eNerve

Can't resolve "Search Assist"

28 posts in this topic

DDS (Ver_2012-11-20.01) - NTFS_AMD64 

Internet Explorer: 10.0.9200.16660  BrowserJavaVersion: 10.25.2

Run by FreshOats at 12:35:29 on 2013-10-03

Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.3764.1265 [GMT -7:00]

.

AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}

SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\svchost.exe -k NetworkService

C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE

C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe

C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files\LSI SoftModem\agr64svc.exe

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe

C:\Program Files (x86)\Acer\Registration\GregHSRW.exe

C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt

C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe

C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE

C:\Program Files\Acer\Acer Updater\UpdaterService.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

C:\Users\Justin\AppData\Local\Mikogo4\Host\Service\M4-Service.exe

C:\Users\Justin\AppData\Local\Mikogo4\Host\Service\M4-Capture.exe

C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe

C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe

C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe

C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\Program Files (x86)\Sendori\sndappv2.exe

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted

C:\Program Files\Acer\Acer Updater\UpdaterService.exe

C:\Windows\System32\svchost.exe -k secsvcs

C:\Windows\System32\Drivers\WTSRV.EXE

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files (x86)\Sendori\SendoriSvc.exe

C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Program Files (x86)\Sendori\SendoriUp.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler.exe

C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler64.exe

C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe

C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe

C:\Program Files (x86)\Nero\Update\NASvc.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

C:\Program Files (x86)\Sendori\Sendori.Service.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe

C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

C:\Windows\PLFSetI.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe

C:\Windows\system32\igfxext.exe

C:\Windows\system32\igfxsrvc.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Users\Justin\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Users\Justin\AppData\Local\Google\Update\1.3.21.153\GoogleCrashHandler.exe

C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe

C:\Program Files (x86)\Launch Manager\LManager.exe

C:\Users\Justin\AppData\Local\Google\Update\1.3.21.153\GoogleCrashHandler64.exe

C:\Windows\SysWOW64\WTClient.exe

C:\Program Files\Alwil Software\Avast5\AvastUI.exe

C:\Windows\system32\wuauclt.exe

C:\Program Files (x86)\Sendori\SendoriTray.exe

C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Users\Justin\AppData\Roaming\Dropbox\bin\Dropbox.exe

C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe

C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe

C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe

C:\Program Files (x86)\MediaMonkey\MediaMonkey.exe

C:\Users\Justin\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Justin\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Justin\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Justin\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Justin\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Justin\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Justin\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Justin\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Justin\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe

C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe

C:\Users\Justin\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Justin\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE

C:\Windows\splwow64.exe

C:\Windows\system32\taskeng.exe

C:\Windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.


uWindow Title = Internet Explorer, enhanced for Bing and MSN






uURLSearchHooks: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll

mWinlogon: Userinit = userinit.exe,

BHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll

BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll

BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned>

BHO: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll

BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: MSN Toolbar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0417.0\npwinext.dll

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

BHO: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll

BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

TB: MSN Toolbar: {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0417.0\npwinext.dll

TB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll

TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll

EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll

EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll

uRun: [googletalk] C:\Users\FreshOats\AppData\Roaming\Google\Google Talk\googletalk.exe /autostart

uRun: [4AA5D9FA8B43745BB2EAD1E788698E8441A23DBA._service_run] "C:\Users\FreshOats\AppData\Local\Google\Chrome\Application\chrome.exe" --type=service

uRun: [D3CA26BDF1EEC0308B736E98B1ACDCED782D77FF._service_run] "C:\Users\Justin\AppData\Local\Google\Chrome\Application\chrome.exe" --type=service

uRun: [AdobeBridge] <no file>

mRun: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe

mRun: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [WTClient] WTClient.exe

mRun: [avast] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui

mRun: [sendori Tray] "C:\Program Files (x86)\Sendori\SendoriTray.exe"

mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe

StartupFolder: C:\Users\Justin\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Justin\AppData\Roaming\Dropbox\bin\Dropbox.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe

mPolicies-Explorer: NoActiveDesktop = dword:1

mPolicies-System: ConsentPromptBehaviorAdmin = dword:5

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableUIADesktopToggle = dword:0

mPolicies-System: PromptOnSecureDesktop = dword:0

IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200

IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000

IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}

IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

LSP: C:\Windows\System32\Sendori.dll

Trusted Zone: clonewarsadventures.com

Trusted Zone: freerealms.com

Trusted Zone: soe.com

Trusted Zone: sony.com



TCP: NameServer = 132.239.0.252 132.239.0.250

TCP: Interfaces\{079E895E-A34A-44CA-AB30-B5385D4D0B79} : DHCPNameServer = 192.168.1.254

TCP: Interfaces\{653E5F10-D724-4359-9865-AA1F5127D99E} : NameServer = 192.168.42.129

TCP: Interfaces\{653E5F10-D724-4359-9865-AA1F5127D99E} : DHCPNameServer = 192.168.42.129

TCP: Interfaces\{A299C7D6-6A7F-4DE9-889A-321C37E8BE34} : DHCPNameServer = 132.239.0.252 132.239.0.250

TCP: Interfaces\{A299C7D6-6A7F-4DE9-889A-321C37E8BE34}\2375942554837353 : DHCPNameServer = 192.168.1.254

TCP: Interfaces\{A299C7D6-6A7F-4DE9-889A-321C37E8BE34}\2456C6D6F4 : DHCPNameServer = 192.168.2.1

TCP: Interfaces\{BEAF8B28-493A-4EEC-986D-D78A4F063FF4} : NameServer = 192.168.42.129

TCP: Interfaces\{BEAF8B28-493A-4EEC-986D-D78A4F063FF4} : DHCPNameServer = 192.168.42.129

Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll

SSODL: WebCheck - <orphaned>

SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

x64-BHO: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll

x64-BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll

x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll

x64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll

x64-Run: [iAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe

x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s

x64-Run: [PLFSetI] C:\Windows\PLFSetI.exe

x64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe

x64-Run: [Acer ePower Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe

x64-Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe /logon

x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe

x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe

x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe

x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>

x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned>

x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>

x64-Notify: igfxcui - igfxdev.dll

x64-SSODL: WebCheck - <orphaned>

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\Justin\AppData\Roaming\Mozilla\Firefox\Profiles\6vfjhq0a.default\

FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0417.0\npwinext.dll

FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

FF - plugin: C:\Users\Justin\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll

FF - plugin: C:\Users\Justin\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll

FF - plugin: C:\Users\Justin\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll

FF - plugin: C:\Users\Justin\AppData\Roaming\Mozilla\plugins\npo1d.dll

FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll

FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll

FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll

FF - plugin: C:\Windows\SysWOW64\npmproxy.dll

FF - ExtSQL: 2013-09-22 12:24; smartwebprinting@hp.com; C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

FF - ExtSQL: 2013-10-02 10:38; {AE93811A-5C9A-4d34-8462-F7B864FC4696}; C:\Users\Justin\AppData\Roaming\Mozilla\Firefox\Profiles\6vfjhq0a.default\extensions\{AE93811A-

 

5C9A-4d34-8462-F7B864FC4696}.xpi

FF - ExtSQL: !HIDDEN! 2013-09-22 12:24; smartwebprinting@hp.com; C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

.

============= SERVICES / DRIVERS ===============

.

R0 aswRvrt;aswRvrt;C:\Windows\System32\drivers\aswRvrt.sys [2013-3-17 65336]

R0 aswVmm;aswVmm;C:\Windows\System32\drivers\aswVmm.sys [2013-3-17 204880]

R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2010-2-7 55024]

R1 aswKbd;aswKbd;C:\Windows\System32\drivers\aswKbd.sys [2012-8-27 19600]

R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2011-3-23 1030952]

R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2010-1-21 378944]

R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2013-9-1 283064]

R1 mwlPSDFilter;mwlPSDFilter;C:\Windows\System32\drivers\mwlPSDFilter.sys [2009-6-2 22576]

R1 mwlPSDNServ;mwlPSDNServ;C:\Windows\System32\drivers\mwlPSDNserv.sys [2009-6-2 20016]

R1 mwlPSDVDisk;mwlPSDVDisk;C:\Windows\System32\drivers\mwlPSDVDisk.sys [2009-6-2 60464]

R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]

R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]

R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2011-8-11 140672]

R2 AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8;C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe [2009-9-6 169312]

R2 Application Sendori;Application Sendori;C:\Program Files (x86)\Sendori\SendoriSvc.exe [2013-7-1 119072]

R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2010-1-21 33400]

R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2010-1-21 80816]

R2 avast! Antivirus;avast! Antivirus;C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2013-9-18 46808]

R2 ePowerSvc;Acer ePower Service;C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2009-12-8 844320]

R2 FreeAgentGoNext Service;Seagate Service;C:\Program Files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe [2009-9-25 189736]

R2 Greg_Service;GRegService;C:\Program Files (x86)\Acer\Registration\GregHSRW.exe [2009-8-28 1150496]

R2 HTCMonitorService;HTCMonitorService;C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [2013-1-29 87368]

R2 IntuitUpdateServiceV4;Intuit Update Service v4;C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe [2012-8-23 13672]

R2 Live Updater Service;Live Updater Service;C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2009-11-4 255376]

R2 M4-Service;M4-Service;C:\Users\Justin\AppData\Local\Mikogo4\Host\Service\M4-Service.exe [2013-4-29 1008032]

R2 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2010-2-18 462632]

R2 NTI IScheduleSvc;NTI IScheduleSvc;C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2009-9-24 62720]

R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2009-6-17 144640]

R2 PassThru Service;Internet Pass-Through Service;C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2013-4-6 167424]

R2 Service Sendori;Service Sendori;C:\Program Files (x86)\Sendori\Sendori.Service.exe [2013-7-1 22304]

R2 sndappv2;sndappv2;C:\Program Files (x86)\Sendori\sndappv2.exe [2013-7-1 3623200]

R2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2009-11-4 

 

2320920]

R2 Updater Service;Updater Service;C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2009-11-4 255376]

R3 HECIx64;Intel® Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2009-11-4 56344]

R3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2009-12-8 151936]

R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2009-12-8 244736]

R3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;C:\Windows\System32\drivers\k57nd60a.sys [2009-8-6 320040]

R3 PTSimBus;PenTablet Bus Enumerator;C:\Windows\System32\drivers\PTSimBus.sys [2009-6-18 27304]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-9-1 418376]

S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-9-1 701512]

S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe --> c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [?]

S2 nidevldu;NI Device Loader;C:\Windows\SysWOW64\nipalsm.exe --> C:\Windows\SysWOW64\nipalsm.exe [?]

S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-6-7 160944]

S3 AmUStor;AM USB Stroage Driver;C:\Windows\System32\drivers\AmUStor.sys [2009-7-22 40448]

S3 androidusb;ADB Interface Driver;C:\Windows\System32\drivers\ANDROIDUSB.sys [2009-11-2 33736]

S3 DrvAgent64;DrvAgent64;C:\Windows\SysWOW64\drivers\DrvAgent64.SYS [2013-3-8 21712]

S3 HTCAND64;HTC Device Driver;C:\Windows\System32\drivers\ANDROIDUSB.sys [2009-11-2 33736]

S3 htcnprot;HTC NDIS Protocol Driver;C:\Windows\System32\drivers\htcnprot.sys [2012-12-7 36928]

S3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-9-1 25928]

S3 MWLService;MyWinLocker Service;C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe [2009-9-10 305448]

S3 NIEthernetDeviceEnumerator;NI Ethernet Device Enumerator Driver;C:\Windows\System32\drivers\niede.sys [2012-1-12 38064]

S3 niufurkw;niufurkw;C:\Windows\System32\drivers\niufurkw.sys [2012-7-16 12496]

S3 nixsrkw;nixsrkw;C:\Windows\System32\drivers\nixsrkw.sys [2012-7-16 12464]

S3 NTIBackupSvc;NTI Backup Now 5 Backup Service;C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2009-6-17 50432]

S3 PTSimHid;PenTablet Simulated HID MiniDriver;C:\Windows\System32\drivers\PTSimHid.sys [2009-6-18 17064]

S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-12-7 19456]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-12-7 57856]

S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-2-27 1255736]

S4 NIApplicationWebServer64;NI Application Web Server (64-bit);"C:\Program Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe" -user --> C:\Program 

 

Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [?]

.

=============== File Associations ===============

.

ShellExec: Opera.exe: open="C:\Program Files (x86)\Opera\Launcher.exe" "%1"

.

=============== Created Last 30 ================

.

2013-10-03 10:22:30 76232 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{220E2A91-3EF4-41BC-A6DB-229D76EE22BE}\offreg.dll

2013-10-03 10:20:08 9694160 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{220E2A91-3EF4-41BC-A6DB-229D76EE22BE}\mpengine.dll

2013-10-02 20:12:32 -------- d-----w- C:\AdobeTemp

2013-09-22 19:22:20 -------- d-----w- C:\Program Files (x86)\Common Files\HP

2013-09-16 20:28:05 3723656 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe

2013-09-06 22:38:07 -------- d-----w- C:\Users\Justin\AppData\Local\Opera Software

2013-09-06 22:38:05 -------- d-----w- C:\Users\Justin\AppData\Roaming\Opera Software

2013-09-05 14:04:02 209272 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.dll

2013-09-04 18:56:59 3958784 ----a-w- C:\Windows\System32\jscript9.dll

2013-09-04 18:38:47 -------- d-----w- C:\Windows\System32\MRT

2013-09-04 18:36:03 1888768 ----a-w- C:\Windows\System32\WMVDECOD.DLL

2013-09-04 18:36:03 1620992 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL

2013-09-04 18:34:59 39936 ----a-w- C:\Windows\System32\drivers\tssecsrv.sys

2013-09-04 18:33:26 1910208 ----a-w- C:\Windows\System32\drivers\tcpip.sys

.

==================== Find3M  ====================

.

2013-09-20 04:33:59 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2013-09-20 04:33:59 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2013-09-01 20:18:13 283064 ----a-w- C:\Windows\System32\drivers\dtsoftbus01.sys

2013-08-30 07:48:10 72016 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys

2013-08-30 07:48:10 65336 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys

2013-08-30 07:48:10 204880 ----a-w- C:\Windows\System32\drivers\aswVmm.sys

2013-08-30 07:48:10 1030952 ----a-w- C:\Windows\System32\drivers\aswSnx.sys

2013-08-30 07:48:09 80816 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys

2013-08-30 07:47:40 41664 ----a-w- C:\Windows\avastSS.scr

2013-08-28 21:27:05 26282226 ----a-w- C:\Users\Justin\ij147-jdk6-64bit-setup.exe

2013-08-28 20:43:45 108968 ----a-w- C:\Windows\System32\WindowsAccessBridge-64.dll

2013-08-28 20:43:12 1093032 ----a-w- C:\Windows\System32\npDeployJava1.dll

2013-08-28 20:43:11 972712 ----a-w- C:\Windows\System32\deployJava1.dll

2013-08-21 18:53:18 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll

2013-08-21 18:53:12 867240 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll

2013-08-21 18:53:12 789416 ----a-w- C:\Windows\SysWow64\deployJava1.dll

2013-08-07 11:22:02 278800 ------w- C:\Windows\System32\MpSigStub.exe

2013-07-26 05:13:37 2241024 ----a-w- C:\Windows\System32\wininet.dll

2013-07-26 05:12:04 136704 ----a-w- C:\Windows\System32\iesysprep.dll

2013-07-26 05:12:03 67072 ----a-w- C:\Windows\System32\iesetup.dll

2013-07-26 03:35:08 2706432 ----a-w- C:\Windows\System32\mshtml.tlb

2013-07-26 03:13:24 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll

2013-07-26 03:12:04 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll

2013-07-26 03:12:00 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll

2013-07-26 03:12:00 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll

2013-07-26 02:49:14 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2013-07-26 02:39:38 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe

2013-07-26 01:59:38 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe

2013-07-19 01:58:42 2048 ----a-w- C:\Windows\System32\tzres.dll

2013-07-19 01:41:01 2048 ----a-w- C:\Windows\SysWow64\tzres.dll

2013-07-09 06:03:30 5550528 ----a-w- C:\Windows\System32\ntoskrnl.exe

2013-07-09 05:54:22 1732032 ----a-w- C:\Windows\System32\ntdll.dll

2013-07-09 05:53:12 243712 ----a-w- C:\Windows\System32\wow64.dll

2013-07-09 05:52:52 224256 ----a-w- C:\Windows\System32\wintrust.dll

2013-07-09 05:51:16 1217024 ----a-w- C:\Windows\System32\rpcrt4.dll

2013-07-09 05:46:20 184320 ----a-w- C:\Windows\System32\cryptsvc.dll

2013-07-09 05:46:20 1472512 ----a-w- C:\Windows\System32\crypt32.dll

2013-07-09 05:46:20 139776 ----a-w- C:\Windows\System32\cryptnet.dll

2013-07-09 05:03:34 3968960 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe

2013-07-09 05:03:34 3913664 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe

2013-07-09 04:53:47 1292192 ----a-w- C:\Windows\SysWow64\ntdll.dll

2013-07-09 04:52:33 663552 ----a-w- C:\Windows\SysWow64\rpcrt4.dll

2013-07-09 04:52:33 5120 ----a-w- C:\Windows\SysWow64\wow32.dll

2013-07-09 04:52:10 175104 ----a-w- C:\Windows\SysWow64\wintrust.dll

2013-07-09 04:46:31 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll

2013-07-09 04:46:31 1166848 ----a-w- C:\Windows\SysWow64\crypt32.dll

2013-07-09 04:46:31 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll

2013-07-09 04:45:07 44032 ----a-w- C:\Windows\apppatch\acwow64.dll

2013-07-09 02:49:42 25600 ----a-w- C:\Windows\SysWow64\setup16.exe

2013-07-09 02:49:41 7680 ----a-w- C:\Windows\SysWow64\instnm.exe

2013-07-09 02:49:39 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll

2013-07-09 02:49:38 2048 ----a-w- C:\Windows\SysWow64\user.exe

.

============= FINISH: 12:36:28.22 ===============

 

 


.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 7 Home Premium 

Boot Device: \Device\HarddiskVolume2

Install Date: 1/19/2010 5:01:22 PM

System Uptime: 10/2/2013 8:33:26 PM (16 hours ago)

.

Motherboard: Acer            |  | Aspire 5740                    

Processor: Intel® Core i3 CPU       M 330  @ 2.13GHz | CPU 1 | 1983/100mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 285 GiB total, 55.66 GiB free.

D: is CDROM ()

E: is CDROM (CDFS)

G: is FIXED (NTFS) - 466 GiB total, 82.673 GiB free.

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP593: 10/2/2013 12:59:00 PM - Removed Adobe Photoshop Lightroom 2.7 64-bit.

RP594: 10/2/2013 2:09:44 PM - Removed Adobe Photoshop Lightroom 4.4 64-bit.

RP595: 10/2/2013 2:16:38 PM - Removed EndNote X3

RP596: 10/3/2013 3:19:21 AM - Windows Update

.

==== Installed Programs ======================

.

 Update for Microsoft Office 2007 (KB2508958)

64 Bit HP CIO Components Installer

Acer Arcade Deluxe

Acer Assist

Acer Backup Manager

Acer Crystal Eye Webcam

Acer ePower Management

Acer eRecovery Management

Acer Games

Acer GridVista

Acer Registration

Acer ScreenSaver

Acer Updater

Acrobat.com

Adobe AIR

Adobe Color Video Profiles CS CS4

Adobe Community Help

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Photoshop Elements 8.0

Adobe Photoshop.com Inspiration Browser

Adobe Reader XI (11.0.04)

Adobe Shockwave Player 11.6

AdobeColorCommonSetRGB

Alcor Micro USB Card Reader

Apple Application Support

Apple Mobile Device Support

Apple Software Update

ArcSoft PhotoStudio 6

Audacity 1.3.11 (Unicode)

Auslogics BoostSpeed

AutoQuant3DMergeModuls

avast! Free Antivirus

Avery Wizard 4.0

Backup Manager Basic

Blogger Backup Utility

Bonjour

Broadcom Gigabit NetLink Controller

BufferChm

Canon CanoScan LiDE 700F User Registration

Canon Inkjet Printer/Scanner/Fax Extended Survey Program

Canon MP Navigator EX 2.1

Canon RAW Image Task for ZoomBrowser EX

Canon Utilities CameraWindow

Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX

Canon Utilities Digital Photo Professional 3.4

Canon Utilities EOS Utility

Canon Utilities MyCamera

Canon Utilities PhotoStitch

Canon Utilities Picture Style Editor

Canon Utilities RemoteCapture Task for ZoomBrowser EX

Canon Utilities Solution Menu

Canon Utilities WFT-E1/E2/E3 Utility

Canon Utilities ZoomBrowser EX

Canon ZoomBrowser EX Memory Card Utility

CanoScan LiDE 700F Scanner Driver

Compatibility Pack for the 2007 Office system

D1400

D1400_Help

DAEMON Tools Lite

DeviceDiscovery

dj_sf_ProductContext

dj_sf_software

dj_sf_software_req

Driver Detective

DriverAgent by eSupport.com

Dropbox

eBay Worldwide

eSobi v2

FFmpeg for Audacity on Windows

FileZilla Client 3.5.3

G*Power 3.1.7

Garmin Communicator Plugin

Garmin Lifetime Updater

Garmin USB Drivers

Glade 3.6.1

Google Chrome

Google Drive

Google Talk (remove only)

Google Talk Plugin

Google Update Helper

GoToMeeting 4.8.0.723

GPBaseService2

Half-Life 2

Half-Life 2: Episode One

Half-Life 2: Episode Two

Half-Life 2: Lost Coast

Hewlett-Packard ACLM.NET v1.1.0.0

High-Definition Video Playback 10

Hotfix for Microsoft .NET Framework 4 Client Profile (KB982638)

HP Customer Participation Program 13.0

HP Deskjet Printer Driver Software 13.0 Rel. 1

HP Imaging Device Functions 13.0

HP Photosmart Essential 3.5

HP Product Detection

HP Smart Web Printing 4.51

HP Solution Center 13.0

HPPhotoGadget

HPPhotoSmartDiscLabelContent1

HPPhotosmartEssential

HPProductAssistant

HPSSupply

HTC Driver Installer

HTC Sync Manager

Identity Card

ImageJ 1.47v

ImgBurn

Intel® Control Center

Intel® Graphics Media Accelerator Driver

Intel® Management Engine Components

Intel® Matrix Storage Manager

IPTInstaller

iSEEK AnswerWorks English Runtime

iSyncr

Jalbum

Java 7 Update 25

Java 7 Update 25 (64-bit)

Java Auto Updater

JavaFX 2.1.1

Junk Mail filter update

LAME v3.98.2 for Audacity

Last.fm Scrobbler 2.1.36

Launch Manager

Leica LAS AF Lite

LSI HDA Modem

Luminance HDR 2.3.0

Malwarebytes Anti-Malware version 1.75.0.1300

MarketResearch

MATLAB R2012a

MediaMonkey 4.0

Microsoft .NET Framework 4 Client Profile

Microsoft .NET Framework 4 Extended

Microsoft Application Error Reporting

Microsoft Choice Guard

Microsoft Default Manager

Microsoft Office 2007 Service Pack 3 (SP3)

Microsoft Office Access MUI (English) 2007

Microsoft Office Access Setup Metadata MUI (English) 2007

Microsoft Office Enterprise 2007

Microsoft Office Excel MUI (English) 2007

Microsoft Office File Validation Add-In

Microsoft Office Groove MUI (English) 2007

Microsoft Office Groove Setup Metadata MUI (English) 2007

Microsoft Office Home and Student 2007

Microsoft Office InfoPath MUI (English) 2007

Microsoft Office Office 64-bit Components 2007

Microsoft Office OneNote MUI (English) 2007

Microsoft Office Outlook MUI (English) 2007

Microsoft Office PowerPoint MUI (English) 2007

Microsoft Office PowerPoint Viewer 2007 (English)

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (English) 2007

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

Microsoft Office Publisher MUI (English) 2007

Microsoft Office Shared 64-bit MUI (English) 2007

Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office Suite Activation Assistant

