d7-a73a-fc39-04499a001110}\L\201d3dde
C:\Windows\Installer\{75e5ac81-c8d7-a73a-fc39-04499a001110}\U\00000004.@
C:\Windows\Installer\{75e5ac81-c8d7-a73a-fc39-04499a001110}\U\00000008.@
C:\Windows\Installer\{75e5ac81-c8d7-a73a-fc39-04499a001110}\U\000000cb.@
C:\Windows\Installer\{75e5ac81-c8d7-a73a-fc39-04499a001110}\U\80000000.@
C:\Windows\Installer\{75e5ac81-c8d7-a73a-fc39-04499a001110}\U\80000032.@
C:\Windows\Installer\{75e5ac81-c8d7-a73a-fc39-04499a001110}\U\80000064.@

ZeroAccess:
C:\Windows\assembly\GAC_32\Desktop.ini

ZeroAccess:
C:\Windows\assembly\GAC_64\Desktop.ini

ATTENTION: ========> Check for possible partition/boot infection:
C:\Windows\svchost.exe

==================== Known DLLs (Whitelisted) =================

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

TDL4: custom:26000022 <===== ATTENTION!

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points =========================

Restore point made on: 2012-11-22 23:00:14

==================== Memory info ===========================

Percentage of memory in use: 9%
Total physical RAM: 8104.63 MB
Available physical RAM: 7308.13 MB
Total Pagefile: 8102.83 MB
Available Pagefile: 7299.32 MB
Total Virtual: 8192 MB
Available Virtual: 8191.9 MB

==================== Partitions =============================

1 Drive c: (OS) (Fixed) (Total:917.66 GB) (Free:626.16 GB) NTFS
4 Drive f: () (Removable) (Total:7.45 GB) (Free:7.4 GB) FAT32
5 Drive g: (RECOVERY) (Fixed) (Total:13.81 GB) (Free:6.03 GB) NTFS ==>[System with boot components (obtained from reading drive)]
ATTENTION: Malware custom entry on BCD on drive g: detected. Check for MBR/Partition infection.
6 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 931 GB 0 B
Disk 1 No Media 0 B 0 B
Disk 2 Online 7633 MB 0 B

Partitions of Disk 0:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 OEM 39 MB 31 KB
Partition 2 Primary 13 GB 40 MB
Partition 3 Primary 917 GB 13 GB

==================================================================================

Disk: 0
Partition 1
Type : DE
Hidden: Yes
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 5 FAT Partition 39 MB Healthy Hidden

=========================================================

Disk: 0
Partition 2
Type : 07
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 G RECOVERY NTFS Partition 13 GB Healthy

=========================================================

Disk: 0
Partition 3
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 C OS NTFS Partition 917 GB Healthy

=========================================================

Partitions of Disk 2:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 7633 MB 16 KB

==================================================================================

Disk: 2
Partition 1
Type : 0B
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 4 F FAT32 Removable 7633 MB Healthy

=========================================================

Last Boot: 2012-11-26 01:05

==================== End Of Log =============================

Jay Pfoutz · Nov 29, 2012

FRST Fixlist

Please download attached fixlist.txt below, and save it to your flash drive in the same location as FRST.exe. Make sure it maintains the same name, otherwise the fix will fail.

NOTICE: This script was written specifically for this user, for use on this particular machine. Running this on another machine may cause damage to your operating system

Now, please enter System Recovery Options then select Command Prompt.

Run FRST and press the Fix button just once and wait.
The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.

Now restart, let it boot normally and tell me how it went.

TDSSKiller Scan

Please download and run TDSSKiller to your desktop as outlined below:

Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.

For Windows XP, double-click to start.
For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.

-------------------------

Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.

------------------------

Click the Start Scan button.

-----------------------

If a suspicious object is detected, the default action will be Skip, click on Continue
If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose
Skip and click on Continue

----------------------

If malicious objects are found, they will show in the Scan results and offer three (3) options.

Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

--------------------

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.
Sometimes these logs can be very large, in that case please attach it or zip it up and attach it.

-------------------

Here's a summary of what to do if you would like to print it out:

If a suspicious object is detected, the default action will be Skip, click on Continue
If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose
Skip and click on Continue

If malicious objects are found, they will show in the Scan results and offer three (3) options.

Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

F1forever · Nov 30, 2012

Farbar said Fix is done. Will run TDSSKiller a little later. Here's a copy of the Fix log:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 23-11-2012
Ran by SYSTEM at 2012-11-30 10:21:27 Run:1
Running from G:\

==============================================

C:\Windows\Installer\{75e5ac81-c8d7-a73a-fc39-04499a001110} moved successfully.
C:\Windows\assembly\GAC_32\Desktop.ini moved successfully.
C:\Windows\assembly\GAC_64\Desktop.ini moved successfully.
C:\Windows\svchost.exe moved successfully.

The operation completed successfully.
The operation completed successfully.

==== End of Fixlog ====

Jay Pfoutz · Nov 30, 2012

OKay, will wait for TDSSKiller.

F1forever · Nov 30, 2012

Not sure why I got 3 logs except TDSS did a new scan on reboot. Will post all 3 in order. Scan #1 attached.

