Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 19-01-2015
Ran by Miriam Moody (administrator) on MIRIAM on 19-01-2015 15:44:06
Running from C:\Documents and Settings\Miriam Moody\Desktop
Loaded Profiles: Miriam Moody (Available profiles: Miriam Moody & Administrator)
Platform: Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: English (United States)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Dritek System Inc.) C:\Program Files\Launch Manager\dsiwmis.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
(Acer Incorporated) C:\Program Files\Acer\Acer VCM\RS_Service.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
(Acer Group) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Intel Corporation) C:\WINDOWS\system32\igfxtray.exe
(Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
(Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe
(Sonix Technology Co., Ltd.) C:\WINDOWS\PLFSetL.exe
() C:\WINDOWS\snuvcdsm.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE
(Hewlett-Packard) C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Google Inc.) C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
(Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Farbar) C:\Documents and Settings\Miriam Moody\Desktop\FRST (1).exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AzMixerSel] => C:\Program Files\Realtek\Audio\Drivers\AzMixerSel.exe [59936 2009-12-11] (Realtek Semiconductor Corp.)
HKLM\...\Run: [IMJPMIG8.1] => C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [208952 2008-04-14] (Microsoft Corporation)
HKLM\...\Run: [MSPY2002] => C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [59392 2008-04-14] ()
HKLM\...\Run: [PHIME2002ASync] => C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [455168 2008-04-14] (Microsoft Corporation)
HKLM\...\Run: [PHIME2002A] => C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [455168 2008-04-14] (Microsoft Corporation)
HKLM\...\Run: [PLFSetL] => C:\WINDOWS\PLFSetL.exe [99712 2010-02-12] (Sonix Technology Co., Ltd.)
HKLM\...\Run: [snp2uvc] => rundll32.exe C:\WINDOWS\system32\csnp2uvc.dll,ResetCIDS
HKLM\...\Run: [snuvcdsm] => C:\WINDOWS\snuvcdsm.exe [30080 2010-02-12] ()
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1692968 2010-02-05] (Synaptics Incorporated)
HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [19521056 2010-03-12] (Realtek Semiconductor Corp.)
HKLM\...\Run: [hpqSRMon] => C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM\...\Run: [HP Software Update] => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-16] (AVAST Software)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2014-05-08] (Adobe Systems Incorporated)
HKU\S-1-5-21-2587936551-156640315-1538417202-1006\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-07-22] (Google Inc.)
HKU\S-1-5-21-2587936551-156640315-1538417202-1006\...\Run: [FileHippo.com] => C:\Program Files\FileHippo.com\UpdateChecker.exe [307712 2012-11-23] (FileHippo.com)
Startup: C:\Documents and Settings\Miriam Moody\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-2587936551-156640315-1538417202-1006\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "www.google.com" <======= ATTENTION
SearchScopes: HKLM -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\S-1-5-21-2587936551-156640315-1538417202-1006 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
http://www.bing.com/search
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Windows Live Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)
BHO: SingleInstance Class -> {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} -> C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
BHO: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKU\S-1-5-21-2587936551-156640315-1538417202-1006 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Acer\Acer VCM\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 192.168.0.1
FireFox:
========
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2014-05-20]
FF HKLM\...\Firefox\Extensions: [
[email protected]] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKLM\...\Firefox\Extensions: [
[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-11-28]
FF HKU\S-1-5-21-2587936551-156640315-1538417202-1006\...\Firefox\Extensions: [
[email protected]] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
Chrome:
=======
CHR HomePage: Default ->
CHR StartupUrls: Default -> "hxxp://Vosteran.com/?f=7&a=vst_ggfc_15_02_ie&cd=2XzuyEtN2Y1L1QzutC0CyByDtDzztD0EtB0C0FzzyDtCtDtBtN0D0Tzu0StCtCtDtAtN1L2XzutAtFyCtFtCyCtFyCtN1L1CzutCyEtBzytDyD1V1ByEtN1L1G1B1V1N2Y1L1Qzu2SyC0C0FyCtDtB0F0CtG0F0CzzzztGyCzytD0AtG0ByBzz0AtGyDyC0FyC0FtCtAtByDzyzy0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0B0EyC0DtB0E0EtAtGtD0E0EyDtGyE0A0DtDtG0AyEtC0DtG0D0EtB0Azy0EzztAtAtC0EtC2Q&cr=1296023313&ir="
CHR Profile: C:\Documents and Settings\Miriam Moody\Local Settings\Application Data\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Documents and Settings\Miriam Moody\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-10]
CHR Extension: (Google Drive) - C:\Documents and Settings\Miriam Moody\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-10]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Documents and Settings\Miriam Moody\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-06-05]
CHR Extension: (YouTube) - C:\Documents and Settings\Miriam Moody\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-10]
CHR Extension: (Google Search) - C:\Documents and Settings\Miriam Moody\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-10]
CHR Extension: (Avast Online Security) - C:\Documents and Settings\Miriam Moody\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-01-10]
CHR Extension: (Google Wallet) - C:\Documents and Settings\Miriam Moody\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-10]
CHR Extension: (Gmail) - C:\Documents and Settings\Miriam Moody\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-10]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-01-08]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S4 Alerter; C:\WINDOWS\system32\alrsvc.dll [17408 2008-04-14] (Microsoft Corporation) [File not signed]
R3 ALG; C:\WINDOWS\System32\alg.exe [44544 2008-04-14] (Microsoft Corporation) [File not signed]
R2 AudioSrv; C:\WINDOWS\System32\audiosrv.dll [42496 2008-04-14] (Microsoft Corporation) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2015-01-08] (AVAST Software)
R2 BITS; C:\WINDOWS\system32\qmgr.dll [409088 2008-04-14] (Microsoft Corporation) [File not signed]
R2 Browser; C:\WINDOWS\System32\browser.dll [78336 2012-07-06] (Microsoft Corporation) [File not signed]
S3 CiSvc; C:\WINDOWS\system32\cisvc.exe [5632 2008-04-14] (Microsoft Corporation) [File not signed]
S4 ClipSrv; C:\WINDOWS\system32\clipsrv.exe [33280 2008-04-14] (Microsoft Corporation) [File not signed]
R2 CryptSvc; C:\WINDOWS\System32\cryptsvc.dll [62464 2008-04-14] (Microsoft Corporation) [File not signed]
R2 DcomLaunch; C:\WINDOWS\system32\rpcss.dll [401408 2009-02-09] (Microsoft Corporation) [File not signed]
R2 Dhcp; C:\WINDOWS\System32\dhcpcsvc.dll [126976 2008-04-14] (Microsoft Corporation) [File not signed]
S3 dmadmin; C:\WINDOWS\System32\dmadmin.exe [224768 2008-04-14] (Microsoft Corp., Veritas Software) [File not signed]
R2 dmserver; C:\WINDOWS\System32\dmserver.dll [23552 2008-04-14] (Microsoft Corp.) [File not signed]
R2 Dnscache; C:\WINDOWS\System32\dnsrslvr.dll [45568 2009-04-20] (Microsoft Corporation) [File not signed]
S3 Dot3svc; C:\WINDOWS\System32\dot3svc.dll [132096 2008-04-14] (Microsoft Corporation) [File not signed]
S3 EapHost; C:\WINDOWS\System32\eapsvc.dll [33792 2008-04-14] (Microsoft Corporation) [File not signed]
R2 ERSvc; C:\WINDOWS\System32\ersvc.dll [23040 2008-04-14] (Microsoft Corporation) [File not signed]
R2 Eventlog; C:\WINDOWS\system32\services.exe [110592 2009-02-06] (Microsoft Corporation) [File not signed]
R3 EventSystem; C:\WINDOWS\system32\es.dll [253952 2008-07-07] (Microsoft Corporation) [File not signed]
S3 ExpressInvoiceService; C:\Program Files\NCH Software\ExpressInvoice\expressinvoice.exe [1987588 2013-11-01] (NCH Software) [File not signed]
R3 FastUserSwitchingCompatibility; C:\WINDOWS\System32\shsvcs.dll [135168 2009-07-27] (Microsoft Corporation) [File not signed]
S4 Fax; C:\WINDOWS\system32\fxssvc.exe [267776 2008-04-14] (Microsoft Corporation) [File not signed]
S3 GameConsoleService; C:\Program Files\Acer Games\Acer Game Console\GameConsoleService.exe [246520 2010-04-03] (WildTangent, Inc.)
