eNerve

Members

View Profile See their activity

Posts
18
Joined
October 2, 2013
Last visited
October 6, 2013

Content Type

All Activity

Events

Profiles

Forums

Topics
Posts

Everything posted by eNerve

Can't resolve "Search Assist"

eNerve replied to eNerve's topic in Resolved Malware Removal Logs

SystemLook 30.07.11 by jpshortstuff Log created at 20:17 on 05/10/2013 by FreshOats Administrator - Elevation successful ========== filefind ========== Searching for "*SearchAssist*" No files found. ========== folderfind ========== Searching for "*SearchAssist*" No folders found. ========== regfind ========== Searching for "SearchAssist" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "SearchAssistant"="http://www.google.com/ie" [HKEY_USERS\S-1-5-21-350978928-1145991243-2579747793-1001\Software\Microsoft\Internet Explorer\Search] "SearchAssistant"="http://www.google.com/ie" -= EOF =-
- October 6, 2013
- 27 replies
Can't resolve "Search Assist"

eNerve replied to eNerve's topic in Resolved Malware Removal Logs

I updated firefox. SearchAssist is still here.
- October 6, 2013
- 27 replies
Can't resolve "Search Assist"

eNerve replied to eNerve's topic in Resolved Malware Removal Logs

Results of screen317's Security Check version 0.99.74 Windows 7 Service Pack 1 x64 (UAC is enabled) Internet Explorer 10 ``````````````Antivirus/Firewall Check:`````````````` Windows Security Center service is not running! This report may not be accurate! Windows Firewall Enabled! avast! Antivirus Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware version 1.75.0.1300 Adobe Flash Player 11.8.800.168 Adobe Reader XI Mozilla Firefox 20.0.1 Firefox out of Date! Google Chrome 25.0.1364.172 Google Chrome 26.0.1410.43 ````````Process Check: objlist.exe by Laurent```````` Alwil Software Avast5 AvastSvc.exe Alwil Software Avast5 AvastUI.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: 2% ````````````````````End of Log``````````````````````
- October 5, 2013
- 27 replies
Can't resolve "Search Assist"

eNerve replied to eNerve's topic in Resolved Malware Removal Logs

Restarted the computer. Haven't seen the "search assist" yet! Thank you!
- October 4, 2013
- 27 replies
Can't resolve "Search Assist"

eNerve replied to eNerve's topic in Resolved Malware Removal Logs

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 02-10-2013 Ran by FreshOats at 2013-10-04 11:23:20 Run:1 Running from C:\Users\Justin\Desktop Boot Mode: Normal ============================================== Content of fixlist: ***************** MountPoints2: H - H:\HTC_Sync_Manager_PC.exe MountPoints2: {371182d0-98cc-11e2-af2b-00262d72f8e4} - E:\HTC_Sync_Manager_PC.exe MountPoints2: {371183a8-98cc-11e2-af2b-00262d72f8e4} - E:\HTC_Sync_Manager_PC.exe MountPoints2: {8a621e2d-6837-11e2-a384-00262d72f8e4} - E:\HTC_Sync_Manager_PC.exe MountPoints2: {c4ad687d-9ee7-11e2-9bc7-42883c5f1aff} - E:\HTC_Sync_Manager_PC.exe HKLM-x32\...\Run: [] - [x] HKLM-x32\...\Run: [sunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation) HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer...58z135t4871d712 HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/ BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} - No File BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) C:\Users\Justin\ij147-jdk6-64bit-setup.exe C:\Users\Justin\AppData\Local\Temp\AMPing.exe C:\Users\Justin\AppData\Local\Temp\AskSLib.dll C:\Users\Justin\AppData\Local\Temp\dxwebsetup.exe C:\Users\Justin\AppData\Local\Temp\gtalkwmp1.dll C:\Users\Justin\AppData\Local\Temp\InstallManager_BAB_BAB.exe C:\Users\Justin\AppData\Local\Temp\iTunesPluginWinSetup_3.0.4.0.exe C:\Users\Justin\AppData\Local\Temp\jre-6u29-windows-i586-iftw-rv.exe C:\Users\Justin\AppData\Local\Temp\jre-6u31-windows-i586-iftw-rv.exe C:\Users\Justin\AppData\Local\Temp\jre-7u11-windows-i586-iftw.exe C:\Users\Justin\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exe C:\Users\Justin\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe C:\Users\Justin\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe C:\Users\Justin\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe C:\Users\Justin\AppData\Local\Temp\jre-7u7-windows-i586-iftw.exe C:\Users\Justin\AppData\Local\Temp\jre-7u9-windows-i586-iftw.exe C:\Users\Justin\AppData\Local\Temp\Last.fm-2.1.30.exe C:\Users\Justin\AppData\Local\Temp\MouseKeyboardCenterx64_1033.exe C:\Users\Justin\AppData\Local\Temp\MSETUP4.EXE C:\Users\Justin\AppData\Local\Temp\mssinstaller.exe C:\Users\Justin\AppData\Local\Temp\ntdll_dump.dll C:\Users\Justin\AppData\Local\Temp\primosdk.DLL C:\Users\Justin\AppData\Local\Temp\px.dll C:\Users\Justin\AppData\Local\Temp\pxafs.dll C:\Users\Justin\AppData\Local\Temp\PxCpyA64.exe C:\Users\Justin\AppData\Local\Temp\PxCpyI64.exe C:\Users\Justin\AppData\Local\Temp\pxdrv.dll C:\Users\Justin\AppData\Local\Temp\pxhpinst.exe C:\Users\Justin\AppData\Local\Temp\PxInsA64.exe C:\Users\Justin\AppData\Local\Temp\PxInsI64.exe C:\Users\Justin\AppData\Local\Temp\pxmas.dll C:\Users\Justin\AppData\Local\Temp\pxsetup.exe C:\Users\Justin\AppData\Local\Temp\pxsfs.dll C:\Users\Justin\AppData\Local\Temp\pxwave.dll C:\Users\Justin\AppData\Local\Temp\Quarantine.exe C:\Users\Justin\AppData\Local\Temp\RDVAlert.exe C:\Users\Justin\AppData\Local\Temp\SearchWithGoogleUpdate.exe C:\Users\Justin\AppData\Local\Temp\Shortcut.exe C:\Users\Justin\AppData\Local\Temp\SkypeSetup.exe C:\Users\Justin\AppData\Local\Temp\tbSwee.dll C:\Users\Justin\AppData\Local\Temp\tmp2349.exe C:\Users\Justin\AppData\Local\Temp\tmp777B.exe C:\Users\Justin\AppData\Local\Temp\tmpAC7D.exe C:\Users\Justin\AppData\Local\Temp\Uninstaller-40864.exe C:\Users\Justin\AppData\Local\Temp\US_en_Avery_AW40.exe C:\Users\Justin\AppData\Local\Temp\vcredist_x86.exe C:\Users\Justin\AppData\Local\Temp\vxblock.dll Task: {2276EB6F-0783-472D-B238-2C95AF562204} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {360A5A64-B8D4-442A-9CF5-4E77E54580FA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-08-16] (Google Inc.) Task: {9149BA98-C6B1-4FC8-B1DD-886303895598} - \Scheduled Update for Ask Toolbar No Task File Task: {95E069FA-39BC-4405-BE5D-1E331AB7698D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-350978928-1145991243-2579747793-1001Core => C:\Users\Justin\AppData\Local\Google\Update\GoogleUpdate.exe [2010-01-21] (Google Inc.) Task: {D5E5606D-21A4-46C8-B842-C00FC1A086AF} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-350978928-1145991243-2579747793-1001UA => C:\Users\Justin\AppData\Local\Google\Update\GoogleUpdate.exe [2010-01-21] (Google Inc.) Task: {EA6BFF5A-D1A3-4C7E-9072-9E0B2EE6A686} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-08-16] (Google Inc.) Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-350978928-1145991243-2579747793-1001Core.job => C:\Users\Justin\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-350978928-1145991243-2579747793-1001UA.job => C:\Users\Justin\AppData\Local\Google\Update\GoogleUpdate.exe ***************** HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\H => Key deleted successfully. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{371182d0-98cc-11e2-af2b-00262d72f8e4} => Key deleted successfully. HKCR\CLSID\{371182d0-98cc-11e2-af2b-00262d72f8e4} => Key not found. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{371183a8-98cc-11e2-af2b-00262d72f8e4} => Key deleted successfully. HKCR\CLSID\{371183a8-98cc-11e2-af2b-00262d72f8e4} => Key not found. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8a621e2d-6837-11e2-a384-00262d72f8e4} => Key deleted successfully. HKCR\CLSID\{8a621e2d-6837-11e2-a384-00262d72f8e4} => Key not found. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c4ad687d-9ee7-11e2-9bc7-42883c5f1aff} => Key deleted successfully. HKCR\CLSID\{c4ad687d-9ee7-11e2-9bc7-42883c5f1aff} => Key not found. HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => Value deleted successfully. HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value not found. HKCU\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully. HKCU\Software\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully. HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache => Value deleted successfully. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => Key not found. HKCR\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9} => Key not found. HKCR\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} => Key deleted successfully. HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB} => Key deleted successfully. HKCR\Wow6432Node\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB} => Key not found. HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => Key not found. HKCR\Wow6432Node\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => Key deleted successfully. HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9} => Key not found. HKCR\Wow6432Node\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} => Key deleted successfully. HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{47833539-D0C5-4125-9FA8-0819E2EAAC93} => Value deleted successfully. HKCR\CLSID\{47833539-D0C5-4125-9FA8-0819E2EAAC93} => Key not found. HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2 => Key deleted successfully. C:\Windows\system32\npDeployJava1.dll => Moved successfully. HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2 => Key not found. "C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll" => not found. C:\Users\Justin\ij147-jdk6-64bit-setup.exe => Moved successfully. C:\Users\Justin\AppData\Local\Temp\AMPing.exe => Moved successfully. C:\Users\Justin\AppData\Local\Temp\AskSLib.dll => Moved successfully. C:\Users\Justin\AppData\Local\Temp\dxwebsetup.exe => Moved successfully. C:\Users\Justin\AppData\Local\Temp\gtalkwmp1.dll => Moved successfully. C:\Users\Justin\AppData\Local\Temp\InstallManager_BAB_BAB.exe => Moved successfully. C:\Users\Justin\AppData\Local\Temp\iTunesPluginWinSetup_3.0.4.0.exe => Moved successfully. C:\Users\Justin\AppData\Local\Temp\jre-6u29-windows-i586-iftw-rv.exe => Moved successfully. C:\Users\Justin\AppData\Local\Temp\jre-6u31-windows-i586-iftw-rv.exe => Moved successfully. C:\Users\Justin\AppData\Local\Temp\jre-7u11-windows-i586-iftw.exe => Moved successfully. C:\Users\Justin\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exe => Moved successfully. C:\Users\Justin\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe => Moved successfully. C:\Users\Justin\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe => Moved successfully. C:\Users\Justin\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe => Moved successfully. C:\Users\Justin\AppData\Local\Temp\jre-7u7-windows-i586-iftw.exe => Moved successfully. C:\Users\Justin\AppData\Local\Temp\jre-7u9-windows-i586-iftw.exe => Moved successfully. C:\Users\Justin\AppData\Local\Temp\Last.fm-2.1.30.exe => Moved successfully. C:\Users\Justin\AppData\Local\Temp\MouseKeyboardCenterx64_1033.exe => Moved successfully. C:\Users\Justin\AppData\Local\Temp\MSETUP4.EXE => Moved successfully. C:\Users\Justin\AppData\Local\Temp\mssinstaller.exe => Moved successfully. C:\Users\Justin\AppData\Local\Temp\ntdll_dump.dll => Moved successfully. C:\Users\Justin\AppData\Local\Temp\primosdk.DLL => Moved successfully. C:\Users\Justin\AppData\Local\Temp\px.dll => Moved successfully. C:\Users\Justin\AppData\Local\Temp\pxafs.dll => Moved successfully. C:\Users\Justin\AppData\Local\Temp\PxCpyA64.exe => Moved successfully. C:\Users\Justin\AppData\Local\Temp\PxCpyI64.exe => Moved successfully. C:\Users\Justin\AppData\Local\Temp\pxdrv.dll => Moved successfully. C:\Users\Justin\AppData\Local\Temp\pxhpinst.exe => Moved successfully. C:\Users\Justin\AppData\Local\Temp\PxInsA64.exe => Moved successfully. C:\Users\Justin\AppData\Local\Temp\PxInsI64.exe => Moved successfully. C:\Users\Justin\AppData\Local\Temp\pxmas.dll => Moved successfully. C:\Users\Justin\AppData\Local\Temp\pxsetup.exe => Moved successfully. C:\Users\Justin\AppData\Local\Temp\pxsfs.dll => Moved successfully. C:\Users\Justin\AppData\Local\Temp\pxwave.dll => Moved successfully. "C:\Users\Justin\AppData\Local\Temp\Quarantine.exe" => File/Directory not found. C:\Users\Justin\AppData\Local\Temp\RDVAlert.exe => Moved successfully. C:\Users\Justin\AppData\Local\Temp\SearchWithGoogleUpdate.exe => Moved successfully. C:\Users\Justin\AppData\Local\Temp\Shortcut.exe => Moved successfully. C:\Users\Justin\AppData\Local\Temp\SkypeSetup.exe => Moved successfully. C:\Users\Justin\AppData\Local\Temp\tbSwee.dll => Moved successfully. C:\Users\Justin\AppData\Local\Temp\tmp2349.exe => Moved successfully. C:\Users\Justin\AppData\Local\Temp\tmp777B.exe => Moved successfully. C:\Users\Justin\AppData\Local\Temp\tmpAC7D.exe => Moved successfully. C:\Users\Justin\AppData\Local\Temp\Uninstaller-40864.exe => Moved successfully. C:\Users\Justin\AppData\Local\Temp\US_en_Avery_AW40.exe => Moved successfully. C:\Users\Justin\AppData\Local\Temp\vcredist_x86.exe => Moved successfully. C:\Users\Justin\AppData\Local\Temp\vxblock.dll => Moved successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2276EB6F-0783-472D-B238-2C95AF562204} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2276EB6F-0783-472D-B238-2C95AF562204} => Key deleted successfully. C:\Windows\System32\Tasks\Apple\AppleSoftwareUpdate => Moved successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Apple\AppleSoftwareUpdate => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{360A5A64-B8D4-442A-9CF5-4E77E54580FA} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{360A5A64-B8D4-442A-9CF5-4E77E54580FA} => Key deleted successfully. C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => Moved successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9149BA98-C6B1-4FC8-B1DD-886303895598} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9149BA98-C6B1-4FC8-B1DD-886303895598} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Scheduled Update for Ask Toolbar => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{95E069FA-39BC-4405-BE5D-1E331AB7698D} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{95E069FA-39BC-4405-BE5D-1E331AB7698D} => Key deleted successfully. C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-350978928-1145991243-2579747793-1001Core => Moved successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskUserS-1-5-21-350978928-1145991243-2579747793-1001Core => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D5E5606D-21A4-46C8-B842-C00FC1A086AF} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D5E5606D-21A4-46C8-B842-C00FC1A086AF} => Key deleted successfully. C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-350978928-1145991243-2579747793-1001UA => Moved successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskUserS-1-5-21-350978928-1145991243-2579747793-1001UA => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EA6BFF5A-D1A3-4C7E-9072-9E0B2EE6A686} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EA6BFF5A-D1A3-4C7E-9072-9E0B2EE6A686} => Key deleted successfully. C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => Moved successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA => Key deleted successfully. C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully. C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully. C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-350978928-1145991243-2579747793-1001Core.job => Moved successfully. C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-350978928-1145991243-2579747793-1001UA.job => Moved successfully. ==== End of Fixlog ====
- October 4, 2013
- 27 replies
Can't resolve "Search Assist"

eNerve replied to eNerve's topic in Resolved Malware Removal Logs

This is the Quarantine.txt ... Not sure if this is needed: Quarantine.txt
- October 4, 2013
- 27 replies
Can't resolve "Search Assist"

eNerve replied to eNerve's topic in Resolved Malware Removal Logs

These are the 4 files from the ADWCleaner in the C:\ADWCleaner folder. Am I missing something? AdwCleanerR4.txt AdwCleanerS1.txt AdwCleanerR3.txt AdwCleanerR2.txt
- October 4, 2013
- 27 replies
Can't resolve "Search Assist"

