1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

DDS log

Discussion in 'Windows - Virus and spyware problems' started by G101, Dec 9, 2012.

  1. G101

    G101 Regular member

    Joined:
    Oct 3, 2005
    Messages:
    240
    Likes Received:
    0
    Trophy Points:
    26
    DDS (Ver_2012-11-20.01) - NTFS_AMD64
    Internet Explorer: 9.0.8112.16455
    Run by Shayan Ahmed at 2:01:24 on 2012-12-09
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4003.1596 [GMT -8:00]
    .
    AV: Sophos Anti-Virus *Enabled/Updated* {479CCF92-4960-B3E0-7373-BF453B467D2C}
    SP: Sophos Anti-Virus *Enabled/Updated* {FCFD2E76-6F5A-BC6E-49C3-843740C13791}
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k RPCSS
    c:\Program Files\Microsoft Security Client\MsMpEng.exe
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Program Files\IDT\WDM\STacSV64.exe
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\system32\WLANExt.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\taskhost.exe
    C:\Program Files\IDT\WDM\AESTSr64.exe
    C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler.exe
    C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler64.exe
    C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
    C:\ProgramData\ActivePath\ActiveMail\UpdateClient.exe
    C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Windows\system32\svchost.exe -k bthsvcs
    C:\Program Files (x86)\CyberDefender\SchedulerService\SchedulerService.exe
    C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
    C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
    C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files\Intel\WiFi\bin\EvtEng.exe
    C:\Program Files\Hercules\Audio\DJ Console Series\drivers\amd64\HerculesDJControlMP3.EXE
    C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
    C:\Program Files (x86)\Cisco\Cisco NAC Agent\NACAgent.exe
    C:\Windows\System32\svchost.exe -k HPZ12
    C:\Windows\System32\svchost.exe -k HPZ12
    C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
    C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe
    C:\Program Files (x86)\Cisco\Cisco NAC Agent\NACAgentUI.exe
    C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
    C:\Program Files (x86)\Sendori\sndappv2.exe
    C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe
    C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Program Files (x86)\Sendori\SendoriSvc.exe
    C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
    C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
    C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
    C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
    C:\Program Files (x86)\Sendori\Sendori.Service.exe
    C:\Program Files (x86)\Sendori\SendoriUp.exe
    C:\Windows\system32\svchost.exe -k HPService
    C:\Windows\System32\igfxtray.exe
    C:\Windows\System32\hkcmd.exe
    C:\Windows\System32\igfxpers.exe
    C:\Program Files\IDT\WDM\sttray64.exe
    C:\Program Files\DellTPad\Apoint.exe
    C:\Program Files\Dell\QuickSet\quickset.exe
    C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\Microsoft Security Client\msseces.exe
    C:\Program Files\DellTPad\ApMsgFwd.exe
    C:\Program Files\DellTPad\Apntex.exe
    C:\Program Files\DellTPad\HidFind.exe
    C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Program Files (x86)\uTorrent\uTorrent.exe
    C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
    C:\Users\Shayan Ahmed\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
    C:\Users\Shayan Ahmed\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
    C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
    C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
    C:\Program Files (x86)\Sophos\AutoUpdate\ALMon.exe
    C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\Users\Shayan Ahmed\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