R2 helpsvc; C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll [38400 2008-04-14] (Microsoft Corporation) [File not signed]
S4 HidServ; C:\WINDOWS\System32\hidserv.dll [21504 2008-04-14] (Microsoft Corporation) [File not signed]
S3 hkmsvc; C:\WINDOWS\System32\kmsvc.dll [61440 2008-04-14] (Microsoft Corporation) [File not signed]
R3 HTTPFilter; C:\WINDOWS\System32\w3ssl.dll [15872 2008-04-14] (Microsoft Corporation) [File not signed]
S3 ImapiService; C:\WINDOWS\system32\imapi.exe [150528 2008-04-14] (Microsoft Corporation) [File not signed]
R2 LanmanServer; C:\WINDOWS\System32\srvsvc.dll [99840 2010-08-27] (Microsoft Corporation) [File not signed]
R2 lanmanworkstation; C:\WINDOWS\System32\wkssvc.dll [132096 2009-06-10] (Microsoft Corporation) [File not signed]
R2 LmHosts; C:\WINDOWS\System32\lmhsvc.dll [13824 2008-04-14] (Microsoft Corporation) [File not signed]
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
S4 Messenger; C:\WINDOWS\System32\msgsvc.dll [33792 2008-04-14] (Microsoft Corporation) [File not signed]
S3 mnmsrvc; C:\WINDOWS\system32\mnmsrvc.exe [32768 2008-04-14] (Microsoft Corporation) [File not signed]
S3 MSDTC; C:\WINDOWS\system32\msdtc.exe [6144 2008-04-14] (Microsoft Corporation) [File not signed]
S3 MSIServer; C:\WINDOWS\System32\msiexec.exe [95744 2008-05-19] (Microsoft Corporation) [File not signed]
S3 MWLService; C:\Program Files\EgisTec MyWinLocker\x86\MWLService.exe [305520 2010-05-26] (Egis Technology Inc.)
S3 napagent; C:\WINDOWS\System32\qagentrt.dll [291328 2008-04-14] (Microsoft Corporation) [File not signed]
S2 Net Driver HPZ12; C:\WINDOWS\system32\HPZinw12.dll [44032 2010-08-06] (Hewlett-Packard) [File not signed]
S4 NetDDE; C:\WINDOWS\system32\netdde.exe [111104 2008-04-14] (Microsoft Corporation) [File not signed]
S4 NetDDEdsdm; C:\WINDOWS\system32\netdde.exe [111104 2008-04-14] (Microsoft Corporation) [File not signed]
S3 Netlogon; C:\WINDOWS\system32\lsass.exe [13312 2008-04-14] (Microsoft Corporation) [File not signed]
R3 Netman; C:\WINDOWS\System32\netman.dll [198144 2008-04-14] (Microsoft Corporation) [File not signed]
R3 Nla; C:\WINDOWS\System32\mswsock.dll [245248 2008-06-20] (Microsoft Corporation) [File not signed]
S3 NtLmSsp; C:\WINDOWS\system32\lsass.exe [13312 2008-04-14] (Microsoft Corporation) [File not signed]
S3 NtmsSvc; C:\WINDOWS\system32\ntmssvc.dll [435200 2008-04-14] (Microsoft Corporation) [File not signed]
R2 PlugPlay; C:\WINDOWS\system32\services.exe [110592 2009-02-06] (Microsoft Corporation) [File not signed]
S2 Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.dll [53760 2010-08-06] (Hewlett-Packard) [File not signed]
R2 PolicyAgent; C:\WINDOWS\system32\lsass.exe [13312 2008-04-14] (Microsoft Corporation) [File not signed]
R2 ProtectedStorage; C:\WINDOWS\system32\lsass.exe [13312 2008-04-14] (Microsoft Corporation) [File not signed]
S3 RasAuto; C:\WINDOWS\System32\rasauto.dll [88576 2008-04-14] (Microsoft Corporation) [File not signed]
R3 RasMan; C:\WINDOWS\System32\rasmans.dll [186368 2008-04-14] (Microsoft Corporation) [File not signed]
S3 RDSessMgr; C:\WINDOWS\system32\sessmgr.exe [141312 2008-04-14] (Microsoft Corporation) [File not signed]
S4 RemoteAccess; C:\WINDOWS\System32\mprdim.dll [53248 2008-04-14] (Microsoft Corporation) [File not signed]
S3 RpcLocator; C:\WINDOWS\system32\locator.exe [75264 2008-04-14] (Microsoft Corporation) [File not signed]
R2 RpcSs; C:\WINDOWS\system32\rpcss.dll [401408 2009-02-09] (Microsoft Corporation) [File not signed]
S3 RSVP; C:\WINDOWS\system32\rsvp.exe [132608 2008-04-14] (Microsoft Corporation) [File not signed]
R2 RS_Service; C:\Program Files\Acer\Acer VCM\RS_Service.exe [260640 2010-01-29] (Acer Incorporated)
R2 SamSs; C:\WINDOWS\system32\lsass.exe [13312 2008-04-14] (Microsoft Corporation) [File not signed]
S3 SCardSvr; C:\WINDOWS\System32\SCardSvr.exe [95744 2008-04-14] (Microsoft Corporation) [File not signed]
R2 Schedule; C:\WINDOWS\system32\schedsvc.dll [192512 2008-04-14] (Microsoft Corporation) [File not signed]
R2 seclogon; C:\WINDOWS\System32\seclogon.dll [18944 2008-04-14] (Microsoft Corporation) [File not signed]
R2 SENS; C:\WINDOWS\system32\sens.dll [39424 2008-04-14] (Microsoft Corporation) [File not signed]
R2 SharedAccess; C:\WINDOWS\System32\ipnathlp.dll [331264 2008-04-14] (Microsoft Corporation) [File not signed]
R2 ShellHWDetection; C:\WINDOWS\System32\shsvcs.dll [135168 2009-07-27] (Microsoft Corporation) [File not signed]
R2 Spooler; C:\WINDOWS\system32\spoolsv.exe [58880 2010-08-17] (Microsoft Corporation) [File not signed]
R2 srservice; C:\WINDOWS\system32\srsvc.dll [171008 2008-04-14] (Microsoft Corporation) [File not signed]
R3 SSDPSRV; C:\WINDOWS\System32\ssdpsrv.dll [71680 2008-04-14] (Microsoft Corporation) [File not signed]
R2 stisvc; C:\WINDOWS\system32\wiaservc.dll [333824 2008-04-14] (Microsoft Corporation) [File not signed]
S3 SysmonLog; C:\WINDOWS\system32\smlogsvc.exe [89600 2008-04-14] (Microsoft Corporation) [File not signed]
R3 TapiSrv; C:\WINDOWS\System32\tapisrv.dll [249856 2008-04-14] (Microsoft Corporation) [File not signed]
R2 TermService; C:\WINDOWS\System32\termsrv.dll [295424 2008-04-14] (Microsoft Corporation) [File not signed]
R2 Themes; C:\WINDOWS\System32\shsvcs.dll [135168 2009-07-27] (Microsoft Corporation) [File not signed]
R2 TrkWks; C:\WINDOWS\system32\trkwks.dll [90112 2008-04-14] (Microsoft Corporation) [File not signed]
R2 Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [243232 2010-01-28] (Acer Group)
S3 upnphost; C:\WINDOWS\System32\upnphost.dll [185856 2008-04-14] (Microsoft Corporation) [File not signed]
S3 UPS; C:\WINDOWS\System32\ups.exe [18432 2008-04-14] (Microsoft Corporation) [File not signed]
S3 VSS; C:\WINDOWS\System32\vssvc.exe [289792 2008-04-14] (Microsoft Corporation) [File not signed]
R2 W32Time; C:\WINDOWS\system32\w32time.dll [175104 2008-04-14] (Microsoft Corporation) [File not signed]
R2 WebClient; C:\WINDOWS\System32\webclnt.dll [68096 2008-04-14] (Microsoft Corporation) [File not signed]
R2 winmgmt; C:\WINDOWS\system32\wbem\WMIsvc.dll [144896 2008-04-14] (Microsoft Corporation) [File not signed]
S3 WmdmPmSN; C:\WINDOWS\system32\MsPMSNSv.dll [27136 2006-10-18] (Microsoft Corporation) [File not signed]
S3 WmiApSrv; C:\WINDOWS\system32\wbem\wmiapsrv.exe [126464 2008-04-14] (Microsoft Corporation) [File not signed]
