Hello everyone!
Thanks in advance. I'm having trouble getting rid of a pesky browser redirect that only occurs every so often. I'm redirected to pages that have a title of "Sup", and I'm not sure why. Here is all of the information requested by "how to post to this forum" thread.
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.16521 BrowserJavaVersion: 10.55.2
Run by Laptop at 23:28:19 on 2014-07-02
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.4091.2739 [GMT 8:00]
.
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Windows\system32\Dwm.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Steam\Steam.exe
C:\Users\Laptop\AppData\Local\Akamai\netsession_win.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
C:\Users\Laptop\AppData\Local\Akamai\netsession_win.exe
C:\Program Files\Autodesk\3ds Max 2014\NVIDIA\Satellite\raysat_3dsmax2014_64server.exe
c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Common Files\Steam\SteamService.exe
C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
C:\Program Files\Tablet\Wacom\WacomHost.exe
C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxps://mail.google.com/mail/u/0/?shva=1#inbox/143a195084fd6d85
uProxyOverride = <local>
mWinlogon: Userinit = userinit.exe,
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: Microsoft Web Test Recorder 10.0 Helper: {DDA57003-0068-4ed2-9D32-4D1EC707D94D} - C:\Program Files (x86)\Microsoft Visual Studio 10.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll
TB: <No Name>: {ae07101b-46d4-4a98-af68-0333ea26e113} - LocalServer32 - <no file>
TB: avast! Online Security: {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
EB: Web Test Recorder 10.0: {5802D092-1784-4908-8CDB-99B6842D353D} -
uRun: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
uRun: [AdobeBridge] <no file>
mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
mRun: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
dRunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
StartupFolder: C:\Users\Laptop\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Trillian.lnk - C:\Program Files (x86)\Trillian\trillian.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
Trusted Zone: dell.com
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{020A779D-BAC4-41BA-B273-755D4192989E} : DHCPNameServer = 163.17.40.1 168.95.1.1
TCP: Interfaces\{442873BA-AA11-41BC-9B96-E8D2F0541D49} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{442873BA-AA11-41BC-9B96-E8D2F0541D49}\14E64627F69646140533536433 : DHCPNameServer = 192.168.43.1
TCP: Interfaces\{442873BA-AA11-41BC-9B96-E8D2F0541D49}\4505D2C494E4B4F505F636B656471405F5436443145323 : DHCPNameServer = 163.17.40.1 168.95.1.1
TCP: Interfaces\{442873BA-AA11-41BC-9B96-E8D2F0541D49}\751474F425 : DHCPNameServer = 163.17.40.1 168.95.1.1
TCP: Interfaces\{442873BA-AA11-41BC-9B96-E8D2F0541D49}\771676F627F53547574656E64713 : DHCPNameServer = 168.95.1.1 168.95.192.1
TCP: Interfaces\{442873BA-AA11-41BC-9B96-E8D2F0541D49}\771676F627F554D607C6F6975656 : DHCPNameServer = 168.95.1.1 168.95.192.1
TCP: Interfaces\{64EB1EC3-C5DD-43BD-87C0-56ED389CA792} : DHCPNameServer = 192.168.42.129
TCP: Interfaces\{B8B0E864-DB67-49C5-B1CC-82FB41C0661C} : DHCPNameServer = 192.168.42.129
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-TB: <No Name>: {ae07101b-46d4-4a98-af68-0333ea26e113} - LocalServer32 - <no file>
x64-TB: avast! Online Security: {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Laptop\AppData\Roaming\Mozilla\Firefox\Profiles\zl7v27ew.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?q=
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\3.0.40818.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
FF - plugin: C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll
FF - plugin: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll
FF - plugin: C:\Users\Laptop\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\Users\Laptop\AppData\Roaming\Mozilla\plugins\npatgpc.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;avast! Revert;C:\Windows\System32\drivers\aswRvrt.sys [2013-10-23 65776]
R0 aswVmm;avast! VM Monitor;C:\Windows\System32\drivers\aswVmm.sys [2013-10-23 207904]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2013-10-23 1038072]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswsp.sys [2013-10-23 421704]