    C:\Users\Shayan Ahmed\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Shayan Ahmed\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Shayan Ahmed\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Shayan Ahmed\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Shayan Ahmed\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Shayan Ahmed\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Shayan Ahmed\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Shayan Ahmed\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Shayan Ahmed\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Shayan Ahmed\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
    C:\Program Files\Hercules\Audio\DJ Console Series\HDJSeriesCPL.exe
    C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
    C:\Program Files (x86)\iTunes\iTunesHelper.exe
    C:\Program Files (x86)\Sendori\SendoriTray.exe
    C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Users\Shayan Ahmed\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Shayan Ahmed\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Shayan Ahmed\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe
    C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
    C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe
    C:\Program Files (x86)\Safari\Safari.exe
    C:\Program Files (x86)\Safari\Apple Application Support\WebKit2WebProcess.exe
    C:\Program Files (x86)\Safari\Safari.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\System32\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://search.babylon.com/?affID=110795&tt=3212_7&babsrc=HP_ss&mntrId=7c4e86d4000000000000bc77373cda03
    uURLSearchHooks: YTD Toolbar: {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files (x86)\YTD Toolbar\IE\6.6\ytdToolbarIE.dll
    uURLSearchHooks: Online SMS 4 Free Toolbar: {9d841c6a-6c61-4d90-8d90-fedd2bf8a28d} - C:\Program Files (x86)\Online_SMS_4_Free\prxtbOnli.dll
    uURLSearchHooks: uTorrentControl2 Toolbar: {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll
    mURLSearchHooks: Online SMS 4 Free Toolbar: {9d841c6a-6c61-4d90-8d90-fedd2bf8a28d} - C:\Program Files (x86)\Online_SMS_4_Free\prxtbOnli.dll
    mURLSearchHooks: uTorrentControl2 Toolbar: {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll
    mWinlogon: Userinit = userinit.exe
    BHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
    BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
    BHO: Complitly: {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\Shayan Ahmed\AppData\Roaming\Complitly\Complitly.dll
    BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO: McAfee Phishing Filter: {27B4851A-3207-45A2-B947-BE8AFE6163AB} -
    BHO: Babylon toolbar helper: {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.6.4.6\bh\BabylonToolbar.dll
    BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
    BHO: Sophos Web Content Scanner: {39EA7695-B3F2-4C44-A4BC-297ADA8FD235} - C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SophosBHO.dll
    BHO: uTorrentControl2 Toolbar: {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll
    BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
    BHO: DealCabby: {780E957D-9057-415C-8B59-C22DFA66A44B} - C:\Users\Shayan Ahmed\AppData\Local\dealcabby\ie\dealcabby_20120804035001.dll
    BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: Online SMS 4 Free Toolbar: {9d841c6a-6c61-4d90-8d90-fedd2bf8a28d} - C:\Program Files (x86)\Online_SMS_4_Free\prxtbOnli.dll
    BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    BHO: Wajam: {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - C:\Program Files (x86)\Wajam\IE\priam_bho.dll
    BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
    BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll
    BHO: WeCareReminder Class: {D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} - C:\ProgramData\WeCareReminder\IEHelperv2.5.0.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    BHO: ActiveMail: {EF7AED5F-0C26-4820-A570-7DA8B6D93F4A} - C:\ProgramData\ActivePath\ActiveMail\ActiveMailBHO.dll
    BHO: YTD Toolbar: {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files (x86)\YTD Toolbar\IE\6.6\ytdToolbarIE.dll
    BHO: Yontoo: {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll
    BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    TB: Online SMS 4 Free Toolbar: {9D841C6A-6C61-4D90-8D90-FEDD2BF8A28D} - C:\Program Files (x86)\Online_SMS_4_Free\prxtbOnli.dll
    TB: uTorrentControl2 Toolbar: {687578B9-7132-4A7A-80E4-30EE31099E03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll
    TB: Online SMS 4 Free Toolbar: {9d841c6a-6c61-4d90-8d90-fedd2bf8a28d} - C:\Program Files (x86)\Online_SMS_4_Free\prxtbOnli.dll
    TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
    TB: uTorrentControl2 Toolbar: {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll
    TB: Babylon Toolbar: {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.6.4.6\BabylonToolbarTlbr.dll
    TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -
    TB: YTD Toolbar: {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files (x86)\YTD Toolbar\IE\6.6\ytdToolbarIE.dll
    EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
    EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
    uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
    uRun: [Facebook Update] "C:\Users\Shayan Ahmed\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
    uRun: [Google Update] "C:\Users\Shayan Ahmed\AppData\Local\Google\Update\GoogleUpdate.exe" /c
    uRun: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED
    uRun: [Spotify] "C:\Users\Shayan Ahmed\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
    uRun: [Spotify Web Helper] "C:\Users\Shayan Ahmed\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
    uRun: [{603380FE-28B7-4EFA-A9B9-A94C1D46A6EA}] "C:\Users\Shayan Ahmed\Desktop\MixedInKey_Version5\MixedInKey_Version5\MixedInKey_Version5.exe" /cmdloc "HKCU\Software\Mixed In Key LLC AiTemp\{603380FE-28B7-4EFA-A9B9-A94C1D46A6EA}"
    uRun: [GoogleChromeAutoLaunch_37BA0099873B19EC3A5779111E5BFA97] "C:\Users\Shayan Ahmed\AppData\Local\Google\Chrome\Application\chrome.exe" --no-startup-window
    uRunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_4_402_287_ActiveX.exe -update activex
    mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
    mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    mRun: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
    mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
    mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    mRun: [AccuWeatherWidget] "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup
    mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
    mRun: [Sophos AutoUpdate Monitor] C:\Program Files (x86)\Sophos\AutoUpdate\almon.exe
    mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
    mRun: [Aimersoft Helper Compact.exe] C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe
    mRun: [Hercules DJ Series] C:\Program Files\Hercules\Audio\DJ Console Series\HDJSeriesCPL.exe /boot
    mRun: [PowerDVD12DMREngine] "C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe"
    mRun: [PowerDVD12Agent] "C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe"
    mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    mRun: [Sendori Tray] "C:\Program Files (x86)\Sendori\SendoriTray.exe"
    mRun: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
    mRun: [NACAgentUI] C:\Program Files (x86)\Cisco\Cisco NAC Agent\NACAgentUI.exe
    mRun: [SearchSettings] "C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe"
    mRunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"
    StartupFolder: C:\Users\SHAYAN~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\OFFICE~1.LNK - C:\Program Files (x86)\Office Suite X 3\program\quickstart.exe
    StartupFolder: C:\Users\SHAYAN~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ZOOSKM~1.LNK - C:\Program Files (x86)\ZooskMessenger\ZooskMessenger.exe
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
    mPolicies-Explorer: NoActiveDesktop = dword:1
    mPolicies-Explorer: NoActiveDesktopChanges = dword:1
    mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
    mPolicies-System: ConsentPromptBehaviorUser = dword:3
    mPolicies-System: EnableUIADesktopToggle = dword:0
    IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
    IE: Free YouTube Download - C:\Users\Shayan Ahmed\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm
    IE: Free YouTube to MP3 Converter - C:\Users\Shayan Ahmed\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
    IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
    IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
    IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    LSP: C:\Windows\System32\Sendori.dll
    LSP: mswsock.dll
    DPF: {4D2D3A17-9B46-483C-A5F4-1DC471080009} - hxxps://nac-svr03.usfca.edu/auth/taweb.cab
    DPF: {5EA13312-8764-496F-B4AB-F7A872B51E14} - hxxp://cdn03.oovoo.com/oovoomelink/oovoome/webvc/ooVooWeb.dll
    DPF: {76CBDDBA-3897-4EAC-A1D3-CCC47DE82EFB} - hxxps://nac-svr03.usfca.edu/auth/taweb.cab
    DPF: {8569D715-FF88-44BA-8D1D-AD3E59543DDE} - hxxps://radar.ctuit.com/CtuitNet/Reports/arview2.cab
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
    TCP: NameServer = 75.75.75.75 75.75.76.76
    TCP: Interfaces\{1E18D358-48A7-4907-844E-6BBA6B33DE74} : NameServer = 216.146.35.240,216.146.36.240,75.75.75.75,75.75.76.76
    TCP: Interfaces\{1E18D358-48A7-4907-844E-6BBA6B33DE74} : DHCPNameServer = 75.75.75.75 75.75.76.76
    TCP: Interfaces\{1E18D358-48A7-4907-844E-6BBA6B33DE74}\16474777966696 : DHCPNameServer = 192.168.4.1 64.134.255.2 64.134.255.10
    TCP: Interfaces\{1E18D358-48A7-4907-844E-6BBA6B33DE74}\26F627963766D27657563747 : DHCPNameServer = 192.168.0.1
    TCP: Interfaces\{1E18D358-48A7-4907-844E-6BBA6B33DE74}\4656C64716 : NameServer = 75.75.75.75,75.75.76.76
    TCP: Interfaces\{1E18D358-48A7-4907-844E-6BBA6B33DE74}\4656C64716 : DHCPNameServer = 192.168.1.1
    TCP: Interfaces\{1E18D358-48A7-4907-844E-6BBA6B33DE74}\759636B65646D49627167656 : NameServer = 192.168.1.1
    TCP: Interfaces\{1E18D358-48A7-4907-844E-6BBA6B33DE74}\759636B65646D49627167656 : DHCPNameServer = 192.168.1.1
    TCP: Interfaces\{1E18D358-48A7-4907-844E-6BBA6B33DE74}\759636B65646D49627167656D2242756E64777F6F646 : NameServer = 192.168.1.1
    TCP: Interfaces\{1E18D358-48A7-4907-844E-6BBA6B33DE74}\759636B65646D49627167656D2242756E64777F6F646 : DHCPNameServer = 192.168.1.1
    TCP: Interfaces\{1E18D358-48A7-4907-844E-6BBA6B33DE74}\A524E43545D20534F5E4564777F627B6 : NameServer = 192.168.2.1
    TCP: Interfaces\{1E18D358-48A7-4907-844E-6BBA6B33DE74}\A524E43545D20534F5E4564777F627B6 : DHCPNameServer = 192.168.2.1
    TCP: Interfaces\{5F000FAD-20A8-42C9-B47A-A888C712E2EF} : DHCPNameServer = 138.202.175.2 138.202.175.4
    Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
    Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - C:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll
    Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    AppInit_DLLs= C:\PROGRA~2\Sophos\SOPHOS~1\SOPHOS~1.DLL
    SSODL: WebCheck - <orphaned>
    SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
    x64-BHO: Complitly: {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\Shayan Ahmed\AppData\Roaming\Complitly\64\Complitly64.dll
    x64-BHO: McAfee Phishing Filter: {27B4851A-3207-45A2-B947-BE8AFE6163AB} -
    x64-BHO: Sophos Web Content Scanner: {39EA7695-B3F2-4C44-A4BC-297ADA8FD235} - C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SophosBHOX64.dll
    x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
    x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
    x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
    x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    x64-BHO: ActiveMail: {EF7AED5F-0C26-4820-A570-7DA8B6D93F4A} - C:\ProgramData\ActivePath\ActiveMail\ActiveMailBHO64.dll
    x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
    x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
    x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
    x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
    x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
    x64-Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
    x64-Run: [QuickSet] C:\Program Files\Dell\QuickSet\QuickSet.exe
