Jump to content

tanyagbrown42

Members
 View Profile  See their activity

  • Posts

    3

  • Joined

  • Last visited

 Content Type 

Posts posted by tanyagbrown42

    Google redirect via firefox browser

    in Resolved Malware Removal Logs

    Posted

    DDS

    DDS (Ver_2012-11-20.01) - NTFS_AMD64

    Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 10.9.2

    Run by Tanya at 15:09:35 on 2012-11-21

    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3767.1436 [GMT -5:00]

    .

    AV: Norton 360 Premier Edition *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}

    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

    SP: Norton 360 Premier Edition *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}

    FW: Norton 360 Premier Edition *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

    .

    ============== Running Processes ===============

    .

    C:\Windows\system32\lsm.exe

    C:\Windows\system32\svchost.exe -k DcomLaunch

    C:\Windows\system32\svchost.exe -k RPCSS

    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

    C:\Windows\system32\svchost.exe -k netsvcs

    C:\Windows\system32\svchost.exe -k LocalService

    C:\Windows\system32\svchost.exe -k NetworkService

    C:\Windows\system32\WLANExt.exe

    C:\Windows\System32\spoolsv.exe

    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

    C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

    C:\Program Files\Bonjour\mDNSResponder.exe

    C:\Program Files (x86)\Launch Manager\dsiwmis.exe

    C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe

    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

    C:\Program Files (x86)\Acer\Registration\GREGsvc.exe

    C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

    C:\Program Files (x86)\Norton 360\Engine\6.4.0.9\ccSvcHst.exe

    C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe

    C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe

    C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe

    C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

    C:\Program Files\Acer\Acer Updater\UpdaterService.exe

    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

    C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

    C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

    C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE

    C:\Windows\system32\SearchIndexer.exe

    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

    C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

    C:\Program Files\Windows Media Player\wmpnetwk.exe

    C:\Windows\system32\taskhost.exe

    C:\Program Files (x86)\Norton 360\Engine\6.4.0.9\ccSvcHst.exe

    C:\Windows\system32\Dwm.exe

    C:\Windows\Explorer.EXE

    C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

    C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe

    C:\Windows\System32\igfxtray.exe

    C:\Windows\System32\hkcmd.exe

    C:\Windows\System32\igfxpers.exe

    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

    C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe

    C:\Program Files\Logitech\SetPointP\SetPoint.exe

    C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE

    C:\Users\Tanya\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe

    C:\Windows\system32\wbem\unsecapp.exe

    C:\Windows\system32\wbem\wmiprvse.exe

    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

    C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe

    C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

    C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe

    C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe

    C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe

    C:\Program Files (x86)\Launch Manager\LManager.exe

    C:\Windows\System32\svchost.exe -k LocalServicePeerNet

    C:\Program Files (x86)\iTunes\iTunesHelper.exe

    C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe

    C:\Program Files (x86)\Launch Manager\LMworker.exe

    C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE

    C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe

    C:\Program Files\iPod\bin\iPodService.exe

    Q:\140062.enu\Office14\MSOSYNC.EXE

    Q:\140062.enu\Office14\ONENOTEM.EXE

    C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe

    C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office15\CsiSyncClient.EXE

    C:\Windows\system32\taskhost.exe

    C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE

    C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

    C:\Windows\splwow64.exe

    C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe

    C:\Program Files (x86)\Mozilla Firefox\firefox.exe

    C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe

    C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe

    C:\Windows\system32\wbem\wmiprvse.exe

    C:\Windows\System32\cscript.exe

    .

    ============== Pseudo HJT Report ===============

    .

    uStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&m=aspire_5741&r=273608106905l04g4z1i5t4592n718

    uDefault_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&m=aspire_5741&r=273608106905l04g4z1i5t4592n718

    mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&m=aspire_5741&r=273608106905l04g4z1i5t4592n718

    mDefault_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&m=aspire_5741&r=273608106905l04g4z1i5t4592n718

    uURLSearchHooks: {A3BC75A2-1F87-4686-AA43-5347D756017C} - <orphaned>

    uURLSearchHooks: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll

    uURLSearchHooks: <No Name>: - LocalServer32 - <no file>

    mURLSearchHooks: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll

    mWinlogon: Userinit = userinit.exe,

    BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

    BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\6.4.0.9\coieplg.dll

    BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\6.4.0.9\ips\ipsbho.dll

    BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

    BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

    BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL

    BHO: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll

    BHO: Microsoft SPFS Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\office15\grooveex.dll

    BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

    TB: Vuze Remote Toolbar: {BA14329E-9550-4989-B3F2-9732E92D17CC} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll

    TB: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll

    TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\6.4.0.9\coieplg.dll

    uRun: [OfficeSyncProcess] "C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE" /quietlaunch "MSOSYNC 9014006204090000"

    uRun: [Weather] C:\Program Files (x86)\AWS\WeatherBug\Weather.exe 1

    uRun: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe

    uRun: [skyDrive] "C:\Users\Tanya\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background

    uRunOnce: [uninstall C:\Users\Tanya\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910_1\amd64] C:\Windows\System32\cmd.exe /q /c rmdir /s /q "C:\Users\Tanya\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910_1\amd64"

    mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

    mRun: [suiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"

    mRun: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d

    mRun: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"

    mRun: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED

    mRun: [backupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k

    mRun: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe

    mRun: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe

    mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

    mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

    mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

    mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

    mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

    StartupFolder: C:\Users\Tanya\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Tanya\AppData\Roaming\Dropbox\bin\Dropbox.exe

    StartupFolder: C:\Users\Tanya\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\EVERNO~1.LNK - C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe

    StartupFolder: C:\Users\Tanya\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVH.EXE

    mPolicies-Explorer: NoActiveDesktop = dword:1

    mPolicies-Explorer: NoActiveDesktopChanges = dword:1

    mPolicies-System: ConsentPromptBehaviorAdmin = dword:5

    mPolicies-System: ConsentPromptBehaviorUser = dword:3

    mPolicies-System: EnableUIADesktopToggle = dword:0

    IE: Add to Evernote 4.0 - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204

    IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200

    IE: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000

    IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll/cmsidewiki.html

    IE: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105

    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

    IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

    IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204

    .

    INFO: HKCU has more than 50 listed domains.

    If you wish to scan all of them, select the 'Force scan all domains' option.

    .

    .

    INFO: HKLM has more than 50 listed domains.

    If you wish to scan all of them, select the 'Force scan all domains' option.

    .

    DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} - hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx

    TCP: NameServer = 75.75.75.75 75.75.76.76 192.168.1.1

    TCP: Interfaces\{35C6CC6C-8F4E-4E1A-BC14-57D46E7F8C3E} : DHCPNameServer = 192.168.2.1

    TCP: Interfaces\{BE4F799E-D4F4-4B5B-9E31-0EFD654F9858} : NameServer = 208.67.222.222,208.67.220.220

    TCP: Interfaces\{BE4F799E-D4F4-4B5B-9E31-0EFD654F9858} : DHCPNameServer = 75.75.75.75 75.75.76.76 192.168.1.1

    TCP: Interfaces\{BE4F799E-D4F4-4B5B-9E31-0EFD654F9858}\75962756C6563735 : DHCPNameServer = 192.168.1.1

    TCP: Interfaces\{BE4F799E-D4F4-4B5B-9E31-0EFD654F9858}\B43555 : DHCPNameServer = 130.218.123.30 130.218.102.48

    TCP: Interfaces\{BE4F799E-D4F4-4B5B-9E31-0EFD654F9858}\C696E6B6379737 : DHCPNameServer = 75.75.75.75 75.75.76.76

    TCP: Interfaces\{BE4F799E-D4F4-4B5B-9E31-0EFD654F9858}\E6F6470297F6572702E6564777F627B6 : DHCPNameServer = 192.168.2.1

    Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

    Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\msosb.dll

    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

    SSODL: WebCheck - <orphaned>

    x64-mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&m=aspire_5741&r=273608106905l04g4z1i5t4592n718

    x64-mDefault_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&m=aspire_5741&r=273608106905l04g4z1i5t4592n718

    x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll

    x64-BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll

    x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

    x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL

    x64-BHO: Microsoft SPFS Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL

    x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll

    x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s

    x64-Run: [mwlDaemon] C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe

    x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe

    x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe

    x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe

    x64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe

    x64-Run: [Acer ePower Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe

    x64-Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming

    x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

    x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll

    x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

    .

    INFO: x64-HKLM has more than 50 listed domains.

    If you wish to scan all of them, select the 'Force scan all domains' option.

    .

    x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

    x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - <orphaned>

    x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>

    x64-Notify: igfxcui - igfxdev.dll

    x64-Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll

    x64-SSODL: WebCheck - <orphaned>

    Hosts: 127.0.0.1 www.spywareinfo.com

    .

    ================= FIREFOX ===================

    .

