AfterDawn Forums

DDS log

This discussion thread has 13 messages.

#1
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16455
Run by Shayan Ahmed at 2:01:24 on 2012-12-09
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4003.1596 [GMT -8:00]
.
AV: Sophos Anti-Virus *Enabled/Updated* {479CCF92-4960-B3E0-7373-BF453B467D2C}
SP: Sophos Anti-Virus *Enabled/Updated* {FCFD2E76-6F5A-BC6E-49C3-843740C13791}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\IDT\WDM\AESTSr64.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler.exe
C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler64.exe
C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
C:\ProgramData\ActivePath\ActiveMail\UpdateClient.exe
C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files (x86)\CyberDefender\SchedulerService\SchedulerService.exe
C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files\Hercules\Audio\DJ Console Series\drivers\amd64\HerculesDJControlMP3.EXE
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Program Files (x86)\Cisco\Cisco NAC Agent\NACAgent.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe
C:\Program Files (x86)\Cisco\Cisco NAC Agent\NACAgentUI.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
C:\Program Files (x86)\Sendori\sndappv2.exe
C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe
C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Sendori\SendoriSvc.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
C:\Program Files (x86)\Sendori\Sendori.Service.exe
C:\Program Files (x86)\Sendori\SendoriUp.exe
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\uTorrent\uTorrent.exe
C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
C:\Users\Shayan Ahmed\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Users\Shayan Ahmed\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\Sophos\AutoUpdate\ALMon.exe
C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Users\Shayan Ahmed\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Users\Shayan Ahmed\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Shayan Ahmed\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Shayan Ahmed\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Shayan Ahmed\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Shayan Ahmed\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Shayan Ahmed\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Shayan Ahmed\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Shayan Ahmed\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Shayan Ahmed\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Shayan Ahmed\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\Hercules\Audio\DJ Console Series\HDJSeriesCPL.exe
C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Sendori\SendoriTray.exe
C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Users\Shayan Ahmed\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Shayan Ahmed\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Shayan Ahmed\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe
C:\Program Files (x86)\Safari\Safari.exe
C:\Program Files (x86)\Safari\Apple Application Support\WebKit2WebProcess.exe
C:\Program Files (x86)\Safari\Safari.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.babylon.com/?affID=110795&tt=3212_7&babsrc=HP_ss&mntrId=7c4e86d4000000000000bc77373cda03
uURLSearchHooks: YTD Toolbar: {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files (x86)\YTD Toolbar\IE\6.6\ytdToolbarIE.dll
uURLSearchHooks: Online SMS 4 Free Toolbar: {9d841c6a-6c61-4d90-8d90-fedd2bf8a28d} - C:\Program Files (x86)\Online_SMS_4_Free\prxtbOnli.dll
uURLSearchHooks: uTorrentControl2 Toolbar: {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll
mURLSearchHooks: Online SMS 4 Free Toolbar: {9d841c6a-6c61-4d90-8d90-fedd2bf8a28d} - C:\Program Files (x86)\Online_SMS_4_Free\prxtbOnli.dll