Microsoft Office Word MUI (English) 2007

Microsoft Primary Interoperability Assemblies 2005

Microsoft Search Enhancement Pack

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2005 Redistributable (x64)

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219

Microsoft Works

Microsoft_VC80_CRT_x86

Microsoft_VC80_MFC_x86

Microsoft_VC80_MFCLOC_x86

Microsoft_VC90_ATL_x86

Microsoft_VC90_CRT_x86

Microsoft_VC90_MFC_x86

Mikogo 4

MinGW-Get version 0.5-beta-20120426-1

Mozilla Firefox 20.0.1 (x86 en-US)

Mozilla Maintenance Service

MSN Toolbar

MSN Toolbar Platform

MSVCRT

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

MTP Porting Kit

Music Manager

muvee Reveal Seagate Edition

MyWinLocker

Nations Photo Lab ROES

Nero 10 ClipartPack

Nero 10 Menu TemplatePack 1

Nero 10 Menu TemplatePack 2

Nero 10 Menu TemplatePack 3

Nero 10 Menu TemplatePack Basic

Nero 10 Movie ThemePack 1

Nero 10 Movie ThemePack 2

Nero 10 Movie ThemePack Basic

Nero 10 Sample ImagePack

Nero 10 Sample Videos

Nero BackItUp 10

Nero BackItUp 10 Help (CHM)

Nero Burning ROM 10

Nero BurningROM 10 Help (CHM)

Nero BurnRights 10

Nero BurnRights 10 Help (CHM)

Nero Control Center 10

Nero Core Components 10

Nero CoverDesigner 10

Nero CoverDesigner 10 Help (CHM)

Nero DiscSpeed 10

Nero DiscSpeed 10 Help (CHM)

Nero Dolby Files 10

Nero Express 10

Nero Express 10 Help (CHM)

Nero InfoTool 10

Nero InfoTool 10 Help (CHM)

Nero MediaHub 10

Nero MediaHub 10 Help (CHM)

Nero Multimedia Suite 10

Nero Recode 10

Nero Recode 10 Help (CHM)

Nero RescueAgent 10

Nero RescueAgent 10 Help (CHM)

Nero SoundTrax 10

Nero SoundTrax 10 Help (CHM)

Nero StartSmart 10

Nero StartSmart 10 Help (CHM)

Nero Update

Nero Vision 10

Nero Vision 10 Help (CHM)

Nero WaveEditor 10

Nero WaveEditor 10 Help (CHM)

NTI Backup Now 5

NTI Backup Now Standard

NTI Media Maker 8

Nvu 1.0PR

Opera Stable 16.0.1196.73

Picasa 3

Picturenaut 3.2

PL-2303 USB-to-Serial

Portal

Portal 2

QuickTime

R for Windows 3.0.1

Realtek High Definition Audio Driver

Registry Easy v5.6

ResearchSoft Direct Export Helper

RStudio

Seagate Manager Installer

Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)

Security Update for Microsoft .NET Framework 4 Extended (KB2487367)

Security Update for Microsoft .NET Framework 4 Extended (KB2656351)

Security Update for Microsoft .NET Framework 4 Extended (KB2736428)

Security Update for Microsoft .NET Framework 4 Extended (KB2742595)

Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition 

Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition 

Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition 

Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687309) 32-Bit Edition 

Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition 

Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition 

Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition 

Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition 

Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition

Security Update for Microsoft Office Publisher 2007 (KB2597971) 32-Bit Edition 

Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition 

Sendori

Shipping Assistant 3.8

Shop for HP Supplies

SketchUp 8

Skype™ 5.10

SlidePath Gateway

SmartWebPrinting

SolutionCenter

SoulSeek 157 NS 13e

SoulseekQt

Spotify

Status

Steam

SUPERAntiSpyware

swMSM

Synaptics Pointing Device Driver

Team Fortress 2

Team Fortress 2 Beta

Toolbox

TrayApp

TurboTax 2009

TurboTax 2009 wiliper

TurboTax 2009 WinPerFedFormset

TurboTax 2009 WinPerReleaseEngine

TurboTax 2009 WinPerTaxSupport

TurboTax 2009 wrapper

TurboTax 2010

TurboTax 2010 wiliper

TurboTax 2010 WinPerFedFormset

TurboTax 2010 WinPerReleaseEngine

TurboTax 2010 WinPerTaxSupport

TurboTax 2010 wrapper

TurboTax 2011

TurboTax 2011 wcaiper

TurboTax 2011 wiliper

TurboTax 2011 WinPerFedFormset

TurboTax 2011 WinPerReleaseEngine

TurboTax 2011 WinPerTaxSupport

TurboTax 2011 wrapper

TurboTax 2012

TurboTax 2012 wcaiper

TurboTax 2012 wiliper

TurboTax 2012 WinPerFedFormset

TurboTax 2012 WinPerReleaseEngine

TurboTax 2012 WinPerTaxSupport

TurboTax 2012 wrapper

UnloadSupport

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft .NET Framework 4 Client Profile (KB2836939)

Update for Microsoft .NET Framework 4 Extended (KB2468871)

Update for Microsoft .NET Framework 4 Extended (KB2533523)

Update for Microsoft .NET Framework 4 Extended (KB2600217)

Update for Microsoft .NET Framework 4 Extended (KB2836939)

Update for Microsoft Office 2007 Help for Common Features (KB963673)

Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition

Update for Microsoft Office Access 2007 Help (KB963663)

Update for Microsoft Office Excel 2007 Help (KB963678)

Update for Microsoft Office Infopath 2007 Help (KB963662)

Update for Microsoft Office OneNote 2007 Help (KB963670)

Update for Microsoft Office Outlook 2007 Help (KB963677)

Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2768024) 32-Bit Edition

Update for Microsoft Office Powerpoint 2007 Help (KB963669)

Update for Microsoft Office Publisher 2007 Help (KB963667)

Update for Microsoft Office Script Editor Help (KB963671)

Update for Microsoft Office Word 2007 Help (KB963665)

VI Package Manager

WebReg

Welcome Center

Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (06/03/2009 2.3.0.0)

Windows Live Call

Windows Live Communications Platform

Windows Live Essentials

Windows Live ID Sign-in Assistant

Windows Live Mail

Windows Live Messenger

Windows Live Movie Maker

Windows Live Photo Gallery

Windows Live Sync

Windows Live Upload Tool

Windows Live Writer

Windows Media Player Firefox Plugin

WinRAR archiver

Yahoo! Toolbar

.

==== Event Viewer Messages From Past Week ========

.

9/30/2013 3:51:26 PM, Error: Disk [11]  - The driver detected a controller error on \Device\Harddisk1\DR10.

9/28/2013 7:45:44 PM, Error: Disk [11]  - The driver detected a controller error on \Device\Harddisk1\DR9.

9/26/2013 9:20:39 AM, Error: Disk [11]  - The driver detected a controller error on \Device\Harddisk1\DR8.

9/26/2013 4:59:22 PM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman 

 

service.

10/3/2013 9:42:41 AM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Application 

 

Sendori service.

10/3/2013 8:37:32 AM, Error: Service Control Manager [7031]  - The Service Sendori service terminated unexpectedly.  It has done this 1 time(s).  The following 

 

corrective action will be taken in 60000 milliseconds: Restart the service.

10/3/2013 12:31:16 PM, Error: Microsoft-Windows-DNS-Client [1012]  - There was an error while attempting to read the local hosts file.

10/2/2013 8:54:19 AM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the M4-Service 

 

service.

10/2/2013 8:34:41 PM, Error: Service Control Manager [7003]  - The NI Device Loader service depends the following service: mxssvr. This service might not be installed.

10/2/2013 8:34:41 PM, Error: Service Control Manager [7000]  - The McAfee SiteAdvisor Service service failed to start due to the following error:  The system cannot 

 

find the file specified.

10/2/2013 8:31:23 PM, Error: Disk [11]  - The driver detected a controller error on \Device\Harddisk1\DR1.

10/2/2013 2:55:23 PM, Error: Service Control Manager [7034]  - The M4-Service service terminated unexpectedly.  It has done this 1 time(s).

10/2/2013 2:28:02 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Service Sendori service to connect.

10/2/2013 2:28:02 PM, Error: Service Control Manager [7000]  - The Service Sendori service failed to start due to the following error:  The service did not respond to 

 

the start or control request in a timely fashion.

10/1/2013 10:05:34 AM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the UNS 

 

service.

.

==== End Of File ===========================

 

Share this post


Link to post
Share on other sites

Hello and :welcome:

If you've not already done so please start here and post back the 2 log files DDS.txt and Attach.txt

P2P/Piracy Warning:
 

 
If you're using
Peer 2 Peer
software such as
uTorrent, BitTorrent
or similar you must either fully uninstall them or completely disable them from running while being assisted here.

Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.

If you have
illegal/cracked software, cracks, keygens etc
. on the system, please remove or uninstall them now and read the policy on
Piracy
.




Before we proceed further, please read all of the following instructions carefully.
If there is anything that you do not understand kindly ask before proceeding.
If needed please print out these instructions.
  • Please do not post logs using CODE, QUOTE, or FONT tags. Just paste them as direct text.
  • If the log is too large then you can use attachments by clicking on the More Reply Options button.
  • Please enable your system to show hidden files: How to see hidden files in Windows
  • Make sure you're subscribed to this topic:
    • Click on the Follow This Topic Button (at the top right of this page), make sure that the Receive notification box is checked and that it is set to Instantly

    [*]Removing malware can be unpredictable...It is unlikely but things can go very wrong! Please make sure you Backup all files that cannot be replaced if something were to happen. You can copy them to a CD/DVD, external drive or a pen drive [*]Please don't run any other scans, download, install or uninstall any programs unless requested by me while I'm working with you. [*]The removal of malware is not instantaneous, please be patient. Often we are also on a different Time Zone. [*]Perform everything in the correct order. Sometimes one step requires the previous one. [*]If you have any problems while following my instructions, Stop there and tell me the exact nature of the issue. [*]You can check here if you're not sure if your computer is 32-bit or 64-bit [*]Please disable your antivirus while running any requested scanners so that they do not interfere with the scanners. [*]When we are done, I'll give you instructions on how to cleanup all the tools and logs [*]Please stick with me until I give you the "all clear" and Please don't waste my time by leaving before that. [*]Your topic will be closed if you haven't replied within 3 days [*](If I have not responded within 24 hours, please send me a Private Message as a reminder)




STEP 0
RKill is a program that was developed at BleepingComputer.com that attempts to terminate known malware processes
so that your normal security software can then run and clean your computer of infections.
When RKill runs it will kill malware processes and then removes incorrect executable associations and fixes policies
that stop us from using certain tools. When finished it will display a log file that shows the processes that were
terminated while the program was running.

As RKill only terminates a program's running process, and does not delete any files, after running it you should not reboot
your computer as any malware processes that are configured to start automatically will just be started again.
Instead, after running RKill you should immediately scan your computer using the requested scans I've included.

Please download Rkill by Grinler from one of the links below and save it to your desktop.


Link 2

  • On Windows XP double-click on the Rkill desktop icon to run the tool.
  • On Windows Vista/Windows 7 or 8, right-click on the Rkill desktop icon and select Run As Administrator
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the one provided in Link 2.
  • If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
  • If the tool does not run from any of the links provided, please let me know.
  • Do not reboot the computer, you will need to run the application again.



STEP 01
Backup the Registry:
Modifying the Registry can create unforeseen problems, so it always wise to create a backup before doing so.

  • Please download ERUNT from one of the following links: Link1 | Link2 | Link3
  • ERUNT (Emergency Recovery Utility NT) is a free program that allows you to keep a complete backup of your registry and restore it when needed.
  • Double click on erunt-setup.exe to Install ERUNT by following the prompts.
  • NOTE: Do not choose to allow ERUNT to add an Entry to the Startup folder. Click NO.
  • Start ERUNT either by double clicking on the desktop icon or choosing to start the program at the end of the setup process.
  • Choose a location for the backup.
    • Note: the default location is C:\Windows\ERDNT which is acceptable.

    [*]Make sure that at least the first two check boxes are selected. [*]Click on OK [*]Then click on YES to create the folder. [*]Note: if it is necessary to restore the registry, open the backup folder and start ERDNT.exe


STEP 02
Please download RogueKiller and save it to your desktop.

You can check here if you're not sure if your computer is 32-bit or 64-bit

  • RogueKiller 32-bit | RogueKiller 64-bit
  • Quit all running programs.
  • For Windows XP, double-click to start.
  • For Vista,Windows 7/8, Right-click on the program and select Run as Administrator to start and when prompted allow it to run.
  • Read and accept the EULA (End User Licene Agreement)
  • Click Scan to scan the system.
  • When the scan completes Close the program > Don't Fix anything!
  • Don't run any other options, they're not all bad!!
  • Post back the report which should be located on your desktop.


 

Share this post


Link to post
Share on other sites
RogueKiller V8.7.1 _x64_ [Oct  3 2013] by Tigzy

mail : tigzyRK<at>gmail<dot>com




 

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version

Started in : Normal mode

User : FreshOats [Admin rights]

Mode : Scan -- Date : 10/03/2013 12:48:31

| ARK || FAK || MBR |

 

¤¤¤ Bad processes : 0 ¤¤¤

 

¤¤¤ Registry Entries : 4 ¤¤¤

[RUN][sUSP PATH] HKCU\[...]\Run : googletalk (C:\Users\FreshOats\AppData\Roaming\Google\Google Talk\googletalk.exe /autostart [x][x]) -> FOUND

[RUN][sUSP PATH] HKUS\S-1-5-21-350978928-1145991243-2579747793-1001\[...]\Run : googletalk (C:\Users\FreshOats\AppData\Roaming\Google\Google Talk

 

\googletalk.exe /autostart [x][x]) -> FOUND

[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND

[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

 

¤¤¤ Scheduled tasks : 0 ¤¤¤

 

¤¤¤ Startup Entries : 0 ¤¤¤

 

¤¤¤ Web browsers : 0 ¤¤¤

 

¤¤¤ Particular Files / Folders: ¤¤¤

 

¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤

 

¤¤¤ External Hives: ¤¤¤

 

¤¤¤ Infection :  ¤¤¤

 

¤¤¤ HOSTS File: ¤¤¤

--> %SystemRoot%\System32\drivers\etc\hosts

 

 

 

 

¤¤¤ MBR Check: ¤¤¤

 

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) (Standard disk drives) - Hitachi HTS545032B9A300 +++++

--- User ---

[MBR] 025d360518a50ea344f797455574d582

[bSP] 22853227433866bad50ce6e3ef4b78b7 : Windows Vista MBR Code

Partition table:

0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 13000 Mo

1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 26626048 | Size: 100 Mo

2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 26830848 | Size: 292143 Mo

User = LL1 ... OK!

User = LL2 ... OK!

 

+++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ USB) (Standard disk drives) - Seagate FreeAgent Go USB Device +++++

--- User ---

[MBR] efaae474bf56cd39e5d0462ccb81c6e6

[bSP] 5cab7fac78b6fe5301595cea6da44b25 : Empty MBR Code

Partition table:

0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 476937 Mo

User = LL1 ... OK!

Error reading LL2 MBR!

 

Finished : << RKreport[0]_S_10032013_124831.txt >>

Share this post


Link to post
Share on other sites

That looks okay

 

Please go ahead and run through the following steps and post back the logs when ready.

STEP 03
Please download Malwarebytes Anti-Rootkit from here

  • Unzip the contents to a folder in a convenient location.
  • Open the folder where the contents were unzipped and run mbar.exe
  • Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
  • Click on the Cleanup button to remove any threats and reboot if prompted to do so.
  • Wait while the system shuts down and the cleanup process is performed.
  • Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
  • When done, please post the two logs produced they will be in the MBAR folder... mbar-log.txt and system-log.txt

STEP 04
Please download Junkware Removal Tool to your desktop.
  • Shutdown your antivirus to avoid any conflicts.
  • Right click over JRT.exe and select Run as administrator on Windows Vista or Windows 7, double-click on XP.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next reply message
  • When completed make sure to re-enable your antivirus



STEP 05
Please download AdwCleaner by Xplode and save to your Desktop.

  • Double click on AdwCleaner.exe to run the tool.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.



STEP 06
button_eos.gif

Please go here to run the online antivirus scannner from ESET.
  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the activex control to install
  • Click Start
  • Make sure that the option Remove found threats is unticked
  • Click on Advanced Settings and ensure these options are ticked:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology

    [*]Click Scan [*]Wait for the scan to finish [*]If any threats were found, click the 'List of found threats' , then click Export to text file.... [*]Save it to your desktop, then please copy and paste that log as a reply to this topic.



STEP 07
Please download the Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatibale with your system. You can check here if you're not sure if your computer is 32-bit or 64-bit

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press the Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it also makes another log (Addition.txt). Please attach it to your reply as well.


 

Share this post


Link to post
Share on other sites
Malwarebytes Anti-Rootkit BETA 1.07.0.1005

www.malwarebytes.org

 

Database version: v2013.10.03.10

 

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 10.0.9200.16660

FreshOats :: PIG [administrator]

 

10/3/2013 4:33:09 PM

mbar-log-2013-10-03 (16-33-09).txt

 

Scan type: Quick scan

Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken

Scan options disabled: 

Objects scanned: 291587

Time elapsed: 1 hour(s), 49 minute(s), 42 second(s)

 

Memory Processes Detected: 0

(No malicious items detected)

 

Memory Modules Detected: 0

(No malicious items detected)

 

Registry Keys Detected: 0

(No malicious items detected)

 

Registry Values Detected: 0

(No malicious items detected)

 

Registry Data Items Detected: 0

(No malicious items detected)

 

Folders Detected: 0

(No malicious items detected)

 

Files Detected: 0

(No malicious items detected)

 

Physical Sectors Detected: 0

(No malicious items detected)

 

(end)

 

 


---------------------------------------

Malwarebytes Anti-Rootkit BETA 1.07.0.1005

 

© Malwarebytes Corporation 2011-2012

 

OS version: 6.1.7601 Windows 7 Service Pack 1 x64

 

Account is Administrative

 

Internet Explorer version: 10.0.9200.16660

 

File system is: NTFS

Disk drives: C:\ DRIVE_FIXED, G:\ DRIVE_FIXED

CPU speed: 2.127000 GHz

Memory total: 3947364352, free: 1422626816

 

Downloaded database version: v2013.10.03.08

Downloaded database version: v2013.09.30.01

=======================================

Initializing...