S3 WMPNetworkSvc; C:\Program Files\Windows Media Player\WMPNetwk.exe [913408 2006-10-18] (Microsoft Corporation) [File not signed]
R2 wscsvc; C:\WINDOWS\system32\wscsvc.dll [80896 2008-04-14] (Microsoft Corporation) [File not signed]
R2 wuauserv; C:\WINDOWS\system32\wuauserv.dll [6656 2008-04-14] (Microsoft Corporation) [File not signed]
S3 WudfSvc; C:\WINDOWS\System32\WUDFSvc.dll [55808 2006-09-28] (Microsoft Corporation) [File not signed]
R2 WZCSVC; C:\WINDOWS\System32\wzcsvc.dll [483840 2008-04-14] (Microsoft Corporation) [File not signed]
S3 xmlprov; C:\WINDOWS\System32\xmlprov.dll [129024 2008-04-14] (Microsoft Corporation) [File not signed]
S3 SwPrv; C:\WINDOWS\system32\dllhost.exe /Processid:{8CBDB1CB-3057-4390-AD45-710130AF6BCE}
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S4 abp480n5; C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS [23552 2008-04-14] (Microsoft Corporation) [File not signed]
R0 ACPI; C:\WINDOWS\System32\DRIVERS\ACPI.sys [187776 2008-04-14] (Microsoft Corporation) [File not signed]
R0 ACPIEC; C:\WINDOWS\System32\DRIVERS\ACPIEC.sys [11648 2008-04-14] (Microsoft Corporation) [File not signed]
S4 adpu160m; C:\WINDOWS\system32\DRIVERS\adpu160m.sys [101888 2008-04-14] (Microsoft Corporation) [File not signed]
S3 aec; C:\WINDOWS\System32\drivers\aec.sys [142592 2008-04-14] (Microsoft Corporation) [File not signed]
R1 AFD; C:\WINDOWS\System32\drivers\afd.sys [138496 2011-08-17] (Microsoft Corporation) [File not signed]
S4 agp440; C:\WINDOWS\system32\DRIVERS\agp440.sys [42368 2008-04-14] (Microsoft Corporation) [File not signed]
S4 agpCPQ; C:\WINDOWS\system32\DRIVERS\agpCPQ.sys [44928 2008-04-14] (Microsoft Corporation) [File not signed]
S4 Aha154x; C:\WINDOWS\system32\DRIVERS\aha154x.sys [12800 2008-04-14] (Microsoft Corporation) [File not signed]
S4 aic78u2; C:\WINDOWS\system32\DRIVERS\aic78u2.sys [55168 2008-04-14] (Microsoft Corporation) [File not signed]
S4 aic78xx; C:\WINDOWS\system32\DRIVERS\aic78xx.sys [56960 2008-04-14] (Microsoft Corporation) [File not signed]
S4 AliIde; C:\WINDOWS\system32\DRIVERS\aliide.sys [5248 2008-04-14] (Acer Laboratories Inc.) [File not signed]
S4 alim1541; C:\WINDOWS\system32\DRIVERS\alim1541.sys [42752 2008-04-14] (Microsoft Corporation) [File not signed]
S3 Ambfilt; C:\WINDOWS\System32\drivers\Ambfilt.sys [1691480 2009-11-17] (Creative)
S4 amdagp; C:\WINDOWS\system32\DRIVERS\amdagp.sys [43008 2008-04-14] (Advanced Micro Devices, Inc.) [File not signed]
S4 amsint; C:\WINDOWS\system32\DRIVERS\amsint.sys [12032 2008-04-14] (Microsoft Corporation) [File not signed]
S4 asc; C:\WINDOWS\system32\DRIVERS\asc.sys [26496 2008-04-14] (Advanced System Products, Inc.) [File not signed]
S4 asc3350p; C:\WINDOWS\system32\DRIVERS\asc3350p.sys [22400 2008-04-14] (Microsoft Corporation) [File not signed]
S4 asc3550; C:\WINDOWS\system32\DRIVERS\asc3550.sys [14848 2008-04-14] (Advanced System Products, Inc.) [File not signed]
R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [24184 2015-01-08] ()
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [70384 2015-01-08] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [55240 2015-01-08] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49944 2015-01-08] ()
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [787800 2015-01-08] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [423784 2015-01-08] (AVAST Software)
R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57928 2015-01-08] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [206248 2015-01-08] ()
S3 AsyncMac; C:\WINDOWS\System32\DRIVERS\asyncmac.sys [14336 2008-04-14] (Microsoft Corporation) [File not signed]
S4 atapi; C:\WINDOWS\system32\DRIVERS\atapi.sys [96512 2008-04-14] (Microsoft Corporation) [File not signed]
S3 Atmarpc; C:\WINDOWS\System32\DRIVERS\atmarpc.sys [59904 2008-04-14] (Microsoft Corporation) [File not signed]
R3 audstub; C:\WINDOWS\System32\DRIVERS\audstub.sys [3072 2001-08-17] (Microsoft Corporation) [File not signed]
R1 Beep; C:\WINDOWS\system32\Drivers\Beep.sys [4224 2008-04-14] (Microsoft Corporation) [File not signed]
S4 cbidf; C:\WINDOWS\system32\DRIVERS\cbidf2k.sys [13952 2008-04-14] (Microsoft Corporation) [File not signed]
S4 cbidf2k; C:\WINDOWS\system32\Drivers\cbidf2k.sys [13952 2008-04-14] (Microsoft Corporation) [File not signed]
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation) [File not signed]
S4 cd20xrnt; C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys [7680 2008-04-14] (Microsoft Corporation) [File not signed]
S1 Cdaudio; C:\WINDOWS\system32\Drivers\Cdaudio.sys [18688 2008-04-14] (Microsoft Corporation) [File not signed]
S4 Cdfs; C:\WINDOWS\system32\Drivers\Cdfs.sys [63744 2008-04-14] (Microsoft Corporation) [File not signed]
S1 Cdrom; C:\WINDOWS\System32\DRIVERS\cdrom.sys [62976 2008-05-02] (Microsoft Corporation) [File not signed]
R3 CmBatt; C:\WINDOWS\System32\DRIVERS\CmBatt.sys [13952 2008-04-13] (Microsoft Corporation) [File not signed]
S4 CmdIde; C:\WINDOWS\system32\DRIVERS\cmdide.sys [6656 2008-04-14] (CMD Technology, Inc.) [File not signed]
R0 Compbatt; C:\WINDOWS\System32\DRIVERS\compbatt.sys [10240 2008-04-13] (Microsoft Corporation) [File not signed]
S4 Cpqarray; C:\WINDOWS\system32\DRIVERS\cpqarray.sys [14976 2008-04-14] (Microsoft Corporation) [File not signed]
S4 dac2w2k; C:\WINDOWS\system32\DRIVERS\dac2w2k.sys [179584 2008-04-14] (Mylex Corporation) [File not signed]
S4 dac960nt; C:\WINDOWS\system32\DRIVERS\dac960nt.sys [14720 2008-04-14] (Microsoft Corporation) [File not signed]
R0 Disk; C:\WINDOWS\System32\DRIVERS\disk.sys [36352 2008-04-14] (Microsoft Corporation) [File not signed]
S4 dmboot; C:\WINDOWS\System32\drivers\dmboot.sys [799744 2008-04-14] (Microsoft Corp., Veritas Software) [File not signed]
S4 dmio; C:\WINDOWS\System32\drivers\dmio.sys [153344 2008-04-14] (Microsoft Corp., Veritas Software) [File not signed]
S4 dmload; C:\WINDOWS\System32\drivers\dmload.sys [5888 2008-04-14] (Microsoft Corp., Veritas Software.) [File not signed]
S3 DMusic; C:\WINDOWS\System32\drivers\DMusic.sys [52864 2008-04-14] (Microsoft Corporation) [File not signed]
S4 dpti2o; C:\WINDOWS\system32\DRIVERS\dpti2o.sys [20192 2008-04-14] (Microsoft Corporation) [File not signed]
S3 drmkaud; C:\WINDOWS\System32\drivers\drmkaud.sys [2944 2008-04-14] (Microsoft Corporation) [File not signed]
S3 EUCR; C:\WINDOWS\System32\DRIVERS\EUCR6SK.SYS [82384 2010-06-17] (ENE Technology Inc.)