eNerve replied to eNerve's topic in Resolved Malware Removal Logs

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-10-2013 Ran by FreshOats at 2013-10-04 08:34:48 Running from C:\Users\Justin\Desktop Boot Mode: Normal ========================================================== ==================== Security Center ======================== AV: avast! Antivirus (Enabled - Up to date) {2B2D1395-420B-D5C9-657E-930FE358FC3C} AS: avast! Antivirus (Enabled - Up to date) {904CF271-6431-DA47-5FCE-A87D98DFB681} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== Update for Microsoft Office 2007 (KB2508958) (x32) 64 Bit HP CIO Components Installer (Version: 7.2.8) Acer Arcade Deluxe (x32 Version: 3.0.7112) Acer Assist (x32) Acer Backup Manager (x32 Version: 2.0.0.29) Acer Crystal Eye Webcam (x32 Version: 5.2.9.3) Acer ePower Management (x32 Version: 4.05.3004) Acer eRecovery Management (x32 Version: 4.05.3005) Acer Games (x32 Version: 1.0.0.71) Acer GridVista (x32 Version: 3.01.0730) Acer Registration (x32 Version: 1.02.3006) Acer ScreenSaver (x32 Version: 1.5.0715) Acer Updater (x32 Version: 1.02.3502) Acrobat.com (x32 Version: 1.6.65) Adobe AIR (x32 Version: 3.7.0.1860) Adobe Color Video Profiles CS CS4 (x32 Version: 2.0) Adobe Community Help (x32 Version: 3.5.23) Adobe Flash Player 11 ActiveX (x32 Version: 11.8.800.175) Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.168) Adobe Photoshop Elements 8.0 (x32 Version: 8.0) Adobe Photoshop.com Inspiration Browser (x32 Version: 3.02) Adobe Reader XI (11.0.04) (x32 Version: 11.0.04) Adobe Shockwave Player 11.6 (x32 Version: 11.6.8.638) AdobeColorCommonSetRGB (x32 Version: 2.0) Alcor Micro USB Card Reader (x32 Version: 1.4.17.35005) Apple Application Support (x32 Version: 2.3.4) Apple Mobile Device Support (Version: 6.1.0.13) Apple Software Update (x32 Version: 2.1.3.127) ArcSoft PhotoStudio 6 (x32 Version: 6.0.1.134) Audacity 1.3.11 (Unicode) (x32) Auslogics BoostSpeed (x32 Version: 5.0) AutoQuant3DMergeModuls (Version: 1.00.0000) avast! Free Antivirus (x32 Version: 8.0.1497.0) Avery Wizard 4.0 (x32 Version: 4.0.103) Backup Manager Basic (x32 Version: 2.0.0.29) Blogger Backup Utility (x32 Version: 1.0.23) Bonjour (Version: 3.0.0.10) Broadcom Gigabit NetLink Controller (Version: 12.33.03) BufferChm (x32 Version: 130.0.331.000) Canon CanoScan LiDE 700F User Registration (x32) Canon Inkjet Printer/Scanner/Fax Extended Survey Program (x32) Canon MP Navigator EX 2.1 (x32) Canon RAW Image Task for ZoomBrowser EX (x32 Version: 3.3.0.5) Canon Utilities CameraWindow (x32 Version: 7.1.0.2) Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX (x32 Version: 6.4.2.16) Canon Utilities Digital Photo Professional 3.4 (x32 Version: 3.4.0.0) Canon Utilities EOS Utility (x32 Version: 2.4.0.1) Canon Utilities MyCamera (x32 Version: 6.4.0.5) Canon Utilities PhotoStitch (x32 Version: 3.1.21.45) Canon Utilities Picture Style Editor (x32 Version: 1.3.0.0) Canon Utilities RemoteCapture Task for ZoomBrowser EX (x32 Version: 1.7.1.9) Canon Utilities Solution Menu (x32) Canon Utilities WFT-E1/E2/E3 Utility (x32 Version: 3.2.1.1) Canon Utilities ZoomBrowser EX (x32 Version: 6.1.1.21) Canon ZoomBrowser EX Memory Card Utility (x32 Version: 1.1.0.8) CanoScan LiDE 700F Scanner Driver Compatibility Pack for the 2007 Office system (x32 Version: 12.0.6612.1000) D1400 (x32 Version: 130.0.365.000) D1400_Help (x32 Version: 90.0.235.000) DAEMON Tools Lite (x32 Version: 4.47.1.0337) DeviceDiscovery (x32 Version: 130.0.465.000) dj_sf_ProductContext (x32 Version: 130.0.365.000) dj_sf_software (x32 Version: 130.0.365.000) dj_sf_software_req (x32 Version: 130.0.365.000) Driver Detective (x32 Version: 8.0.1) DriverAgent by eSupport.com Dropbox (HKCU Version: 2.0.22) eBay Worldwide (x32 Version: 2.1.0901) ERUNT 1.1j (x32) ESET Online Scanner v3 (x32) eSobi v2 (x32 Version: 2.0.4.000274) FFmpeg for Audacity on Windows (x32) FileZilla Client 3.5.3 (x32 Version: 3.5.3) G*Power 3.1.7 (x32 Version: 3.1.7) Garmin Communicator Plugin (x32 Version: 3.0.1) Garmin Lifetime Updater (x32 Version: 2.0.6) Garmin Lifetime Updater (x32 Version: 2.1.11) Garmin USB Drivers (x32 Version: 2.3.0.0) Glade 3.6.1 (x32 Version: 3.6.1) Google Chrome (HKCU Version: 26.0.1410.43) Google Drive (x32 Version: 1.11.4865.2530) Google Talk (remove only) (HKCU) Google Talk Plugin (x32 Version: 4.7.0.15362) GoToMeeting 4.8.0.723 (HKCU Version: 4.8.0.723) GPBaseService2 (x32 Version: 130.0.371.000) Half-Life 2 (x32) Half-Life 2: Episode One (x32) Half-Life 2: Episode Two (x32) Half-Life 2: Lost Coast (x32) Hewlett-Packard ACLM.NET v1.1.0.0 (x32 Version: 1.00.0000) High-Definition Video Playback 10 (x32 Version: 7.0.11000.25.1) HP Customer Participation Program 13.0 (Version: 13.0) HP Deskjet Printer Driver Software 13.0 Rel. 1 (Version: 13.0) HP Imaging Device Functions 13.0 (Version: 13.0) HP Photosmart Essential 3.5 (Version: 3.5) HP Product Detection (x32 Version: 11.14.0001) HP Smart Web Printing 4.51 (Version: 4.51) HP Solution Center 13.0 (Version: 13.0) HPPhotoGadget (x32 Version: 130.0.282.000) HPPhotoSmartDiscLabelContent1 (x32 Version: 2.04.0000) HPPhotosmartEssential (x32 Version: 2.04.0000) HPProductAssistant (x32 Version: 130.0.371.000) HPSSupply (x32 Version: 130.0.371.000) HTC Driver Installer (x32 Version: 4.1.0.001) HTC Sync Manager (x32 Version: 2.0.52.0) Identity Card (x32 Version: 1.00.3003) ImageJ 1.47v ImgBurn (x32 Version: 2.5.7.0) Intel® Control Center (x32 Version: 1.2.0.1006) Intel® Graphics Media Accelerator Driver (x32 Version: 8.15.10.1995) Intel® Management Engine Components (x32 Version: 6.0.0.1179) Intel® Matrix Storage Manager IPTInstaller (x32 Version: 4.0.8) iSEEK AnswerWorks English Runtime (x32 Version: 009.000.0002) iSyncr (x32 Version: 4.0.9) jAlbum (x32 Version: 10.1) Jalbum (x32 Version: 8.9.1) Java 7 Update 25 (64-bit) (Version: 7.0.250) Java 7 Update 25 (x32 Version: 7.0.250) Java Auto Updater (x32 Version: 2.1.9.5) JavaFX 2.1.1 (x32 Version: 2.1.1) Junk Mail filter update (x32 Version: 14.0.8089.726) LAME v3.98.2 for Audacity (x32) Last.fm Scrobbler 2.1.36 (x32) Launch Manager (x32 Version: 3.0.04) Leica LAS AF Lite (x32 Version: 3.1.8587.0) LSI HDA Modem (Version: 2.2.98) Luminance HDR 2.3.0 Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300) MarketResearch (x32 Version: 130.0.374.000) MATLAB R2012a (Version: 7.14) MediaMonkey 4.0 (x32 Version: 4.0) Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320) Microsoft .NET Framework 4 Extended (Version: 4.0.30320) Microsoft Application Error Reporting (Version: 12.0.6015.5000) Microsoft Choice Guard (x32 Version: 2.0.48.0) Microsoft Default Manager (x32 Version: 2.1.54.0) Microsoft Office 2007 Service Pack 3 (SP3) (x32) Microsoft Office Access MUI (English) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office Access Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000) Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003) Microsoft Office Groove MUI (English) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office Groove Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000) Microsoft Office InfoPath MUI (English) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000) Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office Outlook MUI (English) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office PowerPoint Viewer 2007 (English) (x32 Version: 12.0.6612.1000) Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014) Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32) Microsoft Office Publisher MUI (English) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000) Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000) Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office Suite Activation Assistant (x32 Version: 2.9) Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000) Microsoft Primary Interoperability Assemblies 2005 (x32 Version: 8.0.50727.42) Microsoft Search Enhancement Pack (x32 Version: 3.0.126.0) Microsoft Silverlight (Version: 5.1.20513.0) Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (x32 Version: 8.0.50727.4053) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001) Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000) Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (x32 Version: 9.0.30729.5570) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219) Microsoft Works (x32 Version: 9.7.0621) Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053) Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053) Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053) Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000) Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000) Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000) Mikogo 4 (HKCU Version: 4.6) MinGW-Get version 0.5-beta-20120426-1 (x32 Version: 0.5-beta-20120426-1) Mozilla Firefox 20.0.1 (x86 en-US) (x32 Version: 20.0.1) Mozilla Maintenance Service (x32 Version: 20.0.1) MSN Toolbar (x32 Version: 4.0.0379.0) MSN Toolbar Platform (x32 Version: 4.0.0417.0) MSVCRT (x32 Version: 14.0.1468.721) MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0) MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0) MTP Porting Kit (x32 Version: 12.0.0) Music Manager (HKCU) muvee Reveal Seagate Edition (x32 Version: 7.0.41.11017) MyWinLocker (x32 Version: 3.1.76.0) Nero 10 ClipartPack (x32 Version: 10.0.10300.0.0) Nero 10 Menu TemplatePack 1 (x32 Version: 10.0.10300.0.0) Nero 10 Menu TemplatePack 2 (x32 Version: 10.0.10300.0.0) Nero 10 Menu TemplatePack 3 (x32 Version: 10.0.10300.0.0) Nero 10 Menu TemplatePack Basic (x32 Version: 10.0.10300.0.0) Nero 10 Movie ThemePack 1 (x32 Version: 10.0.10300.1.0) Nero 10 Movie ThemePack 2 (x32 Version: 10.0.10300.1.0) Nero 10 Movie ThemePack Basic (x32 Version: 10.0.10300.1.0) Nero 10 Sample ImagePack (x32 Version: 10.0.10300.0.0) Nero 10 Sample Videos (x32 Version: 10.0.10300.2.0) Nero BackItUp 10 (x32 Version: 5.4.11100.14.101) Nero BackItUp 10 Help (CHM) (x32 Version: 1.0.10500) Nero Burning ROM 10 (x32 Version: 10.0.10700.7.100) Nero BurningROM 10 Help (CHM) (x32 Version: 1.0.10500) Nero BurnRights 10 (x32 Version: 4.0.10600.9.100) Nero BurnRights 10 Help (CHM) (x32 Version: 1.0.10500) Nero Control Center 10 (x32 Version: 10.0.11500.1.0) Nero Core Components 10 (x32 Version: 2.0.13100.0.1) Nero CoverDesigner 10 (x32 Version: 5.0.10500.7.100) Nero CoverDesigner 10 Help (CHM) (x32 Version: 1.0.10500) Nero DiscSpeed 10 (x32 Version: 6.0.10400.4.100) Nero DiscSpeed 10 Help (CHM) (x32 Version: 1.0.10500) Nero Dolby Files 10 (x32 Version: 2.0.11000.0.10) Nero Express 10 (x32 Version: 10.0.10500.7.100) Nero Express 10 Help (CHM) (x32 Version: 1.0.10500) Nero InfoTool 10 (x32 Version: 7.0.10400.5.100) Nero InfoTool 10 Help (CHM) (x32 Version: 1.0.10500) Nero MediaHub 10 (x32 Version: 1.0.11000.6.100) Nero MediaHub 10 Help (CHM) (x32 Version: 1.0.10500) Nero Multimedia Suite 10 (x32 Version: 10.0.11200) Nero Recode 10 (x32 Version: 4.6.10600.1.100) Nero Recode 10 Help (CHM) (x32 Version: 1.0.10500) Nero RescueAgent 10 (x32 Version: 3.0.10500.5.100) Nero RescueAgent 10 Help (CHM) (x32 Version: 1.0.10500) Nero SoundTrax 10 (x32 Version: 4.6.10500.1.100) Nero SoundTrax 10 Help (CHM) (x32 Version: 1.0.10500) Nero StartSmart 10 (x32 Version: 10.0.10500.4.100) Nero StartSmart 10 Help (CHM) (x32 Version: 1.0.10500) Nero Update (x32 Version: 1.0.0012) Nero Vision 10 (x32 Version: 7.0.10700.4.100) Nero Vision 10 Help (CHM) (x32 Version: 1.0.10500) Nero WaveEditor 10 (x32 Version: 5.6.10500.1.100) Nero WaveEditor 10 Help (CHM) (x32 Version: 1.0.10500) NTI Backup Now 5 (x32 Version: 5.1.2.627) NTI Backup Now Standard (x32 Version: 5.1.2.627) NTI Media Maker 8 (x32 Version: 8.0.12.6623) Nvu 1.0PR (x32 Version: 1.0PR) Opera Stable 16.0.1196.73 (x32 Version: 16.0.1196.73) Picasa 3 (x32 Version: 3.8) Picturenaut 3.2 (Version: 3.2.0.1698) PL-2303 USB-to-Serial (x32 Version: 1.2.10) Portal (x32) Portal 2 (x32) QuickTime (x32 Version: 7.73.80.64) R for Windows 3.0.1 (Version: 3.0.1) Realtek High Definition Audio Driver (x32 Version: 6.0.1.5969) Registry Easy v5.6 (Version: 5.6) ResearchSoft Direct Export Helper (x32) RStudio (x32 Version: 0.97.551) Seagate Manager Installer (x32 Version: 2.01.0600) Sendori (x32 Version: 2.0.15) Shipping Assistant 3.8 (x32 Version: 3.8.0.0) Shop for HP Supplies (Version: 13.0) SketchUp 8 (x32 Version: 3.0.16846) Skype™ 5.10 (x32 Version: 5.10.116) SlidePath Gateway (x32 Version: 2.0.5.0) SmartWebPrinting (x32 Version: 130.0.457.000) SolutionCenter (x32 Version: 130.0.373.000) SoulSeek 157 NS 13e (x32) SoulseekQt (x32) Spotify (HKCU Version: 0.8.5.1333.g822e0de8) Status (x32 Version: 130.0.469.000) Steam (x32 Version: 1.0.0.0) SUPERAntiSpyware (Version: 5.5.1012) swMSM (x32 Version: 12.0.0.1) Synaptics Pointing Device Driver (Version: 14.0.6.0) Team Fortress 2 (x32) Team Fortress 2 Beta (x32) Toolbox (x32 Version: 130.0.648.000) TrayApp (x32 Version: 130.0.422.000) TurboTax 2009 (x32) TurboTax 2009 wiliper (x32 Version: 009.000.0687) TurboTax 2009 WinPerFedFormset (x32 Version: 009.000.1875) TurboTax 2009 WinPerReleaseEngine (x32 Version: 009.000.0311) TurboTax 2009 WinPerTaxSupport (x32 Version: 009.000.0230) TurboTax 2009 wrapper (x32 Version: 009.000.0145) TurboTax 2010 (x32) TurboTax 2010 wiliper (x32 Version: 010.000.1108) TurboTax 2010 WinPerFedFormset (x32 Version: 010.000.3441) TurboTax 2010 WinPerReleaseEngine (x32 Version: 010.000.0414) TurboTax 2010 WinPerTaxSupport (x32 Version: 010.000.0199) TurboTax 2010 wrapper (x32 Version: 010.000.0157) TurboTax 2011 (x32) TurboTax 2011 wcaiper (x32 Version: 011.000.1395) TurboTax 2011 wiliper (x32 Version: 011.000.1456) TurboTax 2011 WinPerFedFormset (x32 Version: 011.000.2596) TurboTax 2011 WinPerReleaseEngine (x32 Version: 011.000.0424) TurboTax 2011 WinPerTaxSupport (x32 Version: 011.000.0209) TurboTax 2011 wrapper (x32 Version: 011.000.0120) TurboTax 2012 (x32 Version: 2012.0) TurboTax 2012 wcaiper (x32 Version: 012.000.1430) TurboTax 2012 wiliper (x32 Version: 012.000.1416) TurboTax 2012 WinPerFedFormset (x32 Version: 012.000.2083) TurboTax 2012 WinPerReleaseEngine (x32 Version: 012.000.0451) TurboTax 2012 WinPerTaxSupport (x32 Version: 012.000.0179) TurboTax 2012 wrapper (x32 Version: 012.000.0127) UnloadSupport (x32 Version: 11.0.0) Update for 2007 Microsoft Office System (KB967642) (x32) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1) Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1) Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1) Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1) Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1) Update for Microsoft Office 2007 Help for Common Features (KB963673) (x32) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (x32) Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition (x32) Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition (x32) Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition (x32) Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (x32) Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (x32) Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (x32) Update for Microsoft Office Access 2007 Help (KB963663) (x32) Update for Microsoft Office Excel 2007 Help (KB963678) (x32) Update for Microsoft Office Infopath 2007 Help (KB963662) (x32) Update for Microsoft Office OneNote 2007 Help (KB963670) (x32) Update for Microsoft Office Outlook 2007 Help (KB963677) (x32) Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2768024) 32-Bit Edition (x32) Update for Microsoft Office Powerpoint 2007 Help (KB963669) (x32) Update for Microsoft Office Publisher 2007 Help (KB963667) (x32) Update for Microsoft Office Script Editor Help (KB963671) (x32) Update for Microsoft Office Word 2007 Help (KB963665) (x32) VI Package Manager (x32 Version: 2012.0.0 (build 1780)) WebReg (x32 Version: 130.0.132.017) Welcome Center (x32 Version: 1.00.3008) Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0) (Version: 06/03/2009 2.3.0.0) Windows Live Call (x32 Version: 14.0.8064.0206) Windows Live Communications Platform (x32 Version: 14.0.8064.206) Windows Live Essentials (x32 Version: 14.0.8089.0726) Windows Live Essentials (x32 Version: 14.0.8089.726) Windows Live ID Sign-in Assistant (Version: 6.500.3165.0) Windows Live Mail (x32 Version: 14.0.8089.0726) Windows Live Messenger (x32 Version: 14.0.8089.0726) Windows Live Movie Maker (x32 Version: 14.0.8091.0730) Windows Live Photo Gallery (x32 Version: 14.0.8081.709) Windows Live Sync (x32 Version: 14.0.8089.726) Windows Live Upload Tool (x32 Version: 14.0.8014.1029) Windows Live Writer (x32 Version: 14.0.8089.0726) Windows Media Player Firefox Plugin (x32 Version: 1.0.0.8) WinRAR archiver Yahoo! Toolbar (x32) ==================== Restore Points ========================= 02-10-2013 21:09:44 Removed Adobe Photoshop Lightroom 4.4 64-bit. 02-10-2013 21:16:38 Removed EndNote X3 03-10-2013 10:19:21 Windows Update ==================== Scheduled Tasks (whitelisted) ============= Task: {0BDA77DA-BCE9-4B4B-9483-4F85739AF22D} - System32\Tasks\{776B6FBB-4446-46B2-9D7E-C9F5962DC88F} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2012-07-13] (Skype Technologies S.A.) Task: {2276EB6F-0783-472D-B238-2C95AF562204} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {360A5A64-B8D4-442A-9CF5-4E77E54580FA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-08-16] (Google Inc.) Task: {717C8F14-6EEE-4B03-8585-09FD1995A5C6} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-19] (Adobe Systems Incorporated) Task: {8230404C-AEA5-41C3-AEFC-186A5FD08302} - System32\Tasks\UALU notificatin => C:\Program Files\Acer\Acer Updater\UALU.exe [2012-04-05] (Acer Incorporated) Task: {8761F448-16B8-4466-B98F-AA6B45B0A384} - System32\Tasks\Run RoboForm TaskBar Icon => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe Task: {9149BA98-C6B1-4FC8-B1DD-886303895598} - \Scheduled Update for Ask Toolbar No Task File Task: {95E069FA-39BC-4405-BE5D-1E331AB7698D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-350978928-1145991243-2579747793-1001Core => C:\Users\Justin\AppData\Local\Google\Update\GoogleUpdate.exe [2010-01-21] (Google Inc.) Task: {C27D010D-EE3F-4688-90B6-8B6BCD7B267A} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-20] (Microsoft Corporation) Task: {D5E5606D-21A4-46C8-B842-C00FC1A086AF} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-350978928-1145991243-2579747793-1001UA => C:\Users\Justin\AppData\Local\Google\Update\GoogleUpdate.exe [2010-01-21] (Google Inc.) Task: {E3FC07A2-192C-48B9-9539-5B9B56B35B7F} - System32\Tasks\avast! Emergency Update => C:\Program Files\Alwil Software\Avast5\AvastEmUpdate.exe [2013-08-30] (AVAST Software) Task: {EA6BFF5A-D1A3-4C7E-9072-9E0B2EE6A686} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-08-16] (Google Inc.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-350978928-1145991243-2579747793-1001Core.job => C:\Users\Justin\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-350978928-1145991243-2579747793-1001UA.job => C:\Users\Justin\AppData\Local\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2013-08-29 13:42 - 2012-11-12 00:38 - 00091648 _____ () C:\Program Files (x86)\MediaMonkey\DeskPlayer.dll 2010-01-02 07:42 - 2010-01-02 07:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll 2011-08-31 19:13 - 2011-08-31 19:13 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2013-10-04 06:31 - 2013-10-04 02:57 - 02104832 _____ () C:\Program Files\Alwil Software\Avast5\defs\13100400\algo.dll 2011-09-27 07:23 - 2011-09-27 07:23 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2011-09-27 07:22 - 2011-09-27 07:22 - 01242472 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2013-04-03 13:26 - 2013-04-03 13:26 - 00030056 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DbAccess.dll 2013-04-03 13:27 - 2013-04-03 13:27 - 00607376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\sqlite3.dll 2013-03-07 10:18 - 2013-03-07 10:18 - 00044392 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NAdvLog.dll 2013-04-03 13:28 - 2013-04-03 13:28 - 00036216 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NFileCacheDBAccess.dll 2013-03-07 10:19 - 2013-03-07 10:19 - 00080248 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\ninstallerhelper.dll 2013-03-07 10:21 - 2013-03-07 10:21 - 00223592 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DevConnMon.dll 2009-02-02 18:33 - 2009-02-02 18:33 - 00460199 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll 2008-09-28 18:55 - 2008-09-28 18:55 - 01076224 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\ACE.dll 2009-10-30 03:11 - 2009-10-30 03:11 - 00267776 _____ () C:\Windows\system32\WinTab32.DLL 2009-10-30 03:11 - 2009-10-30 03:11 - 00204800 _____ () C:\Windows\SysWOW64\WinTab32.DLL 2012-01-08 06:41 - 2012-01-08 06:41 - 00093696 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll 2013-03-29 09:54 - 2013-03-21 15:49 - 00598480 _____ () C:\Users\Justin\AppData\Local\Google\Chrome\Application\26.0.1410.43\libglesv2.dll 2013-03-29 09:54 - 2013-03-21 15:49 - 00124368 _____ () C:\Users\Justin\AppData\Local\Google\Chrome\Application\26.0.1410.43\libegl.dll 2010-03-06 10:55 - 2010-03-06 10:55 - 00854016 _____ () C:\Windows\assembly\GAC_32\System.Data.SQLite\1.0.61.0__db937bc2d44ff139\System.Data.SQLite.dll 2010-03-06 10:55 - 2010-03-06 10:55 - 00471040 _____ () C:\Windows\assembly\GAC_MSIL\Intuit.Spc.Map.Reporter\5.0.104.0__7ce6deabcb36a8ea\Intuit.Spc.Map.Reporter.dll 2011-02-16 11:27 - 2011-02-16 11:27 - 00476520 _____ () C:\Windows\assembly\GAC_MSIL\Intuit.Spc.Map.Reporter\5.0.136.0__7ce6deabcb36a8ea\Intuit.Spc.Map.Reporter.dll 2013-03-29 09:54 - 2013-03-21 15:50 - 04050896 _____ () C:\Users\Justin\AppData\Local\Google\Chrome\Application\26.0.1410.43\pdf.dll 2013-03-29 09:54 - 2013-03-21 15:50 - 00390096 _____ () C:\Users\Justin\AppData\Local\Google\Chrome\Application\26.0.1410.43\ppGoogleNaClPluginChrome.dll 2013-03-29 09:54 - 2013-03-21 15:49 - 01606096 _____ () C:\Users\Justin\AppData\Local\Google\Chrome\Application\26.0.1410.43\ffmpegsumo.dll 2013-05-14 14:12 - 2013-05-14 14:12 - 13136776 _____ () C:\Users\Justin\AppData\Local\Google\Chrome\User Data\PepperFlash\11.7.700.202\pepflashplayer.dll 2013-04-14 10:22 - 2013-04-14 10:22 - 03133336 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll 2013-09-16 13:28 - 2013-09-16 13:28 - 16177544 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll ==================== Alternate Data Streams (whitelisted) ========= AlternateDataStreams: C:\ProgramData\Temp:07BF512B ==================== Safe Mode (whitelisted) =================== HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sndappv2 => ""="service" ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (10/04/2013 03:42:02 AM) (Source: SideBySide) (User: ) Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (10/04/2013 03:41:52 AM) (Source: SideBySide) (User: ) Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (10/03/2013 10:32:56 PM) (Source: SideBySide) (User: ) Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (10/03/2013 10:32:50 PM) (Source: SideBySide) (User: ) Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (10/03/2013 10:32:49 PM) (Source: SideBySide) (User: ) Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (10/03/2013 08:31:07 PM) (Source: SideBySide) (User: ) Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. System errors: ============= Error: (10/04/2013 06:29:58 AM) (Source: Service Control Manager) (User: ) Description: The Service Sendori service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. Error: (10/04/2013 02:28:30 AM) (Source: Service Control Manager) (User: ) Description: The Service Sendori service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. Error: (10/03/2013 11:43:14 PM) (Source: BROWSER) (User: ) Description: The browser service has failed to retrieve the backup list too many times on transport \Device\NetBT_Tcpip_{079E895E-A34A-44CA-AB30-B5385D4D0B79}. The backup browser is stopping. Error: (10/03/2013 10:28:01 PM) (Source: Service Control Manager) (User: ) Description: The NI Device Loader service depends the following service: mxssvr. This service might not be installed. Error: (10/03/2013 10:28:00 PM) (Source: Service Control Manager) (User: ) Description: The McAfee SiteAdvisor Service service failed to start due to the following error: %%2 Error: (10/03/2013 10:27:43 PM) (Source: Microsoft-Windows-DNS-Client) (User: NT AUTHORITY) Description: There was an error while attempting to read the local hosts file. Error: (10/03/2013 09:14:51 PM) (Source: DCOM) (User: ) Description: {995C996E-D918-4A8C-A302-45719A6F4EA7} Error: (10/03/2013 08:46:23 PM) (Source: Service Control Manager) (User: ) Description: The Service Sendori service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. Error: (10/03/2013 08:33:12 PM) (Source: Disk) (User: ) Description: The driver detected a controller error on \Device\Harddisk1\DR2. Microsoft Office Sessions: ========================= Error: (04/18/2013 01:32:35 PM) (Source: Microsoft Office 12 Sessions)(User: ) Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6600.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 216 seconds with 120 seconds of active time. This session ended with a crash. Error: (03/10/2013 11:31:14 PM) (Source: Microsoft Office 12 Sessions)(User: ) Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6600.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 910 seconds with 900 seconds of active time. This session ended with a crash. Error: (03/10/2013 11:15:56 PM) (Source: Microsoft Office 12 Sessions)(User: ) Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6600.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 63 seconds with 60 seconds of active time. This session ended with a crash. Error: (03/10/2013 11:14:44 PM) (Source: Microsoft Office 12 Sessions)(User: ) Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6600.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 4232 seconds with 4080 seconds of active time. This session ended with a crash. Error: (04/10/2012 08:47:48 PM) (Source: Microsoft Office 12 Sessions)(User: ) Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6612.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 9 seconds with 0 seconds of active time. This session ended with a crash. Error: (11/01/2011 03:32:57 PM) (Source: Microsoft Office 12 Sessions)(User: ) Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6555.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 4 seconds with 0 seconds of active time. This session ended with a crash. Error: (08/25/2011 04:21:23 PM) (Source: Microsoft Office 12 Sessions)(User: ) Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 4 seconds with 0 seconds of active time. This session ended with a crash. Error: (08/25/2011 04:13:50 PM) (Source: Microsoft Office 12 Sessions)(User: ) Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 2 seconds with 0 seconds of active time. This session ended with a crash. Error: (08/25/2011 04:13:38 PM) (Source: Microsoft Office 12 Sessions)(User: ) Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 0 seconds with 0 seconds of active time. This session ended with a crash. Error: (08/25/2011 04:13:18 PM) (Source: Microsoft Office 12 Sessions)(User: ) Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 8 seconds with 0 seconds of active time. This session ended with a crash. ==================== Memory info =========================== Percentage of memory in use: 74% Total physical RAM: 3764.5 MB Available physical RAM: 944.14 MB Total Pagefile: 7527.18 MB Available Pagefile: 4250.83 MB Total Virtual: 8192 MB Available Virtual: 8191.81 MB ==================== Drives ================================ Drive c: (ACER) (Fixed) (Total:285.3 GB) (Free:54.92 GB) NTFS Drive e: (Lightroom instal) (CDROM) (Total:0.76 GB) (Free:0 GB) CDFS Drive g: (Pig Destroyer) (Fixed) (Total:465.76 GB) (Free:82.68 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298 GB) (Disk ID: 107C107C) Partition 1: (Not Active) - (Size=13 GB) - (Type=27) Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=285 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (Size: 466 GB) (Disk ID: A4B57300) Partition 1: (Not Active) - (Size=466 GB) - (Type=07 NTFS) ==================== End Of Log ============================
- October 4, 2013
- 27 replies
Can't resolve "Search Assist"