------------ Kernel report ------------

     10/03/2013 14:24:50

------------ Loaded modules -----------

\SystemRoot\system32\ntoskrnl.exe

\SystemRoot\system32\hal.dll

\SystemRoot\system32\kdcom.dll

\SystemRoot\system32\mcupdate_GenuineIntel.dll

\SystemRoot\system32\PSHED.dll

\SystemRoot\system32\CLFS.SYS

\SystemRoot\system32\CI.dll

\SystemRoot\system32\drivers\Wdf01000.sys

\SystemRoot\system32\drivers\WDFLDR.SYS

\SystemRoot\system32\drivers\ACPI.sys

\SystemRoot\system32\drivers\WMILIB.SYS

\SystemRoot\system32\drivers\msisadrv.sys

\SystemRoot\system32\drivers\pci.sys

\SystemRoot\system32\drivers\vdrvroot.sys

\SystemRoot\System32\drivers\partmgr.sys

\SystemRoot\system32\DRIVERS\compbatt.sys

\SystemRoot\system32\DRIVERS\BATTC.SYS

\SystemRoot\system32\drivers\volmgr.sys

\SystemRoot\System32\drivers\volmgrx.sys

\SystemRoot\System32\drivers\mountmgr.sys

\SystemRoot\system32\DRIVERS\iaStor.sys

\SystemRoot\system32\drivers\atapi.sys

\SystemRoot\system32\drivers\ataport.SYS

\SystemRoot\system32\drivers\amdxata.sys

\SystemRoot\system32\drivers\fltmgr.sys

\SystemRoot\system32\drivers\fileinfo.sys

\SystemRoot\System32\Drivers\PxHlpa64.sys

\SystemRoot\System32\Drivers\Ntfs.sys

\SystemRoot\System32\Drivers\msrpc.sys

\SystemRoot\System32\Drivers\ksecdd.sys

\SystemRoot\System32\Drivers\cng.sys

\SystemRoot\System32\drivers\pcw.sys

\SystemRoot\System32\Drivers\Fs_Rec.sys

\SystemRoot\system32\drivers\ndis.sys

\SystemRoot\system32\drivers\NETIO.SYS

\SystemRoot\System32\Drivers\ksecpkg.sys

\SystemRoot\System32\drivers\tcpip.sys

\SystemRoot\System32\drivers\fwpkclnt.sys

\SystemRoot\system32\drivers\volsnap.sys

\SystemRoot\System32\Drivers\spldr.sys

\SystemRoot\System32\drivers\rdyboost.sys

\SystemRoot\System32\Drivers\mup.sys

\SystemRoot\System32\drivers\hwpolicy.sys

\SystemRoot\System32\DRIVERS\fvevol.sys

\SystemRoot\system32\DRIVERS\disk.sys

\SystemRoot\system32\DRIVERS\CLASSPNP.SYS

\SystemRoot\System32\Drivers\aswVmm.sys

\SystemRoot\System32\Drivers\aswRvrt.sys

\SystemRoot\system32\DRIVERS\dtsoftbus01.sys

\SystemRoot\system32\DRIVERS\cdrom.sys

\SystemRoot\System32\Drivers\aswSnx.SYS

\SystemRoot\system32\DRIVERS\mwlPSDFilter.sys

\SystemRoot\System32\Drivers\Null.SYS

\SystemRoot\System32\Drivers\Beep.SYS

\SystemRoot\System32\Drivers\aswKbd.SYS

\SystemRoot\System32\drivers\vga.sys

\SystemRoot\System32\drivers\VIDEOPRT.SYS

\SystemRoot\System32\drivers\watchdog.sys

\SystemRoot\System32\DRIVERS\RDPCDD.sys

\SystemRoot\system32\drivers\rdpencdd.sys

\SystemRoot\system32\drivers\rdprefmp.sys

\SystemRoot\System32\Drivers\Msfs.SYS

\SystemRoot\System32\Drivers\Npfs.SYS

\SystemRoot\system32\DRIVERS\tdx.sys

\SystemRoot\system32\DRIVERS\TDI.SYS

\SystemRoot\System32\Drivers\aswTdi.SYS

\SystemRoot\system32\drivers\afd.sys

\SystemRoot\System32\Drivers\aswrdr2.sys

\SystemRoot\System32\DRIVERS\netbt.sys

\SystemRoot\system32\drivers\ws2ifsl.sys

\SystemRoot\system32\DRIVERS\wfplwf.sys

\SystemRoot\system32\DRIVERS\pacer.sys

\SystemRoot\system32\DRIVERS\vwififlt.sys

\SystemRoot\system32\DRIVERS\netbios.sys

\SystemRoot\system32\DRIVERS\wanarp.sys

\SystemRoot\system32\drivers\termdd.sys

\??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS

\??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS

\SystemRoot\system32\DRIVERS\rdbss.sys

\SystemRoot\system32\drivers\nsiproxy.sys

\SystemRoot\system32\DRIVERS\mwlPSDVDisk.sys

\SystemRoot\system32\DRIVERS\mwlPSDNServ.sys

\SystemRoot\system32\drivers\mssmbios.sys

\SystemRoot\System32\drivers\discache.sys

\SystemRoot\System32\Drivers\dfsc.sys

\SystemRoot\system32\DRIVERS\blbdrive.sys

\SystemRoot\System32\Drivers\aswSP.SYS

\SystemRoot\system32\DRIVERS\tunnel.sys

\SystemRoot\system32\DRIVERS\igdkmd64.sys

\SystemRoot\System32\drivers\dxgkrnl.sys

\SystemRoot\System32\drivers\dxgmms1.sys

\SystemRoot\system32\DRIVERS\HECIx64.sys

\SystemRoot\system32\DRIVERS\usbehci.sys

\SystemRoot\system32\DRIVERS\USBPORT.SYS

\SystemRoot\system32\drivers\HDAudBus.sys

\SystemRoot\system32\DRIVERS\k57nd60a.sys

\SystemRoot\system32\DRIVERS\athrx.sys

\SystemRoot\system32\DRIVERS\vwifibus.sys

\SystemRoot\system32\DRIVERS\CmBatt.sys

\SystemRoot\system32\drivers\i8042prt.sys

\SystemRoot\SysWOW64\Drivers\DKbFltr.sys

\SystemRoot\system32\DRIVERS\kbdclass.sys

\SystemRoot\system32\DRIVERS\SynTP.sys

\SystemRoot\system32\DRIVERS\USBD.SYS

\SystemRoot\system32\DRIVERS\mouclass.sys

\SystemRoot\system32\DRIVERS\Impcd.sys

\SystemRoot\system32\DRIVERS\intelppm.sys

\SystemRoot\system32\drivers\wmiacpi.sys

\SystemRoot\system32\drivers\CompositeBus.sys

\SystemRoot\system32\DRIVERS\AgileVpn.sys

\SystemRoot\system32\DRIVERS\rasl2tp.sys

\SystemRoot\system32\DRIVERS\ndistapi.sys

\SystemRoot\system32\DRIVERS\ndiswan.sys

\SystemRoot\system32\DRIVERS\raspppoe.sys

\SystemRoot\system32\DRIVERS\raspptp.sys

\SystemRoot\system32\DRIVERS\rassstp.sys

\SystemRoot\system32\drivers\swenum.sys

\SystemRoot\system32\drivers\ks.sys

\SystemRoot\system32\DRIVERS\PTSimBus.sys

\SystemRoot\system32\DRIVERS\umbus.sys

\SystemRoot\system32\DRIVERS\usbhub.sys

\SystemRoot\System32\Drivers\NDProxy.SYS

\SystemRoot\system32\drivers\RTKVHD64.sys

\SystemRoot\system32\drivers\portcls.sys

\SystemRoot\system32\drivers\drmk.sys

\SystemRoot\system32\drivers\ksthunk.sys

\SystemRoot\system32\DRIVERS\agrsm64.sys

\SystemRoot\system32\drivers\modem.sys

\SystemRoot\system32\DRIVERS\IntcDAud.sys

\SystemRoot\system32\DRIVERS\USBSTOR.SYS

\SystemRoot\System32\win32k.sys

\SystemRoot\System32\drivers\Dxapi.sys

\SystemRoot\system32\DRIVERS\usbccgp.sys

\SystemRoot\system32\DRIVERS\HIDPARSE.SYS

\SystemRoot\System32\Drivers\crashdmp.sys

\SystemRoot\System32\Drivers\dump_iaStor.sys

\SystemRoot\System32\Drivers\dump_dumpfve.sys

\SystemRoot\system32\DRIVERS\monitor.sys

\SystemRoot\System32\TSDDD.dll

\SystemRoot\System32\cdd.dll

\SystemRoot\System32\ATMFD.DLL

\SystemRoot\system32\drivers\luafv.sys

\??\C:\Windows\system32\drivers\aswMonFlt.sys

\SystemRoot\System32\Drivers\aswFsBlk.SYS

\SystemRoot\system32\DRIVERS\lltdio.sys

\SystemRoot\system32\DRIVERS\nwifi.sys

\SystemRoot\system32\DRIVERS\ndisuio.sys

\SystemRoot\system32\DRIVERS\rspndr.sys

\SystemRoot\system32\DRIVERS\vwifimp.sys

\SystemRoot\system32\drivers\HTTP.sys

\SystemRoot\system32\DRIVERS\bowser.sys

\SystemRoot\System32\drivers\mpsdrv.sys

\SystemRoot\system32\DRIVERS\mrxsmb.sys

\SystemRoot\system32\DRIVERS\mrxsmb10.sys

\SystemRoot\system32\DRIVERS\mrxsmb20.sys

\SystemRoot\System32\Drivers\adfs.SYS

\SystemRoot\system32\drivers\peauth.sys

\SystemRoot\System32\Drivers\secdrv.SYS

\SystemRoot\System32\DRIVERS\srvnet.sys

\SystemRoot\System32\drivers\tcpipreg.sys

\SystemRoot\System32\DRIVERS\srv2.sys

\SystemRoot\System32\DRIVERS\srv.sys

\SystemRoot\System32\Drivers\usbvideo.sys

\SystemRoot\system32\DRIVERS\hidusb.sys

\SystemRoot\system32\DRIVERS\HIDCLASS.SYS

\SystemRoot\system32\DRIVERS\mouhid.sys

\SystemRoot\system32\DRIVERS\cdfs.sys

\SystemRoot\system32\DRIVERS\asyncmac.sys

\??\C:\Windows\system32\drivers\mbamchameleon.sys

\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys

\Windows\System32\ntdll.dll

\Windows\System32\smss.exe

\Windows\System32\apisetschema.dll

\Windows\System32\autochk.exe

\Windows\System32\ole32.dll

\Windows\System32\clbcatq.dll

\Windows\System32\rpcrt4.dll

\Windows\System32\user32.dll

\Windows\System32\gdi32.dll

\Windows\System32\psapi.dll

\Windows\System32\normaliz.dll

\Windows\System32\lpk.dll

\Windows\System32\msctf.dll

\Windows\System32\difxapi.dll

\Windows\System32\Wldap32.dll

\Windows\System32\imagehlp.dll

\Windows\System32\kernel32.dll

\Windows\System32\shell32.dll

\Windows\System32\usp10.dll

\Windows\System32\sechost.dll

\Windows\System32\advapi32.dll

\Windows\System32\msvcrt.dll

\Windows\System32\iertutil.dll

\Windows\System32\urlmon.dll

\Windows\System32\setupapi.dll

\Windows\System32\comdlg32.dll

\Windows\System32\nsi.dll

\Windows\System32\oleaut32.dll

\Windows\System32\wininet.dll

\Windows\System32\shlwapi.dll

\Windows\System32\imm32.dll

\Windows\System32\ws2_32.dll

\Windows\System32\cfgmgr32.dll

\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll

\Windows\System32\KernelBase.dll

\Windows\System32\comctl32.dll

\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll

\Windows\System32\wintrust.dll

\Windows\System32\devobj.dll

\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll

\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll

\Windows\System32\crypt32.dll

\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll

\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll

\Windows\System32\msasn1.dll

\Windows\SysWOW64\normaliz.dll

----------- End -----------

Done!

<<<1>>>

Upper Device Name: \Device\Harddisk1\DR1

Upper Device Object: 0xfffffa8006851060

Upper Device Driver Name: \Driver\Disk\

Lower Device Name: \Device\00000080\

Lower Device Object: 0xfffffa8006847b60

Lower Device Driver Name: \Driver\USBSTOR\

<<<1>>>

Upper Device Name: \Device\Harddisk0\DR0

Upper Device Object: 0xfffffa8004bd9060

Upper Device Driver Name: \Driver\Disk\

Lower Device Name: \Device\Ide\IAAStorageDevice-1\

Lower Device Object: 0xfffffa800494b050

Lower Device Driver Name: \Driver\iaStor\

<<<2>>>

Physical Sector Size: 512

Drive: 0, DevicePointer: 0xfffffa8004bd9060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\

--------- Disk Stack ------

DevicePointer: 0xfffffa8004a69990, DeviceName: Unknown, DriverName: \Driver\partmgr\

DevicePointer: 0xfffffa8004bd9060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\

DevicePointer: 0xfffffa800494b050, DeviceName: \Device\Ide\IAAStorageDevice-1\, DriverName: \Driver\iaStor\

------------ End ----------

Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\

Upper DeviceData: 0x0, 0x0, 0x0

Lower DeviceData: 0x0, 0x0, 0x0

<<<3>>>

Volume: C:

File system type: NTFS

SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes

<<<2>>>

<<<3>>>

Volume: C:

File system type: NTFS

SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes

Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...

<<<2>>>

<<<3>>>

Volume: C:

File system type: NTFS

SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes

Done!

Drive 0

Scanning MBR on drive 0...

Inspecting partition table:

MBR Signature: 55AA

Disk Signature: 107C107C

 

Partition information:

 

    Partition 0 type is Other (0x27)

    Partition is NOT ACTIVE.

    Partition starts at LBA: 2048  Numsec = 26624000

 

    Partition 1 type is Primary (0x7)

    Partition is ACTIVE.

    Partition starts at LBA: 26626048  Numsec = 204800

    Partition is not bootable

 

    Partition 2 type is Primary (0x7)

    Partition is NOT ACTIVE.

    Partition starts at LBA: 26830848  Numsec = 598309552

 

    Partition 3 type is Empty (0x0)

    Partition is NOT ACTIVE.

    Partition starts at LBA: 0  Numsec = 0

 

Disk Size: 320072933376 bytes

Sector size: 512 bytes

 

Scanning physical sectors of unpartitioned space on drive 0 (1-2047-625122448-625142448)...

Done!

Physical Sector Size: 512

Drive: 1, DevicePointer: 0xfffffa8006851060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\

--------- Disk Stack ------

DevicePointer: 0xfffffa8006851b90, DeviceName: Unknown, DriverName: \Driver\partmgr\

DevicePointer: 0xfffffa8006851060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\

DevicePointer: 0xfffffa8006847b60, DeviceName: \Device\00000080\, DriverName: \Driver\USBSTOR\

------------ End ----------

Alternate DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\

Upper DeviceData: 0x0, 0x0, 0x0

Lower DeviceData: 0x0, 0x0, 0x0

Drive 1

Scanning MBR on drive 1...

Inspecting partition table:

MBR Signature: 55AA

Disk Signature: A4B57300

 

Partition information:

 

    Partition 0 type is Primary (0x7)

    Partition is NOT ACTIVE.

    Partition starts at LBA: 63  Numsec = 976768002

 

    Partition 1 type is Empty (0x0)

    Partition is NOT ACTIVE.

    Partition starts at LBA: 0  Numsec = 0

 

    Partition 2 type is Empty (0x0)

    Partition is NOT ACTIVE.

    Partition starts at LBA: 0  Numsec = 0

 

    Partition 3 type is Empty (0x0)

    Partition is NOT ACTIVE.

    Partition starts at LBA: 0  Numsec = 0

 

Disk Size: 500107860992 bytes

Sector size: 512 bytes

 

Done!

Scan Interrupted

Scan Interrupted

Scan Interrupted

---------------------------------------

Malwarebytes Anti-Rootkit BETA 1.07.0.1005

 

© Malwarebytes Corporation 2011-2012

 

OS version: 6.1.7601 Windows 7 Service Pack 1 x64

 

Account is Administrative

 

Internet Explorer version: 10.0.9200.16660

 

File system is: NTFS

Disk drives: C:\ DRIVE_FIXED, G:\ DRIVE_FIXED

CPU speed: 2.127000 GHz

Memory total: 3947364352, free: 1160798208

 

Downloaded database version: v2013.10.03.09

Initializing...

======================

------------ Kernel report ------------

     10/03/2013 15:34:20

------------ Loaded modules -----------

\SystemRoot\system32\ntoskrnl.exe

\SystemRoot\system32\hal.dll

\SystemRoot\system32\kdcom.dll

\SystemRoot\system32\mcupdate_GenuineIntel.dll

\SystemRoot\system32\PSHED.dll

\SystemRoot\system32\CLFS.SYS

\SystemRoot\system32\CI.dll

\SystemRoot\system32\drivers\Wdf01000.sys

\SystemRoot\system32\drivers\WDFLDR.SYS

\SystemRoot\system32\drivers\ACPI.sys

\SystemRoot\system32\drivers\WMILIB.SYS

\SystemRoot\system32\drivers\msisadrv.sys

\SystemRoot\system32\drivers\pci.sys

\SystemRoot\system32\drivers\vdrvroot.sys

\SystemRoot\System32\drivers\partmgr.sys

\SystemRoot\system32\DRIVERS\compbatt.sys

\SystemRoot\system32\DRIVERS\BATTC.SYS

\SystemRoot\system32\drivers\volmgr.sys

\SystemRoot\System32\drivers\volmgrx.sys

\SystemRoot\System32\drivers\mountmgr.sys

\SystemRoot\system32\DRIVERS\iaStor.sys

\SystemRoot\system32\drivers\atapi.sys

\SystemRoot\system32\drivers\ataport.SYS

\SystemRoot\system32\drivers\amdxata.sys

\SystemRoot\system32\drivers\fltmgr.sys

\SystemRoot\system32\drivers\fileinfo.sys

\SystemRoot\System32\Drivers\PxHlpa64.sys

\SystemRoot\System32\Drivers\Ntfs.sys

\SystemRoot\System32\Drivers\msrpc.sys

\SystemRoot\System32\Drivers\ksecdd.sys

\SystemRoot\System32\Drivers\cng.sys

\SystemRoot\System32\drivers\pcw.sys

\SystemRoot\System32\Drivers\Fs_Rec.sys

\SystemRoot\system32\drivers\ndis.sys

\SystemRoot\system32\drivers\NETIO.SYS

\SystemRoot\System32\Drivers\ksecpkg.sys

\SystemRoot\System32\drivers\tcpip.sys

\SystemRoot\System32\drivers\fwpkclnt.sys

\SystemRoot\system32\drivers\volsnap.sys

\SystemRoot\System32\Drivers\spldr.sys

\SystemRoot\System32\drivers\rdyboost.sys

\SystemRoot\System32\Drivers\mup.sys

\SystemRoot\System32\drivers\hwpolicy.sys

\SystemRoot\System32\DRIVERS\fvevol.sys

\SystemRoot\system32\DRIVERS\disk.sys

\SystemRoot\system32\DRIVERS\CLASSPNP.SYS

\SystemRoot\System32\Drivers\aswVmm.sys

\SystemRoot\System32\Drivers\aswRvrt.sys

\SystemRoot\system32\DRIVERS\dtsoftbus01.sys

\SystemRoot\system32\DRIVERS\cdrom.sys

\SystemRoot\System32\Drivers\aswSnx.SYS

\SystemRoot\system32\DRIVERS\mwlPSDFilter.sys

\SystemRoot\System32\Drivers\Null.SYS

\SystemRoot\System32\Drivers\Beep.SYS

\SystemRoot\System32\Drivers\aswKbd.SYS

\SystemRoot\System32\drivers\vga.sys

\SystemRoot\System32\drivers\VIDEOPRT.SYS

\SystemRoot\System32\drivers\watchdog.sys

\SystemRoot\System32\DRIVERS\RDPCDD.sys

\SystemRoot\system32\drivers\rdpencdd.sys

\SystemRoot\system32\drivers\rdprefmp.sys

\SystemRoot\System32\Drivers\Msfs.SYS

\SystemRoot\System32\Drivers\Npfs.SYS

\SystemRoot\system32\DRIVERS\tdx.sys

\SystemRoot\system32\DRIVERS\TDI.SYS

\SystemRoot\System32\Drivers\aswTdi.SYS

\SystemRoot\system32\drivers\afd.sys

\SystemRoot\System32\Drivers\aswrdr2.sys

\SystemRoot\System32\DRIVERS\netbt.sys

\SystemRoot\system32\drivers\ws2ifsl.sys

\SystemRoot\system32\DRIVERS\wfplwf.sys

\SystemRoot\system32\DRIVERS\pacer.sys

\SystemRoot\system32\DRIVERS\vwififlt.sys

\SystemRoot\system32\DRIVERS\netbios.sys

\SystemRoot\system32\DRIVERS\wanarp.sys

\SystemRoot\system32\drivers\termdd.sys

\??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS

\??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS

\SystemRoot\system32\DRIVERS\rdbss.sys

\SystemRoot\system32\drivers\nsiproxy.sys

\SystemRoot\system32\DRIVERS\mwlPSDVDisk.sys

\SystemRoot\system32\DRIVERS\mwlPSDNServ.sys

\SystemRoot\system32\drivers\mssmbios.sys

\SystemRoot\System32\drivers\discache.sys

\SystemRoot\System32\Drivers\dfsc.sys

\SystemRoot\system32\DRIVERS\blbdrive.sys

\SystemRoot\System32\Drivers\aswSP.SYS

\SystemRoot\system32\DRIVERS\tunnel.sys

\SystemRoot\system32\DRIVERS\igdkmd64.sys

\SystemRoot\System32\drivers\dxgkrnl.sys

\SystemRoot\System32\drivers\dxgmms1.sys

\SystemRoot\system32\DRIVERS\HECIx64.sys

\SystemRoot\system32\DRIVERS\usbehci.sys

\SystemRoot\system32\DRIVERS\USBPORT.SYS

\SystemRoot\system32\drivers\HDAudBus.sys

\SystemRoot\system32\DRIVERS\k57nd60a.sys

\SystemRoot\system32\DRIVERS\athrx.sys

\SystemRoot\system32\DRIVERS\vwifibus.sys

\SystemRoot\system32\DRIVERS\CmBatt.sys

\SystemRoot\system32\drivers\i8042prt.sys

\SystemRoot\SysWOW64\Drivers\DKbFltr.sys

\SystemRoot\system32\DRIVERS\kbdclass.sys

\SystemRoot\system32\DRIVERS\SynTP.sys

\SystemRoot\system32\DRIVERS\USBD.SYS

\SystemRoot\system32\DRIVERS\mouclass.sys

\SystemRoot\system32\DRIVERS\Impcd.sys

\SystemRoot\system32\DRIVERS\intelppm.sys

\SystemRoot\system32\drivers\wmiacpi.sys

\SystemRoot\system32\drivers\CompositeBus.sys

\SystemRoot\system32\DRIVERS\AgileVpn.sys

\SystemRoot\system32\DRIVERS\rasl2tp.sys

\SystemRoot\system32\DRIVERS\ndistapi.sys

\SystemRoot\system32\DRIVERS\ndiswan.sys

\SystemRoot\system32\DRIVERS\raspppoe.sys

\SystemRoot\system32\DRIVERS\raspptp.sys

\SystemRoot\system32\DRIVERS\rassstp.sys

\SystemRoot\system32\drivers\swenum.sys

\SystemRoot\system32\drivers\ks.sys

\SystemRoot\system32\DRIVERS\PTSimBus.sys

\SystemRoot\system32\DRIVERS\umbus.sys

\SystemRoot\system32\DRIVERS\usbhub.sys

\SystemRoot\System32\Drivers\NDProxy.SYS

\SystemRoot\system32\drivers\RTKVHD64.sys

\SystemRoot\system32\drivers\portcls.sys

\SystemRoot\system32\drivers\drmk.sys

\SystemRoot\system32\drivers\ksthunk.sys

\SystemRoot\system32\DRIVERS\agrsm64.sys

\SystemRoot\system32\drivers\modem.sys

\SystemRoot\system32\DRIVERS\IntcDAud.sys

\SystemRoot\system32\DRIVERS\USBSTOR.SYS

\SystemRoot\System32\win32k.sys

\SystemRoot\System32\drivers\Dxapi.sys

\SystemRoot\system32\DRIVERS\usbccgp.sys

\SystemRoot\system32\DRIVERS\HIDPARSE.SYS

\SystemRoot\System32\Drivers\crashdmp.sys

\SystemRoot\System32\Drivers\dump_iaStor.sys

\SystemRoot\System32\Drivers\dump_dumpfve.sys

\SystemRoot\system32\DRIVERS\monitor.sys

\SystemRoot\System32\TSDDD.dll

\SystemRoot\System32\cdd.dll

\SystemRoot\System32\ATMFD.DLL

\SystemRoot\system32\drivers\luafv.sys

\??\C:\Windows\system32\drivers\aswMonFlt.sys

\SystemRoot\System32\Drivers\aswFsBlk.SYS

\SystemRoot\system32\DRIVERS\lltdio.sys

\SystemRoot\system32\DRIVERS\nwifi.sys

\SystemRoot\system32\DRIVERS\ndisuio.sys

\SystemRoot\system32\DRIVERS\rspndr.sys

\SystemRoot\system32\DRIVERS\vwifimp.sys

\SystemRoot\system32\drivers\HTTP.sys

\SystemRoot\system32\DRIVERS\bowser.sys

\SystemRoot\System32\drivers\mpsdrv.sys

\SystemRoot\system32\DRIVERS\mrxsmb.sys

\SystemRoot\system32\DRIVERS\mrxsmb10.sys

\SystemRoot\system32\DRIVERS\mrxsmb20.sys

\SystemRoot\System32\Drivers\adfs.SYS

\SystemRoot\system32\drivers\peauth.sys

\SystemRoot\System32\Drivers\secdrv.SYS

\SystemRoot\System32\DRIVERS\srvnet.sys

\SystemRoot\System32\drivers\tcpipreg.sys

\SystemRoot\System32\DRIVERS\srv2.sys

\SystemRoot\System32\DRIVERS\srv.sys

\SystemRoot\System32\Drivers\usbvideo.sys

\SystemRoot\system32\DRIVERS\hidusb.sys

\SystemRoot\system32\DRIVERS\HIDCLASS.SYS

\SystemRoot\system32\DRIVERS\mouhid.sys

\SystemRoot\system32\DRIVERS\cdfs.sys

\SystemRoot\system32\DRIVERS\asyncmac.sys

\??\C:\Windows\system32\drivers\mbamchameleon.sys

\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys

\Windows\System32\ntdll.dll

\Windows\System32\smss.exe

\Windows\System32\apisetschema.dll

\Windows\System32\autochk.exe

\Windows\System32\ole32.dll

\Windows\System32\clbcatq.dll

\Windows\System32\rpcrt4.dll

\Windows\System32\user32.dll

\Windows\System32\gdi32.dll

\Windows\System32\psapi.dll

\Windows\System32\normaliz.dll

\Windows\System32\lpk.dll

\Windows\System32\msctf.dll

\Windows\System32\difxapi.dll

\Windows\System32\Wldap32.dll

\Windows\System32\imagehlp.dll

\Windows\System32\kernel32.dll

\Windows\System32\shell32.dll

\Windows\System32\usp10.dll

\Windows\System32\sechost.dll

\Windows\System32\advapi32.dll

\Windows\System32\msvcrt.dll

\Windows\System32\iertutil.dll

\Windows\System32\urlmon.dll

\Windows\System32\setupapi.dll

\Windows\System32\comdlg32.dll

\Windows\System32\nsi.dll

\Windows\System32\oleaut32.dll

\Windows\System32\wininet.dll

\Windows\System32\shlwapi.dll

\Windows\System32\imm32.dll

\Windows\System32\ws2_32.dll

\Windows\System32\cfgmgr32.dll

\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll

\Windows\System32\KernelBase.dll

\Windows\System32\comctl32.dll

\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll

\Windows\System32\wintrust.dll

\Windows\System32\devobj.dll

\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll

\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll

\Windows\System32\crypt32.dll

\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll

\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll

\Windows\System32\msasn1.dll

\Windows\SysWOW64\normaliz.dll

----------- End -----------

Done!

<<<1>>>

Upper Device Name: \Device\Harddisk1\DR1

Upper Device Object: 0xfffffa8006851060

Upper Device Driver Name: \Driver\Disk\

Lower Device Name: \Device\00000080\

Lower Device Object: 0xfffffa8006847b60

Lower Device Driver Name: \Driver\USBSTOR\

<<<1>>>

Upper Device Name: \Device\Harddisk0\DR0

Upper Device Object: 0xfffffa8004bd9060

Upper Device Driver Name: \Driver\Disk\

Lower Device Name: \Device\Ide\IAAStorageDevice-1\

Lower Device Object: 0xfffffa800494b050

Lower Device Driver Name: \Driver\iaStor\

<<<2>>>

Physical Sector Size: 512

Drive: 0, DevicePointer: 0xfffffa8004bd9060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\

--------- Disk Stack ------

DevicePointer: 0xfffffa8004a69990, DeviceName: Unknown, DriverName: \Driver\partmgr\

DevicePointer: 0xfffffa8004bd9060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\

DevicePointer: 0xfffffa800494b050, DeviceName: \Device\Ide\IAAStorageDevice-1\, DriverName: \Driver\iaStor\

------------ End ----------

Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\

Upper DeviceData: 0x0, 0x0, 0x0

Lower DeviceData: 0x0, 0x0, 0x0

<<<3>>>

Volume: C:

File system type: NTFS

SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes

<<<2>>>

<<<3>>>

Volume: C:

File system type: NTFS

SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes

Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...