S4 Fastfat; C:\WINDOWS\system32\Drivers\Fastfat.sys [143744 2008-04-14] (Microsoft Corporation) [File not signed]
S1 Fdc; C:\WINDOWS\system32\Drivers\Fdc.sys [27392 2008-04-14] (Microsoft Corporation) [File not signed]
R1 Fips; C:\WINDOWS\system32\Drivers\Fips.sys [44544 2008-04-14] (Microsoft Corporation) [File not signed]
S1 Flpydisk; C:\WINDOWS\system32\Drivers\Flpydisk.sys [20480 2008-04-14] (Microsoft Corporation) [File not signed]
R0 FltMgr; C:\WINDOWS\System32\DRIVERS\fltMgr.sys [129792 2008-04-14] (Microsoft Corporation) [File not signed]
U1 Fs_Rec; C:\WINDOWS\system32\Drivers\Fs_Rec.sys [7936 2008-04-14] (Microsoft Corporation) [File not signed]
R0 Ftdisk; C:\WINDOWS\System32\DRIVERS\ftdisk.sys [125056 2008-04-14] (Microsoft Corporation) [File not signed]
R3 Gpc; C:\WINDOWS\System32\DRIVERS\msgpc.sys [35072 2008-04-14] (Microsoft Corporation) [File not signed]
R3 HDAudBus; C:\WINDOWS\System32\DRIVERS\HDAudBus.sys [144384 2008-04-14] (Windows ® Server 2003 DDK provider) [File not signed]
S3 HidUsb; C:\WINDOWS\System32\DRIVERS\hidusb.sys [10368 2008-04-14] (Microsoft Corporation) [File not signed]
S4 hpn; C:\WINDOWS\system32\DRIVERS\hpn.sys [25952 2008-04-14] (Microsoft Corporation) [File not signed]
R3 HTTP; C:\WINDOWS\System32\Drivers\HTTP.sys [265728 2009-10-20] (Microsoft Corporation) [File not signed]
R1 i2omgmt; C:\WINDOWS\system32\Drivers\i2omgmt.sys [8576 2008-04-14] (Microsoft Corporation) [File not signed]
S4 i2omp; C:\WINDOWS\system32\DRIVERS\i2omp.sys [18560 2008-04-14] (Microsoft Corporation) [File not signed]
R1 i8042prt; C:\WINDOWS\System32\DRIVERS\i8042prt.sys [52480 2008-04-14] (Microsoft Corporation) [File not signed]
R3 ialm; C:\WINDOWS\System32\DRIVERS\igxpmp32.sys [1754912 2010-04-25] (Intel Corporation) [File not signed]
S1 Imapi; C:\WINDOWS\System32\DRIVERS\imapi.sys [42112 2008-04-14] (Microsoft Corporation) [File not signed]
S4 ini910u; C:\WINDOWS\system32\DRIVERS\ini910u.sys [16000 2008-04-14] (Microsoft Corporation) [File not signed]
S4 IntelIde; C:\WINDOWS\system32\DRIVERS\intelide.sys [5504 2008-04-14] (Microsoft Corporation) [File not signed]
R1 intelppm; C:\WINDOWS\System32\DRIVERS\intelppm.sys [36352 2008-04-14] (Microsoft Corporation) [File not signed]
S3 Ip6Fw; C:\WINDOWS\System32\DRIVERS\Ip6Fw.sys [36608 2008-04-14] (Microsoft Corporation) [File not signed]
R3 IpFilterDriver; C:\WINDOWS\System32\DRIVERS\ipfltdrv.sys [32896 2008-04-14] (Microsoft Corporation) [File not signed]
S3 IpInIp; C:\WINDOWS\System32\DRIVERS\ipinip.sys [20864 2008-04-14] (Microsoft Corporation) [File not signed]
R3 IpNat; C:\WINDOWS\System32\DRIVERS\ipnat.sys [152832 2008-04-14] (Microsoft Corporation) [File not signed]
R1 IPSec; C:\WINDOWS\System32\DRIVERS\ipsec.sys [75264 2008-04-14] (Microsoft Corporation) [File not signed]
S3 IRENUM; C:\WINDOWS\System32\DRIVERS\irenum.sys [11264 2008-04-14] (Microsoft Corporation) [File not signed]
R0 isapnp; C:\WINDOWS\System32\DRIVERS\isapnp.sys [37248 2008-04-14] (Microsoft Corporation) [File not signed]
R1 Kbdclass; C:\WINDOWS\System32\DRIVERS\kbdclass.sys [24576 2008-04-14] (Microsoft Corporation) [File not signed]
S3 kmixer; C:\WINDOWS\System32\drivers\kmixer.sys [172416 2008-04-14] (Microsoft Corporation) [File not signed]
R0 KSecDD; C:\WINDOWS\system32\Drivers\KSecDD.sys [92928 2009-06-24] (Microsoft Corporation) [File not signed]
R3 L1c; C:\WINDOWS\System32\DRIVERS\l1c51x86.sys [61552 2010-05-19] (Atheros Communications, Inc.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [23256 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [114904 2015-01-19] (Malwarebytes Corporation)
R1 mnmdd; C:\WINDOWS\system32\Drivers\mnmdd.sys [4224 2008-04-14] (Microsoft Corporation) [File not signed]
S3 Modem; C:\WINDOWS\system32\Drivers\Modem.sys [30080 2008-04-14] (Microsoft Corporation) [File not signed]
S3 Monfilt; C:\WINDOWS\System32\drivers\Monfilt.sys [1395800 2009-11-17] (Creative Technology Ltd.)
R1 Mouclass; C:\WINDOWS\System32\DRIVERS\mouclass.sys [23040 2008-04-14] (Microsoft Corporation) [File not signed]
S3 mouhid; C:\WINDOWS\System32\DRIVERS\mouhid.sys [12160 2001-08-17] (Microsoft Corporation) [File not signed]
R0 MountMgr; C:\WINDOWS\system32\Drivers\MountMgr.sys [42368 2008-04-14] (Microsoft Corporation) [File not signed]
S4 mraid35x; C:\WINDOWS\system32\DRIVERS\mraid35x.sys [17280 2008-04-14] (American Megatrends Inc.) [File not signed]
R3 MRxDAV; C:\WINDOWS\System32\DRIVERS\mrxdav.sys [180608 2008-04-14] (Microsoft Corporation) [File not signed]
R1 MRxSmb; C:\WINDOWS\System32\DRIVERS\mrxsmb.sys [456320 2011-07-15] (Microsoft Corporation) [File not signed]
S3 MSKSSRV; C:\WINDOWS\System32\drivers\MSKSSRV.sys [7552 2008-04-13] (Microsoft Corporation) [File not signed]
S3 MSPCLOCK; C:\WINDOWS\System32\drivers\MSPCLOCK.sys [5376 2008-04-13] (Microsoft Corporation) [File not signed]
S3 MSPQM; C:\WINDOWS\System32\drivers\MSPQM.sys [4992 2008-04-13] (Microsoft Corporation) [File not signed]
R3 mssmbios; C:\WINDOWS\System32\DRIVERS\mssmbios.sys [15488 2008-04-14] (Microsoft Corporation) [File not signed]
S3 MSTEE; C:\WINDOWS\System32\drivers\MSTEE.sys [5504 2008-04-14] (Microsoft Corporation) [File not signed]
R0 Mup; C:\WINDOWS\system32\Drivers\Mup.sys [105472 2011-04-21] (Microsoft Corporation) [File not signed]
R1 mwlPSDFilter; C:\WINDOWS\System32\DRIVERS\mwlPSDFilter.sys [17840 2008-12-02] (Egis Incorporated.)
R1 mwlPSDNServ; C:\WINDOWS\System32\DRIVERS\mwlPSDNServ.sys [15280 2008-12-02] (Egis Incorporated.)
R1 mwlPSDVDisk; C:\WINDOWS\System32\DRIVERS\mwlPSDVDisk.sys [58800 2008-12-02] (Egis Incorporated.)