    FF - ProfilePath - C:\Users\Tanya\AppData\Roaming\Mozilla\Firefox\Profiles\owrwh8rm.default\

    FF - prefs.js: browser.startup.homepage - hxxp://my.yahoo.com/

    FF - prefs.js: keyword.URL - hxxp://search.avg.com/route/?d=4cd711cb&v=6.011.025.001&i=23&tp=ab&iy=&ychte=us&lng=en-US&q=

    FF - prefs.js: network.proxy.type - 0

    FF - component: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\coFFPlgn\components\coFFPlgn.dll

    FF - component: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\IPSFFPlgn\components\IPSFFPl.dll

    FF - component: C:\Users\Tanya\AppData\Roaming\Mozilla\Firefox\Profiles\owrwh8rm.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\components\RadioWMPCoreGecko19.dll

    FF - component: C:\Users\Tanya\AppData\Roaming\Mozilla\Firefox\Profiles\owrwh8rm.default\extensions\engine@conduit.com\components\RadioWMPCoreGecko19.dll

    FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL

    FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

    FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

    FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll

    FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll

    FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll

    FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npdeployJava1.dll

    FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll

    FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

    FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll

    FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

    FF - plugin: C:\Program Files\Microsoft Office 15\root\Office15\npspwrap.dll

    FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_110.dll

    FF - ExtSQL: 2012-10-01 11:09; {E0B8C461-F8FB-49b4-8373-FE32E9252800}; C:\Users\Tanya\AppData\Roaming\Mozilla\Firefox\Profiles\owrwh8rm.default\extensions\{E0B8C461-F8FB-49b4-8373-FE32E9252800}

    FF - ExtSQL: 2012-11-06 17:15; zotero@chnm.gmu.edu; C:\Users\Tanya\AppData\Roaming\Mozilla\Firefox\Profiles\owrwh8rm.default\extensions\zotero@chnm.gmu.edu

    FF - ExtSQL: 2012-11-06 17:15; zoteroWinWordIntegration@zotero.org; C:\Users\Tanya\AppData\Roaming\Mozilla\Firefox\Profiles\owrwh8rm.default\extensions\zoteroWinWordIntegration@zotero.org

    .

    ============= SERVICES / DRIVERS ===============

    .

    R0 SymDS;Symantec Data Store;C:\Windows\System32\drivers\N360x64\0604000.009\symds64.sys [2012-10-2 451192]

    R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\N360x64\0604000.009\symefa64.sys [2012-10-2 1129120]

    R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.1.2\Definitions\BASHDefs\20121106.001\BHDrvx64.sys [2012-10-23 1384608]

    R1 ccSet_N360;Norton 360 Settings Manager;C:\Windows\System32\drivers\N360x64\0604000.009\ccsetx64.sys [2012-10-2 167072]

    R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.1.2\Definitions\IPSDefs\20121120.001\IDSviA64.sys [2012-11-20 513184]

    R1 mwlPSDFilter;mwlPSDFilter;C:\Windows\System32\drivers\mwlPSDFilter.sys [2009-6-2 22576]

    R1 mwlPSDNServ;mwlPSDNServ;C:\Windows\System32\drivers\mwlPSDNserv.sys [2009-6-2 20016]

    R1 mwlPSDVDisk;mwlPSDVDisk;C:\Windows\System32\drivers\mwlPSDVDisk.sys [2009-6-2 60464]

    R1 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\N360x64\0604000.009\ironx64.sys [2012-10-2 190072]

    R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\drivers\N360x64\0604000.009\symnets.sys [2012-10-2 405624]

    R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]

    R2 DsiWMIService;Dritek WMI Service;C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2010-4-23 312400]

    R2 ePowerSvc;Acer ePower Service;C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2010-5-11 866336]

    R2 GREGService;GREGService;C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2010-1-8 23584]

    R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-4-23 13336]

    R2 N360;Norton 360;C:\Program Files (x86)\Norton 360\Engine\6.4.0.9\ccsvchst.exe [2012-10-2 138272]

    R2 NTI IScheduleSvc;NTI IScheduleSvc;C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2010-3-8 250368]

    R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2009-11-5 144640]

    R2 OfficeSvc;Microsoft Office Service;C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2012-10-13 1494144]

    R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]

    R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\System32\drivers\TurboB.sys [2009-11-2 13784]

    R2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-4-23 2320920]

    R2 Updater Service;Updater Service;C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2010-4-23 243232]

    R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-8-9 138912]

    R3 HECIx64;Intel® Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2010-4-23 56344]

    R3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2010-4-23 158720]

    R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2010-4-23 271872]

    R3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;C:\Windows\System32\drivers\k57nd60a.sys [2010-3-21 321064]

    R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2011-10-1 764264]

    R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2011-10-1 268648]

    R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2011-10-1 25960]

    R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2011-10-1 22376]

    R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]

    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

    S3 MWLService;MyWinLocker Service;C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [2010-4-17 305520]

    S3 nosGetPlusHelper;getPlus® Helper 3004;C:\Windows\System32\svchost.exe -k nosGetPlusHelper [2009-7-13 27136]

    S3 NTIBackupSvc;NTI Backup Now 5 Backup Service;C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2009-11-5 50432]

    S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2010-4-23 239136]

    S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-7-2 59392]

    S3 TurboBoost;TurboBoost;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2009-11-2 126352]

    S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-7-9 52736]

    S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-8-30 1255736]

    .