mURLSearchHooks: uTorrentControl2 Toolbar: {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll
mWinlogon: Userinit = userinit.exe
BHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO: Complitly: {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\Shayan Ahmed\AppData\Roaming\Complitly\Complitly.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: McAfee Phishing Filter: {27B4851A-3207-45A2-B947-BE8AFE6163AB} -
BHO: Babylon toolbar helper: {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.6.4.6\bh\BabylonToolbar.dll
BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
BHO: Sophos Web Content Scanner: {39EA7695-B3F2-4C44-A4BC-297ADA8FD235} - C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SophosBHO.dll
BHO: uTorrentControl2 Toolbar: {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
BHO: DealCabby: {780E957D-9057-415C-8B59-C22DFA66A44B} - C:\Users\Shayan Ahmed\AppData\Local\dealcabby\ie\dealcabby_20120804035001.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Online SMS 4 Free Toolbar: {9d841c6a-6c61-4d90-8d90-fedd2bf8a28d} - C:\Program Files (x86)\Online_SMS_4_Free\prxtbOnli.dll
BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Wajam: {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - C:\Program Files (x86)\Wajam\IE\priam_bho.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll
BHO: WeCareReminder Class: {D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} - C:\ProgramData\WeCareReminder\IEHelperv2.5.0.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: ActiveMail: {EF7AED5F-0C26-4820-A570-7DA8B6D93F4A} - C:\ProgramData\ActivePath\ActiveMail\ActiveMailBHO.dll
BHO: YTD Toolbar: {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files (x86)\YTD Toolbar\IE\6.6\ytdToolbarIE.dll
BHO: Yontoo: {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll
BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
TB: Online SMS 4 Free Toolbar: {9D841C6A-6C61-4D90-8D90-FEDD2BF8A28D} - C:\Program Files (x86)\Online_SMS_4_Free\prxtbOnli.dll
TB: uTorrentControl2 Toolbar: {687578B9-7132-4A7A-80E4-30EE31099E03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll
TB: Online SMS 4 Free Toolbar: {9d841c6a-6c61-4d90-8d90-fedd2bf8a28d} - C:\Program Files (x86)\Online_SMS_4_Free\prxtbOnli.dll
TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
TB: uTorrentControl2 Toolbar: {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll
TB: Babylon Toolbar: {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.6.4.6\BabylonToolbarTlbr.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -
TB: YTD Toolbar: {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files (x86)\YTD Toolbar\IE\6.6\ytdToolbarIE.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
uRun: [Facebook Update] "C:\Users\Shayan Ahmed\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
uRun: [Google Update] "C:\Users\Shayan Ahmed\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED
uRun: [Spotify] "C:\Users\Shayan Ahmed\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
uRun: [Spotify Web Helper] "C:\Users\Shayan Ahmed\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
uRun: [{603380FE-28B7-4EFA-A9B9-A94C1D46A6EA}] "C:\Users\Shayan Ahmed\Desktop\MixedInKey_Version5\MixedInKey_Version5\MixedInKey_Version5.exe" /cmdloc "HKCU\Software\Mixed In Key LLC AiTemp\{603380FE-28B7-4EFA-A9B9-A94C1D46A6EA}"
uRun: [GoogleChromeAutoLaunch_37BA0099873B19EC3A5779111E5BFA97] "C:\Users\Shayan Ahmed\AppData\Local\Google\Chrome\Application\chrome.exe" --no-startup-window
uRunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_4_402_287_ActiveX.exe -update activex
mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [AccuWeatherWidget] "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup
mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
mRun: [Sophos AutoUpdate Monitor] C:\Program Files (x86)\Sophos\AutoUpdate\almon.exe
