JMayhem Posted March 30, 2012 ID:538452 Share Posted March 30, 2012 Hello - I found this forum thread, and I am having the same problem. I performed the steps you listed above, and here are the contents of the otl.txt and extras.txt. What should I do next?OTL.txtOTL logfile created on: 3/30/2012 10:30:29 AM - Run 1OTL by OldTimer - Version 3.2.39.2 Folder = C:\Users\Jenny\Downloads64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstationInternet Explorer (Version = 9.0.8112.16421)Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy3.68 Gb Total Physical Memory | 2.62 Gb Available Physical Memory | 71.18% Memory free7.36 Gb Paging File | 6.12 Gb Available in Paging File | 83.22% Paging File freePaging file location(s): ?:\pagefile.sys [binary data]%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)Drive C: | 449.66 Gb Total Space | 398.80 Gb Free Space | 88.69% Space Free | Partition Type: NTFSComputer Name: JENNY-PC | User Name: Jenny | Logged in as Administrator.Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit ScansCompany Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days========== Processes (SafeList) ==========PRC - File not found -- PRC - [2012/03/26 14:38:41 | 000,180,648 | ---- | M] (Google Inc.) -- C:\Users\Jenny\AppData\Local\Google\Update\1.3.21.111\GoogleCrashHandler.exePRC - [2012/02/03 01:55:28 | 000,296,232 | ---- | M] (Anvisoft) -- C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\ASDSrv.exePRC - [2012/02/03 01:55:26 | 000,715,048 | ---- | M] (Anvisoft) -- C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\ASDTray.exePRC - [2012/01/03 07:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exePRC - [2011/10/01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exePRC - [2011/10/01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exePRC - [2011/03/20 15:44:42 | 003,140,288 | ---- | M] (Hawkes Learning Systems ) -- C:\Program Files (x86)\Hawkes Learning Systems\Hawkes Update Service Manager\HawkesUpdater.exePRC - [2011/02/22 11:02:16 | 000,120,104 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exePRC - [2011/02/22 11:01:38 | 000,169,352 | ---- | M] () -- C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exePRC - [2011/02/15 12:35:34 | 000,297,280 | ---- | M] (NTI Corporation) -- C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exePRC - [2010/04/13 10:57:56 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exePRC - [2010/03/17 22:56:56 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exePRC - [2003/04/18 17:06:26 | 000,008,192 | ---- | M] () -- C:\Program Files (x86)\Hawkes Learning Systems\Hawkes Update Service Manager\srvany.exe========== Modules (No Company Name) ==========MOD - [2012/02/16 19:30:38 | 000,452,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\e940e77e2e8cfd51f723acc172afeeef\IAStorUtil.ni.dllMOD - [2012/02/15 11:24:25 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\a1c4a635721f85bef0ea4194b888b871\System.Runtime.Remoting.ni.dllMOD - [2012/02/15 11:23:56 | 012,433,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6c51e152e7404188914c9fa4d8503ff9\System.Windows.Forms.ni.dllMOD - [2012/02/15 11:23:48 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\ab87129c2b603f218e4aa5300c9b1bdd\System.Drawing.ni.dllMOD - [2012/02/15 11:23:28 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\9866d1f6178e1cde25642f1ac293ff8d\System.Xml.ni.dllMOD - [2012/02/15 11:23:24 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\e620323cacb5b6bfd93fd28d263440e4\System.Configuration.ni.dllMOD - [2012/02/15 11:23:22 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\faf4e8730ecbd07570111bb7c3b20565\System.ni.dllMOD - [2012/01/31 20:15:02 | 000,547,112 | ---- | M] () -- C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\sqlite3.dllMOD - [2011/10/13 19:41:32 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dllMOD - [2011/09/27 08:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dllMOD - [2011/09/27 08:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dllMOD - [2011/02/22 11:01:38 | 000,206,216 | ---- | M] () -- C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLNetMediaDMA.dllMOD - [2011/02/22 11:01:38 | 000,169,352 | ---- | M] () -- C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exeMOD - [2011/02/15 12:37:10 | 000,465,640 | ---- | M] () -- C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll========== Win32 Services (SafeList) ==========SRV:64bit: - [2011/02/22 22:00:46 | 000,873,064 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe -- (ePowerSvc)SRV:64bit: - [2011/01/31 14:55:14 | 000,244,624 | ---- | M] (Acer Incorporated) [Disabled | Stopped] -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe -- (Live Updater Service)SRV:64bit: - [2010/09/22 19:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)SRV:64bit: - [2009/07/13 19:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)SRV - [2012/02/03 01:55:28 | 000,296,232 | ---- | M] (Anvisoft) [Auto | Running] -- C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\ASDSrv.exe -- (asdsrv)SRV - [2012/01/03 07:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)SRV - [2011/12/19 17:32:26 | 000,394,672 | ---- | M] (Eastman Kodak Company) [Disabled | Stopped] -- C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe -- (Kodak AiO Network Discovery Service)SRV - [2011/10/01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)SRV - [2011/10/01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)SRV - [2011/04/27 12:31:21 | 000,655,624 | ---- | M] (Acresso Software Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)SRV - [2011/03/31 06:38:36 | 000,352,848 | ---- | M] (Dritek System Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe -- (DsiWMIService)SRV - [2011/02/15 12:36:10 | 000,257,344 | ---- | M] (NTI Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc)SRV - [2010/10/12 11:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)SRV - [2010/09/27 19:09:54 | 000,172,912 | ---- | M] (Egis Technology Inc. ) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe -- (EgisTec Ticket Service)SRV - [2010/06/01 16:31:28 | 002,804,568 | ---- | M] (Symantec Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe -- (NOBU)SRV - [2010/04/13 10:57:58 | 000,013,336 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel®SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)SRV - [2010/03/17 22:57:02 | 002,320,920 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS) Intel®SRV - [2010/03/17 22:56:56 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS) Intel®SRV - [2010/01/08 07:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) [Disabled | Stopped] -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe -- (GREGService)SRV - [2009/06/10 15:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)SRV - [2003/04/18 17:06:26 | 000,008,192 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Hawkes Learning Systems\Hawkes Update Service Manager\srvany.exe -- (HawkesUpdater)========== Driver Services (SafeList) ==========DRV:64bit: - [2012/02/15 11:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)DRV:64bit: - [2012/01/09 02:26:30 | 000,024,360 | ---- | M] (Anvisoft) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\avhips.sys -- (avhips)DRV:64bit: - [2012/01/09 02:26:30 | 000,020,264 | ---- | M] (Anvisoft) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avfsmn.sys -- (avfsmn)DRV:64bit: - [2011/10/01 09:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)DRV:64bit: - [2011/10/01 09:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)DRV:64bit: - [2011/10/01 09:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)DRV:64bit: - [2011/10/01 09:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)DRV:64bit: - [2011/04/18 22:51:36 | 000,062,584 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)DRV:64bit: - [2011/04/18 22:51:36 | 000,022,912 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)DRV:64bit: - [2011/04/18 22:51:36 | 000,020,328 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)DRV:64bit: - [2011/03/17 03:42:38 | 002,712,064 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)DRV:64bit: - [2011/03/11 00:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)DRV:64bit: - [2011/03/11 00:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)DRV:64bit: - [2011/03/09 22:01:45 | 000,018,432 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)DRV:64bit: - [2011/03/09 22:01:45 | 000,017,408 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)DRV:64bit: - [2011/03/01 08:33:16 | 004,720,704 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)DRV:64bit: - [2011/01/17 16:56:14 | 000,412,712 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a) Broadcom NetLink DRV:64bit: - [2010/11/20 21:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)DRV:64bit: - [2010/11/20 21:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)DRV:64bit: - [2010/11/20 21:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)DRV:64bit: - [2010/10/08 04:32:28 | 001,395,248 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)DRV:64bit: - [2010/09/21 19:47:10 | 000,243,712 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)DRV:64bit: - [2010/07/19 18:10:40 | 010,603,904 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)DRV:64bit: - [2010/04/13 10:44:22 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)DRV:64bit: - [2010/02/26 17:32:14 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)DRV:64bit: - [2009/09/16 23:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel®DRV:64bit: - [2009/07/13 19:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)DRV:64bit: - [2009/07/13 19:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)DRV:64bit: - [2009/07/13 19:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)DRV:64bit: - [2009/07/13 19:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)DRV:64bit: - [2009/06/10 14:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)DRV:64bit: - [2009/06/10 14:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)DRV:64bit: - [2009/06/10 14:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)DRV:64bit: - [2009/06/10 14:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)DRV:64bit: - [2009/05/18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)DRV - [2009/07/13 19:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)========== Standard Registry (SafeList) ==================== Internet Explorer ==========IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.comIE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://acer.msn.comIE:64bit: - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBoxIE:64bit: - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=101&systemid=406&sr=0&q={searchTerms}IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.comIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htmIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://acer.msn.comIE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBoxIE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=101&systemid=406&sr=0&q={searchTerms}IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.comIE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.searchnu.com/406IE - HKCU\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=101&systemid=406&sr=0&q={searchTerms}IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local========== FireFox ==========FF - prefs.js..browser.search.selectedEngine: "Search Results"FF - prefs.js..browser.search.useDBForOrder: trueFF - prefs.js..keyword.URL: "http://dts.search-results.com/sr?src=ffb&appid=101&systemid=406&sr=0&q="FF - prefs.js..browser.search.defaultenginename: "Search Results"FF - prefs.js..browser.search.order.1: "Search Results"FF - prefs.js..browser.startup.homepage: "http://www.searchnu.com/406"FF - user.js - File not foundFF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not foundFF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not foundFF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not foundFF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not foundFF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Jenny\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Jenny\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/01/02 