Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- DDS (Ver_2012-11-20.01) - NTFS_AMD64
- Internet Explorer: 9.0.8112.16502 BrowserJavaVersion: 10.15.2
- Run by Brenda at 1:11:15 on 2013-08-27
- Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.4093.1995 [GMT -4:00]
- .
- AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
- AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
- SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
- SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
- SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
- .
- ============== Running Processes ===============
- .
- C:\Windows\system32\lsm.exe
- C:\Windows\system32\svchost.exe -k DcomLaunch
- C:\Windows\system32\nvvsvc.exe
- C:\Windows\system32\svchost.exe -k rpcss
- c:\Program Files\Microsoft Security Client\MsMpEng.exe
- C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
- C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
- C:\Windows\system32\svchost.exe -k netsvcs
- C:\Windows\system32\svchost.exe -k GPSvcGroup
- C:\Windows\system32\SLsvc.exe
- C:\Windows\system32\svchost.exe -k LocalService
- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
- C:\Windows\system32\nvvsvc.exe
- C:\Windows\system32\svchost.exe -k NetworkService
- C:\Windows\System32\spoolsv.exe
- C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
- C:\Windows\System32\alg.exe
- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
- C:\Windows\system32\IProsetMonitor.exe
- C:\Windows\system32\svchost.exe -k SDRSVC
- C:\Windows\system32\UI0Detect.exe
- C:\Windows\System32\vds.exe
- C:\Windows\System32\svchost.exe -k WerSvcGroup
- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
- C:\Windows\system32\DRIVERS\xaudio64.exe
- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
- C:\Windows\system32\taskeng.exe
- C:\Windows\Explorer.EXE
- C:\Windows\system32\taskeng.exe
- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
- c:\Program Files\Microsoft Security Client\NisSrv.exe
- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
- C:\Program Files\Microsoft IntelliPoint\ipoint.exe
- C:\Program Files\Microsoft Security Client\msseces.exe
- C:\Program Files\Windows Media Player\wmpnscfg.exe
- C:\Windows\system32\SearchIndexer.exe
- C:\Windows\system32\wbem\unsecapp.exe
- C:\Windows\system32\wbem\wmiprvse.exe
- C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
- C:\Program Files (x86)\Opera 10.50 pre-alpha\Opera.exe
- C:\Program Files (x86)\Internet Explorer\iexplore.exe
- C:\Program Files (x86)\Internet Explorer\iexplore.exe
- C:\Windows\system32\SearchProtocolHost.exe
- C:\Windows\system32\SearchFilterHost.exe
- C:\Windows\system32\SearchProtocolHost.exe
- C:\Windows\system32\wbem\wmiprvse.exe
- C:\Windows\System32\cscript.exe
- .
- ============== Pseudo HJT Report ===============
- .
- uStart Page = hxxp://www.google.com
- uSearch Page = hxxp://www.google.com
- uDefault_Page_URL = hxxp://www.gateway.com/g/startpage.html?Ch=Retail&SubCH=CCO&Br=GTW&Loc=ENG_US&Sys=DTP&M=FX4710-UB802A
- uDefault_Search_URL = hxxp://www.google.com/ie
- mStart Page = hxxp://www.google.com
- mDefault_Page_URL = hxxp://www.gateway.com/g/startpage.html?Ch=Retail&SubCH=CCO&Br=GTW&Loc=ENG_US&Sys=DTP&M=FX4710-UB802A
- uSearchAssistant = hxxp://www.google.com/ie
- mSearchAssistant = hxxp://www.gateway.com/g/sidepanel.html?Ch=Retail&SubCH=CCO&Br=GTW&Loc=ENG_US&Sys=DTP&M=FX4710-UB802A
- uURLSearchHooks: Freecorder Toolbar: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files (x86)\Freecorder\prxtbFree.dll
