Hello...first of all,thanks to you guys for looking at my problem.
Probably my computer might have been effected by a virus or a malware.
weird errors are popping up every time i open some kind of applications.
some say's its a visual c++ run time error (R2600 floating point error).
i tried to uninstall such application but an NSIS error occired saying unable to uninstall the program.
I've attached required files....
here is the required DDS.txt file:
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17207 BrowserJavaVersion: 10.71.2
Run by NANNU at 11:33:58 on 2014-10-22
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.1943.446 [GMT -7:00]
.
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\WLANExt.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskhost.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe
C:\Users\NANNU\AppData\Roaming\uTorrent\uTorrent.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Internet Download Manager\IDMan.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files (x86)\Apache Software Foundation\Tomcat 7.0\bin\Tomcat7w.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskhost.exe
C:\Users\NANNU\Downloads\Compressed\gmer\gmer.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.trovi.com/?gd=&ctid=CT3325977&octid=EB_ORIGINAL_CTID&ISID=B88D4C25-259A-4E90-BA7B-1290CC9FBA60&SearchSource=55&CUI=&UM=6&UP=SPE25787FB-1E50-4B35-BB20-889B7B281F53&SSPV=
uSearch Page = hxxp://www.istartsurf.com/web/?type=ds&ts=1409435497&from=tt4u&uid=ST9500325AS_S2WHDDLA&q={searchTerms}
uDefault_Page_URL = about:blank
uDefault_Search_URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1409435497&from=tt4u&uid=ST9500325AS_S2WHDDLA&q={searchTerms}
mStart Page = about:blank
mSearch Page = hxxp://www.istartsurf.com/web/?type=ds&ts=1409435497&from=tt4u&uid=ST9500325AS_S2WHDDLA&q={searchTerms}
mDefault_Page_URL = about:blank
mDefault_Search_URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1409435497&from=tt4u&uid=ST9500325AS_S2WHDDLA&q={searchTerms}
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant = hxxp://www.bing.com/search?q={searchTerms}
mCustomizeSearch = hxxp://www.bing.com/search?q={searchTerms}
mWinlogon: Userinit = userinit.exe
BHO: IDM integration (IDMIEHlprObj Class): {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
BHO: Gosaveneow: {55a3f6c9-eb09-4238-ae72-851f62998b0a} - C:\Program Files (x86)\Gosaveneow\binQJaJSGDnafK.dll
BHO: YoutUbeAdBloocke: {5d1855c3-ddb6-4644-889d-c9c59c32ecd3} - C:\Program Files (x86)\YoutUbeAdBloocke\kAcDcvRoCpXjTy.dll
BHO: GOSave: {6012f5b5-730a-4eab-b542-7617917502be} - C:\Program Files (x86)\GOSave\tRhyS5uQ5t3FQb.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: CIESpeechBHO Class: {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
BHO: QUICKfind BHO Object: {C08DF07A-3E49-4E25-9AB0-D3882835F153} - C:\Program Files (x86)\IDM\QUICKfind\PlugIns\IEHelp.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
uRun: [NokiaSuite.exe] C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -tray
uRun: [uTorrent] "C:\Users\NANNU\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
uRun: [LiveSupport] "C:\Program Files (x86)\LiveSupport\LiveSupport.exe" /noshow /log
uRun: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
uRun: [ApacheTomcatMonitor7.0_Tomcat7] "C:\Program Files (x86)\Apache Software Foundation\Tomcat 7.0\bin\Tomcat7w.exe" //MS//Tomcat7
mRun: [HPConnectionManager] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
mRun: [NSU_agent] "C:\Program Files (x86)\Nokia\Nokia Software Updater\nsu3ui_agent.exe"
mRun: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup
mRun: [fst_in_96] <no file>
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200
IE: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm
IE: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0015-0000-0005-ABCDEFFEDCBC} - C:\Program Files (x86)\Java\jre7\bin\jp2iexp.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_05-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_05-windows-i586.cab
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{0DD83D61-9D69-47C3-9DC4-107F181A2886} : NameServer =
TCP: Interfaces\{459BABD1-F686-47F0-BD18-31AD932B89D0} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{459BABD1-F686-47F0-BD18-31AD932B89D0}\3547166666 : DHCPNameServer = 10.128.128.128
TCP: Interfaces\{459BABD1-F686-47F0-BD18-31AD932B89D0}\37169602072796E63656373713 : DHCPNameServer = 182.18.174.3 182.18.174.4