22:58:44 | 000,000,000 | ---D | M]FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins[2012/03/24 10:44:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jenny\AppData\Roaming\Mozilla\Extensions[2012/03/24 10:44:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\1p9nc0u4.default\extensions[2011/12/19 00:32:06 | 000,001,742 | ---- | M] () -- C:\Users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\1p9nc0u4.default\searchplugins\search-the-web.xml[2012/03/24 10:41:03 | 000,002,519 | ---- | M] () -- C:\Users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\1p9nc0u4.default\searchplugins\Search_Results.xml[2012/03/24 10:44:28 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions[2012/03/16 21:21:01 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}File not found (No name found) -- C:\PROGRAM FILES (X86)\SEARCHQU TOOLBAR\DATAMNGR\FIREFOXEXTENSION[2011/09/29 00:53:40 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll[2011/09/28 18:26:50 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml[2012/03/24 10:41:03 | 000,002,519 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\Search_Results.xml========== Chrome ==========CHR - default_search_provider: Search Results (Enabled)CHR - default_search_provider: search_url = http://dts.search-results.com/sr?src=crb&appid=101&systemid=406&sr=0&q={searchTerms}CHR - default_search_provider: suggest_url = CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewerCHR - plugin: Native Client (Enabled) = C:\Users\Jenny\AppData\Local\Google\Chrome\Application\18.0.1025.142\ppGoogleNaClPluginChrome.dllCHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Jenny\AppData\Local\Google\Chrome\Application\18.0.1025.142\pdf.dllCHR - plugin: Shockwave Flash (Enabled) = C:\Users\Jenny\AppData\Local\Google\Chrome\Application\18.0.1025.142\gcswf32.dllCHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dllCHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\PFiles\Plugins\np-mswmp.dllCHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dllCHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dllCHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dllCHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dllCHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dllCHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dllCHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dllCHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dllCHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLLCHR - plugin: Java Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dllCHR - plugin: WildTangent Games App Presence Detector (Enabled) = C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dllCHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dllCHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dllCHR - plugin: Google Update (Enabled) = C:\Users\Jenny\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dllCHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dllCHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dllCHR - Extension: Fancy Gaming Simplifier = C:\Users\Jenny\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahcaniaehcjkignnobkmdgacafghkplh\2.0.0.1_0\CHR - Extension: YouTube = C:\Users\Jenny\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\CHR - Extension: Google Search = C:\Users\Jenny\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.18_0\CHR - Extension: FB Photo Zoom = C:\Users\Jenny\AppData\Local\Google\Chrome\User Data\Default\Extensions\elioihkkcdgakfbahdoddophfngopipi\1.1109.26.1_0\CHR - Extension: Gmail = C:\Users\Jenny\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\O1 HOSTS File: ([2009/06/10 15:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hostsO2:64bit: - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll File not foundO3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll File not foundO3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)O4:64bit: - HKLM..\Run: [igfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)O4:64bit: - HKLM..\Run: [Power Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated)O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)O4 - HKLM..\Run: [Anvi Smart Defender] C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\ASDTray.exe (Anvisoft)O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)O4 - HKLM..\Run: [backupManagerTray] C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (NTI Corporation)O4 - HKLM..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)O4 - HKCU..\Run: [RDReminder] File not foundO6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)O1364bit: - gopher Prefix: missingO13 - gopher Prefix: missingO16 - DPF: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab (Java Plug-in 1.7.0)O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab (Java Plug-in 1.7.0)O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 129.123.0.2 129.123.0.1O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0FE64291-03FE-4746-BFD8-8E11124EF1F4}: DhcpNameServer = 129.123.0.2 129.123.0.1O18:64bit: - Protocol\Handler\livecall - No CLSID value foundO18:64bit: - Protocol\Handler\msnim - No CLSID value foundO18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value foundO18:64bit: - Protocol\Handler\wlpg - No CLSID value foundO20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not foundO20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not foundO20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.O32 - HKLM CDRom: AutoRun - 1O34 - HKLM BootExecute: (autocheck autochk *)O35:64bit: - HKLM\..comfile [open] -- "%1" %*O35:64bit: - HKLM\..exefile [open] -- "%1" %*O35 - HKLM\..comfile [open] -- "%1" %*O35 - HKLM\..exefile [open] -- "%1" %*O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*O37 - HKLM\...com [@ = comfile] -- "%1" %*O37 - HKLM\...exe [@ = exefile] -- "%1" %*========== Files/Folders - Created Within 30 Days ==========[2012/03/30 10:29:08 | 000,593,920 | ---- | C] (OldTimer Tools) -- C:\Users\Jenny\Desktop\OTL.exe[2012/03/29 21:31:48 | 000,024,360 | ---- | C] (Anvisoft) -- C:\Windows\SysNative\drivers\avhips.sys[2012/03/29 21:31:48 | 000,020,264 | ---- | C] (Anvisoft) -- C:\Windows\SysNative\drivers\avfsmn.sys[2012/03/29 21:31:48 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Anvisoft[2012/03/29 21:31:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Anvisoft[2012/03/29 21:23:23 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\{816B3338-A46F-44E2-923D-DB171634FFE7}[2012/03/27 20:44:32 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Roaming\Malwarebytes[2012/03/27 20:44:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware[2012/03/27 20:44:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes[2012/03/27 20:44:27 | 000,023,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys[2012/03/27 20:44:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware[2012/03/26 21:30:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes[2012/03/26 21:30:15 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes[2012/03/26 21:30:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes[2012/03/26 21:30:15 | 000,000,000 | ---D | C] -- C:\Program Files\iPod[2012/03/24 10:42:26 | 000,000,000 | ---D | C] -- C:\Users\Jenny\AppData\Local\Ilivid Player[2012/03/24 10:41:03 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess[2012/03/21 21:43:48 | 000,000,000 | ---D | C] -- C:\FarmVilleBot_2.1[2012/03/16 21:21:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java========== Files - Modified Within 30 Days ==========[2012/03/30 10:29:10 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Users\Jenny\Desktop\OTL.exe[2012/03/30 10:28:53 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3767778522-3456462054-3616011533-1001UA.job[2012/03/30 10:28:52 | 000,002,405 | ---- | M] () -- C:\Users\Jenny\Desktop\Google Chrome.lnk[2012/03/30 10:28:32 | 000,727,334 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI[2012/03/30 10:28:32 | 000,624,864 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat[2012/03/30 10:28:32 | 000,106,950 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat[2012/03/30 10:26:48 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat[2012/03/29 21:43:17 | 000,016,976 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0[2012/03/29 21:43:17 | 000,016,976 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0[2012/03/29 21:35:30 | 2962,255,872 | -HS- | M] () -- C:\hiberfil.sys[2012/03/29 21:31:48 | 000,001,192 | ---- | M] () -- C:\Users\Jenny\Desktop\Anvi Smart Defender.lnk[2012/03/29 21:00:54 | 000,000,241 | ---- | M] () -- C:\Users\Jenny\Documents\bot accounts.rtf[2012/03/29 14:43:00 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3767778522-3456462054-3616011533-1001Core.job[2012/03/28 10:25:54 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\DLL-files.com Fixer_UPDATES.job[2012/03/27 20:44:28 | 000,001,117 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk[2012/03/26 21:30:30 | 000,001,787 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk[2012/03/21 21:44:43 | 000,000,737 | ---- | M] () -- C:\Users\Jenny\Application Data\Microsoft\Internet Explorer\Quick Launch\FarmVilleBot Lite.lnk[2012/03/21 21:44:43 | 000,000,712 | ---- | M] () -- C:\Users\Jenny\Application Data\Microsoft\Internet Explorer\Quick Launch\FarmVilleBot.lnk[2012/03/21 11:58:15 | 000,000,398 | ---- | M] () -- C:\Users\Jenny\Documents\1.2c Properties of Radicals.SAV[2012/03/21 11:39:38 | 000,000,378 | ---- | M] () -- C:\Users\Jenny\Documents\1.2a Properties of Exponents.SAV[2012/03/19 18:39:37 | 000,000,713 | ---- | M] () -- C:\Users\Public\Desktop\FarmVilleBot Lite.lnk[2012/03/19 18:39:37 | 000,000,688 | ---- | M] () -- C:\Users\Public\Desktop\FarmVilleBot.lnk[2012/03/15 00:17:01 | 000,000,195 | ---- | M] () -- C:\Users\Jenny\Documents\hotel conf.rtf[2012/03/14 17:52:55 | 000,283,072 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT[2012/03/08 12:51:22 | 000,208,204 | ---- | M] () -- C:\Users\Jenny\Documents\CVSHApplication.pdf[2012/03/03 22:57:30 | 000,000,272 | ---- | M] () -- C:\Windows\tasks\DLL-files.com Fixer_MONTHLY.job========== Files Created - No Company Name ==========[2012/03/29 21:31:48 | 000,001,192 | ---- | C] () -- C:\Users\Jenny\Desktop\Anvi Smart Defender.lnk[2012/03/27 20:44:28 | 000,001,117 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk[2012/03/26 21:30:30 | 000,001,787 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk[2012/03/24 21:37:50 | 000,000,241 | ---- | C] () -- C:\Users\Jenny\Documents\bot accounts.rtf[2012/03/21 11:58:15 | 000,000,398 | ---- | C] () -- C:\Users\Jenny\Documents\1.2c Properties of Radicals.SAV[2012/03/21 11:39:38 | 000,000,378 | ---- | C] () -- C:\Users\Jenny\Documents\1.2a Properties of Exponents.SAV[2012/03/15 00:17:01 | 000,000,195 | ---- | C] () -- C:\Users\Jenny\Documents\hotel conf.rtf[2012/03/08 12:20:27 | 000,208,204 | ---- | C] () -- C:\Users\Jenny\Documents\CVSHApplication.pdf[2011/09/13 22:31:20 | 000,744,030 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI[2011/08/12 17:23:35 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI[2011/04/18 23:06:33 | 000,870,560 | ---- | C] () -- C:\Windows\SysWow64\igkrng575.bin[2011/04/18 23:06:33 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\iglhsip32.dll[2011/04/18 23:06:33 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\iglhcp32.dll[2011/04/18 23:06:31 | 000,104,796 | ---- | C] () -- C:\Windows\SysWow64\igfcg575m.bin[2011/04/18 23:06:29 | 000,127,868 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng575.bin========== LOP Check ==========[2011/09/09 14:35:20 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\Barnes & Noble[2012/01/15 13:23:05 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\Charles[2011/08/28 21:24:15 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\dll-files.com[2012/01/15 23:54:36 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\Namco[2011/09/09 18:00:33 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\PowerCinema[2012/03/27 18:56:47 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\SoftGrid Client[2011/09/02 16:19:43 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\Temp[2011/09/13 22:32:09 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\TP[2011/08/31 13:18:22 | 000,000,000 | ---D | M] -- C:\Users\Jenny\AppData\Roaming\Windows Live Writer[2012/03/03 22:57:30 | 000,000,272 | ---- | M] () -- C:\Windows\Tasks\DLL-files.com Fixer_MONTHLY.job[2012/03/28 10:25:54 | 000,000,292 | ---- | M] () -- C:\Windows\Tasks\DLL-files.com Fixer_UPDATES.job[2012/02/07 15:10:54 | 000,032,532 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT========== Purity Check ==========< End of report >Extras.txtOTL Extras logfile created on: 3/30/2012 10:30:29 AM - Run 1OTL by OldTimer - Version 3.2.39.2 Folder = C:\Users\Jenny\Downloads64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstationInternet Explorer (Version = 9.0.8112.16421)Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy3.68 Gb Total Physical Memory | 2.62 Gb Available Physical Memory | 71.18% Memory free7.36 Gb Paging File | 6.12 Gb Available in Paging File | 83.22% Paging File freePaging file location(s): ?:\pagefile.sys [binary data]%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)Drive C: | 449.66 Gb Total Space | 398.80 Gb Free Space | 88.69% Space Free | Partition Type: NTFSComputer Name: JENNY-PC | User Name: Jenny | Logged in as Administrator.Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit ScansCompany Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days========== Extra Registry (SafeList) ==================== File Associations ==========64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>].url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>].cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)========== Shell Spawning ==========64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]batfile [open] -- "%1" %*cmdfile [open] -- "%1" %*comfile [open] -- "%1" %*exefile [open] -- "%1" %*helpfile [open] -- Reg Error: Key error.htmlfile [edit] -- Reg Error: Key error.htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)piffile [open] -- "%1" %*regfile [merge] -- Reg Error: Key error.scrfile [config] -- "%1"scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %lscrfile [open] -- "%1" /Stxtfile [edit] -- Reg Error: Key error.Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)Folder [explore] -- Reg Error: Value error.Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]batfile [open] -- "%1" %*cmdfile [open] -- "%1" %*comfile [open] -- "%1" %*cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)exefile [open] -- "%1" %*helpfile [open] -- Reg Error: Key error.htmlfile [edit] -- Reg Error: Key error.htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)piffile [open] -- "%1" %*regfile [merge] -- Reg Error: Key error.scrfile [config] -- "%1"scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %lscrfile [open] -- "%1" /Stxtfile [edit] -- Reg Error: Key error.Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)Folder [explore] -- Reg Error: Value error.Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)========== Security Center Settings ==========64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]"cval" = 164bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]"AntiVirusOverride" = 0"AntiSpywareOverride" = 0"FirewallOverride" = 064bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]========== Firewall Settings ==========[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]"EnableFirewall" = 1"DisableNotifications" = 0[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]"EnableFirewall" = 0"DisableNotifications" = 0[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]"EnableFirewall" = 0"DisableNotifications" = 0========== Authorized Applications List ==================== HKEY_LOCAL_MACHINE Uninstall List ==========64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]"{0645A454-AD44-4F0D-99CF-6B762735AD1F}" = aioprnt"{0B78ECB0-1A6B-4E6D-89D7-0E7CE77F0427}" = MyWinLocker"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant"{1F557316-CFC0-41BD-AFF7-8BC49CE444D7}" = Shredder"{26A24AE4-039D-4CA4-87B4-2F86417000FF}" = Java 7 (64-bit)"{27EF8E7F-88D1-4ec5-ADE2-7E447FDF114E}" = Kodak AIO Printer"{4BDE7544-0A08-4AD9-8A8F-4B7944471C36}" = iTunes"{5E2CD4FB-4538-4831-8176-05D653C3E6D4}" = Windows Live Remote Service Resources"{64A3A4F4-B792-11D6-A78A-00B0D0170000}" = Java SE Development Kit 7 (64-bit)"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources"{90140000-006D-0409-1000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting"{B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}" = Windows Live Remote Client Resources"{B8AD779A-82DA-4365-A7D0-AD3DCFC55CFF}" = Apple Mobile Device Support"{C91DCB72-F5BB-410D-A91A-314F5D1B4284}" = Broadcom Gigabit NetLink Controller"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit"CCleaner" = CCleaner"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile"SynTPDeinstKey" = Synaptics Pointing Device Driver"WinRAR archiver" = WinRAR 4.01 (64-bit)[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = Acer Crystal Eye Webcam"{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer"{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}" = Backup Manager V3"{11745B8A-E942-4674-B729-39110F5962AA}_is1" = FarmVilleBot 2.2.3.2"{14C4C3B6-F1F4-401F-8C86-03E8E19AAC8C}" = MediaEspresso"{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}" = MyWinLocker Suite"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = clear.fi"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java 6 Update 31"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery"{376348C2-E372-48BC-A138-E896757BD86A}" = aioscnnr"{39F15B50-A977-4CA6-B1C3-6A8724CDA025}" = MyWinLocker 4"{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer"{3DB0448D-AD82-4923-B305-D001E521A964}" = Acer ePower Management"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology"{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}" = Norton Online Backup"{43AAE145-83CF-4C96-9A5E-756CEFCE879F}" = clear.fi Client"{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live"{491ADA37-04EE-2ECE-9F86-DDC0106047AC}" = Times Reader"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater"{56BA241F-580C-43D2-8403-947241AAE633}" = center"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack"{6057E21C-ABE9-4059-AE3E-3BEB9925E660}" = Windows Live Messenger"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM"{613C0AC5-3A67-4B94-8B13-9176AD83F5BF}" = newsXpresso"{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin"{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-acer" = WildTangent Games App (Acer Games)"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform"{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT"{90140011-0066-0409-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - English"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010"{95140000-00AF-0409-0000-0000000FF1CE}" = Microsoft PowerPoint Viewer"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail"{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.2)"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR"{B906C11A-D193-4143-9FA7-E2EE8A5A8F21}" = clear.fi"{BE94C681-68E2-4561-8ABC-8D2E799168B4}" = essentials"{BFBCF96F-7361-486A-965C-54B17AC35421}" = ocr"{C2695E83-CF1D-43D1-84FE-B3BEC561012A}" = Shredder"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64"{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}" = NTI Media Maker 9"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform"{DA5BDB2A-12F0-4343-8351-21AAEB293990}" = PreReq"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10"{E0B19DF7-B1C7-4937-82C4-0E4B1E346965}" = eBay Worldwide"{E0F274B7-592B-4669-8FB8-8D9825A09858}" = KODAK AiO Software"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Acer Updater"{EF53BFAB-4C10-40DB-A82D-9B07111715C6}" = aioscnnr"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Graphics Media Accelerator Driver"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel® Control Center"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials"Acer Registration" = Acer Registration"Acer Screensaver" = Acer ScreenSaver"Acer Welcome Center" = Welcome Center"Adobe AIR" = Adobe AIR"Adobe Shockwave Player" = Adobe Shockwave Player 11.6"Anvi Smart Defender" = Anvi Smart Defender RC2"BN_DesktopReader" = NOOK for PC"Charles_XK72" = Charles"com.nyt.timesreader.78C54164786ADE80CB31E1C5D95607D0938C987A.1" = Times Reader"Dll-Files.com Fixer_is1" = Dll-Files.com Fixer"Doxillion" = Doxillion Document Converter"ExpressZip" = Express Zip File Compression Software"Hawkes Update Service Manager" = Hawkes Update Service Manager"Identity Card" = Identity Card"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = Acer Crystal Eye Webcam"InstallShield_{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}" = Acer Backup Manager"InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}" = MyWinLocker Suite"InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = clear.fi"InstallShield_{613C0AC5-3A67-4B94-8B13-9176AD83F5BF}" = newsXpresso"InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}" = NTI Media Maker 9"LManager" = Launch Manager"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.60.1.1000"Mozilla Firefox 7.0.1 (x86 en-US)" = Mozilla Firefox 7.0.1 (x86 en-US)"Office14.Click2Run" = Microsoft Office Click-to-Run 2010"Precalculus (Fall 2011 Student)" = Precalculus (Fall 2011 Student)"Scribe" = Express Scribe"WildTangent acer Master Uninstall" = Acer Games"WinLiveSuite" = Windows Live Essentials"WTA-036dc91c-3596-41cf-afb5-8fe9d76b3bfa" = Dora's World Adventure"WTA-10f999da-3c38-4d87-99a6-08e748bc4ba3" = Zuma's Revenge"WTA-2426fbc3-e9a4-4c29-a0e0-0e1d4e09dac2" = Chuzzle Deluxe"WTA-307d684f-8bcc-4503-bd58-e0668db6dcee" = Bejeweled 2 Deluxe"WTA-33f18576-3d19-4dd3-8aed-e5f1426eec54" = Torchlight"WTA-3ad4add0-74f7-4427-af1c-b53fd4ae149e" = Poker Superstars III"WTA-3aec2ce0-a643-49ae-8194-e6c66943a931" = Polar Golfer"WTA-3fee7dc0-7906-4d83-af4b-9082669c7728" = Penguins!"WTA-55a36a0e-cdb4-40e8-8991-ea915b04200d" = Virtual Villagers 4 - The Tree of Life"WTA-5a6d223e-900a-444b-8c22-6305da7969cb" = Agatha Christie - 4:50 from Paddington"WTA-6416da14-ff05-49d1-b29a-b02e570a0151" = Final Drive: Nitro"WTA-7b109e19-a2a7-4b5e-89d9-97cd63d3c014" = Polar Bowler"WTA-925d71b3-6eb9-4e84-832d-7508c57cde5c" = Mystery P.I. - Stolen in San Francisco"WTA-acf2bd08-527f-443b-9b95-0fe1fe832281" = Build-a-lot 2"WTA-b66be362-fd3d-4611-b53b-23a494960737" = Plants vs. Zombies - Game of the Year"WTA-c31c13b2-3d44-43d5-a9d1-8506d541cea9" = Diner Dash 2 Restaurant Rescue"WTA-dab7998f-5b94-454a-a1c2-5fc158365431" = Jewel Quest Heritage"WTA-e550e22e-d07b-4a1b-8e1a-7f6d371cf0db" = FATE - The Traitor Soul"WTA-f226e527-daaa-41cf-bc32-d211e6ba9153" = Namco All-Stars: PAC-MAN"Zuma's Revenge!" = Zuma's Revenge!========== HKEY_CURRENT_USER Uninstall List ==========[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]"Google Chrome" = Google Chrome========== Last 10 Event Log Errors ==========Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!< End of report > Link to post Share on other sites More sharing options...
Staff CatByte Posted March 31, 2012 Staff ID:538757 Share Posted March 31, 2012 Hi,Please do the following:Please download TDSSKiller.zipExtract it to your desktopDouble click TDSSKiller.exewhen the window opens, click on Change Parametersunder ”Additional options”, put a check mark in the box next to “Detect TDLFS File System”click OKPress Start ScanAs we are only looking for a log of what is on the machine right now > choose to skip whatever is foundThen click Continue > Reboot now[*]Copy and paste the log in your next replyA copy of the log will be saved automatically to the root of the drive (typically C:\)NEXTPlease download aswMBR.exe and save it to your desktop.Double click aswMBR.exe to start the tool.When asked if you want to download Avast's virus definitions please select Yes.Click ScanUpon completion of the scan, click Save log and save it to your desktop, and post that log in your next reply for review. Note - do NOT attempt any Fix yet. You will also notice another file created on the desktop named MBR.dat. Right click that file and select Send To>Compressed (zipped) file. Attach that zipped file in your next reply as well. Link to post Share on other sites More sharing options...
JMayhem Posted April 2, 2012 Author ID:539138 Share Posted April 2, 2012 Thank you, here are the files copied & pasted, and the MBR.dat attached20:55:20.0143 7736 TDSS rootkit removing tool 2.7.23.0 Mar 26 2012 13:40:1820:55:20.0620 7736 ============================================================20:55:20.0620 7736 Current date / time: 2012/04/01 20:55:20.062020:55:20.0620 7736 SystemInfo:20:55:20.0620 773620:55:20.0621 7736 OS Version: 6.1.7601 ServicePack: 1.020:55:20.0621 7736 Product type: Workstation20:55:20.0621 7736 ComputerName: JENNY-PC20:55:20.0621 7736 UserName: Jenny20:55:20.0621 7736 Windows directory: C:\Windows20:55:20.0621 7736 System windows directory: C:\Windows20:55:20.0621 7736 Running under WOW6420:55:20.0621 7736 Processor architecture: Intel x6420:55:20.0621 7736 Number of processors: 220:55:20.0621 7736 Page size: 0x100020:55:20.0621 7736 Boot type: Normal boot20:55:20.0621 7736 ============================================================20:55:21.0240 7736 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x0000004020:55:21.0256 7736 \Device\Harddisk0\DR0:20:55:21.0256 7736 MBR used20:55:21.0256 7736 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x2000800, BlocksNum 0x3200020:55:21.0256 7736 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2032800, BlocksNum 0x3835300020:55:21.0287 7736 Initialize success20:55:21.0287 7736 ============================================================20:55:43.0136 7920 ============================================================20:55:43.0136 7920 Scan started20:55:43.0136 7920 Mode: Manual; TDLFS;20:55:43.0136 7920 ============================================================20:55:43.0817 7920 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys20:55:43.0817 7920 1394ohci - ok20:55:43.0864 7920 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys20:55:43.0864 7920 ACPI - ok20:55:43.0895 7920 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys20:55:43.0895 7920 AcpiPmi - ok20:55:44.0005 7920 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe20:55:44.0005 7920 AdobeARMservice - ok20:55:44.0161 7920 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys20:55:44.0176 7920 adp94xx - ok20:55:44.0223 7920 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys20:55:44.0239 7920 adpahci - ok20:55:44.0270 7920 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys20:55:44.0270 7920 adpu320 - ok20:55:44.0317 7920 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll20:55:44.0317 7920 AeLookupSvc - ok20:55:44.0379 7920 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys20:55:44.0395 7920 AFD - ok20:55:44.0457 7920 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys20:55:44.0457 7920 agp440 - ok20:55:44.0504 7920 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe20:55:44.0504 7920 ALG - ok20:55:44.0535 7920 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys20:55:44.0535 7920 aliide - ok20:55:44.0566 7920 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys20:55:44.0566 7920 amdide - ok20:55:44.0597 7920 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys20:55:44.0597 7920 AmdK8 - ok20:55:44.0613 7920 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys20:55:44.0613 7920 AmdPPM - ok20:55:44.0660 7920 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys20:55:44.0675 7920 amdsata - ok20:55:44.0691 7920 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys20:55:44.0691 7920 amdsbs - ok20:55:44.0722 7920 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys20:55:44.0722 7920 amdxata - ok20:55:44.0753 7920 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys20:55:44.0753 7920 AppID - ok20:55:44.0785 7920 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll20:55:44.0800 7920 AppIDSvc - ok20:55:44.0816 7920 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll20:55:44.0816 7920 Appinfo - ok20:55:44.0925 7920 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe20:55:44.0941 7920 Apple Mobile Device - ok20:55:45.0050 7920 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys20:55:45.0050 7920 arc - ok20:55:45.0081 7920 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys20:55:45.0081 7920 arcsas - ok20:55:45.0159 7920 asdsrv (2be4aa54c7728b7a432713961b09fa89) C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\ASDSrv.exe20:55:45.0237 7920 asdsrv - ok20:55:45.0315 7920 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys20:55:45.0315 7920 AsyncMac - ok20:55:45.0346 7920 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys20:55:45.0346 7920 atapi - ok20:55:45.0471 7920 athr (cc406da84e7dd3fa3ad20340dbc66cf2) C:\Windows\system32\DRIVERS\athrx.sys20:55:45.0565 7920 athr - ok20:55:45.0674 7920 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll20:55:45.0689 7920 AudioEndpointBuilder - ok20:55:45.0705 7920 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll20:55:45.0705 7920 AudioSrv - ok20:55:45.0861 7920 avfsmn (7f5ea096d5edbaa9caeedf07dfae65da) C:\Windows\system32\DRIVERS\avfsmn.sys20:55:45.0892 7920 avfsmn - ok20:55:46.0173 7920 AVGIDSAgent (6d440ff3f44ca72edfd6176c6d6a89c0) C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe20:55:46.0309 7920 AVGIDSAgent - ok20:55:46.0451 7920 AVGIDSDriver (e29ea1a0ec7ab9fa2dc7e75a03f12a4f) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys20:55:46.0455 7920 AVGIDSDriver - ok20:55:46.0490 7920 AVGIDSEH (f823d184b8e8ffb8da3ead45dbf5bd6a) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys20:55:46.0493 7920 AVGIDSEH - ok20:55:46.0511 7920 AVGIDSFilter (ed2b25bd7fe35d1944211968842d30da) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys20:55:46.0514 7920 AVGIDSFilter - ok20:55:46.0549 7920 Avgldx64 (979cf8912449a10b987218bff80a1fa3) C:\Windows\system32\DRIVERS\avgldx64.sys20:55:46.0556 7920 Avgldx64 - ok20:55:46.0604 7920 Avgmfx64 (36b1a5843695766eac714daffc5b84d1) C:\Windows\system32\DRIVERS\avgmfx64.sys20:55:46.0607 7920 Avgmfx64 - ok20:55:46.0684 7920 Avgrkx64 (1102239fb724527f1febbbbccf6bf313) C:\Windows\system32\DRIVERS\avgrkx64.sys20:55:46.0687 7920 Avgrkx64 - ok20:55:46.0729 7920 Avgtdia (11f36d3ea82d9db9aa05a476a210551b) C:\Windows\system32\DRIVERS\avgtdia.sys20:55:46.0738 7920 Avgtdia - ok20:55:46.0962 7920 avgwd (6699ece24fe4b3f752a66c66a602ee86) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe20:55:46.0967 7920 avgwd - ok20:55:47.0047 7920 avhips (e0edb0f31b9755fb8f8017f3326de033) C:\Windows\system32\DRIVERS\avhips.sys20:55:47.0062 7920 avhips - ok20:55:47.0094 7920 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll20:55:47.0097 7920 AxInstSV - ok20:55:47.0140 7920 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys20:55:47.0148 7920 b06bdrv - ok20:55:47.0186 7920 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys20:55:47.0192 7920 b57nd60a - ok20:55:47.0338 7920 BCM43XX (85111026f1c5a1c4cce3697f0da7bc1a) C:\Windows\system32\DRIVERS\bcmwl664.sys20:55:47.0449 7920 BCM43XX - ok20:55:47.0481 7920 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll20:55:47.0496 7920 BDESVC - ok20:55:47.0548 7920 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys20:55:47.0549 7920 Beep - ok20:55:47.0607 7920 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll20:55:47.0621 7920 BFE - ok20:55:47.0710 7920 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll20:55:47.0745 7920 BITS - ok20:55:47.0964 7920 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys20:55:47.0966 7920 blbdrive - ok20:55:48.0105 7920 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe20:55:48.0115 7920 Bonjour Service - ok20:55:48.0260 7920 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys20:55:48.0264 7920 bowser - ok20:55:48.0410 7920 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys20:55:48.0412 7920 BrFiltLo - ok20:55:48.0654 7920 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys20:55:48.0657 7920 BrFiltUp - ok20:55:48.0754 7920 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll20:55:48.0758 7920 Browser - ok20:55:48.0823 7920 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys20:55:48.0831 7920 Brserid - ok20:55:48.0846 7920 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys20:55:48.0850 7920 BrSerWdm - ok20:55:48.0861 7920 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys20:55:48.0864 7920 BrUsbMdm - ok20:55:48.0876 7920 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys20:55:48.0878 7920 BrUsbSer - ok20:55:48.0890 7920 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys20:55:48.0893 7920 BTHMODEM - ok20:55:48.0930 7920 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll20:55:48.0932 7920 bthserv - ok20:55:48.0985 7920 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys20:55:48.0989 7920 cdfs - ok20:55:49.0107 7920 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys20:55:49.0111 7920 cdrom - ok20:55:49.0205 7920 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll20:55:49.0208 7920 CertPropSvc - ok20:55:49.0257 7920 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys20:55:49.0260 7920 circlass - ok20:55:49.0364 7920 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys20:55:49.0364 7920 CLFS - ok20:55:49.0442 7920 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe20:55:49.0442 7920 clr_optimization_v2.0.50727_32 - ok20:55:49.0473 7920 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe20:55:49.0473 7920 clr_optimization_v2.0.50727_64 - ok20:55:49.0614 7920 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe20:55:49.0614 7920 clr_optimization_v4.0.30319_32 - ok20:55:49.0645 7920 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe20:55:49.0645 7920 clr_optimization_v4.0.30319_64 - ok20:55:49.0739 7920 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys20:55:49.0739 7920 CmBatt - ok20:55:49.0770 7920 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys20:55:49.0770 7920 cmdide - ok20:55:49.0879 7920 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys20:55:49.0895 7920 CNG - ok20:55:49.0941 7920 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys20:55:49.0941 7920 Compbatt - ok20:55:49.0973 7920 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys20:55:49.0973 7920 CompositeBus - ok20:55:50.0004 7920 COMSysApp - ok20:55:50.0019 7920 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys20:55:50.0035 7920 crcdisk - ok20:55:50.0144 7920 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll20:55:50.0144 7920 CryptSvc - ok20:55:50.0300 7920 cvhsvc (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE20:55:50.0316 7920 cvhsvc - ok20:55:50.0425 7920 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll20:55:50.0441 7920 DcomLaunch - ok20:55:50.0472 7920 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll20:55:50.0472 7920 defragsvc - ok20:55:50.0534 7920 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys20:55:50.0534 7920 DfsC - ok20:55:50.0597 7920 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll20:55:50.0597 7920 Dhcp - ok20:55:50.0706 7920 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys20:55:50.0706 7920 discache - ok20:55:50.0799 7920 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys20:55:50.0799 7920 Disk - ok20:55:50.0862 7920 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll20:55:50.0862 7920 Dnscache - ok20:55:50.0909 7920 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll20:55:50.0924 7920 dot3svc - ok20:55:50.0955 7920 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll20:55:50.0955 7920 DPS - ok20:55:51.0080 7920 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys20:55:51.0080 7920 drmkaud - ok20:55:51.0174 7920 DsiWMIService (32c2cd16dc801aef9edaafea0dbd769e) C:\Program Files (x86)\Launch Manager\dsiwmis.exe20:55:51.0189 7920 DsiWMIService - ok20:55:51.0314 7920 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys20:55:51.0345 7920 DXGKrnl - ok20:55:51.0392 7920 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll20:55:51.0392 7920 EapHost - ok20:55:51.0517 7920 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys20:55:51.0616 7920 ebdrv - ok20:55:51.0714 7920 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe20:55:51.0719 7920 EFS - ok20:55:51.0804 7920 EgisTec Ticket Service (03e6888da1a85acf14ac2a3c328a9e62) C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe20:55:51.0809 7920 EgisTec Ticket Service - ok20:55:51.0882 7920 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe20:55:51.0900 7920 ehRecvr - ok20:55:51.0949 7920 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe20:55:51.0953 7920 ehSched - ok20:55:52.0030 7920 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys20:55:52.0040 7920 elxstor - ok20:55:52.0191 7920 ePowerSvc (eb1c213a8550f066b2ccc29c9f41e2ae) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe20:55:52.0222 7920 ePowerSvc - ok20:55:52.0325 7920 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys20:55:52.0327 7920 ErrDev - ok20:55:52.0441 7920 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll20:55:52.0450 7920 EventSystem - ok20:55:52.0508 7920 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys20:55:52.0513 7920 exfat - ok20:55:52.0545 7920 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys20:55:52.0561 7920 fastfat - ok20:55:52.0670 7920 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe20:55:52.0698 7920 Fax - ok20:55:52.0745 7920 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys20:55:52.0748 7920 fdc - ok20:55:52.0785 7920 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll20:55:52.0788 7920 fdPHost - ok20:55:52.0808 7920 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll20:55:52.0811 7920 FDResPub - ok20:55:52.0855 7920 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys20:55:52.0858 7920 FileInfo - ok20:55:52.0889 7920 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys20:55:52.0892 7920 Filetrace - ok20:55:53.0011 7920 FLEXnet Licensing Service (bb0667b0171b632b97ea759515476f07) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe20:55:53.0026 7920 FLEXnet Licensing Service - ok20:55:53.0114 7920 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys20:55:53.0117 7920 flpydisk - ok20:55:53.0151 7920 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys20:55:53.0158 7920 FltMgr - ok20:55:53.0227 7920 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll20:55:53.0262 7920 FontCache - ok20:55:53.0348 7920 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe20:55:53.0348 7920 FontCache3.0.0.0 - ok20:55:53.0410 7920 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys20:55:53.0410 7920 FsDepends - ok20:55:53.0442 7920 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys20:55:53.0442 7920 Fs_Rec - ok20:55:53.0473 7920 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys20:55:53.0488 7920 fvevol - ok20:55:53.0520 7920 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys20:55:53.0520 7920 gagp30kx - ok20:55:53.0691 7920 GamesAppService (c403c5db49a0f9aaf4f2128edc0106d8) C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe20:55:53.0707 7920 GamesAppService - ok20:55:53.0816 7920 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys20:55:53.0832 7920 GEARAspiWDM - ok20:55:53.0910 7920 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll20:55:53.0941 7920 gpsvc - ok20:55:54.0066 7920 GREGService (0191dee9b9eb7902af2cf4f67301095d) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe20:55:54.0066 7920 GREGService - ok20:55:54.0159 7920 HawkesUpdater (4635935fc972c582632bf45c26bfcb0e) C:\Program Files (x86)\Hawkes Learning Systems\Hawkes Update Service Manager\srvany.exe20:55:54.0175 7920 HawkesUpdater - ok20:55:54.0284 7920 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys20:55:54.0284 7920 hcw85cir - ok20:55:54.0346 7920 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys20:55:54.0346 7920 HdAudAddService - ok20:55:54.0409 7920 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys20:55:54.0409 7920 HDAudBus - ok20:55:54.0471 7920 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\drivers\HECIx64.sys20:55:54.0471 7920 HECIx64 - ok20:55:54.0502 7920 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys20:55:54.0502 7920 HidBatt - ok20:55:54.0518 7920 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys20:55:54.0534 7920 HidBth - ok20:55:54.0534 7920 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys20:55:54.0549 7920 HidIr - ok20:55:54.0586 7920 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll20:55:54.0589 7920 hidserv - ok20:55:54.0667 7920 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys20:55:54.0669 7920 HidUsb - ok20:55:54.0705 7920 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll20:55:54.0710 7920 hkmsvc - ok20:55:54.0740 7920 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll20:55:54.0748 7920 HomeGroupListener - ok20:55:54.0790 7920 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll20:55:54.0797 7920 HomeGroupProvider - ok20:55:54.0868 7920 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys20:55:54.0872 7920 HpSAMD - ok20:55:54.0930 7920 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys20:55:54.0963 7920 HTTP - ok20:55:54.0987 7920 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys20:55:54.0990 7920 hwpolicy - ok20:55:55.0032 7920 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys20:55:55.0036 7920 i8042prt - ok20:55:55.0084 7920 iaStor (1384872112e8e7fd5786eceb8bddf4c9) C:\Windows\system32\drivers\iaStor.sys20:55:55.0091 7920 iaStor - ok20:55:55.0208 7920 IAStorDataMgrSvc (6b24d1c3096de796d15571079ea5e98c) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe20:55:55.0211 7920 IAStorDataMgrSvc - ok20:55:55.0305 7920 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys20:55:55.0314 7920 iaStorV - ok20:55:55.0417 7920 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe20:55:55.0451 7920 idsvc - ok20:55:55.0767 7920 igfx (31569a2e836c12014148bf7342716946) C:\Windows\system32\DRIVERS\igdkmd64.sys20:55:56.0016 7920 igfx - ok20:55:56.0079 7920 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys20:55:56.0094 7920 iirsp - ok20:55:56.0141 7920 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll20:55:56.0172 7920 IKEEXT - ok20:55:56.0281 7920 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\DRIVERS\Impcd.sys20:55:56.0281 7920 Impcd - ok20:55:56.0422 7920 IntcAzAudAddService (650d06e28a43e365a01ec4ee0946fc24) C:\Windows\system32\drivers\RTKVHD64.sys20:55:56.0531 7920 IntcAzAudAddService - ok20:55:56.0593 7920 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys20:55:56.0593 7920 intelide - ok20:55:56.0640 7920 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys20:55:56.0656 7920 intelppm - ok20:55:56.0671 7920 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll20:55:56.0687 7920 IPBusEnum - ok20:55:56.0703 7920 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys20:55:56.0703 7920 IpFilterDriver - ok20:55:56.0734 7920 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll20:55:56.0749 7920 iphlpsvc - ok20:55:56.0765 7920 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys20:55:56.0765 7920 IPMIDRV - ok20:55:56.0765 7920 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys20:55:56.0781 7920 IPNAT - ok20:55:56.0921 7920 iPod Service (755e4ba6dce627a2683bb7640553c8d6) C:\Program Files\iPod\bin\iPodService.exe20:55:56.0952 7920 iPod Service - ok20:55:56.0999 7920 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys20:55:56.0999 7920 IRENUM - ok20:55:57.0015 7920 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys20:55:57.0015 7920 isapnp - ok20:55:57.0046 7920 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys20:55:57.0046 7920 iScsiPrt - ok20:55:57.0093 7920 k57nd60a (0469bff65bbdee9e46d0c45ee32a08bd) C:\Windows\system32\DRIVERS\k57nd60a.sys20:55:57.0108 7920 k57nd60a - ok20:55:57.0139 7920 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys20:55:57.0139 7920 kbdclass - ok20:55:57.0171 7920 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys20:55:57.0171 7920 kbdhid - ok20:55:57.0202 7920 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe20:55:57.0217 7920 KeyIso - ok20:55:57.0342 7920 Kodak AiO Network Discovery Service (27277a11db52fefae5b01dc8fb570b28) C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe20:55:57.0358 7920 Kodak AiO Network Discovery Service - ok20:55:57.0373 7920 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys20:55:57.0373 7920 KSecDD - ok20:55:57.0389 7920 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys20:55:57.0405 7920 KSecPkg - ok20:55:57.0451 7920 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys20:55:57.0451 7920 ksthunk - ok20:55:57.0498 7920 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll20:55:57.0514 7920 KtmRm - ok20:55:57.0565 7920 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll20:55:57.0572 7920 LanmanServer - ok20:55:57.0617 7920 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll20:55:57.0622 7920 LanmanWorkstation - ok20:55:57.0690 7920 Live Updater Service (6bcee9c766815bfff89de7d81af34ce1) C:\Program Files\Acer\Acer Updater\UpdaterService.exe20:55:57.0696 7920 Live Updater Service - ok20:55:57.0769 7920 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys20:55:57.0772 7920 lltdio - ok20:55:57.0816 7920 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll20:55:57.0825 7920 lltdsvc - ok20:55:57.0853 7920 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll20:55:57.0857 7920 lmhosts - ok20:55:57.0962 7920 LMS (dbc1136a62bd4decc3632df650284c2e) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe20:55:57.0968 7920 LMS - ok20:55:58.0013 7920 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys20:55:58.0017 7920 LSI_FC - ok20:55:58.0030 7920 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys20:55:58.0034 7920 LSI_SAS - ok20:55:58.0046 7920 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys20:55:58.0049 7920 LSI_SAS2 - ok20:55:58.0061 7920 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys20:55:58.0064 7920 LSI_SCSI - ok20:55:58.0103 7920 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys20:55:58.0106 7920 luafv - ok20:55:58.0150 7920 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll20:55:58.0154 7920 Mcx2Svc - ok20:55:58.0164 7920 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys20:55:58.0166 7920 megasas - ok20:55:58.0201 7920 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys20:55:58.0206 7920 MegaSR - ok20:55:58.0226 7920 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll20:55:58.0229 7920 MMCSS - ok20:55:58.0240 7920 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys20:55:58.0242 7920 Modem - ok20:55:58.0258 7920 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys20:55:58.0260 7920 monitor - ok20:55:58.0285 7920 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys20:55:58.0287 7920 mouclass - ok20:55:58.0313 7920 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys20:55:58.0315 7920 mouhid - ok20:55:58.0370 7920 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys20:55:58.0374 7920 mountmgr - ok20:55:58.0401 7920 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys20:55:58.0405 7920 mpio - ok20:55:58.0427 7920 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys20:55:58.0430 7920 mpsdrv - ok20:55:58.0477 7920 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll20:55:58.0491 7920 MpsSvc - ok20:55:58.0502 7920 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys20:55:58.0505 7920 MRxDAV - ok20:55:58.0535 7920 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys20:55:58.0538 7920 mrxsmb - ok20:55:58.0579 7920 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys20:55:58.0584 7920 mrxsmb10 - ok20:55:58.0598 7920 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys20:55:58.0602 7920 mrxsmb20 - ok20:55:58.0612 7920 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys20:55:58.0614 7920 msahci - ok20:55:58.0640 7920 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys20:55:58.0644 7920 msdsm - ok20:55:58.0662 7920 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe20:55:58.0667 7920 MSDTC - ok20:55:58.0691 7920 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys20:55:58.0693 7920 Msfs - ok20:55:58.0717 7920 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys20:55:58.0719 7920 mshidkmdf - ok20:55:58.0737 7920 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys20:55:58.0739 7920 msisadrv - ok20:55:58.0787 7920 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll20:55:58.0792 7920 MSiSCSI - ok20:55:58.0800 7920 msiserver - ok20:55:58.0827 7920 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys20:55:58.0830 7920 MSKSSRV - ok20:55:58.0863 7920 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys20:55:58.0865 7920 MSPCLOCK - ok20:55:58.0882 7920 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys20:55:58.0884 7920 MSPQM - ok20:55:58.0910 7920 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys20:55:58.0917 7920 MsRPC - ok20:55:58.0940 7920 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys20:55:58.0942 7920 mssmbios - ok20:55:58.0961 7920 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys20:55:58.0963 7920 MSTEE - ok20:55:58.0976 7920 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys20:55:58.0978 7920 MTConfig - ok20:55:58.0998 7920 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys20:55:59.0001 7920 Mup - ok20:55:59.0035 7920 mwlPSDFilter (9b1eac6faf6f37305e822f5588dc8056) C:\Windows\system32\DRIVERS\mwlPSDFilter.sys20:55:59.0037 7920 mwlPSDFilter - ok20:55:59.0057 7920 mwlPSDNServ (ad55c1524b296280ed9c6e0d730d35da) C:\Windows\system32\DRIVERS\mwlPSDNServ.sys20:55:59.0059 7920 mwlPSDNServ - ok20:55:59.0079 7920 mwlPSDVDisk (2b599e6ec8843637bdd62e7f8f3ba201) C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys20:55:59.0082 7920 mwlPSDVDisk - ok20:55:59.0126 7920 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll20:55:59.0135 7920 napagent - ok20:55:59.0179 7920 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys20:55:59.0184 7920 NativeWifiP - ok20:55:59.0256 7920 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys20:55:59.0291 7920 NDIS - ok20:55:59.0313 7920 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys20:55:59.0316 7920 NdisCap - ok20:55:59.0346 7920 