DDS
Code:
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 10.0.9200.16660 BrowserJavaVersion: 10.25.2
Run by Kevin at 21:02:14 on 2013-08-17
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.2.1033.18.3048.1679 [GMT -4:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\ASUS\AXSP\1.00.19\atkexComSvc.exe
C:\Program Files\ASUS\AAHM\1.00.20\aaHMSvc.exe
C:\Program Files\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\lxctcoms.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
c:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Lexmark 5400 Series\lxctmon.exe
C:\Program Files\Lexmark 5400 Series\ezprint.exe
C:\Windows\System32\StikyNot.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Program Files\Nero\Update\NASvc.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
.
============== Pseudo HJT Report ===============
.
BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - c:\program files\microsoft office\office15\OCHelper.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:\program files\microsoft office\office15\URLREDIR.DLL
BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - c:\program files\microsoft office\office15\GROOVEEX.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
uRun: [RESTART_STICKY_NOTES] c:\windows\system32\StikyNot.exe
mRun: [RTHDVCPL] c:\program files\realtek\audio\hda\RtkNGUI.exe -s
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [lxctmon.exe] "c:\program files\lexmark 5400 series\lxctmon.exe"
mRun: [Lexmark 5400 Series Fax Server] "c:\program files\lexmark 5400 series\fm3032.exe" /s
mRun: [EzPrint] "c:\program files\lexmark 5400 series\ezprint.exe"
mRun: [LXCTCATS] rundll32 c:\windows\system32\spool\drivers\w32x86\3\LXCTtime.dll,_RunDLLEntry@16
dRunOnce: [SPReview] "c:\windows\system32\spreview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\micros~4\office15\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office15\ONBttnIE.dll
IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - c:\program files\microsoft office\office15\OCHelper.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office15\ONBttnIELinkedNotes.dll
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{674D023E-E243-4AFA-93E5-1E25719B6959} : DHCPNameServer = 192.168.1.1
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office15\MSOXMLMF.DLL
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - c:\program files\microsoft office\office15\MSOSB.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\28.0.1500.95\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2013-6-18 211560]
R1 AsUpIO;AsUpIO;c:\windows\system32\drivers\AsUpIO.sys [2010-8-3 11832]
R1 MpKsl10ee6608;MpKsl10ee6608;c:\programdata\microsoft\microsoft antimalware\definition updates\{1ca7c7b1-0d92-405d-bc22-d843b8844235}\MpKsl10ee6608.sys [2013-8-17 29904]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-7-28 176128]
R2 AMD FUEL Service;AMD FUEL Service;c:\program files\ati technologies\ati.ace\fuel\Fuel.Service.exe [2011-7-28 291840]
R2 asComSvc;ASUS Com Service;c:\program files\asus\axsp\1.00.19\atkexComSvc.exe [2012-6-1 920736]
R2 asHmComSvc;ASUS HM Com Service;c:\program files\asus\aahm\1.00.20\aaHMSvc.exe [2012-6-1 951936]
R2 AsSysCtrlService;ASUS System Control Service;c:\program files\asus\assysctrlservice\1.00.13\AsSysCtrlService.exe [2013-8-1 149120]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2013-6-20 418376]
R2 NAUpdate;Nero Update;c:\program files\nero\update\NASvc.exe [2012-7-13 769432]
R2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2013-1-20 107392]
R2 TeamViewer8;TeamViewer 8;c:\program files\teamviewer\version8\TeamViewer_Service.exe [2013-6-20 4308320]
R3 amdiox86;AMD IO Driver;c:\windows\system32\drivers\amdiox86.sys [2013-6-20 37944]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-6-20 22856]
R3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\NisSrv.exe [2013-6-20 295376]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2013-6-20 514152]
S2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2013-6-20 701512]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-6-21 162408]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2013-6-21 14848]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2013-6-21 49664]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2013-6-20 1343400]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [2008-5-6 11520]
.
=============== Created Last 30 ================
.