eNerve replied to eNerve's topic in Resolved Malware Removal Logs

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-10-2013 Ran by FreshOats (administrator) on PIG on 04-10-2013 08:27:27 Running from C:\Users\Justin\Desktop Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US) Internet Explorer Version 10 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE (ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe (LSI Corporation) C:\Program Files\LSI SoftModem\agr64svc.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe (Seagate Technology LLC) C:\Program Files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe (Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe (Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE (Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe () C:\Users\Justin\AppData\Local\Mikogo4\Host\Service\M4-Service.exe () C:\Users\Justin\AppData\Local\Mikogo4\Host\Service\M4-Capture.exe (NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe (NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Sendori) C:\Program Files (x86)\Sendori\sndappv2.exe (Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe (Tablet Driver) C:\Windows\System32\Drivers\WTSRV.EXE (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Sendori, Inc.) C:\Program Files (x86)\Sendori\SendoriSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Sendori, Inc.) C:\Program Files (x86)\Sendori\SendoriUp.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe () C:\Windows\PLFSetI.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\system32\igfxext.exe (Intel Corporation) C:\Windows\system32\igfxsrvc.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Google Inc.) C:\Users\Justin\AppData\Local\Google\Chrome\Application\chrome.exe (Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe (Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Google Inc.) C:\Users\Justin\AppData\Local\Google\Update\1.3.21.153\GoogleCrashHandler.exe (Google Inc.) C:\Users\Justin\AppData\Local\Google\Update\1.3.21.153\GoogleCrashHandler64.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe (Tablet Driver) C:\Windows\SysWOW64\WTClient.exe (AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastUI.exe (Sendori, Inc.) C:\Program Files (x86)\Sendori\SendoriTray.exe (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Google Inc.) C:\Users\Justin\AppData\Local\Google\Chrome\Application\chrome.exe (Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe (Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe (Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe (Google Inc.) C:\Users\Justin\AppData\Local\Google\Chrome\Application\chrome.exe (Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe (Google Inc.) C:\Users\Justin\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Justin\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Justin\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Justin\AppData\Local\Google\Chrome\Application\chrome.exe (Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe (Google Inc.) C:\Users\Justin\AppData\Local\Google\Chrome\Application\chrome.exe (Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe () C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe (sendori) C:\Program Files (x86)\Sendori\Sendori.Service.exe (Google Inc.) C:\Users\Justin\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Justin\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Justin\AppData\Local\Google\Chrome\Application\chrome.exe (Google) C:\Users\Justin\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe (Google Inc.) C:\Users\Justin\AppData\Local\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [iAAnotif] - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation) HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8312352 2009-10-28] (Realtek Semiconductor) HKLM\...\Run: [PLFSetI] - C:\Windows\PLFSetI.exe [200704 2009-11-20] () HKLM\...\Run: [synTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1842472 2009-09-17] (Synaptics Incorporated) HKLM\...\Run: [Acer ePower Management] - C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [823840 2009-09-30] (Acer Incorporated) HKLM\...\Run: [CanonSolutionMenu] - C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [722256 2008-12-11] (CANON INC.) HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] () Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKCU\...\Run: [googletalk] - C:\Users\FreshOats\AppData\Roaming\Google\Google Talk\googletalk.exe /autostart HKCU\...\Run: [4AA5D9FA8B43745BB2EAD1E788698E8441A23DBA._service_run] - "C:\Users\FreshOats\AppData\Local\Google\Chrome\Application\chrome.exe" --type=service HKCU\...\Run: [D3CA26BDF1EEC0308B736E98B1ACDCED782D77FF._service_run] - C:\Users\Justin\AppData\Local\Google\Chrome\Application\chrome.exe [1312720 2013-03-21] (Google Inc.) HKCU\...\Run: [AdobeBridge] - [x] HKCU\...\Run: [Google Update] - C:\Users\Justin\AppData\Local\Google\Update\GoogleUpdate.exe [135664 2010-01-21] (Google Inc.) HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3673696 2013-08-01] (Disc Soft Ltd) MountPoints2: H - H:\HTC_Sync_Manager_PC.exe MountPoints2: {371182d0-98cc-11e2-af2b-00262d72f8e4} - E:\HTC_Sync_Manager_PC.exe MountPoints2: {371183a8-98cc-11e2-af2b-00262d72f8e4} - E:\HTC_Sync_Manager_PC.exe MountPoints2: {8a621e2d-6837-11e2-a384-00262d72f8e4} - E:\HTC_Sync_Manager_PC.exe MountPoints2: {c4ad687d-9ee7-11e2-9bc7-42883c5f1aff} - E:\HTC_Sync_Manager_PC.exe HKLM-x32\...\Run: [LManager] - C:\Program Files (x86)\Launch Manager\LManager.exe [1100368 2009-11-01] (Dritek System Inc.) HKLM-x32\...\Run: [Microsoft Default Manager] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [288080 2009-07-17] (Microsoft Corporation) HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated) HKLM-x32\...\Run: [WTClient] - C:\Windows\\SysWOW64\WTClient.exe [32768 2009-10-30] (Tablet Driver) HKLM-x32\...\Run: [avast] - C:\Program Files\Alwil Software\Avast5\avastUI.exe [4858968 2013-08-30] (AVAST Software) HKLM-x32\...\Run: [sendori Tray] - C:\Program Files (x86)\Sendori\SendoriTray.exe [83232 2013-07-01] (Sendori, Inc.) HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-10-25] (Apple Inc.) HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.) HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard) HKLM-x32\...\Run: [] - [x] HKLM-x32\...\Run: [sunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation) HKLM-x32\...\Run: [hpqSRMon] - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard) HKU\Default\...\RunOnce: [scrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [162336 2009-07-08] () HKU\Default User\...\RunOnce: [scrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [162336 2009-07-08] () Startup: C:\Users\Justin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ShortcutTarget: Dropbox.lnk -> C:\Users\Justin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&m=aspire_5740&r=273601105416l0358z135t4871d712 HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/ HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x46C6062970FFCB01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software) BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.) BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} - No File BHO-x32: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation) BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software) BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) BHO-x32: MSN Toolbar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0417.0\npwinext.dll (Microsoft Corporation) BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc) BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.) Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software) Toolbar: HKLM-x32 - MSN Toolbar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0417.0\npwinext.dll (Microsoft Corporation) Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software) Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation) Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation) Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Winsock: Catalog9 01 C:\Windows\system32\Sendori.dll File Not found () Winsock: Catalog9 02 C:\Windows\system32\Sendori.dll File Not found () Winsock: Catalog9 03 C:\Windows\system32\Sendori.dll File Not found () Winsock: Catalog9 04 C:\Windows\system32\Sendori.dll File Not found () Winsock: Catalog9 15 C:\Windows\system32\Sendori.dll File Not found () Hosts: Hosts file not detected in the default directory Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{653E5F10-D724-4359-9865-AA1F5127D99E}: [NameServer]192.168.42.129 Tcpip\..\Interfaces\{BEAF8B28-493A-4EEC-986D-D78A4F063FF4}: [NameServer]192.168.42.129 FireFox: ======== FF ProfilePath: C:\Users\Justin\AppData\Roaming\Mozilla\Firefox\Profiles\6vfjhq0a.default FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll () FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE - disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll () FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.) FF Plugin-x32: @garmin.com/GpsControl - C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.) FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE - disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpWinExt,version=4.0 - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0417.0\npwinext.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\Justin\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google) FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\Justin\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google) FF Plugin HKCU: @talk.google.com/O3DPlugin - C:\Users\Justin\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll () FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Justin\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Justin\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF Extension: adblockpopups - C:\Users\Justin\AppData\Roaming\Mozilla\Firefox\Profiles\6vfjhq0a.default\Extensions\adblockpopups@jessehakanen.net.xpi FF Extension: No Name - C:\Users\Justin\AppData\Roaming\Mozilla\Firefox\Profiles\6vfjhq0a.default\Extensions\{AE93811A-5C9A-4d34-8462-F7B864FC4696}.xpi FF Extension: Skype extension - C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} FF HKLM-x32\...\Firefox\Extensions: [msntoolbar@msn.com] - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0417.0\Firefox FF Extension: MSN Toolbar - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0417.0\Firefox FF HKLM-x32\...\Firefox\Extensions: [{27182e60-b5f3-411c-b545-b44205977502}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ FF Extension: No Name - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\Alwil Software\Avast5\WebRep\FF FF Extension: avast! Online Security - C:\Program Files\Alwil Software\Avast5\WebRep\FF FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 Chrome: ======= CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding} CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter} CHR Plugin: (Shockwave Flash) - C:\Users\FreshOats\AppData\Local\Google\Chrome\Application\21.0.1180.79\PepperFlash\pepflashplayer.dll No File CHR Plugin: (Shockwave Flash) - C:\Users\Justin\AppData\Local\Google\Chrome\Application\26.0.1410.43\gcswf32.dll No File CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File CHR Plugin: (Remoting Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Users\Justin\AppData\Local\Google\Chrome\Application\26.0.1410.43\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Users\Justin\AppData\Local\Google\Chrome\Application\26.0.1410.43\pdf.dll () CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File CHR Plugin: (Microsoft\u00AE Windows Media Player Firefox Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation) CHR Plugin: (CouponNetwork Coupon Activator Netscape Plugin v. 5.0.0.0) - C:\Program Files (x86)\Mozilla Firefox\plugins\NPcol400.dll No File CHR Plugin: (CouponNetwork Coupon Activator Netscape Plugin v. 5.0.0.0) - C:\Program Files (x86)\Mozilla Firefox\plugins\NPcol500.dll No File CHR Plugin: (Coupons Inc., Coupon Printer Manager ) - C:\Program Files (x86)\Mozilla Firefox\plugins\npCouponPrinter.dll No File CHR Plugin: (Coupons Inc., Coupon Printer Manager ) - C:\Program Files (x86)\Mozilla Firefox\plugins\npMozCouponPrinter.dll No File CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll (Apple Inc.) CHR Plugin: (Google Talk Plugin) - C:\Users\FreshOats\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll No File CHR Plugin: (Google Talk Plugin Video Accelerator) - C:\Users\FreshOats\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll No File CHR Plugin: (Garmin Communicator Plug-In) - C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.) CHR Plugin: (Picasa) - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.) CHR Plugin: (MSN\u00AE Toolbar) - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0417.0\npwinext.dll (Microsoft Corporation) CHR Plugin: (Java Platform SE 7 U5) - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation) CHR Plugin: (Java Deployment Toolkit 7.0.50.255) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) CHR Plugin: (Windows Live\u00AE Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll No File CHR Plugin: (Google Update) - C:\Users\FreshOats\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll No File CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll No File CHR Extension: (Angry Birds) - C:\Users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0 CHR Extension: (reddit companion) - C:\Users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\algjnflpgoopkdijmkalfcifomdhmcbe\1.1.2_0 CHR Extension: (Songza) - C:\Users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\alodolpedihmeapcekfjhpgomaadaabg\0.5.3_0 CHR Extension: (Lucidchart: Diagrams Online) - C:\Users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apboafhkiegglekeafbckfjldecefkhn\18_0 CHR Extension: (Raindrops) - C:\Users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcipapbfhdnmgihoimbjiadmhpcgcnil\1.0.0.2_1 CHR Extension: (AdBlock) - C:\Users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.8_0 CHR Extension: (avast! Online Security) - C:\Users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\8.0.8_0 CHR Extension: (Google Play Music) - C:\Users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\icppfcnhkcmnfdhfhphakoifcfokfdhg\5.2_0 CHR Extension: (Autodesk Homestyler) - C:\Users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdmmkfaghgcicheaimnpffeeekheafkb\2.6_0 CHR Extension: (Evernote Web) - C:\Users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol\1.0.7_0 CHR Extension: (Google Maps) - C:\Users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh\5.2.7_0 CHR Extension: (Plants vs Zombies) - C:\Users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmcegpfdgcoclcdfkjahiimlikdpnina\1.0.5_0 CHR HKLM-x32\...\Chrome\Extension: [banjjklfojcdbofbhbgiedekefohoaff] - C:\Users\Justin\AppData\Local\CRE\banjjklfojcdbofbhbgiedekefohoaff.crx CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx ==================== Services (Whitelisted) ================= R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [140672 2011-08-11] (SUPERAntiSpyware.com) R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.) R2 Application Sendori; C:\Program Files (x86)\Sendori\SendoriSvc.exe [119072 2013-07-01] (Sendori, Inc.) R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [46808 2013-08-30] (AVAST Software) R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2013-01-29] (Nero AG) R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [107912 2008-10-09] () S3 Leica Microsystems Data Container V1; C:\Program Files\Leica Microsystems CMS GmbH\Leica LAS AF Lite\DCservice\LMSDataContainerServer.exe [432984 2012-10-19] (Leica Microsystems) R2 M4-Service; C:\Users\Justin\AppData\Local\Mikogo4\Host\Service\M4-Service.exe [1008032 2013-04-29] () S3 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [305448 2009-09-10] (Egis Technology Inc.) R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () R2 Service Sendori; C:\Program Files (x86)\Sendori\Sendori.Service.exe [22304 2013-07-01] (sendori) R2 sndappv2; C:\Program Files (x86)\Sendori\sndappv2.exe [3623200 2013-07-01] (Sendori) S2 McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [x] S4 NIApplicationWebServer64; "C:\Program Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe" -user [x] S2 nidevldu; %SystemRoot%\SysWOW64\nipalsm.exe [x] ==================== Drivers (Whitelisted) ==================== R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-08-30] (AVAST Software) R1 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [19600 2012-08-21] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-08-30] (AVAST Software) R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-08-30] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-08-30] () R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-08-30] (AVAST Software) R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-08-30] (AVAST Software) R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-08-30] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [204880 2013-08-30] () R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2013-09-01] (Disc Soft Ltd) S3 NIEthernetDeviceEnumerator; C:\Windows\System32\DRIVERS\niede.sys [38064 2012-01-12] (National Instruments Corporation) S3 niufurkw; C:\Windows\System32\DRIVERS\niufurkw.sys [12496 2012-07-16] (National Instruments Corporation) S3 nixsrkw; C:\Windows\System32\DRIVERS\nixsrkw.sys [12464 2012-07-16] (National Instruments Corporation) R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com) R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com) R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com) R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com) S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-13] (Brother Industries Ltd.) S3 TVICHW32; C:\Windows\system32\DRIVERS\TVICHW32.SYS [21200 2013-03-08] (EnTech Taiwan) S3 TVICHW32; C:\Windows\system32\DRIVERS\TVICHW32.SYS [21200 2013-03-08] (EnTech Taiwan) S3 Tablet2k; "%SystemRoot%\System32\Drivers\Tablet2k.sys" [x] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-10-04 08:26 - 2013-10-04 08:26 - 00000000 ____D C:\FRST 2013-10-04 08:25 - 2013-10-04 08:25 - 01954124 _____ (Farbar) C:\Users\Justin\Desktop\FRST64.exe 2013-10-04 08:22 - 2013-10-04 08:22 - 00002893 _____ C:\Users\Justin\Desktop\threats eset.txt 2013-10-03 20:31 - 2013-10-03 20:31 - 02347384 _____ (ESET) C:\Users\Justin\Desktop\esetsmartinstaller_enu.exe 2013-10-03 20:31 - 2013-10-03 20:31 - 00000000 ____D C:\Program Files (x86)\ESET 2013-10-03 20:20 - 2013-10-03 20:21 - 01045226 _____ C:\Users\Justin\Desktop\AdwCleaner.exe 2013-10-03 20:11 - 2013-10-03 20:11 - 00002952 _____ C:\Users\Justin\Desktop\JRT.txt 2013-10-03 20:00 - 2013-10-03 20:01 - 01030305 _____ (Thisisu) C:\Users\Justin\Desktop\JRT.exe 2013-10-03 14:24 - 2013-10-03 19:58 - 00000000 ____D C:\Users\Justin\Desktop\mbar 2013-10-03 14:24 - 2013-10-03 19:58 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2013-10-03 12:48 - 2013-10-03 12:48 - 00002326 _____ C:\Users\Justin\Desktop\RKreport[0]_S_10032013_124831.txt 2013-10-03 12:45 - 2013-10-03 12:45 - 00000000 ____D C:\Windows\ERDNT 2013-10-03 12:44 - 2013-10-03 20:01 - 00000000 ____D C:\Windows\ERUNT 2013-10-03 12:44 - 2013-10-03 12:44 - 00000826 _____ C:\Users\Justin\Desktop\NTREGOPT.lnk 2013-10-03 12:44 - 2013-10-03 12:44 - 00000807 _____ C:\Users\Justin\Desktop\ERUNT.lnk 2013-10-03 12:43 - 2013-10-03 12:43 - 00791393 _____ (Lars Hederer ) C:\Users\Justin\Desktop\erunt-setup.exe 2013-10-03 12:39 - 2013-10-03 12:40 - 03980800 _____ C:\Users\Justin\Desktop\RogueKillerX64.exe 2013-10-03 12:36 - 2013-10-03 12:36 - 00017346 _____ C:\Users\Justin\Desktop\attach.txt 2013-10-03 10:52 - 2013-10-03 10:53 - 818489500 _____ C:\Users\Justin\Desktop\LightroomInstall.nrg 2013-10-03 10:26 - 2013-10-03 10:33 - 3978899612 _____ C:\Users\Justin\Desktop\PSDVD.nrg 2013-10-03 10:15 - 2013-10-03 12:36 - 00029438 _____ C:\Users\Justin\Desktop\dds.txt 2013-10-02 12:17 - 2013-10-02 12:46 - 00000000 ____D C:\Users\Justin\Desktop\RK_Quarantine 2013-10-02 12:00 - 2013-10-02 12:00 - 00688992 ____R (Swearware) C:\Users\Justin\Desktop\dds.com 2013-10-02 12:00 - 2013-10-02 12:00 - 00001113 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2013-10-02 11:58 - 2013-10-02 11:59 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Justin\Desktop\mbam-setup-1.75.0.1300.exe 2013-09-23 10:37 - 2013-09-23 10:41 - 00003624 _____ C:\Users\Justin\Desktop\Rkill.txt 2013-09-23 09:39 - 2013-09-23 09:40 - 01042066 _____ C:\Users\Justin\Downloads\adwcleaner.exe 2013-09-23 08:18 - 2013-09-23 08:18 - 00004360 _____ C:\Users\Justin\Documents\.RData 2013-09-22 12:57 - 2013-09-22 13:33 - 00885760 _____ C:\Users\Justin\Downloads\multreg.ppt 2013-09-22 12:24 - 2013-09-22 12:24 - 00000000 ____D C:\ProgramData\HP Product Assistant 2013-09-22 12:13 - 2013-09-22 12:18 - 143345472 _____ C:\Users\Justin\Downloads\DJ_SF_NonNet_Full_Win_WW_130_140.exe 2013-09-17 09:03 - 2013-09-17 09:03 - 14916216 _____ (Last.fm ) C:\Users\Justin\Downloads\Last.fm-2.1.36.exe 2013-09-16 13:28 - 2013-09-19 21:33 - 03723656 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe 2013-09-08 01:24 - 2013-09-09 02:28 - 00000000 ____D C:\Users\Justin\Desktop\September 2013-09-06 15:38 - 2013-09-06 15:38 - 00000000 ____D C:\Users\Justin\AppData\Roaming\Opera Software 2013-09-06 15:38 - 2013-09-06 15:38 - 00000000 ____D C:\Users\Justin\AppData\Local\Opera Software 2013-09-06 15:37 - 2013-09-06 15:37 - 00000000 ____D C:\Program Files (x86)\Opera 2013-09-06 15:35 - 2013-09-06 15:36 - 32093736 _____ (Opera Software ASA) C:\Users\Justin\Downloads\Opera_16.0.1196.73_Setup.exe 2013-09-04 11:57 - 2013-07-25 22:13 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2013-09-04 11:57 - 2013-07-25 22:12 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2013-09-04 11:57 - 2013-07-25 22:12 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2013-09-04 11:57 - 2013-07-25 22:12 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2013-09-04 11:57 - 2013-07-25 22:12 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2013-09-04 11:57 - 2013-07-25 22:12 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2013-09-04 11:57 - 2013-07-25 22:12 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2013-09-04 11:57 - 2013-07-25 22:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2013-09-04 11:57 - 2013-07-25 20:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2013-09-04 11:57 - 2013-07-25 20:12 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2013-09-04 11:57 - 2013-07-25 20:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2013-09-04 11:57 - 2013-07-25 20:12 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2013-09-04 11:57 - 2013-07-25 20:12 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2013-09-04 11:57 - 2013-07-25 20:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2013-09-04 11:57 - 2013-07-25 20:12 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2013-09-04 11:57 - 2013-07-25 20:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2013-09-04 11:57 - 2013-07-25 19:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2013-09-04 11:57 - 2013-07-25 19:39 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe 2013-09-04 11:57 - 2013-07-25 18:59 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2013-09-04 11:56 - 2013-07-25 22:13 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2013-09-04 11:56 - 2013-07-25 22:13 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2013-09-04 11:56 - 2013-07-25 22:12 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2013-09-04 11:56 - 2013-07-25 22:12 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2013-09-04 11:56 - 2013-07-25 22:12 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2013-09-04 11:56 - 2013-07-25 22:12 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2013-09-04 11:56 - 2013-07-25 20:13 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2013-09-04 11:56 - 2013-07-25 20:13 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2013-09-04 11:56 - 2013-07-25 20:12 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-09-04 11:56 - 2013-07-25 20:12 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2013-09-04 11:56 - 2013-07-25 20:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2013-09-04 11:56 - 2013-07-25 20:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2013-09-04 11:38 - 2013-09-04 11:44 - 00000000 ____D C:\Windows\system32\MRT 2013-09-04 11:36 - 2013-07-25 02:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL 2013-09-04 11:36 - 2013-07-25 01:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL 2013-09-04 11:35 - 2013-07-18 18:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2013-09-04 11:35 - 2013-07-18 18:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll 2013-09-04 11:35 - 2013-07-08 23:03 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2013-09-04 11:35 - 2013-07-08 22:54 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2013-09-04 11:35 - 2013-07-08 22:53 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2013-09-04 11:35 - 2013-07-08 22:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll 2013-09-04 11:35 - 2013-07-08 22:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2013-09-04 11:35 - 2013-07-08 22:46 - 01472512 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2013-09-04 11:35 - 2013-07-08 22:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll 2013-09-04 11:35 - 2013-07-08 22:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll 2013-09-04 11:35 - 2013-07-08 22:03 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2013-09-04 11:35 - 2013-07-08 22:03 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2013-09-04 11:35 - 2013-07-08 21:53 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2013-09-04 11:35 - 2013-07-08 21:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2013-09-04 11:35 - 2013-07-08 21:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll 2013-09-04 11:35 - 2013-07-08 21:52 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2013-09-04 11:35 - 2013-07-08 21:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2013-09-04 11:35 - 2013-07-08 21:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll 2013-09-04 11:35 - 2013-07-08 21:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll 2013-09-04 11:35 - 2013-07-08 19:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2013-09-04 11:35 - 2013-07-08 19:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2013-09-04 11:35 - 2013-07-08 19:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2013-09-04 11:35 - 2013-07-08 19:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2013-09-04 11:34 - 2013-06-14 21:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys 2013-09-04 11:33 - 2013-07-05 23:03 - 01910208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys ==================== One Month Modified Files and Folders ======= 2013-10-04 08:28 - 2012-11-12 12:15 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-10-04 08:26 - 2013-10-04 08:26 - 00000000 ____D C:\FRST 2013-10-04 08:25 - 2013-10-04 08:25 - 01954124 _____ (Farbar) C:\Users\Justin\Desktop\FRST64.exe 2013-10-04 08:25 - 2012-10-21 13:29 - 00000000 ___RD C:\Users\Justin\Dropbox 2013-10-04 08:22 - 2013-10-04 08:22 - 00002893 _____ C:\Users\Justin\Desktop\threats eset.txt 2013-10-04 08:21 - 2012-08-16 10:14 - 00000904 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2013-10-04 08:20 - 2013-01-14 19:55 - 00003922 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{0C5A6A24-E3D9-4693-8B7C-9176029A05CF} 2013-10-04 08:14 - 2010-01-21 17:19 - 00000918 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-350978928-1145991243-2579747793-1001UA.job 2013-10-04 03:30 - 2009-12-08 03:00 - 01972117 _____ C:\Windows\WindowsUpdate.log 2013-10-03 22:38 - 2009-07-13 21:45 - 00017600 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-10-03 22:38 - 2009-07-13 21:45 - 00017600 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-10-03 22:32 - 2013-04-06 11:11 - 00000000 ____D C:\Users\Justin\AppData\Local\HTC MediaHub 2013-10-03 22:31 - 2012-10-21 13:21 - 00000000 ____D C:\Users\Justin\AppData\Roaming\Dropbox 2013-10-03 22:31 - 2009-07-13 22:32 - 00000000 ____D C:\Windows\system32\FxsTmp 2013-10-03 22:29 - 2012-08-16 10:14 - 00000900 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2013-10-03 22:27 - 2009-11-11 22:19 - 00785936 _____ C:\Windows\PFRO.log 2013-10-03 22:27 - 2009-07-13 22:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2013-10-03 22:27 - 2009-07-13 21:51 - 00194010 _____ C:\Windows\setupact.log 2013-10-03 22:24 - 2013-09-01 20:38 - 00000000 ____D C:\AdwCleaner 2013-10-03 21:14 - 2010-01-21 17:19 - 00000866 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-350978928-1145991243-2579747793-1001Core.job 2013-10-03 20:31 - 2013-10-03 20:31 - 02347384 _____ (ESET) C:\Users\Justin\Desktop\esetsmartinstaller_enu.exe 2013-10-03 20:31 - 2013-10-03 20:31 - 00000000 ____D C:\Program Files (x86)\ESET 2013-10-03 20:21 - 2013-10-03 20:20 - 01045226 _____ C:\Users\Justin\Desktop\AdwCleaner.exe 2013-10-03 20:11 - 2013-10-03 20:11 - 00002952 _____ C:\Users\Justin\Desktop\JRT.txt 2013-10-03 20:05 - 2013-04-14 10:22 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-10-03 20:01 - 2013-10-03 20:00 - 01030305 _____ (Thisisu) C:\Users\Justin\Desktop\JRT.exe 2013-10-03 20:01 - 2013-10-03 12:44 - 00000000 ____D C:\Windows\ERUNT 2013-10-03 19:58 - 2013-10-03 14:24 - 00000000 ____D C:\Users\Justin\Desktop\mbar 2013-10-03 19:58 - 2013-10-03 14:24 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2013-10-03 12:48 - 2013-10-03 12:48 - 00002326 _____ C:\Users\Justin\Desktop\RKreport[0]_S_10032013_124831.txt 2013-10-03 12:45 - 2013-10-03 12:45 - 00000000 ____D C:\Windows\ERDNT 2013-10-03 12:44 - 2013-10-03 12:44 - 00000826 _____ C:\Users\Justin\Desktop\NTREGOPT.lnk 2013-10-03 12:44 - 2013-10-03 12:44 - 00000807 _____ C:\Users\Justin\Desktop\ERUNT.lnk 2013-10-03 12:43 - 2013-10-03 12:43 - 00791393 _____ (Lars Hederer ) C:\Users\Justin\Desktop\erunt-setup.exe 2013-10-03 12:40 - 2013-10-03 12:39 - 03980800 _____ C:\Users\Justin\Desktop\RogueKillerX64.exe 2013-10-03 12:38 - 2013-08-29 13:42 - 00000000 ____D C:\Users\Justin\AppData\Roaming\MediaMonkey 2013-10-03 12:36 - 2013-10-03 12:36 - 00017346 _____ C:\Users\Justin\Desktop\attach.txt 2013-10-03 12:36 - 2013-10-03 10:15 - 00029438 _____ C:\Users\Justin\Desktop\dds.txt 2013-10-03 10:53 - 2013-10-03 10:52 - 818489500 _____ C:\Users\Justin\Desktop\LightroomInstall.nrg 2013-10-03 10:33 - 2013-10-03 10:26 - 3978899612 _____ C:\Users\Justin\Desktop\PSDVD.nrg 2013-10-02 20:34 - 2009-07-13 22:08 - 00032546 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2013-10-02 14:38 - 2010-01-19 18:01 - 00150432 _____ C:\Users\Justin\AppData\Local\GDIPFONTCACHEV1.DAT 2013-10-02 14:26 - 2009-07-13 21:45 - 05150864 _____ C:\Windows\system32\FNTCACHE.DAT 2013-10-02 14:22 - 2010-02-07 12:52 - 00000000 ____D C:\Users\Public\Documents\EndNote 2013-10-02 14:22 - 2010-02-07 12:51 - 00000000 ____D C:\ProgramData\Thomson.ResearchSoft.Installers 2013-10-02 14:22 - 2010-02-07 12:51 - 00000000 ____D C:\Program Files (x86)\EndNote X3 2013-10-02 14:15 - 2010-02-07 12:46 - 00000000 ____D C:\Program Files\Adobe 2013-10-02 14:08 - 2010-02-07 14:48 - 00000000 ____D C:\Program Files\Common Files\Adobe 2013-10-02 14:07 - 2009-11-04 17:38 - 00000000 ____D C:\Program Files (x86)\Adobe 2013-10-02 14:02 - 2013-05-16 11:15 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe 2013-10-02 13:14 - 2010-01-21 17:13 - 00000000 ____D C:\Users\Justin\AppData\Roaming\Adobe 2013-10-02 12:46 - 2013-10-02 12:17 - 00000000 ____D C:\Users\Justin\Desktop\RK_Quarantine 2013-10-02 12:00 - 2013-10-02 12:00 - 00688992 ____R (Swearware) C:\Users\Justin\Desktop\dds.com 2013-10-02 12:00 - 2013-10-02 12:00 - 00001113 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2013-10-02 12:00 - 2013-09-01 20:50 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-10-02 11:59 - 2013-10-02 11:58 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Justin\Desktop\mbam-setup-1.75.0.1300.exe 2013-10-02 10:36 - 2010-01-24 21:29 - 00000000 ____D C:\Users\Justin\AppData\Local\Adobe 2013-10-02 08:55 - 2012-07-10 23:39 - 00004184 _____ C:\Windows\System32\Tasks\avast! Emergency Update 2013-10-01 13:27 - 2010-02-07 14:22 - 00000000 ____D C:\ProgramData\FLEXnet 2013-10-01 11:19 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\system32\NDF 2013-09-28 17:12 - 2013-06-10 09:53 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2013-09-28 17:12 - 2011-06-12 10:25 - 00000000 ____D C:\Program Files (x86)\iTunes 2013-09-27 16:15 - 2010-01-23 11:13 - 00000000 ____D C:\Users\Justin\AppData\Roaming\Mozilla 2013-09-24 12:30 - 2013-06-29 16:32 - 00000000 ____D C:\Users\Justin\Desktop\ebay 2013-09-23 10:41 - 2013-09-23 10:37 - 00003624 _____ C:\Users\Justin\Desktop\Rkill.txt 2013-09-23 09:40 - 2013-09-23 09:39 - 01042066 _____ C:\Users\Justin\Downloads\adwcleaner.exe 2013-09-23 08:18 - 2013-09-23 08:18 - 00004360 _____ C:\Users\Justin\Documents\.RData 2013-09-22 22:48 - 2009-07-13 22:13 - 00779306 _____ C:\Windows\system32\PerfStringBackup.INI 2013-09-22 13:33 - 2013-09-22 12:57 - 00885760 _____ C:\Users\Justin\Downloads\multreg.ppt 2013-09-22 12:27 - 2012-09-20 19:36 - 00163311 _____ C:\Windows\hphins15.dat 2013-09-22 12:27 - 2011-03-11 14:45 - 00013057 _____ C:\ProgramData\hpzinstall.log 2013-09-22 12:26 - 2011-03-11 14:48 - 00000000 ____D C:\ProgramData\Yahoo! Companion 2013-09-22 12:24 - 2013-09-22 12:24 - 00000000 ____D C:\ProgramData\HP Product Assistant 2013-09-22 12:24 - 2011-03-11 11:50 - 00000000 ____D C:\ProgramData\HP 2013-09-22 12:23 - 2011-03-11 14:45 - 00000000 ____D C:\Program Files (x86)\HP 2013-09-22 12:18 - 2013-09-22 12:13 - 143345472 _____ C:\Users\Justin\Downloads\DJ_SF_NonNet_Full_Win_WW_130_140.exe 2013-09-19 21:34 - 2012-11-12 12:15 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2013-09-19 21:33 - 2013-09-16 13:28 - 03723656 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe 2013-09-19 21:33 - 2012-11-12 12:15 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2013-09-19 21:33 - 2011-12-08 13:25 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2013-09-19 11:12 - 2012-09-12 09:42 - 00000000 ____D C:\Users\Justin\Desktop\Goat 2013-09-18 09:09 - 2010-01-21 18:04 - 00000000 _____ C:\Windows\SysWOW64\config.nt 2013-09-17 18:28 - 2013-02-21 23:25 - 00000000 ____D C:\Users\Justin\.BayPhotoEmerge 2013-09-17 17:51 - 2010-03-13 10:26 - 00000000 ____D C:\Users\Justin\.roescache 2013-09-17 09:10 - 2012-04-18 22:00 - 00000000 ____D C:\Program Files (x86)\Last.fm 2013-09-17 09:03 - 2013-09-17 09:03 - 14916216 _____ (Last.fm ) C:\Users\Justin\Downloads\Last.fm-2.1.36.exe 2013-09-17 01:30 - 2010-01-21 17:19 - 00000000 ____D C:\Users\Justin\AppData\Local\Deployment 2013-09-16 11:49 - 2013-08-26 14:25 - 00000000 ____D C:\Users\Justin\AppData\Roaming\RStudio 2013-09-16 11:49 - 2011-12-08 13:25 - 00000000 ____D C:\Windows\system32\Macromed 2013-09-16 11:49 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\AppCompat 2013-09-16 11:48 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\registration 2013-09-16 11:03 - 2010-01-19 18:01 - 00000000 ____D C:\Users\Justin 2013-09-15 22:07 - 2011-12-03 12:54 - 00000000 ____D C:\Users\Justin\Documents\Addresses 2013-09-09 02:28 - 2013-09-08 01:24 - 00000000 ____D C:\Users\Justin\Desktop\September 2013-09-08 10:56 - 2013-05-29 14:02 - 00001456 _____ C:\Users\Justin\AppData\Local\Adobe Save for Web 13.0 Prefs 2013-09-08 10:46 - 2013-06-21 20:01 - 00000132 _____ C:\Users\Justin\AppData\Roaming\Adobe PNG Format CS6 Prefs 2013-09-06 20:05 - 2012-11-09 10:38 - 00000000 ____D C:\ProgramData\Sendori 2013-09-06 15:38 - 2013-09-06 15:38 - 00000000 ____D C:\Users\Justin\AppData\Roaming\Opera Software 2013-09-06 15:38 - 2013-09-06 15:38 - 00000000 ____D C:\Users\Justin\AppData\Local\Opera Software 2013-09-06 15:37 - 2013-09-06 15:37 - 00000000 ____D C:\Program Files (x86)\Opera 2013-09-06 15:36 - 2013-09-06 15:35 - 32093736 _____ (Opera Software ASA) C:\Users\Justin\Downloads\Opera_16.0.1196.73_Setup.exe 2013-09-04 14:36 - 2013-01-24 14:45 - 00000000 ____D C:\Users\Justin\Desktop\MATLAB 2013-09-04 14:14 - 2013-09-01 20:30 - 00000000 ____D C:\Users\Justin\Desktop\rkill 2013-09-04 13:03 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\rescache 2013-09-04 11:46 - 2009-11-11 22:21 - 00000000 ____D C:\ProgramData\Microsoft Help 2013-09-04 11:44 - 2013-09-04 11:38 - 00000000 ____D C:\Windows\system32\MRT 2013-09-04 11:38 - 2010-01-23 10:35 - 78161360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe Files to move or delete: ==================== C:\Users\Justin\ij147-jdk6-64bit-setup.exe Some content of TEMP: ==================== C:\Users\Justin\AppData\Local\Temp\AMPing.exe C:\Users\Justin\AppData\Local\Temp\AskSLib.dll C:\Users\Justin\AppData\Local\Temp\dxwebsetup.exe C:\Users\Justin\AppData\Local\Temp\gtalkwmp1.dll C:\Users\Justin\AppData\Local\Temp\InstallManager_BAB_BAB.exe C:\Users\Justin\AppData\Local\Temp\iTunesPluginWinSetup_3.0.4.0.exe C:\Users\Justin\AppData\Local\Temp\jre-6u29-windows-i586-iftw-rv.exe C:\Users\Justin\AppData\Local\Temp\jre-6u31-windows-i586-iftw-rv.exe C:\Users\Justin\AppData\Local\Temp\jre-7u11-windows-i586-iftw.exe C:\Users\Justin\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exe C:\Users\Justin\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe C:\Users\Justin\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe C:\Users\Justin\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe C:\Users\Justin\AppData\Local\Temp\jre-7u7-windows-i586-iftw.exe C:\Users\Justin\AppData\Local\Temp\jre-7u9-windows-i586-iftw.exe C:\Users\Justin\AppData\Local\Temp\Last.fm-2.1.30.exe C:\Users\Justin\AppData\Local\Temp\MouseKeyboardCenterx64_1033.exe C:\Users\Justin\AppData\Local\Temp\MSETUP4.EXE C:\Users\Justin\AppData\Local\Temp\mssinstaller.exe C:\Users\Justin\AppData\Local\Temp\ntdll_dump.dll C:\Users\Justin\AppData\Local\Temp\primosdk.DLL C:\Users\Justin\AppData\Local\Temp\px.dll C:\Users\Justin\AppData\Local\Temp\pxafs.dll C:\Users\Justin\AppData\Local\Temp\PxCpyA64.exe C:\Users\Justin\AppData\Local\Temp\PxCpyI64.exe C:\Users\Justin\AppData\Local\Temp\pxdrv.dll C:\Users\Justin\AppData\Local\Temp\pxhpinst.exe C:\Users\Justin\AppData\Local\Temp\PxInsA64.exe C:\Users\Justin\AppData\Local\Temp\PxInsI64.exe C:\Users\Justin\AppData\Local\Temp\pxmas.dll C:\Users\Justin\AppData\Local\Temp\pxsetup.exe C:\Users\Justin\AppData\Local\Temp\pxsfs.dll C:\Users\Justin\AppData\Local\Temp\pxwave.dll C:\Users\Justin\AppData\Local\Temp\Quarantine.exe C:\Users\Justin\AppData\Local\Temp\RDVAlert.exe C:\Users\Justin\AppData\Local\Temp\SearchWithGoogleUpdate.exe C:\Users\Justin\AppData\Local\Temp\Shortcut.exe C:\Users\Justin\AppData\Local\Temp\SkypeSetup.exe C:\Users\Justin\AppData\Local\Temp\tbSwee.dll C:\Users\Justin\AppData\Local\Temp\tmp2349.exe C:\Users\Justin\AppData\Local\Temp\tmp777B.exe C:\Users\Justin\AppData\Local\Temp\tmpAC7D.exe C:\Users\Justin\AppData\Local\Temp\Uninstaller-40864.exe C:\Users\Justin\AppData\Local\Temp\US_en_Avery_AW40.exe C:\Users\Justin\AppData\Local\Temp\vcredist_x86.exe C:\Users\Justin\AppData\Local\Temp\vxblock.dll ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-10-01 10:36 ==================== End Of Log ============================
- October 4, 2013
- 27 replies
Can't resolve "Search Assist"