S3 NABTSFEC; C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [85248 2008-04-13] (Microsoft Corporation) [File not signed]
R0 NDIS; C:\WINDOWS\system32\Drivers\NDIS.sys [182656 2008-04-14] (Microsoft Corporation) [File not signed]
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation) [File not signed]
R3 NdisTapi; C:\WINDOWS\System32\DRIVERS\ndistapi.sys [10496 2011-07-08] (Microsoft Corporation) [File not signed]
R3 Ndisuio; C:\WINDOWS\System32\DRIVERS\ndisuio.sys [14592 2008-04-14] (Microsoft Corporation) [File not signed]
R3 NdisWan; C:\WINDOWS\System32\DRIVERS\ndiswan.sys [91520 2008-04-14] (Microsoft Corporation) [File not signed]
R3 NDProxy; C:\WINDOWS\system32\Drivers\NDProxy.sys [40960 2013-11-27] (Microsoft Corporation) [File not signed]
R1 NetBIOS; C:\WINDOWS\System32\DRIVERS\netbios.sys [34688 2008-04-14] (Microsoft Corporation) [File not signed]
R1 NetBT; C:\WINDOWS\System32\DRIVERS\netbt.sys [162816 2008-04-14] (Microsoft Corporation) [File not signed]
R3 NETw5x32; C:\WINDOWS\System32\DRIVERS\NETw5x32.sys [6608512 2010-05-30] (Intel Corporation) [File not signed]
R1 Npfs; C:\WINDOWS\system32\Drivers\Npfs.sys [30848 2008-04-14] (Microsoft Corporation) [File not signed]
R4 Ntfs; C:\WINDOWS\system32\Drivers\Ntfs.sys [574976 2008-04-14] (Microsoft Corporation) [File not signed]
R1 Null; C:\WINDOWS\system32\Drivers\Null.sys [2944 2008-04-14] (Microsoft Corporation) [File not signed]
S3 NwlnkFlt; C:\WINDOWS\System32\DRIVERS\nwlnkflt.sys [12416 2008-04-14] (Microsoft Corporation) [File not signed]
S3 NwlnkFwd; C:\WINDOWS\System32\DRIVERS\nwlnkfwd.sys [32512 2008-04-14] (Microsoft Corporation) [File not signed]
S3 Parport; C:\WINDOWS\system32\Drivers\Parport.sys [80128 2008-04-14] (Microsoft Corporation) [File not signed]
R0 PartMgr; C:\WINDOWS\system32\Drivers\PartMgr.sys [19712 2008-04-14] (Microsoft Corporation) [File not signed]
S2 ParVdm; C:\WINDOWS\system32\Drivers\ParVdm.sys [6784 2008-04-14] (Microsoft Corporation) [File not signed]
R0 PCI; C:\WINDOWS\System32\DRIVERS\pci.sys [68224 2008-04-14] (Microsoft Corporation) [File not signed]
S4 PCIIde; C:\WINDOWS\system32\DRIVERS\pciide.sys [3328 2008-04-14] (Microsoft Corporation) [File not signed]
S4 Pcmcia; C:\WINDOWS\system32\Drivers\Pcmcia.sys [120192 2008-04-14] (Microsoft Corporation) [File not signed]
S4 perc2; C:\WINDOWS\system32\DRIVERS\perc2.sys [27296 2008-04-14] (Microsoft Corporation) [File not signed]
S4 perc2hib; C:\WINDOWS\system32\DRIVERS\perc2hib.sys [5504 2008-04-14] (Microsoft Corporation) [File not signed]
R3 PptpMiniport; C:\WINDOWS\System32\DRIVERS\raspptp.sys [48384 2008-04-14] (Microsoft Corporation) [File not signed]
R3 PSched; C:\WINDOWS\System32\DRIVERS\psched.sys [69120 2008-04-14] (Microsoft Corporation) [File not signed]
R3 Ptilink; C:\WINDOWS\System32\DRIVERS\ptilink.sys [17792 2008-04-14] (Parallel Technologies, Inc.) [File not signed]
S4 ql1080; C:\WINDOWS\system32\DRIVERS\ql1080.sys [40320 2008-04-14] (QLogic Corporation) [File not signed]
S4 Ql10wnt; C:\WINDOWS\system32\DRIVERS\ql10wnt.sys [33152 2008-04-14] (Microsoft Corporation) [File not signed]
S4 ql12160; C:\WINDOWS\system32\DRIVERS\ql12160.sys [45312 2008-04-14] (QLogic Corporation) [File not signed]
S4 ql1240; C:\WINDOWS\system32\DRIVERS\ql1240.sys [40448 2008-04-14] (Microsoft Corporation) [File not signed]
S4 ql1280; C:\WINDOWS\system32\DRIVERS\ql1280.sys [49024 2008-04-14] (QLogic Corporation) [File not signed]
R1 RasAcd; C:\WINDOWS\System32\DRIVERS\rasacd.sys [8832 2008-04-14] (Microsoft Corporation) [File not signed]
R3 Rasl2tp; C:\WINDOWS\System32\DRIVERS\rasl2tp.sys [51328 2008-04-14] (Microsoft Corporation) [File not signed]
R3 RasPppoe; C:\WINDOWS\System32\DRIVERS\raspppoe.sys [41472 2008-04-14] (Microsoft Corporation) [File not signed]
R3 Raspti; C:\WINDOWS\System32\DRIVERS\raspti.sys [16512 2008-04-14] (Microsoft Corporation) [File not signed]
R1 Rdbss; C:\WINDOWS\System32\DRIVERS\rdbss.sys [175744 2008-04-14] (Microsoft Corporation) [File not signed]
R1 RDPCDD; C:\WINDOWS\System32\DRIVERS\RDPCDD.sys [4224 2008-04-14] (Microsoft Corporation) [File not signed]
S3 rdpdr; C:\WINDOWS\System32\DRIVERS\rdpdr.sys [196224 2008-04-14] (Microsoft Corporation) [File not signed]
S1 redbook; C:\WINDOWS\System32\DRIVERS\redbook.sys [57600 2008-04-13] (Microsoft Corporation) [File not signed]
S3 Secdrv; C:\WINDOWS\System32\DRIVERS\secdrv.sys [20480 2008-04-14] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [File not signed]
S2 Serial; C:\WINDOWS\system32\Drivers\Serial.sys [64512 2008-04-14] (Microsoft Corporation) [File not signed]
S4 sisagp; C:\WINDOWS\system32\DRIVERS\sisagp.sys [40960 2008-04-14] (Silicon Integrated Systems Corporation) [File not signed]
S3 SLIP; C:\WINDOWS\System32\DRIVERS\SLIP.sys [11136 2008-04-13] (Microsoft Corporation) [File not signed]
R3 SNP2UVC; C:\WINDOWS\System32\DRIVERS\snp2uvc.sys [1766784 2010-02-12] ()
S4 Sparrow; C:\WINDOWS\system32\DRIVERS\sparrow.sys [19072 2008-04-14] (Adaptec, Inc.) [File not signed]
S3 splitter; C:\WINDOWS\System32\drivers\splitter.sys [6272 2008-04-14] (Microsoft Corporation) [File not signed]
R0 sr; C:\WINDOWS\System32\DRIVERS\sr.sys [73472 2008-04-14] (Microsoft Corporation) [File not signed]
R3 Srv; C:\WINDOWS\System32\DRIVERS\srv.sys [357888 2011-02-17] (Microsoft Corporation) [File not signed]
S3 StillCam; C:\WINDOWS\System32\DRIVERS\serscan.sys [6784 2001-08-17] (Microsoft Corporation) [File not signed]
S3 streamip; C:\WINDOWS\System32\DRIVERS\StreamIP.sys [15232 2008-04-13] (Microsoft Corporation) [File not signed]
R3 swenum; C:\WINDOWS\System32\DRIVERS\swenum.sys [4352 2008-04-14] (Microsoft Corporation) [File not signed]
S3 swmidi; C:\WINDOWS\System32\drivers\swmidi.sys [56576 2008-04-14] (Microsoft Corporation) [File not signed]
S4 symc810; C:\WINDOWS\system32\DRIVERS\symc810.sys [16256 2008-04-14] (Symbios Logic Inc.) [File not signed]
S4 symc8xx; C:\WINDOWS\system32\DRIVERS\symc8xx.sys [32640 2008-04-14] (LSI Logic) [File not signed]
S4 sym_hi; C:\WINDOWS\system32\DRIVERS\sym_hi.sys [28384 2008-04-14] (LSI Logic) [File not signed]
S4 sym_u3; C:\WINDOWS\system32\DRIVERS\sym_u3.sys [30688 2008-04-14] (LSI Logic) [File not signed]
R3 sysaudio; C:\WINDOWS\System32\drivers\sysaudio.sys [60800 2008-04-14] (Microsoft Corporation) [File not signed]
R1 Tcpip; C:\WINDOWS\System32\DRIVERS\tcpip.sys [361600 2008-06-20] (Microsoft Corporation) [File not signed]
S3 TDPIPE; C:\WINDOWS\system32\Drivers\TDPIPE.sys [12040 2008-04-14] (Microsoft Corporation) [File not signed]
S3 TDTCP; C:\WINDOWS\system32\Drivers\TDTCP.sys [21896 2008-04-14] (Microsoft Corporation) [File not signed]
R1 TermDD; C:\WINDOWS\System32\DRIVERS\termdd.sys [40840 2008-04-14] (Microsoft Corporation) [File not signed]
S4 TosIde; C:\WINDOWS\system32\DRIVERS\toside.sys [4992 2008-04-14] (Microsoft Corporation) [File not signed]
S4 ultra; C:\WINDOWS\system32\DRIVERS\ultra.sys [36736 2008-04-14] (Promise Technology, Inc.) [File not signed]
R3 Update; C:\WINDOWS\System32\DRIVERS\update.sys [384768 2008-04-14] (Microsoft Corporation) [File not signed]
S3 usbccgp; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [32384 2013-08-08] (Microsoft Corporation) [File not signed]
R3 usbehci; C:\WINDOWS\System32\DRIVERS\usbehci.sys [30336 2009-03-18] (Microsoft Corporation) [File not signed]