- uURLSearchHooks: InternetHelper3 Toolbar: {b920380d-fbe7-45c7-96ab-37e9870a566c} - C:\Program Files (x86)\InternetHelper3\prxtbInte.dll
- uURLSearchHooks: KeyBar 1.8 Toolbar: {9ed31f84-c8b3-4926-b950-dff74047ff79} - C:\Program Files (x86)\KeyBar_1.8\prxtbKey0.dll
- mURLSearchHooks: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll
- mURLSearchHooks: Freecorder Toolbar: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files (x86)\Freecorder\prxtbFree.dll
- mURLSearchHooks: InternetHelper3 Toolbar: {b920380d-fbe7-45c7-96ab-37e9870a566c} - C:\Program Files (x86)\InternetHelper3\prxtbInte.dll
- mURLSearchHooks: KeyBar 1.8 Toolbar: {9ed31f84-c8b3-4926-b950-dff74047ff79} - C:\Program Files (x86)\KeyBar_1.8\prxtbKey0.dll
- BHO: SnagIt Toolbar Loader: {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\Snagit 9\SnagitBHO.dll
- BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>
- BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - LocalServer32 - <no file>
- BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
- BHO: {AA58ED58-01DD-4d91-8333-CF10577473F7} - <orphaned>
- TB: Freecorder Toolbar: {1392B8D2-5C05-419F-A8F6-B9F15A596612} - C:\Program Files (x86)\Freecorder\prxtbFree.dll
- TB: InternetHelper3 Toolbar: {B920380D-FBE7-45C7-96AB-37E9870A566C} - C:\Program Files (x86)\InternetHelper3\prxtbInte.dll
- TB: Snagit: {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 9\SnagitIEAddin.dll
- uRun: [SugarSync] "C:\Program Files (x86)\SugarSync\SugarSyncManager.exe" -startInTray -usedelay=true
- uRun: [IDriveE Startup] "C:\IDrive\IDrvieEStartup.exe" Hide
- uRun: [Driver Detective] C:\Program Files (x86)\PC Drivers HeadQuarters\Driver Detective\DriversHQ.DriverDetective.Client.exe /applicationMode:systemTray /showWelcome:false
- mRun: [WinPatrol] "C:\Program Files (x86)\BillP Studios\WinPatrol\winpatrol.exe" -expressboot
- mRun: [Zoolz Tray] "C:\Program Files\Genie9\Zoolz2\ZoolzLauncher.exe" "C:\Program Files\Genie9\Zoolz2\Zoolz.exe" "-Delay"
- mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
- mRun: [KeePass 2 PreLoad] "C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe" --preload
- StartupFolder: C:\Users\Brenda\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\IDrive Tray.lnk - C:\IDrive\IDriveEReg2ini.exe
- StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MiMedia.lnk - C:\Program Files\MiMedia LLC\MiMedia\MiMedia.exe
- mPolicies-Explorer: NoActiveDesktop = dword:1
- mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
- mPolicies-Explorer: NoResolveTrack = dword:1
- mPolicies-Explorer: NoFileAssociate = dword:0
- mPolicies-System: EnableUIADesktopToggle = dword:0
- mPolicies-System: NoDispSettingsPage = dword:0
- mPolicies-System: EnableLUA = dword:0
- mPolicies-System: ConsentPromptBehaviorUser = dword:2
- IE: Add to Evernote 4.0 - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
- IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200
- IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
- IE: LastPass - C:\Users\Brenda\AppData\LocalLow\LastPass\context.html?cmd=lastpass
- IE: LastPass Fill Forms - C:\Users\Brenda\AppData\LocalLow\LastPass\context.html?cmd=fillforms
- IE: Read with DeskBot - <no file>
- IE: {43699cd0-e34f-11de-8a39-0800200c9a66} - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar.dll
- .
- INFO: HKCU has more than 50 listed domains.
- If you wish to scan all of them, select the 'Force scan all domains' option.
- .