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys20:55:59.0346 7920 NdisTapi - ok20:55:59.0378 7920 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys20:55:59.0378 7920 Ndisuio - ok20:55:59.0393 7920 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys20:55:59.0393 7920 NdisWan - ok20:55:59.0424 7920 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys20:55:59.0424 7920 NDProxy - ok20:55:59.0440 7920 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys20:55:59.0440 7920 NetBIOS - ok20:55:59.0471 7920 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys20:55:59.0471 7920 NetBT - ok20:55:59.0525 7920 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe20:55:59.0527 7920 Netlogon - ok20:55:59.0592 7920 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll20:55:59.0601 7920 Netman - ok20:55:59.0619 7920 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll20:55:59.0632 7920 netprofm - ok20:55:59.0720 7920 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe20:55:59.0724 7920 NetTcpPortSharing - ok20:55:59.0807 7920 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys20:55:59.0810 7920 nfrd960 - ok20:55:59.0884 7920 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll20:55:59.0893 7920 NlaSvc - ok20:56:00.0027 7920 NOBU (5839a8027d6d324a7cd494051a96628c) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe20:56:00.0104 7920 NOBU - ok20:56:00.0259 7920 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys20:56:00.0261 7920 Npfs - ok20:56:00.0331 7920 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll20:56:00.0334 7920 nsi - ok20:56:00.0362 7920 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys20:56:00.0364 7920 nsiproxy - ok20:56:00.0453 7920 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys20:56:00.0498 7920 Ntfs - ok20:56:00.0571 7920 NTI IScheduleSvc (773eed20bbf50809437373c0285bfa5e) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe20:56:00.0634 7920 NTI IScheduleSvc - ok20:56:00.0774 7920 NTIDrvr (ee3ba1024594d5d09e314f206b94069e) C:\Windows\system32\drivers\NTIDrvr.sys20:56:00.0774 7920 NTIDrvr - ok20:56:00.0821 7920 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys20:56:00.0821 7920 Null - ok20:56:00.0868 7920 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys20:56:00.0868 7920 nvraid - ok20:56:00.0914 7920 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys20:56:00.0914 7920 nvstor - ok20:56:00.0946 7920 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys20:56:00.0946 7920 nv_agp - ok20:56:00.0961 7920 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys20:56:00.0977 7920 ohci1394 - ok20:56:01.0102 7920 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE20:56:01.0117 7920 ose - ok20:56:01.0289 7920 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE20:56:01.0414 7920 osppsvc - ok20:56:01.0585 7920 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll20:56:01.0585 7920 p2pimsvc - ok20:56:01.0671 7920 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll20:56:01.0682 7920 p2psvc - ok20:56:01.0713 7920 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys20:56:01.0717 7920 Parport - ok20:56:01.0740 7920 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys20:56:01.0744 7920 partmgr - ok20:56:01.0834 7920 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll20:56:01.0840 7920 PcaSvc - ok20:56:01.0894 7920 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys20:56:01.0899 7920 pci - ok20:56:01.0920 7920 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys20:56:01.0923 7920 pciide - ok20:56:01.0941 7920 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys20:56:01.0947 7920 pcmcia - ok20:56:01.0984 7920 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys20:56:01.0987 7920 pcw - ok20:56:02.0041 7920 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys20:56:02.0058 7920 PEAUTH - ok20:56:02.0205 7920 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe20:56:02.0209 7920 PerfHost - ok20:56:02.0309 7920 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll20:56:02.0356 7920 pla - ok20:56:02.0440 7920 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll20:56:02.0451 7920 PlugPlay - ok20:56:02.0501 7920 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll20:56:02.0506 7920 PNRPAutoReg - ok20:56:02.0533 7920 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll20:56:02.0540 7920 PNRPsvc - ok20:56:02.0591 7920 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll20:56:02.0602 7920 PolicyAgent - ok20:56:02.0632 7920 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll20:56:02.0639 7920 Power - ok20:56:02.0689 7920 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys20:56:02.0693 7920 PptpMiniport - ok20:56:02.0725 7920 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys20:56:02.0728 7920 Processor - ok20:56:02.0755 7920 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll20:56:02.0762 7920 ProfSvc - ok20:56:02.0804 7920 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe20:56:02.0807 7920 ProtectedStorage - ok20:56:02.0839 7920 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys20:56:02.0844 7920 Psched - ok20:56:02.0902 7920 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys20:56:02.0949 7920 ql2300 - ok20:56:02.0962 7920 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys20:56:02.0967 7920 ql40xx - ok20:56:02.0990 7920 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll20:56:02.0994 7920 QWAVE - ok20:56:03.0013 7920 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys20:56:03.0015 7920 QWAVEdrv - ok20:56:03.0024 7920 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys20:56:03.0026 7920 RasAcd - ok20:56:03.0059 7920 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys20:56:03.0062 7920 RasAgileVpn - ok20:56:03.0090 7920 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll20:56:03.0094 7920 RasAuto - ok20:56:03.0114 7920 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys20:56:03.0117 7920 Rasl2tp - ok20:56:03.0151 7920 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll20:56:03.0158 7920 RasMan - ok20:56:03.0193 7920 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys20:56:03.0195 7920 RasPppoe - ok20:56:03.0217 7920 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys20:56:03.0219 7920 RasSstp - ok20:56:03.0240 7920 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys20:56:03.0245 7920 rdbss - ok20:56:03.0267 7920 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys20:56:03.0269 7920 rdpbus - ok20:56:03.0299 7920 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys20:56:03.0301 7920 RDPCDD - ok20:56:03.0334 7920 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys20:56:03.0336 7920 RDPENCDD - ok20:56:03.0360 7920 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys20:56:03.0362 7920 RDPREFMP - ok20:56:03.0408 7920 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys20:56:03.0414 7920 RDPWD - ok20:56:03.0476 7920 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys20:56:03.0482 7920 rdyboost - ok20:56:03.0516 7920 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll20:56:03.0521 7920 RemoteAccess - ok20:56:03.0550 7920 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll20:56:03.0557 7920 RemoteRegistry - ok20:56:03.0578 7920 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll20:56:03.0583 7920 RpcEptMapper - ok20:56:03.0617 7920 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe20:56:03.0621 7920 RpcLocator - ok20:56:03.0652 7920 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll20:56:03.0661 7920 RpcSs - ok20:56:03.0749 7920 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys20:56:03.0752 7920 rspndr - ok20:56:03.0824 7920 RSUSBSTOR (0e3dcf76f11dc431b088a2dfd7265cda) C:\Windows\System32\Drivers\RtsUStor.sys20:56:03.0831 7920 RSUSBSTOR - ok20:56:03.0870 7920 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe20:56:03.0873 7920 SamSs - ok20:56:03.0927 7920 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys20:56:03.0931 7920 sbp2port - ok20:56:03.0986 7920 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll20:56:03.0991 7920 SCardSvr - ok20:56:04.0056 7920 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys20:56:04.0059 7920 scfilter - ok20:56:04.0192 7920 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll20:56:04.0223 7920 Schedule - ok20:56:04.0255 7920 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll20:56:04.0255 7920 SCPolicySvc - ok20:56:04.0301 7920 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll20:56:04.0317 7920 SDRSVC - ok20:56:04.0405 7920 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys20:56:04.0408 7920 secdrv - ok20:56:04.0454 7920 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll20:56:04.0460 7920 seclogon - ok20:56:04.0488 7920 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll20:56:04.0494 7920 SENS - ok20:56:04.0520 7920 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll20:56:04.0524 7920 SensrSvc - ok20:56:04.0589 7920 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys20:56:04.0592 7920 Serenum - ok20:56:04.0619 7920 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys20:56:04.0624 7920 Serial - ok20:56:04.0649 7920 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys20:56:04.0651 7920 sermouse - ok20:56:04.0721 7920 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll20:56:04.0727 7920 SessionEnv - ok20:56:04.0792 7920 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys20:56:04.0795 7920 sffdisk - ok20:56:04.0807 7920 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys20:56:04.0809 7920 sffp_mmc - ok20:56:04.0823 7920 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys20:56:04.0827 7920 sffp_sd - ok20:56:04.0840 7920 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys20:56:04.0844 7920 sfloppy - ok20:56:04.0943 7920 Sftfs (c6cc9297bd53e5229653303e556aa539) C:\Windows\system32\DRIVERS\Sftfslh.sys20:56:04.0975 7920 Sftfs - ok20:56:05.0090 7920 sftlist (13693b6354dd6e72dc5131da7d764b90) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe20:56:05.0104 7920 sftlist - ok20:56:05.0145 7920 Sftplay (390aa7bc52cee43f6790cdea1e776703) C:\Windows\system32\DRIVERS\Sftplaylh.sys20:56:05.0150 7920 Sftplay - ok20:56:05.0173 7920 Sftredir (617e29a0b0a2807466560d4c4e338d3e) C:\Windows\system32\DRIVERS\Sftredirlh.sys20:56:05.0175 7920 Sftredir - ok20:56:05.0206 7920 Sftvol (8f571f016fa1976f445147e9e6c8ae9b) C:\Windows\system32\DRIVERS\Sftvollh.sys20:56:05.0208 7920 Sftvol - ok20:56:05.0228 7920 sftvsa (c3cddd18f43d44ab713cf8c4916f7696) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe20:56:05.0232 7920 sftvsa - ok20:56:05.0285 7920 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll20:56:05.0294 7920 SharedAccess - ok20:56:05.0350 7920 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll20:56:05.0366 7920 ShellHWDetection - ok20:56:05.0444 7920 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys20:56:05.0444 7920 SiSRaid2 - ok20:56:05.0459 7920 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys20:56:05.0459 7920 SiSRaid4 - ok20:56:05.0506 7920 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys20:56:05.0506 7920 Smb - ok20:56:05.0569 7920 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe20:56:05.0569 7920 SNMPTRAP - ok20:56:05.0600 7920 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys20:56:05.0600 7920 spldr - ok20:56:05.0631 7920 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe20:56:05.0647 7920 Spooler - ok20:56:05.0818 7920 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe20:56:05.0881 7920 sppsvc - ok20:56:05.0943 7920 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll20:56:05.0943 7920 sppuinotify - ok20:56:06.0083 7920 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys20:56:06.0099 7920 srv - ok20:56:06.0130 7920 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys20:56:06.0146 7920 srv2 - ok20:56:06.0208 7920 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys20:56:06.0208 7920 srvnet - ok20:56:06.0255 7920 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll20:56:06.0271 7920 SSDPSRV - ok20:56:06.0286 7920 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll20:56:06.0286 7920 SstpSvc - ok20:56:06.0317 7920 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys20:56:06.0317 7920 stexstor - ok20:56:06.0406 7920 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll20:56:06.0420 7920 stisvc - ok20:56:06.0442 7920 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys20:56:06.0445 7920 swenum - ok20:56:06.0482 7920 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll20:56:06.0499 7920 swprv - ok20:56:06.0758 7920 SynTP (bc642d540aedf9a253c74d10c848ebd2) C:\Windows\system32\DRIVERS\SynTP.sys20:56:06.0781 7920 SynTP - ok20:56:06.0847 7920 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll20:56:06.0908 7920 SysMain - ok20:56:06.0940 7920 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll20:56:06.0944 7920 TabletInputService - ok20:56:06.0975 7920 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll20:56:06.0982 7920 TapiSrv - ok20:56:07.0009 7920 