F1forever · Nov 30, 2012

Scan #2

F1forever · Nov 30, 2012

Scan #3

Jay Pfoutz · Dec 1, 2012

Run TDSSKiller once more please, and delete the TDSS file system. Post new log once done...and do this:

avast! aswMBR

Please download aswMBR from here

Save aswMBR.exe to your Desktop
Double click aswMBR.exe to run it
Uncheck "Trace disk IO calls".
Click the Scan button to start the scan as illustrated below

Note: Do not take action against any **Rootkit** entries until I have reviewed the log. Often there are false positives.

Once the scan finishes click Save log to save the log to your Desktop
Copy and paste the contents of aswMBR.txt back here for review
Please also find MBR.dat on your Desktop, and rename it to MBRscan.txt. Upload that as well. Do not copy and paste MBR.dat/txt, it needs to be uploaded.

F1forever · Dec 1, 2012

Here is the TDSS log. Will get to aswMBR a little later

F1forever · Dec 1, 2012

The MBR.txt log:

aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2012-12-01 14:18:56
-----------------------------
14:18:56.920 OS Version: Windows x64 6.1.7601 Service Pack 1
14:18:56.920 Number of processors: 4 586 0x2A07
14:18:56.920 ComputerName: PAM-PC UserName: Pam
14:18:59.619 Initialize success
14:19:25.464 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
14:19:25.480 Disk 0 Vendor: WDC_WD10EALX-759BA0 15.01H15 Size: 953869MB BusType: 3
14:19:25.480 Disk 0 MBR read successfully
14:19:25.495 Disk 0 MBR scan
14:19:25.495 Disk 0 Windows VISTA default MBR code
14:19:25.495 Disk 0 Partition 1 00 DE Dell Utility DELL 4.1 39 MB offset 63
14:19:25.511 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 14142 MB offset 81920
14:19:25.527 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 939686 MB offset 29044736
14:19:25.558 Disk 0 scanning C:\Windows\system32\drivers
14:19:29.941 Service scanning
14:19:40.737 Modules scanning
14:19:40.737 Scan finished successfully
14:20:22.217 Disk 0 MBR has been saved successfully to "C:\Users\Pam\Desktop\MBR.dat"
14:20:22.217 The log file has been saved successfully to "C:\Users\Pam\Desktop\aswMBR.txt"

F1forever · Dec 1, 2012

MBRscan.txt upload

Jay Pfoutz · Dec 2, 2012

Run TDSSKiller again and delete the TDSS File System please, and post a new log...

ComboFix scan

Please download ComboFix

by sUBs
From BleepingComputer.com

Please save the file to your Desktop.

Important information about ComboFix

After the download:

Close any open browsers.
Very Important: Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results". Please visit here if you don't know how.
WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
Please do not attempt to re-connect your machine back to the Internet until ComboFix has completely finished.
If there is no Internet connection after running ComboFix, then restart your computer to restore back your connection.

Running ComboFix:

Double click on ComboFix.exe & follow the prompts.
When ComboFix finishes, it will produce a report for you.
Please post the report, which will launch or be found at "C:\Combo-Fix.txt" in your next reply.

Troubleshooting ComboFix

Safe Mode:

If you still cannot get ComboFix to run, try booting into Safe Mode, and run it there.

(To boot into Safe Mode, tap F8 after BIOS, and just before the Windows
logo appears. A list of options will appear, select "Safe Mode.")

Re-downloading:

If this doesn't work either, try the same method (above method), but try to download it again, except name
ComboFix.exe to iexplore.exe, explorer.exe, or winlogon.exe.

Malware is known for blocking all "user" processes, except for its whitelist of system important processes such as iexplore.exe, explorer.exe, winlogon.exe.

NOTE: If you encounter a message "illegal operation attempted on registry key that has been marked for deletion" and no programs will run - please just reboot and that will resolve that error.

F1forever · Dec 3, 2012

Sorry, mis-understood about deleting TDSS File System. Now done. Here's the log.

F1forever · Dec 3, 2012

Combo Fix has been sitting at "Completed Stage_48" for nearly 2 hours. Normal?

Jay Pfoutz · Dec 4, 2012

That can be normal, not usual or unusual. Did it complete?

F1forever · Dec 4, 2012

Nope. It's been 19 hours and still working, at least I think it is. HD is working on something. Completed stage 50 now.

F1forever · Dec 4, 2012

Forgot to mention had a power drop during the first scan and had to restart it.

F1forever · Dec 4, 2012

After 22 hours Combo Fix is finally done. Had to attach the log as it is nearly 70K.

Solved Yet another Patched.64 (and other) issues

Posts: 31 +0

Posts: 31 +0

Posts: 31 +0

Posts: 4,279 +49

Posts: 31 +0

Posts: 31 +0

Posts: 4,279 +49

Posts: 31 +0

Posts: 4,279 +49

Attachments

Posts: 31 +0

Posts: 4,279 +49

Posts: 31 +0

Attachments

Posts: 31 +0

Attachments

Posts: 31 +0

Attachments

Posts: 4,279 +49

Posts: 31 +0

Attachments

Posts: 31 +0

Posts: 31 +0

Attachments

Posts: 4,279 +49

Posts: 31 +0

Attachments

Posts: 31 +0

Posts: 4,279 +49

Posts: 31 +0

Posts: 31 +0

Posts: 31 +0

Attachments

Similar threads