- DPF: vzTCPConfig - hxxp://my.verizon.com/micro/SpeedOptimizer/FiOS/vzTCPConfig.CAB
- DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} - hxxp://www.systemrequirementslab.com/srl_bin/sysreqlab_srl.cab
- DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
- DPF: {2EDF75C0-5ABD-49f9-BAB6-220476A32034} - hxxp://intel-drv-cdn.systemrequirementslab.com/multi/bin/sysreqlab_srlx.cab
- DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - hxxp://download.divx.com/player/DivXBrowserPlugin.cab
- DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} - hxxp://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
- DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
- DPF: {83A4D5A6-E2C1-4EDD-AD48-1A1C50BD06EF} - hxxp://www.mejuba.com/member/usercontrols/Files/Scripts/ImageUploader6.cab
- DPF: {88650482-3892-11D5-8997-00104BD12D94} - hxxp://support.gateway.com/support/profiler/PCPitStop.CAB
- DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} - hxxp://www.worldwinner.com/games/shared/wwlaunch.cab
- DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_15-windows-i586.cab
- DPF: {8E175C33-D337-4092-99C6-CDEFA8271C9F} - hxxp://www.diskdoctors.net/DiskDoctors.cab
- DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
- DPF: {9A57B18E-2F5D-11D5-8997-00104BD12D94} - hxxp://support.gateway.com/support/serialharvest/gwCID.CAB
- DPF: {A4110378-789B-455F-AE86-3A1BFC402853} - hxxp://zone.msn.com/bingame/zpagames/zpa_shvl.cab55579.cab
- DPF: {A5A76EA0-7B92-4707-9DBF-6F6FE56A6800} - hxxp://scan.networkmagic.com/nmscan/download/WebDiag.4.5.8056.1-ship-WD.V1.cab
- DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} - hxxp://www.superadblocker.com/activex/sabspx.cab
- DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - hxxp://cdn2.zone.msn.com/binFramework/v10/ZPAFramework.cab102118.cab
- DPF: {CAFEEFAC-0014-0001-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/1.4/jinstall-14-windows-i586.cab
- DPF: {CAFEEFAC-0016-0000-0041-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_41-windows-i586.cab
- DPF: {CAFEEFAC-0016-0000-FFFF-ABCDEFFEDCBA} - hxxp://javadl-esd.oracle.com/update/1.6.0/jinstall-6u21-windows-i586.cab
- DPF: {CAFEEFAC-0017-0000-0015-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_15-windows-i586.cab
- DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_41-windows-i586.cab
- DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.4.24.0.cab
- DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} -
- DPF: {E70E3E64-2793-4AEF-8CC8-F1606BE563B0} - hxxp://www.worldwinner.com/games/v54/wwspades/wwspades.cab
- DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} - hxxp://utilities.pcpitstop.com/Optimize2/pcpitstop2.dll
- TCP: NameServer = 192.168.1.1
- TCP: Interfaces\{DA6308BA-AC56-4E37-A458-32C93F2270CC} : DHCPNameServer = 192.168.1.1
- TCP: Interfaces\{F16CED24-D5F7-4C3E-A4A6-1C5FA2CF4341} : DHCPNameServer = 192.168.1.1
- Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\Advisor\System\BAVoilaX.dll
- Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
- Notify: !SASWinLogon - <no file>
- LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg
- x64-mDefault_Page_URL = hxxp://www.gateway.com/g/startpage.html?Ch=Retail&SubCH=CCO&Br=GTW&Loc=ENG_US&Sys=DTP&M=FX4710-UB802A
- x64-BHO: SnagIt Toolbar Loader: {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\Snagit 9\DLLx64\SnagitBHO64.dll
- x64-BHO: Complitly: {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\Brenda\AppData\Roaming\Complitly\64\Complitly64.dll
- x64-BHO: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - <orphaned>
- x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
- x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
- x64-BHO: LastPass Vault: {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll
- x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
- x64-TB: LastPass Toolbar: {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll
- x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
- x64-Run: [Skytel] Skytel.exe
- x64-Run: [IntelliPoint] "c:\Program Files\Microsoft IntelliPoint\ipoint.exe"
- x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
- x64-mPolicies-Explorer: NoActiveDesktop = dword:1
- x64-mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
- x64-mPolicies-Explorer: NoResolveTrack = dword:1
- x64-mPolicies-Explorer: NoFileAssociate = dword:0
- x64-mPolicies-System: EnableUIADesktopToggle = dword:0
- x64-mPolicies-System: NoDispSettingsPage = dword:0
- x64-mPolicies-System: EnableLUA = dword:0
- x64-mPolicies-System: ConsentPromptBehaviorUser = dword:2
- x64-IE: {43699cd0-e34f-11de-8a39-0800200c9a66} - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll
- x64-Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - <orphaned>
- x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
- Hosts: 127.0.0.1 ads.mcafee.com
- Hosts: 127.0.0.1 analytics.microsoft.com
- Hosts: 127.0.0.1 metrics.bitdefender.com
- Hosts: 127.0.0.1 metrics.mcafee.com
- Hosts: 127.0.0.1 om.symantec.com
- .