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun: [Aimersoft Helper Compact.exe] C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe
mRun: [Hercules DJ Series] C:\Program Files\Hercules\Audio\DJ Console Series\HDJSeriesCPL.exe /boot
mRun: [PowerDVD12DMREngine] "C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe"
mRun: [PowerDVD12Agent] "C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [Sendori Tray] "C:\Program Files (x86)\Sendori\SendoriTray.exe"
mRun: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mRun: [NACAgentUI] C:\Program Files (x86)\Cisco\Cisco NAC Agent\NACAgentUI.exe
mRun: [SearchSettings] "C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe"
mRunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"
StartupFolder: C:\Users\SHAYAN~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\OFFICE~1.LNK - C:\Program Files (x86)\Office Suite X 3\program\quickstart.exe
StartupFolder: C:\Users\SHAYAN~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ZOOSKM~1.LNK - C:\Program Files (x86)\ZooskMessenger\ZooskMessenger.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Free YouTube Download - C:\Users\Shayan Ahmed\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm
IE: Free YouTube to MP3 Converter - C:\Users\Shayan Ahmed\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
LSP: C:\Windows\System32\Sendori.dll
LSP: mswsock.dll
DPF: {4D2D3A17-9B46-483C-A5F4-1DC471080009} - hxxps://nac-svr03.usfca.edu/auth/taweb.cab
DPF: {5EA13312-8764-496F-B4AB-F7A872B51E14} - hxxp://cdn03.oovoo.com/oovoomelink/oovoome/webvc/ooVooWeb.dll
DPF: {76CBDDBA-3897-4EAC-A1D3-CCC47DE82EFB} - hxxps://nac-svr03.usfca.edu/auth/taweb.cab
DPF: {8569D715-FF88-44BA-8D1D-AD3E59543DDE} - hxxps://radar.ctuit.com/CtuitNet/Reports/arview2.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
TCP: NameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{1E18D358-48A7-4907-844E-6BBA6B33DE74} : NameServer = 216.146.35.240,216.146.36.240,75.75.75.75,75.75.76.76
TCP: Interfaces\{1E18D358-48A7-4907-844E-6BBA6B33DE74} : DHCPNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{1E18D358-48A7-4907-844E-6BBA6B33DE74}\16474777966696 : DHCPNameServer = 192.168.4.1 64.134.255.2 64.134.255.10
TCP: Interfaces\{1E18D358-48A7-4907-844E-6BBA6B33DE74}\26F627963766D27657563747 : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{1E18D358-48A7-4907-844E-6BBA6B33DE74}\4656C64716 : NameServer = 75.75.75.75,75.75.76.76
TCP: Interfaces\{1E18D358-48A7-4907-844E-6BBA6B33DE74}\4656C64716 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{1E18D358-48A7-4907-844E-6BBA6B33DE74}\759636B65646D49627167656 : NameServer = 192.168.1.1
TCP: Interfaces\{1E18D358-48A7-4907-844E-6BBA6B33DE74}\759636B65646D49627167656 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{1E18D358-48A7-4907-844E-6BBA6B33DE74}\759636B65646D49627167656D2242756E64777F6F646 : NameServer = 192.168.1.1
TCP: Interfaces\{1E18D358-48A7-4907-844E-6BBA6B33DE74}\759636B65646D49627167656D2242756E64777F6F646 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{1E18D358-48A7-4907-844E-6BBA6B33DE74}\A524E43545D20534F5E4564777F627B6 : NameServer = 192.168.2.1
TCP: Interfaces\{1E18D358-48A7-4907-844E-6BBA6B33DE74}\A524E43545D20534F5E4564777F627B6 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{5F000FAD-20A8-42C9-B47A-A888C712E2EF} : DHCPNameServer = 138.202.175.2 138.202.175.4
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - C:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs= C:\PROGRA~2\Sophos\SOPHOS~1\SOPHOS~1.DLL
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Complitly: {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\Shayan Ahmed\AppData\Roaming\Complitly\64\Complitly64.dll
x64-BHO: McAfee Phishing Filter: {27B4851A-3207-45A2-B947-BE8AFE6163AB} -
x64-BHO: Sophos Web Content Scanner: {39EA7695-B3F2-4C44-A4BC-297ADA8FD235} - C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SophosBHOX64.dll