TCP: Interfaces\{459BABD1-F686-47F0-BD18-31AD932B89D0}\37169602072796E63656373723 : DHCPNameServer = 172.16.0.1
TCP: Interfaces\{459BABD1-F686-47F0-BD18-31AD932B89D0}\46C696E6B6 : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{6BBEB587-8F06-4B90-AFED-8A42059F6ACB} : DHCPNameServer = 172.16.0.1
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.44\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-mStart Page = about:blank
x64-mSearch Page = hxxp://www.istartsurf.com/web/?type=ds&ts=1409435497&from=tt4u&uid=ST9500325AS_S2WHDDLA&q={searchTerms}
x64-mDefault_Page_URL = about:blank
x64-mDefault_Search_URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1409435497&from=tt4u&uid=ST9500325AS_S2WHDDLA&q={searchTerms}
x64-BHO: IDM integration (IDMIEHlprObj Class): {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll
x64-BHO: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Gosaveneow: {55a3f6c9-eb09-4238-ae72-851f62998b0a} - C:\Program Files (x86)\Gosaveneow\binQJaJSGDnafK.x64.dll
x64-BHO: YoutUbeAdBloocke: {5d1855c3-ddb6-4644-889d-c9c59c32ecd3} - C:\Program Files (x86)\YoutUbeAdBloocke\kAcDcvRoCpXjTy.x64.dll
x64-BHO: GOSave: {6012f5b5-730a-4eab-b542-7617917502be} - C:\Program Files (x86)\GOSave\tRhyS5uQ5t3FQb.x64.dll
x64-TB: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [AtherosBtStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
x64-Run: [AthBtTray] "C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;avast! Revert;C:\Windows\System32\drivers\aswRvrt.sys [2014-10-20 65776]
R0 aswVmm;avast! VM Monitor;C:\Windows\System32\drivers\aswVmm.sys [2014-10-20 224896]
R1 {0bd9bacb-0a2d-4412-900e-b2473afd87b4}Gw64;{0bd9bacb-0a2d-4412-900e-b2473afd87b4}Gw64;C:\Windows\System32\drivers\{0bd9bacb-0a2d-4412-900e-b2473afd87b4}Gw64.sys [2014-9-11 61112]
R1 {9a9157bb-003e-4fef-8bd1-c09bc4586a28}Gw64;{9a9157bb-003e-4fef-8bd1-c09bc4586a28}Gw64;C:\Windows\System32\drivers\{9a9157bb-003e-4fef-8bd1-c09bc4586a28}Gw64.sys [2014-8-30 61120]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2014-10-20 1041168]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswsp.sys [2014-10-20 427360]
R2 aswHwid;avast! HardwareID;C:\Windows\System32\drivers\aswHwid.sys [2014-10-20 29208]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2014-10-20 79184]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-10-20 50344]
R2 IDMWFP;IDMWFP;C:\Windows\System32\drivers\idmwfp.sys [2014-9-5 180136]
R3 AthBTPort;Atheros Virtual Bluetooth Class;C:\Windows\System32\drivers\btath_flt.sys [2012-1-19 36000]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\Windows\System32\drivers\btath_a2dp.sys [2012-1-19 339616]
R3 btath_avdt;Atheros Bluetooth AVDT Service;C:\Windows\System32\drivers\btath_avdt.sys [2012-1-19 110752]
R3 BTATH_BUS;Atheros Bluetooth Bus;C:\Windows\System32\drivers\btath_bus.sys [2012-1-19 30368]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\Windows\System32\drivers\btath_hcrp.sys [2012-1-19 167584]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\Windows\System32\drivers\btath_lwflt.sys [2012-1-19 68256]
R3 BTATH_RCP;Bluetooth AVRCP Device;C:\Windows\System32\drivers\btath_rcp.sys [2012-1-19 280992]
R3 BtFilter;BtFilter;C:\Windows\System32\drivers\btfilter.sys [2012-1-19 550560]
R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\System32\drivers\clwvd.sys [2010-7-28 31088]
R3 huawei_enumerator;huawei_enumerator;C:\Windows\System32\drivers\ew_jubusenum.sys [2014-10-5 90112]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2011-12-6 331264]
R3 RSP2STOR;Realtek PCIE CardReader Driver - P2;C:\Windows\System32\drivers\RtsP2Stor.sys [2014-8-1 259688]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2014-8-1 685160]
R3 SmbDrv;SmbDrv;C:\Windows\System32\drivers\Smb_driver.sys [2012-4-6 21264]
R3 teamviewervpn;TeamViewer VPN Adapter;C:\Windows\System32\drivers\teamviewervpn.sys [2014-10-13 35112]
S2 aswStm;aswStm;C:\Windows\System32\drivers\aswStm.sys [2014-10-20 92008]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-4-11 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-4-11 124088]
S2 MySQL4;MySQL4;"C:\Program Files (x86)\MySQL\MySQL Server 5.1\bin\mysqld" --defaults-file="C:\Program Files (x86)\MySQL\MySQL Server 5.1\my.ini" MySQL4 --> C:\Program Files (x86)\MySQL\MySQL Server 5.1\bin\mysqld [?]
S2 MySQL41;MySQL41;"C:\Program Files (x86)\MySQL\MySQL Server 5.1\bin\mysqld" --defaults-file="C:\Program Files (x86)\MySQL\MySQL Server 5.1\my.ini" MySQL41 --> C:\Program Files (x86)\MySQL\MySQL Server 5.1\bin\mysqld [?]