- Note: multiple HOSTS entries found. Please refer to Attach.txt
- .
- ================= FIREFOX ===================
- .
- FF - ProfilePath - C:\Users\Brenda\AppData\Roaming\Mozilla\Firefox\Profiles\jwd8ciui.default\
- FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3286042&CUI=UN32732181832546812&UM=2&SearchSource=3&q={searchTerms}
- FF - prefs.js: browser.search.selectedEngine - KeyBar 1.8 Customized Web Search
- FF - prefs.js: browser.startup.homepage - hxxp://search.conduit.com/?ctid=CT3286042&octid=CT3286042&SearchSource=61&CUI=UN32732181832546812&UM=2&UP=SPB65F04AA-BC8F-49BE-AA69-3BE57D5D0399
- FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3286042&SearchSource=2&CUI=UN32732181832546812&UM=2&q=
- FF - prefs.js: network.proxy.type - 2
- FF - component: C:\Users\Brenda\AppData\Roaming\Mozilla\Firefox\Profiles\jwd8ciui.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}\platform\WINNT_x86-msvc\components\SSSLauncher.dll
- FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
- FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
- FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
- FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
- FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrlui.dll
- FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
- FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
- FF - plugin: C:\Program Files (x86)\Virtual Earth 3D\npVE3D.dll
- FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
- FF - plugin: C:\Program Files\ma-config.com\nphardwaredetection.dll
- FF - plugin: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll
- FF - plugin: C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll
- FF - plugin: C:\Users\Brenda\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll
- FF - plugin: C:\Users\Brenda\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
- FF - plugin: C:\Users\Brenda\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
- FF - plugin: C:\Users\Brenda\AppData\Roaming\Mozilla\plugins\npo1d.dll
- FF - plugin: C:\Windows\System32\TVUAx\npTVUAx.dll
- FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll
- FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
- FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
- FF - ExtSQL: 2013-07-01 19:47; {bee6eb20-01e0-ebd1-da83-080329fb9a3a}; C:\Users\Brenda\AppData\Roaming\Mozilla\Firefox\Profiles\jwd8ciui.default\extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a}
- FF - ExtSQL: 2013-08-21 05:36; tidynetwork@tidynetwork; C:\Users\Brenda\AppData\Roaming\Mozilla\Firefox\Profiles\jwd8ciui.default\extensions\tidynetwork@tidynetwork
- .
- ---- FIREFOX POLICIES ----
- user_pref('extensions.autoDisableScopes', 0);user_pref('security.csp.enable', false);user_pref('security.OCSP.enabled', 0);
- ============= SERVICES / DRIVERS ===============
- .