<<<2>>>

<<<3>>>

Volume: C:

File system type: NTFS

SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes

Done!

Drive 0

Scanning MBR on drive 0...

Inspecting partition table:

MBR Signature: 55AA

Disk Signature: 107C107C

 

Partition information:

 

    Partition 0 type is Other (0x27)

    Partition is NOT ACTIVE.

    Partition starts at LBA: 2048  Numsec = 26624000

 

    Partition 1 type is Primary (0x7)

    Partition is ACTIVE.

    Partition starts at LBA: 26626048  Numsec = 204800

    Partition is not bootable

 

    Partition 2 type is Primary (0x7)

    Partition is NOT ACTIVE.

    Partition starts at LBA: 26830848  Numsec = 598309552

 

    Partition 3 type is Empty (0x0)

    Partition is NOT ACTIVE.

    Partition starts at LBA: 0  Numsec = 0

 

Disk Size: 320072933376 bytes

Sector size: 512 bytes

 

Scanning physical sectors of unpartitioned space on drive 0 (1-2047-625122448-625142448)...

Done!

Physical Sector Size: 512

Drive: 1, DevicePointer: 0xfffffa8006851060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\

--------- Disk Stack ------

DevicePointer: 0xfffffa8006851b90, DeviceName: Unknown, DriverName: \Driver\partmgr\

DevicePointer: 0xfffffa8006851060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\

DevicePointer: 0xfffffa8006847b60, DeviceName: \Device\00000080\, DriverName: \Driver\USBSTOR\

------------ End ----------

Alternate DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\

Upper DeviceData: 0x0, 0x0, 0x0

Lower DeviceData: 0x0, 0x0, 0x0

Drive 1

Scanning MBR on drive 1...

Inspecting partition table:

MBR Signature: 55AA

Disk Signature: A4B57300

 

Partition information:

 

    Partition 0 type is Primary (0x7)

    Partition is NOT ACTIVE.

    Partition starts at LBA: 63  Numsec = 976768002

 

    Partition 1 type is Empty (0x0)

    Partition is NOT ACTIVE.

    Partition starts at LBA: 0  Numsec = 0

 

    Partition 2 type is Empty (0x0)

    Partition is NOT ACTIVE.

    Partition starts at LBA: 0  Numsec = 0

 

    Partition 3 type is Empty (0x0)

    Partition is NOT ACTIVE.

    Partition starts at LBA: 0  Numsec = 0

 

Disk Size: 500107860992 bytes

Sector size: 512 bytes

 

Done!

Scan Interrupted

Scan Interrupted

---------------------------------------

Malwarebytes Anti-Rootkit BETA 1.07.0.1005

 

© Malwarebytes Corporation 2011-2012

 

OS version: 6.1.7601 Windows 7 Service Pack 1 x64

 

Account is Administrative

 

Internet Explorer version: 10.0.9200.16660

 

File system is: NTFS

Disk drives: C:\ DRIVE_FIXED, G:\ DRIVE_FIXED

CPU speed: 2.127000 GHz

Memory total: 3947364352, free: 1050185728

 

Downloaded database version: v2013.10.03.10

=======================================

Initializing...

------------ Kernel report ------------

     10/03/2013 16:33:03

------------ Loaded modules -----------

\SystemRoot\system32\ntoskrnl.exe

\SystemRoot\system32\hal.dll

\SystemRoot\system32\kdcom.dll

\SystemRoot\system32\mcupdate_GenuineIntel.dll

\SystemRoot\system32\PSHED.dll

\SystemRoot\system32\CLFS.SYS

\SystemRoot\system32\CI.dll

\SystemRoot\system32\drivers\Wdf01000.sys

\SystemRoot\system32\drivers\WDFLDR.SYS

\SystemRoot\system32\drivers\ACPI.sys

\SystemRoot\system32\drivers\WMILIB.SYS

\SystemRoot\system32\drivers\msisadrv.sys

\SystemRoot\system32\drivers\pci.sys

\SystemRoot\system32\drivers\vdrvroot.sys

\SystemRoot\System32\drivers\partmgr.sys

\SystemRoot\system32\DRIVERS\compbatt.sys

\SystemRoot\system32\DRIVERS\BATTC.SYS

\SystemRoot\system32\drivers\volmgr.sys

\SystemRoot\System32\drivers\volmgrx.sys

\SystemRoot\System32\drivers\mountmgr.sys

\SystemRoot\system32\DRIVERS\iaStor.sys

\SystemRoot\system32\drivers\atapi.sys

\SystemRoot\system32\drivers\ataport.SYS

\SystemRoot\system32\drivers\amdxata.sys

\SystemRoot\system32\drivers\fltmgr.sys

\SystemRoot\system32\drivers\fileinfo.sys

\SystemRoot\System32\Drivers\PxHlpa64.sys

\SystemRoot\System32\Drivers\Ntfs.sys

\SystemRoot\System32\Drivers\msrpc.sys

\SystemRoot\System32\Drivers\ksecdd.sys

\SystemRoot\System32\Drivers\cng.sys

\SystemRoot\System32\drivers\pcw.sys

\SystemRoot\System32\Drivers\Fs_Rec.sys

\SystemRoot\system32\drivers\ndis.sys

\SystemRoot\system32\drivers\NETIO.SYS

\SystemRoot\System32\Drivers\ksecpkg.sys

\SystemRoot\System32\drivers\tcpip.sys

\SystemRoot\System32\drivers\fwpkclnt.sys

\SystemRoot\system32\drivers\volsnap.sys

\SystemRoot\System32\Drivers\spldr.sys

\SystemRoot\System32\drivers\rdyboost.sys

\SystemRoot\System32\Drivers\mup.sys

\SystemRoot\System32\drivers\hwpolicy.sys

\SystemRoot\System32\DRIVERS\fvevol.sys

\SystemRoot\system32\DRIVERS\disk.sys

\SystemRoot\system32\DRIVERS\CLASSPNP.SYS

\SystemRoot\System32\Drivers\aswVmm.sys

\SystemRoot\System32\Drivers\aswRvrt.sys

\SystemRoot\system32\DRIVERS\dtsoftbus01.sys

\SystemRoot\system32\DRIVERS\cdrom.sys

\SystemRoot\System32\Drivers\aswSnx.SYS

\SystemRoot\system32\DRIVERS\mwlPSDFilter.sys

\SystemRoot\System32\Drivers\Null.SYS

\SystemRoot\System32\Drivers\Beep.SYS

\SystemRoot\System32\Drivers\aswKbd.SYS

\SystemRoot\System32\drivers\vga.sys

\SystemRoot\System32\drivers\VIDEOPRT.SYS

\SystemRoot\System32\drivers\watchdog.sys

\SystemRoot\System32\DRIVERS\RDPCDD.sys

\SystemRoot\system32\drivers\rdpencdd.sys

\SystemRoot\system32\drivers\rdprefmp.sys

\SystemRoot\System32\Drivers\Msfs.SYS

\SystemRoot\System32\Drivers\Npfs.SYS

\SystemRoot\system32\DRIVERS\tdx.sys

\SystemRoot\system32\DRIVERS\TDI.SYS

\SystemRoot\System32\Drivers\aswTdi.SYS

\SystemRoot\system32\drivers\afd.sys

\SystemRoot\System32\Drivers\aswrdr2.sys

\SystemRoot\System32\DRIVERS\netbt.sys

\SystemRoot\system32\drivers\ws2ifsl.sys

\SystemRoot\system32\DRIVERS\wfplwf.sys

\SystemRoot\system32\DRIVERS\pacer.sys

\SystemRoot\system32\DRIVERS\vwififlt.sys

\SystemRoot\system32\DRIVERS\netbios.sys

\SystemRoot\system32\DRIVERS\wanarp.sys

\SystemRoot\system32\drivers\termdd.sys

\??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS

\??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS

\SystemRoot\system32\DRIVERS\rdbss.sys

\SystemRoot\system32\drivers\nsiproxy.sys

\SystemRoot\system32\DRIVERS\mwlPSDVDisk.sys

\SystemRoot\system32\DRIVERS\mwlPSDNServ.sys

\SystemRoot\system32\drivers\mssmbios.sys

\SystemRoot\System32\drivers\discache.sys

\SystemRoot\System32\Drivers\dfsc.sys

\SystemRoot\system32\DRIVERS\blbdrive.sys

\SystemRoot\System32\Drivers\aswSP.SYS

\SystemRoot\system32\DRIVERS\tunnel.sys

\SystemRoot\system32\DRIVERS\igdkmd64.sys

\SystemRoot\System32\drivers\dxgkrnl.sys

\SystemRoot\System32\drivers\dxgmms1.sys

\SystemRoot\system32\DRIVERS\HECIx64.sys

\SystemRoot\system32\DRIVERS\usbehci.sys

\SystemRoot\system32\DRIVERS\USBPORT.SYS

\SystemRoot\system32\drivers\HDAudBus.sys

\SystemRoot\system32\DRIVERS\k57nd60a.sys

\SystemRoot\system32\DRIVERS\athrx.sys

\SystemRoot\system32\DRIVERS\vwifibus.sys

\SystemRoot\system32\DRIVERS\CmBatt.sys

\SystemRoot\system32\drivers\i8042prt.sys

\SystemRoot\SysWOW64\Drivers\DKbFltr.sys

\SystemRoot\system32\DRIVERS\kbdclass.sys

\SystemRoot\system32\DRIVERS\SynTP.sys

\SystemRoot\system32\DRIVERS\USBD.SYS

\SystemRoot\system32\DRIVERS\mouclass.sys

\SystemRoot\system32\DRIVERS\Impcd.sys

\SystemRoot\system32\DRIVERS\intelppm.sys

\SystemRoot\system32\drivers\wmiacpi.sys

\SystemRoot\system32\drivers\CompositeBus.sys

\SystemRoot\system32\DRIVERS\AgileVpn.sys

\SystemRoot\system32\DRIVERS\rasl2tp.sys

\SystemRoot\system32\DRIVERS\ndistapi.sys

\SystemRoot\system32\DRIVERS\ndiswan.sys

\SystemRoot\system32\DRIVERS\raspppoe.sys

\SystemRoot\system32\DRIVERS\raspptp.sys

\SystemRoot\system32\DRIVERS\rassstp.sys

\SystemRoot\system32\drivers\swenum.sys

\SystemRoot\system32\drivers\ks.sys

\SystemRoot\system32\DRIVERS\PTSimBus.sys

\SystemRoot\system32\DRIVERS\umbus.sys

\SystemRoot\system32\DRIVERS\usbhub.sys

\SystemRoot\System32\Drivers\NDProxy.SYS

\SystemRoot\system32\drivers\RTKVHD64.sys

\SystemRoot\system32\drivers\portcls.sys

\SystemRoot\system32\drivers\drmk.sys

\SystemRoot\system32\drivers\ksthunk.sys

\SystemRoot\system32\DRIVERS\agrsm64.sys

\SystemRoot\system32\drivers\modem.sys

\SystemRoot\system32\DRIVERS\IntcDAud.sys

\SystemRoot\system32\DRIVERS\USBSTOR.SYS

\SystemRoot\System32\win32k.sys

\SystemRoot\System32\drivers\Dxapi.sys

\SystemRoot\system32\DRIVERS\usbccgp.sys

\SystemRoot\system32\DRIVERS\HIDPARSE.SYS

\SystemRoot\System32\Drivers\crashdmp.sys

\SystemRoot\System32\Drivers\dump_iaStor.sys

\SystemRoot\System32\Drivers\dump_dumpfve.sys

\SystemRoot\system32\DRIVERS\monitor.sys

\SystemRoot\System32\TSDDD.dll

\SystemRoot\System32\cdd.dll

\SystemRoot\System32\ATMFD.DLL

\SystemRoot\system32\drivers\luafv.sys

\??\C:\Windows\system32\drivers\aswMonFlt.sys

\SystemRoot\System32\Drivers\aswFsBlk.SYS

\SystemRoot\system32\DRIVERS\lltdio.sys

\SystemRoot\system32\DRIVERS\nwifi.sys

\SystemRoot\system32\DRIVERS\ndisuio.sys

\SystemRoot\system32\DRIVERS\rspndr.sys

\SystemRoot\system32\DRIVERS\vwifimp.sys

\SystemRoot\system32\drivers\HTTP.sys

\SystemRoot\system32\DRIVERS\bowser.sys

\SystemRoot\System32\drivers\mpsdrv.sys

\SystemRoot\system32\DRIVERS\mrxsmb.sys

\SystemRoot\system32\DRIVERS\mrxsmb10.sys

\SystemRoot\system32\DRIVERS\mrxsmb20.sys

\SystemRoot\System32\Drivers\adfs.SYS

\SystemRoot\system32\drivers\peauth.sys

\SystemRoot\System32\Drivers\secdrv.SYS

\SystemRoot\System32\DRIVERS\srvnet.sys

\SystemRoot\System32\drivers\tcpipreg.sys

\SystemRoot\System32\DRIVERS\srv2.sys

\SystemRoot\System32\DRIVERS\srv.sys

\SystemRoot\System32\Drivers\usbvideo.sys

\SystemRoot\system32\DRIVERS\hidusb.sys

\SystemRoot\system32\DRIVERS\HIDCLASS.SYS

\SystemRoot\system32\DRIVERS\mouhid.sys

\SystemRoot\system32\DRIVERS\cdfs.sys

\SystemRoot\system32\DRIVERS\asyncmac.sys

\??\C:\Windows\system32\drivers\mbamchameleon.sys

\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys

\Windows\System32\ntdll.dll

\Windows\System32\smss.exe

\Windows\System32\apisetschema.dll

\Windows\System32\autochk.exe

\Windows\System32\ole32.dll

\Windows\System32\clbcatq.dll

\Windows\System32\rpcrt4.dll

\Windows\System32\user32.dll

\Windows\System32\gdi32.dll

\Windows\System32\psapi.dll

\Windows\System32\normaliz.dll

\Windows\System32\lpk.dll

\Windows\System32\msctf.dll

\Windows\System32\difxapi.dll

\Windows\System32\Wldap32.dll

\Windows\System32\imagehlp.dll

\Windows\System32\kernel32.dll

\Windows\System32\shell32.dll

\Windows\System32\usp10.dll

\Windows\System32\sechost.dll

\Windows\System32\advapi32.dll

\Windows\System32\msvcrt.dll

\Windows\System32\iertutil.dll

\Windows\System32\urlmon.dll

\Windows\System32\setupapi.dll

\Windows\System32\comdlg32.dll

\Windows\System32\nsi.dll

\Windows\System32\oleaut32.dll

\Windows\System32\wininet.dll

\Windows\System32\shlwapi.dll

\Windows\System32\imm32.dll

\Windows\System32\ws2_32.dll

\Windows\System32\cfgmgr32.dll

\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll

\Windows\System32\KernelBase.dll

\Windows\System32\comctl32.dll

\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll

\Windows\System32\wintrust.dll

\Windows\System32\devobj.dll

\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll

\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll

\Windows\System32\crypt32.dll

\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll

\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll

\Windows\System32\msasn1.dll

\Windows\SysWOW64\normaliz.dll

----------- End -----------

Done!

<<<1>>>

Upper Device Name: \Device\Harddisk1\DR1

Upper Device Object: 0xfffffa8006851060

Upper Device Driver Name: \Driver\Disk\

Lower Device Name: \Device\00000080\

Lower Device Object: 0xfffffa8006847b60

Lower Device Driver Name: \Driver\USBSTOR\

<<<1>>>

Upper Device Name: \Device\Harddisk0\DR0

Upper Device Object: 0xfffffa8004bd9060

Upper Device Driver Name: \Driver\Disk\

Lower Device Name: \Device\Ide\IAAStorageDevice-1\

Lower Device Object: 0xfffffa800494b050

Lower Device Driver Name: \Driver\iaStor\

<<<2>>>

Physical Sector Size: 512

Drive: 0, DevicePointer: 0xfffffa8004bd9060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\

--------- Disk Stack ------

DevicePointer: 0xfffffa8004a69990, DeviceName: Unknown, DriverName: \Driver\partmgr\

DevicePointer: 0xfffffa8004bd9060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\

DevicePointer: 0xfffffa800494b050, DeviceName: \Device\Ide\IAAStorageDevice-1\, DriverName: \Driver\iaStor\

------------ End ----------

Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\

Upper DeviceData: 0x0, 0x0, 0x0

Lower DeviceData: 0x0, 0x0, 0x0

<<<3>>>

Volume: C:

File system type: NTFS

SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes

<<<2>>>

<<<3>>>

Volume: C:

File system type: NTFS

SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes

Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...

<<<2>>>

<<<3>>>

Volume: C:

File system type: NTFS

SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes

Done!

Drive 0

Scanning MBR on drive 0...

Inspecting partition table:

MBR Signature: 55AA

Disk Signature: 107C107C

 

Partition information:

 

    Partition 0 type is Other (0x27)

    Partition is NOT ACTIVE.

    Partition starts at LBA: 2048  Numsec = 26624000

 

    Partition 1 type is Primary (0x7)

    Partition is ACTIVE.

    Partition starts at LBA: 26626048  Numsec = 204800

    Partition is not bootable

 

    Partition 2 type is Primary (0x7)

    Partition is NOT ACTIVE.

    Partition starts at LBA: 26830848  Numsec = 598309552

 

    Partition 3 type is Empty (0x0)

    Partition is NOT ACTIVE.

    Partition starts at LBA: 0  Numsec = 0

 

Disk Size: 320072933376 bytes

Sector size: 512 bytes

 

Scanning physical sectors of unpartitioned space on drive 0 (1-2047-625122448-625142448)...

Done!

Physical Sector Size: 512

Drive: 1, DevicePointer: 0xfffffa8006851060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\

--------- Disk Stack ------

DevicePointer: 0xfffffa8006851b90, DeviceName: Unknown, DriverName: \Driver\partmgr\

DevicePointer: 0xfffffa8006851060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\

DevicePointer: 0xfffffa8006847b60, DeviceName: \Device\00000080\, DriverName: \Driver\USBSTOR\

------------ End ----------

Alternate DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\

Upper DeviceData: 0x0, 0x0, 0x0

Lower DeviceData: 0x0, 0x0, 0x0

Drive 1

Scanning MBR on drive 1...

Inspecting partition table:

MBR Signature: 55AA

Disk Signature: A4B57300

 

Partition information:

 

    Partition 0 type is Primary (0x7)

    Partition is NOT ACTIVE.

    Partition starts at LBA: 63  Numsec = 976768002

 

    Partition 1 type is Empty (0x0)

    Partition is NOT ACTIVE.

    Partition starts at LBA: 0  Numsec = 0

 

    Partition 2 type is Empty (0x0)

    Partition is NOT ACTIVE.

    Partition starts at LBA: 0  Numsec = 0

 

    Partition 3 type is Empty (0x0)

    Partition is NOT ACTIVE.

    Partition starts at LBA: 0  Numsec = 0

 

Disk Size: 500107860992 bytes

Sector size: 512 bytes

 

Done!

Scan finished

=======================================

 

 

Removal queue found; removal started

Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR_0_i.mbam...

Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\Bootstrap_0_1_26626048_i.mbam...

Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR_0_r.mbam...

Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR_1_i.mbam...

Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR_1_r.mbam...

Removal finished

 

Share this post


Link to post
Share on other sites
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 6.0.3 (09.27.2013:1)

OS: Windows 7 Home Premium x64

Ran by FreshOats on Thu 10/03/2013 at 20:01:56.60

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

 

 

~~~ Services

 

 

 

~~~ Registry Values

 

 

 

~~~ Registry Keys

 

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\features\a28b4d68debaa244eb686953b7074fef

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\products\a28b4d68debaa244eb686953b7074fef

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\upgradecodes\f928123a039649549966d4c29d35b1c9

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskInstallChecker-1_RASAPI32

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskInstallChecker-1_RASMANCS

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\robotaskbaricon_RASAPI32

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\robotaskbaricon_RASMANCS

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskInstallChecker-1_RASAPI32

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskInstallChecker-1_RASMANCS

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\robotaskbaricon_RASAPI32

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\robotaskbaricon_RASMANCS

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{3BE8D8B4-93D6-4E1B-82FB-9476F62688ED}

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-

 

7695ECA05670}

Successfully deleted: [Registry Key] "hkey_current_user\software\microsoft\internet explorer\low rights\elevationpolicy\{a5aa24ea-11b8-4113-95ae-

 

9ed71deaf12a}"

 

 

 

~~~ Files

 

Successfully deleted: [File] "C:\Program Files (x86)\mozilla firefox\nsprotector.js"

 

 

 

~~~ Folders

 

Successfully deleted: [Folder] "C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}"

 

 

 

~~~ FireFox

 

Emptied folder: C:\Users\Justin\AppData\Roaming\mozilla\firefox\profiles\6vfjhq0a.default\minidumps [26 files]

 

 