x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
x64-BHO: ActiveMail: {EF7AED5F-0C26-4820-A570-7DA8B6D93F4A} - C:\ProgramData\ActivePath\ActiveMail\ActiveMailBHO64.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
x64-Run: [QuickSet] C:\Program Files\Dell\QuickSet\QuickSet.exe
x64-Run: [IntelWireless] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray
x64-Run: [BTMTrayAgent] rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
x64-Run: [DellStage] "C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\start.umj" --startup
x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
x64-DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - <orphaned>
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned>
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: GoToAssist - C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2012-8-30 228768]
R1 SAVOnAccess;SAVOnAccess;C:\Windows\System32\drivers\savonaccess.sys [2011-12-7 142328]
R2 {73526619-C24F-470B-9BED-53D455FBB5C6};Power Control [2012/07/14 02:19:44];C:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\000.fcl [2012-4-17 146928]
R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2011-4-7 89600]
R2 Application Sendori;Application Sendori;C:\Program Files (x86)\Sendori\SendoriSvc.exe [2012-11-26 118632]
R2 Application Updater;Application Updater;C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe [2012-11-28 793600]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2010-11-3 897088]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2010-11-3 983104]
R2 CDScheduler;CyberDefender Scheduling Service;C:\Program Files (x86)\CyberDefender\SchedulerService\SchedulerService.exe [2012-1-20 1002616]
R2 CLHNServiceForPowerDVD12;CLHNServiceForPowerDVD12;C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe [2012-7-14 87336]
R2 CyberLink PowerDVD 12 Media Server Monitor Service;CyberLink PowerDVD 12 Media Server Monitor Service;C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [2012-7-14 75048]
R2 CyberLink PowerDVD 12 Media Server Service;CyberLink PowerDVD 12 Media Server Service;C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [2012-7-14 296232]
R2 HerculesDJControlMP3;Hercules DJ Control MP3;C:\Program Files\Hercules\Audio\DJ Console Series\drivers\amd64\HerculesDJControlMP3.EXE [2012-7-6 18944]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-4-7 13336]
R2 NACAgent;Cisco NAC Agent;C:\Program Files (x86)\Cisco\Cisco NAC Agent\NACAgent.exe [2012-10-3 1269208]
R2 ntk_PowerDVD12;ntk_PowerDVD12;C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys [2012-7-14 82928]
R2 SAVAdminService;Sophos Anti-Virus status reporter;C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe [2011-10-13 163056]
R2 SAVService;Sophos Anti-Virus;C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe [2011-10-13 97520]
R2 Service Sendori;Service Sendori;C:\Program Files (x86)\Sendori\Sendori.Service.exe [2012-11-26 14696]
R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2011-4-8 1692480]
R2 sndappv2;sndappv2;C:\Program Files (x86)\Sendori\sndappv2.exe [2012-11-26 3569512]
R2 Sophos AutoUpdate Service;Sophos AutoUpdate Service;C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe [2012-4-11 232472]
R2 swi_service;Sophos Web Intelligence Service;C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe [2012-2-21 1543704]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-4-7 2655768]
R2 WajamUpdater;WajamUpdater;C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe [2012-6-14 109064]
R3 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.EXE [2012-6-11 240208]
R3 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2010-11-3 1298496]
R3 btmaux;Intel Bluetooth Auxiliary Service;C:\Windows\System32\drivers\btmaux.sys [2010-11-4 58128]