    =============== Created Last 30 ================

    .

    2012-11-20 03:43:03 95208 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll

    2012-11-18 20:01:26 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy

    2012-11-18 20:01:26 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy

    2012-11-18 19:42:24 -------- d-----w- C:\Windows\pss

    2012-11-18 13:43:32 2560 ----a-w- C:\Windows\System32\drivers\en-US\wdf01000.sys.mui

    2012-11-18 13:43:31 9728 ----a-w- C:\Windows\System32\Wdfres.dll

    2012-11-18 13:43:31 785512 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys

    2012-11-18 13:43:31 54376 ----a-w- C:\Windows\System32\drivers\WdfLdr.sys

    2012-11-18 13:32:32 87040 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys

    2012-11-18 13:32:32 198656 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys

    2012-11-18 13:32:30 84992 ----a-w- C:\Windows\System32\WUDFSvc.dll

    2012-11-18 13:32:30 194048 ----a-w- C:\Windows\System32\WUDFPlatform.dll

    2012-11-18 13:32:29 744448 ----a-w- C:\Windows\System32\WUDFx.dll

    2012-11-18 13:32:29 45056 ----a-w- C:\Windows\System32\WUDFCoinstaller.dll

    2012-11-18 13:32:29 229888 ----a-w- C:\Windows\System32\WUDFHost.exe

    2012-11-17 18:31:36 55296 ----a-w- C:\Windows\System32\dhcpcsvc6.dll

    2012-10-26 21:24:34 96224 ----a-w- C:\Program Files (x86)\Mozilla Firefox\webapprt-stub.exe

    2012-10-25 08:12:26 94208 ----a-w- C:\Windows\SysWow64\QuickTimeVR.qtx

    2012-10-25 08:12:26 69632 ----a-w- C:\Windows\SysWow64\QuickTime.qts

    .

    ==================== Find3M ====================

    .

    2012-11-20 03:42:41 746984 ----a-w- C:\Windows\SysWow64\deployJava1.dll

    2012-11-08 19:44:26 73656 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

    2012-11-08 19:44:26 697272 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

    2012-10-18 18:25:58 3149824 ----a-w- C:\Windows\System32\win32k.sys

    2012-10-09 18:17:13 226816 ----a-w- C:\Windows\System32\dhcpcore6.dll

    2012-10-09 17:40:31 44032 ----a-w- C:\Windows\SysWow64\dhcpcsvc6.dll

    2012-10-09 17:40:31 193536 ----a-w- C:\Windows\SysWow64\dhcpcore6.dll

    2012-10-03 17:56:54 1914248 ----a-w- C:\Windows\System32\drivers\tcpip.sys

    2012-10-03 17:44:21 70656 ----a-w- C:\Windows\System32\nlaapi.dll

    2012-10-03 17:44:21 303104 ----a-w- C:\Windows\System32\nlasvc.dll

    2012-10-03 17:44:17 246272 ----a-w- C:\Windows\System32\netcorehc.dll

    2012-10-03 17:44:17 18944 ----a-w- C:\Windows\System32\netevent.dll

    2012-10-03 17:44:16 216576 ----a-w- C:\Windows\System32\ncsi.dll

    2012-10-03 17:42:16 569344 ----a-w- C:\Windows\System32\iphlpsvc.dll

    2012-10-03 16:42:24 18944 ----a-w- C:\Windows\SysWow64\netevent.dll

    2012-10-03 16:42:24 175104 ----a-w- C:\Windows\SysWow64\netcorehc.dll

    2012-10-03 16:42:23 156672 ----a-w- C:\Windows\SysWow64\ncsi.dll

    2012-10-03 16:07:26 45568 ----a-w- C:\Windows\System32\drivers\tcpipreg.sys

    2012-09-25 22:47:43 78336 ----a-w- C:\Windows\SysWow64\synceng.dll

    2012-09-25 22:46:17 95744 ----a-w- C:\Windows\System32\synceng.dll

    2012-09-14 19:19:29 2048 ----a-w- C:\Windows\System32\tzres.dll

    2012-09-14 18:28:53 2048 ----a-w- C:\Windows\SysWow64\tzres.dll

    2012-09-09 23:56:51 916456 ----a-w- C:\Windows\System32\deployJava1.dll

    2012-09-09 23:56:51 108008 ----a-w- C:\Windows\System32\WindowsAccessBridge-64.dll