eNerve replied to eNerve's topic in Resolved Malware Removal Logs

C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\ffprotect\application.js.vir Win32/Conduit.SearchProtect.A application C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\ffprotect\nsprotector.js.vir Win32/Conduit.SearchProtect.A application C:\AdwCleaner\Quarantine\C\Users\Justin\AppData\Roaming\OpenCandy\8415A70E3BC3457FB995A5727DBA62C3\FastestChrome_p1v2.exe.vir a variant of Win32/OpenCandy.A application C:\AdwCleaner\Quarantine\C\Users\Justin\AppData\Roaming\OpenCandy\8415A70E3BC3457FB995A5727DBA62C3\OCBrowserHelper_1.0.3.85.dll.vir a variant of Win32/OpenCandy.A application C:\AdwCleaner\Quarantine\C\Users\Justin\AppData\Roaming\SearchProtect\ffprotect\application.js.vir Win32/Conduit.SearchProtect.A application C:\AdwCleaner\Quarantine\C\Users\Justin\AppData\Roaming\SearchProtect\ffprotect\nsprotector.js.vir Win32/Conduit.SearchProtect.A application C:\AdwCleaner\Quarantine\C\Windows\SysWOW64\ARFC\wrtc.exe.vir a variant of Win32/Toolbar.Perion.G application C:\Program Files\Registry Easy\Recoveryer.dll Win32/Adware.RegistryEasy application C:\Program Files\Registry Easy\RegEasyCleaner.exe a variant of Win32/Adware.RegistryEasy application C:\Users\Justin\AppData\Local\Temp\AskSLib.dll a variant of Win32/Bundled.Toolbar.Ask application C:\Users\Justin\Downloads\Avery Wizard 4.01 - US 20111209.exe a variant of Win32/Bundled.Toolbar.Ask application C:\Users\Justin\Downloads\SetupImgBurn_2.5.7.0 (1).exe a variant of Win32/Bundled.Toolbar.Ask application C:\Users\Justin\Downloads\SetupImgBurn_2.5.7.0.exe a variant of Win32/Bundled.Toolbar.Ask application C:\Users\Justin\Dropbox\Face to Face\Keygen\keygen.exe a variant of Win32/Keygen.DO application C:\Users\Justin\Dropbox\Face to Face\LR 4.0\keygen.exe a variant of Win32/Keygen.DO application C:\Users\Justin\Dropbox\Lab Files and Documents\Programs\Origin 8 Setup Files\OriginDownload\originlab.originpro.8.exe probably a variant of Win32/TrojanDropper.VB.MYBKIMQ trojan G:\$RECYCLE.BIN\S-1-5-21-350978928-1145991243-2579747793-1001\$RIETZ81.exe a variant of Win32/Keygen.DO application G:\$RECYCLE.BIN\S-1-5-21-350978928-1145991243-2579747793-1001\$R40038W.Keygen\Keygen-X-FORCE\Keygen-X-Force.exe Win32/Keygen.HA application G:\$RECYCLE.BIN\S-1-5-21-350978928-1145991243-2579747793-1001\$R40038W.Keygen\Keygen-X-FORCE\Disable activation\disable_activation.cmd BAT/HostsChanger.A application G:\$RECYCLE.BIN\S-1-5-21-350978928-1145991243-2579747793-1001\$RK8IW2K\keygen.exe a variant of Win32/Keygen.DO application G:\Seagate Backup\PIG\C\Program Files\Registry Easy\Recoveryer.dll Win32/Adware.RegistryEasy application G:\Seagate Backup\PIG\C\Program Files\Registry Easy\RegEasyCleaner.exe a variant of Win32/Adware.RegistryEasy application G:\Seagate Backup\PIG\C\Users\FreshOats\Downloads\registryeasy_lite.exe a variant of Win32/Adware.RegistryEasy application
- October 4, 2013
- 27 replies
Can't resolve "Search Assist"

eNerve replied to eNerve's topic in Resolved Malware Removal Logs

# AdwCleaner v3.006 - Report created 03/10/2013 at 22:23:51 # Updated 01/10/2013 by Xplode # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits) # Username : FreshOats - PIG # Running from : C:\Users\Justin\Desktop\AdwCleaner.exe # Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88} Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{EF99BD32-C1FB-11D2-892F-0090271D4F88}] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} ***** [ Browsers ] ***** -\\ Internet Explorer v10.0.9200.16660 -\\ Mozilla Firefox v20.0.1 (en-US) [ File : C:\Users\Justin\AppData\Roaming\Mozilla\Firefox\Profiles\6vfjhq0a.default\prefs.js ] [ File : C:\Users\Justin\AppData\Roaming\Mozilla\Firefox\Profiles\6vfjhq0a.default\prefs.js ] -\\ Google Chrome v [ File : C:\Users\Justin\AppData\Local\Google\Chrome\User Data\Default\preferences ] Deleted : urls_to_restore_on_startup ************************* AdwCleaner[R0].txt - [18358 octets] - [01/09/2013 20:39:08] AdwCleaner[R1].txt - [2069 octets] - [23/09/2013 09:41:24] AdwCleaner[R2].txt - [2106 octets] - [03/10/2013 20:21:31] AdwCleaner[R3].txt - [2166 octets] - [03/10/2013 22:22:21] AdwCleaner[s0].txt - [12975 octets] - [01/09/2013 20:40:36] AdwCleaner[s1].txt - [2021 octets] - [03/10/2013 22:23:51] ########## EOF - C:\AdwCleaner\AdwCleaner[s1].txt - [2081 octets] ##########
- October 4, 2013
- 27 replies
Can't resolve "Search Assist"

eNerve replied to eNerve's topic in Resolved Malware Removal Logs

# AdwCleaner v3.006 - Report created 03/10/2013 at 20:21:31 # Updated 01/10/2013 by Xplode # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits) # Username : FreshOats - PIG # Running from : C:\Users\Justin\Desktop\AdwCleaner.exe # Option : Scan ***** [ Services ] ***** ***** [ Files / Folders ] ***** ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456} Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92} Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E} Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{EF99BD32-C1FB-11D2-892F-0090271D4F88}] Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}] ***** [ Browsers ] ***** -\\ Internet Explorer v10.0.9200.16660 -\\ Mozilla Firefox v20.0.1 (en-US) [ File : C:\Users\Justin\AppData\Roaming\Mozilla\Firefox\Profiles\6vfjhq0a.default\prefs.js ] [ File : C:\Users\Justin\AppData\Roaming\Mozilla\Firefox\Profiles\6vfjhq0a.default\prefs.js ] -\\ Google Chrome v [ File : C:\Users\Justin\AppData\Local\Google\Chrome\User Data\Default\preferences ] Found : urls_to_restore_on_startup Found : urls_to_restore_on_startup Found : urls_to_restore_on_startup ************************* AdwCleaner[R0].txt - [18358 octets] - [01/09/2013 20:39:08] AdwCleaner[R1].txt - [2069 octets] - [23/09/2013 09:41:24] AdwCleaner[R2].txt - [1893 octets] - [03/10/2013 20:21:31] AdwCleaner[s0].txt - [12975 octets] - [01/09/2013 20:40:36] ########## EOF - C:\AdwCleaner\AdwCleaner[R2].txt - [2014 octets] ##########
- October 4, 2013
- 27 replies
Can't resolve "Search Assist"

eNerve replied to eNerve's topic in Resolved Malware Removal Logs

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 6.0.3 (09.27.2013:1) OS: Windows 7 Home Premium x64 Ran by FreshOats on Thu 10/03/2013 at 20:01:56.60 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values ~~~ Registry Keys Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\features\a28b4d68debaa244eb686953b7074fef Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\products\a28b4d68debaa244eb686953b7074fef Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\upgradecodes\f928123a039649549966d4c29d35b1c9 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskInstallChecker-1_RASAPI32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskInstallChecker-1_RASMANCS Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\robotaskbaricon_RASAPI32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\robotaskbaricon_RASMANCS Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskInstallChecker-1_RASAPI32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskInstallChecker-1_RASMANCS Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\robotaskbaricon_RASAPI32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\robotaskbaricon_RASMANCS Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{3BE8D8B4-93D6-4E1B-82FB-9476F62688ED} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51- 7695ECA05670} Successfully deleted: [Registry Key] "hkey_current_user\software\microsoft\internet explorer\low rights\elevationpolicy\{a5aa24ea-11b8-4113-95ae- 9ed71deaf12a}" ~~~ Files Successfully deleted: [File] "C:\Program Files (x86)\mozilla firefox\nsprotector.js" ~~~ Folders Successfully deleted: [Folder] "C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}" ~~~ FireFox Emptied folder: C:\Users\Justin\AppData\Roaming\mozilla\firefox\profiles\6vfjhq0a.default\minidumps [26 files] ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on Thu 10/03/2013 at 20:11:47.48 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
- October 4, 2013
- 27 replies
Can't resolve "Search Assist"