S2 MySQL5;MySQL5;"C:\Program Files (x86)\MySQL\MySQL Server 5.1\bin\mysqld" --defaults-file="C:\Program Files (x86)\MySQL\MySQL Server 5.1\my.ini" MySQL5 --> C:\Program Files (x86)\MySQL\MySQL Server 5.1\bin\mysqld [?]
S2 MySQL501;MySQL501;"C:\Program Files (x86)\MySQL\MySQL Server 5.1\bin\mysqld" --defaults-file="C:\Program Files (x86)\MySQL\MySQL Server 5.1\my.ini" MySQL501 --> C:\Program Files (x86)\MySQL\MySQL Server 5.1\bin\mysqld [?]
S2 MySQL51;MySQL51;"C:\Program Files (x86)\MySQL\MySQL Server 5.1\bin\mysqld" --defaults-file="C:\Program Files (x86)\MySQL\MySQL Server 5.1\my.ini" MySQL51 --> C:\Program Files (x86)\MySQL\MySQL Server 5.1\bin\mysqld [?]
S2 UpdaterSvcNetTock;UpdaterSvcNetTock;"C:\Program Files (x86)\NetTock\updater.exe" --> C:\Program Files (x86)\NetTock\updater.exe [?]
S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2011-4-12 71168]
S3 ew_usbenumfilter;huawei_CompositeFilter;C:\Windows\System32\drivers\ew_usbenumfilter.sys [2014-10-5 13952]
S3 HTCAND64;HTC Device Driver;C:\Windows\System32\drivers\ANDROIDUSB.sys [2009-11-2 33736]
S3 huawei_cdcacm;huawei_cdcacm;C:\Windows\System32\drivers\ew_jucdcacm.sys [2014-10-5 104448]
S3 huawei_ext_ctrl;huawei_ext_ctrl;C:\Windows\System32\drivers\ew_juextctrl.sys [2014-10-5 30720]
S3 huawei_wwanecm;huawei_wwanecm;C:\Windows\System32\drivers\ew_juwwanecm.sys [2014-10-5 238080]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-8-25 111616]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 20992]
S3 Synth3dVsc;Synth3dVsc;C:\Windows\System32\drivers\Synth3dVsc.sys [2011-4-12 88960]
S3 terminpt;Microsoft Remote Desktop Input Driver;C:\Windows\System32\drivers\terminpt.sys [2011-4-12 34816]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 tsusbhub;tsusbhub;C:\Windows\System32\drivers\tsusbhub.sys [2011-4-12 117248]
S4 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2014-8-1 98208]
S4 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Bluetooth Suite\AdminService.exe [2012-1-19 106144]
S4 hpCMSrv;HP Connection Manager 4 Service;C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2011-9-13 1098296]
S4 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-5-21 103992]
S4 HWDeviceService64.exe;HWDeviceService64.exe;C:\ProgramData\DatacardService\HWDeviceService64.exe [2011-3-14 346976]
S4 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2014-8-1 13592]
S4 Idea Net Setter. RunOuc;Idea Net Setter. OUC;C:\Program Files (x86)\Idea Net Setter\UpdateDog\ouc.exe --> C:\Program Files (x86)\Idea Net Setter\UpdateDog\ouc.exe [?]
S4 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-2-2 628448]
S4 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [2014-8-1 161560]
S4 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 520192]
S4 TeamViewer9;TeamViewer 9;C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-10-13 4799760]
S4 Tomcat7;Apache Tomcat 7.0 Tomcat7;"C:\Program Files (x86)\Apache Software Foundation\Tomcat 7.0\bin\Tomcat7.exe" //RS//Tomcat7 --> C:\Program Files (x86)\Apache Software Foundation\Tomcat 7.0\bin\Tomcat7.exe [?]
S4 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2014-8-1 363800]
.
=============== File Associations ===============
.
ShellExec: Opera.exe: open="C:\Program Files (x86)\Opera\Launcher.exe" "%1"
.
=============== Created Last 30 ================
.