- R0 aswRvrt;aswRvrt;C:\Windows\System32\drivers\aswRvrt.sys [2013-4-24 65336]
- R0 aswVmm;aswVmm;C:\Windows\System32\drivers\aswVmm.sys [2013-4-24 189936]
- R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2013-6-18 247216]
- R0 pavboot;pavboot;C:\Windows\System32\drivers\pavboot64.sys [2010-5-22 33800]
- R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2008-6-12 55024]
- R1 avkmgr;avkmgr;C:\Windows\System32\drivers\avkmgr.sys [2012-8-8 27760]
- R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
- R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
- R2 avgntflt;avgntflt;C:\Windows\System32\drivers\avgntflt.sys [2012-8-8 98848]
- R2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;C:\Windows\System32\IPROSetMonitor.exe [2012-9-6 170824]
- R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2013-6-18 139616]
- R3 appliandMP;appliandMP;C:\Windows\System32\drivers\appliand.sys [2010-6-24 33888]
- R3 AVer88xHD;AVerMedia 23888 AvStream Video Capture;C:\Windows\System32\drivers\AVer88xHD64.sys [2008-6-12 432256]
- R3 CAXHWBS2;CAXHWBS2;C:\Windows\System32\drivers\CAXHWBS2.sys [2007-6-20 409600]
- R3 dc3d;MS Hardware Device Detection Driver (USB);C:\Windows\System32\drivers\dc3d.sys [2011-8-1 52584]
- R3 FontCache;Windows Font Cache Service;C:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 27648]
- R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-7-18 366600]
- R3 Point64;Microsoft IntelliPoint Filter Driver;C:\Windows\System32\drivers\point64.sys [2011-8-1 45416]
- S2 AntiVirSchedulerService;Avira Scheduler;C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2012-8-8 86224]
- S2 AntiVirService;Avira Realtime Protection;C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2012-8-8 110032]
- S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
- S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
- S3 appliand;Applian Network Service;C:\Windows\System32\drivers\appliand.sys [2010-6-24 33888]
- S3 atashost;WebEx Service Host for Support Center;C:\Windows\SysWOW64\atashost.exe [2010-1-7 20376]
- S3 athur;Atheros AR9271 Wireless Network Adapter Service;C:\Windows\System32\drivers\athurx.sys [2012-11-13 1724416]
- S3 b57nd60a;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;C:\Windows\System32\drivers\b57nd60a.sys [2008-1-20 214016]
- S3 CrucialSMBusScan;CrucialSMBusScan;C:\Windows\System32\drivers\CrucialSMBusScan.sys [2008-9-21 18984]
- S3 driverhardwarev2x64;driverhardwarev2x64;C:\Program Files\ma-config.com\Drivers\driverhardwarev2x64.sys [2011-7-21 16640]
- S3 ENTECH64;ENTECH64;C:\Windows\System32\drivers\Entech64.sys [2008-9-27 12744]
- S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2009-1-8 1038088]
- S3 fssfltr;FssFltr;C:\Windows\System32\drivers\fssfltr.sys [2010-10-16 48488]
- S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-23 1493352]
- S3 gupdate1c95b59f98d2723;Google Update Service (gupdate1c95b59f98d2723);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2008-12-11 133104]
- S3 IDriveE Service;IDriveE Service;C:\IDrive\IDriveE Service.exe [2011-7-30 157128]
- S3 maconfservice;Ma-Config Service;C:\Program Files\ma-config.com\x64\maconfservice.exe [2012-8-4 427672]
- S3 mbamchameleon;mbamchameleon;C:\Windows\System32\drivers\mbamchameleon.sys [2013-8-18 36680]
- S3 PdiService;Portrait Displays SDK Service;C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [2008-10-11 90112]
- S3 PerfHost;Performance Counter DLL Host;C:\Windows\SysWOW64\perfhost.exe [2008-1-20 19968]
- S3 PSI;PSI;C:\Windows\System32\drivers\psi_mf_amd64.sys [2013-4-18 18456]
- S3 RivaTuner64;RivaTuner64;C:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys [2009-8-22 19952]
- S3 RTL8187;NETGEAR WG111v2 54Mbps Wireless USB 2.0 Adapter Vista Driver;C:\Windows\System32\drivers\wg111v2.sys [2007-12-26 340992]
- S3 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-1-18 383264]
- S3 SWDUMon;SWDUMon;C:\Windows\System32\drivers\SWDUMon.sys [2013-8-18 16152]
- S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-4-19 1022632]
- S4 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2011-7-18 140672]
- S4 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2009-5-26 89920]
- S4 IObitUnlocker;IObitUnlocker;C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlocker.sys [2013-2-19 35256]
- S4 Secunia PSI Agent;Secunia PSI Agent;C:\Program Files (x86)\Secunia\PSI\psia.exe [2013-4-18 1227800]
- S4 Secunia Update Agent;Secunia Update Agent;C:\Program Files (x86)\Secunia\PSI\sua.exe [2013-4-18 659992]
- S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
- S4 Zoolz 2 Service;Zoolz Service;C:\Program Files\Genie9\Zoolz2\ZoolzService.exe [2013-3-18 450064]
- .