 

~~~ Event Viewer Logs were cleared

 

 

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on Thu 10/03/2013 at 20:11:47.48

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Share this post


Link to post
Share on other sites
# AdwCleaner v3.006 - Report created 03/10/2013 at 20:21:31

# Updated 01/10/2013 by Xplode

# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

# Username : FreshOats - PIG

# Running from : C:\Users\Justin\Desktop\AdwCleaner.exe

# Option : Scan

 

***** [ Services ] *****

 

 

***** [ Files / Folders ] *****

 

 

***** [ Shortcuts ] *****

 

 

***** [ Registry ] *****

 

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}

Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]

Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]

 

***** [ Browsers ] *****

 

-\\ Internet Explorer v10.0.9200.16660

 

 

-\\ Mozilla Firefox v20.0.1 (en-US)

 

[ File : C:\Users\Justin\AppData\Roaming\Mozilla\Firefox\Profiles\6vfjhq0a.default\prefs.js ]

 

 

[ File : C:\Users\Justin\AppData\Roaming\Mozilla\Firefox\Profiles\6vfjhq0a.default\prefs.js ]

 

 

-\\ Google Chrome v

 

[ File : C:\Users\Justin\AppData\Local\Google\Chrome\User Data\Default\preferences ]

 

Found : urls_to_restore_on_startup

Found : urls_to_restore_on_startup

Found : urls_to_restore_on_startup

 

*************************

 

AdwCleaner[R0].txt - [18358 octets] - [01/09/2013 20:39:08]

AdwCleaner[R1].txt - [2069 octets] - [23/09/2013 09:41:24]

AdwCleaner[R2].txt - [1893 octets] - [03/10/2013 20:21:31]

AdwCleaner[s0].txt - [12975 octets] - [01/09/2013 20:40:36]

 

########## EOF - C:\AdwCleaner\AdwCleaner[R2].txt - [2014 octets] ##########

Share this post


Link to post
Share on other sites
# AdwCleaner v3.006 - Report created 03/10/2013 at 22:23:51

# Updated 01/10/2013 by Xplode

# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

# Username : FreshOats - PIG

# Running from : C:\Users\Justin\Desktop\AdwCleaner.exe

# Option : Clean

 

***** [ Services ] *****

 

 

***** [ Files / Folders ] *****

 

 

***** [ Shortcuts ] *****

 

 

***** [ Registry ] *****

 

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}

Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}

 

***** [ Browsers ] *****

 

-\\ Internet Explorer v10.0.9200.16660

 

 

-\\ Mozilla Firefox v20.0.1 (en-US)

 

[ File : C:\Users\Justin\AppData\Roaming\Mozilla\Firefox\Profiles\6vfjhq0a.default\prefs.js ]

 

 

[ File : C:\Users\Justin\AppData\Roaming\Mozilla\Firefox\Profiles\6vfjhq0a.default\prefs.js ]

 

 

-\\ Google Chrome v

 

[ File : C:\Users\Justin\AppData\Local\Google\Chrome\User Data\Default\preferences ]

 

Deleted : urls_to_restore_on_startup

 

*************************

 

AdwCleaner[R0].txt - [18358 octets] - [01/09/2013 20:39:08]

AdwCleaner[R1].txt - [2069 octets] - [23/09/2013 09:41:24]

AdwCleaner[R2].txt - [2106 octets] - [03/10/2013 20:21:31]

AdwCleaner[R3].txt - [2166 octets] - [03/10/2013 22:22:21]

AdwCleaner[s0].txt - [12975 octets] - [01/09/2013 20:40:36]

AdwCleaner[s1].txt - [2021 octets] - [03/10/2013 22:23:51]

 

########## EOF - C:\AdwCleaner\AdwCleaner[s1].txt - [2081 octets] ##########

Share this post


Link to post
Share on other sites

Thanks, go ahead and run the other scans and post back those logs too.  I'll check back on you again sometime tomorrow.

Share this post


Link to post
Share on other sites
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\ffprotect\application.js.vir Win32/Conduit.SearchProtect.A application

C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\ffprotect\nsprotector.js.vir Win32/Conduit.SearchProtect.A application

C:\AdwCleaner\Quarantine\C\Users\Justin\AppData\Roaming\OpenCandy\8415A70E3BC3457FB995A5727DBA62C3\FastestChrome_p1v2.exe.vir a variant of Win32/OpenCandy.A application

C:\AdwCleaner\Quarantine\C\Users\Justin\AppData\Roaming\OpenCandy\8415A70E3BC3457FB995A5727DBA62C3\OCBrowserHelper_1.0.3.85.dll.vir a variant of Win32/OpenCandy.A application

C:\AdwCleaner\Quarantine\C\Users\Justin\AppData\Roaming\SearchProtect\ffprotect\application.js.vir Win32/Conduit.SearchProtect.A application

C:\AdwCleaner\Quarantine\C\Users\Justin\AppData\Roaming\SearchProtect\ffprotect\nsprotector.js.vir Win32/Conduit.SearchProtect.A application

C:\AdwCleaner\Quarantine\C\Windows\SysWOW64\ARFC\wrtc.exe.vir a variant of Win32/Toolbar.Perion.G application

C:\Program Files\Registry Easy\Recoveryer.dll Win32/Adware.RegistryEasy application

C:\Program Files\Registry Easy\RegEasyCleaner.exe a variant of Win32/Adware.RegistryEasy application

C:\Users\Justin\AppData\Local\Temp\AskSLib.dll a variant of Win32/Bundled.Toolbar.Ask application

C:\Users\Justin\Downloads\Avery Wizard 4.01 - US 20111209.exe a variant of Win32/Bundled.Toolbar.Ask application

C:\Users\Justin\Downloads\SetupImgBurn_2.5.7.0 (1).exe a variant of Win32/Bundled.Toolbar.Ask application

C:\Users\Justin\Downloads\SetupImgBurn_2.5.7.0.exe a variant of Win32/Bundled.Toolbar.Ask application

C:\Users\Justin\Dropbox\Face to Face\Keygen\keygen.exe a variant of Win32/Keygen.DO application

C:\Users\Justin\Dropbox\Face to Face\LR 4.0\keygen.exe a variant of Win32/Keygen.DO application

C:\Users\Justin\Dropbox\Lab Files and Documents\Programs\Origin 8 Setup Files\OriginDownload\originlab.originpro.8.exe probably a variant of Win32/TrojanDropper.VB.MYBKIMQ trojan

G:\$RECYCLE.BIN\S-1-5-21-350978928-1145991243-2579747793-1001\$RIETZ81.exe a variant of Win32/Keygen.DO application

G:\$RECYCLE.BIN\S-1-5-21-350978928-1145991243-2579747793-1001\$R40038W.Keygen\Keygen-X-FORCE\Keygen-X-Force.exe Win32/Keygen.HA application

G:\$RECYCLE.BIN\S-1-5-21-350978928-1145991243-2579747793-1001\$R40038W.Keygen\Keygen-X-FORCE\Disable activation\disable_activation.cmd BAT/HostsChanger.A application

G:\$RECYCLE.BIN\S-1-5-21-350978928-1145991243-2579747793-1001\$RK8IW2K\keygen.exe a variant of Win32/Keygen.DO application

G:\Seagate Backup\PIG\C\Program Files\Registry Easy\Recoveryer.dll Win32/Adware.RegistryEasy application

G:\Seagate Backup\PIG\C\Program Files\Registry Easy\RegEasyCleaner.exe a variant of Win32/Adware.RegistryEasy application

G:\Seagate Backup\PIG\C\Users\FreshOats\Downloads\registryeasy_lite.exe a variant of Win32/Adware.RegistryEasy application

Share this post


Link to post
Share on other sites
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-10-2013

Ran by FreshOats (administrator) on PIG on 04-10-2013 08:27:27

Running from C:\Users\Justin\Desktop

Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)

Internet Explorer Version 10

Boot Mode: Normal

 

==================== Processes (Whitelisted) =================

 

(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE

(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe

(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe

(LSI Corporation) C:\Program Files\LSI SoftModem\agr64svc.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe

(Seagate Technology LLC) C:\Program Files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe

(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe

(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe

(Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe

() C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE

(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

() C:\Users\Justin\AppData\Local\Mikogo4\Host\Service\M4-Service.exe

() C:\Users\Justin\AppData\Local\Mikogo4\Host\Service\M4-Capture.exe

(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe

(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe

() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe

(Microsoft Corporation) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

(Sendori) C:\Program Files (x86)\Sendori\sndappv2.exe

(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe

(Tablet Driver) C:\Windows\System32\Drivers\WTSRV.EXE

(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(Sendori, Inc.) C:\Program Files (x86)\Sendori\SendoriSvc.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe

(Sendori, Inc.) C:\Program Files (x86)\Sendori\SendoriUp.exe

(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler64.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

() C:\Windows\PLFSetI.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe

(Intel Corporation) C:\Windows\System32\hkcmd.exe

(Intel Corporation) C:\Windows\system32\igfxext.exe

(Intel Corporation) C:\Windows\system32\igfxsrvc.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

(Intel Corporation) C:\Windows\System32\igfxpers.exe

(Google Inc.) C:\Users\Justin\AppData\Local\Google\Chrome\Application\chrome.exe

(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe

(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe

(Google Inc.) C:\Users\Justin\AppData\Local\Google\Update\1.3.21.153\GoogleCrashHandler.exe

(Google Inc.) C:\Users\Justin\AppData\Local\Google\Update\1.3.21.153\GoogleCrashHandler64.exe

(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe

(Tablet Driver) C:\Windows\SysWOW64\WTClient.exe

(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastUI.exe

(Sendori, Inc.) C:\Program Files (x86)\Sendori\SendoriTray.exe

(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

(Google Inc.) C:\Users\Justin\AppData\Local\Google\Chrome\Application\chrome.exe

(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe

(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe

(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe

(Google Inc.) C:\Users\Justin\AppData\Local\Google\Chrome\Application\chrome.exe

(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe

(Google Inc.) C:\Users\Justin\AppData\Local\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Users\Justin\AppData\Local\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Users\Justin\AppData\Local\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Users\Justin\AppData\Local\Google\Chrome\Application\chrome.exe

(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe

(Google Inc.) C:\Users\Justin\AppData\Local\Google\Chrome\Application\chrome.exe

(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

() C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe

(sendori) C:\Program Files (x86)\Sendori\Sendori.Service.exe

(Google Inc.) C:\Users\Justin\AppData\Local\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Users\Justin\AppData\Local\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Users\Justin\AppData\Local\Google\Chrome\Application\chrome.exe

(Google) C:\Users\Justin\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe

(Google Inc.) C:\Users\Justin\AppData\Local\Google\Chrome\Application\chrome.exe

 

==================== Registry (Whitelisted) ==================

 

HKLM\...\Run: [iAAnotif] - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation)

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8312352 2009-10-28] (Realtek Semiconductor)

HKLM\...\Run: [PLFSetI] - C:\Windows\PLFSetI.exe [200704 2009-11-20] ()

HKLM\...\Run: [synTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1842472 2009-09-17] (Synaptics Incorporated)

HKLM\...\Run: [Acer ePower Management] - C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [823840 2009-09-30] (Acer Incorporated)

HKLM\...\Run: [CanonSolutionMenu] - C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [722256 2008-12-11] (CANON INC.)

HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()

Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)

HKCU\...\Run: [googletalk] - C:\Users\FreshOats\AppData\Roaming\Google\Google Talk\googletalk.exe /autostart

HKCU\...\Run: [4AA5D9FA8B43745BB2EAD1E788698E8441A23DBA._service_run] - "C:\Users\FreshOats\AppData\Local\Google\Chrome\Application\chrome.exe" --type=service

HKCU\...\Run: [D3CA26BDF1EEC0308B736E98B1ACDCED782D77FF._service_run] - C:\Users\Justin\AppData\Local\Google\Chrome\Application\chrome.exe [1312720 2013-03-21] (Google Inc.)

HKCU\...\Run: [AdobeBridge] - [x]

HKCU\...\Run: [Google Update] - C:\Users\Justin\AppData\Local\Google\Update\GoogleUpdate.exe [135664 2010-01-21] (Google Inc.)

HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3673696 2013-08-01] (Disc Soft Ltd)

MountPoints2: H - H:\HTC_Sync_Manager_PC.exe

MountPoints2: {371182d0-98cc-11e2-af2b-00262d72f8e4} - E:\HTC_Sync_Manager_PC.exe

MountPoints2: {371183a8-98cc-11e2-af2b-00262d72f8e4} - E:\HTC_Sync_Manager_PC.exe

MountPoints2: {8a621e2d-6837-11e2-a384-00262d72f8e4} - E:\HTC_Sync_Manager_PC.exe

MountPoints2: {c4ad687d-9ee7-11e2-9bc7-42883c5f1aff} - E:\HTC_Sync_Manager_PC.exe

HKLM-x32\...\Run: [LManager] - C:\Program Files (x86)\Launch Manager\LManager.exe [1100368 2009-11-01] (Dritek System Inc.)

HKLM-x32\...\Run: [Microsoft Default Manager] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [288080 2009-07-17] (Microsoft Corporation)

HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [WTClient] - C:\Windows\\SysWOW64\WTClient.exe [32768 2009-10-30] (Tablet Driver)

HKLM-x32\...\Run: [avast] - C:\Program Files\Alwil Software\Avast5\avastUI.exe [4858968 2013-08-30] (AVAST Software)

HKLM-x32\...\Run: [sendori Tray] - C:\Program Files (x86)\Sendori\SendoriTray.exe [83232 2013-07-01] (Sendori, Inc.)

HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-10-25] (Apple Inc.)

HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)

HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)

HKLM-x32\...\Run: [] - [x]

HKLM-x32\...\Run: [sunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)

HKLM-x32\...\Run: [hpqSRMon] - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)

HKU\Default\...\RunOnce: [scrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [162336 2009-07-08] ()

HKU\Default User\...\RunOnce: [scrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [162336 2009-07-08] ()

Startup: C:\Users\Justin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk

ShortcutTarget: Dropbox.lnk -> C:\Users\Justin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

 

==================== Internet (Whitelisted) ====================

 

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&m=aspire_5740&r=273601105416l0358z135t4871d712

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x46C6062970FFCB01

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US

SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 

BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)

BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)

BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)

BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File

BHO-x32: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)

BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)

BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)

BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)

BHO-x32: MSN Toolbar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0417.0\npwinext.dll (Microsoft Corporation)

BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

BHO-x32: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)

BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)

Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)

Toolbar: HKLM-x32 - MSN Toolbar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0417.0\npwinext.dll (Microsoft Corporation)

Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)

Toolbar: HKCU -  No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File

DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -  No File

Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)

Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)

Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

Winsock: Catalog9 01 C:\Windows\system32\Sendori.dll File Not found ()

Winsock: Catalog9 02 C:\Windows\system32\Sendori.dll File Not found ()

Winsock: Catalog9 03 C:\Windows\system32\Sendori.dll File Not found ()

Winsock: Catalog9 04 C:\Windows\system32\Sendori.dll File Not found ()

Winsock: Catalog9 15 C:\Windows\system32\Sendori.dll File Not found ()

 

Hosts: Hosts file not detected in the default directory

Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

Tcpip\..\Interfaces\{653E5F10-D724-4359-9865-AA1F5127D99E}: [NameServer]192.168.42.129

Tcpip\..\Interfaces\{BEAF8B28-493A-4EEC-986D-D78A4F063FF4}: [NameServer]192.168.42.129

 

FireFox:

========

FF ProfilePath: C:\Users\Justin\AppData\Roaming\Mozilla\Firefox\Profiles\6vfjhq0a.default

FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll ()

FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin: @microsoft.com/GENUINE - disabled No File

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll ()

FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)

FF Plugin-x32: @garmin.com/GpsControl - C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)

FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)

FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin-x32: @microsoft.com/GENUINE - disabled No File

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @Microsoft.com/NpWinExt,version=4.0 - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0417.0\npwinext.dll (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\Justin\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)

FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\Justin\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)

FF Plugin HKCU: @talk.google.com/O3DPlugin - C:\Users\Justin\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()

FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Justin\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)

FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Justin\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)

FF Extension: adblockpopups - C:\Users\Justin\AppData\Roaming\Mozilla\Firefox\Profiles\6vfjhq0a.default\Extensions\adblockpopups@jessehakanen.net.xpi

FF Extension: No Name - C:\Users\Justin\AppData\Roaming\Mozilla\Firefox\Profiles\6vfjhq0a.default\Extensions\{AE93811A-5C9A-4d34-8462-F7B864FC4696}.xpi

FF Extension: Skype extension - C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}

FF HKLM-x32\...\Firefox\Extensions: [msntoolbar@msn.com] - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0417.0\Firefox

FF Extension: MSN Toolbar - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0417.0\Firefox

FF HKLM-x32\...\Firefox\Extensions: [{27182e60-b5f3-411c-b545-b44205977502}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\

FF Extension: No Name - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\

FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\Alwil Software\Avast5\WebRep\FF

FF Extension: avast! Online Security - C:\Program Files\Alwil Software\Avast5\WebRep\FF

FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

 

Chrome: 

=======



CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}

CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}

CHR Plugin: (Shockwave Flash) - C:\Users\FreshOats\AppData\Local\Google\Chrome\Application\21.0.1180.79\PepperFlash\pepflashplayer.dll No File

CHR Plugin: (Shockwave Flash) - C:\Users\Justin\AppData\Local\Google\Chrome\Application\26.0.1410.43\gcswf32.dll No File

CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File

CHR Plugin: (Remoting Viewer) - internal-remoting-viewer

CHR Plugin: (Native Client) - C:\Users\Justin\AppData\Local\Google\Chrome\Application\26.0.1410.43\ppGoogleNaClPluginChrome.dll ()

CHR Plugin: (Chrome PDF Viewer) - C:\Users\Justin\AppData\Local\Google\Chrome\Application\26.0.1410.43\pdf.dll ()

CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File

CHR Plugin: (Microsoft\u00AE Windows Media Player Firefox Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)

CHR Plugin: (CouponNetwork Coupon Activator Netscape Plugin v. 5.0.0.0) - C:\Program Files (x86)\Mozilla Firefox\plugins\NPcol400.dll No File

CHR Plugin: (CouponNetwork Coupon Activator Netscape Plugin v. 5.0.0.0) - C:\Program Files (x86)\Mozilla Firefox\plugins\NPcol500.dll No File

CHR Plugin: (Coupons Inc., Coupon Printer Manager ) - C:\Program Files (x86)\Mozilla Firefox\plugins\npCouponPrinter.dll No File

CHR Plugin: (Coupons Inc., Coupon Printer Manager ) - C:\Program Files (x86)\Mozilla Firefox\plugins\npMozCouponPrinter.dll No File

CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll (Apple Inc.)

CHR Plugin: (Google Talk Plugin) - C:\Users\FreshOats\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll No File

CHR Plugin: (Google Talk Plugin Video Accelerator) - C:\Users\FreshOats\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll No File

CHR Plugin: (Garmin Communicator Plug-In) - C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)

CHR Plugin: (Picasa) - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)

CHR Plugin: (MSN\u00AE Toolbar) - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0417.0\npwinext.dll (Microsoft Corporation)

CHR Plugin: (Java Platform SE 7 U5) - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)

CHR Plugin: (Java Deployment Toolkit 7.0.50.255) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)

CHR Plugin: (Windows Live\u00AE Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll No File

CHR Plugin: (Google Update) - C:\Users\FreshOats\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll No File

CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll No File

CHR Extension: (Angry Birds) - C:\Users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0

CHR Extension: (reddit companion) - C:\Users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\algjnflpgoopkdijmkalfcifomdhmcbe\1.1.2_0

CHR Extension: (Songza) - C:\Users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\alodolpedihmeapcekfjhpgomaadaabg\0.5.3_0

CHR Extension: (Lucidchart: Diagrams Online) - C:\Users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apboafhkiegglekeafbckfjldecefkhn\18_0

CHR Extension: (Raindrops) - C:\Users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcipapbfhdnmgihoimbjiadmhpcgcnil\1.0.0.2_1

CHR Extension: (AdBlock) - C:\Users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.8_0

CHR Extension: (avast! Online Security) - C:\Users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\8.0.8_0

CHR Extension: (Google Play Music) - C:\Users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\icppfcnhkcmnfdhfhphakoifcfokfdhg\5.2_0

CHR Extension: (Autodesk Homestyler) - C:\Users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdmmkfaghgcicheaimnpffeeekheafkb\2.6_0

CHR Extension: (Evernote Web) - C:\Users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol\1.0.7_0

CHR Extension: (Google Maps) - C:\Users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh\5.2.7_0

CHR Extension: (Plants vs Zombies) - C:\Users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmcegpfdgcoclcdfkjahiimlikdpnina\1.0.5_0

CHR HKLM-x32\...\Chrome\Extension: [banjjklfojcdbofbhbgiedekefohoaff] - C:\Users\Justin\AppData\Local\CRE\banjjklfojcdbofbhbgiedekefohoaff.crx

CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx

 

==================== Services (Whitelisted) =================

 

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [140672 2011-08-11] (SUPERAntiSpyware.com)

R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)

R2 Application Sendori; C:\Program Files (x86)\Sendori\SendoriSvc.exe [119072 2013-07-01] (Sendori, Inc.)

R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [46808 2013-08-30] (AVAST Software)

R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2013-01-29] (Nero AG)

R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [107912 2008-10-09] ()

S3 Leica Microsystems Data Container V1; C:\Program Files\Leica Microsystems CMS GmbH\Leica LAS AF Lite\DCservice\LMSDataContainerServer.exe [432984 2012-10-19] (Leica Microsystems)

R2 M4-Service; C:\Users\Justin\AppData\Local\Mikogo4\Host\Service\M4-Service.exe [1008032 2013-04-29] ()

S3 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [305448 2009-09-10] (Egis Technology Inc.)

R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] ()

R2 Service Sendori; C:\Program Files (x86)\Sendori\Sendori.Service.exe [22304 2013-07-01] (sendori)

R2 sndappv2; C:\Program Files (x86)\Sendori\sndappv2.exe [3623200 2013-07-01] (Sendori)

S2 McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [x]

S4 NIApplicationWebServer64; "C:\Program Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe" -user [x]

S2 nidevldu; %SystemRoot%\SysWOW64\nipalsm.exe [x]

 

==================== Drivers (Whitelisted) ====================

 

R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-08-30] (AVAST Software)

R1 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [19600 2012-08-21] (AVAST Software)

R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-08-30] (AVAST Software)

R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-08-30] (AVAST Software)

R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-08-30] ()

R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-08-30] (AVAST Software)

R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-08-30] (AVAST Software)

R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-08-30] (AVAST Software)

R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [204880 2013-08-30] ()

R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2013-09-01] (Disc Soft Ltd)

S3 NIEthernetDeviceEnumerator; C:\Windows\System32\DRIVERS\niede.sys [38064 2012-01-12] (National Instruments Corporation)

S3 niufurkw; C:\Windows\System32\DRIVERS\niufurkw.sys [12496 2012-07-16] (National Instruments Corporation)

S3 nixsrkw; C:\Windows\System32\DRIVERS\nixsrkw.sys [12464 2012-07-16] (National Instruments Corporation)

R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)

R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)

R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)

R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)

S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)

S3 TVICHW32; C:\Windows\system32\DRIVERS\TVICHW32.SYS [21200 2013-03-08] (EnTech Taiwan)

S3 TVICHW32; C:\Windows\system32\DRIVERS\TVICHW32.SYS [21200 2013-03-08] (EnTech Taiwan)

S3 Tablet2k; "%SystemRoot%\System32\Drivers\Tablet2k.sys" [x]

 

==================== NetSvcs (Whitelisted) ===================

 

 

==================== One Month Created Files and Folders ========

 

2013-10-04 08:26 - 2013-10-04 08:26 - 00000000 ____D C:\FRST

2013-10-04 08:25 - 2013-10-04 08:25 - 01954124 _____ (Farbar) C:\Users\Justin\Desktop\FRST64.exe

2013-10-04 08:22 - 2013-10-04 08:22 - 00002893 _____ C:\Users\Justin\Desktop\threats eset.txt

2013-10-03 20:31 - 2013-10-03 20:31 - 02347384 _____ (ESET) C:\Users\Justin\Desktop\esetsmartinstaller_enu.exe

2013-10-03 20:31 - 2013-10-03 20:31 - 00000000 ____D C:\Program Files (x86)\ESET

2013-10-03 20:20 - 2013-10-03 20:21 - 01045226 _____ C:\Users\Justin\Desktop\AdwCleaner.exe

2013-10-03 20:11 - 2013-10-03 20:11 - 00002952 _____ C:\Users\Justin\Desktop\JRT.txt

2013-10-03 20:00 - 2013-10-03 20:01 - 01030305 _____ (Thisisu) C:\Users\Justin\Desktop\JRT.exe

2013-10-03 14:24 - 2013-10-03 19:58 - 00000000 ____D C:\Users\Justin\Desktop\mbar

2013-10-03 14:24 - 2013-10-03 19:58 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)

2013-10-03 12:48 - 2013-10-03 12:48 - 00002326 _____ C:\Users\Justin\Desktop\RKreport[0]_S_10032013_124831.txt

2013-10-03 12:45 - 2013-10-03 12:45 - 00000000 ____D C:\Windows\ERDNT

2013-10-03 12:44 - 2013-10-03 20:01 - 00000000 ____D C:\Windows\ERUNT

2013-10-03 12:44 - 2013-10-03 12:44 - 00000826 _____ C:\Users\Justin\Desktop\NTREGOPT.lnk

2013-10-03 12:44 - 2013-10-03 12:44 - 00000807 _____ C:\Users\Justin\Desktop\ERUNT.lnk

2013-10-03 12:43 - 2013-10-03 12:43 - 00791393 _____ (Lars Hederer                                                ) C:\Users\Justin\Desktop\erunt-setup.exe

2013-10-03 12:39 - 2013-10-03 12:40 - 03980800 _____ C:\Users\Justin\Desktop\RogueKillerX64.exe

2013-10-03 12:36 - 2013-10-03 12:36 - 00017346 _____ C:\Users\Justin\Desktop\attach.txt

2013-10-03 10:52 - 2013-10-03 10:53 - 818489500 _____ C:\Users\Justin\Desktop\LightroomInstall.nrg

2013-10-03 10:26 - 2013-10-03 10:33 - 3978899612 _____ C:\Users\Justin\Desktop\PSDVD.nrg

2013-10-03 10:15 - 2013-10-03 12:36 - 00029438 _____ C:\Users\Justin\Desktop\dds.txt

2013-10-02 12:17 - 2013-10-02 12:46 - 00000000 ____D C:\Users\Justin\Desktop\RK_Quarantine

2013-10-02 12:00 - 2013-10-02 12:00 - 00688992 ____R (Swearware) C:\Users\Justin\Desktop\dds.com

2013-10-02 12:00 - 2013-10-02 12:00 - 00001113 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2013-10-02 11:58 - 2013-10-02 11:59 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Justin\Desktop\mbam-setup-1.75.0.1300.exe

2013-09-23 10:37 - 2013-09-23 10:41 - 00003624 _____ C:\Users\Justin\Desktop\Rkill.txt

2013-09-23 09:39 - 2013-09-23 09:40 - 01042066 _____ C:\Users\Justin\Downloads\adwcleaner.exe

2013-09-23 08:18 - 2013-09-23 08:18 - 00004360 _____ C:\Users\Justin\Documents\.RData

2013-09-22 12:57 - 2013-09-22 13:33 - 00885760 _____ C:\Users\Justin\Downloads\multreg.ppt

2013-09-22 12:24 - 2013-09-22 12:24 - 00000000 ____D C:\ProgramData\HP Product Assistant

2013-09-22 12:13 - 2013-09-22 12:18 - 143345472 _____ C:\Users\Justin\Downloads\DJ_SF_NonNet_Full_Win_WW_130_140.exe

2013-09-17 09:03 - 2013-09-17 09:03 - 14916216 _____ (Last.fm                                                     ) C:\Users\Justin\Downloads\Last.fm-2.1.36.exe

2013-09-16 13:28 - 2013-09-19 21:33 - 03723656 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe

2013-09-08 01:24 - 2013-09-09 02:28 - 00000000 ____D C:\Users\Justin\Desktop\September

2013-09-06 15:38 - 2013-09-06 15:38 - 00000000 ____D C:\Users\Justin\AppData\Roaming\Opera Software

2013-09-06 15:38 - 2013-09-06 15:38 - 00000000 ____D C:\Users\Justin\AppData\Local\Opera Software

2013-09-06 15:37 - 2013-09-06 15:37 - 00000000 ____D C:\Program Files (x86)\Opera

2013-09-06 15:35 - 2013-09-06 15:36 - 32093736 _____ (Opera Software ASA) C:\Users\Justin\Downloads\Opera_16.0.1196.73_Setup.exe

2013-09-04 11:57 - 2013-07-25 22:13 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2013-09-04 11:57 - 2013-07-25 22:12 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2013-09-04 11:57 - 2013-07-25 22:12 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll

2013-09-04 11:57 - 2013-07-25 22:12 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2013-09-04 11:57 - 2013-07-25 22:12 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2013-09-04 11:57 - 2013-07-25 22:12 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll

2013-09-04 11:57 - 2013-07-25 22:12 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2013-09-04 11:57 - 2013-07-25 22:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2013-09-04 11:57 - 2013-07-25 20:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2013-09-04 11:57 - 2013-07-25 20:12 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2013-09-04 11:57 - 2013-07-25 20:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll

2013-09-04 11:57 - 2013-07-25 20:12 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2013-09-04 11:57 - 2013-07-25 20:12 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2013-09-04 11:57 - 2013-07-25 20:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll

2013-09-04 11:57 - 2013-07-25 20:12 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2013-09-04 11:57 - 2013-07-25 20:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2013-09-04 11:57 - 2013-07-25 19:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2013-09-04 11:57 - 2013-07-25 19:39 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe

2013-09-04 11:57 - 2013-07-25 18:59 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe

2013-09-04 11:56 - 2013-07-25 22:13 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2013-09-04 11:56 - 2013-07-25 22:13 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2013-09-04 11:56 - 2013-07-25 22:12 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2013-09-04 11:56 - 2013-07-25 22:12 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2013-09-04 11:56 - 2013-07-25 22:12 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2013-09-04 11:56 - 2013-07-25 22:12 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2013-09-04 11:56 - 2013-07-25 20:13 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2013-09-04 11:56 - 2013-07-25 20:13 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2013-09-04 11:56 - 2013-07-25 20:12 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2013-09-04 11:56 - 2013-07-25 20:12 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2013-09-04 11:56 - 2013-07-25 20:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2013-09-04 11:56 - 2013-07-25 20:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2013-09-04 11:38 - 2013-09-04 11:44 - 00000000 ____D C:\Windows\system32\MRT

2013-09-04 11:36 - 2013-07-25 02:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL

2013-09-04 11:36 - 2013-07-25 01:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL

2013-09-04 11:35 - 2013-07-18 18:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll

2013-09-04 11:35 - 2013-07-18 18:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll

2013-09-04 11:35 - 2013-07-08 23:03 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe

2013-09-04 11:35 - 2013-07-08 22:54 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll

2013-09-04 11:35 - 2013-07-08 22:53 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll

2013-09-04 11:35 - 2013-07-08 22:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll

2013-09-04 11:35 - 2013-07-08 22:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll

2013-09-04 11:35 - 2013-07-08 22:46 - 01472512 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll

2013-09-04 11:35 - 2013-07-08 22:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll

2013-09-04 11:35 - 2013-07-08 22:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll

2013-09-04 11:35 - 2013-07-08 22:03 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe

2013-09-04 11:35 - 2013-07-08 22:03 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe

2013-09-04 11:35 - 2013-07-08 21:53 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll

2013-09-04 11:35 - 2013-07-08 21:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll

2013-09-04 11:35 - 2013-07-08 21:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll

2013-09-04 11:35 - 2013-07-08 21:52 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll

2013-09-04 11:35 - 2013-07-08 21:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll

2013-09-04 11:35 - 2013-07-08 21:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll

2013-09-04 11:35 - 2013-07-08 21:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll

2013-09-04 11:35 - 2013-07-08 19:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe

2013-09-04 11:35 - 2013-07-08 19:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll

2013-09-04 11:35 - 2013-07-08 19:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe

2013-09-04 11:35 - 2013-07-08 19:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe

2013-09-04 11:34 - 2013-06-14 21:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys

2013-09-04 11:33 - 2013-07-05 23:03 - 01910208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys

 

==================== One Month Modified Files and Folders =======

 

2013-10-04 08:28 - 2012-11-12 12:15 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job

2013-10-04 08:26 - 2013-10-04 08:26 - 00000000 ____D C:\FRST

2013-10-04 08:25 - 2013-10-04 08:25 - 01954124 _____ (Farbar) C:\Users\Justin\Desktop\FRST64.exe

2013-10-04 08:25 - 2012-10-21 13:29 - 00000000 ___RD C:\Users\Justin\Dropbox

2013-10-04 08:22 - 2013-10-04 08:22 - 00002893 _____ C:\Users\Justin\Desktop\threats eset.txt

2013-10-04 08:21 - 2012-08-16 10:14 - 00000904 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2013-10-04 08:20 - 2013-01-14 19:55 - 00003922 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{0C5A6A24-E3D9-4693-8B7C-9176029A05CF}

2013-10-04 08:14 - 2010-01-21 17:19 - 00000918 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-350978928-1145991243-2579747793-1001UA.job

2013-10-04 03:30 - 2009-12-08 03:00 - 01972117 _____ C:\Windows\WindowsUpdate.log

2013-10-03 22:38 - 2009-07-13 21:45 - 00017600 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2013-10-03 22:38 - 2009-07-13 21:45 - 00017600 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2013-10-03 22:32 - 2013-04-06 11:11 - 00000000 ____D C:\Users\Justin\AppData\Local\HTC MediaHub

2013-10-03 22:31 - 2012-10-21 13:21 - 00000000 ____D C:\Users\Justin\AppData\Roaming\Dropbox

2013-10-03 22:31 - 2009-07-13 22:32 - 00000000 ____D C:\Windows\system32\FxsTmp

2013-10-03 22:29 - 2012-08-16 10:14 - 00000900 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2013-10-03 22:27 - 2009-11-11 22:19 - 00785936 _____ C:\Windows\PFRO.log

2013-10-03 22:27 - 2009-07-13 22:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT

2013-10-03 22:27 - 2009-07-13 21:51 - 00194010 _____ C:\Windows\setupact.log

2013-10-03 22:24 - 2013-09-01 20:38 - 00000000 ____D C:\AdwCleaner

2013-10-03 21:14 - 2010-01-21 17:19 - 00000866 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-350978928-1145991243-2579747793-1001Core.job

2013-10-03 20:31 - 2013-10-03 20:31 - 02347384 _____ (ESET) C:\Users\Justin\Desktop\esetsmartinstaller_enu.exe

2013-10-03 20:31 - 2013-10-03 20:31 - 00000000 ____D C:\Program Files (x86)\ESET

2013-10-03 20:21 - 2013-10-03 20:20 - 01045226 _____ C:\Users\Justin\Desktop\AdwCleaner.exe

2013-10-03 20:11 - 2013-10-03 20:11 - 00002952 _____ C:\Users\Justin\Desktop\JRT.txt

2013-10-03 20:05 - 2013-04-14 10:22 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

2013-10-03 20:01 - 2013-10-03 20:00 - 01030305 _____ (Thisisu) C:\Users\Justin\Desktop\JRT.exe

2013-10-03 20:01 - 2013-10-03 12:44 - 00000000 ____D C:\Windows\ERUNT

2013-10-03 19:58 - 2013-10-03 14:24 - 00000000 ____D C:\Users\Justin\Desktop\mbar

2013-10-03 19:58 - 2013-10-03 14:24 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)

2013-10-03 12:48 - 2013-10-03 12:48 - 00002326 _____ C:\Users\Justin\Desktop\RKreport[0]_S_10032013_124831.txt

2013-10-03 12:45 - 2013-10-03 12:45 - 00000000 ____D C:\Windows\ERDNT

2013-10-03 12:44 - 2013-10-03 12:44 - 00000826 _____ C:\Users\Justin\Desktop\NTREGOPT.lnk

2013-10-03 12:44 - 2013-10-03 12:44 - 00000807 _____ C:\Users\Justin\Desktop\ERUNT.lnk

2013-10-03 12:43 - 2013-10-03 12:43 - 00791393 _____ (Lars Hederer                                                ) C:\Users\Justin\Desktop\erunt-setup.exe

2013-10-03 12:40 - 2013-10-03 12:39 - 03980800 _____ C:\Users\Justin\Desktop\RogueKillerX64.exe

2013-10-03 12:38 - 2013-08-29 13:42 - 00000000 ____D C:\Users\Justin\AppData\Roaming\MediaMonkey

2013-10-03 12:36 - 2013-10-03 12:36 - 00017346 _____ C:\Users\Justin\Desktop\attach.txt

2013-10-03 12:36 - 2013-10-03 10:15 - 00029438 _____ C:\Users\Justin\Desktop\dds.txt

2013-10-03 10:53 - 2013-10-03 10:52 - 818489500 _____ C:\Users\Justin\Desktop\LightroomInstall.nrg

2013-10-03 10:33 - 2013-10-03 10:26 - 3978899612 _____ C:\Users\Justin\Desktop\PSDVD.nrg

2013-10-02 20:34 - 2009-07-13 22:08 - 00032546 _____ C:\Windows\Tasks\SCHEDLGU.TXT

2013-10-02 14:38 - 2010-01-19 18:01 - 00150432 _____ C:\Users\Justin\AppData\Local\GDIPFONTCACHEV1.DAT

2013-10-02 14:26 - 2009-07-13 21:45 - 05150864 _____ C:\Windows\system32\FNTCACHE.DAT

2013-10-02 14:22 - 2010-02-07 12:52 - 00000000 ____D C:\Users\Public\Documents\EndNote

2013-10-02 14:22 - 2010-02-07 12:51 - 00000000 ____D C:\ProgramData\Thomson.ResearchSoft.Installers

2013-10-02 14:22 - 2010-02-07 12:51 - 00000000 ____D C:\Program Files (x86)\EndNote X3

2013-10-02 14:15 - 2010-02-07 12:46 - 00000000 ____D C:\Program Files\Adobe

2013-10-02 14:08 - 2010-02-07 14:48 - 00000000 ____D C:\Program Files\Common Files\Adobe

2013-10-02 14:07 - 2009-11-04 17:38 - 00000000 ____D C:\Program Files (x86)\Adobe

2013-10-02 14:02 - 2013-05-16 11:15 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe

2013-10-02 13:14 - 2010-01-21 17:13 - 00000000 ____D C:\Users\Justin\AppData\Roaming\Adobe

2013-10-02 12:46 - 2013-10-02 12:17 - 00000000 ____D C:\Users\Justin\Desktop\RK_Quarantine

2013-10-02 12:00 - 2013-10-02 12:00 - 00688992 ____R (Swearware) C:\Users\Justin\Desktop\dds.com

2013-10-02 12:00 - 2013-10-02 12:00 - 00001113 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2013-10-02 12:00 - 2013-09-01 20:50 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware

2013-10-02 11:59 - 2013-10-02 11:58 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Justin\Desktop\mbam-setup-1.75.0.1300.exe

2013-10-02 10:36 - 2010-01-24 21:29 - 00000000 ____D C:\Users\Justin\AppData\Local\Adobe

2013-10-02 08:55 - 2012-07-10 23:39 - 00004184 _____ C:\Windows\System32\Tasks\avast! Emergency Update

2013-10-01 13:27 - 2010-02-07 14:22 - 00000000 ____D C:\ProgramData\FLEXnet

2013-10-01 11:19 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\system32\NDF

2013-09-28 17:12 - 2013-06-10 09:53 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69

2013-09-28 17:12 - 2011-06-12 10:25 - 00000000 ____D C:\Program Files (x86)\iTunes

2013-09-27 16:15 - 2010-01-23 11:13 - 00000000 ____D C:\Users\Justin\AppData\Roaming\Mozilla

2013-09-24 12:30 - 2013-06-29 16:32 - 00000000 ____D C:\Users\Justin\Desktop\ebay

2013-09-23 10:41 - 2013-09-23 10:37 - 00003624 _____ C:\Users\Justin\Desktop\Rkill.txt

2013-09-23 09:40 - 2013-09-23 09:39 - 01042066 _____ C:\Users\Justin\Downloads\adwcleaner.exe

2013-09-23 08:18 - 2013-09-23 08:18 - 00004360 _____ C:\Users\Justin\Documents\.RData

2013-09-22 22:48 - 2009-07-13 22:13 - 00779306 _____ C:\Windows\system32\PerfStringBackup.INI

2013-09-22 13:33 - 2013-09-22 12:57 - 00885760 _____ C:\Users\Justin\Downloads\multreg.ppt

2013-09-22 12:27 - 2012-09-20 19:36 - 00163311 _____ C:\Windows\hphins15.dat

2013-09-22 12:27 - 2011-03-11 14:45 - 00013057 _____ C:\ProgramData\hpzinstall.log

2013-09-22 12:26 - 2011-03-11 14:48 - 00000000 ____D C:\ProgramData\Yahoo! Companion

2013-09-22 12:24 - 2013-09-22 12:24 - 00000000 ____D C:\ProgramData\HP Product Assistant

2013-09-22 12:24 - 2011-03-11 11:50 - 00000000 ____D C:\ProgramData\HP

2013-09-22 12:23 - 2011-03-11 14:45 - 00000000 ____D C:\Program Files (x86)\HP

2013-09-22 12:18 - 2013-09-22 12:13 - 143345472 _____ C:\Users\Justin\Downloads\DJ_SF_NonNet_Full_Win_WW_130_140.exe

2013-09-19 21:34 - 2012-11-12 12:15 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater

2013-09-19 21:33 - 2013-09-16 13:28 - 03723656 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe

2013-09-19 21:33 - 2012-11-12 12:15 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2013-09-19 21:33 - 2011-12-08 13:25 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2013-09-19 11:12 - 2012-09-12 09:42 - 00000000 ____D C:\Users\Justin\Desktop\Goat

2013-09-18 09:09 - 2010-01-21 18:04 - 00000000 _____ C:\Windows\SysWOW64\config.nt

2013-09-17 18:28 - 2013-02-21 23:25 - 00000000 ____D C:\Users\Justin\.BayPhotoEmerge

2013-09-17 17:51 - 2010-03-13 10:26 - 00000000 ____D C:\Users\Justin\.roescache

2013-09-17 09:10 - 2012-04-18 22:00 - 00000000 ____D C:\Program Files (x86)\Last.fm

2013-09-17 09:03 - 2013-09-17 09:03 - 14916216 _____ (Last.fm                                                     ) C:\Users\Justin\Downloads\Last.fm-2.1.36.exe

2013-09-17 01:30 - 2010-01-21 17:19 - 00000000 ____D C:\Users\Justin\AppData\Local\Deployment

2013-09-16 11:49 - 2013-08-26 14:25 - 00000000 ____D C:\Users\Justin\AppData\Roaming\RStudio

2013-09-16 11:49 - 2011-12-08 13:25 - 00000000 ____D C:\Windows\system32\Macromed

2013-09-16 11:49 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\AppCompat

2013-09-16 11:48 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\registration

2013-09-16 11:03 - 2010-01-19 18:01 - 00000000 ____D C:\Users\Justin

2013-09-15 22:07 - 2011-12-03 12:54 - 00000000 ____D C:\Users\Justin\Documents\Addresses

2013-09-09 02:28 - 2013-09-08 01:24 - 00000000 ____D C:\Users\Justin\Desktop\September

2013-09-08 10:56 - 2013-05-29 14:02 - 00001456 _____ C:\Users\Justin\AppData\Local\Adobe Save for Web 13.0 Prefs

2013-09-08 10:46 - 2013-06-21 20:01 - 00000132 _____ C:\Users\Justin\AppData\Roaming\Adobe PNG Format CS6 Prefs

2013-09-06 20:05 - 2012-11-09 10:38 - 00000000 ____D C:\ProgramData\Sendori

2013-09-06 15:38 - 2013-09-06 15:38 - 00000000 ____D C:\Users\Justin\AppData\Roaming\Opera Software

2013-09-06 15:38 - 2013-09-06 15:38 - 00000000 ____D C:\Users\Justin\AppData\Local\Opera Software

2013-09-06 15:37 - 2013-09-06 15:37 - 00000000 ____D C:\Program Files (x86)\Opera

2013-09-06 15:36 - 2013-09-06 15:35 - 32093736 _____ (Opera Software ASA) C:\Users\Justin\Downloads\Opera_16.0.1196.73_Setup.exe

2013-09-04 14:36 - 2013-01-24 14:45 - 00000000 ____D C:\Users\Justin\Desktop\MATLAB

2013-09-04 14:14 - 2013-09-01 20:30 - 00000000 ____D C:\Users\Justin\Desktop\rkill

2013-09-04 13:03 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\rescache

2013-09-04 11:46 - 2009-11-11 22:21 - 00000000 ____D C:\ProgramData\Microsoft Help

2013-09-04 11:44 - 2013-09-04 11:38 - 00000000 ____D C:\Windows\system32\MRT

2013-09-04 11:38 - 2010-01-23 10:35 - 78161360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

 

Files to move or delete:

====================

C:\Users\Justin\ij147-jdk6-64bit-setup.exe

 

 

Some content of TEMP:

====================

C:\Users\Justin\AppData\Local\Temp\AMPing.exe

C:\Users\Justin\AppData\Local\Temp\AskSLib.dll

C:\Users\Justin\AppData\Local\Temp\dxwebsetup.exe

C:\Users\Justin\AppData\Local\Temp\gtalkwmp1.dll

C:\Users\Justin\AppData\Local\Temp\InstallManager_BAB_BAB.exe

C:\Users\Justin\AppData\Local\Temp\iTunesPluginWinSetup_3.0.4.0.exe

C:\Users\Justin\AppData\Local\Temp\jre-6u29-windows-i586-iftw-rv.exe

C:\Users\Justin\AppData\Local\Temp\jre-6u31-windows-i586-iftw-rv.exe

C:\Users\Justin\AppData\Local\Temp\jre-7u11-windows-i586-iftw.exe

C:\Users\Justin\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exe

C:\Users\Justin\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe

C:\Users\Justin\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe

C:\Users\Justin\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe

C:\Users\Justin\AppData\Local\Temp\jre-7u7-windows-i586-iftw.exe

C:\Users\Justin\AppData\Local\Temp\jre-7u9-windows-i586-iftw.exe

C:\Users\Justin\AppData\Local\Temp\Last.fm-2.1.30.exe

C:\Users\Justin\AppData\Local\Temp\MouseKeyboardCenterx64_1033.exe

C:\Users\Justin\AppData\Local\Temp\MSETUP4.EXE

C:\Users\Justin\AppData\Local\Temp\mssinstaller.exe

C:\Users\Justin\AppData\Local\Temp\ntdll_dump.dll

C:\Users\Justin\AppData\Local\Temp\primosdk.DLL

C:\Users\Justin\AppData\Local\Temp\px.dll

C:\Users\Justin\AppData\Local\Temp\pxafs.dll

C:\Users\Justin\AppData\Local\Temp\PxCpyA64.exe

C:\Users\Justin\AppData\Local\Temp\PxCpyI64.exe

C:\Users\Justin\AppData\Local\Temp\pxdrv.dll

C:\Users\Justin\AppData\Local\Temp\pxhpinst.exe

C:\Users\Justin\AppData\Local\Temp\PxInsA64.exe

C:\Users\Justin\AppData\Local\Temp\PxInsI64.exe

C:\Users\Justin\AppData\Local\Temp\pxmas.dll

C:\Users\Justin\AppData\Local\Temp\pxsetup.exe

C:\Users\Justin\AppData\Local\Temp\pxsfs.dll

C:\Users\Justin\AppData\Local\Temp\pxwave.dll

C:\Users\Justin\AppData\Local\Temp\Quarantine.exe

C:\Users\Justin\AppData\Local\Temp\RDVAlert.exe

C:\Users\Justin\AppData\Local\Temp\SearchWithGoogleUpdate.exe

C:\Users\Justin\AppData\Local\Temp\Shortcut.exe

C:\Users\Justin\AppData\Local\Temp\SkypeSetup.exe

C:\Users\Justin\AppData\Local\Temp\tbSwee.dll

C:\Users\Justin\AppData\Local\Temp\tmp2349.exe

C:\Users\Justin\AppData\Local\Temp\tmp777B.exe

C:\Users\Justin\AppData\Local\Temp\tmpAC7D.exe

C:\Users\Justin\AppData\Local\Temp\Uninstaller-40864.exe

C:\Users\Justin\AppData\Local\Temp\US_en_Avery_AW40.exe

C:\Users\Justin\AppData\Local\Temp\vcredist_x86.exe

C:\Users\Justin\AppData\Local\Temp\vxblock.dll

 

 

==================== Bamital & volsnap Check =================

 

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\SysWOW64\wininit.exe => MD5 is legit

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\SysWOW64\explorer.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\SysWOW64\svchost.exe => MD5 is legit

C:\Windows\System32\services.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\SysWOW64\User32.dll => MD5 is legit

C:\Windows\System32\userinit.exe => MD5 is legit

C:\Windows\SysWOW64\userinit.exe => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

 

 

LastRegBack: 2013-10-01 10:36

 

==================== End Of Log ============================

Share this post


Link to post
Share on other sites

The AdwCleaner log was not the full log. Please copy/paste all of it or attach it by clicking on the More Reply Options button.

Thanks

Share this post


Link to post
Share on other sites
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-10-2013

Ran by FreshOats at 2013-10-04 08:34:48

Running from C:\Users\Justin\Desktop

Boot Mode: Normal

==========================================================

 

 

==================== Security Center ========================

 

AV: avast! Antivirus (Enabled - Up to date) {2B2D1395-420B-D5C9-657E-930FE358FC3C}

AS: avast! Antivirus (Enabled - Up to date) {904CF271-6431-DA47-5FCE-A87D98DFB681}

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

 

==================== Installed Programs ======================

 

 Update for Microsoft Office 2007 (KB2508958) (x32)

64 Bit HP CIO Components Installer (Version: 7.2.8)

Acer Arcade Deluxe (x32 Version: 3.0.7112)

Acer Assist (x32)

Acer Backup Manager (x32 Version: 2.0.0.29)

Acer Crystal Eye Webcam (x32 Version: 5.2.9.3)

Acer ePower Management (x32 Version: 4.05.3004)

Acer eRecovery Management (x32 Version: 4.05.3005)

Acer Games (x32 Version: 1.0.0.71)

Acer GridVista (x32 Version: 3.01.0730)

Acer Registration (x32 Version: 1.02.3006)

Acer ScreenSaver (x32 Version: 1.5.0715)

Acer Updater (x32 Version: 1.02.3502)

Acrobat.com (x32 Version: 1.6.65)

Adobe AIR (x32 Version: 3.7.0.1860)

Adobe Color Video Profiles CS CS4 (x32 Version: 2.0)

Adobe Community Help (x32 Version: 3.5.23)

Adobe Flash Player 11 ActiveX (x32 Version: 11.8.800.175)

Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.168)

Adobe Photoshop Elements 8.0 (x32 Version: 8.0)

Adobe Photoshop.com Inspiration Browser (x32 Version: 3.02)

Adobe Reader XI (11.0.04) (x32 Version: 11.0.04)

Adobe Shockwave Player 11.6 (x32 Version: 11.6.8.638)

AdobeColorCommonSetRGB (x32 Version: 2.0)

Alcor Micro USB Card Reader (x32 Version: 1.4.17.35005)

Apple Application Support (x32 Version: 2.3.4)

Apple Mobile Device Support (Version: 6.1.0.13)

Apple Software Update (x32 Version: 2.1.3.127)

ArcSoft PhotoStudio 6 (x32 Version: 6.0.1.134)

Audacity 1.3.11 (Unicode) (x32)

Auslogics BoostSpeed (x32 Version: 5.0)

AutoQuant3DMergeModuls (Version: 1.00.0000)

avast! Free Antivirus (x32 Version: 8.0.1497.0)

Avery Wizard 4.0 (x32 Version: 4.0.103)

Backup Manager Basic (x32 Version: 2.0.0.29)

Blogger Backup Utility (x32 Version: 1.0.23)

Bonjour (Version: 3.0.0.10)

Broadcom Gigabit NetLink Controller (Version: 12.33.03)

BufferChm (x32 Version: 130.0.331.000)

Canon CanoScan LiDE 700F User Registration (x32)

Canon Inkjet Printer/Scanner/Fax Extended Survey Program (x32)

Canon MP Navigator EX 2.1 (x32)

Canon RAW Image Task for ZoomBrowser EX (x32 Version: 3.3.0.5)

Canon Utilities CameraWindow (x32 Version: 7.1.0.2)

Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX (x32 Version: 6.4.2.16)

Canon Utilities Digital Photo Professional 3.4 (x32 Version: 3.4.0.0)

Canon Utilities EOS Utility (x32 Version: 2.4.0.1)

Canon Utilities MyCamera (x32 Version: 6.4.0.5)

Canon Utilities PhotoStitch (x32 Version: 3.1.21.45)

Canon Utilities Picture Style Editor (x32 Version: 1.3.0.0)

Canon Utilities RemoteCapture Task for ZoomBrowser EX (x32 Version: 1.7.1.9)

Canon Utilities Solution Menu (x32)

Canon Utilities WFT-E1/E2/E3 Utility (x32 Version: 3.2.1.1)

Canon Utilities ZoomBrowser EX (x32 Version: 6.1.1.21)

Canon ZoomBrowser EX Memory Card Utility (x32 Version: 1.1.0.8)

CanoScan LiDE 700F Scanner Driver

Compatibility Pack for the 2007 Office system (x32 Version: 12.0.6612.1000)

D1400 (x32 Version: 130.0.365.000)

D1400_Help (x32 Version: 90.0.235.000)

DAEMON Tools Lite (x32 Version: 4.47.1.0337)

DeviceDiscovery (x32 Version: 130.0.465.000)

dj_sf_ProductContext (x32 Version: 130.0.365.000)

dj_sf_software (x32 Version: 130.0.365.000)

dj_sf_software_req (x32 Version: 130.0.365.000)

Driver Detective (x32 Version: 8.0.1)

DriverAgent by eSupport.com

Dropbox (HKCU Version: 2.0.22)

eBay Worldwide (x32 Version: 2.1.0901)

ERUNT 1.1j (x32)

ESET Online Scanner v3 (x32)

eSobi v2 (x32 Version: 2.0.4.000274)

FFmpeg for Audacity on Windows (x32)

FileZilla Client 3.5.3 (x32 Version: 3.5.3)

G*Power 3.1.7 (x32 Version: 3.1.7)

Garmin Communicator Plugin (x32 Version: 3.0.1)

Garmin Lifetime Updater (x32 Version: 2.0.6)

Garmin Lifetime Updater (x32 Version: 2.1.11)

Garmin USB Drivers (x32 Version: 2.3.0.0)

Glade 3.6.1 (x32 Version: 3.6.1)

Google Chrome (HKCU Version: 26.0.1410.43)

Google Drive (x32 Version: 1.11.4865.2530)

Google Talk (remove only) (HKCU)

Google Talk Plugin (x32 Version: 4.7.0.15362)

GoToMeeting 4.8.0.723 (HKCU Version: 4.8.0.723)

GPBaseService2 (x32 Version: 130.0.371.000)

Half-Life 2 (x32)

Half-Life 2: Episode One (x32)

Half-Life 2: Episode Two (x32)

Half-Life 2: Lost Coast (x32)

Hewlett-Packard ACLM.NET v1.1.0.0 (x32 Version: 1.00.0000)

High-Definition Video Playback 10 (x32 Version: 7.0.11000.25.1)

HP Customer Participation Program 13.0 (Version: 13.0)

HP Deskjet Printer Driver Software 13.0 Rel. 1 (Version: 13.0)

HP Imaging Device Functions 13.0 (Version: 13.0)

HP Photosmart Essential 3.5 (Version: 3.5)

HP Product Detection (x32 Version: 11.14.0001)

HP Smart Web Printing 4.51 (Version: 4.51)

HP Solution Center 13.0 (Version: 13.0)

HPPhotoGadget (x32 Version: 130.0.282.000)

HPPhotoSmartDiscLabelContent1 (x32 Version: 2.04.0000)

HPPhotosmartEssential (x32 Version: 2.04.0000)

HPProductAssistant (x32 Version: 130.0.371.000)

HPSSupply (x32 Version: 130.0.371.000)

HTC Driver Installer (x32 Version: 4.1.0.001)

HTC Sync Manager (x32 Version: 2.0.52.0)

Identity Card (x32 Version: 1.00.3003)

ImageJ 1.47v

ImgBurn (x32 Version: 2.5.7.0)

Intel® Control Center (x32 Version: 1.2.0.1006)

Intel® Graphics Media Accelerator Driver (x32 Version: 8.15.10.1995)

Intel® Management Engine Components (x32 Version: 6.0.0.1179)

Intel® Matrix Storage Manager

IPTInstaller (x32 Version: 4.0.8)

iSEEK AnswerWorks English Runtime (x32 Version: 009.000.0002)

iSyncr (x32 Version: 4.0.9)

jAlbum (x32 Version: 10.1)

Jalbum (x32 Version: 8.9.1)

Java 7 Update 25 (64-bit) (Version: 7.0.250)

Java 7 Update 25 (x32 Version: 7.0.250)

Java Auto Updater (x32 Version: 2.1.9.5)

JavaFX 2.1.1 (x32 Version: 2.1.1)

Junk Mail filter update (x32 Version: 14.0.8089.726)

LAME v3.98.2 for Audacity (x32)

Last.fm Scrobbler 2.1.36 (x32)

Launch Manager (x32 Version: 3.0.04)

Leica LAS AF Lite (x32 Version: 3.1.8587.0)

LSI HDA Modem (Version: 2.2.98)

Luminance HDR 2.3.0

Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300)

MarketResearch (x32 Version: 130.0.374.000)

MATLAB R2012a (Version: 7.14)

MediaMonkey 4.0 (x32 Version: 4.0)

Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320)

Microsoft .NET Framework 4 Extended (Version: 4.0.30320)

Microsoft Application Error Reporting (Version: 12.0.6015.5000)

Microsoft Choice Guard (x32 Version: 2.0.48.0)

Microsoft Default Manager (x32 Version: 2.1.54.0)

Microsoft Office 2007 Service Pack 3 (SP3) (x32)

Microsoft Office Access MUI (English) 2007 (x32 Version: 12.0.6612.1000)

Microsoft Office Access Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000)

Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000)

Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000)

Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003)

Microsoft Office Groove MUI (English) 2007 (x32 Version: 12.0.6612.1000)

Microsoft Office Groove Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000)

Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000)

Microsoft Office InfoPath MUI (English) 2007 (x32 Version: 12.0.6612.1000)

Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)

Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6612.1000)

Microsoft Office Outlook MUI (English) 2007 (x32 Version: 12.0.6612.1000)

Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000)

Microsoft Office PowerPoint Viewer 2007 (English) (x32 Version: 12.0.6612.1000)

Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000)

Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000)

Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000)

Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014)

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32)

Microsoft Office Publisher MUI (English) 2007 (x32 Version: 12.0.6612.1000)

Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)

Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)

Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000)

Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000)

Microsoft Office Suite Activation Assistant (x32 Version: 2.9)

Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000)

Microsoft Primary Interoperability Assemblies 2005 (x32 Version: 8.0.50727.42)

Microsoft Search Enhancement Pack (x32 Version: 3.0.126.0)

Microsoft Silverlight (Version: 5.1.20513.0)

Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (x32 Version: 8.0.50727.4053)

Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)

Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)

Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (x32 Version: 9.0.30729.5570)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)

Microsoft Works (x32 Version: 9.7.0621)

Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053)

Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053)

Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053)

Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000)

Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000)

Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000)

Mikogo 4 (HKCU Version: 4.6)

MinGW-Get version 0.5-beta-20120426-1 (x32 Version: 0.5-beta-20120426-1)

Mozilla Firefox 20.0.1 (x86 en-US) (x32 Version: 20.0.1)

Mozilla Maintenance Service (x32 Version: 20.0.1)

MSN Toolbar (x32 Version: 4.0.0379.0)

MSN Toolbar Platform (x32 Version: 4.0.0417.0)

MSVCRT (x32 Version: 14.0.1468.721)

MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)

MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)

MTP Porting Kit (x32 Version: 12.0.0)

Music Manager (HKCU)

muvee Reveal Seagate Edition (x32 Version: 7.0.41.11017)

MyWinLocker (x32 Version: 3.1.76.0)

Nero 10 ClipartPack (x32 Version: 10.0.10300.0.0)

Nero 10 Menu TemplatePack 1 (x32 Version: 10.0.10300.0.0)

Nero 10 Menu TemplatePack 2 (x32 Version: 10.0.10300.0.0)

Nero 10 Menu TemplatePack 3 (x32 Version: 10.0.10300.0.0)

Nero 10 Menu TemplatePack Basic (x32 Version: 10.0.10300.0.0)

Nero 10 Movie ThemePack 1 (x32 Version: 10.0.10300.1.0)

Nero 10 Movie ThemePack 2 (x32 Version: 10.0.10300.1.0)

Nero 10 Movie ThemePack Basic (x32 Version: 10.0.10300.1.0)

Nero 10 Sample ImagePack (x32 Version: 10.0.10300.0.0)

Nero 10 Sample Videos (x32 Version: 10.0.10300.2.0)

Nero BackItUp 10 (x32 Version: 5.4.11100.14.101)

Nero BackItUp 10 Help (CHM) (x32 Version: 1.0.10500)

Nero Burning ROM 10 (x32 Version: 10.0.10700.7.100)

Nero BurningROM 10 Help (CHM) (x32 Version: 1.0.10500)

Nero BurnRights 10 (x32 Version: 4.0.10600.9.100)

Nero BurnRights 10 Help (CHM) (x32 Version: 1.0.10500)

Nero Control Center 10 (x32 Version: 10.0.11500.1.0)

Nero Core Components 10 (x32 Version: 2.0.13100.0.1)

Nero CoverDesigner 10 (x32 Version: 5.0.10500.7.100)

Nero CoverDesigner 10 Help (CHM) (x32 Version: 1.0.10500)

Nero DiscSpeed 10 (x32 Version: 6.0.10400.4.100)

Nero DiscSpeed 10 Help (CHM) (x32 Version: 1.0.10500)

Nero Dolby Files 10 (x32 Version: 2.0.11000.0.10)

Nero Express 10 (x32 Version: 10.0.10500.7.100)

Nero Express 10 Help (CHM) (x32 Version: 1.0.10500)

Nero InfoTool 10 (x32 Version: 7.0.10400.5.100)

Nero InfoTool 10 Help (CHM) (x32 Version: 1.0.10500)

Nero MediaHub 10 (x32 Version: 1.0.11000.6.100)

Nero MediaHub 10 Help (CHM) (x32 Version: 1.0.10500)

Nero Multimedia Suite 10 (x32 Version: 10.0.11200)

Nero Recode 10 (x32 Version: 4.6.10600.1.100)

Nero Recode 10 Help (CHM) (x32 Version: 1.0.10500)

Nero RescueAgent 10 (x32 Version: 3.0.10500.5.100)

Nero RescueAgent 10 Help (CHM) (x32 Version: 1.0.10500)

Nero SoundTrax 10 (x32 Version: 4.6.10500.1.100)

Nero SoundTrax 10 Help (CHM) (x32 Version: 1.0.10500)

Nero StartSmart 10 (x32 Version: 10.0.10500.4.100)

Nero StartSmart 10 Help (CHM) (x32 Version: 1.0.10500)

Nero Update (x32 Version: 1.0.0012)

Nero Vision 10 (x32 Version: 7.0.10700.4.100)

Nero Vision 10 Help (CHM) (x32 Version: 1.0.10500)

Nero WaveEditor 10 (x32 Version: 5.6.10500.1.100)

Nero WaveEditor 10 Help (CHM) (x32 Version: 1.0.10500)

NTI Backup Now 5 (x32 Version: 5.1.2.627)

NTI Backup Now Standard (x32 Version: 5.1.2.627)

NTI Media Maker 8 (x32 Version: 8.0.12.6623)

Nvu 1.0PR (x32 Version: 1.0PR)

Opera Stable 16.0.1196.73 (x32 Version: 16.0.1196.73)

Picasa 3 (x32 Version: 3.8)

Picturenaut 3.2 (Version: 3.2.0.1698)

PL-2303 USB-to-Serial (x32 Version: 1.2.10)

Portal (x32)

Portal 2 (x32)

QuickTime (x32 Version: 7.73.80.64)

R for Windows 3.0.1 (Version: 3.0.1)

Realtek High Definition Audio Driver (x32 Version: 6.0.1.5969)

Registry Easy v5.6 (Version: 5.6)

ResearchSoft Direct Export Helper (x32)

RStudio (x32 Version: 0.97.551)

Seagate Manager Installer (x32 Version: 2.01.0600)

Sendori (x32 Version: 2.0.15)

Shipping Assistant 3.8 (x32 Version: 3.8.0.0)

Shop for HP Supplies (Version: 13.0)

SketchUp 8 (x32 Version: 3.0.16846)

Skype™ 5.10 (x32 Version: 5.10.116)

SlidePath Gateway (x32 Version: 2.0.5.0)

SmartWebPrinting (x32 Version: 130.0.457.000)

SolutionCenter (x32 Version: 130.0.373.000)

SoulSeek 157 NS 13e (x32)

SoulseekQt (x32)

Spotify (HKCU Version: 0.8.5.1333.g822e0de8)

Status (x32 Version: 130.0.469.000)

Steam (x32 Version: 1.0.0.0)

SUPERAntiSpyware (Version: 5.5.1012)

swMSM (x32 Version: 12.0.0.1)

Synaptics Pointing Device Driver (Version: 14.0.6.0)

Team Fortress 2 (x32)

Team Fortress 2 Beta (x32)

Toolbox (x32 Version: 130.0.648.000)

TrayApp (x32 Version: 130.0.422.000)

TurboTax 2009 (x32)

TurboTax 2009 wiliper (x32 Version: 009.000.0687)

TurboTax 2009 WinPerFedFormset (x32 Version: 009.000.1875)

TurboTax 2009 WinPerReleaseEngine (x32 Version: 009.000.0311)

TurboTax 2009 WinPerTaxSupport (x32 Version: 009.000.0230)

TurboTax 2009 wrapper (x32 Version: 009.000.0145)

TurboTax 2010 (x32)

TurboTax 2010 wiliper (x32 Version: 010.000.1108)

TurboTax 2010 WinPerFedFormset (x32 Version: 010.000.3441)