    2012-09-09 23:56:51 1034216 ----a-w- C:\Windows\System32\npDeployJava1.dll

    2012-09-07 21:04:46 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys

    2012-08-31 18:19:35 1659760 ----a-w- C:\Windows\System32\drivers\ntfs.sys

    2012-08-30 18:03:45 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe

    2012-08-30 17:12:02 3968880 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe

    2012-08-30 17:12:02 3914096 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe

    2012-08-24 18:05:07 220160 ----a-w- C:\Windows\System32\wintrust.dll

    2012-08-24 18:05:06 1188864 ----a-w- C:\Windows\System32\wininet.dll

    2012-08-24 16:57:48 981504 ----a-w- C:\Windows\SysWow64\wininet.dll

    2012-08-24 16:57:48 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll

    2012-08-24 15:59:30 1638912 ----a-w- C:\Windows\System32\mshtml.tlb

    2012-08-24 15:20:39 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb

    .

    ============= FINISH: 15:13:00.46 ===============

    Attach

    .

    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

    IF REQUESTED, ZIP IT UP & ATTACH IT

    .

    DDS (Ver_2012-11-20.01)

    .

    Microsoft Windows 7 Home Premium

    Boot Device: \Device\HarddiskVolume2

    Install Date: 8/29/2010 4:19:13 AM

    System Uptime: 11/21/2012 12:34:12 AM (15 hours ago)

    .

    Motherboard: Acer | | Aspire 5741

    Processor: Intel® Core i5 CPU M 450 @ 2.40GHz | CPU | 1176/1066mhz

    .

    ==== Disk Partitions =========================

    .

    C: is FIXED (NTFS) - 452 GiB total, 99.596 GiB free.

    D: is CDROM ()

    .

    ==== Disabled Device Manager Items =============

    .

    ==== System Restore Points ===================

    .

    RP268: 11/11/2012 4:55:57 PM - Scheduled Checkpoint

    RP269: 11/18/2012 8:29:25 AM - Windows Update

    RP270: 11/19/2012 10:39:39 PM - Installed RuneScape Launcher 1.2.2

    RP271: 11/19/2012 10:42:23 PM - Installed Java 7 Update 9

    .

    ==== Installed Programs ======================

    .

    Acer Backup Manager

    Acer Crystal Eye webcam

    Acer ePower Management

    Acer eRecovery Management

    Acer Game Console

    Acer Games

    Acer Registration

    Acer ScreenSaver

    Acer Updater

    Acrobat.com

    Adobe AIR

    Adobe Digital Editions

    Adobe Download Manager

    Adobe Flash Player 11 ActiveX

    Adobe Flash Player 11 Plugin

    Adobe Reader X (10.1.4)

    aioprnt

    aioscnnr

    Amazon Kindle

    Amazon Send to Kindle

    Apple Application Support

    Apple Mobile Device Support

    Apple Software Update

    Backup Manager Basic

    Bejeweled

    Bejeweled 2 Deluxe

    Blackhawk Striker 2

    Bob the Builder Can-Do-Zoo

    Bonjour

    Broadcom Gigabit NetLink Controller

    Build-a-lot 2

    Cisco Connect

    Compatibility Pack for the 2007 Office system

    CyberLink PowerDVD 9

    D3DX10

    Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition

    Dropbox

    eReg

    Escape Rosecliff Island

    Evernote v. 4.5.8

    Faerie Solitaire

    FamilySearch Indexing 3.12.1

    FATE - The Traitor Soul

    iCloud

    Identity Card

    Intel® Control Center

    Intel® Graphics Media Accelerator Driver

    Intel® Management Engine Components

    Intel® Rapid Storage Technology

    Intel® Turbo Boost Technology Monitor

    iTunes

    Java 7 Update 7 (64-bit)

    Java 7 Update 9

    Java Auto Updater

    JavaFX 2.1.1

    Jewel Quest Solitaire 3

    Junk Mail filter update

    Launch Manager

    Logitech SetPoint 6.15

    Malwarebytes Anti-Malware version 1.65.0.1400

    Microsoft .NET Framework 4 Client Profile

    Microsoft Application Error Reporting

    Microsoft Office 2010 Service Pack 1 (SP1)

    Microsoft Office 365 Home Premium Preview - en-us

    Microsoft Office Access MUI (English) 2010

    Microsoft Office Access Setup Metadata MUI (English) 2010

    Microsoft Office Click-to-Run 2010

    Microsoft Office Excel MUI (English) 2010

    Microsoft Office Home and Business 2010 - English

    Microsoft Office Office 64-bit Components 2010

    Microsoft Office OneNote MUI (English) 2010

    Microsoft Office Outlook MUI (English) 2010

    Microsoft Office PowerPoint MUI (English) 2010

    Microsoft Office PowerPoint Viewer 2007 (English)