- =============== File Associations ===============
- .
- FileExt: .reg: Applications\urmain.exe="C:\Program Files (x86)\Your Uninstaller! 7\urmain.exe" "%1" [UserChoice]
- FileExt: .txt: Applications\Notepad.exe=C:\Windows\System32\NOTEPAD.EXE %1 [UserChoice]
- FileExt: .js: JSFile=C:\Windows\SysWOW64\WScript.exe "%1" %*
- FileExt: .jse: JSEFile=C:\Windows\SysWOW64\WScript.exe "%1" %*
- .
- =============== Created Last 30 ================
- .
- .
- ==================== Find3M ====================
- .
- 2013-08-24 07:00:37 78161360 ----a-w- C:\Windows\System32\mrt.exe
- 2013-08-21 03:20:58 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
- 2013-08-21 03:20:58 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
- 2013-08-19 00:56:33 36680 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
- 2013-08-18 04:24:40 16152 ----a-w- C:\Windows\System32\drivers\SWDUMon.sys
- 2013-07-31 04:34:03 56072 ----a-w- C:\Windows\System32\certsentry.dll
- 2013-07-31 04:34:03 47368 ----a-w- C:\Windows\SysWow64\certsentry.dll
- 2013-07-25 03:54:29 17830400 ----a-w- C:\Windows\System32\mshtml.dll
- 2013-07-25 03:37:25 2312704 ----a-w- C:\Windows\System32\jscript9.dll
- 2013-07-25 03:35:45 10926080 ----a-w- C:\Windows\System32\ieframe.dll
- 2013-07-25 03:31:23 1346560 ----a-w- C:\Windows\System32\urlmon.dll
- 2013-07-25 03:30:49 1392128 ----a-w- C:\Windows\System32\wininet.dll
- 2013-07-25 03:29:41 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
- 2013-07-25 03:29:21 237056 ----a-w- C:\Windows\System32\url.dll
- 2013-07-25 03:29:06 86016 ----a-w- C:\Windows\System32\jsproxy.dll
- 2013-07-25 03:28:46 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
- 2013-07-25 03:28:31 599040 ----a-w- C:\Windows\System32\vbscript.dll
- 2013-07-25 03:28:27 816640 ----a-w- C:\Windows\System32\jscript.dll
- 2013-07-25 03:28:24 2147840 ----a-w- C:\Windows\System32\iertutil.dll
- 2013-07-25 03:28:18 729088 ----a-w- C:\Windows\System32\msfeeds.dll
- 2013-07-25 03:27:29 96768 ----a-w- C:\Windows\System32\mshtmled.dll
- 2013-07-25 03:27:20 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
- 2013-07-25 03:26:53 248320 ----a-w- C:\Windows\System32\ieui.dll
- 2013-07-25 02:40:07 12334080 ----a-w- C:\Windows\SysWow64\mshtml.dll
- 2013-07-25 02:32:35 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
- 2013-07-25 02:30:47 9738752 ----a-w- C:\Windows\SysWow64\ieframe.dll
- 2013-07-25 02:26:45 1104384 ----a-w- C:\Windows\SysWow64\urlmon.dll
- 2013-07-25 02:26:10 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
- 2013-07-25 02:25:30 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
- 2013-07-25 02:24:39 231936 ----a-w- C:\Windows\SysWow64\url.dll
- 2013-07-25 02:24:24 65536 ----a-w- C:\Windows\SysWow64\jsproxy.dll
- 2013-07-25 02:23:59 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
- 2013-07-25 02:23:58 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
- 2013-07-25 02:23:51 717824 ----a-w- C:\Windows\SysWow64\jscript.dll
- 2013-07-25 02:23:30 1796096 ----a-w- C:\Windows\SysWow64\iertutil.dll