2013-08-18 00:46:51 29904 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{1ca7c7b1-0d92-405d-bc22-d843b8844235}\MpKsl10ee6608.sys
2013-08-18 00:07:57 7143960 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{1ca7c7b1-0d92-405d-bc22-d843b8844235}\mpengine.dll
2013-08-17 23:52:16 -------- d-----w- c:\programdata\Microsoft Toolkit
2013-08-17 23:36:26 -------- d-----w- c:\programdata\regid.1991-06.com.microsoft
2013-08-17 23:35:54 -------- d-----w- c:\windows\PCHEALTH
2013-08-17 23:35:53 -------- d-----w- c:\program files\Microsoft SQL Server
2013-08-17 23:34:05 -------- d-----w- c:\program files\Microsoft Analysis Services
2013-08-17 07:28:11 7143960 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
2013-08-14 21:35:52 652800 ----a-w- c:\windows\system32\rpcrt4.dll
2013-08-14 21:35:50 175104 ----a-w- c:\windows\system32\wintrust.dll
2013-08-14 21:35:50 140288 ----a-w- c:\windows\system32\cryptsvc.dll
2013-08-14 21:35:50 1166848 ----a-w- c:\windows\system32\crypt32.dll
2013-08-14 21:35:50 103936 ----a-w- c:\windows\system32\cryptnet.dll
2013-08-14 21:35:47 3968960 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-08-14 21:35:47 3913664 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-08-14 21:35:47 1289096 ----a-w- c:\windows\system32\ntdll.dll
2013-08-14 21:35:45 1293760 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-08-14 21:35:44 1620992 ----a-w- c:\windows\system32\WMVDECOD.DLL
2013-08-14 21:35:38 2048 ----a-w- c:\windows\system32\tzres.dll
2013-08-14 21:35:37 31232 ----a-w- c:\windows\system32\drivers\tssecsrv.sys
2013-08-05 11:07:36 -------- d-----w- c:\users\kevin\appdata\local\ElevatedDiagnostics
2013-08-01 22:41:50 184320 ----a-w- c:\windows\system32\drivers\UpdateHelper.dll
2013-08-01 22:40:21 -------- d-----w- c:\programdata\ASUS
2013-08-01 22:40:11 28672 ----a-r- c:\windows\system32\AsIO.dll
2013-08-01 22:40:11 11456 ----a-r- c:\windows\system32\drivers\AsIO.sys
2013-08-01 22:40:11 -------- d-----w- c:\program files\ASUS
2013-08-01 22:40:10 929844 ------w- c:\windows\system32\drivers\mfdll\MFC42D.DLL
2013-08-01 22:40:10 385100 ------w- c:\windows\system32\drivers\mfdll\MSVCRTD.DLL
2013-08-01 22:40:10 343040 ------w- c:\windows\system32\drivers\mfdll\msvcrt.dll
2013-08-01 22:40:10 1028096 ------w- c:\windows\system32\drivers\mfdll\MFC42.DLL
2013-08-01 22:40:09 11832 ------w- c:\windows\system32\drivers\AsInsHelp64.sys
2013-08-01 22:40:09 -------- d-----w- c:\windows\system32\drivers\MFDLL
2013-07-30 12:52:36 -------- d-----w- c:\users\kevin\appdata\local\OCCT_-_Ocbase_-_Adrien_Me
2013-07-30 12:49:41 -------- d-----w- c:\windows\system32\directx
2013-07-20 19:45:03 -------- d-----w- c:\users\kevin\appdata\local\Microsoft Games
2013-07-20 18:23:03 -------- d-----w- c:\program files\Mp3tag
2013-07-20 13:04:52 -------- d-----w- c:\program files\common files\Windows Live
2013-07-19 13:22:27 -------- d-----w- c:\windows\system32\appmgmt
2013-07-19 13:17:13 -------- d-----w- c:\users\kevin\FrostWire
2013-07-19 13:17:11 -------- d-----w- c:\users\kevin\.frostwire5
2013-07-19 13:17:11 -------- d-----w- c:\programdata\APN
.
==================== Find3M ====================
.
2013-08-16 05:32:14 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-08-16 05:32:14 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-07-26 03:13:24 1767936 ----a-w- c:\windows\system32\wininet.dll
2013-07-26 03:12:04 2877440 ----a-w- c:\windows\system32\jscript9.dll
2013-07-26 03:12:00 61440 ----a-w- c:\windows\system32\iesetup.dll
2013-07-26 03:12:00 109056 ----a-w- c:\windows\system32\iesysprep.dll
2013-07-26 02:49:14 2706432 ----a-w- c:\windows\system32\mshtml.tlb
2013-07-26 01:59:38 71680 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2013-06-21 05:25:48 49152 ----a-w- c:\windows\system32\taskhost.exe
2013-06-20 23:14:55 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-06-20 23:14:52 867240 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-06-20 23:14:52 789416 ----a-w- c:\windows\system32\deployJava1.dll
2013-06-20 15:55:46 152576 ----a-w- c:\windows\system32\msclmd.dll
2013-06-20 15:16:37 0 ----a-w- c:\windows\ativpsrm.bin
2013-06-20 15:03:18 16896 ----a-w- c:\windows\AsTaskSched.dll
2013-06-19 01:50:08 211560 ----a-w- c:\windows\system32\drivers\MpFilter.sys
2013-06-19 01:50:08 107392 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
2013-06-05 03:05:09 2347520 ----a-w- c:\windows\system32\win32k.sys
2013-06-04 04:53:07 509440 ----a-w- c:\windows\system32\qedit.dll
.
============= FINISH: 21:03:08.86 ===============