    Microsoft Office Professional 2010

    Microsoft Office Proof (English) 2010

    Microsoft Office Proof (French) 2010

    Microsoft Office Proof (Spanish) 2010

    Microsoft Office Proofing (English) 2010

    Microsoft Office Publisher MUI (English) 2010

    Microsoft Office Shared 64-bit MUI (English) 2010

    Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010

    Microsoft Office Shared MUI (English) 2010

    Microsoft Office Shared Setup Metadata MUI (English) 2010

    Microsoft Office Single Image 2010

    Microsoft Office Suite Activation Assistant

    Microsoft Office Word MUI (English) 2010

    Microsoft Silverlight

    Microsoft SkyDrive

    Microsoft SQL Server 2005 Compact Edition [ENU]

    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

    Microsoft Visual C++ 2005 Redistributable

    Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148

    Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

    Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570

    Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

    Microsoft Works

    MobileMe Control Panel

    Monopoly

    Mozilla Firefox 16.0.2 (x86 en-US)

    Mozilla Maintenance Service

    MSVCRT

    MSVCRT_amd64

    Mystery P.I. - Lost in Los Angeles

    MyWinLocker

    MyWinLocker Suite

    Norton 360

    Norton Online Backup

    NTI Backup Now 5

    NTI Backup Now Standard

    NTI Media Maker 8

    Office 15 Click-to-Run Extensibility Component

    Office 15 Click-to-Run Licensing Component

    OverDrive Media Console

    Penguins!

    Personal Ancestral File 5

    Personal Ancestral File Companion 5.4

    Picasa 3

    Plants vs. Zombies

    Polar Bowler

    Polar Golfer

    PreReq

    QuickTime

    Realtek High Definition Audio Driver

    Realtek USB 2.0 Card Reader

    RootsMagic 5.0.3.1

    Scrabble Plus

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)

    Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit Edition

    Security Update for Microsoft InfoPath 2010 (KB2687417) 32-Bit Edition

    Security Update for Microsoft Office 2010 (KB2553091)

    Security Update for Microsoft Office 2010 (KB2553096)

    Security Update for Microsoft Office 2010 (KB2553260) 32-Bit Edition

    Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition

    Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition

    Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition

    Security Update for Microsoft Office 2010 (KB2589322) 32-Bit Edition

    Security Update for Microsoft Office 2010 (KB2597986) 32-Bit Edition

    Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition

    Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition

    Security Update for Microsoft Visio Viewer 2010 (KB2598287) 32-Bit Edition

    Security Update for Microsoft Word 2010 (KB2553488) 32-Bit Edition

    Shredder

    Synaptics Pointing Device Driver

    The Price is Right

    Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

    Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

    Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

    Update for Microsoft Office 2010 (KB2494150)

    Update for Microsoft Office 2010 (KB2553065)

    Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition

    Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition

    Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition

    Update for Microsoft Office 2010 (KB2553272) 32-Bit Edition

    Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition

    Update for Microsoft Office 2010 (KB2566458)

    Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition

    Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition

    Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition

    Update for Microsoft OneNote 2010 (KB2687277) 32-Bit Edition

    Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition

    Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition

    Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition

    Virtual Families

    Virtual Villagers - A New Home

    Visual Studio 2008 x64 Redistributables

    Vuze

    Vuze Remote Toolbar

    Welcome Center

    Windows Live Communications Platform

    Windows Live Essentials

    Windows Live ID Sign-in Assistant

    Windows Live Installer

    Windows Live Language Selector

    Windows Live Mail

    Windows Live Messenger

    Windows Live MIME IFilter

    Windows Live Movie Maker

    Windows Live Photo Common

    Windows Live Photo Gallery

    Windows Live PIMT Platform

    Windows Live SOXE

    Windows Live SOXE Definitions

    Windows Live Sync

    Windows Live UX Platform

    Windows Live UX Platform Language Pack

    Windows Live Writer

    Windows Live Writer Resources

    WinRAR 4.01 (32-bit)

    WinZip 15.5

    Yahtzee

    Zuma Deluxe

    .

    ==== Event Viewer Messages From Past Week ========

    .

    11/19/2012 9:32:14 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

    11/18/2012 8:47:39 AM, Error: Tcpip [4199] - The system detected an address conflict for IP address 192.168.1.122 with the system having network hardware address E8-B7-48-BA-56-6C. Network operations on this system may be disrupted as a result.

    11/18/2012 2:25:20 PM, Error: Service Control Manager [7034] - The Client Virtualization Handler service terminated unexpectedly. It has done this 1 time(s).

    11/18/2012 2:23:49 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Intel® Rapid Storage Technology service to connect.