2014-10-22 06:50:49 -------- d-----w- C:\ProgramData\MySQL
2014-10-21 06:00:43 -------- d-----w- C:\Users\NANNU\AppData\Roaming\AVAST Software
2014-10-20 13:06:39 -------- d-----w- C:\VC++
2014-10-20 12:59:41 92008 ----a-w- C:\Windows\System32\drivers\aswStm.sys
2014-10-20 12:59:40 29208 ----a-w- C:\Windows\System32\drivers\aswHwid.sys
2014-10-20 12:35:25 43152 ----a-w- C:\Windows\avastSS.scr
2014-10-20 12:07:01 93568 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2014-10-20 12:07:00 1041168 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2014-10-20 12:06:59 65776 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys
2014-10-20 12:06:59 224896 ----a-w- C:\Windows\System32\drivers\aswVmm.sys
2014-10-20 12:06:55 79184 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2014-10-20 12:05:18 -------- d-----w- C:\Program Files\AVAST Software
2014-10-20 11:58:04 -------- d-----w- C:\ProgramData\AVAST Software
2014-10-19 09:05:24 -------- d-sh--w- C:\Users\NANNU\AppData\Local\EmieUserList
2014-10-19 09:05:24 -------- d-sh--w- C:\Users\NANNU\AppData\Local\EmieSiteList
2014-10-18 15:49:25 75888 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{7F4A6B61-B632-4B66-AC6B-0DB8DD0B5AAA}\offreg.dll
2014-10-17 17:06:18 98216 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2014-10-17 16:48:39 -------- d-----w- C:\Windows\pss
2014-10-16 15:31:31 -------- d-----w- C:\ProgramData\RegInOut
2014-10-16 11:38:06 -------- d-----w- C:\Users\NANNU\AppData\Local\ElevatedDiagnostics
2014-10-15 03:00:03 103140 --sh--r- C:\cknvm.exe
2014-10-14 18:33:08 -------- d-----w- C:\Program Files\paint.net
2014-10-14 18:29:29 -------- d-----w- C:\Users\NANNU\AppData\Local\paint.net
2014-10-14 18:21:04 -------- d-----w- C:\Windows\Migration
2014-10-14 18:10:49 23752 ----a-w- C:\Windows\SysWow64\drivers\efimon.sys
2014-10-14 08:56:57 -------- d-----w- C:\Users\NANNU\.eclipse
2014-10-14 08:55:49 -------- d-----w- C:\Program Files (x86)\eclipse
2014-10-14 08:54:25 -------- d-----w- C:\eclipse
2014-10-14 08:36:46 -------- d-----w- C:\Program Files (x86)\Apache Software Foundation
2014-10-14 07:57:00 -------- d-----w- C:\ATI
2014-10-13 14:45:48 20240 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\TeamViewer_PrintProcessor.dll
2014-10-13 14:44:28 -------- d-----w- C:\Users\NANNU\AppData\Roaming\TeamViewer
2014-10-13 14:44:11 35112 ----a-w- C:\Windows\System32\drivers\teamviewervpn.sys
2014-10-13 14:44:10 -------- d-----w- C:\Program Files (x86)\TeamViewer
2014-10-13 10:09:13 -------- d-----w- C:\Servers
2014-10-13 10:04:10 -------- d-----w- C:\RemoteSystemsTempFiles
2014-10-13 10:04:03 -------- d-----w- C:\.metadata
2014-10-13 09:57:55 -------- d-----w- C:\Program Files (x86)\mysql-connector-java-5.0.8
2014-10-13 09:56:36 -------- d-----w- C:\Users\NANNU\AppData\Local\Eclipse
2014-10-13 09:56:14 -------- d-----w- C:\Users\NANNU\workspace
2014-10-10 12:57:17 11578928 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{7F4A6B61-B632-4B66-AC6B-0DB8DD0B5AAA}\mpengine.dll
2014-10-08 17:31:20 -------- d-----w- C:\xampp
2014-10-06 09:50:08 -------- d-----w- C:\Users\NANNU\Graboid
2014-10-06 09:44:36 -------- d-----w- C:\Users\NANNU\AppData\Local\pyGraboid
2014-10-06 09:17:00 -------- d-----w- C:\Users\NANNU\AppData\Roaming\Graboid Inc
2014-10-05 12:01:56 -------- d-----w- C:\ProgramData\Cloud Plus
2014-10-05 11:54:13 -------- d-----w- C:\Program Files (x86)\Idea Net Setter
2014-10-05 11:53:59 -------- d-----w- C:\ProgramData\DatacardService
2014-10-02 13:54:04 447752 ----a-w- C:\Windows\SysWow64\vp6vfw.dll
2014-10-02 13:53:57 -------- d-----w- C:\Program Files (x86)\Microsoft WSE
2014-10-02 12:13:41 -------- d-----w- C:\Users\NANNU\AppData\Local\Microsoft Games
2014-10-02 12:12:27 -------- d-----w- C:\Sims3
2014-10-02 12:10:15 -------- d-----w- C:\Users\NANNU\AppData\Roaming\PowerISO
2014-09-26 04:41:00 -------- d-----w- C:\Users\NANNU\AppData\Local\Hewlett-Packard_Developme
2014-09-25 12:45:15 260096 ----a-w- C:\Windows\SysWow64\RICHTX32.ocx
2014-09-25 12:45:15 209608 ----a-w- C:\Windows\SysWow64\tabctl32.ocx
2014-09-25 12:45:15 140288 ----a-w- C:\Windows\SysWow64\comdlg32.ocx
2014-09-25 12:45:15 124688 ----a-w- C:\Windows\SysWow64\Mswinsck.ocx
2014-09-25 12:45:15 115016 ----a-w- C:\Windows\SysWow64\MSInet.ocx
2014-09-25 12:45:14 -------- d-----w- C:\Program Files (x86)\ITSecTeam
2014-09-25 11:05:37 -------- d-----w- C:\Users\NANNU\AppData\Local\Mozilla
2014-09-24 14:52:39 -------- d-----w- C:\Users\NANNU\AppData\Roaming\Microsoft Corporation
2014-09-24 14:30:10 -------- d-----w- C:\Program Files\Microsoft Synchronization Services
2014-09-24 14:30:10 -------- d-----w- C:\Program Files\Microsoft SQL Server Compact Edition
2014-09-24 14:24:12 -------- d-----w- C:\Program Files (x86)\Microsoft ASP.NET
2014-09-24 14:24:08 -------- d-----w- C:\Program Files\IIS
2014-09-24 14:24:07 -------- d-----w- C:\Program Files (x86)\IIS
2014-09-24 14:23:30 2118848 ----a-w- C:\ProgramData\Microsoft\VisualStudio\10.0\1033\ResourceCache.dll
2014-09-24 14:13:51 -------- d-----w- C:\Windows\SysWow64\1033
2014-09-24 14:12:39 -------- d-----w- C:\Program Files (x86)\Microsoft Visual Studio 10.0
2014-09-24 14:08:28 -------- d-----w- C:\Windows\System32\1033
2014-09-24 14:08:15 -------- d-----w- C:\Program Files\Microsoft Visual Studio 10.0
2014-09-24 14:08:15 -------- d-----w- C:\Program Files\Microsoft Help Viewer
2014-09-23 07:56:41 -------- d-----w- C:\Program Files\apache-tomcat-8.0.12
.