R3 btmhsf;btmhsf;C:\Windows\System32\drivers\btmhsf.sys [2011-11-15 327168]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\System32\drivers\CtClsFlt.sys [2011-4-7 175168]
R3 iBtFltCoex;iBtFltCoex;C:\Windows\System32\drivers\iBtFltCoex.sys [2011-12-9 60416]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2011-4-8 317440]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2010-12-10 80384]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2010-12-10 181248]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-6-10 539240]
R3 wdkmd;Intel WiDi KMD;C:\Windows\System32\drivers\WDKMD.sys [2010-12-1 42392]
S2 BBSvc;BingBar Service;C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.EXE [2012-6-11 193616]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]
S3 btmaudio;Intel Bluetooth Audio Service;C:\Windows\System32\drivers\btmaud.sys [2010-11-4 53008]
S3 Bulk;HDJBulk;C:\Windows\System32\drivers\HDJBulk.sys [2012-7-6 232272]
S3 HDJAsioK;HDJAsioK;C:\Windows\System32\drivers\HDJAsioK.sys [2012-7-6 304976]
S3 HDJMidi;Hercules DJ Console Rmx MIDI;C:\Windows\System32\drivers\HDJMidi.sys [2012-7-6 253264]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2010-12-17 340240]
S3 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2012-8-30 128456]
S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-9-12 368896]
S3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0;PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - PCDR Kernel Mode Service Helper Driver;C:\Program Files\Dell Support Center\pcdsrvc_x64.pkms [2010-7-30 25072]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2011-4-8 250984]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-9-7 59392]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-4-25 52736]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-9-2 1255736]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2009-6-10 389120]
S4 SophosBootDriver;SophosBootDriver;C:\Windows\System32\drivers\SophosBootDriver.sys [2011-12-7 25608]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
SUnknown cxedvxph;cxedvxph; [x]
SUnknown xbgbxrtk;xbgbxrtk; [x]
.
=============== Created Last 30 ================
.
2012-12-09 09:35:24 388096 ----a-r- C:\Users\Shayan Ahmed\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-12-09 09:35:24 -------- d-----w- C:\Program Files (x86)\Trend Micro
2012-12-09 09:28:17 -------- d-----w- C:\Users\Shayan Ahmed\AppData\Local\{CC3E225F-46B2-46AE-9DC5-23EB29EF0D18}
2012-12-09 09:19:39 9125352 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B15FFE5F-5213-4B42-8E2C-91C88A4D92E5}\mpengine.dll
2012-12-09 01:33:11 -------- d-----w- C:\Users\Shayan Ahmed\AppData\Local\{1A49017B-D3EF-45B0-BB27-8434C7F7BD99}
2012-12-08 07:59:31 9125352 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-12-07 07:59:42 -------- d-----w- C:\Users\Shayan Ahmed\AppData\Local\{60F2F6DE-48F5-4747-81C3-6FEB2F62455B}
2012-12-06 18:01:20 -------- d-----w- C:\Windows\Downloaded Installations
2012-12-06 03:32:34 -------- d-----w- C:\Program Files (x86)\Application Updater
2012-12-06 03:32:33 -------- d-----w- C:\Program Files (x86)\YTD Toolbar
2012-12-06 03:32:33 -------- d-----w- C:\Program Files (x86)\Common Files\Spigot
2012-12-02 23:48:04 -------- d-----w- C:\Users\Shayan Ahmed\AppData\Local\ArcSoft
2012-12-02 23:22:39 -------- d-----w- C:\Users\Shayan Ahmed\AppData\Local\{C0F14023-4705-4F4F-BA8F-B709252CCC8D}
2012-11-22 20:49:26 -------- d-----w- C:\Users\Shayan Ahmed\AppData\Local\{48559102-099F-45BE-AC71-3A6FB80AD017}
2012-11-16 11:26:03 2560 ----a-w- C:\Windows\System32\drivers\en-US\wdf01000.sys.mui
2012-11-16 11:26:02 785512 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys
2012-11-16 11:26:01 54376 ----a-w- C:\Windows\System32\drivers\WdfLdr.sys
2012-11-16 11:26:00 9728 ----a-w- C:\Windows\System32\Wdfres.dll
2012-11-16 11:08:59 548864 ----a-w- C:\Program Files\Internet Explorer\ieproxy.dll