    11/18/2012 2:23:49 PM, Error: Service Control Manager [7000] - The Intel® Rapid Storage Technology service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

    11/14/2012 5:04:53 PM, Error: bowser [8003] - The master browser has received a server announcement from the computer DG-PC that believes that it is the master browser for the domain on transport NetBT_Tcpip_{BE4F799E-D4F4-4B5B-9E31-0EFD654F9858}. The master browser is stopping or an election is being forced.

    11/14/2012 4:19:24 PM, Error: Service Control Manager [7022] - The Windows Update service hung on starting.

    .

    ==== End Of File ===========================

    RogueKiller

    RogueKiller V8.3.1 [Nov 20 2012] by Tigzy

    mail: tigzyRK<at>gmail<dot>com

    Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/

    Website: http://tigzy.geekstogo.com/roguekiller.php

    Blog: http://tigzyrk.blogspot.com

    Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version

    Started in : Normal mode

    User : Tanya [Admin rights]

    Mode : Scan -- Date : 11/21/2012 15:08:16

    ¤¤¤ Bad processes : 3 ¤¤¤

    [sUSP PATH] dds.com -- C:\Users\Tanya\Desktop\dds.com -> KILLED [TermProc]

    [sUSP PATH] PEV.DAT -- C:\Users\Tanya\AppData\Local\Temp\nsn425D.tmp\PEV.DAT -> KILLED [TermProc]

    [RESIDUE] Dropbox.exe -- C:\Users\Tanya\AppData\Roaming\Dropbox\bin\Dropbox.exe -> KILLED [TermProc]

    ¤¤¤ Registry Entries : 7 ¤¤¤

    [RUN][sUSP PATH] HKCU\[...]\Run : SkyDrive ("C:\Users\Tanya\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background) -> FOUND

    [RUN][sUSP PATH] HKUS\S-1-5-21-1279665567-1158919054-642309598-1001[...]\Run : SkyDrive ("C:\Users\Tanya\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background) -> FOUND

    [RUN][sUSP PATH] HKCU\[...]\RunOnce : Uninstall C:\Users\Tanya\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910_1\amd64 (C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Tanya\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910_1\amd64") -> FOUND

    [RUN][sUSP PATH] HKUS\S-1-5-21-1279665567-1158919054-642309598-1001[...]\RunOnce : Uninstall C:\Users\Tanya\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910_1\amd64 (C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Tanya\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910_1\amd64") -> FOUND

    [sTARTUP][sUSP PATH] Dropbox.lnk @Tanya : C:\Users\Tanya\AppData\Roaming\Dropbox\bin\Dropbox.exe -> FOUND

    [HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND

    [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

    ¤¤¤ Particular Files / Folders: ¤¤¤

    ¤¤¤ Driver : [NOT LOADED] ¤¤¤

    ¤¤¤ HOSTS File: ¤¤¤

    --> C:\Windows\system32\drivers\etc\hosts

    127.0.0.1 www.007guard.com

    127.0.0.1 007guard.com

    127.0.0.1 008i.com

    127.0.0.1 www.008k.com

    127.0.0.1 008k.com

    127.0.0.1 www.00hq.com

    127.0.0.1 00hq.com

    127.0.0.1 010402.com

    127.0.0.1 www.032439.com

    127.0.0.1 032439.com

    127.0.0.1 www.0scan.com

    127.0.0.1 0scan.com

    127.0.0.1 www.1000gratisproben.com

    127.0.0.1 1000gratisproben.com

    127.0.0.1 1001namen.com

    127.0.0.1 www.1001namen.com

    127.0.0.1 100888290cs.com

    127.0.0.1 www.100888290cs.com

    127.0.0.1 www.100sexlinks.com

    127.0.0.1 100sexlinks.com

    [...]

    ¤¤¤ MBR Check: ¤¤¤

    +++++ PhysicalDrive0: WDC WD5000BEVT-22A0RT0 +++++

    --- User ---

    [MBR] 93aed65ecf9781df2f584d51e2ccfc78

    [bSP] a6d3f7d8ba11dd9db5c6a3a4797a1c62 : Windows 7/8 MBR Code

    Partition table:

    0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 63 | Size: 14339 Mo

    1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 29366820 | Size: 101 Mo

    2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 29575665 | Size: 462497 Mo

    User = LL1 ... OK!

    User = LL2 ... OK!

    Finished : << RKreport[1]_S_11212012_02d1508.txt >>

    RKreport[1]_S_11212012_02d1508.txt

    Thank you for your help!

    Google redirect via firefox browser

    in Resolved Malware Removal Logs

    Posted

    Hello there, I have tried to fix a google redirect with Norton 360, MalwareBytes, TrendMicro scan, Spybot S&D, have checked the registery and hosts file.. I have affixed a Hijackthis log because I cannot, for the life of me, fix this issue.