==================== Find3M ====================
.
2014-10-22 17:20:45 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-10-22 17:20:45 701104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-10-16 16:26:25 562688 ----a-w- C:\install.exe
2014-09-20 14:45:52 65344 ----a-w- C:\Windows\SysWow64\PhysXLoader.dll
2014-09-15 16:06:02 278152 ------w- C:\Windows\System32\MpSigStub.exe
2014-09-10 20:47:30 61112 ----a-w- C:\Windows\System32\drivers\{0bd9bacb-0a2d-4412-900e-b2473afd87b4}Gw64.sys
2014-08-28 20:20:00 61120 ----a-w- C:\Windows\System32\drivers\{9a9157bb-003e-4fef-8bd1-c09bc4586a28}Gw64.sys
2014-08-25 16:23:59 62464 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
2014-08-25 16:22:36 878080 ----a-w- C:\Windows\System32\advapi32.dll
2014-08-25 16:19:10 9728 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-08-25 16:15:45 1887232 ----a-w- C:\Windows\System32\d3d11.dll
2014-08-25 16:15:45 1505280 ----a-w- C:\Windows\SysWow64\d3d11.dll
2014-08-12 23:00:10 4575232 ----a-w- C:\Windows\SysWow64\GPhotos.scr
.
============= FINISH: 11:36:21.08 ===============
Probably my computer might have been effected by a virus or a malware.
weird errors are popping up every time i open some kind of applications.
some say's its a visual c++ run time error (R2600 floating point error).
i tried to uninstall such application but an NSIS error occired saying unable to uninstall the program.
I've attached required files....
here is the required DDS.txt file:
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17207 BrowserJavaVersion: 10.71.2
Run by NANNU at 11:33:58 on 2014-10-22
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.1943.446 [GMT -7:00]
.
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\WLANExt.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskhost.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe
C:\Users\NANNU\AppData\Roaming\uTorrent\uTorrent.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Internet Download Manager\IDMan.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files (x86)\Apache Software Foundation\Tomcat 7.0\bin\Tomcat7w.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskhost.exe
C:\Users\NANNU\Downloads\Compressed\gmer\gmer.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.trovi.com/?gd=&ctid=CT3325977&octid=EB_ORIGINAL_CTID&ISID=B88D4C25-259A-4E90-BA7B-1290CC9FBA60&SearchSource=55&CUI=&UM=6&UP=SPE25787FB-1E50-4B35-BB20-889B7B281F53&SSPV=
uSearch Page = hxxp://www.istartsurf.com/web/?type=ds&ts=1409435497&from=tt4u&uid=ST9500325AS_S2WHDDLA&q={searchTerms}
uDefault_Page_URL = about:blank
uDefault_Search_URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1409435497&from=tt4u&uid=ST9500325AS_S2WHDDLA&q={searchTerms}
mStart Page = about:blank
mSearch Page = hxxp://www.istartsurf.com/web/?type=ds&ts=1409435497&from=tt4u&uid=ST9500325AS_S2WHDDLA&q={searchTerms}
mDefault_Page_URL = about:blank
mDefault_Search_URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1409435497&from=tt4u&uid=ST9500325AS_S2WHDDLA&q={searchTerms}
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant = hxxp://www.bing.com/search?q={searchTerms}
mCustomizeSearch = hxxp://www.bing.com/search?q={searchTerms}
mWinlogon: Userinit = userinit.exe
BHO: IDM integration (IDMIEHlprObj Class): {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
BHO: Gosaveneow: {55a3f6c9-eb09-4238-ae72-851f62998b0a} - C:\Program Files (x86)\Gosaveneow\binQJaJSGDnafK.dll
BHO: YoutUbeAdBloocke: {5d1855c3-ddb6-4644-889d-c9c59c32ecd3} - C:\Program Files (x86)\YoutUbeAdBloocke\kAcDcvRoCpXjTy.dll
BHO: GOSave: {6012f5b5-730a-4eab-b542-7617917502be} - C:\Program Files (x86)\GOSave\tRhyS5uQ5t3FQb.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: CIESpeechBHO Class: {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
BHO: QUICKfind BHO Object: {C08DF07A-3E49-4E25-9AB0-D3882835F153} - C:\Program Files (x86)\IDM\QUICKfind\PlugIns\IEHelp.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
uRun: [NokiaSuite.exe] C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -tray
uRun: [uTorrent] "C:\Users\NANNU\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
uRun: [LiveSupport] "C:\Program Files (x86)\LiveSupport\LiveSupport.exe" /noshow /log