R1 cnnctfy3;Connectify LightWeight Filter;C:\Windows\System32\drivers\cnnctfy3.sys [2014-3-25 35352]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2013-4-30 238080]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2013-10-23 78648]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-2-6 50344]
R2 mi-raysat_3dsmax2014_64;mental ray Satellite for Autodesk 3ds Max 2014 64-bit;C:\Program Files\Autodesk\3ds Max 2014\NVIDIA\Satellite\raysat_3dsmax2014_64server.exe [2011-9-15 86016]
R2 Sentinel64;Sentinel64;C:\Windows\System32\drivers\sentinel64.sys [2014-5-18 145448]
R2 WTabletServicePro;Wacom Professional Service;C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [2013-12-18 621336]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2012-5-14 96896]
R3 hidkmdf;KMDF Driver;C:\Windows\System32\drivers\hidkmdf.sys [2013-12-18 14136]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;C:\Windows\System32\drivers\k57nd60a.sys [2009-6-11 270848]
R3 WacHidRouter;Wacom Hid Router;C:\Windows\System32\drivers\wachidrouter.sys [2013-12-18 90424]
R3 wacomrouterfilter;Wacom Router Filter Driver;C:\Windows\System32\drivers\wacomrouterfilter.sys [2013-12-18 15160]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 aswStm;aswStm;C:\Windows\System32\drivers\aswStm.sys [2014-2-6 80184]
S3 FlexNet Licensing Service 64;FlexNet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2014-3-26 1471352]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-3-26 111616]
S3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\drivers\MBAMSwissArmy.sys [2014-5-4 119512]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\System32\drivers\netw5v64.sys [2009-6-11 5434368]
S3 PSKMAD;PSKMAD;C:\Windows\System32\drivers\PSKMAD.sys [2014-5-1 47632]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-12-12 20992]
S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-12-12 59392]
S3 VSPerfDrv100;Performance Tools Driver 10.0;C:\Program Files (x86)\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\x64\VSPerfDrv100.sys [2010-3-17 68440]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;C:\Program Files\Microsoft SQL Server\100\Shared\sqladhlp.exe [2009-7-22 61976]
S4 RsFx0103;RsFx0103 Driver;C:\Windows\System32\drivers\RsFx0103.sys [2009-3-30 311656]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2009-3-30 427880]
.
=============== File Associations ===============
.
ShellExec: DWGSee.exe: open="C:\Program Files (x86)\AutoDWG\DWGSee Pro 2015\DWGSeePro.exe" "%1"
.
=============== Created Last 30 ================
.
2014-07-02 14:16:36 -------- d-----w- C:\Users\Laptop\AppData\Roaming\Curiolab
2014-06-25 11:18:07 -------- d-----w- C:\Users\Laptop\AppData\Local\Line
2014-06-25 11:17:56 -------- d-----w- C:\Program Files (x86)\Naver
2014-06-24 23:26:20 -------- d-----w- C:\Users\Laptop\AppData\Roaming\EurekaLab s.a.s
2014-06-15 20:35:02 -------- d-----w- C:\Users\Laptop\AppData\Roaming\Macro Recorder
2014-06-15 20:34:59 44032 ----a-w- C:\Windows\SysWow64\SystemHookCore.dll
2014-06-15 20:34:59 -------- d-----w- C:\Program Files (x86)\MacroRecorderLite
2014-06-14 20:08:47 -------- d-----w- C:\Users\Laptop\AppData\Roaming\asoftech
2014-06-14 20:08:44 -------- d-----w- C:\Program Files (x86)\Asoftech
2014-06-14 20:08:28 634880 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\0700\Intel32\iKernel.dll
2014-06-14 20:08:28 57344 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\0700\Intel32\ctor.dll
2014-06-14 20:08:28 5632 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\0700\Intel32\DotNetInstaller.exe
2014-06-14 20:08:28 32768 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\Objectps.dll
2014-06-14 20:08:28 270468 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\0700\Intel32\Setup.dll
2014-06-14 20:08:28 237568 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\0700\Intel32\iscript.dll
2014-06-14 20:08:28 159876 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\0700\Intel32\IGdi.dll
2014-06-14 20:08:28 151552 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\0700\Intel32\iuser.dll
2014-06-11 08:54:15 -------- d-----w- C:\Users\Laptop\AppData\Local\qBittorrent
2014-06-11 08:54:08 -------- d-----w- C:\Users\Laptop\AppData\Roaming\qBittorrent
2014-06-11 08:54:03 -------- d-----w- C:\Program Files (x86)\qBittorrent
2014-06-02 23:30:25 -------- d-----w- C:\Users\Laptop\AppData\Roaming\AutoDWG
.
==================== Find3M ====================
.
2014-05-16 07:57:27 119512 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-04-14 12:13:43 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
.