    Please advise, thank you!

    Logfile of Trend Micro HijackThis v2.0.4

    Scan saved at 6:10:39 PM, on 11/20/2012

    Platform: Windows 7 SP1 (WinNT 6.00.3505)

    MSIE: Internet Explorer v8.00 (8.00.7601.17514)

    Boot mode: Normal

    Running processes:

    C:\Program Files (x86)\Norton 360\Engine\6.4.0.9\ccSvcHst.exe

    C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe

    C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE

    C:\Users\Tanya\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe

    C:\Users\Tanya\AppData\Roaming\Dropbox\bin\Dropbox.exe

    C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

    C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe

    C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe

    C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe

    C:\Program Files (x86)\Launch Manager\LManager.exe

    C:\Program Files (x86)\iTunes\iTunesHelper.exe

    C:\Program Files (x86)\Launch Manager\LMworker.exe

    C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe

    C:\Program Files (x86)\Mozilla Firefox\firefox.exe

    Q:\140062.enu\Office14\MSOSYNC.EXE

    Q:\140062.enu\Office14\ONENOTEM.EXE

    C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe

    C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office15\CsiSyncClient.EXE

    C:\Program Files (x86)\McAfee Security Scan\2.1.121\SSScheduler.exe

    C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE

    C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

    C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_110.exe

    C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_110.exe

    C:\Users\Tanya\Desktop\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&m=aspire_5741&r=273608106905l04g4z1i5t4592n718

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&m=aspire_5741&r=273608106905l04g4z1i5t4592n718

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&m=aspire_5741&r=273608106905l04g4z1i5t4592n718

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&m=aspire_5741&r=273608106905l04g4z1i5t4592n718

    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

    R3 - URLSearchHook: (no name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)

    R3 - URLSearchHook: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll

    R3 - URLSearchHook: (no name) - - (no file)

    F2 - REG:system.ini: UserInit=userinit.exe,

    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

    O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\6.4.0.9\coIEPlg.dll

    O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\6.4.0.9\IPS\IPSBHO.DLL

    O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

    O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL

    O2 - BHO: Vuze Remote - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll

    O2 - BHO: Microsoft SPFS Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL

    O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

    O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)

    O3 - Toolbar: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll

    O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\6.4.0.9\coIEPlg.dll

    O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

    O4 - HKLM\..\Run: [suiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"

    O4 - HKLM\..\Run: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d

    O4 - HKLM\..\Run: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"

    O4 - HKLM\..\Run: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED

    O4 - HKLM\..\Run: [backupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k

    O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe

    O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe

    O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

    O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

    O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE" /quietlaunch "MSOSYNC 9014006204090000"

    O4 - HKCU\..\Run: [Weather] C:\Program Files (x86)\AWS\WeatherBug\Weather.exe 1

    O4 - HKCU\..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe

    O4 - HKCU\..\Run: [skyDrive] "C:\Users\Tanya\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background

    O4 - HKCU\..\RunOnce: [uninstall C:\Users\Tanya\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910_1\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Tanya\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910_1\amd64"

    O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

    O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

    O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

    O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

    O4 - Startup: Dropbox.lnk = Tanya\AppData\Roaming\Dropbox\bin\Dropbox.exe

    O4 - Startup: EvernoteClipper.lnk = C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe

    O4 - Startup: OneNote 2010 Screen Clipper and Launcher.lnk = C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVH.EXE

    O4 - Global Startup: McAfee Security Scan Plus.lnk = ?

    O8 - Extra context menu item: Add to Evernote 4.0 - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204

    O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200

    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000

    O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll/cmsidewiki.html

    O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105

    O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

    O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

    O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

    O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

    O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

    O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)

    O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)

    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

    O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} (WRC Class) - http://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx

    O17 - HKLM\System\CCS\Services\Tcpip\..\{BE4F799E-D4F4-4B5B-9E31-0EFD654F9858}: NameServer = 208.67.222.222,208.67.220.220

    O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL

    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

    O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

    O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

    O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe

    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

    O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe

    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

    O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\Acer Games\Acer Game Console\GameConsoleService.exe

    O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe

    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

    O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

    O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe

    O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

    O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\2.1.121\McCHSvc.exe

    O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

    O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe

    O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files (x86)\Norton 360\Engine\6.4.0.9\ccSvcHst.exe

    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

    O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe

    O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe

    O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe

    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

    O23 - Service: Print Spooler (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

    O23 - Service: TurboBoost - Intel® Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe

    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

    O23 - Service: Intel® Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

    O23 - Service: Updater Service - Acer Group - C:\Program Files\Acer\Acer Updater\UpdaterService.exe

    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

    --

    End of file - 16803 bytes

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.