uRun: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
uRun: [ApacheTomcatMonitor7.0_Tomcat7] "C:\Program Files (x86)\Apache Software Foundation\Tomcat 7.0\bin\Tomcat7w.exe" //MS//Tomcat7
mRun: [HPConnectionManager] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
mRun: [NSU_agent] "C:\Program Files (x86)\Nokia\Nokia Software Updater\nsu3ui_agent.exe"
mRun: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup
mRun: [fst_in_96] <no file>
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200
IE: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm
IE: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0015-0000-0005-ABCDEFFEDCBC} - C:\Program Files (x86)\Java\jre7\bin\jp2iexp.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_05-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_05-windows-i586.cab
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{0DD83D61-9D69-47C3-9DC4-107F181A2886} : NameServer =
TCP: Interfaces\{459BABD1-F686-47F0-BD18-31AD932B89D0} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{459BABD1-F686-47F0-BD18-31AD932B89D0}\3547166666 : DHCPNameServer = 10.128.128.128
TCP: Interfaces\{459BABD1-F686-47F0-BD18-31AD932B89D0}\37169602072796E63656373713 : DHCPNameServer = 182.18.174.3 182.18.174.4
TCP: Interfaces\{459BABD1-F686-47F0-BD18-31AD932B89D0}\37169602072796E63656373723 : DHCPNameServer = 172.16.0.1
TCP: Interfaces\{459BABD1-F686-47F0-BD18-31AD932B89D0}\46C696E6B6 : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{6BBEB587-8F06-4B90-AFED-8A42059F6ACB} : DHCPNameServer = 172.16.0.1
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.44\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-mStart Page = about:blank
x64-mSearch Page = hxxp://www.istartsurf.com/web/?type=ds&ts=1409435497&from=tt4u&uid=ST9500325AS_S2WHDDLA&q={searchTerms}
x64-mDefault_Page_URL = about:blank
x64-mDefault_Search_URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1409435497&from=tt4u&uid=ST9500325AS_S2WHDDLA&q={searchTerms}
x64-BHO: IDM integration (IDMIEHlprObj Class): {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll
x64-BHO: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Gosaveneow: {55a3f6c9-eb09-4238-ae72-851f62998b0a} - C:\Program Files (x86)\Gosaveneow\binQJaJSGDnafK.x64.dll
x64-BHO: YoutUbeAdBloocke: {5d1855c3-ddb6-4644-889d-c9c59c32ecd3} - C:\Program Files (x86)\YoutUbeAdBloocke\kAcDcvRoCpXjTy.x64.dll
x64-BHO: GOSave: {6012f5b5-730a-4eab-b542-7617917502be} - C:\Program Files (x86)\GOSave\tRhyS5uQ5t3FQb.x64.dll
x64-TB: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [AtherosBtStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
x64-Run: [AthBtTray] "C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;avast! Revert;C:\Windows\System32\drivers\aswRvrt.sys [2014-10-20 65776]
R0 aswVmm;avast! VM Monitor;C:\Windows\System32\drivers\aswVmm.sys [2014-10-20 224896]
R1 {0bd9bacb-0a2d-4412-900e-b2473afd87b4}Gw64;{0bd9bacb-0a2d-4412-900e-b2473afd87b4}Gw64;C:\Windows\System32\drivers\{0bd9bacb-0a2d-4412-900e-b2473afd87b4}Gw64.sys [2014-9-11 61112]
R1 {9a9157bb-003e-4fef-8bd1-c09bc4586a28}Gw64;{9a9157bb-003e-4fef-8bd1-c09bc4586a28}Gw64;C:\Windows\System32\drivers\{9a9157bb-003e-4fef-8bd1-c09bc4586a28}Gw64.sys [2014-8-30 61120]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2014-10-20 1041168]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswsp.sys [2014-10-20 427360]
R2 aswHwid;avast! HardwareID;C:\Windows\System32\drivers\aswHwid.sys [2014-10-20 29208]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2014-10-20 79184]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-10-20 50344]
R2 IDMWFP;IDMWFP;C:\Windows\System32\drivers\idmwfp.sys [2014-9-5 180136]
R3 AthBTPort;Atheros Virtual Bluetooth Class;C:\Windows\System32\drivers\btath_flt.sys [2012-1-19 36000]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\Windows\System32\drivers\btath_a2dp.sys [2012-1-19 339616]
R3 btath_avdt;Atheros Bluetooth AVDT Service;C:\Windows\System32\drivers\btath_avdt.sys [2012-1-19 110752]