TurboTax 2010 WinPerReleaseEngine (x32 Version: 010.000.0414)

TurboTax 2010 WinPerTaxSupport (x32 Version: 010.000.0199)

TurboTax 2010 wrapper (x32 Version: 010.000.0157)

TurboTax 2011 (x32)

TurboTax 2011 wcaiper (x32 Version: 011.000.1395)

TurboTax 2011 wiliper (x32 Version: 011.000.1456)

TurboTax 2011 WinPerFedFormset (x32 Version: 011.000.2596)

TurboTax 2011 WinPerReleaseEngine (x32 Version: 011.000.0424)

TurboTax 2011 WinPerTaxSupport (x32 Version: 011.000.0209)

TurboTax 2011 wrapper (x32 Version: 011.000.0120)

TurboTax 2012 (x32 Version: 2012.0)

TurboTax 2012 wcaiper (x32 Version: 012.000.1430)

TurboTax 2012 wiliper (x32 Version: 012.000.1416)

TurboTax 2012 WinPerFedFormset (x32 Version: 012.000.2083)

TurboTax 2012 WinPerReleaseEngine (x32 Version: 012.000.0451)

TurboTax 2012 WinPerTaxSupport (x32 Version: 012.000.0179)

TurboTax 2012 wrapper (x32 Version: 012.000.0127)

UnloadSupport (x32 Version: 11.0.0)

Update for 2007 Microsoft Office System (KB967642) (x32)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)

Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)

Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1)

Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1)

Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1)

Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1)

Update for Microsoft Office 2007 Help for Common Features (KB963673) (x32)

Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (x32)

Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition (x32)

Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition (x32)

Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition (x32)

Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (x32)

Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (x32)

Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (x32)

Update for Microsoft Office Access 2007 Help (KB963663) (x32)

Update for Microsoft Office Excel 2007 Help (KB963678) (x32)

Update for Microsoft Office Infopath 2007 Help (KB963662) (x32)

Update for Microsoft Office OneNote 2007 Help (KB963670) (x32)

Update for Microsoft Office Outlook 2007 Help (KB963677) (x32)

Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2768024) 32-Bit Edition (x32)

Update for Microsoft Office Powerpoint 2007 Help (KB963669) (x32)

Update for Microsoft Office Publisher 2007 Help (KB963667) (x32)

Update for Microsoft Office Script Editor Help (KB963671) (x32)

Update for Microsoft Office Word 2007 Help (KB963665) (x32)

VI Package Manager (x32 Version: 2012.0.0 (build 1780))

WebReg (x32 Version: 130.0.132.017)

Welcome Center (x32 Version: 1.00.3008)

Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (06/03/2009 2.3.0.0) (Version: 06/03/2009 2.3.0.0)

Windows Live Call (x32 Version: 14.0.8064.0206)

Windows Live Communications Platform (x32 Version: 14.0.8064.206)

Windows Live Essentials (x32 Version: 14.0.8089.0726)

Windows Live Essentials (x32 Version: 14.0.8089.726)

Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)

Windows Live Mail (x32 Version: 14.0.8089.0726)

Windows Live Messenger (x32 Version: 14.0.8089.0726)

Windows Live Movie Maker (x32 Version: 14.0.8091.0730)

Windows Live Photo Gallery (x32 Version: 14.0.8081.709)

Windows Live Sync (x32 Version: 14.0.8089.726)

Windows Live Upload Tool (x32 Version: 14.0.8014.1029)

Windows Live Writer (x32 Version: 14.0.8089.0726)

Windows Media Player Firefox Plugin (x32 Version: 1.0.0.8)

WinRAR archiver

Yahoo! Toolbar (x32)

 

==================== Restore Points  =========================

 

02-10-2013 21:09:44 Removed Adobe Photoshop Lightroom 4.4 64-bit.

02-10-2013 21:16:38 Removed EndNote X3

03-10-2013 10:19:21 Windows Update

 

==================== Scheduled Tasks (whitelisted) =============

 

Task: {0BDA77DA-BCE9-4B4B-9483-4F85739AF22D} - System32\Tasks\{776B6FBB-4446-46B2-9D7E-C9F5962DC88F} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2012-07-13] (Skype Technologies S.A.)

Task: {2276EB6F-0783-472D-B238-2C95AF562204} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)

Task: {360A5A64-B8D4-442A-9CF5-4E77E54580FA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-08-16] (Google Inc.)

Task: {717C8F14-6EEE-4B03-8585-09FD1995A5C6} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-19] (Adobe Systems Incorporated)

Task: {8230404C-AEA5-41C3-AEFC-186A5FD08302} - System32\Tasks\UALU notificatin => C:\Program Files\Acer\Acer Updater\UALU.exe [2012-04-05] (Acer Incorporated)

Task: {8761F448-16B8-4466-B98F-AA6B45B0A384} - System32\Tasks\Run RoboForm TaskBar Icon => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe

Task: {9149BA98-C6B1-4FC8-B1DD-886303895598} - \Scheduled Update for Ask Toolbar No Task File

Task: {95E069FA-39BC-4405-BE5D-1E331AB7698D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-350978928-1145991243-2579747793-1001Core => C:\Users\Justin\AppData\Local\Google\Update\GoogleUpdate.exe [2010-01-21] (Google Inc.)

Task: {C27D010D-EE3F-4688-90B6-8B6BCD7B267A} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-20] (Microsoft Corporation)

Task: {D5E5606D-21A4-46C8-B842-C00FC1A086AF} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-350978928-1145991243-2579747793-1001UA => C:\Users\Justin\AppData\Local\Google\Update\GoogleUpdate.exe [2010-01-21] (Google Inc.)

Task: {E3FC07A2-192C-48B9-9539-5B9B56B35B7F} - System32\Tasks\avast! Emergency Update => C:\Program Files\Alwil Software\Avast5\AvastEmUpdate.exe [2013-08-30] (AVAST Software)

Task: {EA6BFF5A-D1A3-4C7E-9072-9E0B2EE6A686} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-08-16] (Google Inc.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-350978928-1145991243-2579747793-1001Core.job => C:\Users\Justin\AppData\Local\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-350978928-1145991243-2579747793-1001UA.job => C:\Users\Justin\AppData\Local\Google\Update\GoogleUpdate.exe

 

==================== Loaded Modules (whitelisted) =============

 

2013-08-29 13:42 - 2012-11-12 00:38 - 00091648 _____ () C:\Program Files (x86)\MediaMonkey\DeskPlayer.dll

2010-01-02 07:42 - 2010-01-02 07:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll

2011-08-31 19:13 - 2011-08-31 19:13 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll

2013-10-04 06:31 - 2013-10-04 02:57 - 02104832 _____ () C:\Program Files\Alwil Software\Avast5\defs\13100400\algo.dll

2011-09-27 07:23 - 2011-09-27 07:23 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll

2011-09-27 07:22 - 2011-09-27 07:22 - 01242472 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll

2013-04-03 13:26 - 2013-04-03 13:26 - 00030056 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DbAccess.dll

2013-04-03 13:27 - 2013-04-03 13:27 - 00607376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\sqlite3.dll

2013-03-07 10:18 - 2013-03-07 10:18 - 00044392 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NAdvLog.dll

2013-04-03 13:28 - 2013-04-03 13:28 - 00036216 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NFileCacheDBAccess.dll

2013-03-07 10:19 - 2013-03-07 10:19 - 00080248 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\ninstallerhelper.dll

2013-03-07 10:21 - 2013-03-07 10:21 - 00223592 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DevConnMon.dll

2009-02-02 18:33 - 2009-02-02 18:33 - 00460199 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll

2008-09-28 18:55 - 2008-09-28 18:55 - 01076224 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\ACE.dll

2009-10-30 03:11 - 2009-10-30 03:11 - 00267776 _____ () C:\Windows\system32\WinTab32.DLL

2009-10-30 03:11 - 2009-10-30 03:11 - 00204800 _____ () C:\Windows\SysWOW64\WinTab32.DLL

2012-01-08 06:41 - 2012-01-08 06:41 - 00093696 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll

2013-03-29 09:54 - 2013-03-21 15:49 - 00598480 _____ () C:\Users\Justin\AppData\Local\Google\Chrome\Application\26.0.1410.43\libglesv2.dll

2013-03-29 09:54 - 2013-03-21 15:49 - 00124368 _____ () C:\Users\Justin\AppData\Local\Google\Chrome\Application\26.0.1410.43\libegl.dll

2010-03-06 10:55 - 2010-03-06 10:55 - 00854016 _____ () C:\Windows\assembly\GAC_32\System.Data.SQLite\1.0.61.0__db937bc2d44ff139\System.Data.SQLite.dll

2010-03-06 10:55 - 2010-03-06 10:55 - 00471040 _____ () C:\Windows\assembly\GAC_MSIL\Intuit.Spc.Map.Reporter\5.0.104.0__7ce6deabcb36a8ea\Intuit.Spc.Map.Reporter.dll

2011-02-16 11:27 - 2011-02-16 11:27 - 00476520 _____ () C:\Windows\assembly\GAC_MSIL\Intuit.Spc.Map.Reporter\5.0.136.0__7ce6deabcb36a8ea\Intuit.Spc.Map.Reporter.dll

2013-03-29 09:54 - 2013-03-21 15:50 - 04050896 _____ () C:\Users\Justin\AppData\Local\Google\Chrome\Application\26.0.1410.43\pdf.dll

2013-03-29 09:54 - 2013-03-21 15:50 - 00390096 _____ () C:\Users\Justin\AppData\Local\Google\Chrome\Application\26.0.1410.43\ppGoogleNaClPluginChrome.dll

2013-03-29 09:54 - 2013-03-21 15:49 - 01606096 _____ () C:\Users\Justin\AppData\Local\Google\Chrome\Application\26.0.1410.43\ffmpegsumo.dll

2013-05-14 14:12 - 2013-05-14 14:12 - 13136776 _____ () C:\Users\Justin\AppData\Local\Google\Chrome\User Data\PepperFlash\11.7.700.202\pepflashplayer.dll

2013-04-14 10:22 - 2013-04-14 10:22 - 03133336 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

2013-09-16 13:28 - 2013-09-16 13:28 - 16177544 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll

 

==================== Alternate Data Streams (whitelisted) =========

 

AlternateDataStreams: C:\ProgramData\Temp:07BF512B

 

==================== Safe Mode (whitelisted) ===================

 

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sndappv2 => ""="service"

 

==================== Faulty Device Manager Devices =============

 

 

==================== Event log errors: =========================

 

Application errors:

==================

Error: (10/04/2013 03:42:02 AM) (Source: SideBySide) (User: )

Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

 

Error: (10/04/2013 03:41:52 AM) (Source: SideBySide) (User: )

Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

 

Error: (10/03/2013 10:32:56 PM) (Source: SideBySide) (User: )

Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

 

Error: (10/03/2013 10:32:50 PM) (Source: SideBySide) (User: )

Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

 

Error: (10/03/2013 10:32:49 PM) (Source: SideBySide) (User: )

Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

 

Error: (10/03/2013 08:31:07 PM) (Source: SideBySide) (User: )

Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

 

 

System errors:

=============

Error: (10/04/2013 06:29:58 AM) (Source: Service Control Manager) (User: )

Description: The Service Sendori service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.

 

Error: (10/04/2013 02:28:30 AM) (Source: Service Control Manager) (User: )

Description: The Service Sendori service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.

 

Error: (10/03/2013 11:43:14 PM) (Source: BROWSER) (User: )

Description: The browser service has failed to retrieve the backup list too many times on transport \Device\NetBT_Tcpip_{079E895E-A34A-44CA-AB30-B5385D4D0B79}.

The backup browser is stopping.

 

Error: (10/03/2013 10:28:01 PM) (Source: Service Control Manager) (User: )

Description: The NI Device Loader service depends the following service: mxssvr. This service might not be installed.

 

Error: (10/03/2013 10:28:00 PM) (Source: Service Control Manager) (User: )

Description: The McAfee SiteAdvisor Service service failed to start due to the following error: 

%%2

 

Error: (10/03/2013 10:27:43 PM) (Source: Microsoft-Windows-DNS-Client) (User: NT AUTHORITY)

Description: There was an error while attempting to read the local hosts file.

 

Error: (10/03/2013 09:14:51 PM) (Source: DCOM) (User: )

Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

 

Error: (10/03/2013 08:46:23 PM) (Source: Service Control Manager) (User: )

Description: The Service Sendori service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.

 

Error: (10/03/2013 08:33:12 PM) (Source: Disk) (User: )

Description: The driver detected a controller error on \Device\Harddisk1\DR2.

 

 

Microsoft Office Sessions:

=========================

Error: (04/18/2013 01:32:35 PM) (Source: Microsoft Office 12 Sessions)(User: )

Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6600.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 216 seconds with 120 seconds of active time.  This session ended with a crash.

 

Error: (03/10/2013 11:31:14 PM) (Source: Microsoft Office 12 Sessions)(User: )

Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6600.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 910 seconds with 900 seconds of active time.  This session ended with a crash.

 

Error: (03/10/2013 11:15:56 PM) (Source: Microsoft Office 12 Sessions)(User: )

Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6600.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 63 seconds with 60 seconds of active time.  This session ended with a crash.

 

Error: (03/10/2013 11:14:44 PM) (Source: Microsoft Office 12 Sessions)(User: )

Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6600.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 4232 seconds with 4080 seconds of active time.  This session ended with a crash.

 

Error: (04/10/2012 08:47:48 PM) (Source: Microsoft Office 12 Sessions)(User: )

Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6612.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 9 seconds with 0 seconds of active time.  This session ended with a crash.

 

Error: (11/01/2011 03:32:57 PM) (Source: Microsoft Office 12 Sessions)(User: )

Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6555.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 4 seconds with 0 seconds of active time.  This session ended with a crash.

 

Error: (08/25/2011 04:21:23 PM) (Source: Microsoft Office 12 Sessions)(User: )

Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 4 seconds with 0 seconds of active time.  This session ended with a crash.

 

Error: (08/25/2011 04:13:50 PM) (Source: Microsoft Office 12 Sessions)(User: )

Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 2 seconds with 0 seconds of active time.  This session ended with a crash.

 

Error: (08/25/2011 04:13:38 PM) (Source: Microsoft Office 12 Sessions)(User: )

Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 0 seconds with 0 seconds of active time.  This session ended with a crash.

 

Error: (08/25/2011 04:13:18 PM) (Source: Microsoft Office 12 Sessions)(User: )

Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 8 seconds with 0 seconds of active time.  This session ended with a crash.

 

 

==================== Memory info =========================== 

 

Percentage of memory in use: 74%

Total physical RAM: 3764.5 MB

Available physical RAM: 944.14 MB

Total Pagefile: 7527.18 MB

Available Pagefile: 4250.83 MB

Total Virtual: 8192 MB

Available Virtual: 8191.81 MB

 

==================== Drives ================================

 

Drive c: (ACER) (Fixed) (Total:285.3 GB) (Free:54.92 GB) NTFS

Drive e: (Lightroom instal) (CDROM) (Total:0.76 GB) (Free:0 GB) CDFS

Drive g: (Pig Destroyer) (Fixed) (Total:465.76 GB) (Free:82.68 GB) NTFS

 

==================== MBR & Partition Table ==================

 

========================================================

Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298 GB) (Disk ID: 107C107C)

Partition 1: (Not Active) - (Size=13 GB) - (Type=27)

Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)

Partition 3: (Not Active) - (Size=285 GB) - (Type=07 NTFS)

 

========================================================

Disk: 1 (Size: 466 GB) (Disk ID: A4B57300)

Partition 1: (Not Active) - (Size=466 GB) - (Type=07 NTFS)

 

==================== End Of Log ============================

Share this post


Link to post
Share on other sites

Please uninstall ALL versions of Java from the Control Panel

 

Please download the attached fixlist.txt file and save it to the Desktop.
NOTE. It's important that both files, FRST or FRST64 and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on this particular machine. Running this on another machine may cause damage to your operating system.

Run FRST or FRST64 and press the Fix button just once and wait.
If the tool needs a restart please make sure you let the system restart normally and let the tool complete its run after restart.
The tool will make a log on the Desktop (Fixlog.txt). Please attach or post it to your next reply.

Note: If the tool warned you about an outdated version please download and run the updated version.
 

fixlist.txt

Share this post


Link to post
Share on other sites
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 02-10-2013

Ran by FreshOats at 2013-10-04 11:23:20 Run:1

Running from C:\Users\Justin\Desktop

Boot Mode: Normal

==============================================

 

Content of fixlist:

*****************

MountPoints2: H - H:\HTC_Sync_Manager_PC.exe

MountPoints2: {371182d0-98cc-11e2-af2b-00262d72f8e4} - E:\HTC_Sync_Manager_PC.exe

MountPoints2: {371183a8-98cc-11e2-af2b-00262d72f8e4} - E:\HTC_Sync_Manager_PC.exe

MountPoints2: {8a621e2d-6837-11e2-a384-00262d72f8e4} - E:\HTC_Sync_Manager_PC.exe

MountPoints2: {c4ad687d-9ee7-11e2-9bc7-42883c5f1aff} - E:\HTC_Sync_Manager_PC.exe

HKLM-x32\...\Run: [] - [x]

HKLM-x32\...\Run: [sunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer...58z135t4871d712

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/

BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File

BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

Toolbar: HKCU -  No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File

FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

C:\Users\Justin\ij147-jdk6-64bit-setup.exe

C:\Users\Justin\AppData\Local\Temp\AMPing.exe

C:\Users\Justin\AppData\Local\Temp\AskSLib.dll

C:\Users\Justin\AppData\Local\Temp\dxwebsetup.exe

C:\Users\Justin\AppData\Local\Temp\gtalkwmp1.dll

C:\Users\Justin\AppData\Local\Temp\InstallManager_BAB_BAB.exe

C:\Users\Justin\AppData\Local\Temp\iTunesPluginWinSetup_3.0.4.0.exe

C:\Users\Justin\AppData\Local\Temp\jre-6u29-windows-i586-iftw-rv.exe

C:\Users\Justin\AppData\Local\Temp\jre-6u31-windows-i586-iftw-rv.exe

C:\Users\Justin\AppData\Local\Temp\jre-7u11-windows-i586-iftw.exe

C:\Users\Justin\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exe

C:\Users\Justin\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe

C:\Users\Justin\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe

C:\Users\Justin\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe

C:\Users\Justin\AppData\Local\Temp\jre-7u7-windows-i586-iftw.exe

C:\Users\Justin\AppData\Local\Temp\jre-7u9-windows-i586-iftw.exe

C:\Users\Justin\AppData\Local\Temp\Last.fm-2.1.30.exe

C:\Users\Justin\AppData\Local\Temp\MouseKeyboardCenterx64_1033.exe

C:\Users\Justin\AppData\Local\Temp\MSETUP4.EXE

C:\Users\Justin\AppData\Local\Temp\mssinstaller.exe

C:\Users\Justin\AppData\Local\Temp\ntdll_dump.dll

C:\Users\Justin\AppData\Local\Temp\primosdk.DLL

C:\Users\Justin\AppData\Local\Temp\px.dll

C:\Users\Justin\AppData\Local\Temp\pxafs.dll

C:\Users\Justin\AppData\Local\Temp\PxCpyA64.exe

C:\Users\Justin\AppData\Local\Temp\PxCpyI64.exe

C:\Users\Justin\AppData\Local\Temp\pxdrv.dll

C:\Users\Justin\AppData\Local\Temp\pxhpinst.exe

C:\Users\Justin\AppData\Local\Temp\PxInsA64.exe

C:\Users\Justin\AppData\Local\Temp\PxInsI64.exe

C:\Users\Justin\AppData\Local\Temp\pxmas.dll

C:\Users\Justin\AppData\Local\Temp\pxsetup.exe

C:\Users\Justin\AppData\Local\Temp\pxsfs.dll

C:\Users\Justin\AppData\Local\Temp\pxwave.dll

C:\Users\Justin\AppData\Local\Temp\Quarantine.exe

C:\Users\Justin\AppData\Local\Temp\RDVAlert.exe

C:\Users\Justin\AppData\Local\Temp\SearchWithGoogleUpdate.exe

C:\Users\Justin\AppData\Local\Temp\Shortcut.exe

C:\Users\Justin\AppData\Local\Temp\SkypeSetup.exe

C:\Users\Justin\AppData\Local\Temp\tbSwee.dll

C:\Users\Justin\AppData\Local\Temp\tmp2349.exe

C:\Users\Justin\AppData\Local\Temp\tmp777B.exe

C:\Users\Justin\AppData\Local\Temp\tmpAC7D.exe

C:\Users\Justin\AppData\Local\Temp\Uninstaller-40864.exe

C:\Users\Justin\AppData\Local\Temp\US_en_Avery_AW40.exe

C:\Users\Justin\AppData\Local\Temp\vcredist_x86.exe

C:\Users\Justin\AppData\Local\Temp\vxblock.dll

Task: {2276EB6F-0783-472D-B238-2C95AF562204} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)

Task: {360A5A64-B8D4-442A-9CF5-4E77E54580FA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-08-16] (Google Inc.)

Task: {9149BA98-C6B1-4FC8-B1DD-886303895598} - \Scheduled Update for Ask Toolbar No Task File

Task: {95E069FA-39BC-4405-BE5D-1E331AB7698D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-350978928-1145991243-2579747793-1001Core => C:\Users\Justin\AppData\Local\Google\Update\GoogleUpdate.exe [2010-01-21] (Google Inc.)

Task: {D5E5606D-21A4-46C8-B842-C00FC1A086AF} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-350978928-1145991243-2579747793-1001UA => C:\Users\Justin\AppData\Local\Google\Update\GoogleUpdate.exe [2010-01-21] (Google Inc.)

Task: {EA6BFF5A-D1A3-4C7E-9072-9E0B2EE6A686} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-08-16] (Google Inc.)

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-350978928-1145991243-2579747793-1001Core.job => C:\Users\Justin\AppData\Local\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-350978928-1145991243-2579747793-1001UA.job => C:\Users\Justin\AppData\Local\Google\Update\GoogleUpdate.exe

 

*****************

 

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\H => Key deleted successfully.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{371182d0-98cc-11e2-af2b-00262d72f8e4} => Key deleted successfully.

HKCR\CLSID\{371182d0-98cc-11e2-af2b-00262d72f8e4} => Key not found.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{371183a8-98cc-11e2-af2b-00262d72f8e4} => Key deleted successfully.

HKCR\CLSID\{371183a8-98cc-11e2-af2b-00262d72f8e4} => Key not found.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8a621e2d-6837-11e2-a384-00262d72f8e4} => Key deleted successfully.

HKCR\CLSID\{8a621e2d-6837-11e2-a384-00262d72f8e4} => Key not found.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c4ad687d-9ee7-11e2-9bc7-42883c5f1aff} => Key deleted successfully.

HKCR\CLSID\{c4ad687d-9ee7-11e2-9bc7-42883c5f1aff} => Key not found.

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => Value deleted successfully.

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value not found.

HKCU\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.

HKCU\Software\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.

HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache => Value deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => Key not found.

HKCR\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9} => Key not found.

HKCR\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} => Key deleted successfully.

HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB} => Key deleted successfully.

HKCR\Wow6432Node\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB} => Key not found.

HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => Key not found.

HKCR\Wow6432Node\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => Key deleted successfully.

HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9} => Key not found.

HKCR\Wow6432Node\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} => Key deleted successfully.

HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{47833539-D0C5-4125-9FA8-0819E2EAAC93} => Value deleted successfully.

HKCR\CLSID\{47833539-D0C5-4125-9FA8-0819E2EAAC93} => Key not found.

HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2 => Key deleted successfully.

C:\Windows\system32\npDeployJava1.dll => Moved successfully.

HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2 => Key not found.

"C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll" => not found.

C:\Users\Justin\ij147-jdk6-64bit-setup.exe => Moved successfully.

C:\Users\Justin\AppData\Local\Temp\AMPing.exe => Moved successfully.

C:\Users\Justin\AppData\Local\Temp\AskSLib.dll => Moved successfully.

C:\Users\Justin\AppData\Local\Temp\dxwebsetup.exe => Moved successfully.

C:\Users\Justin\AppData\Local\Temp\gtalkwmp1.dll => Moved successfully.

C:\Users\Justin\AppData\Local\Temp\InstallManager_BAB_BAB.exe => Moved successfully.

C:\Users\Justin\AppData\Local\Temp\iTunesPluginWinSetup_3.0.4.0.exe => Moved successfully.

C:\Users\Justin\AppData\Local\Temp\jre-6u29-windows-i586-iftw-rv.exe => Moved successfully.

C:\Users\Justin\AppData\Local\Temp\jre-6u31-windows-i586-iftw-rv.exe => Moved successfully.

C:\Users\Justin\AppData\Local\Temp\jre-7u11-windows-i586-iftw.exe => Moved successfully.

C:\Users\Justin\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exe => Moved successfully.

C:\Users\Justin\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe => Moved successfully.

C:\Users\Justin\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe => Moved successfully.

C:\Users\Justin\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe => Moved successfully.

C:\Users\Justin\AppData\Local\Temp\jre-7u7-windows-i586-iftw.exe => Moved successfully.

C:\Users\Justin\AppData\Local\Temp\jre-7u9-windows-i586-iftw.exe => Moved successfully.

C:\Users\Justin\AppData\Local\Temp\Last.fm-2.1.30.exe => Moved successfully.

C:\Users\Justin\AppData\Local\Temp\MouseKeyboardCenterx64_1033.exe => Moved successfully.

C:\Users\Justin\AppData\Local\Temp\MSETUP4.EXE => Moved successfully.

C:\Users\Justin\AppData\Local\Temp\mssinstaller.exe => Moved successfully.

C:\Users\Justin\AppData\Local\Temp\ntdll_dump.dll => Moved successfully.

C:\Users\Justin\AppData\Local\Temp\primosdk.DLL => Moved successfully.

C:\Users\Justin\AppData\Local\Temp\px.dll => Moved successfully.

C:\Users\Justin\AppData\Local\Temp\pxafs.dll => Moved successfully.

C:\Users\Justin\AppData\Local\Temp\PxCpyA64.exe => Moved successfully.

C:\Users\Justin\AppData\Local\Temp\PxCpyI64.exe => Moved successfully.

C:\Users\Justin\AppData\Local\Temp\pxdrv.dll => Moved successfully.

C:\Users\Justin\AppData\Local\Temp\pxhpinst.exe => Moved successfully.

C:\Users\Justin\AppData\Local\Temp\PxInsA64.exe => Moved successfully.

C:\Users\Justin\AppData\Local\Temp\PxInsI64.exe => Moved successfully.

C:\Users\Justin\AppData\Local\Temp\pxmas.dll => Moved successfully.

C:\Users\Justin\AppData\Local\Temp\pxsetup.exe => Moved successfully.

C:\Users\Justin\AppData\Local\Temp\pxsfs.dll => Moved successfully.

C:\Users\Justin\AppData\Local\Temp\pxwave.dll => Moved successfully.

"C:\Users\Justin\AppData\Local\Temp\Quarantine.exe" => File/Directory not found.

C:\Users\Justin\AppData\Local\Temp\RDVAlert.exe => Moved successfully.

C:\Users\Justin\AppData\Local\Temp\SearchWithGoogleUpdate.exe => Moved successfully.

C:\Users\Justin\AppData\Local\Temp\Shortcut.exe => Moved successfully.

C:\Users\Justin\AppData\Local\Temp\SkypeSetup.exe => Moved successfully.

C:\Users\Justin\AppData\Local\Temp\tbSwee.dll => Moved successfully.

C:\Users\Justin\AppData\Local\Temp\tmp2349.exe => Moved successfully.

C:\Users\Justin\AppData\Local\Temp\tmp777B.exe => Moved successfully.

C:\Users\Justin\AppData\Local\Temp\tmpAC7D.exe => Moved successfully.

C:\Users\Justin\AppData\Local\Temp\Uninstaller-40864.exe => Moved successfully.

C:\Users\Justin\AppData\Local\Temp\US_en_Avery_AW40.exe => Moved successfully.

C:\Users\Justin\AppData\Local\Temp\vcredist_x86.exe => Moved successfully.

C:\Users\Justin\AppData\Local\Temp\vxblock.dll => Moved successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2276EB6F-0783-472D-B238-2C95AF562204} => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2276EB6F-0783-472D-B238-2C95AF562204} => Key deleted successfully.

C:\Windows\System32\Tasks\Apple\AppleSoftwareUpdate => Moved successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Apple\AppleSoftwareUpdate => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{360A5A64-B8D4-442A-9CF5-4E77E54580FA} => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{360A5A64-B8D4-442A-9CF5-4E77E54580FA} => Key deleted successfully.

C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => Moved successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9149BA98-C6B1-4FC8-B1DD-886303895598} => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9149BA98-C6B1-4FC8-B1DD-886303895598} => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Scheduled Update for Ask Toolbar => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{95E069FA-39BC-4405-BE5D-1E331AB7698D} => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{95E069FA-39BC-4405-BE5D-1E331AB7698D} => Key deleted successfully.

C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-350978928-1145991243-2579747793-1001Core => Moved successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskUserS-1-5-21-350978928-1145991243-2579747793-1001Core => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D5E5606D-21A4-46C8-B842-C00FC1A086AF} => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D5E5606D-21A4-46C8-B842-C00FC1A086AF} => Key deleted successfully.

C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-350978928-1145991243-2579747793-1001UA => Moved successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskUserS-1-5-21-350978928-1145991243-2579747793-1001UA => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EA6BFF5A-D1A3-4C7E-9072-9E0B2EE6A686} => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EA6BFF5A-D1A3-4C7E-9072-9E0B2EE6A686} => Key deleted successfully.

C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => Moved successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA => Key deleted successfully.

C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.

C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.

C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-350978928-1145991243-2579747793-1001Core.job => Moved successfully.

C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-350978928-1145991243-2579747793-1001UA.job => Moved successfully.

 

==== End of Fixlog ====

Share this post


Link to post
Share on other sites

Restarted the computer.  Haven't seen the "search assist" yet!  Thank you!

Share this post


Link to post
Share on other sites

Great, glad to hear that's gone.  Almost done here.

 

Please Run TFC by OldTimer to clear temporary files:

  • Download TFC from here and save it to your desktop.
  • http://oldtimer.geekstogo.com/TFC.exe
  • Close any open programs and Internet browsers.
  • Double click TFC.exe to run it on XP (for Vista and Windows 7 right click and choose "Run as administrator") and once it opens click on the Start button on the lower left of the program to allow it to begin cleaning.
  • Please be patient as clearing out temp files may take a while.
  • Once it completes you may be prompted to restart your computer, please do so.
  • Once it's finished you may delete TFC.exe from your desktop or save it for later use for the cleaning of temporary files.

 

When that's done please restart the computer and then run the following.  Please don't attach the file just copy/paste the results here.

 

Please download Security Check from here or here.

  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.


 

Share this post


Link to post
Share on other sites
 Results of screen317's Security Check version 0.99.74  

 Windows 7 Service Pack 1 x64 (UAC is enabled)  

 Internet Explorer 10  