- 2013-07-25 02:23:27 607744 ----a-w- C:\Windows\SysWow64\msfeeds.dll
- 2013-07-25 02:22:47 73216 ----a-w- C:\Windows\SysWow64\mshtmled.dll
- 2013-07-25 02:22:35 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
- 2013-07-25 02:22:04 176640 ----a-w- C:\Windows\SysWow64\ieui.dll
- 2013-07-17 20:01:51 2048 ----a-w- C:\Windows\System32\tzres.dll
- 2013-07-17 19:41:34 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
- 2013-07-10 09:47:49 677888 ----a-w- C:\Windows\SysWow64\rpcrt4.dll
- 2013-07-10 09:42:55 1303552 ----a-w- C:\Windows\System32\rpcrt4.dll
- 2013-07-09 12:04:30 1585256 ----a-w- C:\Windows\System32\ntdll.dll
- 2013-07-09 12:04:30 1168088 ----a-w- C:\Windows\SysWow64\ntdll.dll
- 2013-07-08 04:51:57 4691904 ----a-w- C:\Windows\System32\ntoskrnl.exe
- 2013-07-08 04:20:17 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
- 2013-07-08 04:20:04 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll
- 2013-07-08 04:18:51 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
- 2013-07-08 04:16:55 98304 ----a-w- C:\Windows\SysWow64\cryptnet.dll
- 2013-07-08 04:16:55 133120 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
- 2013-07-08 04:16:54 992768 ----a-w- C:\Windows\SysWow64\crypt32.dll
- 2013-07-08 04:16:33 43008 ----a-w- C:\Windows\apppatch\acwow64.dll
- 2013-07-08 04:15:39 234496 ----a-w- C:\Windows\System32\wow64.dll
- 2013-07-08 04:15:25 218624 ----a-w- C:\Windows\System32\wintrust.dll
- 2013-07-08 04:14:21 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
- 2013-07-08 04:12:34 174592 ----a-w- C:\Windows\System32\cryptsvc.dll
- 2013-07-08 04:12:34 132096 ----a-w- C:\Windows\System32\cryptnet.dll
- 2013-07-08 04:12:34 1276416 ----a-w- C:\Windows\System32\crypt32.dll
- 2013-07-08 01:39:04 26112 ----a-w- C:\Windows\SysWow64\setup16.exe
- 2013-07-08 01:39:03 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
- 2013-07-08 01:39:02 2560 ----a-w- C:\Windows\SysWow64\user.exe
- 2013-07-05 03:58:11 1417664 ----a-w- C:\Windows\System32\drivers\tcpip.sys
- 2013-07-05 02:15:19 40448 ----a-w- C:\Windows\System32\drivers\tcpipreg.sys
- 2013-06-19 01:50:08 247216 ----a-w- C:\Windows\System32\drivers\MpFilter.sys
- 2013-06-19 01:50:08 139616 ----a-w- C:\Windows\System32\drivers\NisDrvWFP.sys
- 2013-06-18 20:15:50 43216 ----a-w- C:\Windows\System32\cmdcsr.dll
- 2013-06-15 13:27:51 20480 ----a-w- C:\Windows\System32\icaapi.dll
- 2013-06-15 11:38:39 29184 ----a-w- C:\Windows\System32\drivers\tssecsrv.sys
- 2013-06-10 11:08:10 278800 ------w- C:\Windows\System32\MpSigStub.exe
- 2013-06-04 02:03:07 2775040 ----a-w- C:\Windows\System32\win32k.sys
- 2013-06-01 04:19:22 619008 ----a-w- C:\Windows\System32\qedit.dll
- 2013-06-01 04:06:08 505344 ----a-w- C:\Windows\SysWow64\qedit.dll
- 2013-05-10 00:52:03 14880256 ----a-w- C:\Program Files (x86)\Common Files\lpuninstall.exe
- 2007-01-06 11:09:26 208896 ----a-w- C:\Program Files (x86)\Common Files\VistaRunApp.exe
- 2001-07-06 20:59:54 372736 ----a-w- C:\Program Files\Dragnifier.exe
- .
- ============= FINISH: 1:12:53.54 ===============
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement