Jump to content

Rosanne


Recommended Posts

HI, another one!

this is the Kaspersky report -

11:40:32.0107 0460 TDSS rootkit removing tool 2.7.33.0 Apr 24 2012 18:43:43

11:40:33.0150 0460 ============================================================

11:40:33.0151 0460 Current date / time: 2012/04/26 11:40:33.0150

11:40:33.0151 0460 SystemInfo:

11:40:33.0151 0460

11:40:33.0151 0460 OS Version: 6.1.7600 ServicePack: 0.0

11:40:33.0151 0460 Product type: Workstation

11:40:33.0151 0460 ComputerName: ROSANNE-PC

11:40:33.0151 0460 UserName: rosanne

11:40:33.0151 0460 Windows directory: C:\Windows

11:40:33.0151 0460 System windows directory: C:\Windows

11:40:33.0151 0460 Running under WOW64

11:40:33.0151 0460 Processor architecture: Intel x64

11:40:33.0152 0460 Number of processors: 1

11:40:33.0152 0460 Page size: 0x1000

11:40:33.0152 0460 Boot type: Normal boot

11:40:33.0152 0460 ============================================================

11:40:34.0608 0460 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

11:40:34.0652 0460 ============================================================

11:40:34.0652 0460 \Device\Harddisk0\DR0:

11:40:34.0652 0460 MBR partitions:

11:40:34.0652 0460 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1801F5F, BlocksNum 0x32FCD

11:40:34.0652 0460 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1834F2C, BlocksNum 0x111E4784

11:40:34.0652 0460 ============================================================

11:40:34.0774 0460 C: <-> \Device\Harddisk0\DR0\Partition1

11:40:34.0774 0460 ============================================================

11:40:34.0774 0460 Initialize success

11:40:34.0774 0460 ============================================================

11:41:10.0080 3208 ============================================================

11:41:10.0081 3208 Scan started

11:41:10.0081 3208 Mode: Manual; SigCheck; TDLFS;

11:41:10.0081 3208 ============================================================

11:41:10.0921 3208 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys

11:41:12.0848 3208 1394ohci - ok

11:41:12.0955 3208 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys

11:41:13.0004 3208 ACPI - ok

11:41:13.0046 3208 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys

11:41:13.0205 3208 AcpiPmi - ok

11:41:13.0518 3208 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys

11:41:13.0625 3208 adp94xx - ok

11:41:13.0681 3208 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys

11:41:13.0733 3208 adpahci - ok

11:41:13.0895 3208 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys

11:41:13.0946 3208 adpu320 - ok

11:41:14.0003 3208 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll

11:41:14.0199 3208 AeLookupSvc - ok

11:41:14.0282 3208 AFD (db9d6c6b2cd95a9ca414d045b627422e) C:\Windows\system32\drivers\afd.sys

11:41:14.0390 3208 AFD - ok

11:41:14.0442 3208 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys

11:41:14.0476 3208 agp440 - ok

11:41:14.0544 3208 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe

11:41:14.0614 3208 ALG - ok

11:41:14.0682 3208 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys

11:41:14.0699 3208 aliide - ok

11:41:14.0715 3208 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys

11:41:14.0732 3208 amdide - ok

11:41:14.0763 3208 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys

11:41:14.0810 3208 AmdK8 - ok

11:41:14.0836 3208 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys

11:41:14.0859 3208 AmdPPM - ok

11:41:14.0934 3208 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys

11:41:14.0954 3208 amdsata - ok

11:41:15.0000 3208 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys

11:41:15.0029 3208 amdsbs - ok

11:41:15.0049 3208 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys

11:41:15.0068 3208 amdxata - ok

11:41:15.0110 3208 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys

11:41:15.0216 3208 AppID - ok

11:41:15.0242 3208 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll

11:41:15.0314 3208 AppIDSvc - ok

11:41:15.0345 3208 Appinfo (d065be66822847b7f127d1f90158376e) C:\Windows\System32\appinfo.dll

11:41:15.0462 3208 Appinfo - ok

11:41:15.0521 3208 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys

11:41:15.0541 3208 arc - ok

11:41:15.0567 3208 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys

11:41:15.0587 3208 arcsas - ok

11:41:15.0652 3208 aswFsBlk (5a68b880c16ad5a6aa20b49a47ffff24) C:\Windows\system32\drivers\aswFsBlk.sys

11:41:15.0764 3208 aswFsBlk - ok

11:41:15.0832 3208 aswMonFlt (230613be2d3da8053879be5ed2848f2d) C:\Windows\system32\drivers\aswMonFlt.sys

11:41:15.0848 3208 aswMonFlt - ok

11:41:15.0871 3208 aswRdr (0dc1996ae4178d7d14744ef6b3082313) C:\Windows\system32\drivers\aswRdr.sys

11:41:15.0889 3208 aswRdr - ok

11:41:15.0941 3208 aswSnx (b6ff911c23775cdfdd49612d92637af4) C:\Windows\system32\drivers\aswSnx.sys

11:41:15.0985 3208 aswSnx - ok

11:41:16.0058 3208 aswSP (5a590d8516376aed1829fc07d3bdaa4b) C:\Windows\system32\drivers\aswSP.sys

11:41:16.0106 3208 aswSP - ok

11:41:16.0122 3208 aswTdi (3239c0082fb0c1c4ee323730b85690a5) C:\Windows\system32\drivers\aswTdi.sys

11:41:16.0140 3208 aswTdi - ok

11:41:16.0170 3208 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys

11:41:16.0237 3208 AsyncMac - ok

11:41:16.0273 3208 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys

11:41:16.0292 3208 atapi - ok

11:41:16.0411 3208 AudioEndpointBuilder (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll

11:41:16.0493 3208 AudioEndpointBuilder - ok

11:41:16.0508 3208 AudioSrv (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll

11:41:16.0564 3208 AudioSrv - ok

11:41:16.0700 3208 avast! Antivirus (c76769f246250edad34a5581419e9d60) C:\Program Files\AVAST Software\Avast\AvastSvc.exe

11:41:16.0732 3208 avast! Antivirus - ok

11:41:16.0788 3208 AxInstSV (b20b5fa5ca050e9926e4d1db81501b32) C:\Windows\System32\AxInstSV.dll

11:41:16.0919 3208 AxInstSV - ok

11:41:16.0980 3208 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys

11:41:17.0080 3208 b06bdrv - ok

11:41:17.0137 3208 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys

11:41:17.0190 3208 b57nd60a - ok

11:41:17.0420 3208 BCM43XX (b44879610f2dc4a046b14befa3ae72de) C:\Windows\system32\DRIVERS\bcmwl664.sys

11:41:17.0547 3208 BCM43XX - ok

11:41:17.0650 3208 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll

11:41:17.0800 3208 BDESVC - ok

11:41:17.0865 3208 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys

11:41:17.0921 3208 Beep - ok

11:41:18.0059 3208 BFE (4992c609a6315671463e30f6512bc022) C:\Windows\System32\bfe.dll

11:41:18.0193 3208 BFE - ok

11:41:18.0358 3208 BITS (7f0c323fe3da28aa4aa1bda3f575707f) C:\Windows\System32\qmgr.dll

11:41:18.0488 3208 BITS - ok

11:41:18.0632 3208 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys

11:41:18.0682 3208 blbdrive - ok

11:41:18.0762 3208 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys

11:41:18.0866 3208 bowser - ok

11:41:18.0907 3208 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys

11:41:18.0964 3208 BrFiltLo - ok

11:41:18.0979 3208 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys

11:41:19.0018 3208 BrFiltUp - ok

11:41:19.0058 3208 Browser (94fbc06f294d58d02361918418f996e3) C:\Windows\System32\browser.dll

11:41:19.0163 3208 Browser - ok

11:41:19.0211 3208 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys

11:41:19.0315 3208 Brserid - ok

11:41:19.0355 3208 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys

11:41:19.0396 3208 BrSerWdm - ok

11:41:19.0456 3208 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys

11:41:19.0507 3208 BrUsbMdm - ok

11:41:19.0539 3208 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys

11:41:19.0580 3208 BrUsbSer - ok

11:41:19.0627 3208 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys

11:41:19.0690 3208 BTHMODEM - ok

11:41:19.0750 3208 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll

11:41:19.0821 3208 bthserv - ok

11:41:19.0846 3208 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys

11:41:19.0928 3208 cdfs - ok

11:41:20.0045 3208 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys

11:41:20.0180 3208 cdrom - ok

11:41:20.0255 3208 CertPropSvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll

11:41:20.0348 3208 CertPropSvc - ok

11:41:20.0398 3208 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys

11:41:20.0421 3208 circlass - ok

11:41:20.0473 3208 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys

11:41:20.0585 3208 CLFS - ok

11:41:20.0732 3208 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

11:41:20.0753 3208 clr_optimization_v2.0.50727_32 - ok

11:41:20.0829 3208 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

11:41:20.0847 3208 clr_optimization_v2.0.50727_64 - ok

11:41:21.0065 3208 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

11:41:21.0176 3208 clr_optimization_v4.0.30319_32 - ok

11:41:21.0330 3208 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

11:41:21.0377 3208 clr_optimization_v4.0.30319_64 - ok

11:41:21.0423 3208 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys

11:41:21.0476 3208 CmBatt - ok

11:41:21.0517 3208 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys

11:41:21.0536 3208 cmdide - ok

11:41:21.0605 3208 CNG (937beb186a735aca91d717044a49d17e) C:\Windows\system32\Drivers\cng.sys

11:41:21.0652 3208 CNG - ok

11:41:21.0688 3208 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys

11:41:21.0709 3208 Compbatt - ok

11:41:21.0742 3208 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys

11:41:21.0784 3208 CompositeBus - ok

11:41:21.0805 3208 COMSysApp - ok

11:41:21.0829 3208 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys

11:41:21.0848 3208 crcdisk - ok

11:41:21.0912 3208 CryptSvc (8c57411b66282c01533cb776f98ad384) C:\Windows\system32\cryptsvc.dll

11:41:22.0273 3208 CryptSvc - ok

11:41:22.0639 3208 cvhsvc (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE

11:41:22.0686 3208 cvhsvc - ok

11:41:22.0878 3208 DcomLaunch (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll

11:41:22.0953 3208 DcomLaunch - ok

11:41:23.0026 3208 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll

11:41:23.0114 3208 defragsvc - ok

11:41:23.0271 3208 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys

11:41:23.0369 3208 DfsC - ok

11:41:23.0448 3208 Dhcp (ce3b9562d997f69b330d181a8875960f) C:\Windows\system32\dhcpcore.dll

11:41:23.0644 3208 Dhcp - ok

11:41:23.0683 3208 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys

11:41:23.0783 3208 discache - ok

11:41:23.0844 3208 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys

11:41:23.0863 3208 Disk - ok

11:41:23.0977 3208 DKbFltr (d5bcb77be83cf99f508943945d46343d) C:\Windows\SysWOW64\Drivers\DKbFltr.sys

11:41:24.0025 3208 DKbFltr - ok

11:41:24.0081 3208 Dnscache (85cf424c74a1d5ec33533e1dbff9920a) C:\Windows\System32\dnsrslvr.dll

11:41:24.0160 3208 Dnscache - ok

11:41:24.0197 3208 dot3svc (14452acdb09b70964c8c21bf80a13acb) C:\Windows\System32\dot3svc.dll

11:41:24.0295 3208 dot3svc - ok

11:41:24.0359 3208 Dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys

11:41:24.0410 3208 Dot4 - ok

11:41:24.0447 3208 Dot4Print (85135ad27e79b689335c08167d917cde) C:\Windows\system32\DRIVERS\Dot4Prt.sys

11:41:24.0483 3208 Dot4Print - ok

11:41:24.0516 3208 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys

11:41:24.0541 3208 dot4usb - ok

11:41:24.0568 3208 DPS (8c2ba6bea949ee6e68385f5692bafb94) C:\Windows\system32\dps.dll

11:41:24.0656 3208 DPS - ok

11:41:24.0704 3208 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys

11:41:24.0737 3208 drmkaud - ok

11:41:24.0851 3208 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys

11:41:24.0905 3208 DXGKrnl - ok

11:41:24.0950 3208 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll

11:41:25.0016 3208 EapHost - ok

11:41:25.0260 3208 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys

11:41:25.0370 3208 ebdrv - ok

11:41:25.0498 3208 EFS (156f6159457d0aa7e59b62681b56eb90) C:\Windows\System32\lsass.exe

11:41:25.0551 3208 EFS - ok

11:41:25.0640 3208 ehRecvr (47c071994c3f649f23d9cd075ac9304a) C:\Windows\ehome\ehRecvr.exe

11:41:25.0698 3208 ehRecvr - ok

11:41:25.0735 3208 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe

11:41:25.0829 3208 ehSched - ok

11:41:25.0916 3208 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys

11:41:25.0948 3208 elxstor - ok

11:41:26.0079 3208 ePowerSvc (fb67aa8ac61b9365add546139a21bed6) C:\Program Files\eMachines\eMachines Power Management\ePowerSvc.exe

11:41:26.0121 3208 ePowerSvc - ok

11:41:26.0210 3208 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys

11:41:26.0262 3208 ErrDev - ok

11:41:26.0328 3208 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll

11:41:26.0414 3208 EventSystem - ok

11:41:26.0454 3208 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys

11:41:26.0533 3208 exfat - ok

11:41:26.0564 3208 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys

11:41:26.0637 3208 fastfat - ok

11:41:26.0737 3208 Fax (d607b2f1bee3992aa6c2c92c0a2f0855) C:\Windows\system32\fxssvc.exe

11:41:26.0825 3208 Fax - ok

11:41:26.0854 3208 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys

11:41:26.0885 3208 fdc - ok

11:41:26.0948 3208 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll

11:41:27.0013 3208 fdPHost - ok

11:41:27.0050 3208 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll

11:41:27.0109 3208 FDResPub - ok

11:41:27.0141 3208 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys

11:41:27.0164 3208 FileInfo - ok

11:41:27.0189 3208 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys

11:41:27.0255 3208 Filetrace - ok

11:41:27.0285 3208 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys

11:41:27.0322 3208 flpydisk - ok

11:41:27.0375 3208 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys

11:41:27.0399 3208 FltMgr - ok

11:41:27.0499 3208 FontCache (cb5e4b9c319e3c6bb363eb7e58a4a051) C:\Windows\system32\FntCache.dll

11:41:27.0617 3208 FontCache - ok

11:41:27.0688 3208 FontCache3.0.0.0 (8d89e3131c27fdd6932189cb785e1b7a) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

11:41:27.0705 3208 FontCache3.0.0.0 - ok

11:41:27.0779 3208 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys

11:41:27.0800 3208 FsDepends - ok

11:41:27.0844 3208 Fs_Rec (d3e3f93d67821a2db2b3d9fac2dc2064) C:\Windows\system32\drivers\Fs_Rec.sys

11:41:27.0863 3208 Fs_Rec - ok

11:41:27.0926 3208 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys

11:41:27.0962 3208 fvevol - ok

11:41:27.0987 3208 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys

11:41:28.0012 3208 gagp30kx - ok

11:41:28.0032 3208 GEARAspiWDM - ok

11:41:28.0110 3208 gpsvc (fe5ab4525bc2ec68b9119a6e5d40128b) C:\Windows\System32\gpsvc.dll

11:41:28.0165 3208 gpsvc - ok

11:41:28.0335 3208 Greg_Service (816fd5a6f3c2f3d600900096632fc60e) C:\Program Files (x86)\eMachines\Registration\GregHSRW.exe

11:41:28.0383 3208 Greg_Service - ok

11:41:28.0493 3208 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

11:41:28.0516 3208 gupdate - ok

11:41:28.0554 3208 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

11:41:28.0570 3208 gupdatem - ok

11:41:28.0615 3208 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

11:41:28.0644 3208 gusvc - ok

11:41:28.0769 3208 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys

11:41:28.0837 3208 hcw85cir - ok

11:41:28.0876 3208 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys

11:41:28.0920 3208 HdAudAddService - ok

11:41:28.0952 3208 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys

11:41:28.0987 3208 HDAudBus - ok

11:41:29.0025 3208 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys

11:41:29.0064 3208 HidBatt - ok

11:41:29.0098 3208 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys

11:41:29.0147 3208 HidBth - ok

11:41:29.0198 3208 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys

11:41:29.0232 3208 HidIr - ok

11:41:29.0281 3208 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll

11:41:29.0330 3208 hidserv - ok

11:41:29.0377 3208 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys

11:41:29.0431 3208 HidUsb - ok

11:41:29.0470 3208 hkmsvc (efa58ede58dd74388ffd04cb32681518) C:\Windows\system32\kmsvc.dll

11:41:29.0533 3208 hkmsvc - ok

11:41:29.0572 3208 HomeGroupListener (046b2673767ca626e2cfb7fdf735e9e8) C:\Windows\system32\ListSvc.dll

11:41:29.0647 3208 HomeGroupListener - ok

11:41:29.0676 3208 HomeGroupProvider (06a7422224d9865a5613710a089987df) C:\Windows\system32\provsvc.dll

11:41:29.0721 3208 HomeGroupProvider - ok

11:41:29.0873 3208 hpqcxs08 (0a3c6aa4a9fc38c20ba4eac2c3351c05) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll

11:41:29.0904 3208 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning

11:41:29.0905 3208 hpqcxs08 - detected UnsignedFile.Multi.Generic (1)

11:41:29.0951 3208 hpqddsvc (f3f72a2a86c22610bca5439fa789dd52) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll

11:41:29.0989 3208 hpqddsvc ( UnsignedFile.Multi.Generic ) - warning

11:41:29.0989 3208 hpqddsvc - detected UnsignedFile.Multi.Generic (1)

11:41:30.0030 3208 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys

11:41:30.0046 3208 HpSAMD - ok

11:41:30.0128 3208 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys

11:41:30.0203 3208 HTTP - ok

11:41:30.0226 3208 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys

11:41:30.0245 3208 hwpolicy - ok

11:41:30.0271 3208 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys

11:41:30.0295 3208 i8042prt - ok

11:41:30.0362 3208 IAANTMON (660bf3255a1eb18ed803fd2fba6ae400) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe

11:41:30.0386 3208 IAANTMON - ok

11:41:30.0456 3208 iaStor (be7d72fcf442c26975942007e0831241) C:\Windows\system32\DRIVERS\iaStor.sys

11:41:30.0477 3208 iaStor - ok

11:41:30.0548 3208 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys

11:41:30.0586 3208 iaStorV - ok

11:41:30.0711 3208 idsvc (2f2be70d3e02b6fa877921ab9516d43c) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

11:41:30.0750 3208 idsvc - ok

11:41:31.0463 3208 igfx (677aa5991026a65ada128c4b59cf2bad) C:\Windows\system32\DRIVERS\igdkmd64.sys

11:41:31.0861 3208 igfx - ok

11:41:32.0059 3208 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys

11:41:32.0076 3208 iirsp - ok

11:41:32.0276 3208 IKEEXT (c5b4683680df085b57bc53e5ef34861f) C:\Windows\System32\ikeext.dll

11:41:32.0393 3208 IKEEXT - ok

11:41:32.0908 3208 IntcAzAudAddService (0c3cf4b3bae28e121a1689e3538f8712) C:\Windows\system32\drivers\RTKVHD64.sys

11:41:32.0988 3208 IntcAzAudAddService - ok

11:41:33.0534 3208 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys

11:41:33.0552 3208 intelide - ok

11:41:33.0611 3208 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys

11:41:33.0656 3208 intelppm - ok

11:41:33.0707 3208 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll

11:41:33.0769 3208 IPBusEnum - ok

11:41:33.0803 3208 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys

11:41:33.0865 3208 IpFilterDriver - ok

11:41:34.0245 3208 iphlpsvc (f8e058d17363ec580e4b7232778b6cb5) C:\Windows\System32\iphlpsvc.dll

11:41:34.0391 3208 iphlpsvc - ok

11:41:34.0424 3208 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys

11:41:34.0447 3208 IPMIDRV - ok

11:41:34.0494 3208 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys

11:41:34.0583 3208 IPNAT - ok

11:41:34.0625 3208 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys

11:41:34.0663 3208 IRENUM - ok

11:41:34.0703 3208 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys

11:41:34.0721 3208 isapnp - ok

11:41:34.0756 3208 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys

11:41:34.0824 3208 iScsiPrt - ok

11:41:34.0862 3208 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys

11:41:34.0887 3208 kbdclass - ok

11:41:34.0919 3208 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys

11:41:34.0949 3208 kbdhid - ok

11:41:35.0016 3208 KeyIso (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe

11:41:35.0036 3208 KeyIso - ok

11:41:35.0093 3208 KSecDD (16c1b906fc5ead84769f90b736b6bf0e) C:\Windows\system32\Drivers\ksecdd.sys

11:41:35.0120 3208 KSecDD - ok

11:41:35.0303 3208 KSecPkg (0b711550c56444879d71c7daabda6c83) C:\Windows\system32\Drivers\ksecpkg.sys

11:41:35.0335 3208 KSecPkg - ok

11:41:35.0407 3208 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys

11:41:35.0541 3208 ksthunk - ok

11:41:37.0949 3208 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll

11:41:38.0106 3208 KtmRm - ok

11:41:38.0178 3208 L1C (2377ec4cc3e356655b996f39b43486b6) C:\Windows\system32\DRIVERS\L1C62x64.sys

11:41:38.0249 3208 L1C - ok

11:41:38.0297 3208 LanmanServer (81f1d04d4d0e433099365127375fd501) C:\Windows\system32\srvsvc.dll

11:41:38.0458 3208 LanmanServer - ok

11:41:38.0512 3208 LanmanWorkstation (27026eac8818e8a6c00a1cad2f11d29a) C:\Windows\System32\wkssvc.dll

11:41:38.0598 3208 LanmanWorkstation - ok

11:41:38.0677 3208 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys

11:41:38.0771 3208 lltdio - ok

11:41:38.0818 3208 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll

11:41:38.0922 3208 lltdsvc - ok

11:41:38.0968 3208 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll

11:41:39.0025 3208 lmhosts - ok

11:41:39.0096 3208 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys

11:41:39.0117 3208 LSI_FC - ok

11:41:39.0155 3208 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys

11:41:39.0183 3208 LSI_SAS - ok

11:41:39.0224 3208 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys

11:41:39.0243 3208 LSI_SAS2 - ok

11:41:39.0280 3208 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys

11:41:39.0302 3208 LSI_SCSI - ok

11:41:39.0333 3208 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys

11:41:39.0382 3208 luafv - ok

11:41:39.0419 3208 Mcx2Svc (f84c8f1000bc11e3b7b23cbd3baff111) C:\Windows\system32\Mcx2Svc.dll

11:41:39.0456 3208 Mcx2Svc - ok

11:41:39.0505 3208 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys

11:41:39.0520 3208 megasas - ok

11:41:39.0551 3208 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys

11:41:39.0612 3208 MegaSR - ok

11:41:39.0646 3208 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll

11:41:39.0714 3208 MMCSS - ok

11:41:39.0735 3208 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys

11:41:39.0792 3208 Modem - ok

11:41:39.0816 3208 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys

11:41:39.0851 3208 monitor - ok

11:41:39.0873 3208 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys

11:41:39.0891 3208 mouclass - ok

11:41:39.0944 3208 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys

11:41:39.0970 3208 mouhid - ok

11:41:39.0993 3208 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys

11:41:40.0019 3208 mountmgr - ok

11:41:40.0051 3208 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys

11:41:40.0073 3208 mpio - ok

11:41:40.0105 3208 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys

11:41:40.0197 3208 mpsdrv - ok

11:41:40.0323 3208 MpsSvc (aecab449567d1846dad63ece49e893e3) C:\Windows\system32\mpssvc.dll

11:41:40.0418 3208 MpsSvc - ok

11:41:40.0462 3208 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys

11:41:40.0493 3208 MRxDAV - ok

11:41:40.0545 3208 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys

11:41:40.0592 3208 mrxsmb - ok

11:41:40.0634 3208 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys

11:41:40.0681 3208 mrxsmb10 - ok

11:41:40.0718 3208 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys

11:41:40.0752 3208 mrxsmb20 - ok

11:41:40.0783 3208 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys

11:41:40.0808 3208 msahci - ok

11:41:40.0838 3208 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys

11:41:40.0879 3208 msdsm - ok

11:41:40.0933 3208 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe

11:41:40.0990 3208 MSDTC - ok

11:41:41.0021 3208 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys

11:41:41.0088 3208 Msfs - ok

11:41:41.0159 3208 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys

11:41:41.0216 3208 mshidkmdf - ok

11:41:41.0240 3208 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys

11:41:41.0258 3208 msisadrv - ok

11:41:41.0295 3208 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll

11:41:41.0385 3208 MSiSCSI - ok

11:41:41.0395 3208 msiserver - ok

11:41:41.0434 3208 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys

11:41:41.0486 3208 MSKSSRV - ok

11:41:41.0518 3208 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys

11:41:41.0582 3208 MSPCLOCK - ok

11:41:41.0601 3208 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys

11:41:41.0647 3208 MSPQM - ok

11:41:41.0679 3208 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys

11:41:41.0718 3208 MsRPC - ok

11:41:41.0748 3208 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys

11:41:41.0767 3208 mssmbios - ok

11:41:41.0788 3208 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys

11:41:41.0838 3208 MSTEE - ok

11:41:41.0852 3208 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys

11:41:41.0890 3208 MTConfig - ok

11:41:41.0933 3208 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys

11:41:41.0954 3208 Mup - ok

11:41:42.0016 3208 napagent (4987e079a4530fa737a128be54b63b12) C:\Windows\system32\qagentRT.dll

11:41:42.0097 3208 napagent - ok

11:41:42.0158 3208 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys

11:41:42.0209 3208 NativeWifiP - ok

11:41:42.0291 3208 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys

11:41:42.0334 3208 NDIS - ok

11:41:42.0376 3208 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys

11:41:42.0447 3208 NdisCap - ok

11:41:42.0490 3208 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys

11:41:42.0556 3208 NdisTapi - ok

11:41:42.0587 3208 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys

11:41:42.0640 3208 Ndisuio - ok

11:41:42.0673 3208 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys

11:41:42.0725 3208 NdisWan - ok

11:41:42.0756 3208 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys

11:41:42.0834 3208 NDProxy - ok

11:41:42.0902 3208 Net Driver HPZ12 (d5ac41ae382738483faffbd7e373d49a) C:\Windows\system32\HPZinw12.dll

11:41:42.0921 3208 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning

11:41:42.0921 3208 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)

11:41:42.0962 3208 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys

11:41:43.0020 3208 NetBIOS - ok

11:41:43.0054 3208 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys

11:41:43.0131 3208 NetBT - ok

11:41:43.0165 3208 Netlogon (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe

11:41:43.0187 3208 Netlogon - ok

11:41:43.0267 3208 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll

11:41:43.0348 3208 Netman - ok

11:41:43.0402 3208 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll

11:41:43.0481 3208 netprofm - ok

11:41:43.0573 3208 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe

11:41

This is the Combofix report -

ComboFix 12-04-25.02 - rosanne 26/04/2012 12:53:00.3.1 - x64

Microsoft Windows 7 Home Premium 6.1.7600.0.1252.44.1033.18.954.320 [GMT 1:00]

Running from: c:\users\rosanne\Downloads\ComboFix.exe

AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}

SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

---- Previous Run -------

.

C:\Install.exe

c:\program files (x86)\Common Files\emachines.ico

.

.

((((((((((((((((((((((((( Files Created from 2012-03-26 to 2012-04-26 )))))))))))))))))))))))))))))))

.

.

2012-04-26 12:01 . 2012-04-26 12:01 -------- d-----w- c:\users\Default\AppData\Local\temp

2012-04-26 10:41 . 2012-04-26 10:41 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{87F1C745-13BC-4090-9234-3489B8F25BA6}\offreg.dll

2012-04-26 10:25 . 2012-04-26 10:25 -------- d-----w- c:\programdata\boost_interprocess

2012-04-25 11:20 . 2012-04-25 11:21 -------- d-----w- c:\users\rosanne\AppData\Local\jZip

2012-04-25 11:20 . 2012-04-25 11:21 -------- d-----w- c:\program files (x86)\Searchqu Toolbar

2012-04-25 11:20 . 2012-04-25 11:20 -------- d-----w- c:\program files (x86)\jZip

2012-04-24 09:50 . 2012-04-13 08:46 8917360 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{87F1C745-13BC-4090-9234-3489B8F25BA6}\mpengine.dll

2012-04-12 22:57 . 2012-04-12 22:57 0 ----a-w- c:\windows\SysWow64\sho4F04.tmp

2012-04-12 22:46 . 2012-03-01 06:54 22896 ----a-w- c:\windows\system32\drivers\fs_rec.sys

2012-04-12 22:46 . 2012-03-01 06:40 80896 ----a-w- c:\windows\system32\imagehlp.dll

2012-04-12 22:46 . 2012-03-01 05:45 158720 ----a-w- c:\windows\SysWow64\imagehlp.dll

2012-04-12 22:46 . 2012-03-01 05:49 172544 ----a-w- c:\windows\SysWow64\wintrust.dll

2012-04-12 22:46 . 2012-03-01 06:45 220672 ----a-w- c:\windows\system32\wintrust.dll

2012-04-12 22:46 . 2012-03-01 06:35 5120 ----a-w- c:\windows\system32\wmi.dll

2012-04-12 22:46 . 2012-03-01 05:40 5120 ----a-w- c:\windows\SysWow64\wmi.dll

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-03-08 17:45 . 2012-03-08 17:45 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe

2012-03-08 17:45 . 2012-03-08 17:45 161792 ----a-w- c:\windows\SysWow64\msls31.dll

2012-03-08 17:45 . 2012-03-08 17:45 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll

2012-03-08 17:45 . 2012-03-08 17:45 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe

2012-03-08 17:45 . 2012-03-08 17:45 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll

2012-03-08 17:45 . 2012-03-08 17:45 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll

2012-03-08 17:45 . 2012-03-08 17:45 74752 ----a-w- c:\windows\SysWow64\iesetup.dll

2012-03-08 17:45 . 2012-03-08 17:45 63488 ----a-w- c:\windows\SysWow64\tdc.ocx

2012-03-08 17:45 . 2012-03-08 17:45 420864 ----a-w- c:\windows\SysWow64\vbscript.dll

2012-03-08 17:45 . 2012-03-08 17:45 367104 ----a-w- c:\windows\SysWow64\html.iec

2012-03-08 17:45 . 2012-03-08 17:45 35840 ----a-w- c:\windows\SysWow64\imgutil.dll

2012-03-08 17:45 . 2012-03-08 17:45 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll

2012-03-08 17:45 . 2012-03-08 17:45 152064 ----a-w- c:\windows\SysWow64\wextract.exe

2012-03-08 17:45 . 2012-03-08 17:45 150528 ----a-w- c:\windows\SysWow64\iexpress.exe

2012-03-08 17:45 . 2012-03-08 17:45 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe

2012-03-08 17:45 . 2012-03-08 17:45 11776 ----a-w- c:\windows\SysWow64\mshta.exe

2012-03-08 17:45 . 2012-03-08 17:45 101888 ----a-w- c:\windows\SysWow64\admparse.dll

2012-03-08 17:45 . 2012-03-08 17:45 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe

2012-03-08 17:45 . 2012-03-08 17:45 222208 ----a-w- c:\windows\system32\msls31.dll

2012-03-08 17:45 . 2012-03-08 17:45 173056 ----a-w- c:\windows\system32\ieUnatt.exe

2012-03-08 17:45 . 2012-03-08 17:45 12288 ----a-w- c:\windows\system32\mshta.exe

2012-03-08 17:45 . 2012-03-08 17:45 114176 ----a-w- c:\windows\system32\admparse.dll

2012-03-08 17:45 . 2012-03-08 17:45 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe

2012-03-08 17:45 . 2012-03-08 17:45 85504 ----a-w- c:\windows\system32\iesetup.dll

2012-03-08 17:45 . 2012-03-08 17:45 76800 ----a-w- c:\windows\system32\tdc.ocx

2012-03-08 17:45 . 2012-03-08 17:45 603648 ----a-w- c:\windows\system32\vbscript.dll

2012-03-08 17:45 . 2012-03-08 17:45 49664 ----a-w- c:\windows\system32\imgutil.dll

2012-03-08 17:45 . 2012-03-08 17:45 48640 ----a-w- c:\windows\system32\mshtmler.dll

2012-03-08 17:45 . 2012-03-08 17:45 448512 ----a-w- c:\windows\system32\html.iec

2012-03-08 17:45 . 2012-03-08 17:45 30720 ----a-w- c:\windows\system32\licmgr10.dll

2012-03-08 17:45 . 2012-03-08 17:45 165888 ----a-w- c:\windows\system32\iexpress.exe

2012-03-08 17:45 . 2012-03-08 17:45 160256 ----a-w- c:\windows\system32\wextract.exe

2012-03-08 17:45 . 2012-03-08 17:45 135168 ----a-w- c:\windows\system32\IEAdvpack.dll

2012-03-08 17:45 . 2012-03-08 17:45 111616 ----a-w- c:\windows\system32\iesysprep.dll

2012-02-23 09:18 . 2011-10-24 12:06 279656 ------w- c:\windows\system32\MpSigStub.exe

2012-02-15 06:27 . 2012-03-14 11:11 1031680 ----a-w- c:\windows\system32\rdpcore.dll

2012-02-15 05:44 . 2012-03-14 11:11 826368 ----a-w- c:\windows\SysWow64\rdpcore.dll

2012-02-15 04:47 . 2012-03-14 11:11 204800 ----a-w- c:\windows\system32\drivers\rdpwd.sys

2012-02-15 04:46 . 2012-03-14 11:11 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys

2012-02-10 06:18 . 2012-03-14 16:57 1541120 ----a-w- c:\windows\system32\DWrite.dll

2012-02-10 06:17 . 2012-03-14 16:56 1837568 ----a-w- c:\windows\system32\d3d10warp.dll

2012-02-10 06:17 . 2012-03-14 16:57 320512 ----a-w- c:\windows\system32\d3d10_1core.dll

2012-02-10 06:17 . 2012-03-14 16:56 902656 ----a-w- c:\windows\system32\d2d1.dll

2012-02-10 06:17 . 2012-03-14 16:56 197120 ----a-w- c:\windows\system32\d3d10_1.dll

2012-02-10 05:41 . 2012-03-14 16:57 1074176 ----a-w- c:\windows\SysWow64\DWrite.dll

2012-02-10 05:41 . 2012-03-14 16:56 218624 ----a-w- c:\windows\SysWow64\d3d10_1core.dll

2012-02-10 05:41 . 2012-03-14 16:56 1170944 ----a-w- c:\windows\SysWow64\d3d10warp.dll

2012-02-10 05:41 . 2012-03-14 16:56 161792 ----a-w- c:\windows\SysWow64\d3d10_1.dll

2012-02-10 05:41 . 2012-03-14 16:56 739840 ----a-w- c:\windows\SysWow64\d2d1.dll

2012-02-04 23:39 . 2012-02-04 23:39 0 ----a-w- c:\windows\SysWow64\shoC20F.tmp

2012-02-03 04:16 . 2012-03-14 16:57 3143168 ----a-w- c:\windows\system32\win32k.sys

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-11-03 39408]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2009-08-18 1157128]

"NortonOnlineBackupReminder"="c:\program files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" [2009-07-25 588648]