2012-11-16 11:02:33 198656 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys
2012-11-16 11:02:32 87040 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys
2012-11-16 11:02:29 84992 ----a-w- C:\Windows\System32\WUDFSvc.dll
2012-11-16 11:02:28 194048 ----a-w- C:\Windows\System32\WUDFPlatform.dll
2012-11-16 11:02:22 45056 ----a-w- C:\Windows\System32\WUDFCoinstaller.dll
2012-11-16 11:02:22 229888 ----a-w- C:\Windows\System32\WUDFHost.exe
2012-11-16 11:02:21 744448 ----a-w- C:\Windows\System32\WUDFx.dll
2012-11-16 09:05:07 55296 ----a-w- C:\Windows\System32\dhcpcsvc6.dll
2012-11-16 09:05:07 226816 ----a-w- C:\Windows\System32\dhcpcore6.dll
2012-11-16 09:05:07 193536 ----a-w- C:\Windows\SysWow64\dhcpcore6.dll
2012-11-16 09:05:06 44032 ----a-w- C:\Windows\SysWow64\dhcpcsvc6.dll
2012-11-16 08:58:52 95744 ----a-w- C:\Windows\System32\synceng.dll
2012-11-16 08:58:52 78336 ----a-w- C:\Windows\SysWow64\synceng.dll
2012-11-16 04:45:17 -------- d-----w- C:\Program Files (x86)\Common Files\Cisco
2012-11-14 18:29:42 -------- d-----w- C:\Program Files (x86)\Microsoft Synchronization Services
2012-11-14 18:28:55 -------- d-----w- C:\Windows\PCHEALTH
2012-11-14 18:26:48 -------- d-----w- C:\Program Files (x86)\Microsoft Visual Studio 8
2012-11-14 18:26:01 -------- d-----w- C:\Program Files (x86)\Microsoft Analysis Services
.
==================== Find3M ====================
.
2012-11-26 19:12:42 321384 ----a-w- C:\Windows\SysWow64\Sendori.dll
2012-10-18 18:25:58 3149824 ----a-w- C:\Windows\System32\win32k.sys
2012-10-16 08:38:37 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38:34 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39:52 561664 ----a-w- C:\Windows\apppatch\AcLayers.dll
2012-10-09 10:09:34 73656 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-10-09 10:09:34 696760 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-10-09 10:09:16 10220472 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe
2012-10-08 11:31:03 2312704 ----a-w- C:\Windows\System32\jscript9.dll
2012-10-08 11:23:52 1392128 ----a-w- C:\Windows\System32\wininet.dll
2012-10-08 11:22:55 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-10-08 11:18:22 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2012-10-08 11:17:35 599040 ----a-w- C:\Windows\System32\vbscript.dll
2012-10-08 11:13:33 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-10-08 07:56:24 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-10-08 07:48:03 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-10-08 07:47:44 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-10-08 07:44:05 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2012-10-08 07:43:21 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
2012-10-08 07:40:56 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-10-03 17:56:54 1914248 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2012-10-03 17:44:21 70656 ----a-w- C:\Windows\System32\nlaapi.dll
2012-10-03 17:44:21 303104 ----a-w- C:\Windows\System32\nlasvc.dll
2012-10-03 17:44:17 246272 ----a-w- C:\Windows\System32\netcorehc.dll
2012-10-03 17:44:17 18944 ----a-w- C:\Windows\System32\netevent.dll
2012-10-03 17:44:16 216576 ----a-w- C:\Windows\System32\ncsi.dll
2012-10-03 17:42:16 569344 ----a-w- C:\Windows\System32\iphlpsvc.dll
2012-10-03 16:42:24 18944 ----a-w- C:\Windows\SysWow64\netevent.dll
2012-10-03 16:42:24 175104 ----a-w- C:\Windows\SysWow64\netcorehc.dll
2012-10-03 16:42:23 156672 ----a-w- C:\Windows\SysWow64\ncsi.dll
2012-10-03 16:07:26 45568 ----a-w- C:\Windows\System32\drivers\tcpipreg.sys
2012-09-14 19:19:29 2048 ----a-w- C:\Windows\System32\tzres.dll
2012-09-14 18:28:53 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
.
============= FINISH: 2:04:05.53 ===============
▼▼ This topic has 12 answers - they are below this advertisement ▼▼
AfterDawn Advertisement
#2
G101,

You have posted these Logs at MalWare Removal.com for help. That's where I learned how to remove malware. They are experts and can assist you but, will refuse to help if you post these logs at other sites at the same time.

My advice is to remove these posts here and allow them to help.
After looking at the DDS Log you have some broken windsock chains that could turn your computer into an expensive paperweight if not handled properly......
Let the experts handle it....... I could do it but, just don't have the time for that big of a mess..

2oG



There are three kinds of men: The ones that learn by reading; The few who learn by observation;
The rest of them have to pee on the electric fence and find out for themselves...
#3
DDS is a program that will scan your computer and create logs that can be used to display various startup configuration and file information from your computer.
#4
well bully for it.
#5
Originally posted by Anatory:
DDS is a program that will scan your computer and create logs that can be used to display various startup configuration and file information from your computer.
That is correct... But the question is, can you READ IT? and do you understand HOW to correct the things it finds? The information on how to read and use this program is NOT released to the general public and requires more than a novice level of computer knowledge in order to use it.

2oG



There are three kinds of men: The ones that learn by reading; The few who learn by observation;
The rest of them have to pee on the electric fence and find out for themselves...
#6
thats why it looks like greek to me.lol.
#7
That's Geek, NOT Greek!


2oG



There are three kinds of men: The ones that learn by reading; The few who learn by observation;
The rest of them have to pee on the electric fence and find out for themselves...
#8
I had an experience last night that thrilled me all the way to my toes. I caught a VIRUS!
Haven’t had one in so long that I was tickled pink. I was using Office Word and Threatfire poped up saying I had a bad program trying to start. It was Werfault.exe, well, that is a good program for MS Word so I clicked to let it run. WRONG! It took out my security center, my registry editor, and my task manager, wiped out my Hosts file and redirected my browser so I couldn’t get anything that would help… Couldn’t load any of my Malware/AV programs. So, went to Safe Mode and ran Malwarebytes, emsisoft, CCE and Hitmanpro. Nothing was found! It had also wiped out my restore points and stopped my Acronis True Image from running…. So, I reached over and got my Acronis Boot disk, installed my last backup, which was just 1 day ago, and all was saved in about 7 minutes. To get a point across, the money that I spent for Acronis True Image has been more than worth it!

2oG



There are three kinds of men: The ones that learn by reading; The few who learn by observation;
The rest of them have to pee on the electric fence and find out for themselves...
#9
ah yes,a guy that longs to get a virus.you are truly unique among men 2old.lol.
#10
You know, aldan, it's really sad to think that after all of these years of fighting viruses and malware that I would come to the point that I welcomed a threat in order to keep my sanity...
I have so much protection that NOTHING can get into my computer EXCEPT a Zero day infection that no one has discovered and applied a signature to the scanners for it..
In my old age I find that the KISS (keep it simple stupid) theory works great. Just install Acronis True Image and have it scheduled to backup your boot disk about 3 times a week and then, if you do get a nasty you just recover your backup from a couple of days ago (about 5 to 8 minutes) and the Nasty is gone... poof! No mas nasty...


ps this threat would NOT have gotten in because Threatfire caught it and I was dumb enough to think it was an OK and let it by...


2oG
This message has been edited since its posting. Latest edit was made on 16 Jan 2013 @ 18:53



There are three kinds of men: The ones that learn by reading; The few who learn by observation;
The rest of them have to pee on the electric fence and find out for themselves...
#11
im playing with paragon drive copy right now.i copy my drive to my second hard drive and,if i understand correctly,if something happens to my primary drive i can boot to my second hdd and voila.not as neat or quick as yours but free and doable.
#12
Macrium Reflect Free Edition is very good and free does the same thing as Acronis, just not as fast.
Check out the review here:
https://www.techsupportalert.com/best-f...ing-program.htm


2oG



There are three kinds of men: The ones that learn by reading; The few who learn by observation;
The rest of them have to pee on the electric fence and find out for themselves...
#13
thanks,i will look into it.
This discussion thread has been automatically closed, as it hasn't received any new posts during the last 180 days. This means that you can't post replies or new questions to this discussion thread.

If you have something to add to this topic, use this page to post your question or comments to a new discussion thread.