R3 usbhub; C:\WINDOWS\System32\DRIVERS\usbhub.sys [59520 2008-04-14] (Microsoft Corporation) [File not signed]
S3 usbprint; C:\WINDOWS\System32\DRIVERS\usbprint.sys [25856 2008-04-14] (Microsoft Corporation) [File not signed]
S3 usbscan; C:\WINDOWS\System32\DRIVERS\usbscan.sys [14976 2013-07-02] (Microsoft Corporation) [File not signed]
S3 USBSTOR; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [26368 2008-04-14] (Microsoft Corporation) [File not signed]
R3 usbuhci; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [20608 2008-04-14] (Microsoft Corporation) [File not signed]
S3 usbvideo; C:\WINDOWS\System32\Drivers\usbvideo.sys [123008 2013-07-16] (Microsoft Corporation) [File not signed]
R1 VgaSave; C:\WINDOWS\System32\drivers\vga.sys [20992 2008-04-14] (Microsoft Corporation) [File not signed]
S4 viaagp; C:\WINDOWS\system32\DRIVERS\viaagp.sys [42240 2008-04-14] (Microsoft Corporation) [File not signed]
S4 ViaIde; C:\WINDOWS\system32\DRIVERS\viaide.sys [5376 2008-04-14] (Microsoft Corporation) [File not signed]
R0 VolSnap; C:\WINDOWS\system32\Drivers\VolSnap.sys [52352 2008-04-14] (Microsoft Corporation) [File not signed]
R3 Wanarp; C:\WINDOWS\System32\DRIVERS\wanarp.sys [34560 2008-04-14] (Microsoft Corporation) [File not signed]
R3 wdmaud; C:\WINDOWS\System32\drivers\wdmaud.sys [83072 2008-04-14] (Microsoft Corporation) [File not signed]
S3 WinUSB; C:\WINDOWS\System32\DRIVERS\WinUSB.sys [34944 2009-07-13] (Microsoft Corporation) [File not signed]
R1 WmiAcpi; C:\WINDOWS\System32\DRIVERS\wmiacpi.sys [8832 2008-04-13] (Microsoft Corporation) [File not signed]
R1 WS2IFSL; C:\WINDOWS\System32\drivers\ws2ifsl.sys [12032 2008-04-14] (Microsoft Corporation) [File not signed]
S3 WSTCODEC; C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [19200 2008-04-13] (Microsoft Corporation) [File not signed]
S3 WudfPf; C:\WINDOWS\System32\DRIVERS\WudfPf.sys [77568 2006-09-28] (Microsoft Corporation) [File not signed]
S3 WudfRd; C:\WINDOWS\System32\DRIVERS\wudfrd.sys [82944 2006-09-28] (Microsoft Corporation) [File not signed]
U5 BattC; C:\Windows\System32\Drivers\BattC.sys [14208 2008-04-13] (Microsoft Corporation) [File not signed]
S3 catchme; \??\C:\DOCUME~1\MIRIAM~1\LOCALS~1\Temp\catchme.sys [X]
U3 TlntSvr; No ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-19 15:44 - 2015-01-19 15:45 - 00045375 _____ () C:\Documents and Settings\Miriam Moody\Desktop\FRST.txt
2015-01-19 15:42 - 2015-01-19 15:42 - 01118208 _____ (Farbar) C:\Documents and Settings\Miriam Moody\Desktop\FRST (1).exe
2015-01-08 22:09 - 2015-01-19 15:11 - 00114904 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-01-08 22:09 - 2015-01-08 22:09 - 00000781 _____ () C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
2015-01-08 22:09 - 2015-01-08 22:09 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes Anti-Malware
2015-01-08 22:08 - 2015-01-08 22:09 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2015-01-08 22:08 - 2015-01-08 22:08 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Malwarebytes
2015-01-08 22:08 - 2014-11-21 06:14 - 00054360 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-01-08 22:08 - 2014-11-21 06:14 - 00023256 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-01-08 18:56 - 2015-01-08 18:56 - 00000000 ____D () C:\Program Files\Enigma Software Group
2015-01-08 17:27 - 2015-01-08 17:27 - 00000000 ____D () C:\WINDOWS\jumpshot.com
2015-01-08 17:25 - 2015-01-08 17:25 - 00001735 _____ () C:\Documents and Settings\All Users\Desktop\Avast Free Antivirus.lnk
2015-01-08 17:24 - 2015-01-08 17:24 - 00291352 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2015-01-08 17:24 - 2015-01-08 17:24 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2015-01-08 17:08 - 2015-01-08 17:08 - 00000000 ____D () C:\Documents and Settings\Miriam Moody\Application Data\1H1Q1V1N1N1O1R
2015-01-08 16:32 - 2015-01-08 16:32 - 00001047 _____ () C:\Documents and Settings\Miriam Moody\Desktop\Shortcut to Win500.exe.lnk
2015-01-05 17:05 - 2015-01-05 17:05 - 00001031 _____ () C:\Documents and Settings\Miriam Moody\Desktop\Shortcut to Win97.exe.lnk
2015-01-05 17:01 - 2015-01-08 18:03 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\TEMP
2015-01-01 13:50 - 2015-01-01 13:50 - 00089694 _____ () C:\Documents and Settings\Miriam Moody\My Documents\2015 January ERT.pptx
2015-01-01 13:01 - 2015-01-01 13:01 - 00020992 ___SH () C:\Documents and Settings\Miriam Moody\Desktop\Thumbs.db
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-19 15:45 - 2014-05-09 10:10 - 00000000 ____D () C:\Documents and Settings\Miriam Moody\Local Settings\temp
2015-01-19 15:44 - 2014-05-05 20:34 - 00000886 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-19 15:44 - 2014-05-04 21:11 - 00000000 ____D () C:\FRST
2015-01-19 15:12 - 2010-07-22 02:03 - 01965095 _____ () C:\WINDOWS\WindowsUpdate.log
2015-01-19 15:05 - 2013-11-28 16:46 - 00000364 ____H () C:\WINDOWS\Tasks\avast! Emergency Update.job
2015-01-19 15:01 - 2010-07-21 18:59 - 00605776 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-01-19 14:59 - 2014-05-20 15:03 - 00000236 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job
2015-01-19 14:59 - 2014-05-05 20:34 - 00000882 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-16 21:05 - 2010-07-21 19:01 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2015-01-16 21:04 - 2014-05-10 07:31 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB942288-v3$
2015-01-16 21:04 - 2010-07-22 02:07 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-01-16 21:04 - 2010-07-21 19:01 - 00000049 _____ () C:\WINDOWS\wiaservc.log
2015-01-16 21:03 - 2010-12-28 09:15 - 00000178 ___SH () C:\Documents and Settings\Miriam Moody\ntuser.ini
2015-01-16 21:03 - 2010-07-22 02:07 - 00032622 _____ () C:\WINDOWS\SchedLgU.Txt
2015-01-16 20:51 - 2014-10-28 07:45 - 00000886 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1cff2acfd81437c.job
2015-01-09 09:34 - 2010-12-28 09:16 - 00063592 _____ () C:\Documents and Settings\Miriam Moody\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2015-01-09 09:30 - 2010-07-21 18:59 - 00259048 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-01-09 09:26 - 2014-05-07 20:55 - 00022538 _____ () C:\WINDOWS\bitssetup.log
2015-01-09 09:22 - 2010-07-22 02:04 - 00023392 _____ () C:\WINDOWS\system32\nscompat.tlb
2015-01-09 09:22 - 2010-07-22 02:04 - 00016832 _____ () C:\WINDOWS\system32\amcompat.tlb
2015-01-09 09:14 - 2014-05-07 20:56 - 00001392 _____ () C:\WINDOWS\Windows Update.log
2015-01-09 08:58 - 2014-05-07 20:19 - 00001816 _____ () C:\Documents and Settings\Miriam Moody\Desktop\Tweaking.com - Windows Repair (All in One).lnk
2015-01-09 08:38 - 2010-07-22 02:23 - 00000000 __HDC () C:\WINDOWS\$NtUninstallWudf01000$
2015-01-09 08:36 - 2013-10-29 10:23 - 00000000 ____D () C:\Documents and Settings\Miriam Moody\Application Data\uTorrent
2015-01-08 20:34 - 2010-12-28 09:15 - 00001603 _____ () C:\Documents and Settings\Miriam Moody\Start Menu\Programs\Remote Assistance.lnk
2015-01-08 20:10 - 2010-07-22 02:04 - 00001603 _____ () C:\Documents and Settings\Default User\Start Menu\Programs\Remote Assistance.lnk
2015-01-08 20:09 - 2010-07-22 02:04 - 00001611 _____ () C:\Documents and Settings\All Users\Start Menu\Set Program Access and Defaults.lnk
2015-01-08 20:09 - 2010-07-22 02:04 - 00001511 _____ () C:\Documents and Settings\All Users\Start Menu\Windows Update.lnk