eNerve replied to eNerve's topic in Resolved Malware Removal Logs

Malwarebytes Anti-Rootkit BETA 1.07.0.1005 www.malwarebytes.org Database version: v2013.10.03.10 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 10.0.9200.16660 FreshOats :: PIG [administrator] 10/3/2013 4:33:09 PM mbar-log-2013-10-03 (16-33-09).txt Scan type: Quick scan Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken Scan options disabled: Objects scanned: 291587 Time elapsed: 1 hour(s), 49 minute(s), 42 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) Physical Sectors Detected: 0 (No malicious items detected) (end) --------------------------------------- Malwarebytes Anti-Rootkit BETA 1.07.0.1005 © Malwarebytes Corporation 2011-2012 OS version: 6.1.7601 Windows 7 Service Pack 1 x64 Account is Administrative Internet Explorer version: 10.0.9200.16660 File system is: NTFS Disk drives: C:\ DRIVE_FIXED, G:\ DRIVE_FIXED CPU speed: 2.127000 GHz Memory total: 3947364352, free: 1422626816 Downloaded database version: v2013.10.03.08 Downloaded database version: v2013.09.30.01 ======================================= Initializing... ------------ Kernel report ------------ 10/03/2013 14:24:50 ------------ Loaded modules ----------- \SystemRoot\system32\ntoskrnl.exe \SystemRoot\system32\hal.dll \SystemRoot\system32\kdcom.dll \SystemRoot\system32\mcupdate_GenuineIntel.dll \SystemRoot\system32\PSHED.dll \SystemRoot\system32\CLFS.SYS \SystemRoot\system32\CI.dll \SystemRoot\system32\drivers\Wdf01000.sys \SystemRoot\system32\drivers\WDFLDR.SYS \SystemRoot\system32\drivers\ACPI.sys \SystemRoot\system32\drivers\WMILIB.SYS \SystemRoot\system32\drivers\msisadrv.sys \SystemRoot\system32\drivers\pci.sys \SystemRoot\system32\drivers\vdrvroot.sys \SystemRoot\System32\drivers\partmgr.sys \SystemRoot\system32\DRIVERS\compbatt.sys \SystemRoot\system32\DRIVERS\BATTC.SYS \SystemRoot\system32\drivers\volmgr.sys \SystemRoot\System32\drivers\volmgrx.sys \SystemRoot\System32\drivers\mountmgr.sys \SystemRoot\system32\DRIVERS\iaStor.sys \SystemRoot\system32\drivers\atapi.sys \SystemRoot\system32\drivers\ataport.SYS \SystemRoot\system32\drivers\amdxata.sys \SystemRoot\system32\drivers\fltmgr.sys \SystemRoot\system32\drivers\fileinfo.sys \SystemRoot\System32\Drivers\PxHlpa64.sys \SystemRoot\System32\Drivers\Ntfs.sys \SystemRoot\System32\Drivers\msrpc.sys \SystemRoot\System32\Drivers\ksecdd.sys \SystemRoot\System32\Drivers\cng.sys \SystemRoot\System32\drivers\pcw.sys \SystemRoot\System32\Drivers\Fs_Rec.sys \SystemRoot\system32\drivers\ndis.sys \SystemRoot\system32\drivers\NETIO.SYS \SystemRoot\System32\Drivers\ksecpkg.sys \SystemRoot\System32\drivers\tcpip.sys \SystemRoot\System32\drivers\fwpkclnt.sys \SystemRoot\system32\drivers\volsnap.sys \SystemRoot\System32\Drivers\spldr.sys \SystemRoot\System32\drivers\rdyboost.sys \SystemRoot\System32\Drivers\mup.sys \SystemRoot\System32\drivers\hwpolicy.sys \SystemRoot\System32\DRIVERS\fvevol.sys \SystemRoot\system32\DRIVERS\disk.sys \SystemRoot\system32\DRIVERS\CLASSPNP.SYS \SystemRoot\System32\Drivers\aswVmm.sys \SystemRoot\System32\Drivers\aswRvrt.sys \SystemRoot\system32\DRIVERS\dtsoftbus01.sys \SystemRoot\system32\DRIVERS\cdrom.sys \SystemRoot\System32\Drivers\aswSnx.SYS \SystemRoot\system32\DRIVERS\mwlPSDFilter.sys \SystemRoot\System32\Drivers\Null.SYS \SystemRoot\System32\Drivers\Beep.SYS \SystemRoot\System32\Drivers\aswKbd.SYS \SystemRoot\System32\drivers\vga.sys \SystemRoot\System32\drivers\VIDEOPRT.SYS \SystemRoot\System32\drivers\watchdog.sys \SystemRoot\System32\DRIVERS\RDPCDD.sys \SystemRoot\system32\drivers\rdpencdd.sys \SystemRoot\system32\drivers\rdprefmp.sys \SystemRoot\System32\Drivers\Msfs.SYS \SystemRoot\System32\Drivers\Npfs.SYS \SystemRoot\system32\DRIVERS\tdx.sys \SystemRoot\system32\DRIVERS\TDI.SYS \SystemRoot\System32\Drivers\aswTdi.SYS \SystemRoot\system32\drivers\afd.sys \SystemRoot\System32\Drivers\aswrdr2.sys \SystemRoot\System32\DRIVERS\netbt.sys \SystemRoot\system32\drivers\ws2ifsl.sys \SystemRoot\system32\DRIVERS\wfplwf.sys \SystemRoot\system32\DRIVERS\pacer.sys \SystemRoot\system32\DRIVERS\vwififlt.sys \SystemRoot\system32\DRIVERS\netbios.sys \SystemRoot\system32\DRIVERS\wanarp.sys \SystemRoot\system32\drivers\termdd.sys \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS \SystemRoot\system32\DRIVERS\rdbss.sys \SystemRoot\system32\drivers\nsiproxy.sys \SystemRoot\system32\DRIVERS\mwlPSDVDisk.sys \SystemRoot\system32\DRIVERS\mwlPSDNServ.sys \SystemRoot\system32\drivers\mssmbios.sys \SystemRoot\System32\drivers\discache.sys \SystemRoot\System32\Drivers\dfsc.sys \SystemRoot\system32\DRIVERS\blbdrive.sys \SystemRoot\System32\Drivers\aswSP.SYS \SystemRoot\system32\DRIVERS\tunnel.sys \SystemRoot\system32\DRIVERS\igdkmd64.sys \SystemRoot\System32\drivers\dxgkrnl.sys \SystemRoot\System32\drivers\dxgmms1.sys \SystemRoot\system32\DRIVERS\HECIx64.sys \SystemRoot\system32\DRIVERS\usbehci.sys \SystemRoot\system32\DRIVERS\USBPORT.SYS \SystemRoot\system32\drivers\HDAudBus.sys \SystemRoot\system32\DRIVERS\k57nd60a.sys \SystemRoot\system32\DRIVERS\athrx.sys \SystemRoot\system32\DRIVERS\vwifibus.sys \SystemRoot\system32\DRIVERS\CmBatt.sys \SystemRoot\system32\drivers\i8042prt.sys \SystemRoot\SysWOW64\Drivers\DKbFltr.sys \SystemRoot\system32\DRIVERS\kbdclass.sys \SystemRoot\system32\DRIVERS\SynTP.sys \SystemRoot\system32\DRIVERS\USBD.SYS \SystemRoot\system32\DRIVERS\mouclass.sys \SystemRoot\system32\DRIVERS\Impcd.sys \SystemRoot\system32\DRIVERS\intelppm.sys \SystemRoot\system32\drivers\wmiacpi.sys \SystemRoot\system32\drivers\CompositeBus.sys \SystemRoot\system32\DRIVERS\AgileVpn.sys \SystemRoot\system32\DRIVERS\rasl2tp.sys \SystemRoot\system32\DRIVERS\ndistapi.sys \SystemRoot\system32\DRIVERS\ndiswan.sys \SystemRoot\system32\DRIVERS\raspppoe.sys \SystemRoot\system32\DRIVERS\raspptp.sys \SystemRoot\system32\DRIVERS\rassstp.sys \SystemRoot\system32\drivers\swenum.sys \SystemRoot\system32\drivers\ks.sys \SystemRoot\system32\DRIVERS\PTSimBus.sys \SystemRoot\system32\DRIVERS\umbus.sys \SystemRoot\system32\DRIVERS\usbhub.sys \SystemRoot\System32\Drivers\NDProxy.SYS \SystemRoot\system32\drivers\RTKVHD64.sys \SystemRoot\system32\drivers\portcls.sys \SystemRoot\system32\drivers\drmk.sys \SystemRoot\system32\drivers\ksthunk.sys \SystemRoot\system32\DRIVERS\agrsm64.sys \SystemRoot\system32\drivers\modem.sys \SystemRoot\system32\DRIVERS\IntcDAud.sys \SystemRoot\system32\DRIVERS\USBSTOR.SYS \SystemRoot\System32\win32k.sys \SystemRoot\System32\drivers\Dxapi.sys \SystemRoot\system32\DRIVERS\usbccgp.sys \SystemRoot\system32\DRIVERS\HIDPARSE.SYS \SystemRoot\System32\Drivers\crashdmp.sys \SystemRoot\System32\Drivers\dump_iaStor.sys \SystemRoot\System32\Drivers\dump_dumpfve.sys \SystemRoot\system32\DRIVERS\monitor.sys \SystemRoot\System32\TSDDD.dll \SystemRoot\System32\cdd.dll \SystemRoot\System32\ATMFD.DLL \SystemRoot\system32\drivers\luafv.sys \??\C:\Windows\system32\drivers\aswMonFlt.sys \SystemRoot\System32\Drivers\aswFsBlk.SYS \SystemRoot\system32\DRIVERS\lltdio.sys \SystemRoot\system32\DRIVERS\nwifi.sys \SystemRoot\system32\DRIVERS\ndisuio.sys \SystemRoot\system32\DRIVERS\rspndr.sys \SystemRoot\system32\DRIVERS\vwifimp.sys \SystemRoot\system32\drivers\HTTP.sys \SystemRoot\system32\DRIVERS\bowser.sys \SystemRoot\System32\drivers\mpsdrv.sys \SystemRoot\system32\DRIVERS\mrxsmb.sys \SystemRoot\system32\DRIVERS\mrxsmb10.sys \SystemRoot\system32\DRIVERS\mrxsmb20.sys \SystemRoot\System32\Drivers\adfs.SYS \SystemRoot\system32\drivers\peauth.sys \SystemRoot\System32\Drivers\secdrv.SYS \SystemRoot\System32\DRIVERS\srvnet.sys \SystemRoot\System32\drivers\tcpipreg.sys \SystemRoot\System32\DRIVERS\srv2.sys \SystemRoot\System32\DRIVERS\srv.sys \SystemRoot\System32\Drivers\usbvideo.sys \SystemRoot\system32\DRIVERS\hidusb.sys \SystemRoot\system32\DRIVERS\HIDCLASS.SYS \SystemRoot\system32\DRIVERS\mouhid.sys \SystemRoot\system32\DRIVERS\cdfs.sys \SystemRoot\system32\DRIVERS\asyncmac.sys \??\C:\Windows\system32\drivers\mbamchameleon.sys \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys \Windows\System32\ntdll.dll \Windows\System32\smss.exe \Windows\System32\apisetschema.dll \Windows\System32\autochk.exe \Windows\System32\ole32.dll \Windows\System32\clbcatq.dll \Windows\System32\rpcrt4.dll \Windows\System32\user32.dll \Windows\System32\gdi32.dll \Windows\System32\psapi.dll \Windows\System32\normaliz.dll \Windows\System32\lpk.dll \Windows\System32\msctf.dll \Windows\System32\difxapi.dll \Windows\System32\Wldap32.dll \Windows\System32\imagehlp.dll \Windows\System32\kernel32.dll \Windows\System32\shell32.dll \Windows\System32\usp10.dll \Windows\System32\sechost.dll \Windows\System32\advapi32.dll \Windows\System32\msvcrt.dll \Windows\System32\iertutil.dll \Windows\System32\urlmon.dll \Windows\System32\setupapi.dll \Windows\System32\comdlg32.dll \Windows\System32\nsi.dll \Windows\System32\oleaut32.dll \Windows\System32\wininet.dll \Windows\System32\shlwapi.dll \Windows\System32\imm32.dll \Windows\System32\ws2_32.dll \Windows\System32\cfgmgr32.dll \Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll \Windows\System32\KernelBase.dll \Windows\System32\comctl32.dll \Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll \Windows\System32\wintrust.dll \Windows\System32\devobj.dll \Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll \Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll \Windows\System32\crypt32.dll \Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll \Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll \Windows\System32\msasn1.dll \Windows\SysWOW64\normaliz.dll ----------- End ----------- Done! <<<1>>> Upper Device Name: \Device\Harddisk1\DR1 Upper Device Object: 0xfffffa8006851060 Upper Device Driver Name: \Driver\Disk\ Lower Device Name: \Device\00000080\ Lower Device Object: 0xfffffa8006847b60 Lower Device Driver Name: \Driver\USBSTOR\ <<<1>>> Upper Device Name: \Device\Harddisk0\DR0 Upper Device Object: 0xfffffa8004bd9060 Upper Device Driver Name: \Driver\Disk\ Lower Device Name: \Device\Ide\IAAStorageDevice-1\ Lower Device Object: 0xfffffa800494b050 Lower Device Driver Name: \Driver\iaStor\ <<<2>>> Physical Sector Size: 512 Drive: 0, DevicePointer: 0xfffffa8004bd9060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\ --------- Disk Stack ------ DevicePointer: 0xfffffa8004a69990, DeviceName: Unknown, DriverName: \Driver\partmgr\ DevicePointer: 0xfffffa8004bd9060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\ DevicePointer: 0xfffffa800494b050, DeviceName: \Device\Ide\IAAStorageDevice-1\, DriverName: \Driver\iaStor\ ------------ End ---------- Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\ Upper DeviceData: 0x0, 0x0, 0x0 Lower DeviceData: 0x0, 0x0, 0x0 <<<3>>> Volume: C: File system type: NTFS SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes <<<2>>> <<<3>>> Volume: C: File system type: NTFS SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers... <<<2>>> <<<3>>> Volume: C: File system type: NTFS SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes Done! Drive 0 Scanning MBR on drive 0... Inspecting partition table: MBR Signature: 55AA Disk Signature: 107C107C Partition information: Partition 0 type is Other (0x27) Partition is NOT ACTIVE. Partition starts at LBA: 2048 Numsec = 26624000 Partition 1 type is Primary (0x7) Partition is ACTIVE. Partition starts at LBA: 26626048 Numsec = 204800 Partition is not bootable Partition 2 type is Primary (0x7) Partition is NOT ACTIVE. Partition starts at LBA: 26830848 Numsec = 598309552 Partition 3 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Disk Size: 320072933376 bytes Sector size: 512 bytes Scanning physical sectors of unpartitioned space on drive 0 (1-2047-625122448-625142448)... Done! Physical Sector Size: 512 Drive: 1, DevicePointer: 0xfffffa8006851060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\ --------- Disk Stack ------ DevicePointer: 0xfffffa8006851b90, DeviceName: Unknown, DriverName: \Driver\partmgr\ DevicePointer: 0xfffffa8006851060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\ DevicePointer: 0xfffffa8006847b60, DeviceName: \Device\00000080\, DriverName: \Driver\USBSTOR\ ------------ End ---------- Alternate DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\ Upper DeviceData: 0x0, 0x0, 0x0 Lower DeviceData: 0x0, 0x0, 0x0 Drive 1 Scanning MBR on drive 1... Inspecting partition table: MBR Signature: 55AA Disk Signature: A4B57300 Partition information: Partition 0 type is Primary (0x7) Partition is NOT ACTIVE. Partition starts at LBA: 63 Numsec = 976768002 Partition 1 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 2 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 3 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Disk Size: 500107860992 bytes Sector size: 512 bytes Done! Scan Interrupted Scan Interrupted Scan Interrupted --------------------------------------- Malwarebytes Anti-Rootkit BETA 1.07.0.1005 © Malwarebytes Corporation 2011-2012 OS version: 6.1.7601 Windows 7 Service Pack 1 x64 Account is Administrative Internet Explorer version: 10.0.9200.16660 File system is: NTFS Disk drives: C:\ DRIVE_FIXED, G:\ DRIVE_FIXED CPU speed: 2.127000 GHz Memory total: 3947364352, free: 1160798208 Downloaded database version: v2013.10.03.09 Initializing... ====================== ------------ Kernel report ------------ 10/03/2013 15:34:20 ------------ Loaded modules ----------- \SystemRoot\system32\ntoskrnl.exe \SystemRoot\system32\hal.dll \SystemRoot\system32\kdcom.dll \SystemRoot\system32\mcupdate_GenuineIntel.dll \SystemRoot\system32\PSHED.dll \SystemRoot\system32\CLFS.SYS \SystemRoot\system32\CI.dll \SystemRoot\system32\drivers\Wdf01000.sys \SystemRoot\system32\drivers\WDFLDR.SYS \SystemRoot\system32\drivers\ACPI.sys \SystemRoot\system32\drivers\WMILIB.SYS \SystemRoot\system32\drivers\msisadrv.sys \SystemRoot\system32\drivers\pci.sys \SystemRoot\system32\drivers\vdrvroot.sys \SystemRoot\System32\drivers\partmgr.sys \SystemRoot\system32\DRIVERS\compbatt.sys \SystemRoot\system32\DRIVERS\BATTC.SYS \SystemRoot\system32\drivers\volmgr.sys \SystemRoot\System32\drivers\volmgrx.sys \SystemRoot\System32\drivers\mountmgr.sys \SystemRoot\system32\DRIVERS\iaStor.sys \SystemRoot\system32\drivers\atapi.sys \SystemRoot\system32\drivers\ataport.SYS \SystemRoot\system32\drivers\amdxata.sys \SystemRoot\system32\drivers\fltmgr.sys \SystemRoot\system32\drivers\fileinfo.sys \SystemRoot\System32\Drivers\PxHlpa64.sys \SystemRoot\System32\Drivers\Ntfs.sys \SystemRoot\System32\Drivers\msrpc.sys \SystemRoot\System32\Drivers\ksecdd.sys \SystemRoot\System32\Drivers\cng.sys \SystemRoot\System32\drivers\pcw.sys \SystemRoot\System32\Drivers\Fs_Rec.sys \SystemRoot\system32\drivers\ndis.sys \SystemRoot\system32\drivers\NETIO.SYS \SystemRoot\System32\Drivers\ksecpkg.sys \SystemRoot\System32\drivers\tcpip.sys \SystemRoot\System32\drivers\fwpkclnt.sys \SystemRoot\system32\drivers\volsnap.sys \SystemRoot\System32\Drivers\spldr.sys \SystemRoot\System32\drivers\rdyboost.sys \SystemRoot\System32\Drivers\mup.sys \SystemRoot\System32\drivers\hwpolicy.sys \SystemRoot\System32\DRIVERS\fvevol.sys \SystemRoot\system32\DRIVERS\disk.sys \SystemRoot\system32\DRIVERS\CLASSPNP.SYS \SystemRoot\System32\Drivers\aswVmm.sys \SystemRoot\System32\Drivers\aswRvrt.sys \SystemRoot\system32\DRIVERS\dtsoftbus01.sys \SystemRoot\system32\DRIVERS\cdrom.sys \SystemRoot\System32\Drivers\aswSnx.SYS \SystemRoot\system32\DRIVERS\mwlPSDFilter.sys \SystemRoot\System32\Drivers\Null.SYS \SystemRoot\System32\Drivers\Beep.SYS \SystemRoot\System32\Drivers\aswKbd.SYS \SystemRoot\System32\drivers\vga.sys \SystemRoot\System32\drivers\VIDEOPRT.SYS \SystemRoot\System32\drivers\watchdog.sys \SystemRoot\System32\DRIVERS\RDPCDD.sys \SystemRoot\system32\drivers\rdpencdd.sys \SystemRoot\system32\drivers\rdprefmp.sys \SystemRoot\System32\Drivers\Msfs.SYS \SystemRoot\System32\Drivers\Npfs.SYS \SystemRoot\system32\DRIVERS\tdx.sys \SystemRoot\system32\DRIVERS\TDI.SYS \SystemRoot\System32\Drivers\aswTdi.SYS \SystemRoot\system32\drivers\afd.sys \SystemRoot\System32\Drivers\aswrdr2.sys \SystemRoot\System32\DRIVERS\netbt.sys \SystemRoot\system32\drivers\ws2ifsl.sys \SystemRoot\system32\DRIVERS\wfplwf.sys \SystemRoot\system32\DRIVERS\pacer.sys \SystemRoot\system32\DRIVERS\vwififlt.sys \SystemRoot\system32\DRIVERS\netbios.sys \SystemRoot\system32\DRIVERS\wanarp.sys \SystemRoot\system32\drivers\termdd.sys \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS \SystemRoot\system32\DRIVERS\rdbss.sys \SystemRoot\system32\drivers\nsiproxy.sys \SystemRoot\system32\DRIVERS\mwlPSDVDisk.sys \SystemRoot\system32\DRIVERS\mwlPSDNServ.sys \SystemRoot\system32\drivers\mssmbios.sys \SystemRoot\System32\drivers\discache.sys \SystemRoot\System32\Drivers\dfsc.sys \SystemRoot\system32\DRIVERS\blbdrive.sys \SystemRoot\System32\Drivers\aswSP.SYS \SystemRoot\system32\DRIVERS\tunnel.sys \SystemRoot\system32\DRIVERS\igdkmd64.sys \SystemRoot\System32\drivers\dxgkrnl.sys \SystemRoot\System32\drivers\dxgmms1.sys \SystemRoot\system32\DRIVERS\HECIx64.sys \SystemRoot\system32\DRIVERS\usbehci.sys \SystemRoot\system32\DRIVERS\USBPORT.SYS \SystemRoot\system32\drivers\HDAudBus.sys \SystemRoot\system32\DRIVERS\k57nd60a.sys \SystemRoot\system32\DRIVERS\athrx.sys \SystemRoot\system32\DRIVERS\vwifibus.sys \SystemRoot\system32\DRIVERS\CmBatt.sys \SystemRoot\system32\drivers\i8042prt.sys \SystemRoot\SysWOW64\Drivers\DKbFltr.sys \SystemRoot\system32\DRIVERS\kbdclass.sys \SystemRoot\system32\DRIVERS\SynTP.sys \SystemRoot\system32\DRIVERS\USBD.SYS \SystemRoot\system32\DRIVERS\mouclass.sys \SystemRoot\system32\DRIVERS\Impcd.sys \SystemRoot\system32\DRIVERS\intelppm.sys \SystemRoot\system32\drivers\wmiacpi.sys \SystemRoot\system32\drivers\CompositeBus.sys \SystemRoot\system32\DRIVERS\AgileVpn.sys \SystemRoot\system32\DRIVERS\rasl2tp.sys \SystemRoot\system32\DRIVERS\ndistapi.sys \SystemRoot\system32\DRIVERS\ndiswan.sys \SystemRoot\system32\DRIVERS\raspppoe.sys \SystemRoot\system32\DRIVERS\raspptp.sys \SystemRoot\system32\DRIVERS\rassstp.sys \SystemRoot\system32\drivers\swenum.sys \SystemRoot\system32\drivers\ks.sys \SystemRoot\system32\DRIVERS\PTSimBus.sys \SystemRoot\system32\DRIVERS\umbus.sys \SystemRoot\system32\DRIVERS\usbhub.sys \SystemRoot\System32\Drivers\NDProxy.SYS \SystemRoot\system32\drivers\RTKVHD64.sys \SystemRoot\system32\drivers\portcls.sys \SystemRoot\system32\drivers\drmk.sys \SystemRoot\system32\drivers\ksthunk.sys \SystemRoot\system32\DRIVERS\agrsm64.sys \SystemRoot\system32\drivers\modem.sys \SystemRoot\system32\DRIVERS\IntcDAud.sys \SystemRoot\system32\DRIVERS\USBSTOR.SYS \SystemRoot\System32\win32k.sys \SystemRoot\System32\drivers\Dxapi.sys \SystemRoot\system32\DRIVERS\usbccgp.sys \SystemRoot\system32\DRIVERS\HIDPARSE.SYS \SystemRoot\System32\Drivers\crashdmp.sys \SystemRoot\System32\Drivers\dump_iaStor.sys \SystemRoot\System32\Drivers\dump_dumpfve.sys \SystemRoot\system32\DRIVERS\monitor.sys \SystemRoot\System32\TSDDD.dll \SystemRoot\System32\cdd.dll \SystemRoot\System32\ATMFD.DLL \SystemRoot\system32\drivers\luafv.sys \??\C:\Windows\system32\drivers\aswMonFlt.sys \SystemRoot\System32\Drivers\aswFsBlk.SYS \SystemRoot\system32\DRIVERS\lltdio.sys \SystemRoot\system32\DRIVERS\nwifi.sys \SystemRoot\system32\DRIVERS\ndisuio.sys \SystemRoot\system32\DRIVERS\rspndr.sys \SystemRoot\system32\DRIVERS\vwifimp.sys \SystemRoot\system32\drivers\HTTP.sys \SystemRoot\system32\DRIVERS\bowser.sys \SystemRoot\System32\drivers\mpsdrv.sys \SystemRoot\system32\DRIVERS\mrxsmb.sys \SystemRoot\system32\DRIVERS\mrxsmb10.sys \SystemRoot\system32\DRIVERS\mrxsmb20.sys \SystemRoot\System32\Drivers\adfs.SYS \SystemRoot\system32\drivers\peauth.sys \SystemRoot\System32\Drivers\secdrv.SYS \SystemRoot\System32\DRIVERS\srvnet.sys \SystemRoot\System32\drivers\tcpipreg.sys \SystemRoot\System32\DRIVERS\srv2.sys \SystemRoot\System32\DRIVERS\srv.sys \SystemRoot\System32\Drivers\usbvideo.sys \SystemRoot\system32\DRIVERS\hidusb.sys \SystemRoot\system32\DRIVERS\HIDCLASS.SYS \SystemRoot\system32\DRIVERS\mouhid.sys \SystemRoot\system32\DRIVERS\cdfs.sys \SystemRoot\system32\DRIVERS\asyncmac.sys \??\C:\Windows\system32\drivers\mbamchameleon.sys \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys \Windows\System32\ntdll.dll \Windows\System32\smss.exe \Windows\System32\apisetschema.dll \Windows\System32\autochk.exe \Windows\System32\ole32.dll \Windows\System32\clbcatq.dll \Windows\System32\rpcrt4.dll \Windows\System32\user32.dll \Windows\System32\gdi32.dll \Windows\System32\psapi.dll \Windows\System32\normaliz.dll \Windows\System32\lpk.dll \Windows\System32\msctf.dll \Windows\System32\difxapi.dll \Windows\System32\Wldap32.dll \Windows\System32\imagehlp.dll \Windows\System32\kernel32.dll \Windows\System32\shell32.dll \Windows\System32\usp10.dll \Windows\System32\sechost.dll \Windows\System32\advapi32.dll \Windows\System32\msvcrt.dll \Windows\System32\iertutil.dll \Windows\System32\urlmon.dll \Windows\System32\setupapi.dll \Windows\System32\comdlg32.dll \Windows\System32\nsi.dll \Windows\System32\oleaut32.dll \Windows\System32\wininet.dll \Windows\System32\shlwapi.dll \Windows\System32\imm32.dll \Windows\System32\ws2_32.dll \Windows\System32\cfgmgr32.dll \Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll \Windows\System32\KernelBase.dll \Windows\System32\comctl32.dll \Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll \Windows\System32\wintrust.dll \Windows\System32\devobj.dll \Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll \Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll \Windows\System32\crypt32.dll \Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll \Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll \Windows\System32\msasn1.dll \Windows\SysWOW64\normaliz.dll ----------- End ----------- Done! <<<1>>> Upper Device Name: \Device\Harddisk1\DR1 Upper Device Object: 0xfffffa8006851060 Upper Device Driver Name: \Driver\Disk\ Lower Device Name: \Device\00000080\ Lower Device Object: 0xfffffa8006847b60 Lower Device Driver Name: \Driver\USBSTOR\ <<<1>>> Upper Device Name: \Device\Harddisk0\DR0 Upper Device Object: 0xfffffa8004bd9060 Upper Device Driver Name: \Driver\Disk\ Lower Device Name: \Device\Ide\IAAStorageDevice-1\ Lower Device Object: 0xfffffa800494b050 Lower Device Driver Name: \Driver\iaStor\ <<<2>>> Physical Sector Size: 512 Drive: 0, DevicePointer: 0xfffffa8004bd9060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\ --------- Disk Stack ------ DevicePointer: 0xfffffa8004a69990, DeviceName: Unknown, DriverName: \Driver\partmgr\ DevicePointer: 0xfffffa8004bd9060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\ DevicePointer: 0xfffffa800494b050, DeviceName: \Device\Ide\IAAStorageDevice-1\, DriverName: \Driver\iaStor\ ------------ End ---------- Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\ Upper DeviceData: 0x0, 0x0, 0x0 Lower DeviceData: 0x0, 0x0, 0x0 <<<3>>> Volume: C: File system type: NTFS SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes <<<2>>> <<<3>>> Volume: C: File system type: NTFS SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers... <<<2>>> <<<3>>> Volume: C: File system type: NTFS SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes Done! Drive 0 Scanning MBR on drive 0... Inspecting partition table: MBR Signature: 55AA Disk Signature: 107C107C Partition information: Partition 0 type is Other (0x27) Partition is NOT ACTIVE. Partition starts at LBA: 2048 Numsec = 26624000 Partition 1 type is Primary (0x7) Partition is ACTIVE. Partition starts at LBA: 26626048 Numsec = 204800 Partition is not bootable Partition 2 type is Primary (0x7) Partition is NOT ACTIVE. Partition starts at LBA: 26830848 Numsec = 598309552 Partition 3 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Disk Size: 320072933376 bytes Sector size: 512 bytes Scanning physical sectors of unpartitioned space on drive 0 (1-2047-625122448-625142448)... Done! Physical Sector Size: 512 Drive: 1, DevicePointer: 0xfffffa8006851060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\ --------- Disk Stack ------ DevicePointer: 0xfffffa8006851b90, DeviceName: Unknown, DriverName: \Driver\partmgr\ DevicePointer: 0xfffffa8006851060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\ DevicePointer: 0xfffffa8006847b60, DeviceName: \Device\00000080\, DriverName: \Driver\USBSTOR\ ------------ End ---------- Alternate DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\ Upper DeviceData: 0x0, 0x0, 0x0 Lower DeviceData: 0x0, 0x0, 0x0 Drive 1 Scanning MBR on drive 1... Inspecting partition table: MBR Signature: 55AA Disk Signature: A4B57300 Partition information: Partition 0 type is Primary (0x7) Partition is NOT ACTIVE. Partition starts at LBA: 63 Numsec = 976768002 Partition 1 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 2 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 3 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Disk Size: 500107860992 bytes Sector size: 512 bytes Done! Scan Interrupted Scan Interrupted --------------------------------------- Malwarebytes Anti-Rootkit BETA 1.07.0.1005 © Malwarebytes Corporation 2011-2012 OS version: 6.1.7601 Windows 7 Service Pack 1 x64 Account is Administrative Internet Explorer version: 10.0.9200.16660 File system is: NTFS Disk drives: C:\ DRIVE_FIXED, G:\ DRIVE_FIXED CPU speed: 2.127000 GHz Memory total: 3947364352, free: 1050185728 Downloaded database version: v2013.10.03.10 ======================================= Initializing... ------------ Kernel report ------------ 10/03/2013 16:33:03 ------------ Loaded modules ----------- \SystemRoot\system32\ntoskrnl.exe \SystemRoot\system32\hal.dll \SystemRoot\system32\kdcom.dll \SystemRoot\system32\mcupdate_GenuineIntel.dll \SystemRoot\system32\PSHED.dll \SystemRoot\system32\CLFS.SYS \SystemRoot\system32\CI.dll \SystemRoot\system32\drivers\Wdf01000.sys \SystemRoot\system32\drivers\WDFLDR.SYS \SystemRoot\system32\drivers\ACPI.sys \SystemRoot\system32\drivers\WMILIB.SYS \SystemRoot\system32\drivers\msisadrv.sys \SystemRoot\system32\drivers\pci.sys \SystemRoot\system32\drivers\vdrvroot.sys \SystemRoot\System32\drivers\partmgr.sys \SystemRoot\system32\DRIVERS\compbatt.sys \SystemRoot\system32\DRIVERS\BATTC.SYS \SystemRoot\system32\drivers\volmgr.sys \SystemRoot\System32\drivers\volmgrx.sys \SystemRoot\System32\drivers\mountmgr.sys \SystemRoot\system32\DRIVERS\iaStor.sys \SystemRoot\system32\drivers\atapi.sys \SystemRoot\system32\drivers\ataport.SYS \SystemRoot\system32\drivers\amdxata.sys \SystemRoot\system32\drivers\fltmgr.sys \SystemRoot\system32\drivers\fileinfo.sys \SystemRoot\System32\Drivers\PxHlpa64.sys \SystemRoot\System32\Drivers\Ntfs.sys \SystemRoot\System32\Drivers\msrpc.sys \SystemRoot\System32\Drivers\ksecdd.sys \SystemRoot\System32\Drivers\cng.sys \SystemRoot\System32\drivers\pcw.sys \SystemRoot\System32\Drivers\Fs_Rec.sys \SystemRoot\system32\drivers\ndis.sys \SystemRoot\system32\drivers\NETIO.SYS \SystemRoot\System32\Drivers\ksecpkg.sys \SystemRoot\System32\drivers\tcpip.sys \SystemRoot\System32\drivers\fwpkclnt.sys \SystemRoot\system32\drivers\volsnap.sys \SystemRoot\System32\Drivers\spldr.sys \SystemRoot\System32\drivers\rdyboost.sys \SystemRoot\System32\Drivers\mup.sys \SystemRoot\System32\drivers\hwpolicy.sys \SystemRoot\System32\DRIVERS\fvevol.sys \SystemRoot\system32\DRIVERS\disk.sys \SystemRoot\system32\DRIVERS\CLASSPNP.SYS \SystemRoot\System32\Drivers\aswVmm.sys \SystemRoot\System32\Drivers\aswRvrt.sys \SystemRoot\system32\DRIVERS\dtsoftbus01.sys \SystemRoot\system32\DRIVERS\cdrom.sys \SystemRoot\System32\Drivers\aswSnx.SYS \SystemRoot\system32\DRIVERS\mwlPSDFilter.sys \SystemRoot\System32\Drivers\Null.SYS \SystemRoot\System32\Drivers\Beep.SYS \SystemRoot\System32\Drivers\aswKbd.SYS \SystemRoot\System32\drivers\vga.sys \SystemRoot\System32\drivers\VIDEOPRT.SYS \SystemRoot\System32\drivers\watchdog.sys \SystemRoot\System32\DRIVERS\RDPCDD.sys \SystemRoot\system32\drivers\rdpencdd.sys \SystemRoot\system32\drivers\rdprefmp.sys \SystemRoot\System32\Drivers\Msfs.SYS \SystemRoot\System32\Drivers\Npfs.SYS \SystemRoot\system32\DRIVERS\tdx.sys \SystemRoot\system32\DRIVERS\TDI.SYS \SystemRoot\System32\Drivers\aswTdi.SYS \SystemRoot\system32\drivers\afd.sys \SystemRoot\System32\Drivers\aswrdr2.sys \SystemRoot\System32\DRIVERS\netbt.sys \SystemRoot\system32\drivers\ws2ifsl.sys \SystemRoot\system32\DRIVERS\wfplwf.sys \SystemRoot\system32\DRIVERS\pacer.sys \SystemRoot\system32\DRIVERS\vwififlt.sys \SystemRoot\system32\DRIVERS\netbios.sys \SystemRoot\system32\DRIVERS\wanarp.sys \SystemRoot\system32\drivers\termdd.sys \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS \SystemRoot\system32\DRIVERS\rdbss.sys \SystemRoot\system32\drivers\nsiproxy.sys \SystemRoot\system32\DRIVERS\mwlPSDVDisk.sys \SystemRoot\system32\DRIVERS\mwlPSDNServ.sys \SystemRoot\system32\drivers\mssmbios.sys \SystemRoot\System32\drivers\discache.sys \SystemRoot\System32\Drivers\dfsc.sys \SystemRoot\system32\DRIVERS\blbdrive.sys \SystemRoot\System32\Drivers\aswSP.SYS \SystemRoot\system32\DRIVERS\tunnel.sys \SystemRoot\system32\DRIVERS\igdkmd64.sys \SystemRoot\System32\drivers\dxgkrnl.sys \SystemRoot\System32\drivers\dxgmms1.sys \SystemRoot\system32\DRIVERS\HECIx64.sys \SystemRoot\system32\DRIVERS\usbehci.sys \SystemRoot\system32\DRIVERS\USBPORT.SYS \SystemRoot\system32\drivers\HDAudBus.sys \SystemRoot\system32\DRIVERS\k57nd60a.sys \SystemRoot\system32\DRIVERS\athrx.sys \SystemRoot\system32\DRIVERS\vwifibus.sys \SystemRoot\system32\DRIVERS\CmBatt.sys \SystemRoot\system32\drivers\i8042prt.sys \SystemRoot\SysWOW64\Drivers\DKbFltr.sys \SystemRoot\system32\DRIVERS\kbdclass.sys \SystemRoot\system32\DRIVERS\SynTP.sys \SystemRoot\system32\DRIVERS\USBD.SYS \SystemRoot\system32\DRIVERS\mouclass.sys \SystemRoot\system32\DRIVERS\Impcd.sys \SystemRoot\system32\DRIVERS\intelppm.sys \SystemRoot\system32\drivers\wmiacpi.sys \SystemRoot\system32\drivers\CompositeBus.sys \SystemRoot\system32\DRIVERS\AgileVpn.sys \SystemRoot\system32\DRIVERS\rasl2tp.sys \SystemRoot\system32\DRIVERS\ndistapi.sys \SystemRoot\system32\DRIVERS\ndiswan.sys \SystemRoot\system32\DRIVERS\raspppoe.sys \SystemRoot\system32\DRIVERS\raspptp.sys \SystemRoot\system32\DRIVERS\rassstp.sys \SystemRoot\system32\drivers\swenum.sys \SystemRoot\system32\drivers\ks.sys \SystemRoot\system32\DRIVERS\PTSimBus.sys \SystemRoot\system32\DRIVERS\umbus.sys \SystemRoot\system32\DRIVERS\usbhub.sys \SystemRoot\System32\Drivers\NDProxy.SYS \SystemRoot\system32\drivers\RTKVHD64.sys \SystemRoot\system32\drivers\portcls.sys \SystemRoot\system32\drivers\drmk.sys \SystemRoot\system32\drivers\ksthunk.sys \SystemRoot\system32\DRIVERS\agrsm64.sys \SystemRoot\system32\drivers\modem.sys \SystemRoot\system32\DRIVERS\IntcDAud.sys \SystemRoot\system32\DRIVERS\USBSTOR.SYS \SystemRoot\System32\win32k.sys \SystemRoot\System32\drivers\Dxapi.sys \SystemRoot\system32\DRIVERS\usbccgp.sys \SystemRoot\system32\DRIVERS\HIDPARSE.SYS \SystemRoot\System32\Drivers\crashdmp.sys \SystemRoot\System32\Drivers\dump_iaStor.sys \SystemRoot\System32\Drivers\dump_dumpfve.sys \SystemRoot\system32\DRIVERS\monitor.sys \SystemRoot\System32\TSDDD.dll \SystemRoot\System32\cdd.dll \SystemRoot\System32\ATMFD.DLL \SystemRoot\system32\drivers\luafv.sys \??\C:\Windows\system32\drivers\aswMonFlt.sys \SystemRoot\System32\Drivers\aswFsBlk.SYS \SystemRoot\system32\DRIVERS\lltdio.sys \SystemRoot\system32\DRIVERS\nwifi.sys \SystemRoot\system32\DRIVERS\ndisuio.sys \SystemRoot\system32\DRIVERS\rspndr.sys \SystemRoot\system32\DRIVERS\vwifimp.sys \SystemRoot\system32\drivers\HTTP.sys \SystemRoot\system32\DRIVERS\bowser.sys \SystemRoot\System32\drivers\mpsdrv.sys \SystemRoot\system32\DRIVERS\mrxsmb.sys \SystemRoot\system32\DRIVERS\mrxsmb10.sys \SystemRoot\system32\DRIVERS\mrxsmb20.sys \SystemRoot\System32\Drivers\adfs.SYS \SystemRoot\system32\drivers\peauth.sys \SystemRoot\System32\Drivers\secdrv.SYS \SystemRoot\System32\DRIVERS\srvnet.sys \SystemRoot\System32\drivers\tcpipreg.sys \SystemRoot\System32\DRIVERS\srv2.sys \SystemRoot\System32\DRIVERS\srv.sys \SystemRoot\System32\Drivers\usbvideo.sys \SystemRoot\system32\DRIVERS\hidusb.sys \SystemRoot\system32\DRIVERS\HIDCLASS.SYS \SystemRoot\system32\DRIVERS\mouhid.sys \SystemRoot\system32\DRIVERS\cdfs.sys \SystemRoot\system32\DRIVERS\asyncmac.sys \??\C:\Windows\system32\drivers\mbamchameleon.sys \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys \Windows\System32\ntdll.dll \Windows\System32\smss.exe \Windows\System32\apisetschema.dll \Windows\System32\autochk.exe \Windows\System32\ole32.dll \Windows\System32\clbcatq.dll \Windows\System32\rpcrt4.dll \Windows\System32\user32.dll \Windows\System32\gdi32.dll \Windows\System32\psapi.dll \Windows\System32\normaliz.dll \Windows\System32\lpk.dll \Windows\System32\msctf.dll \Windows\System32\difxapi.dll \Windows\System32\Wldap32.dll \Windows\System32\imagehlp.dll \Windows\System32\kernel32.dll \Windows\System32\shell32.dll \Windows\System32\usp10.dll \Windows\System32\sechost.dll \Windows\System32\advapi32.dll \Windows\System32\msvcrt.dll \Windows\System32\iertutil.dll \Windows\System32\urlmon.dll \Windows\System32\setupapi.dll \Windows\System32\comdlg32.dll \Windows\System32\nsi.dll \Windows\System32\oleaut32.dll \Windows\System32\wininet.dll \Windows\System32\shlwapi.dll \Windows\System32\imm32.dll \Windows\System32\ws2_32.dll \Windows\System32\cfgmgr32.dll \Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll \Windows\System32\KernelBase.dll \Windows\System32\comctl32.dll \Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll \Windows\System32\wintrust.dll \Windows\System32\devobj.dll \Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll \Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll \Windows\System32\crypt32.dll \Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll \Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll \Windows\System32\msasn1.dll \Windows\SysWOW64\normaliz.dll ----------- End ----------- Done! <<<1>>> Upper Device Name: \Device\Harddisk1\DR1 Upper Device Object: 0xfffffa8006851060 Upper Device Driver Name: \Driver\Disk\ Lower Device Name: \Device\00000080\ Lower Device Object: 0xfffffa8006847b60 Lower Device Driver Name: \Driver\USBSTOR\ <<<1>>> Upper Device Name: \Device\Harddisk0\DR0 Upper Device Object: 0xfffffa8004bd9060 Upper Device Driver Name: \Driver\Disk\ Lower Device Name: \Device\Ide\IAAStorageDevice-1\ Lower Device Object: 0xfffffa800494b050 Lower Device Driver Name: \Driver\iaStor\ <<<2>>> Physical Sector Size: 512 Drive: 0, DevicePointer: 0xfffffa8004bd9060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\ --------- Disk Stack ------ DevicePointer: 0xfffffa8004a69990, DeviceName: Unknown, DriverName: \Driver\partmgr\ DevicePointer: 0xfffffa8004bd9060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\ DevicePointer: 0xfffffa800494b050, DeviceName: \Device\Ide\IAAStorageDevice-1\, DriverName: \Driver\iaStor\ ------------ End ---------- Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\ Upper DeviceData: 0x0, 0x0, 0x0 Lower DeviceData: 0x0, 0x0, 0x0 <<<3>>> Volume: C: File system type: NTFS SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes <<<2>>> <<<3>>> Volume: C: File system type: NTFS SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers... <<<2>>> <<<3>>> Volume: C: File system type: NTFS SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes Done! Drive 0 Scanning MBR on drive 0... Inspecting partition table: MBR Signature: 55AA Disk Signature: 107C107C Partition information: Partition 0 type is Other (0x27) Partition is NOT ACTIVE. Partition starts at LBA: 2048 Numsec = 26624000 Partition 1 type is Primary (0x7) Partition is ACTIVE. Partition starts at LBA: 26626048 Numsec = 204800 Partition is not bootable Partition 2 type is Primary (0x7) Partition is NOT ACTIVE. Partition starts at LBA: 26830848 Numsec = 598309552 Partition 3 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Disk Size: 320072933376 bytes Sector size: 512 bytes Scanning physical sectors of unpartitioned space on drive 0 (1-2047-625122448-625142448)... Done! Physical Sector Size: 512 Drive: 1, DevicePointer: 0xfffffa8006851060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\ --------- Disk Stack ------ DevicePointer: 0xfffffa8006851b90, DeviceName: Unknown, DriverName: \Driver\partmgr\ DevicePointer: 0xfffffa8006851060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\ DevicePointer: 0xfffffa8006847b60, DeviceName: \Device\00000080\, DriverName: \Driver\USBSTOR\ ------------ End ---------- Alternate DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\ Upper DeviceData: 0x0, 0x0, 0x0 Lower DeviceData: 0x0, 0x0, 0x0 Drive 1 Scanning MBR on drive 1... Inspecting partition table: MBR Signature: 55AA Disk Signature: A4B57300 Partition information: Partition 0 type is Primary (0x7) Partition is NOT ACTIVE. Partition starts at LBA: 63 Numsec = 976768002 Partition 1 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 2 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 3 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Disk Size: 500107860992 bytes Sector size: 512 bytes Done! Scan finished ======================================= Removal queue found; removal started Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR_0_i.mbam... Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\Bootstrap_0_1_26626048_i.mbam... Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR_0_r.mbam... Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR_1_i.mbam... Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR_1_r.mbam... Removal finished
- October 4, 2013
- 27 replies
Can't resolve "Search Assist"