R3 BTATH_BUS;Atheros Bluetooth Bus;C:\Windows\System32\drivers\btath_bus.sys [2012-1-19 30368]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\Windows\System32\drivers\btath_hcrp.sys [2012-1-19 167584]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\Windows\System32\drivers\btath_lwflt.sys [2012-1-19 68256]
R3 BTATH_RCP;Bluetooth AVRCP Device;C:\Windows\System32\drivers\btath_rcp.sys [2012-1-19 280992]
R3 BtFilter;BtFilter;C:\Windows\System32\drivers\btfilter.sys [2012-1-19 550560]
R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\System32\drivers\clwvd.sys [2010-7-28 31088]
R3 huawei_enumerator;huawei_enumerator;C:\Windows\System32\drivers\ew_jubusenum.sys [2014-10-5 90112]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2011-12-6 331264]
R3 RSP2STOR;Realtek PCIE CardReader Driver - P2;C:\Windows\System32\drivers\RtsP2Stor.sys [2014-8-1 259688]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2014-8-1 685160]
R3 SmbDrv;SmbDrv;C:\Windows\System32\drivers\Smb_driver.sys [2012-4-6 21264]
R3 teamviewervpn;TeamViewer VPN Adapter;C:\Windows\System32\drivers\teamviewervpn.sys [2014-10-13 35112]
S2 aswStm;aswStm;C:\Windows\System32\drivers\aswStm.sys [2014-10-20 92008]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-4-11 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-4-11 124088]
S2 MySQL4;MySQL4;"C:\Program Files (x86)\MySQL\MySQL Server 5.1\bin\mysqld" --defaults-file="C:\Program Files (x86)\MySQL\MySQL Server 5.1\my.ini" MySQL4 --> C:\Program Files (x86)\MySQL\MySQL Server 5.1\bin\mysqld [?]
S2 MySQL41;MySQL41;"C:\Program Files (x86)\MySQL\MySQL Server 5.1\bin\mysqld" --defaults-file="C:\Program Files (x86)\MySQL\MySQL Server 5.1\my.ini" MySQL41 --> C:\Program Files (x86)\MySQL\MySQL Server 5.1\bin\mysqld [?]
S2 MySQL5;MySQL5;"C:\Program Files (x86)\MySQL\MySQL Server 5.1\bin\mysqld" --defaults-file="C:\Program Files (x86)\MySQL\MySQL Server 5.1\my.ini" MySQL5 --> C:\Program Files (x86)\MySQL\MySQL Server 5.1\bin\mysqld [?]
S2 MySQL501;MySQL501;"C:\Program Files (x86)\MySQL\MySQL Server 5.1\bin\mysqld" --defaults-file="C:\Program Files (x86)\MySQL\MySQL Server 5.1\my.ini" MySQL501 --> C:\Program Files (x86)\MySQL\MySQL Server 5.1\bin\mysqld [?]
S2 MySQL51;MySQL51;"C:\Program Files (x86)\MySQL\MySQL Server 5.1\bin\mysqld" --defaults-file="C:\Program Files (x86)\MySQL\MySQL Server 5.1\my.ini" MySQL51 --> C:\Program Files (x86)\MySQL\MySQL Server 5.1\bin\mysqld [?]
S2 UpdaterSvcNetTock;UpdaterSvcNetTock;"C:\Program Files (x86)\NetTock\updater.exe" --> C:\Program Files (x86)\NetTock\updater.exe [?]
S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2011-4-12 71168]
S3 ew_usbenumfilter;huawei_CompositeFilter;C:\Windows\System32\drivers\ew_usbenumfilter.sys [2014-10-5 13952]
S3 HTCAND64;HTC Device Driver;C:\Windows\System32\drivers\ANDROIDUSB.sys [2009-11-2 33736]
S3 huawei_cdcacm;huawei_cdcacm;C:\Windows\System32\drivers\ew_jucdcacm.sys [2014-10-5 104448]
S3 huawei_ext_ctrl;huawei_ext_ctrl;C:\Windows\System32\drivers\ew_juextctrl.sys [2014-10-5 30720]
S3 huawei_wwanecm;huawei_wwanecm;C:\Windows\System32\drivers\ew_juwwanecm.sys [2014-10-5 238080]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-8-25 111616]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 20992]
S3 Synth3dVsc;Synth3dVsc;C:\Windows\System32\drivers\Synth3dVsc.sys [2011-4-12 88960]
S3 terminpt;Microsoft Remote Desktop Input Driver;C:\Windows\System32\drivers\terminpt.sys [2011-4-12 34816]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 tsusbhub;tsusbhub;C:\Windows\System32\drivers\tsusbhub.sys [2011-4-12 117248]
S4 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2014-8-1 98208]
S4 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Bluetooth Suite\AdminService.exe [2012-1-19 106144]
S4 hpCMSrv;HP Connection Manager 4 Service;C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2011-9-13 1098296]
S4 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-5-21 103992]
S4 HWDeviceService64.exe;HWDeviceService64.exe;C:\ProgramData\DatacardService\HWDeviceService64.exe [2011-3-14 346976]
S4 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2014-8-1 13592]
S4 Idea Net Setter. RunOuc;Idea Net Setter. OUC;C:\Program Files (x86)\Idea Net Setter\UpdateDog\ouc.exe --> C:\Program Files (x86)\Idea Net Setter\UpdateDog\ouc.exe [?]