2015-01-08 19:41 - 2014-05-08 18:43 - 00001603 _____ () C:\Documents and Settings\Administrator\Start Menu\Programs\Remote Assistance.lnk
2015-01-08 18:59 - 2010-07-21 18:59 - 00977875 _____ () C:\WINDOWS\setupapi.log
2015-01-08 17:25 - 2013-11-28 16:45 - 00787800 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
2015-01-08 17:25 - 2013-11-28 16:45 - 00423784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2015-01-08 17:24 - 2014-05-20 13:00 - 00024184 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
2015-01-08 17:24 - 2013-11-28 16:45 - 00206248 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2015-01-08 17:24 - 2013-11-28 16:45 - 00070384 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswmonflt.sys
2015-01-08 17:24 - 2013-11-28 16:45 - 00057928 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswTdi.sys
2015-01-08 17:24 - 2013-11-28 16:45 - 00055240 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswrdr.sys
2015-01-08 17:24 - 2013-11-28 16:45 - 00049944 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2015-01-08 16:57 - 2010-07-22 03:31 - 00035824 _____ () C:\WINDOWS\DPINST.LOG
2015-01-08 16:13 - 2010-12-28 09:15 - 00000000 ____D () C:\Documents and Settings\Miriam Moody
2015-01-08 15:33 - 2010-12-27 22:41 - 00000000 ____D () C:\Documents and Settings\Miriam Moody\Local Settings\Application Data\Temp
2015-01-08 15:00 - 2014-05-20 15:03 - 00000230 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
2015-01-02 14:04 - 2013-10-15 10:23 - 00006656 _____ () C:\Documents and Settings\Miriam Moody\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-01-02 14:02 - 2012-11-01 18:37 - 00000000 ____D () C:\Program Files\Mplayer
2015-01-02 14:00 - 2014-05-19 08:39 - 00000000 ____D () C:\Documents and Settings\LocalService\Local Settings\temp
==================== Files in the root of some directories =======
2010-12-27 23:04 - 2010-12-27 23:04 - 0000000 _____ () C:\Documents and Settings\Miriam Moody\Application Data\wklnhst.dat
2013-10-15 10:23 - 2015-01-02 14:04 - 0006656 _____ () C:\Documents and Settings\Miriam Moody\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-08-10 09:30 - 2012-08-10 09:30 - 0027520 _____ () C:\Documents and Settings\Miriam Moody\Local Settings\Application Data\dt.dat
2010-12-28 09:16 - 2010-07-22 04:04 - 0000190 _____ () C:\Documents and Settings\Miriam Moody\Local Settings\Application Data\MyWinLockerInstaller.txt-20100722.log
Some content of TEMP:
====================
C:\Documents and Settings\Miriam Moody\Local Settings\temp\{FFD8E680-52C4-411A-8C49-F1477746F286}-39.0.2171.99_39.0.2171.95_chrome_updater.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => MD5 is legit
C:\WINDOWS\system32\winlogon.exe => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit
C:\WINDOWS\system32\User32.dll => MD5 is legit
C:\WINDOWS\system32\userinit.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\volsnap.sys => MD5 is legit
==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 19-01-2015
Ran by Miriam Moody at 2015-01-19 15:47:08
Running from C:\Documents and Settings\Miriam Moody\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: avast! Antivirus (Disabled - Up to date) {7591DB91-41F0-48A3-B128-1A293FD8233D}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-2587936551-156640315-1538417202-1006\...\uTorrent) (Version: 3.4.2.36802 - BitTorrent Inc.)
32 Bit HP CIO Components Installer (Version: 7.1.8 - Hewlett-Packard) Hidden
Acer Crystal Eye webcam Ver:1.1.184.610 (HKLM\...\{D0ACE89D-EC7F-470F-80BE-4C98ED366B32}) (Version: 1.1.184.610 - Chicony Electronics Co.,Ltd.)
Acer eRecovery Management (HKLM\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3013 - Acer Incorporated)
Acer Game Console (Version: - WildTangent) Hidden
Acer Games (HKLM\...\WildTangent acer Master Uninstall) (Version: 1.0.1.3 - WildTangent)
Acer ScreenSaver (HKLM\...\Acer Screensaver) (Version: 1.1.0624.2010 - Acer Incorporated)
Acer Updater (HKLM\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3001 - Acer Incorporated)
Acer VCM (HKLM\...\{047F790A-7A2A-4B6A-AD02-38092BA63DAC}) (Version: 4.05.3002 - Acer Incorporated)
Acrobat.com (HKLM\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe Flash Player 10 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 10.2.152.32 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.40 - Atheros Communications Inc.)
Auslogics DiskDefrag (HKLM\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: 4.5.3.0 - Auslogics Labs Pty Ltd)
Avast Free Antivirus (HKLM\...\Avast) (Version: 10.0.2208 - AVAST Software)
Bejeweled 2 Deluxe (Version: 2.2.0.95 - WildTangent) Hidden
Blackhawk Striker 2 (Version: 2.2.0.95 - WildTangent) Hidden
Chuzzle Deluxe (Version: 2.2.0.95 - WildTangent) Hidden
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Diner Dash 2 Restaurant Rescue (Version: 2.2.0.95 - WildTangent) Hidden
Dora's Carnival Adventure (Version: 2.2.0.95 - WildTangent) Hidden
eBay Worldwide (HKLM\...\{E0B19DF7-B1C7-4937-82C4-0E4B1E346965}) (Version: 2.1.0901 - OEM)
ENE USB Card Reader Driver (HKLM\...\36E252B904CCA457EEA4810BC637F015E21FD79F) (Version: 5.89.0.70 - ENE)
eSobi v2 (HKLM\...\InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}) (Version: 2.0.4.000274 - esobi Inc.)
eSobi v2 (Version: 2.0.4.000274 - esobi Inc.) Hidden
Express Invoice (HKLM\...\ExpressInvoice) (Version: - NCH Software)
Farm Frenzy (Version: 2.2.0.95 - WildTangent) Hidden
File Opener Packages (HKU\S-1-5-21-2587936551-156640315-1538417202-1006\...\File Opener Packages) (Version: - ) <==== ATTENTION
FileHippo.com Update Checker (HKLM\...\FileHippo.com) (Version: - )
Final Drive Nitro (Version: 2.2.0.95 - WildTangent) Hidden
Google Chrome (HKLM\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Earth Plug-in (HKLM\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
HP Product Detection (HKLM\...\{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}) (Version: 10.7.9.0 - Hewlett-Packard Company)
HP Update (HKLM\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.001.001 - Hewlett-Packard)
HPDiagnosticAlert (Version: 1.00.0000 - Microsoft) Hidden
Identity Card (HKLM\...\Identity Card) (Version: 1.00.3003 - Acer Incorporated)
Insaniquarium Deluxe (Version: 2.2.0.95 - WildTangent) Hidden
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 6.14.10.5260 - Intel Corporation)
Jewel Quest - Heritage (Version: 2.2.0.95 - WildTangent) Hidden
Jewel Quest (Version: 2.2.0.95 - WildTangent) Hidden
Jewel Quest Solitaire 2 (Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Launch Manager (HKLM\...\LManager) (Version: 4.0.12 - Acer Inc.)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version: - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft WinUsb 2.0 (HKLM\...\winusb0200) (Version: - Microsoft Corporation)
Microsoft Works (HKLM\...\{67E03279-F703-408F-B4BF-46B5FC8D70CD}) (Version: 9.7.0621 - Microsoft Corporation)
Mplayer 0.6.9 (HKLM\...\Mplayer) (Version: 0.6.9 - )
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyWinLocker (Version: 3.1.212.0 - Egis Technology Inc.) Hidden
Plants vs. Zombies (Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (Version: 2.2.0.95 - WildTangent) Hidden
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 5.10.0.6066 - Realtek Semiconductor Corp.)
Revo Uninstaller Pro 3.0.8 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.0.8 - VS Revo Group, Ltd.)