    x64-Run: [IntelWireless] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray
    x64-Run: [BTMTrayAgent] rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
    x64-Run: [DellStage] "C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\start.umj" --startup
    x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
    x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
    x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
    x64-DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
    x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
    x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
    x64-Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - <orphaned>
    x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned>
    x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
    x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
    x64-Notify: GoToAssist - C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll
    x64-Notify: igfxcui - igfxdev.dll
    x64-SSODL: WebCheck - <orphaned>
    x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2012-8-30 228768]
    R1 SAVOnAccess;SAVOnAccess;C:\Windows\System32\drivers\savonaccess.sys [2011-12-7 142328]
    R2 {73526619-C24F-470B-9BED-53D455FBB5C6};Power Control [2012/07/14 02:19:44];C:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\000.fcl [2012-4-17 146928]
    R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2011-4-7 89600]
    R2 Application Sendori;Application Sendori;C:\Program Files (x86)\Sendori\SendoriSvc.exe [2012-11-26 118632]
    R2 Application Updater;Application Updater;C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe [2012-11-28 793600]
    R2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2010-11-3 897088]
    R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2010-11-3 983104]
    R2 CDScheduler;CyberDefender Scheduling Service;C:\Program Files (x86)\CyberDefender\SchedulerService\SchedulerService.exe [2012-1-20 1002616]
    R2 CLHNServiceForPowerDVD12;CLHNServiceForPowerDVD12;C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe [2012-7-14 87336]
    R2 CyberLink PowerDVD 12 Media Server Monitor Service;CyberLink PowerDVD 12 Media Server Monitor Service;C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [2012-7-14 75048]
    R2 CyberLink PowerDVD 12 Media Server Service;CyberLink PowerDVD 12 Media Server Service;C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [2012-7-14 296232]
    R2 HerculesDJControlMP3;Hercules DJ Control MP3;C:\Program Files\Hercules\Audio\DJ Console Series\drivers\amd64\HerculesDJControlMP3.EXE [2012-7-6 18944]
    R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-4-7 13336]
    R2 NACAgent;Cisco NAC Agent;C:\Program Files (x86)\Cisco\Cisco NAC Agent\NACAgent.exe [2012-10-3 1269208]
    R2 ntk_PowerDVD12;ntk_PowerDVD12;C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys [2012-7-14 82928]
    R2 SAVAdminService;Sophos Anti-Virus status reporter;C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe [2011-10-13 163056]
    R2 SAVService;Sophos Anti-Virus;C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe [2011-10-13 97520]
    R2 Service Sendori;Service Sendori;C:\Program Files (x86)\Sendori\Sendori.Service.exe [2012-11-26 14696]
    R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2011-4-8 1692480]
    R2 sndappv2;sndappv2;C:\Program Files (x86)\Sendori\sndappv2.exe [2012-11-26 3569512]
    R2 Sophos AutoUpdate Service;Sophos AutoUpdate Service;C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe [2012-4-11 232472]
    R2 swi_service;Sophos Web Intelligence Service;C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe [2012-2-21 1543704]
    R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-4-7 2655768]
    R2 WajamUpdater;WajamUpdater;C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe [2012-6-14 109064]
    R3 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.EXE [2012-6-11 240208]
    R3 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2010-11-3 1298496]
    R3 btmaux;Intel Bluetooth Auxiliary Service;C:\Windows\System32\drivers\btmaux.sys [2010-11-4 58128]