eNerve replied to eNerve's topic in Resolved Malware Removal Logs

RogueKiller V8.7.1 _x64_ [Oct 3 2013] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : http://www.adlice.com/forum/ Website : http://www.adlice.com/softwares/roguekiller/ Blog : http://tigzyrk.blogspot.com/ Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Normal mode User : FreshOats [Admin rights] Mode : Scan -- Date : 10/03/2013 12:48:31 | ARK || FAK || MBR | ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 4 ¤¤¤ [RUN][sUSP PATH] HKCU\[...]\Run : googletalk (C:\Users\FreshOats\AppData\Roaming\Google\Google Talk\googletalk.exe /autostart [x][x]) -> FOUND [RUN][sUSP PATH] HKUS\S-1-5-21-350978928-1145991243-2579747793-1001\[...]\Run : googletalk (C:\Users\FreshOats\AppData\Roaming\Google\Google Talk \googletalk.exe /autostart [x][x]) -> FOUND [HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Scheduled tasks : 0 ¤¤¤ ¤¤¤ Startup Entries : 0 ¤¤¤ ¤¤¤ Web browsers : 0 ¤¤¤ ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤ ¤¤¤ External Hives: ¤¤¤ ¤¤¤ Infection : ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> %SystemRoot%\System32\drivers\etc\hosts ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) (Standard disk drives) - Hitachi HTS545032B9A300 +++++ --- User --- [MBR] 025d360518a50ea344f797455574d582 [bSP] 22853227433866bad50ce6e3ef4b78b7 : Windows Vista MBR Code Partition table: 0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 13000 Mo 1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 26626048 | Size: 100 Mo 2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 26830848 | Size: 292143 Mo User = LL1 ... OK! User = LL2 ... OK! +++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ USB) (Standard disk drives) - Seagate FreeAgent Go USB Device +++++ --- User --- [MBR] efaae474bf56cd39e5d0462ccb81c6e6 [bSP] 5cab7fac78b6fe5301595cea6da44b25 : Empty MBR Code Partition table: 0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 476937 Mo User = LL1 ... OK! Error reading LL2 MBR! Finished : << RKreport[0]_S_10032013_124831.txt >>
- October 3, 2013
- 27 replies
Can't resolve "Search Assist"