Segoe UI (Version: 14.0.4327.805 - Microsoft Corp) Hidden
Shredder (Version: 2.0.8.3 - Egis Technology Inc.) Hidden
Speccy (HKLM\...\Speccy) (Version: 1.26 - Piriform)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.7.0 - Synaptics Incorporated)
TeamViewer 9 (HKLM\...\TeamViewer 9) (Version: 9.0.28223 - TeamViewer)
TurboTax 2013 (HKLM\...\TurboTax 2013) (Version: 2013.0 - Intuit, Inc)
Tweaking.com - Windows Repair (All in One) (HKLM\...\Tweaking.com - Windows Repair (All in One)) (Version: 2.10.2 - Tweaking.com)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Virtual Villagers 4 - The Tree of Life (Version: 2.2.0.95 - WildTangent) Hidden
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WebCam (HKLM\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 5.8.54.008 - Sonix)
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Sign-in Assistant (HKLM\...\{45338B07-A236-4270-9A77-EBB4115517B5}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live Upload Tool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version: - )
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version: - )
Windows Rights Management Client Backwards Compatibility SP2 (HKLM\...\{EC905264-BCFE-423B-9C42-C3A106266790}) (Version: 5.2.95 - Microsoft)
Windows Rights Management Client with Service Pack 2 (HKLM\...\{62BFB4C2-8C4E-4D91-BD7D-81C06EAAC3C0}) (Version: 5.2.95 - Microsoft)
Yahoo! Toolbar (HKLM\...\Yahoo! Companion) (Version: - )
Zuma Deluxe (Version: 2.2.0.95 - WildTangent) Hidden
Zuma's Revenge (Version: 2.2.0.95 - WildTangent) Hidden
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
17-10-2014 20:29:46 Software Distribution Service 3.0
12-11-2014 03:04:41 Software Distribution Service 3.0
06-12-2014 09:02:46 Software Distribution Service 3.0
07-12-2014 08:50:40 Software Distribution Service 3.0
10-12-2014 09:32:27 Software Distribution Service 3.0
12-12-2014 18:42:46 System Checkpoint
08-01-2015 17:12:14 avast! antivirus system restore point
09-01-2015 08:59:58 Tweaking.com - Windows Repair
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2010-07-22 02:37 - 2015-01-09 09:24 - 00000855 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\avast! Emergency Update.job => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1cff2acfd81437c.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job => C:\WINDOWS\system32\xp_eos.exe
==================== Loaded Modules (whitelisted) =============
2015-01-19 15:00 - 2015-01-19 15:00 - 02911744 _____ () C:\Program Files\AVAST Software\Avast\defs\15011900\algo.dll
2010-07-22 02:37 - 2013-01-02 01:49 - 01292288 _____ () C:\WINDOWS\system32\quartz.dll
2010-10-15 12:19 - 2010-02-12 18:11 - 00030080 _____ () C:\WINDOWS\snuvcdsm.exe
2010-07-22 02:37 - 2008-04-14 07:00 - 00059904 _____ () C:\WINDOWS\system32\devenum.dll
2010-07-22 02:37 - 2008-04-14 07:00 - 00014336 _____ () C:\WINDOWS\system32\msdmo.dll
2013-11-28 16:45 - 2015-01-08 17:24 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-12-12 17:56 - 2014-12-05 20:50 - 09009480 _____ () C:\Program Files\Google\Chrome\Application\39.0.2171.95\pdf.dll
2014-12-12 17:56 - 2014-12-05 20:50 - 01677128 _____ () C:\Program Files\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:C0789917
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:F4E28098
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MSIServer => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
========================= Accounts: ==========================
Administrator (S-1-5-21-2587936551-156640315-1538417202-500 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Administrator
ASPNET (S-1-5-21-2587936551-156640315-1538417202-1004 - Limited - Enabled)
Geekstogo (S-1-5-21-2587936551-156640315-1538417202-1008 - Administrator - Enabled)
Guest (S-1-5-21-2587936551-156640315-1538417202-501 - Limited - Enabled)
HelpAssistant (S-1-5-21-2587936551-156640315-1538417202-1005 - Limited - Disabled)
Miriam Moody (S-1-5-21-2587936551-156640315-1538417202-1006 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Miriam Moody
SUPPORT_388945a0 (S-1-5-21-2587936551-156640315-1538417202-1002 - Limited - Disabled)
==================== Faulty Device Manager Devices =============
Name: Photosmart C309a series
Description: Photosmart C309a series
Class Guid: {4D36E971-E325-11CE-BFC1-08002BE10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (01/09/2015 09:15:32 AM) (Source: WinMgmt) (EventID: 4) (User: )
Description: Failed to load MOF C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V4.0.30319\ASPNET.MOF while recovering repository file.
Error: (01/09/2015 09:15:31 AM) (Source: WinMgmt) (EventID: 4) (User: )
Description: Failed to load MOF C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V4.0.30319\MOF\SERVICEMODEL.MOF while recovering repository file.
Error: (01/09/2015 09:15:30 AM) (Source: WinMgmt) (EventID: 4) (User: )
Description: Failed to load MOF C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.0\WINDOWS COMMUNICATION FOUNDATION\SERVICEMODEL.MOF while recovering repository file.
Error: (01/09/2015 09:15:30 AM) (Source: WinMgmt) (EventID: 4) (User: )
Description: Failed to load MOF C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V2.0.50727\CLR.MOF while recovering repository file.
Error: (01/09/2015 09:15:30 AM) (Source: WinMgmt) (EventID: 4) (User: )
Description: Failed to load MOF C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V2.0.50727\ASPNET.MOF while recovering repository file.
Error: (01/09/2015 09:15:30 AM) (Source: WinMgmt) (EventID: 4) (User: )
Description: Failed to load MOF C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V1.1.4322\ASPNET.MOF while recovering repository file.
Error: (12/14/2014 07:13:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application chrome.exe, version 38.0.2125.111, faulting module npctrl.dll, version 5.1.30514.0, fault address 0x00040f11.
Processing media-specific event for [chrome.exe!ws!]
Error: (11/24/2014 09:36:14 AM) (Source: .NET Runtime) (EventID: 1024) (User: )
Description: Shim database version c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319 doesn't have a matching runtime directory
Error: (11/24/2014 09:08:58 AM) (Source: .NET Runtime) (EventID: 1024) (User: )
Description: Shim database version c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319 doesn't have a matching runtime directory
Error: (11/14/2014 02:44:03 PM) (Source: .NET Runtime) (EventID: 1024) (User: )
Description: Shim database version c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319 doesn't have a matching runtime directory
System errors:
=============
Error: (01/19/2015 03:03:31 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Timeout (30000 milliseconds) waiting for the Google Software Updater service to connect.
Error: (01/19/2015 03:03:26 PM) (Source: DCOM) (EventID: 10005) (User: MIRIAM)
Description: DCOM got error "%%1053" attempting to start the service gusvc with arguments ""
in order to run the server:
{89DAE4CD-9F17-4980-902A-99BA84A8F5C8}
Error: (01/19/2015 03:00:00 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Timeout (30000 milliseconds) waiting for a transaction response from the MBAMScheduler service.
Error: (01/19/2015 02:59:30 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Timeout (30000 milliseconds) waiting for a transaction response from the MBAMService service.
Error: (01/19/2015 02:58:59 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Timeout (30000 milliseconds) waiting for a transaction response from the MBAMScheduler service.
Error: (01/16/2015 09:04:49 PM) (Source: 0) (EventID: 1) (User: )
Description: 0xC0000001HarddiskVolume2
Error: (01/16/2015 07:30:51 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Timeout (30000 milliseconds) waiting for a transaction response from the MBAMService service.
Error: (01/16/2015 07:30:08 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
bbnfd_1_10_0_5
Error: (01/16/2015 07:11:27 PM) (Source: Windows Update Agent) (EventID: 16) (User: )
Description: Unable to Connect: Windows is unable to connect to the automatic updates service and therefore cannot download and install updates according to the set schedule. Windows will continue to try to establish a connection.
Error: (01/16/2015 07:11:27 PM) (Source: Windows Update Agent) (EventID: 16) (User: )
Description: Unable to Connect: Windows is unable to connect to the automatic updates service and therefore cannot download and install updates according to the set schedule. Windows will continue to try to establish a connection.
Microsoft Office Sessions:
=========================
==================== Memory info ===========================
Processor: Intel® Atom CPU N450 @ 1.66GHz
Percentage of memory in use: 65%
Total physical RAM: 1013.02 MB
Available physical RAM: 353.67 MB
Total Pagefile: 2439.33 MB
Available Pagefile: 1525.27 MB
Total Virtual: 2047.88 MB
Available Virtual: 1947 MB
==================== Drives ================================
Drive c: (ACER) (Fixed) (Total:138.05 GB) (Free:106.71 GB) NTFS ==>[Drive with boot components (Windows XP)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 149.1 GB) (Disk ID: 1C8B2F0A)
Partition 1: (Not Active) - (Size=11 GB) - (Type=12)
Partition 2: (Active) - (Size=138 GB) - (Type=07 NTFS)
==================== End Of Log ============================