    R3 btmhsf;btmhsf;C:\Windows\System32\drivers\btmhsf.sys [2011-11-15 327168]
    R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\System32\drivers\CtClsFlt.sys [2011-4-7 175168]
    R3 iBtFltCoex;iBtFltCoex;C:\Windows\System32\drivers\iBtFltCoex.sys [2011-12-9 60416]
    R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2011-4-8 317440]
    R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2010-12-10 80384]
    R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2010-12-10 181248]
    R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-6-10 539240]
    R3 wdkmd;Intel WiDi KMD;C:\Windows\System32\drivers\WDKMD.sys [2010-12-1 42392]
    S2 BBSvc;BingBar Service;C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.EXE [2012-6-11 193616]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]
    S3 btmaudio;Intel Bluetooth Audio Service;C:\Windows\System32\drivers\btmaud.sys [2010-11-4 53008]
    S3 Bulk;HDJBulk;C:\Windows\System32\drivers\HDJBulk.sys [2012-7-6 232272]
    S3 HDJAsioK;HDJAsioK;C:\Windows\System32\drivers\HDJAsioK.sys [2012-7-6 304976]
    S3 HDJMidi;Hercules DJ Console Rmx MIDI;C:\Windows\System32\drivers\HDJMidi.sys [2012-7-6 253264]
    S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2010-12-17 340240]
    S3 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2012-8-30 128456]
    S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-9-12 368896]
    S3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0;PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - PCDR Kernel Mode Service Helper Driver;C:\Program Files\Dell Support Center\pcdsrvc_x64.pkms [2010-7-30 25072]
    S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2011-4-8 250984]
    S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-9-7 59392]
    S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-4-25 52736]
    S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-9-2 1255736]
    S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2009-6-10 389120]
    S4 SophosBootDriver;SophosBootDriver;C:\Windows\System32\drivers\SophosBootDriver.sys [2011-12-7 25608]
    S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
    SUnknown cxedvxph;cxedvxph; [x]
    SUnknown xbgbxrtk;xbgbxrtk; [x]
    .
    =============== Created Last 30 ================
    .
    2012-12-09 09:35:24 388096 ----a-r- C:\Users\Shayan Ahmed\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
    2012-12-09 09:35:24 -------- d-----w- C:\Program Files (x86)\Trend Micro
    2012-12-09 09:28:17 -------- d-----w- C:\Users\Shayan Ahmed\AppData\Local\{CC3E225F-46B2-46AE-9DC5-23EB29EF0D18}
    2012-12-09 09:19:39 9125352 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B15FFE5F-5213-4B42-8E2C-91C88A4D92E5}\mpengine.dll
    2012-12-09 01:33:11 -------- d-----w- C:\Users\Shayan Ahmed\AppData\Local\{1A49017B-D3EF-45B0-BB27-8434C7F7BD99}
    2012-12-08 07:59:31 9125352 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
    2012-12-07 07:59:42 -------- d-----w- C:\Users\Shayan Ahmed\AppData\Local\{60F2F6DE-48F5-4747-81C3-6FEB2F62455B}
    2012-12-06 18:01:20 -------- d-----w- C:\Windows\Downloaded Installations
    2012-12-06 03:32:34 -------- d-----w- C:\Program Files (x86)\Application Updater
    2012-12-06 03:32:33 -------- d-----w- C:\Program Files (x86)\YTD Toolbar
    2012-12-06 03:32:33 -------- d-----w- C:\Program Files (x86)\Common Files\Spigot
    2012-12-02 23:48:04 -------- d-----w- C:\Users\Shayan Ahmed\AppData\Local\ArcSoft
    2012-12-02 23:22:39 -------- d-----w- C:\Users\Shayan Ahmed\AppData\Local\{C0F14023-4705-4F4F-BA8F-B709252CCC8D}
    2012-11-22 20:49:26 -------- d-----w- C:\Users\Shayan Ahmed\AppData\Local\{48559102-099F-45BE-AC71-3A6FB80AD017}
    2012-11-16 11:26:03 2560 ----a-w- C:\Windows\System32\drivers\en-US\wdf01000.sys.mui
    2012-11-16 11:26:02 785512 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys
    2012-11-16 11:26:01 54376 ----a-w- C:\Windows\System32\drivers\WdfLdr.sys
    2012-11-16 11:26:00 9728 ----a-w- C:\Windows\System32\Wdfres.dll