eNerve posted a topic in Resolved Malware Removal Logs

DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 10.0.9200.16660 BrowserJavaVersion: 10.25.2 Run by FreshOats at 12:35:29 on 2013-10-03 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3764.1265 [GMT -7:00] . AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files\Alwil Software\Avast5\AvastSvc.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files\LSI SoftModem\agr64svc.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe C:\Program Files (x86)\Acer\Registration\GregHSRW.exe C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE C:\Program Files\Acer\Acer Updater\UpdaterService.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe C:\Users\Justin\AppData\Local\Mikogo4\Host\Service\M4-Service.exe C:\Users\Justin\AppData\Local\Mikogo4\Host\Service\M4-Capture.exe C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\Program Files (x86)\Sendori\sndappv2.exe C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted C:\Program Files\Acer\Acer Updater\UpdaterService.exe C:\Windows\System32\svchost.exe -k secsvcs C:\Windows\System32\Drivers\WTSRV.EXE C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files (x86)\Sendori\SendoriSvc.exe C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files (x86)\Sendori\SendoriUp.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler.exe C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler64.exe C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe C:\Program Files (x86)\Nero\Update\NASvc.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe C:\Program Files (x86)\Sendori\Sendori.Service.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Windows\PLFSetI.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe C:\Windows\system32\igfxext.exe C:\Windows\system32\igfxsrvc.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Users\Justin\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Users\Justin\AppData\Local\Google\Update\1.3.21.153\GoogleCrashHandler.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files (x86)\Launch Manager\LManager.exe C:\Users\Justin\AppData\Local\Google\Update\1.3.21.153\GoogleCrashHandler64.exe C:\Windows\SysWOW64\WTClient.exe C:\Program Files\Alwil Software\Avast5\AvastUI.exe C:\Windows\system32\wuauclt.exe C:\Program Files (x86)\Sendori\SendoriTray.exe C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Users\Justin\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe C:\Program Files (x86)\MediaMonkey\MediaMonkey.exe C:\Users\Justin\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Justin\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Justin\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Justin\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Justin\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Justin\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Justin\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Justin\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Justin\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe C:\Users\Justin\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Justin\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE C:\Windows\splwow64.exe C:\Windows\system32\taskeng.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . uWindow Title = Internet Explorer, enhanced for Bing and MSN uURLSearchHooks: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll mWinlogon: Userinit = userinit.exe, BHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned> BHO: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: MSN Toolbar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0417.0\npwinext.dll BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll BHO: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll TB: MSN Toolbar: {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0417.0\npwinext.dll TB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll uRun: [googletalk] C:\Users\FreshOats\AppData\Roaming\Google\Google Talk\googletalk.exe /autostart uRun: [4AA5D9FA8B43745BB2EAD1E788698E8441A23DBA._service_run] "C:\Users\FreshOats\AppData\Local\Google\Chrome\Application\chrome.exe" --type=service uRun: [D3CA26BDF1EEC0308B736E98B1ACDCED782D77FF._service_run] "C:\Users\Justin\AppData\Local\Google\Chrome\Application\chrome.exe" --type=service uRun: [AdobeBridge] <no file> mRun: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe mRun: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [WTClient] WTClient.exe mRun: [avast] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui mRun: [sendori Tray] "C:\Program Files (x86)\Sendori\SendoriTray.exe" mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe StartupFolder: C:\Users\Justin\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Justin\AppData\Roaming\Dropbox\bin\Dropbox.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 mPolicies-System: PromptOnSecureDesktop = dword:0 IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200 IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll LSP: C:\Windows\System32\Sendori.dll Trusted Zone: clonewarsadventures.com Trusted Zone: freerealms.com Trusted Zone: soe.com Trusted Zone: sony.com TCP: NameServer = 132.239.0.252 132.239.0.250 TCP: Interfaces\{079E895E-A34A-44CA-AB30-B5385D4D0B79} : DHCPNameServer = 192.168.1.254 TCP: Interfaces\{653E5F10-D724-4359-9865-AA1F5127D99E} : NameServer = 192.168.42.129 TCP: Interfaces\{653E5F10-D724-4359-9865-AA1F5127D99E} : DHCPNameServer = 192.168.42.129 TCP: Interfaces\{A299C7D6-6A7F-4DE9-889A-321C37E8BE34} : DHCPNameServer = 132.239.0.252 132.239.0.250 TCP: Interfaces\{A299C7D6-6A7F-4DE9-889A-321C37E8BE34}\2375942554837353 : DHCPNameServer = 192.168.1.254 TCP: Interfaces\{A299C7D6-6A7F-4DE9-889A-321C37E8BE34}\2456C6D6F4 : DHCPNameServer = 192.168.2.1 TCP: Interfaces\{BEAF8B28-493A-4EEC-986D-D78A4F063FF4} : NameServer = 192.168.42.129 TCP: Interfaces\{BEAF8B28-493A-4EEC-986D-D78A4F063FF4} : DHCPNameServer = 192.168.42.129 Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll SSODL: WebCheck - <orphaned> SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll x64-BHO: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll x64-BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll x64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll x64-Run: [iAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s x64-Run: [PLFSetI] C:\Windows\PLFSetI.exe x64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe x64-Run: [Acer ePower Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe x64-Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe /logon x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned> x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned> x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned> x64-Notify: igfxcui - igfxdev.dll x64-SSODL: WebCheck - <orphaned> . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Justin\AppData\Roaming\Mozilla\Firefox\Profiles\6vfjhq0a.default\ FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0417.0\npwinext.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\Users\Justin\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll FF - plugin: C:\Users\Justin\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll FF - plugin: C:\Users\Justin\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll FF - plugin: C:\Users\Justin\AppData\Roaming\Mozilla\plugins\npo1d.dll FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll FF - plugin: C:\Windows\SysWOW64\npmproxy.dll FF - ExtSQL: 2013-09-22 12:24; smartwebprinting@hp.com; C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF - ExtSQL: 2013-10-02 10:38; {AE93811A-5C9A-4d34-8462-F7B864FC4696}; C:\Users\Justin\AppData\Roaming\Mozilla\Firefox\Profiles\6vfjhq0a.default\extensions\{AE93811A- 5C9A-4d34-8462-F7B864FC4696}.xpi FF - ExtSQL: !HIDDEN! 2013-09-22 12:24; smartwebprinting@hp.com; C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 . ============= SERVICES / DRIVERS =============== . R0 aswRvrt;aswRvrt;C:\Windows\System32\drivers\aswRvrt.sys [2013-3-17 65336] R0 aswVmm;aswVmm;C:\Windows\System32\drivers\aswVmm.sys [2013-3-17 204880] R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2010-2-7 55024] R1 aswKbd;aswKbd;C:\Windows\System32\drivers\aswKbd.sys [2012-8-27 19600] R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2011-3-23 1030952] R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2010-1-21 378944] R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2013-9-1 283064] R1 mwlPSDFilter;mwlPSDFilter;C:\Windows\System32\drivers\mwlPSDFilter.sys [2009-6-2 22576] R1 mwlPSDNServ;mwlPSDNServ;C:\Windows\System32\drivers\mwlPSDNserv.sys [2009-6-2 20016] R1 mwlPSDVDisk;mwlPSDVDisk;C:\Windows\System32\drivers\mwlPSDVDisk.sys [2009-6-2 60464] R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928] R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368] R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2011-8-11 140672] R2 AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8;C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe [2009-9-6 169312] R2 Application Sendori;Application Sendori;C:\Program Files (x86)\Sendori\SendoriSvc.exe [2013-7-1 119072] R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2010-1-21 33400] R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2010-1-21 80816] R2 avast! Antivirus;avast! Antivirus;C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2013-9-18 46808] R2 ePowerSvc;Acer ePower Service;C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2009-12-8 844320] R2 FreeAgentGoNext Service;Seagate Service;C:\Program Files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe [2009-9-25 189736] R2 Greg_Service;GRegService;C:\Program Files (x86)\Acer\Registration\GregHSRW.exe [2009-8-28 1150496] R2 HTCMonitorService;HTCMonitorService;C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [2013-1-29 87368] R2 IntuitUpdateServiceV4;Intuit Update Service v4;C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe [2012-8-23 13672] R2 Live Updater Service;Live Updater Service;C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2009-11-4 255376] R2 M4-Service;M4-Service;C:\Users\Justin\AppData\Local\Mikogo4\Host\Service\M4-Service.exe [2013-4-29 1008032] R2 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2010-2-18 462632] R2 NTI IScheduleSvc;NTI IScheduleSvc;C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2009-9-24 62720] R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2009-6-17 144640] R2 PassThru Service;Internet Pass-Through Service;C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2013-4-6 167424] R2 Service Sendori;Service Sendori;C:\Program Files (x86)\Sendori\Sendori.Service.exe [2013-7-1 22304] R2 sndappv2;sndappv2;C:\Program Files (x86)\Sendori\sndappv2.exe [2013-7-1 3623200] R2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2009-11-4 2320920] R2 Updater Service;Updater Service;C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2009-11-4 255376] R3 HECIx64;Intel® Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2009-11-4 56344] R3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2009-12-8 151936] R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2009-12-8 244736] R3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;C:\Windows\System32\drivers\k57nd60a.sys [2009-8-6 320040] R3 PTSimBus;PenTablet Bus Enumerator;C:\Windows\System32\drivers\PTSimBus.sys [2009-6-18 27304] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-9-1 418376] S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-9-1 701512] S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe --> c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [?] S2 nidevldu;NI Device Loader;C:\Windows\SysWOW64\nipalsm.exe --> C:\Windows\SysWOW64\nipalsm.exe [?] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-6-7 160944] S3 AmUStor;AM USB Stroage Driver;C:\Windows\System32\drivers\AmUStor.sys [2009-7-22 40448] S3 androidusb;ADB Interface Driver;C:\Windows\System32\drivers\ANDROIDUSB.sys [2009-11-2 33736] S3 DrvAgent64;DrvAgent64;C:\Windows\SysWOW64\drivers\DrvAgent64.SYS [2013-3-8 21712] S3 HTCAND64;HTC Device Driver;C:\Windows\System32\drivers\ANDROIDUSB.sys [2009-11-2 33736] S3 htcnprot;HTC NDIS Protocol Driver;C:\Windows\System32\drivers\htcnprot.sys [2012-12-7 36928] S3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-9-1 25928] S3 MWLService;MyWinLocker Service;C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe [2009-9-10 305448] S3 NIEthernetDeviceEnumerator;NI Ethernet Device Enumerator Driver;C:\Windows\System32\drivers\niede.sys [2012-1-12 38064] S3 niufurkw;niufurkw;C:\Windows\System32\drivers\niufurkw.sys [2012-7-16 12496] S3 nixsrkw;nixsrkw;C:\Windows\System32\drivers\nixsrkw.sys [2012-7-16 12464] S3 NTIBackupSvc;NTI Backup Now 5 Backup Service;C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2009-6-17 50432] S3 PTSimHid;PenTablet Simulated HID MiniDriver;C:\Windows\System32\drivers\PTSimHid.sys [2009-6-18 17064] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-12-7 19456] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-12-7 57856] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-2-27 1255736] S4 NIApplicationWebServer64;NI Application Web Server (64-bit);"C:\Program Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe" -user --> C:\Program Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [?] . =============== File Associations =============== . ShellExec: Opera.exe: open="C:\Program Files (x86)\Opera\Launcher.exe" "%1" . =============== Created Last 30 ================ . 2013-10-03 10:22:30 76232 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{220E2A91-3EF4-41BC-A6DB-229D76EE22BE}\offreg.dll 2013-10-03 10:20:08 9694160 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{220E2A91-3EF4-41BC-A6DB-229D76EE22BE}\mpengine.dll 2013-10-02 20:12:32 -------- d-----w- C:\AdobeTemp 2013-09-22 19:22:20 -------- d-----w- C:\Program Files (x86)\Common Files\HP 2013-09-16 20:28:05 3723656 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe 2013-09-06 22:38:07 -------- d-----w- C:\Users\Justin\AppData\Local\Opera Software 2013-09-06 22:38:05 -------- d-----w- C:\Users\Justin\AppData\Roaming\Opera Software 2013-09-05 14:04:02 209272 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.dll 2013-09-04 18:56:59 3958784 ----a-w- C:\Windows\System32\jscript9.dll 2013-09-04 18:38:47 -------- d-----w- C:\Windows\System32\MRT 2013-09-04 18:36:03 1888768 ----a-w- C:\Windows\System32\WMVDECOD.DLL 2013-09-04 18:36:03 1620992 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL 2013-09-04 18:34:59 39936 ----a-w- C:\Windows\System32\drivers\tssecsrv.sys 2013-09-04 18:33:26 1910208 ----a-w- C:\Windows\System32\drivers\tcpip.sys . ==================== Find3M ==================== . 2013-09-20 04:33:59 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2013-09-20 04:33:59 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2013-09-01 20:18:13 283064 ----a-w- C:\Windows\System32\drivers\dtsoftbus01.sys 2013-08-30 07:48:10 72016 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys 2013-08-30 07:48:10 65336 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys 2013-08-30 07:48:10 204880 ----a-w- C:\Windows\System32\drivers\aswVmm.sys 2013-08-30 07:48:10 1030952 ----a-w- C:\Windows\System32\drivers\aswSnx.sys 2013-08-30 07:48:09 80816 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys 2013-08-30 07:47:40 41664 ----a-w- C:\Windows\avastSS.scr 2013-08-28 21:27:05 26282226 ----a-w- C:\Users\Justin\ij147-jdk6-64bit-setup.exe 2013-08-28 20:43:45 108968 ----a-w- C:\Windows\System32\WindowsAccessBridge-64.dll 2013-08-28 20:43:12 1093032 ----a-w- C:\Windows\System32\npDeployJava1.dll 2013-08-28 20:43:11 972712 ----a-w- C:\Windows\System32\deployJava1.dll 2013-08-21 18:53:18 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll 2013-08-21 18:53:12 867240 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll 2013-08-21 18:53:12 789416 ----a-w- C:\Windows\SysWow64\deployJava1.dll 2013-08-07 11:22:02 278800 ------w- C:\Windows\System32\MpSigStub.exe 2013-07-26 05:13:37 2241024 ----a-w- C:\Windows\System32\wininet.dll 2013-07-26 05:12:04 136704 ----a-w- C:\Windows\System32\iesysprep.dll 2013-07-26 05:12:03 67072 ----a-w- C:\Windows\System32\iesetup.dll 2013-07-26 03:35:08 2706432 ----a-w- C:\Windows\System32\mshtml.tlb 2013-07-26 03:13:24 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll 2013-07-26 03:12:04 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll 2013-07-26 03:12:00 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll 2013-07-26 03:12:00 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll 2013-07-26 02:49:14 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2013-07-26 02:39:38 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe 2013-07-26 01:59:38 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe 2013-07-19 01:58:42 2048 ----a-w- C:\Windows\System32\tzres.dll 2013-07-19 01:41:01 2048 ----a-w- C:\Windows\SysWow64\tzres.dll 2013-07-09 06:03:30 5550528 ----a-w- C:\Windows\System32\ntoskrnl.exe 2013-07-09 05:54:22 1732032 ----a-w- C:\Windows\System32\ntdll.dll 2013-07-09 05:53:12 243712 ----a-w- C:\Windows\System32\wow64.dll 2013-07-09 05:52:52 224256 ----a-w- C:\Windows\System32\wintrust.dll 2013-07-09 05:51:16 1217024 ----a-w- C:\Windows\System32\rpcrt4.dll 2013-07-09 05:46:20 184320 ----a-w- C:\Windows\System32\cryptsvc.dll 2013-07-09 05:46:20 1472512 ----a-w- C:\Windows\System32\crypt32.dll 2013-07-09 05:46:20 139776 ----a-w- C:\Windows\System32\cryptnet.dll 2013-07-09 05:03:34 3968960 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe 2013-07-09 05:03:34 3913664 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe 2013-07-09 04:53:47 1292192 ----a-w- C:\Windows\SysWow64\ntdll.dll 2013-07-09 04:52:33 663552 ----a-w- C:\Windows\SysWow64\rpcrt4.dll 2013-07-09 04:52:33 5120 ----a-w- C:\Windows\SysWow64\wow32.dll 2013-07-09 04:52:10 175104 ----a-w- C:\Windows\SysWow64\wintrust.dll 2013-07-09 04:46:31 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll 2013-07-09 04:46:31 1166848 ----a-w- C:\Windows\SysWow64\crypt32.dll 2013-07-09 04:46:31 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll 2013-07-09 04:45:07 44032 ----a-w- C:\Windows\apppatch\acwow64.dll 2013-07-09 02:49:42 25600 ----a-w- C:\Windows\SysWow64\setup16.exe 2013-07-09 02:49:41 7680 ----a-w- C:\Windows\SysWow64\instnm.exe 2013-07-09 02:49:39 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll 2013-07-09 02:49:38 2048 ----a-w- C:\Windows\SysWow64\user.exe . ============= FINISH: 12:36:28.22 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume2 Install Date: 1/19/2010 5:01:22 PM System Uptime: 10/2/2013 8:33:26 PM (16 hours ago) . Motherboard: Acer | | Aspire 5740 Processor: Intel® Core i3 CPU M 330 @ 2.13GHz | CPU 1 | 1983/100mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 285 GiB total, 55.66 GiB free. D: is CDROM () E: is CDROM (CDFS) G: is FIXED (NTFS) - 466 GiB total, 82.673 GiB free. . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP593: 10/2/2013 12:59:00 PM - Removed Adobe Photoshop Lightroom 2.7 64-bit. RP594: 10/2/2013 2:09:44 PM - Removed Adobe Photoshop Lightroom 4.4 64-bit. RP595: 10/2/2013 2:16:38 PM - Removed EndNote X3 RP596: 10/3/2013 3:19:21 AM - Windows Update . ==== Installed Programs ====================== . Update for Microsoft Office 2007 (KB2508958) 64 Bit HP CIO Components Installer Acer Arcade Deluxe Acer Assist Acer Backup Manager Acer Crystal Eye Webcam Acer ePower Management Acer eRecovery Management Acer Games Acer GridVista Acer Registration Acer ScreenSaver Acer Updater Acrobat.com Adobe AIR Adobe Color Video Profiles CS CS4 Adobe Community Help Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Photoshop Elements 8.0 Adobe Photoshop.com Inspiration Browser Adobe Reader XI (11.0.04) Adobe Shockwave Player 11.6 AdobeColorCommonSetRGB Alcor Micro USB Card Reader Apple Application Support Apple Mobile Device Support Apple Software Update ArcSoft PhotoStudio 6 Audacity 1.3.11 (Unicode) Auslogics BoostSpeed AutoQuant3DMergeModuls avast! Free Antivirus Avery Wizard 4.0 Backup Manager Basic Blogger Backup Utility Bonjour Broadcom Gigabit NetLink Controller BufferChm Canon CanoScan LiDE 700F User Registration Canon Inkjet Printer/Scanner/Fax Extended Survey Program Canon MP Navigator EX 2.1 Canon RAW Image Task for ZoomBrowser EX Canon Utilities CameraWindow Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX Canon Utilities Digital Photo Professional 3.4 Canon Utilities EOS Utility Canon Utilities MyCamera Canon Utilities PhotoStitch Canon Utilities Picture Style Editor Canon Utilities RemoteCapture Task for ZoomBrowser EX Canon Utilities Solution Menu Canon Utilities WFT-E1/E2/E3 Utility Canon Utilities ZoomBrowser EX Canon ZoomBrowser EX Memory Card Utility CanoScan LiDE 700F Scanner Driver Compatibility Pack for the 2007 Office system D1400 D1400_Help DAEMON Tools Lite DeviceDiscovery dj_sf_ProductContext dj_sf_software dj_sf_software_req Driver Detective DriverAgent by eSupport.com Dropbox eBay Worldwide eSobi v2 FFmpeg for Audacity on Windows FileZilla Client 3.5.3 G*Power 3.1.7 Garmin Communicator Plugin Garmin Lifetime Updater Garmin USB Drivers Glade 3.6.1 Google Chrome Google Drive Google Talk (remove only) Google Talk Plugin Google Update Helper GoToMeeting 4.8.0.723 GPBaseService2 Half-Life 2 Half-Life 2: Episode One Half-Life 2: Episode Two Half-Life 2: Lost Coast Hewlett-Packard ACLM.NET v1.1.0.0 High-Definition Video Playback 10 Hotfix for Microsoft .NET Framework 4 Client Profile (KB982638) HP Customer Participation Program 13.0 HP Deskjet Printer Driver Software 13.0 Rel. 1 HP Imaging Device Functions 13.0 HP Photosmart Essential 3.5 HP Product Detection HP Smart Web Printing 4.51 HP Solution Center 13.0 HPPhotoGadget HPPhotoSmartDiscLabelContent1 HPPhotosmartEssential HPProductAssistant HPSSupply HTC Driver Installer HTC Sync Manager Identity Card ImageJ 1.47v ImgBurn Intel® Control Center Intel® Graphics Media Accelerator Driver Intel® Management Engine Components Intel® Matrix Storage Manager IPTInstaller iSEEK AnswerWorks English Runtime iSyncr Jalbum Java 7 Update 25 Java 7 Update 25 (64-bit) Java Auto Updater JavaFX 2.1.1 Junk Mail filter update LAME v3.98.2 for Audacity Last.fm Scrobbler 2.1.36 Launch Manager Leica LAS AF Lite LSI HDA Modem Luminance HDR 2.3.0 Malwarebytes Anti-Malware version 1.75.0.1300 MarketResearch MATLAB R2012a MediaMonkey 4.0 Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Extended Microsoft Application Error Reporting Microsoft Choice Guard Microsoft Default Manager Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Access MUI (English) 2007 Microsoft Office Access Setup Metadata MUI (English) 2007 Microsoft Office Enterprise 2007 Microsoft Office Excel MUI (English) 2007 Microsoft Office File Validation Add-In Microsoft Office Groove MUI (English) 2007 Microsoft Office Groove Setup Metadata MUI (English) 2007 Microsoft Office Home and Student 2007 Microsoft Office InfoPath MUI (English) 2007 Microsoft Office Office 64-bit Components 2007 Microsoft Office OneNote MUI (English) 2007 Microsoft Office Outlook MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office PowerPoint Viewer 2007 (English) Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (English) 2007 Microsoft Office Shared 64-bit MUI (English) 2007 Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Suite Activation Assistant Microsoft Office Word MUI (English) 2007 Microsoft Primary Interoperability Assemblies 2005 Microsoft Search Enhancement Pack Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Works Microsoft_VC80_CRT_x86 Microsoft_VC80_MFC_x86 Microsoft_VC80_MFCLOC_x86 Microsoft_VC90_ATL_x86 Microsoft_VC90_CRT_x86 Microsoft_VC90_MFC_x86 Mikogo 4 MinGW-Get version 0.5-beta-20120426-1 Mozilla Firefox 20.0.1 (x86 en-US) Mozilla Maintenance Service MSN Toolbar MSN Toolbar Platform MSVCRT MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MTP Porting Kit Music Manager muvee Reveal Seagate Edition MyWinLocker Nations Photo Lab ROES Nero 10 ClipartPack Nero 10 Menu TemplatePack 1 Nero 10 Menu TemplatePack 2 Nero 10 Menu TemplatePack 3 Nero 10 Menu TemplatePack Basic Nero 10 Movie ThemePack 1 Nero 10 Movie ThemePack 2 Nero 10 Movie ThemePack Basic Nero 10 Sample ImagePack Nero 10 Sample Videos Nero BackItUp 10 Nero BackItUp 10 Help (CHM) Nero Burning ROM 10 Nero BurningROM 10 Help (CHM) Nero BurnRights 10 Nero BurnRights 10 Help (CHM) Nero Control Center 10 Nero Core Components 10 Nero CoverDesigner 10 Nero CoverDesigner 10 Help (CHM) Nero DiscSpeed 10 Nero DiscSpeed 10 Help (CHM) Nero Dolby Files 10 Nero Express 10 Nero Express 10 Help (CHM) Nero InfoTool 10 Nero InfoTool 10 Help (CHM) Nero MediaHub 10 Nero MediaHub 10 Help (CHM) Nero Multimedia Suite 10 Nero Recode 10 Nero Recode 10 Help (CHM) Nero RescueAgent 10 Nero RescueAgent 10 Help (CHM) Nero SoundTrax 10 Nero SoundTrax 10 Help (CHM) Nero StartSmart 10 Nero StartSmart 10 Help (CHM) Nero Update Nero Vision 10 Nero Vision 10 Help (CHM) Nero WaveEditor 10 Nero WaveEditor 10 Help (CHM) NTI Backup Now 5 NTI Backup Now Standard NTI Media Maker 8 Nvu 1.0PR Opera Stable 16.0.1196.73 Picasa 3 Picturenaut 3.2 PL-2303 USB-to-Serial Portal Portal 2 QuickTime R for Windows 3.0.1 Realtek High Definition Audio Driver Registry Easy v5.6 ResearchSoft Direct Export Helper RStudio Seagate Manager Installer Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576) Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393) Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628) Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2) Security Update for Microsoft .NET Framework 4 Extended (KB2487367) Security Update for Microsoft .NET Framework 4 Extended (KB2656351) Security Update for Microsoft .NET Framework 4 Extended (KB2736428) Security Update for Microsoft .NET Framework 4 Extended (KB2742595) Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687309) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Publisher 2007 (KB2597971) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition Sendori Shipping Assistant 3.8 Shop for HP Supplies SketchUp 8 Skype™ 5.10 SlidePath Gateway SmartWebPrinting SolutionCenter SoulSeek 157 NS 13e SoulseekQt Spotify Status Steam SUPERAntiSpyware swMSM Synaptics Pointing Device Driver Team Fortress 2 Team Fortress 2 Beta Toolbox TrayApp TurboTax 2009 TurboTax 2009 wiliper TurboTax 2009 WinPerFedFormset TurboTax 2009 WinPerReleaseEngine TurboTax 2009 WinPerTaxSupport TurboTax 2009 wrapper TurboTax 2010 TurboTax 2010 wiliper TurboTax 2010 WinPerFedFormset TurboTax 2010 WinPerReleaseEngine TurboTax 2010 WinPerTaxSupport TurboTax 2010 wrapper TurboTax 2011 TurboTax 2011 wcaiper TurboTax 2011 wiliper TurboTax 2011 WinPerFedFormset TurboTax 2011 WinPerReleaseEngine TurboTax 2011 WinPerTaxSupport TurboTax 2011 wrapper TurboTax 2012 TurboTax 2012 wcaiper TurboTax 2012 wiliper TurboTax 2012 WinPerFedFormset TurboTax 2012 WinPerReleaseEngine TurboTax 2012 WinPerTaxSupport TurboTax 2012 wrapper UnloadSupport Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft .NET Framework 4 Client Profile (KB2836939) Update for Microsoft .NET Framework 4 Extended (KB2468871) Update for Microsoft .NET Framework 4 Extended (KB2533523) Update for Microsoft .NET Framework 4 Extended (KB2600217) Update for Microsoft .NET Framework 4 Extended (KB2836939) Update for Microsoft Office 2007 Help for Common Features (KB963673) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition Update for Microsoft Office Access 2007 Help (KB963663) Update for Microsoft Office Excel 2007 Help (KB963678) Update for Microsoft Office Infopath 2007 Help (KB963662) Update for Microsoft Office OneNote 2007 Help (KB963670) Update for Microsoft Office Outlook 2007 Help (KB963677) Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2768024) 32-Bit Edition Update for Microsoft Office Powerpoint 2007 Help (KB963669) Update for Microsoft Office Publisher 2007 Help (KB963667) Update for Microsoft Office Script Editor Help (KB963671) Update for Microsoft Office Word 2007 Help (KB963665) VI Package Manager WebReg Welcome Center Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0) Windows Live Call Windows Live Communications Platform Windows Live Essentials Windows Live ID Sign-in Assistant Windows Live Mail Windows Live Messenger Windows Live Movie Maker Windows Live Photo Gallery Windows Live Sync Windows Live Upload Tool Windows Live Writer Windows Media Player Firefox Plugin WinRAR archiver Yahoo! Toolbar . ==== Event Viewer Messages From Past Week ======== . 9/30/2013 3:51:26 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR10. 9/28/2013 7:45:44 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR9. 9/26/2013 9:20:39 AM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR8. 9/26/2013 4:59:22 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service. 10/3/2013 9:42:41 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Application Sendori service. 10/3/2013 8:37:32 AM, Error: Service Control Manager [7031] - The Service Sendori service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 10/3/2013 12:31:16 PM, Error: Microsoft-Windows-DNS-Client [1012] - There was an error while attempting to read the local hosts file. 10/2/2013 8:54:19 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the M4-Service service. 10/2/2013 8:34:41 PM, Error: Service Control Manager [7003] - The NI Device Loader service depends the following service: mxssvr. This service might not be installed. 10/2/2013 8:34:41 PM, Error: Service Control Manager [7000] - The McAfee SiteAdvisor Service service failed to start due to the following error: The system cannot find the file specified. 10/2/2013 8:31:23 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR1. 10/2/2013 2:55:23 PM, Error: Service Control Manager [7034] - The M4-Service service terminated unexpectedly. It has done this 1 time(s). 10/2/2013 2:28:02 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Service Sendori service to connect. 10/2/2013 2:28:02 PM, Error: Service Control Manager [7000] - The Service Sendori service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 10/1/2013 10:05:34 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the UNS service. . ==== End Of File ===========================
- October 3, 2013
- 27 replies
Search Assist Assistance Needed

eNerve replied to eNerve's topic in Resolved Malware Removal Logs

RogueKiller V8.7.0 _x64_ [sep 30 2013] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : http://www.adlice.com/forum/ Website : http://www.adlice.com/softwares/roguekiller/ Blog : http://tigzyrk.blogspot.com/ Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Normal mode User : FreshOats [Admin rights] Mode : Scan -- Date : 10/02/2013 12:45:16 | ARK || FAK || MBR | ¤¤¤ Bad processes : 2 ¤¤¤ [sUSP PATH] M4-Service.exe -- C:\Users\Justin\AppData\Local\Mikogo4\Host\Service\M4-Service.exe [7] -> KILLED [TermProc] [sUSP PATH] M4-Capture.exe -- C:\Users\Justin\AppData\Local\Mikogo4\Host\Service\M4-Capture.exe [7] -> KILLED [TermProc] ¤¤¤ Registry Entries : 4 ¤¤¤ [RUN][sUSP PATH] HKCU\[...]\Run : googletalk (C:\Users\FreshOats\AppData\Roaming\Google\Google Talk\googletalk.exe /autostart [x][x]) -> FOUND [RUN][sUSP PATH] HKUS\S-1-5-21-350978928-1145991243-2579747793-1001\[...]\Run : googletalk (C:\Users\FreshOats\AppData\Roaming\Google\Google Talk \googletalk.exe /autostart [x][x]) -> FOUND [HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Scheduled tasks : 0 ¤¤¤ ¤¤¤ Startup Entries : 0 ¤¤¤ ¤¤¤ Web browsers : 0 ¤¤¤ ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤ ¤¤¤ External Hives: ¤¤¤ ¤¤¤ Infection : ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> %SystemRoot%\System32\drivers\etc\hosts 127.0.0.1 activate.adobe.com 127.0.0.1 practivate.adobe.com 127.0.0.1 ereg.adobe.com 127.0.0.1 activate.wip3.adobe.com 127.0.0.1 wip3.adobe.com 127.0.0.1 3dns-3.adobe.com 127.0.0.1 3dns-2.adobe.com 127.0.0.1 adobe-dns.adobe.com 127.0.0.1 adobe-dns-2.adobe.com 127.0.0.1 adobe-dns-3.adobe.com 127.0.0.1 ereg.wip3.adobe.com 127.0.0.1 activate-sea.adobe.com 127.0.0.1 wwis-dubc1-vip60.adobe.com 127.0.0.1 activate-sjc0.adobe.com 127.0.0.1 lmlicenses.wip4.adobe.com 127.0.0.1 lm.licenses.adobe.com ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) (Standard disk drives) - Hitachi HTS545032B9A300 +++++ --- User --- [MBR] 025d360518a50ea344f797455574d582 [bSP] 22853227433866bad50ce6e3ef4b78b7 : Windows Vista MBR Code Partition table: 0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 13000 Mo 1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 26626048 | Size: 100 Mo 2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 26830848 | Size: 292143 Mo User = LL1 ... OK! User = LL2 ... OK! +++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ USB) (Standard disk drives) - Seagate FreeAgent Go USB Device +++++ --- User --- [MBR] efaae474bf56cd39e5d0462ccb81c6e6 [bSP] 5cab7fac78b6fe5301595cea6da44b25 : Empty MBR Code Partition table: 0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 476937 Mo User = LL1 ... OK! Error reading LL2 MBR! Finished : << RKreport[0]_S_10022013_124516.txt >>
- October 2, 2013
- 3 replies
Search Assist Assistance Needed