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll20:56:07.0012 7920 TBS - ok20:56:07.0106 7920 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys20:56:07.0188 7920 Tcpip - ok20:56:07.0260 7920 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys20:56:07.0278 7920 TCPIP6 - ok20:56:07.0325 7920 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys20:56:07.0327 7920 tcpipreg - ok20:56:07.0352 7920 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys20:56:07.0352 7920 TDPIPE - ok20:56:07.0383 7920 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys20:56:07.0383 7920 TDTCP - ok20:56:07.0414 7920 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys20:56:07.0414 7920 tdx - ok20:56:07.0430 7920 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys20:56:07.0430 7920 TermDD - ok20:56:07.0508 7920 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll20:56:07.0523 7920 TermService - ok20:56:07.0555 7920 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll20:56:07.0555 7920 Themes - ok20:56:07.0586 7920 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll20:56:07.0586 7920 THREADORDER - ok20:56:07.0617 7920 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll20:56:07.0617 7920 TrkWks - ok20:56:07.0695 7920 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe20:56:07.0695 7920 TrustedInstaller - ok20:56:07.0742 7920 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys20:56:07.0742 7920 tssecsrv - ok20:56:07.0773 7920 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys20:56:07.0773 7920 TsUsbFlt - ok20:56:07.0789 7920 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys20:56:07.0789 7920 TsUsbGD - ok20:56:07.0835 7920 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys20:56:07.0835 7920 tunnel - ok20:56:07.0851 7920 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys20:56:07.0851 7920 uagp35 - ok20:56:07.0882 7920 UBHelper (a17d5e1a6df4eab0a480f2c490de4c9d) C:\Windows\system32\drivers\UBHelper.sys20:56:07.0882 7920 UBHelper - ok20:56:07.0913 7920 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys20:56:07.0913 7920 udfs - ok20:56:07.0960 7920 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe20:56:07.0960 7920 UI0Detect - ok20:56:07.0991 7920 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys20:56:07.0991 7920 uliagpkx - ok20:56:08.0023 7920 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys20:56:08.0023 7920 umbus - ok20:56:08.0038 7920 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys20:56:08.0038 7920 UmPass - ok20:56:08.0213 7920 UNS (7466809e6da561d60c2f1ce8ede3c73f) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe20:56:08.0281 7920 UNS - ok20:56:08.0358 7920 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll20:56:08.0368 7920 upnphost - ok20:56:08.0416 7920 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys20:56:08.0431 7920 USBAAPL64 - ok20:56:08.0476 7920 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys20:56:08.0480 7920 usbccgp - ok20:56:08.0519 7920 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys20:56:08.0523 7920 usbcir - ok20:56:08.0546 7920 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys20:56:08.0549 7920 usbehci - ok20:56:08.0582 7920 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys20:56:08.0590 7920 usbhub - ok20:56:08.0630 7920 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys20:56:08.0633 7920 usbohci - ok20:56:08.0657 7920 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys20:56:08.0660 7920 usbprint - ok20:56:08.0698 7920 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\drivers\USBSTOR.SYS20:56:08.0702 7920 USBSTOR - ok20:56:08.0726 7920 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys20:56:08.0729 7920 usbuhci - ok20:56:08.0752 7920 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys20:56:08.0757 7920 usbvideo - ok20:56:08.0794 7920 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll20:56:08.0798 7920 UxSms - ok20:56:08.0836 7920 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe20:56:08.0839 7920 VaultSvc - ok20:56:08.0867 7920 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys20:56:08.0869 7920 vdrvroot - ok20:56:08.0921 7920 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe20:56:08.0939 7920 vds - ok20:56:08.0958 7920 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys20:56:08.0961 7920 vga - ok20:56:08.0984 7920 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys20:56:08.0987 7920 VgaSave - ok20:56:09.0003 7920 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys20:56:09.0008 7920 vhdmp - ok20:56:09.0019 7920 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys20:56:09.0021 7920 viaide - ok20:56:09.0045 7920 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys20:56:09.0047 7920 volmgr - ok20:56:09.0073 7920 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys20:56:09.0078 7920 volmgrx - ok20:56:09.0092 7920 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys20:56:09.0097 7920 volsnap - ok20:56:09.0138 7920 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys20:56:09.0142 7920 vsmraid - ok20:56:09.0196 7920 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe20:56:09.0243 7920 VSS - ok20:56:09.0274 7920 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys20:56:09.0274 7920 vwifibus - ok20:56:09.0321 7920 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys20:56:09.0321 7920 vwififlt - ok20:56:09.0367 7920 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys20:56:09.0367 7920 vwifimp - ok20:56:09.0430 7920 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll20:56:09.0445 7920 W32Time - ok20:56:09.0461 7920 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys20:56:09.0461 7920 WacomPen - ok20:56:09.0508 7920 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys20:56:09.0508 7920 WANARP - ok20:56:09.0523 7920 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys20:56:09.0540 7920 Wanarpv6 - ok20:56:09.0633 7920 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe20:56:09.0681 7920 WatAdminSvc - ok20:56:09.0761 7920 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe20:56:09.0816 7920 wbengine - ok20:56:09.0847 7920 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll20:56:09.0852 7920 WbioSrvc - ok20:56:09.0883 7920 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll20:56:09.0891 7920 wcncsvc - ok20:56:09.0911 7920 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll20:56:09.0915 7920 WcsPlugInService - ok20:56:09.0965 7920 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys20:56:09.0967 7920 Wd - ok20:56:10.0001 7920 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys20:56:10.0010 7920 Wdf01000 - ok20:56:10.0048 7920 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll20:56:10.0052 7920 WdiServiceHost - ok20:56:10.0056 7920 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll20:56:10.0059 7920 WdiSystemHost - ok20:56:10.0095 7920 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll20:56:10.0101 7920 WebClient - ok20:56:10.0138 7920 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll20:56:10.0143 7920 Wecsvc - ok20:56:10.0169 7920 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll20:56:10.0173 7920 wercplsupport - ok20:56:10.0207 7920 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll20:56:10.0211 7920 WerSvc - ok20:56:10.0277 7920 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys20:56:10.0279 7920 WfpLwf - ok20:56:10.0309 7920 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys20:56:10.0312 7920 WIMMount - ok20:56:10.0365 7920 WinDefend - ok20:56:10.0376 7920 WinHttpAutoProxySvc - ok20:56:10.0446 7920 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll20:56:10.0468 7920 Winmgmt - ok20:56:10.0539 7920 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll20:56:10.0612 7920 WinRM - ok20:56:10.0690 7920 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys20:56:10.0690 7920 WinUsb - ok20:56:10.0737 7920 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll20:56:10.0768 7920 Wlansvc - ok20:56:10.0877 7920 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe20:56:10.0877 7920 wlcrasvc - ok20:56:10.0955 7920 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE20:56:11.0033 7920 wlidsvc - ok20:56:11.0158 7920 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys20:56:11.0158 7920 WmiAcpi - ok20:56:11.0251 7920 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe20:56:11.0251 7920 wmiApSrv - ok20:56:11.0314 7920 WMPNetworkSvc - ok20:56:11.0376 7920 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll20:56:11.0392 7920 WPCSvc - ok20:56:11.0423 7920 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll20:56:11.0423 7920 WPDBusEnum - ok20:56:11.0470 7920 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys20:56:11.0470 7920 ws2ifsl - ok20:56:11.0501 7920 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll20:56:11.0501 7920 wscsvc - ok20:56:11.0517 7920 WSearch - ok20:56:11.0595 7920 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll20:56:11.0673 7920 wuauserv - ok20:56:11.0688 7920 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys20:56:11.0688 7920 WudfPf - ok20:56:11.0719 7920 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys20:56:11.0719 7920 WUDFRd - ok20:56:11.0751 7920 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll20:56:11.0751 7920 wudfsvc - ok20:56:11.0782 7920 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll20:56:11.0782 7920 WwanSvc - ok20:56:11.0829 7920 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR020:56:12.0047 7920 \Device\Harddisk0\DR0 - ok20:56:12.0063 7920 Boot (0x1200) (ae39d32621eda57325dfca1ed2be6f53) \Device\Harddisk0\DR0\Partition020:56:12.0063 7920 \Device\Harddisk0\DR0\Partition0 - ok20:56:12.0094 7920 Boot (0x1200) (7efb64bbb9520374c8350f3589d9b65e) \Device\Harddisk0\DR0\Partition120:56:12.0094 7920 \Device\Harddisk0\DR0\Partition1 - ok20:56:12.0094 7920 ============================================================20:56:12.0094 7920 Scan finished20:56:12.0094 7920 ============================================================20:56:12.0109 8376 Detected object count: 020:56:12.0109 8376 Actual detected object count: 020:56:36.0092 9076 Deinitialize successaswMBR version 0.9.9.1665 Copyright© 2011 AVAST SoftwareRun date: 2012-04-01 21:05:02-----------------------------21:05:02.370 OS Version: Windows x64 6.1.7601 Service Pack 121:05:02.370 Number of processors: 2 586 0x250521:05:02.370 ComputerName: JENNY-PC UserName: Jenny21:05:03.743 Initialize success21:05:11.263 AVAST engine defs: 1204010121:05:15.693 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-121:05:15.709 Disk 0 Vendor: WDC_WD50 01.0 Size: 476940MB BusType: 321:05:15.725 Disk 0 MBR read successfully21:05:15.725 Disk 0 MBR scan21:05:15.725 Disk 0 Windows 7 default MBR code21:05:15.740 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 16384 MB offset 204821:05:15.771 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 3355648021:05:15.787 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 460454 MB offset 3376128021:05:15.803 Disk 0 scanning C:\Windows\system32\drivers21:05:24.585 Service scanning21:05:56.191 Modules scanning21:05:56.191 Disk 0 trace - called modules:21:05:56.238 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll21:05:56.768 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80068b4060]21:05:56.768 3 CLASSPNP.SYS[fffff88001b9d43f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004985050]21:05:59.186 AVAST engine scan C:\Windows21:06:02.088 AVAST engine scan C:\Windows\system3221:09:37.131 AVAST engine scan C:\Windows\system32\drivers21:10:02.949 AVAST engine scan C:\Users\Jenny21:11:06.612 Disk 0 MBR has been saved successfully to "C:\Users\Jenny\Desktop\MBR.dat"21:11:06.612 The log file has been saved successfully to "C:\Users\Jenny\Desktop\aswMBR.txt"MBR.zip Link to post Share on other sites More sharing options...
Staff CatByte Posted April 2, 2012 Staff ID:539142 Share Posted April 2, 2012 Hi,Please do the followingRefer to the ComboFix User's Guide Download ComboFix from one of these locations:Link 1Link 2* IMPORTANT !!! Place ComboFix.exe on your DesktopDisable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with ComboFix.You can get help on disabling your protection programs hereDouble click on ComboFix.exe & follow the prompts.Your desktop may go blank. This is normal. It will return when ComboFix is done. ComboFix may reboot your machine. This is normal. When finished, it shall produce a log for you. Post that log in your next replyNote: Do not mouseclick combofix's window whilst it's running. That may cause it to stall.---------------------------------------------------------------------------------------------Ensure your AntiVirus and AntiSpyware applications are re-enabled.---------------------------------------------------------------------------------------------NOTE: If you encounter a message "illegal operation attempted on registry key that has been marked for deletion" and no programs will run - please just reboot and that will resolve that error. Link to post Share on other sites More sharing options...