    2012-11-16 11:08:59 548864 ----a-w- C:\Program Files\Internet Explorer\ieproxy.dll
    2012-11-16 11:02:33 198656 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys
    2012-11-16 11:02:32 87040 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys
    2012-11-16 11:02:29 84992 ----a-w- C:\Windows\System32\WUDFSvc.dll
    2012-11-16 11:02:28 194048 ----a-w- C:\Windows\System32\WUDFPlatform.dll
    2012-11-16 11:02:22 45056 ----a-w- C:\Windows\System32\WUDFCoinstaller.dll
    2012-11-16 11:02:22 229888 ----a-w- C:\Windows\System32\WUDFHost.exe
    2012-11-16 11:02:21 744448 ----a-w- C:\Windows\System32\WUDFx.dll
    2012-11-16 09:05:07 55296 ----a-w- C:\Windows\System32\dhcpcsvc6.dll
    2012-11-16 09:05:07 226816 ----a-w- C:\Windows\System32\dhcpcore6.dll
    2012-11-16 09:05:07 193536 ----a-w- C:\Windows\SysWow64\dhcpcore6.dll
    2012-11-16 09:05:06 44032 ----a-w- C:\Windows\SysWow64\dhcpcsvc6.dll
    2012-11-16 08:58:52 95744 ----a-w- C:\Windows\System32\synceng.dll
    2012-11-16 08:58:52 78336 ----a-w- C:\Windows\SysWow64\synceng.dll
    2012-11-16 04:45:17 -------- d-----w- C:\Program Files (x86)\Common Files\Cisco
    2012-11-14 18:29:42 -------- d-----w- C:\Program Files (x86)\Microsoft Synchronization Services
    2012-11-14 18:28:55 -------- d-----w- C:\Windows\PCHEALTH
    2012-11-14 18:26:48 -------- d-----w- C:\Program Files (x86)\Microsoft Visual Studio 8
    2012-11-14 18:26:01 -------- d-----w- C:\Program Files (x86)\Microsoft Analysis Services
    .
    ==================== Find3M ====================
    .
    2012-11-26 19:12:42 321384 ----a-w- C:\Windows\SysWow64\Sendori.dll
    2012-10-18 18:25:58 3149824 ----a-w- C:\Windows\System32\win32k.sys
    2012-10-16 08:38:37 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
    2012-10-16 08:38:34 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
    2012-10-16 07:39:52 561664 ----a-w- C:\Windows\apppatch\AcLayers.dll
    2012-10-09 10:09:34 73656 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2012-10-09 10:09:34 696760 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
    2012-10-09 10:09:16 10220472 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe
    2012-10-08 11:31:03 2312704 ----a-w- C:\Windows\System32\jscript9.dll
    2012-10-08 11:23:52 1392128 ----a-w- C:\Windows\System32\wininet.dll
    2012-10-08 11:22:55 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
    2012-10-08 11:18:22 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
    2012-10-08 11:17:35 599040 ----a-w- C:\Windows\System32\vbscript.dll
    2012-10-08 11:13:33 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
    2012-10-08 07:56:24 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
    2012-10-08 07:48:03 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
    2012-10-08 07:47:44 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
    2012-10-08 07:44:05 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
    2012-10-08 07:43:21 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
    2012-10-08 07:40:56 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
    2012-10-03 17:56:54 1914248 ----a-w- C:\Windows\System32\drivers\tcpip.sys
    2012-10-03 17:44:21 70656 ----a-w- C:\Windows\System32\nlaapi.dll
    2012-10-03 17:44:21 303104 ----a-w- C:\Windows\System32\nlasvc.dll
    2012-10-03 17:44:17 246272 ----a-w- C:\Windows\System32\netcorehc.dll
    2012-10-03 17:44:17 18944 ----a-w- C:\Windows\System32\netevent.dll
    2012-10-03 17:44:16 216576 ----a-w- C:\Windows\System32\ncsi.dll
    2012-10-03 17:42:16 569344 ----a-w- C:\Windows\System32\iphlpsvc.dll
    2012-10-03 16:42:24 18944 ----a-w- C:\Windows\SysWow64\netevent.dll
    2012-10-03 16:42:24 175104 ----a-w- C:\Windows\SysWow64\netcorehc.dll
    2012-10-03 16:42:23 156672 ----a-w- C:\Windows\SysWow64\ncsi.dll
    2012-10-03 16:07:26 45568 ----a-w- C:\Windows\System32\drivers\tcpipreg.sys
    2012-09-14 19:19:29 2048 ----a-w- C:\Windows\System32\tzres.dll
    2012-09-14 18:28:53 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
    .
    ============= FINISH: 2:04:05.53 ===============
     