eNerve posted a topic in Resolved Malware Removal Logs

DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 10.0.9200.16660 BrowserJavaVersion: 10.25.2 Run by FreshOats at 12:01:54 on 2013-10-02 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3764.1095 [GMT -7:00] . AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files\Alwil Software\Avast5\AvastSvc.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files\LSI SoftModem\agr64svc.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe C:\Program Files (x86)\Acer\Registration\GregHSRW.exe C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE C:\Program Files\Acer\Acer Updater\UpdaterService.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe C:\Users\Justin\AppData\Local\Mikogo4\Host\Service\M4-Service.exe C:\Users\Justin\AppData\Local\Mikogo4\Host\Service\M4-Capture.exe C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\Program Files (x86)\Sendori\sndappv2.exe C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted C:\Program Files\Acer\Acer Updater\UpdaterService.exe C:\Windows\System32\svchost.exe -k secsvcs C:\Windows\System32\Drivers\WTSRV.EXE C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files (x86)\Sendori\SendoriSvc.exe C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files (x86)\Sendori\SendoriUp.exe C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler.exe C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler64.exe C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe C:\Program Files (x86)\Nero\Update\NASvc.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Windows\PLFSetI.exe C:\Windows\system32\wuauclt.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe C:\Windows\system32\igfxext.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Windows\system32\igfxsrvc.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\hkcmd.exe C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe C:\Windows\System32\igfxpers.exe C:\Users\Justin\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Justin\AppData\Local\Google\Update\1.3.21.153\GoogleCrashHandler.exe C:\Users\Justin\AppData\Local\Google\Update\1.3.21.153\GoogleCrashHandler64.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe C:\Users\Justin\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files (x86)\Launch Manager\LManager.exe C:\Windows\SysWOW64\WTClient.exe C:\Program Files\Alwil Software\Avast5\AvastUI.exe C:\Program Files (x86)\Sendori\SendoriTray.exe C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe C:\Windows\system32\taskhost.exe C:\Users\Justin\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Justin\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Sendori\Sendori.Service.exe C:\Users\Justin\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Justin\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Justin\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Justin\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Justin\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Justin\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Justin\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Justin\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe C:\Windows\system32\taskeng.exe C:\Users\Justin\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Justin\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Justin\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Justin\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Justin\Desktop\mbam-setup-1.75.0.1300.exe C:\Users\Justin\AppData\Local\Temp\is-HT7N1.tmp\mbam-setup-1.75.0.1300.tmp C:\Users\Justin\Desktop\mbam-setup-1.75.0.1300.exe C:\Users\Justin\AppData\Local\Temp\is-UUR39.tmp\mbam-setup-1.75.0.1300.tmp C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe C:\Windows\SysWOW64\ctfmon.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . uWindow Title = Internet Explorer, enhanced for Bing and MSN uURLSearchHooks: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll mWinlogon: Userinit = userinit.exe, BHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned> BHO: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: MSN Toolbar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0417.0\npwinext.dll BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll BHO: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll TB: MSN Toolbar: {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0417.0\npwinext.dll TB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll uRun: [googletalk] C:\Users\FreshOats\AppData\Roaming\Google\Google Talk\googletalk.exe /autostart uRun: [4AA5D9FA8B43745BB2EAD1E788698E8441A23DBA._service_run] "C:\Users\FreshOats\AppData\Local\Google\Chrome\Application\chrome.exe" --type=service uRun: [D3CA26BDF1EEC0308B736E98B1ACDCED782D77FF._service_run] "C:\Users\Justin\AppData\Local\Google\Chrome\Application\chrome.exe" --type=service uRun: [AdobeBridge] <no file> mRun: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe mRun: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [WTClient] WTClient.exe mRun: [avast] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui mRun: [sendori Tray] "C:\Program Files (x86)\Sendori\SendoriTray.exe" mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe mRun: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe mRunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent StartupFolder: C:\Users\Justin\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Justin\AppData\Roaming\Dropbox\bin\Dropbox.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 mPolicies-System: PromptOnSecureDesktop = dword:0 IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200 IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll LSP: C:\Windows\System32\Sendori.dll Trusted Zone: clonewarsadventures.com Trusted Zone: freerealms.com Trusted Zone: soe.com Trusted Zone: sony.com TCP: NameServer = 192.168.1.254 TCP: Interfaces\{079E895E-A34A-44CA-AB30-B5385D4D0B79} : DHCPNameServer = 192.168.1.254 TCP: Interfaces\{653E5F10-D724-4359-9865-AA1F5127D99E} : NameServer = 192.168.42.129 TCP: Interfaces\{653E5F10-D724-4359-9865-AA1F5127D99E} : DHCPNameServer = 192.168.42.129 TCP: Interfaces\{A299C7D6-6A7F-4DE9-889A-321C37E8BE34} : DHCPNameServer = 192.168.1.254 TCP: Interfaces\{A299C7D6-6A7F-4DE9-889A-321C37E8BE34}\2375942554237373 : NameServer = 192.168.1.254 TCP: Interfaces\{A299C7D6-6A7F-4DE9-889A-321C37E8BE34}\2375942554237373 : DHCPNameServer = 192.168.1.254 TCP: Interfaces\{A299C7D6-6A7F-4DE9-889A-321C37E8BE34}\2456C6D6F4 : DHCPNameServer = 192.168.2.1 TCP: Interfaces\{A299C7D6-6A7F-4DE9-889A-321C37E8BE34}\3516E6475656D27457563747 : NameServer = 192.168.1.254 TCP: Interfaces\{A299C7D6-6A7F-4DE9-889A-321C37E8BE34}\3516E6475656D27457563747 : DHCPNameServer = 4.2.2.2 TCP: Interfaces\{A299C7D6-6A7F-4DE9-889A-321C37E8BE34}\55343544D27455543545 : DHCPNameServer = 132.239.0.252 132.239.0.250 TCP: Interfaces\{A299C7D6-6A7F-4DE9-889A-321C37E8BE34}\6596E616B61634166656 : DHCPNameServer = 192.168.1.254 TCP: Interfaces\{A299C7D6-6A7F-4DE9-889A-321C37E8BE34}\76162697 : DHCPNameServer = 192.168.1.1 TCP: Interfaces\{A299C7D6-6A7F-4DE9-889A-321C37E8BE34}\C696E6B6379737 : DHCPNameServer = 209.18.47.61 209.18.47.62 TCP: Interfaces\{BEAF8B28-493A-4EEC-986D-D78A4F063FF4} : NameServer = 192.168.42.129 TCP: Interfaces\{BEAF8B28-493A-4EEC-986D-D78A4F063FF4} : DHCPNameServer = 192.168.42.129 Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll SSODL: WebCheck - <orphaned> SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll x64-BHO: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll x64-BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll x64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll x64-Run: [iAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s x64-Run: [PLFSetI] C:\Windows\PLFSetI.exe x64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe x64-Run: [Acer ePower Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe x64-Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe /logon x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned> x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned> x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned> x64-Notify: igfxcui - igfxdev.dll x64-SSODL: WebCheck - <orphaned> . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Justin\AppData\Roaming\Mozilla\Firefox\Profiles\6vfjhq0a.default\ FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0417.0\npwinext.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\Users\Justin\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll FF - plugin: C:\Users\Justin\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll FF - plugin: C:\Users\Justin\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll FF - plugin: C:\Users\Justin\AppData\Roaming\Mozilla\plugins\npo1d.dll FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll FF - plugin: C:\Windows\SysWOW64\npmproxy.dll FF - ExtSQL: 2013-09-22 12:24; smartwebprinting@hp.com; C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF - ExtSQL: 2013-10-02 10:38; {AE93811A-5C9A-4d34-8462-F7B864FC4696}; C:\Users\Justin\AppData\Roaming\Mozilla\Firefox\Profiles\6vfjhq0a.default\extensions\{AE93811A-5C9A-4d34-8462-F7B864FC4696}.xpi FF - ExtSQL: !HIDDEN! 2013-09-22 12:24; smartwebprinting@hp.com; C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 . ============= SERVICES / DRIVERS =============== . R0 aswRvrt;aswRvrt;C:\Windows\System32\drivers\aswRvrt.sys [2013-3-17 65336] R0 aswVmm;aswVmm;C:\Windows\System32\drivers\aswVmm.sys [2013-3-17 204880] R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2010-2-7 55024] R1 aswKbd;aswKbd;C:\Windows\System32\drivers\aswKbd.sys [2012-8-27 19600] R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2011-3-23 1030952] R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2010-1-21 378944] R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2013-9-1 283064] R1 mwlPSDFilter;mwlPSDFilter;C:\Windows\System32\drivers\mwlPSDFilter.sys [2009-6-2 22576] R1 mwlPSDNServ;mwlPSDNServ;C:\Windows\System32\drivers\mwlPSDNserv.sys [2009-6-2 20016] R1 mwlPSDVDisk;mwlPSDVDisk;C:\Windows\System32\drivers\mwlPSDVDisk.sys [2009-6-2 60464] R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928] R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368] R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2011-8-11 140672] R2 AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8;C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe [2009-9-6 169312] R2 Application Sendori;Application Sendori;C:\Program Files (x86)\Sendori\SendoriSvc.exe [2013-7-1 119072] R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2010-1-21 33400] R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2010-1-21 80816] R2 avast! Antivirus;avast! Antivirus;C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2013-9-18 46808] R2 ePowerSvc;Acer ePower Service;C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2009-12-8 844320] R2 FreeAgentGoNext Service;Seagate Service;C:\Program Files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe [2009-9-25 189736] R2 Greg_Service;GRegService;C:\Program Files (x86)\Acer\Registration\GregHSRW.exe [2009-8-28 1150496] R2 HTCMonitorService;HTCMonitorService;C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [2013-1-29 87368] R2 IntuitUpdateServiceV4;Intuit Update Service v4;C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe [2012-8-23 13672] R2 Live Updater Service;Live Updater Service;C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2009-11-4 255376] R2 M4-Service;M4-Service;C:\Users\Justin\AppData\Local\Mikogo4\Host\Service\M4-Service.exe [2013-4-29 1008032] R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-9-1 418376] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-9-1 701512] R2 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2010-2-18 462632] R2 NTI IScheduleSvc;NTI IScheduleSvc;C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2009-9-24 62720] R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2009-6-17 144640] R2 PassThru Service;Internet Pass-Through Service;C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2013-4-6 167424] R2 Service Sendori;Service Sendori;C:\Program Files (x86)\Sendori\Sendori.Service.exe [2013-7-1 22304] R2 sndappv2;sndappv2;C:\Program Files (x86)\Sendori\sndappv2.exe [2013-7-1 3623200] R2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2009-11-4 2320920] R2 Updater Service;Updater Service;C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2009-11-4 255376] R3 HECIx64;Intel® Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2009-11-4 56344] R3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2009-12-8 151936] R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2009-12-8 244736] R3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;C:\Windows\System32\drivers\k57nd60a.sys [2009-8-6 320040] R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-9-1 25928] R3 PTSimBus;PenTablet Bus Enumerator;C:\Windows\System32\drivers\PTSimBus.sys [2009-6-18 27304] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe --> c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [?] S2 nidevldu;NI Device Loader;C:\Windows\SysWOW64\nipalsm.exe --> C:\Windows\SysWOW64\nipalsm.exe [?] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-6-7 160944] S3 AmUStor;AM USB Stroage Driver;C:\Windows\System32\drivers\AmUStor.sys [2009-7-22 40448] S3 androidusb;ADB Interface Driver;C:\Windows\System32\drivers\ANDROIDUSB.sys [2009-11-2 33736] S3 DrvAgent64;DrvAgent64;C:\Windows\SysWOW64\drivers\DrvAgent64.SYS [2013-3-8 21712] S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2010-2-7 1038088] S3 HTCAND64;HTC Device Driver;C:\Windows\System32\drivers\ANDROIDUSB.sys [2009-11-2 33736] S3 htcnprot;HTC NDIS Protocol Driver;C:\Windows\System32\drivers\htcnprot.sys [2012-12-7 36928] S3 MWLService;MyWinLocker Service;C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe [2009-9-10 305448] S3 NIEthernetDeviceEnumerator;NI Ethernet Device Enumerator Driver;C:\Windows\System32\drivers\niede.sys [2012-1-12 38064] S3 niufurkw;niufurkw;C:\Windows\System32\drivers\niufurkw.sys [2012-7-16 12496] S3 nixsrkw;nixsrkw;C:\Windows\System32\drivers\nixsrkw.sys [2012-7-16 12464] S3 NTIBackupSvc;NTI Backup Now 5 Backup Service;C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2009-6-17 50432] S3 PTSimHid;PenTablet Simulated HID MiniDriver;C:\Windows\System32\drivers\PTSimHid.sys [2009-6-18 17064] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-12-7 19456] S3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-12-7 57856] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-2-27 1255736] S4 NIApplicationWebServer64;NI Application Web Server (64-bit);"C:\Program Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe" -user --> C:\Program Files\National Instruments\Shared\NI WebServer \ApplicationWebServer.exe [?] . =============== File Associations =============== . ShellExec: Opera.exe: open="C:\Program Files (x86)\Opera\Launcher.exe" "%1" . =============== Created Last 30 ================ . 2013-09-27 09:29:48 76232 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C907BCA5-0F3A-44D6-9F29-0C32F0CAA59C}\offreg.dll 2013-09-27 09:27:43 9694160 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C907BCA5-0F3A-44D6-9F29-0C32F0CAA59C}\mpengine.dll 2013-09-22 19:22:20 -------- d-----w- C:\Program Files (x86)\Common Files\HP 2013-09-16 20:28:05 3723656 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe 2013-09-06 22:38:07 -------- d-----w- C:\Users\Justin\AppData\Local\Opera Software 2013-09-06 22:38:05 -------- d-----w- C:\Users\Justin\AppData\Roaming\Opera Software 2013-09-05 14:04:02 209272 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.dll 2013-09-04 18:56:59 3958784 ----a-w- C:\Windows\System32\jscript9.dll 2013-09-04 18:38:47 -------- d-----w- C:\Windows\System32\MRT 2013-09-04 18:36:03 1888768 ----a-w- C:\Windows\System32\WMVDECOD.DLL 2013-09-04 18:36:03 1620992 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL 2013-09-04 18:34:59 39936 ----a-w- C:\Windows\System32\drivers\tssecsrv.sys 2013-09-04 18:33:26 1910208 ----a-w- C:\Windows\System32\drivers\tcpip.sys . ==================== Find3M ==================== . 2013-09-20 04:33:59 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2013-09-20 04:33:59 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2013-09-01 20:18:13 283064 ----a-w- C:\Windows\System32\drivers\dtsoftbus01.sys 2013-08-30 07:48:10 72016 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys 2013-08-30 07:48:10 65336 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys 2013-08-30 07:48:10 204880 ----a-w- C:\Windows\System32\drivers\aswVmm.sys 2013-08-30 07:48:10 1030952 ----a-w- C:\Windows\System32\drivers\aswSnx.sys 2013-08-30 07:48:09 80816 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys 2013-08-30 07:47:40 41664 ----a-w- C:\Windows\avastSS.scr 2013-08-28 21:27:05 26282226 ----a-w- C:\Users\Justin\ij147-jdk6-64bit-setup.exe 2013-08-28 20:43:45 108968 ----a-w- C:\Windows\System32\WindowsAccessBridge-64.dll 2013-08-28 20:43:12 1093032 ----a-w- C:\Windows\System32\npDeployJava1.dll 2013-08-28 20:43:11 972712 ----a-w- C:\Windows\System32\deployJava1.dll 2013-08-21 18:53:18 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll 2013-08-21 18:53:12 867240 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll 2013-08-21 18:53:12 789416 ----a-w- C:\Windows\SysWow64\deployJava1.dll 2013-08-07 11:22:02 278800 ------w- C:\Windows\System32\MpSigStub.exe 2013-07-26 05:13:37 2241024 ----a-w- C:\Windows\System32\wininet.dll 2013-07-26 05:12:04 136704 ----a-w- C:\Windows\System32\iesysprep.dll 2013-07-26 05:12:03 67072 ----a-w- C:\Windows\System32\iesetup.dll 2013-07-26 03:35:08 2706432 ----a-w- C:\Windows\System32\mshtml.tlb 2013-07-26 03:13:24 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll 2013-07-26 03:12:04 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll 2013-07-26 03:12:00 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll 2013-07-26 03:12:00 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll 2013-07-26 02:49:14 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2013-07-26 02:39:38 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe 2013-07-26 01:59:38 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe 2013-07-19 01:58:42 2048 ----a-w- C:\Windows\System32\tzres.dll 2013-07-19 01:41:01 2048 ----a-w- C:\Windows\SysWow64\tzres.dll 2013-07-09 06:03:30 5550528 ----a-w- C:\Windows\System32\ntoskrnl.exe 2013-07-09 05:54:22 1732032 ----a-w- C:\Windows\System32\ntdll.dll 2013-07-09 05:53:12 243712 ----a-w- C:\Windows\System32\wow64.dll 2013-07-09 05:52:52 224256 ----a-w- C:\Windows\System32\wintrust.dll 2013-07-09 05:51:16 1217024 ----a-w- C:\Windows\System32\rpcrt4.dll 2013-07-09 05:46:20 184320 ----a-w- C:\Windows\System32\cryptsvc.dll 2013-07-09 05:46:20 1472512 ----a-w- C:\Windows\System32\crypt32.dll 2013-07-09 05:46:20 139776 ----a-w- C:\Windows\System32\cryptnet.dll 2013-07-09 05:03:34 3968960 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe 2013-07-09 05:03:34 3913664 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe 2013-07-09 04:53:47 1292192 ----a-w- C:\Windows\SysWow64\ntdll.dll 2013-07-09 04:52:33 663552 ----a-w- C:\Windows\SysWow64\rpcrt4.dll 2013-07-09 04:52:33 5120 ----a-w- C:\Windows\SysWow64\wow32.dll 2013-07-09 04:52:10 175104 ----a-w- C:\Windows\SysWow64\wintrust.dll 2013-07-09 04:46:31 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll 2013-07-09 04:46:31 1166848 ----a-w- C:\Windows\SysWow64\crypt32.dll 2013-07-09 04:46:31 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll 2013-07-09 04:45:07 44032 ----a-w- C:\Windows\apppatch\acwow64.dll 2013-07-09 02:49:42 25600 ----a-w- C:\Windows\SysWow64\setup16.exe 2013-07-09 02:49:41 7680 ----a-w- C:\Windows\SysWow64\instnm.exe 2013-07-09 02:49:39 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll 2013-07-09 02:49:38 2048 ----a-w- C:\Windows\SysWow64\user.exe . ============= FINISH: 12:04:06.74 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume2 Install Date: 1/19/2010 5:01:22 PM System Uptime: 10/1/2013 10:05:57 AM (26 hours ago) . Motherboard: Acer | | Aspire 5740 Processor: Intel® Core i3 CPU M 330 @ 2.13GHz | CPU 1 | 1855/100mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 285 GiB total, 54.294 GiB free. D: is CDROM () E: is CDROM () G: is FIXED (NTFS) - 466 GiB total, 83.446 GiB free. . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP590: 9/24/2013 9:48:47 AM - Windows Update RP591: 9/28/2013 5:07:16 PM - Removed iTunes RP592: 9/29/2013 10:54:32 PM - Removed HP Update. . ==== Installed Programs ====================== . Update for Microsoft Office 2007 (KB2508958) 64 Bit HP CIO Components Installer Acer Arcade Deluxe Acer Assist Acer Backup Manager Acer Crystal Eye Webcam Acer ePower Management Acer eRecovery Management Acer Games Acer GridVista Acer Registration Acer ScreenSaver Acer Updater Acrobat.com Adobe AIR Adobe Anchor Service CS4 Adobe Anchor Service x64 CS4 Adobe Bridge CS4 Adobe CMaps CS4 Adobe CMaps x64 CS4 Adobe Color - Photoshop Specific CS4 Adobe Color EU Extra Settings CS4 Adobe Color JA Extra Settings CS4 Adobe Color NA Recommended Settings CS4 Adobe Color Video Profiles CS CS4 Adobe Community Help Adobe CSI CS4 Adobe CSI CS4 x64 Adobe Default Language CS4 Adobe Drive CS4 x64 Adobe ExtendScript Toolkit CS4 Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Fonts All Adobe Fonts All x64 Adobe Linguistics CS4 Adobe Linguistics CS4 x64 Adobe Output Module Adobe PDF Library Files CS4 Adobe PDF Library Files x64 CS4 Adobe Photoshop CS4 Adobe Photoshop CS4 (64 Bit) Adobe Photoshop CS4 Support Adobe Photoshop CS6 Adobe Photoshop Elements 8.0 Adobe Photoshop Lightroom 2.7 64-bit Adobe Photoshop Lightroom 4.4 64-bit Adobe Photoshop.com Inspiration Browser Adobe Reader XI (11.0.04) Adobe Search for Help Adobe Service Manager Extension Adobe Setup Adobe Shockwave Player 11.6 Adobe Type Support CS4 Adobe Type Support x64 CS4 Adobe Update Manager CS4 Adobe WinSoft Linguistics Plugin Adobe WinSoft Linguistics Plugin x64 Adobe XMP Panels CS4 AdobeColorCommonSetCMYK AdobeColorCommonSetRGB Alcor Micro USB Card Reader Apple Application Support Apple Mobile Device Support Apple Software Update ArcSoft PhotoStudio 6 Audacity 1.3.11 (Unicode) Auslogics BoostSpeed AutoQuant3DMergeModuls avast! Free Antivirus Avery Wizard 4.0 Backup Manager Basic Blogger Backup Utility Bonjour Broadcom Gigabit NetLink Controller BufferChm Canon CanoScan LiDE 700F User Registration Canon Inkjet Printer/Scanner/Fax Extended Survey Program Canon MP Navigator EX 2.1 Canon RAW Image Task for ZoomBrowser EX Canon Utilities CameraWindow Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX Canon Utilities Digital Photo Professional 3.4 Canon Utilities EOS Utility Canon Utilities MyCamera Canon Utilities PhotoStitch Canon Utilities Picture Style Editor Canon Utilities RemoteCapture Task for ZoomBrowser EX Canon Utilities Solution Menu Canon Utilities WFT-E1/E2/E3 Utility Canon Utilities ZoomBrowser EX Canon ZoomBrowser EX Memory Card Utility CanoScan LiDE 700F Scanner Driver Compatibility Pack for the 2007 Office system Connect D1400 D1400_Help DAEMON Tools Lite DeviceDiscovery dj_sf_ProductContext dj_sf_software dj_sf_software_req Driver Detective DriverAgent by eSupport.com Dropbox eBay Worldwide EndNote X3 eSobi v2 FFmpeg for Audacity on Windows FileZilla Client 3.5.3 G*Power 3.1.7 Garmin Communicator Plugin Garmin Lifetime Updater Garmin USB Drivers Glade 3.6.1 Google Chrome Google Drive Google Talk (remove only) Google Talk Plugin Google Update Helper GoToMeeting 4.8.0.723 GPBaseService2 Half-Life 2 Half-Life 2: Episode One Half-Life 2: Episode Two Half-Life 2: Lost Coast Hewlett-Packard ACLM.NET v1.1.0.0 High-Definition Video Playback 10 Hotfix for Microsoft .NET Framework 4 Client Profile (KB982638) HP Customer Participation Program 13.0 HP Deskjet Printer Driver Software 13.0 Rel. 1 HP Imaging Device Functions 13.0 HP Photosmart Essential 3.5 HP Product Detection HP Smart Web Printing 4.51 HP Solution Center 13.0 HPPhotoGadget HPPhotoSmartDiscLabelContent1 HPPhotosmartEssential HPProductAssistant HPSSupply HTC Driver Installer HTC Sync Manager Identity Card ImageJ 1.47v ImgBurn Intel® Control Center Intel® Graphics Media Accelerator Driver Intel® Management Engine Components Intel® Matrix Storage Manager IPTInstaller iSEEK AnswerWorks English Runtime iSyncr Jalbum Java 7 Update 25 Java 7 Update 25 (64-bit) Java Auto Updater JavaFX 2.1.1 Junk Mail filter update kuler LAME v3.98.2 for Audacity Last.fm Scrobbler 2.1.36 Launch Manager Leica LAS AF Lite LSI HDA Modem Luminance HDR 2.3.0 Malwarebytes Anti-Malware version 1.75.0.1300 MarketResearch MATLAB R2012a MediaMonkey 4.0 Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Extended Microsoft Application Error Reporting Microsoft Choice Guard Microsoft Default Manager Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Access MUI (English) 2007 Microsoft Office Access Setup Metadata MUI (English) 2007 Microsoft Office Enterprise 2007 Microsoft Office Excel MUI (English) 2007 Microsoft Office File Validation Add-In Microsoft Office Groove MUI (English) 2007 Microsoft Office Groove Setup Metadata MUI (English) 2007 Microsoft Office Home and Student 2007 Microsoft Office InfoPath MUI (English) 2007 Microsoft Office Office 64-bit Components 2007 Microsoft Office OneNote MUI (English) 2007 Microsoft Office Outlook MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office PowerPoint Viewer 2007 (English) Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (English) 2007 Microsoft Office Shared 64-bit MUI (English) 2007 Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Suite Activation Assistant Microsoft Office Word MUI (English) 2007 Microsoft Primary Interoperability Assemblies 2005 Microsoft Search Enhancement Pack Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Works Microsoft_VC80_CRT_x86 Microsoft_VC80_MFC_x86 Microsoft_VC80_MFCLOC_x86 Microsoft_VC90_ATL_x86 Microsoft_VC90_CRT_x86 Microsoft_VC90_MFC_x86 Mikogo 4 MinGW-Get version 0.5-beta-20120426-1 Mozilla Firefox 20.0.1 (x86 en-US) Mozilla Maintenance Service MSN Toolbar MSN Toolbar Platform MSVCRT MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MTP Porting Kit Music Manager muvee Reveal Seagate Edition MyWinLocker Nations Photo Lab ROES Nero 10 ClipartPack Nero 10 Menu TemplatePack 1 Nero 10 Menu TemplatePack 2 Nero 10 Menu TemplatePack 3 Nero 10 Menu TemplatePack Basic Nero 10 Movie ThemePack 1 Nero 10 Movie ThemePack 2 Nero 10 Movie ThemePack Basic Nero 10 Sample ImagePack Nero 10 Sample Videos Nero BackItUp 10 Nero BackItUp 10 Help (CHM) Nero Burning ROM 10 Nero BurningROM 10 Help (CHM) Nero BurnRights 10 Nero BurnRights 10 Help (CHM) Nero Control Center 10 Nero Core Components 10 Nero CoverDesigner 10 Nero CoverDesigner 10 Help (CHM) Nero DiscSpeed 10 Nero DiscSpeed 10 Help (CHM) Nero Dolby Files 10 Nero Express 10 Nero Express 10 Help (CHM) Nero InfoTool 10 Nero InfoTool 10 Help (CHM) Nero MediaHub 10 Nero MediaHub 10 Help (CHM) Nero Multimedia Suite 10 Nero Recode 10 Nero Recode 10 Help (CHM) Nero RescueAgent 10 Nero RescueAgent 10 Help (CHM) Nero SoundTrax 10 Nero SoundTrax 10 Help (CHM) Nero StartSmart 10 Nero StartSmart 10 Help (CHM) Nero Update Nero Vision 10 Nero Vision 10 Help (CHM) Nero WaveEditor 10 Nero WaveEditor 10 Help (CHM) NTI Backup Now 5 NTI Backup Now Standard NTI Media Maker 8 Nvu 1.0PR Opera Stable 16.0.1196.73 PDF Settings CS4 PDF Settings CS6 Photoshop Camera Raw Photoshop Camera Raw_x64 Picasa 3 Picturenaut 3.2 PL-2303 USB-to-Serial Portal Portal 2 QuickTime R for Windows 3.0.1 Realtek High Definition Audio Driver Registry Easy v5.6 ResearchSoft Direct Export Helper RStudio Seagate Manager Installer Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576) Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393) Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628) Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2) Security Update for Microsoft .NET Framework 4 Extended (KB2487367) Security Update for Microsoft .NET Framework 4 Extended (KB2656351) Security Update for Microsoft .NET Framework 4 Extended (KB2736428) Security Update for Microsoft .NET Framework 4 Extended (KB2742595) Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687309) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Publisher 2007 (KB2597971) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition Sendori Shipping Assistant 3.8 Shop for HP Supplies SketchUp 8 Skype™ 5.10 SlidePath Gateway SmartWebPrinting SolutionCenter SoulSeek 157 NS 13e SoulseekQt Spotify Status Steam Suite Shared Configuration CS4 SUPERAntiSpyware swMSM Synaptics Pointing Device Driver Team Fortress 2 Team Fortress 2 Beta Toolbox TrayApp TurboTax 2009 TurboTax 2009 wiliper TurboTax 2009 WinPerFedFormset TurboTax 2009 WinPerReleaseEngine TurboTax 2009 WinPerTaxSupport TurboTax 2009 wrapper TurboTax 2010 TurboTax 2010 wiliper TurboTax 2010 WinPerFedFormset TurboTax 2010 WinPerReleaseEngine TurboTax 2010 WinPerTaxSupport TurboTax 2010 wrapper TurboTax 2011 TurboTax 2011 wcaiper TurboTax 2011 wiliper TurboTax 2011 WinPerFedFormset TurboTax 2011 WinPerReleaseEngine TurboTax 2011 WinPerTaxSupport TurboTax 2011 wrapper TurboTax 2012 TurboTax 2012 wcaiper TurboTax 2012 wiliper TurboTax 2012 WinPerFedFormset TurboTax 2012 WinPerReleaseEngine TurboTax 2012 WinPerTaxSupport TurboTax 2012 wrapper UnloadSupport Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft .NET Framework 4 Client Profile (KB2836939) Update for Microsoft .NET Framework 4 Extended (KB2468871) Update for Microsoft .NET Framework 4 Extended (KB2533523) Update for Microsoft .NET Framework 4 Extended (KB2600217) Update for Microsoft .NET Framework 4 Extended (KB2836939) Update for Microsoft Office 2007 Help for Common Features (KB963673) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition Update for Microsoft Office Access 2007 Help (KB963663) Update for Microsoft Office Excel 2007 Help (KB963678) Update for Microsoft Office Infopath 2007 Help (KB963662) Update for Microsoft Office OneNote 2007 Help (KB963670) Update for Microsoft Office Outlook 2007 Help (KB963677) Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2768024) 32-Bit Edition Update for Microsoft Office Powerpoint 2007 Help (KB963669) Update for Microsoft Office Publisher 2007 Help (KB963667) Update for Microsoft Office Script Editor Help (KB963671) Update for Microsoft Office Word 2007 Help (KB963665) VI Package Manager WebReg Welcome Center Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0) Windows Live Call Windows Live Communications Platform Windows Live Essentials Windows Live ID Sign-in Assistant Windows Live Mail Windows Live Messenger Windows Live Movie Maker Windows Live Photo Gallery Windows Live Sync Windows Live Upload Tool Windows Live Writer Windows Media Player Firefox Plugin WinRAR archiver Yahoo! Toolbar . ==== Event Viewer Messages From Past Week ======== . 9/30/2013 3:51:26 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR10. 9/28/2013 8:05:23 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Application Sendori service. 9/28/2013 7:45:44 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR9. 9/26/2013 9:20:39 AM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR8. 9/26/2013 4:59:22 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service. 9/25/2013 5:03:00 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR7. 10/2/2013 8:54:33 AM, Error: Service Control Manager [7031] - The Service Sendori service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 10/2/2013 8:54:19 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the M4-Service service. 10/2/2013 10:32:33 AM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR1. 10/1/2013 10:08:05 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Service Sendori service to connect. 10/1/2013 10:08:05 AM, Error: Service Control Manager [7000] - The Service Sendori service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 10/1/2013 10:07:26 AM, Error: Service Control Manager [7003] - The NI Device Loader service depends the following service: mxssvr. This service might not be installed. 10/1/2013 10:07:26 AM, Error: Service Control Manager [7000] - The McAfee SiteAdvisor Service service failed to start due to the following error: The system cannot find the file specified. 10/1/2013 10:05:34 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the UNS service. . ==== End Of File ===========================
- October 2, 2013
- 3 replies

Events

Profiles

Forums

Everything posted by eNerve

Important Information