``````````````Antivirus/Firewall Check:`````````````` 

 Windows Security Center service is not running! This report may not be accurate! 

 Windows Firewall Enabled!  

avast! Antivirus   

 Antivirus up to date!   

`````````Anti-malware/Other Utilities Check:````````` 

 Malwarebytes Anti-Malware version 1.75.0.1300  

 Adobe Flash Player 11.8.800.168  

 Adobe Reader XI  

 Mozilla Firefox 20.0.1 Firefox out of Date!  

 Google Chrome 25.0.1364.172  

 Google Chrome 26.0.1410.43  

````````Process Check: objlist.exe by Laurent````````  

 Alwil Software Avast5 AvastSvc.exe  

 Alwil Software Avast5 AvastUI.exe  

`````````````````System Health check````````````````` 

 Total Fragmentation on Drive C: 2% 

````````````````````End of Log`````````````````````` 

Share this post


Link to post
Share on other sites

Please update your Firefox.  Though some users find it annoying I would recommend enabling your User Account Control which adds a little more protection to the system.

 

How is the computer running now?

 

Are there still any signs of an infection?

Share this post


Link to post
Share on other sites

Please download the correct version of SystemLook for your computer and save it to your desktop.

You can check here if you're not sure if your computer is 32-bit or 64-bit

SystemLook 32-bit x86 | or | SystemLook 64-bit x64

  • If using Windows XP just double click on SystemLook.exe to run it.
  • For all other versions of Windows, right click over SystemLook.exe or SystemLook_x64.exe and choose Run as administrator to run it
  • Copy the contents of the following code box into the main text field - including the colon characters.

    :filefind*SearchAssist*:folderfind*SearchAssist*:regfindSearchAssist
  • Click the Look button to start the scan
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
  • Note: The log can also be found on your Desktop named SystemLook.txt

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

  • Recently Browsing   0 members

    No registered users viewing this page.