"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-09-23 35760]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]

"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2010-03-12 49208]

"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-09-06 3722416]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]

"AvgUninstallURL"="start http://www.avg.com/ww.special-uninstallation-feedback-app?lic=SUFIMkstMks5WjQtN0hHWDktQUY3SUUtTjI3UFctTw&inst=NzYtOTQ1NDg2Mzg4LVNUMTJPSSsxLUREVCswLUVVTEErMS1TVDEyQVBQKzE∏=94&ver=2012.0.1831&mid=d88b85d8284747d1a035a113f0fdc29c-695c596040b3b540245e656d9bc042f3c89eee26" [?]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-5-21 275768]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]

"AppInit_DLLs"=c:\progra~2\SEARCH~1\Datamngr\datamngr.dll c:\progra~2\SEARCH~1\Datamngr\IEBHO.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]

"aux"=wdmaud.drv

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

.

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-14 135664]

R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-14 135664]

R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]

R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2009-09-02 225280]

R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]

S1 aswSnx;aswSnx; [x]

S1 aswSP;aswSP; [x]

S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]

S2 aswFsBlk;aswFsBlk; [x]

S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]

S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]

S2 ePowerSvc;Acer ePower Service;c:\program files\eMachines\eMachines Power Management\ePowerSvc.exe [2009-09-30 844320]

S2 Greg_Service;GRegService;c:\program files (x86)\eMachines\Registration\GregHSRW.exe [2009-08-28 1150496]

S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]

S2 Updater Service;Updater Service;c:\program files\eMachines\eMachines Updater\UpdaterService.exe [2009-07-04 240160]

S3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x64.sys [x]

S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [x]

S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [x]

S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [x]

S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [x]

S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]

S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]

.

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]

hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

.

Contents of the 'Scheduled Tasks' folder

.

2012-04-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-14 17:01]

.

2012-04-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-14 17:01]

.

2012-04-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2456797310-3782677554-3662687650-1002Core.job

- c:\users\rosanne\AppData\Local\Google\Update\GoogleUpdate.exe [2012-02-16 17:03]

.

2012-04-26 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2456797310-3782677554-3662687650-1002UA.job

- c:\users\rosanne\AppData\Local\Google\Update\GoogleUpdate.exe [2012-02-16 17:03]

.

.

--------- x86-64 -----------

.

.

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{9D717F81-9148-4f12-8568-69135F087DB0}]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]

@="{472083B0-C522-11CF-8763-00608CC02F24}"

[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]

2011-09-06 20:45 134384 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-10-13 186904]

"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-07-28 7982112]

"Acer ePower Management"="c:\program files\eMachines\eMachines Power Management\ePowerTray.exe" [2009-09-30 823840]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-08-25 161304]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-08-25 386584]

"Persistence"="c:\windows\system32\igfxpers.exe" [2010-08-25 415256]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"LoadAppInit_DLLs"=0x1

"AppInit_DLLs"=c:\progra~2\SEARCH~1\Datamngr\x64\datamngr.dll c:\progra~2\SEARCH~1\Datamngr\x64\IEBHO.dll

.

------- Supplementary Scan -------

.

uStart Page = hxxp://www.searchnu.com/102

uLocal Page = c:\windows\system32\blank.htm

mStart Page = hxxp://homepage.emachines.com/rdr.aspx?b=ACEW&l=0809&m=e525&r=273608100615l0474z135r44424237

mLocal Page = c:\windows\SysWOW64\blank.htm

IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000

TCP: DhcpNameServer = 192.168.1.1

.

- - - - ORPHANS REMOVED - - - -

.

Toolbar-Locked - (no file)

Toolbar-10 - (no file)

Wow6432Node-HKCU-Run-RESTART_STICKY_NOTES - c:\windows\System32\StikyNot.exe

Toolbar-Locked - (no file)

Toolbar-10 - (no file)

HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe

AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe

AddRemove-Yahoo! Toolbar - c:\progra~2\Yahoo!\Common\UNYT_W~1.EXE

.

.

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.10"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

------------------------ Other Running Processes ------------------------

.

c:\program files\AVAST Software\Avast\AvastSvc.exe

c:\program files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe

c:\program files (x86)\Searchqu Toolbar\Datamngr\datamngrUI.exe

.

**************************************************************************

.

Completion time: 2012-04-26 13:12:29 - machine was rebooted

ComboFix-quarantined-files.txt 2012-04-26 12:12

.

Pre-Run: 102,850,105,344 bytes free

Post-Run: 102,476,615,680 bytes free

.

- - End Of File - - CDF3376C4CBB6B4718CAFA09B85B2769

searchnu no longer opens new browser pages, am i all ok again?

Thanks,,

Link to post
Share on other sites

Hello Rosanne and :welcome:! My name is Maniac and I will be glad to help you solve your malware problem.

Please note:

  • If you are a paying customer, you have the privilege to contact the help desk at support@malwarebytes.org or here (http://helpdesk.malwarebytes.org/home). If you choose this option to get help, please let me know.
  • I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  • Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  • Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  • Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.

Download OTL to your Desktop

  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Please tick the Scan All users. Next, click the Quick Scan button. The scan wont take long.
    • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
    • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time and post them in your topic.

Link to post
Share on other sites

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.