============= FINISH: 23:28:29.34 ===============
Thanks in advance. I'm having trouble getting rid of a pesky browser redirect that only occurs every so often. I'm redirected to pages that have a title of "Sup", and I'm not sure why. Here is all of the information requested by "how to post to this forum" thread.
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.16521 BrowserJavaVersion: 10.55.2
Run by Laptop at 23:28:19 on 2014-07-02
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.4091.2739 [GMT 8:00]
.
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Windows\system32\Dwm.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Steam\Steam.exe
C:\Users\Laptop\AppData\Local\Akamai\netsession_win.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
C:\Users\Laptop\AppData\Local\Akamai\netsession_win.exe
C:\Program Files\Autodesk\3ds Max 2014\NVIDIA\Satellite\raysat_3dsmax2014_64server.exe
c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Common Files\Steam\SteamService.exe
C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
C:\Program Files\Tablet\Wacom\WacomHost.exe
C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxps://mail.google.com/mail/u/0/?shva=1#inbox/143a195084fd6d85
uProxyOverride = <local>
mWinlogon: Userinit = userinit.exe,
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: Microsoft Web Test Recorder 10.0 Helper: {DDA57003-0068-4ed2-9D32-4D1EC707D94D} - C:\Program Files (x86)\Microsoft Visual Studio 10.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll
TB: <No Name>: {ae07101b-46d4-4a98-af68-0333ea26e113} - LocalServer32 - <no file>
TB: avast! Online Security: {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
EB: Web Test Recorder 10.0: {5802D092-1784-4908-8CDB-99B6842D353D} -
uRun: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
uRun: [AdobeBridge] <no file>
mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
mRun: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
dRunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
StartupFolder: C:\Users\Laptop\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Trillian.lnk - C:\Program Files (x86)\Trillian\trillian.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
Trusted Zone: dell.com
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{020A779D-BAC4-41BA-B273-755D4192989E} : DHCPNameServer = 163.17.40.1 168.95.1.1
TCP: Interfaces\{442873BA-AA11-41BC-9B96-E8D2F0541D49} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{442873BA-AA11-41BC-9B96-E8D2F0541D49}\14E64627F69646140533536433 : DHCPNameServer = 192.168.43.1
TCP: Interfaces\{442873BA-AA11-41BC-9B96-E8D2F0541D49}\4505D2C494E4B4F505F636B656471405F5436443145323 : DHCPNameServer = 163.17.40.1 168.95.1.1
TCP: Interfaces\{442873BA-AA11-41BC-9B96-E8D2F0541D49}\751474F425 : DHCPNameServer = 163.17.40.1 168.95.1.1
TCP: Interfaces\{442873BA-AA11-41BC-9B96-E8D2F0541D49}\771676F627F53547574656E64713 : DHCPNameServer = 168.95.1.1 168.95.192.1
TCP: Interfaces\{442873BA-AA11-41BC-9B96-E8D2F0541D49}\771676F627F554D607C6F6975656 : DHCPNameServer = 168.95.1.1 168.95.192.1
TCP: Interfaces\{64EB1EC3-C5DD-43BD-87C0-56ED389CA792} : DHCPNameServer = 192.168.42.129
TCP: Interfaces\{B8B0E864-DB67-49C5-B1CC-82FB41C0661C} : DHCPNameServer = 192.168.42.129
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-TB: <No Name>: {ae07101b-46d4-4a98-af68-0333ea26e113} - LocalServer32 - <no file>
x64-TB: avast! Online Security: {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Laptop\AppData\Roaming\Mozilla\Firefox\Profiles\zl7v27ew.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?q=
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\3.0.40818.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
FF - plugin: C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll
FF - plugin: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll
FF - plugin: C:\Users\Laptop\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\Users\Laptop\AppData\Roaming\Mozilla\plugins\npatgpc.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;avast! Revert;C:\Windows\System32\drivers\aswRvrt.sys [2013-10-23 65776]
R0 aswVmm;avast! VM Monitor;C:\Windows\System32\drivers\aswVmm.sys [2013-10-23 207904]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2013-10-23 1038072]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswsp.sys [2013-10-23 421704]