JMayhem Posted April 2, 2012 Author ID:539238 Share Posted April 2, 2012 Hello - here is the combofix logComboFix 12-04-01.02 - Jenny 04/02/2012 9:41.1.2 - x64Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3767.2346 [GMT -6:00]Running from: c:\users\Jenny\Downloads\ComboFix.exeAV: AVG Anti-Virus 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}SP: AVG Anti-Virus 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}..((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))..c:\windows\TEMP\mia1\mEXEFunc.dll..((((((((((((((((((((((((( Files Created from 2012-03-02 to 2012-04-02 )))))))))))))))))))))))))))))))..2012-04-02 15:46 . 2012-04-02 15:46 -------- d-----w- c:\users\Default\AppData\Local\temp2012-03-31 23:50 . 2012-03-31 23:50 -------- d-----r- c:\program files (x86)\Skype2012-03-31 23:50 . 2012-04-02 15:47 -------- d-----w- c:\users\Jenny\AppData\Roaming\Skype2012-03-30 16:37 . 2012-03-14 03:27 8669240 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{51FFEBAF-B11F-4259-8319-DEFB51C49B29}\mpengine.dll2012-03-30 03:31 . 2012-01-09 08:26 24360 ----a-w- c:\windows\system32\drivers\avhips.sys2012-03-30 03:31 . 2012-01-09 08:26 20264 ----a-w- c:\windows\system32\drivers\avfsmn.sys2012-03-30 03:31 . 2012-03-30 03:31 -------- d-----w- c:\program files (x86)\Anvisoft2012-03-28 02:44 . 2012-03-28 02:44 -------- d-----w- c:\users\Jenny\AppData\Roaming\Malwarebytes2012-03-28 02:44 . 2012-03-28 02:44 -------- d-----w- c:\programdata\Malwarebytes2012-03-28 02:44 . 2012-03-28 02:44 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware2012-03-28 02:44 . 2011-12-10 21:24 23152 ----a-w- c:\windows\system32\drivers\mbam.sys2012-03-27 03:30 . 2012-03-27 03:30 -------- d-----w- c:\program files\iTunes2012-03-27 03:30 . 2012-03-27 03:30 -------- d-----w- c:\program files (x86)\iTunes2012-03-27 03:30 . 2012-03-27 03:30 -------- d-----w- c:\program files\iPod2012-03-24 16:42 . 2012-03-24 16:42 -------- d-----w- c:\users\Jenny\AppData\Local\Ilivid Player2012-03-24 16:41 . 2012-03-24 16:47 -------- d-----w- c:\programdata\boost_interprocess2012-03-22 03:43 . 2012-04-02 02:54 -------- d-----w- C:\FarmVilleBot_2.12012-03-17 03:21 . 2012-03-17 03:21 -------- d-----w- c:\program files (x86)\Common Files\Java2012-03-14 23:15 . 2011-11-19 15:20 5559152 ----a-w- c:\windows\system32\ntoskrnl.exe2012-03-14 23:15 . 2011-11-19 14:50 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe2012-03-14 23:15 . 2011-11-19 14:50 3913584 ----a-w- c:\windows\SysWow64\ntoskrnl.exe2012-03-14 03:37 . 2012-02-03 04:34 3145728 ----a-w- c:\windows\system32\win32k.sys2012-03-14 03:37 . 2012-02-10 06:36 1544192 ----a-w- c:\windows\system32\DWrite.dll2012-03-14 03:37 . 2012-02-10 05:38 1077248 ----a-w- c:\windows\SysWow64\DWrite.dll2012-03-14 03:36 . 2012-02-17 06:38 1031680 ----a-w- c:\windows\system32\rdpcore.dll2012-03-14 03:36 . 2012-02-17 05:34 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll2012-03-14 03:36 . 2012-02-17 04:58 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys2012-03-14 03:36 . 2012-02-17 04:57 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys2012-03-14 03:36 . 2012-01-25 06:33 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe2012-03-14 03:36 . 2012-01-25 06:38 77312 ----a-w- c:\windows\system32\rdpwsx.dll2012-03-14 03:36 . 2012-01-25 06:38 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll...(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))).2012-03-19 04:19 . 2011-08-11 03:37 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl2012-03-17 03:20 . 2011-08-29 01:30 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll2012-02-23 15:18 . 2010-11-21 03:27 279656 ------w- c:\windows\system32\MpSigStub.exe2012-02-15 17:01 . 2012-02-15 17:01 52736 ----a-w- c:\windows\system32\drivers\usbaapl64.sys2012-02-15 17:01 . 2012-02-15 17:01 4547944 ----a-w- c:\windows\system32\usbaaplrc.dll2012-01-04 10:44 . 2012-02-15 03:13 509952 ----a-w- c:\windows\system32\ntshrui.dll2012-01-04 08:58 . 2012-02-15 03:13 442880 ----a-w- c:\windows\SysWow64\ntshrui.dll..((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))..*Note* empty entries & legit default entries are not shown REGEDIT4.[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2010-10-11 14940040].[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2010-04-13 284696]"BackupManagerTray"="c:\program files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" [2011-02-15 297280]"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-21 59240]"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888]"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-03-07 421736]"Anvi Smart Defender"="c:\program files (x86)\Anvisoft\Anvi Smart Defender\ASDTray.exe" [2012-02-03 715048].[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]"IsMyWinLockerReboot"="msiexec.exe" [2010-11-21 73216]"KodakHomeCenter"="c:\program files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe" [2011-12-12 2234288].[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]"ConsentPromptBehaviorAdmin"= 5 (0x5)"ConsentPromptBehaviorUser"= 3 (0x3)"EnableUIADesktopToggle"= 0 (0x0).[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]"aux"=wdmaud.drv.[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp.[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]@="".R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184]R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUStor.sys [x]R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x]R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]R4 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe [2011-03-31 352848]R4 EgisTec Ticket Service;EgisTec Ticket Service;c:\program files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2010-09-28 172912]R4 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]R4 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe [2010-01-08 23584]R4 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-04-13 13336]R4 Kodak AiO Network Discovery Service;Kodak AiO Network Discovery Service;c:\program files (x86)\Kodak\AiO\Center\EKAiOHostService.exe [2011-12-19 394672]R4 Live Updater Service;Live Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2011-01-31 244624]R4 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]R4 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [2011-02-15 257344]R4 UNS;Intel® Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-03-18 2320920]R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]S1 avfsmn;avfsmn;c:\windows\system32\DRIVERS\avfsmn.sys [x]S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [x]S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [x]S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [x]S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]S2 asdsrv;Anvi Smart Defender Realtime Guard Service;c:\program files (x86)\Anvisoft\Anvi Smart Defender\ASDSrv.exe [2012-02-03 296232]S2 avhips;AntiMalware Host-based Intrusion Prevention System;c:\windows\system32\DRIVERS\avhips.sys [x]S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [2011-02-23 873064]S2 HawkesUpdater;Hawkes Unattended Updater;c:\program files (x86)\Hawkes Learning Systems\Hawkes Update Service Manager\srvany.exe [2003-04-18 8192]S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\drivers\HECIx64.sys [x]S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [x]S3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [x]S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [x]S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [x]S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [x]S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [x]S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]..--- Other Services/Drivers In Memory ---.*NewlyCreated* - WS2IFSL.Contents of the 'Scheduled Tasks' folder.2012-03-04 c:\windows\Tasks\DLL-files.com Fixer_MONTHLY.job- c:\program files (x86)\Dll-Files.com Fixer\DLLFixer.exe [2011-08-29 00:03].2012-03-28 c:\windows\Tasks\DLL-files.com Fixer_UPDATES.job- c:\program files (x86)\Dll-Files.com Fixer\DLLFixer.exe [2011-08-29 00:03].2012-04-01 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3767778522-3456462054-3616011533-1001Core.job- c:\users\Jenny\AppData\Local\Google\Update\GoogleUpdate.exe [2011-06-24 03:53].2012-04-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3767778522-3456462054-3616011533-1001UA.job- c:\users\Jenny\AppData\Local\Google\Update\GoogleUpdate.exe [2011-06-24 03:53]..--------- x86-64 -----------..[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-02-18 11779176]"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-07-23 161304]"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-07-23 386584]"Persistence"="c:\windows\system32\igfxpers.exe" [2010-07-23 415256]"Power Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2011-02-23 1796200].[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]"LoadAppInit_DLLs"=0x1.------- Supplementary Scan -------.uLocal Page = c:\windows\system32\blank.htmuStart Page = hxxp://www.searchnu.com/406mStart Page = hxxp://acer.msn.commLocal Page = c:\windows\SysWOW64\blank.htmuInternet Settings,ProxyOverride = *.localTCP: DhcpNameServer = 129.123.0.2 129.123.0.1FF - ProfilePath - c:\users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\1p9nc0u4.default\FF - prefs.js: browser.search.selectedEngine - Search ResultsFF - prefs.js: browser.startup.homepage - hxxp://www.searchnu.com/406FF - prefs.js: keyword.URL - hxxp://dts.search-results.com/sr?src=ffb&appid=101&systemid=406&sr=0&q=.- - - - ORPHANS REMOVED - - - -.Toolbar-Locked - (no file)Toolbar-10 - (no file)Wow6432Node-HKCU-Run-RDReminder - (no file)Toolbar-Locked - (no file)Toolbar-10 - (no file)AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe...--------------------- LOCKED REGISTRY KEYS ---------------------.[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]@Denied: (A 2) (Everyone)@="FlashBroker""LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11f_ActiveX.exe,-101".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]"Enabled"=dword:00000001.[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11f_ActiveX.exe".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]@Denied: (A 2) (Everyone)@="Shockwave Flash Object".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11f.ocx""ThreadingModel"="Apartment".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]@="0".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]@="ShockwaveFlash.ShockwaveFlash.10".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11f.ocx, 1".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]@="{D27CDB6B-AE6D-11cf-96B8-444553540000}".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]@="1.0".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]@="ShockwaveFlash.ShockwaveFlash".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]@Denied: (A 2) (Everyone)@="Macromedia Flash Factory Object".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11f.ocx""ThreadingModel"="Apartment".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]@="FlashFactory.FlashFactory.1".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11f.ocx, 1".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]@="{D27CDB6B-AE6D-11cf-96B8-444553540000}".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]@="1.0".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]@="FlashFactory.FlashFactory".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]@Denied: (A 2) (Everyone)@="IFlashBroker4".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]@="{00020424-0000-0000-C000-000000000046}".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}""Version"="1.0".[HKEY_LOCAL_MACHINE\software\McAfee]"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79, 00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\.[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]@Denied: (Full) (Everyone).------------------------ Other Running Processes ------------------------.c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exec:\program files (x86)\Hawkes Learning Systems\Hawkes Update Service Manager\HawkesUpdater.exec:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exec:\program files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exec:\program files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe.**************************************************************************.Completion time: 2012-04-02 09:54:20 - machine was rebootedComboFix-quarantined-files.txt 2012-04-02 15:54.Pre-Run: 428,191,154,176 bytes freePost-Run: 427,821,064,192 bytes free.- - End Of File - - 6CA4CAB19EA13CE5ADBCD687D0CF1936 Link to post Share on other sites More sharing options...
Staff CatByte Posted April 2, 2012 Staff ID:539273 Share Posted April 2, 2012 Hi,Please do the following: Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before following the steps below.They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".Copy/paste the text inside the Codebox below into notepad:Here's how to do that:Click Start > Run type Notepad click OK.This will open an empty notepad file:Copy all the text inside of the code box - Press Ctrl+C (or right click on the highlighted section and choose 'copy')DDS::uLocal Page = c:\windows\system32\blank.htmuStart Page = hxxp://www.searchnu.com/406mLocal Page = c:\windows\SysWOW64\blank.htmFireFox::FF - ProfilePath - c:\users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\1p9nc0u4.default\FF - prefs.js: browser.search.selectedEngine - Search ResultsFF - prefs.js: browser.startup.homepage - hxxp://www.searchnu.com/406FF - prefs.js: keyword.URL - hxxp://dts.search-results.com/sr?src=ffb&appid=101&systemid=406&sr=0&q=ClearJavaCache::Now paste the copied text into the open notepad - press CTRL+V (or right click and choose 'paste')Save this file to your desktop, Save this as "CFScript"Here's how to do that:1.Click File;2.Click Save As... Change the directory to your desktop;3.Change the Save as type to "All Files";4.Type in the file name: CFScript5.Click Save ...Referring to the screenshot above, drag CFScript.txt into ComboFix.exe.ComboFix may request an update; please allow it.ComboFix will now run a scan on your system. It may reboot your system when it finishes. This is normal.When finished, it shall produce a log for you.Copy and paste the contents of the log in your next reply.CAUTION: Do not mouse-click ComboFix's window while it is running. That may cause it to stall.NEXTPlease open your MalwareBytes AntiMalware ProgramClick the Update Tab and search for updatesIf an update is found, it will download and install the latest version.Once the program has loaded, select "Perform Quick Scan", then click Scan.The scan may take some time to finish, so please be patient.When the scan is complete, click OK, then Show Results to view the results.Make sure that everything is checked, and click Remove Selected. <-- very importantWhen disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.Copy&Paste the entire report in your next reply.Extra Note:If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately. NEXTGo here to run an online scanner from ESET.Turn off the real time scanner of any existing antivirus program while performing the online scanTick the box next to YES, I accept the Terms of Use.Click StartWhen asked, allow the activeX control to installClick StartMake sure that the option Remove found threats is unticked and the Scan Archives option is ticked.Click on Advanced Settings, ensure the options Scan for potentially unwanted applications, Scan for potentially unsafe applications, and Enable Anti-Stealth Technology are ticked.Click ScanWait for the scan to finishWhen the scan completes, press the LIST OF THREATS FOUND buttonPress EXPORT TO TEXT FILE , name the file ESETSCAN and save it to your desktop Include the contents of this report in your next reply.Press the BACK button.Press Finish NEXTPlease advise how the computer is running now and if there are any outstanding issues Link to post Share on other sites More sharing options...
JMayhem Posted April 3, 2012 Author ID:539630 Share Posted April 3, 2012 I did all these last 3 steps but all Combofix, Malwarebytes newest version, and ESet say "no threats found". However, when I try to run Google Chrome it still reroutes to "searchnu.com/406" Link to post Share on other sites More sharing options...
Staff CatByte Posted April 4, 2012 Staff ID:539747 Share Posted April 4, 2012 does that just happen with Chrome only?Try uninstalling Chrome, then re-install it Link to post Share on other sites More sharing options...
Staff CatByte Posted April 12, 2012 Staff ID:541924 Share Posted April 12, 2012 do you still need help with your machine? Link to post Share on other sites More sharing options...
LDTate Posted April 25, 2012 ID:546006 Share Posted April 25, 2012 Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread. Thanks! Link to post Share on other sites More sharing options...
Recommended Posts