  2. 2oldGeek

    2oldGeek Active member

    Joined:
    Jun 16, 2005
    Messages:
    3,658
    Likes Received:
    38
    Trophy Points:
    78
    G101,

    You have posted these Logs at MalWare Removal.com for help. That's where I learned how to remove malware. They are experts and can assist you but, will refuse to help if you post these logs at other sites at the same time.

    My advice is to remove these posts here and allow them to help.
    After looking at the DDS Log you have some broken windsock chains that could turn your computer into an expensive paperweight if not handled properly......
    Let the experts handle it....... I could do it but, just don't have the time for that big of a mess..

    2oG
     
  3. Anatory

    Anatory Member

    Joined:
    Jan 15, 2013
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    11
    DDS is a program that will scan your computer and create logs that can be used to display various startup configuration and file information from your computer.
     
  4. aldan

    aldan Active member

    Joined:
    Mar 24, 2007
    Messages:
    1,724
    Likes Received:
    42
    Trophy Points:
    78
    well bully for it.
     
  5. 2oldGeek

    2oldGeek Active member

    Joined:
    Jun 16, 2005
    Messages:
    3,658
    Likes Received:
    38
    Trophy Points:
    78
    That is correct... But the question is, can you READ IT? and do you understand HOW to correct the things it finds? The information on how to read and use this program is NOT released to the general public and requires more than a novice level of computer knowledge in order to use it.

    2oG
     
  6. aldan

    aldan Active member

    Joined:
    Mar 24, 2007
    Messages:
    1,724
    Likes Received:
    42
    Trophy Points:
    78
    thats why it looks like greek to me.lol.
     
  7. 2oldGeek

    2oldGeek Active member

    Joined:
    Jun 16, 2005
    Messages:
    3,658
    Likes Received:
    38
    Trophy Points:
    78
    That's Geek, NOT Greek!
    [​IMG]
    2oG
     
  8. 2oldGeek

    2oldGeek Active member

    Joined:
    Jun 16, 2005
    Messages:
    3,658
    Likes Received:
    38
    Trophy Points:
    78
    I had an experience last night that thrilled me all the way to my toes. I caught a VIRUS!
    Haven’t had one in so long that I was tickled pink. I was using Office Word and Threatfire poped up saying I had a bad program trying to start. It was Werfault.exe, well, that is a good program for MS Word so I clicked to let it run. WRONG! It took out my security center, my registry editor, and my task manager, wiped out my Hosts file and redirected my browser so I couldn’t get anything that would help… Couldn’t load any of my Malware/AV programs. So, went to Safe Mode and ran Malwarebytes, emsisoft, CCE and Hitmanpro. Nothing was found! It had also wiped out my restore points and stopped my Acronis True Image from running…. So, I reached over and got my Acronis Boot disk, installed my last backup, which was just 1 day ago, and all was saved in about 7 minutes. To get a point across, the money that I spent for Acronis True Image has been more than worth it!

    2oG
     
  9. aldan

    aldan Active member

    Joined:
    Mar 24, 2007
    Messages:
    1,724
    Likes Received:
    42
    Trophy Points:
    78
    ah yes,a guy that longs to get a virus.you are truly unique among men 2old.lol.
     
  10. 2oldGeek

    2oldGeek Active member

    Joined:
    Jun 16, 2005
    Messages:
    3,658
    Likes Received:
    38
    Trophy Points:
    78
    You know, aldan, it's really sad to think that after all of these years of fighting viruses and malware that I would come to the point that I welcomed a threat in order to keep my sanity...
    I have so much protection that NOTHING can get into my computer EXCEPT a Zero day infection that no one has discovered and applied a signature to the scanners for it..
    In my old age I find that the KISS (keep it simple stupid) theory works great. Just install Acronis True Image and have it scheduled to backup your boot disk about 3 times a week and then, if you do get a nasty you just recover your backup from a couple of days ago (about 5 to 8 minutes) and the Nasty is gone... poof! No mas nasty...


    ps this threat would NOT have gotten in because Threatfire caught it and I was dumb enough to think it was an OK and let it by... [​IMG]

    2oG
     
    Last edited: Jan 16, 2013
  11. aldan

    aldan Active member

    Joined:
    Mar 24, 2007
    Messages:
    1,724
    Likes Received:
    42
    Trophy Points:
    78
    im playing with paragon drive copy right now.i copy my drive to my second hard drive and,if i understand correctly,if something happens to my primary drive i can boot to my second hdd and voila.not as neat or quick as yours but free and doable.
     
  12. 2oldGeek

    2oldGeek Active member

    Joined:
    Jun 16, 2005
    Messages:
    3,658
    Likes Received:
    38
    Trophy Points:
    78
    Macrium Reflect Free Edition is very good and free does the same thing as Acronis, just not as fast.
    Check out the review here:
    https://www.techsupportalert.com/best-free-drive-imaging-program.htm


    2oG
     
  13. aldan

    aldan Active member

    Joined:
    Mar 24, 2007
    Messages:
    1,724
    Likes Received:
    42
    Trophy Points:
    78
    thanks,i will look into it.
     

Share This Page