R1 cnnctfy3;Connectify LightWeight Filter;C:\Windows\System32\drivers\cnnctfy3.sys [2014-3-25 35352]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2013-4-30 238080]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2013-10-23 78648]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-2-6 50344]
R2 mi-raysat_3dsmax2014_64;mental ray Satellite for Autodesk 3ds Max 2014 64-bit;C:\Program Files\Autodesk\3ds Max 2014\NVIDIA\Satellite\raysat_3dsmax2014_64server.exe [2011-9-15 86016]
R2 Sentinel64;Sentinel64;C:\Windows\System32\drivers\sentinel64.sys [2014-5-18 145448]
R2 WTabletServicePro;Wacom Professional Service;C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [2013-12-18 621336]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2012-5-14 96896]
R3 hidkmdf;KMDF Driver;C:\Windows\System32\drivers\hidkmdf.sys [2013-12-18 14136]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;C:\Windows\System32\drivers\k57nd60a.sys [2009-6-11 270848]
R3 WacHidRouter;Wacom Hid Router;C:\Windows\System32\drivers\wachidrouter.sys [2013-12-18 90424]
R3 wacomrouterfilter;Wacom Router Filter Driver;C:\Windows\System32\drivers\wacomrouterfilter.sys [2013-12-18 15160]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 aswStm;aswStm;C:\Windows\System32\drivers\aswStm.sys [2014-2-6 80184]
S3 FlexNet Licensing Service 64;FlexNet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2014-3-26 1471352]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-3-26 111616]
S3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\drivers\MBAMSwissArmy.sys [2014-5-4 119512]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\System32\drivers\netw5v64.sys [2009-6-11 5434368]
S3 PSKMAD;PSKMAD;C:\Windows\System32\drivers\PSKMAD.sys [2014-5-1 47632]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-12-12 20992]
S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-12-12 59392]
S3 VSPerfDrv100;Performance Tools Driver 10.0;C:\Program Files (x86)\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\x64\VSPerfDrv100.sys [2010-3-17 68440]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;C:\Program Files\Microsoft SQL Server\100\Shared\sqladhlp.exe [2009-7-22 61976]
S4 RsFx0103;RsFx0103 Driver;C:\Windows\System32\drivers\RsFx0103.sys [2009-3-30 311656]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2009-3-30 427880]
.
=============== File Associations ===============
.
ShellExec: DWGSee.exe: open="C:\Program Files (x86)\AutoDWG\DWGSee Pro 2015\DWGSeePro.exe" "%1"
.
=============== Created Last 30 ================
.
2014-07-02 14:16:36 -------- d-----w- C:\Users\Laptop\AppData\Roaming\Curiolab
2014-06-25 11:18:07 -------- d-----w- C:\Users\Laptop\AppData\Local\Line
2014-06-25 11:17:56 -------- d-----w- C:\Program Files (x86)\Naver
2014-06-24 23:26:20 -------- d-----w- C:\Users\Laptop\AppData\Roaming\EurekaLab s.a.s
2014-06-15 20:35:02 -------- d-----w- C:\Users\Laptop\AppData\Roaming\Macro Recorder
2014-06-15 20:34:59 44032 ----a-w- C:\Windows\SysWow64\SystemHookCore.dll
2014-06-15 20:34:59 -------- d-----w- C:\Program Files (x86)\MacroRecorderLite
2014-06-14 20:08:47 -------- d-----w- C:\Users\Laptop\AppData\Roaming\asoftech
2014-06-14 20:08:44 -------- d-----w- C:\Program Files (x86)\Asoftech
2014-06-14 20:08:28 634880 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\0700\Intel32\iKernel.dll
2014-06-14 20:08:28 57344 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\0700\Intel32\ctor.dll
2014-06-14 20:08:28 5632 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\0700\Intel32\DotNetInstaller.exe
2014-06-14 20:08:28 32768 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\Objectps.dll
2014-06-14 20:08:28 270468 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\0700\Intel32\Setup.dll
2014-06-14 20:08:28 237568 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\0700\Intel32\iscript.dll
2014-06-14 20:08:28 159876 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\0700\Intel32\IGdi.dll
2014-06-14 20:08:28 151552 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\0700\Intel32\iuser.dll
2014-06-11 08:54:15 -------- d-----w- C:\Users\Laptop\AppData\Local\qBittorrent
2014-06-11 08:54:08 -------- d-----w- C:\Users\Laptop\AppData\Roaming\qBittorrent
2014-06-11 08:54:03 -------- d-----w- C:\Program Files (x86)\qBittorrent
2014-06-02 23:30:25 -------- d-----w- C:\Users\Laptop\AppData\Roaming\AutoDWG
.
==================== Find3M ====================
.
2014-05-16 07:57:27 119512 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-04-14 12:13:43 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
.
============= FINISH: 23:28:29.34 ===============