S4 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-2-2 628448]
S4 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [2014-8-1 161560]
S4 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 520192]
S4 TeamViewer9;TeamViewer 9;C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-10-13 4799760]
S4 Tomcat7;Apache Tomcat 7.0 Tomcat7;"C:\Program Files (x86)\Apache Software Foundation\Tomcat 7.0\bin\Tomcat7.exe" //RS//Tomcat7 --> C:\Program Files (x86)\Apache Software Foundation\Tomcat 7.0\bin\Tomcat7.exe [?]
S4 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2014-8-1 363800]
.
=============== File Associations ===============
.
ShellExec: Opera.exe: open="C:\Program Files (x86)\Opera\Launcher.exe" "%1"
.
=============== Created Last 30 ================
.
2014-10-22 06:50:49 -------- d-----w- C:\ProgramData\MySQL
2014-10-21 06:00:43 -------- d-----w- C:\Users\NANNU\AppData\Roaming\AVAST Software
2014-10-20 13:06:39 -------- d-----w- C:\VC++
2014-10-20 12:59:41 92008 ----a-w- C:\Windows\System32\drivers\aswStm.sys
2014-10-20 12:59:40 29208 ----a-w- C:\Windows\System32\drivers\aswHwid.sys
2014-10-20 12:35:25 43152 ----a-w- C:\Windows\avastSS.scr
2014-10-20 12:07:01 93568 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2014-10-20 12:07:00 1041168 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2014-10-20 12:06:59 65776 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys
2014-10-20 12:06:59 224896 ----a-w- C:\Windows\System32\drivers\aswVmm.sys
2014-10-20 12:06:55 79184 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2014-10-20 12:05:18 -------- d-----w- C:\Program Files\AVAST Software
2014-10-20 11:58:04 -------- d-----w- C:\ProgramData\AVAST Software
2014-10-19 09:05:24 -------- d-sh--w- C:\Users\NANNU\AppData\Local\EmieUserList
2014-10-19 09:05:24 -------- d-sh--w- C:\Users\NANNU\AppData\Local\EmieSiteList
2014-10-18 15:49:25 75888 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{7F4A6B61-B632-4B66-AC6B-0DB8DD0B5AAA}\offreg.dll
2014-10-17 17:06:18 98216 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2014-10-17 16:48:39 -------- d-----w- C:\Windows\pss
2014-10-16 15:31:31 -------- d-----w- C:\ProgramData\RegInOut
2014-10-16 11:38:06 -------- d-----w- C:\Users\NANNU\AppData\Local\ElevatedDiagnostics
2014-10-15 03:00:03 103140 --sh--r- C:\cknvm.exe
2014-10-14 18:33:08 -------- d-----w- C:\Program Files\paint.net
2014-10-14 18:29:29 -------- d-----w- C:\Users\NANNU\AppData\Local\paint.net
2014-10-14 18:21:04 -------- d-----w- C:\Windows\Migration
2014-10-14 18:10:49 23752 ----a-w- C:\Windows\SysWow64\drivers\efimon.sys
2014-10-14 08:56:57 -------- d-----w- C:\Users\NANNU\.eclipse
2014-10-14 08:55:49 -------- d-----w- C:\Program Files (x86)\eclipse
2014-10-14 08:54:25 -------- d-----w- C:\eclipse
2014-10-14 08:36:46 -------- d-----w- C:\Program Files (x86)\Apache Software Foundation
2014-10-14 07:57:00 -------- d-----w- C:\ATI
2014-10-13 14:45:48 20240 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\TeamViewer_PrintProcessor.dll
2014-10-13 14:44:28 -------- d-----w- C:\Users\NANNU\AppData\Roaming\TeamViewer
2014-10-13 14:44:11 35112 ----a-w- C:\Windows\System32\drivers\teamviewervpn.sys
2014-10-13 14:44:10 -------- d-----w- C:\Program Files (x86)\TeamViewer
2014-10-13 10:09:13 -------- d-----w- C:\Servers
2014-10-13 10:04:10 -------- d-----w- C:\RemoteSystemsTempFiles
2014-10-13 10:04:03 -------- d-----w- C:\.metadata
2014-10-13 09:57:55 -------- d-----w- C:\Program Files (x86)\mysql-connector-java-5.0.8
2014-10-13 09:56:36 -------- d-----w- C:\Users\NANNU\AppData\Local\Eclipse
2014-10-13 09:56:14 -------- d-----w- C:\Users\NANNU\workspace
2014-10-10 12:57:17 11578928 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{7F4A6B61-B632-4B66-AC6B-0DB8DD0B5AAA}\mpengine.dll
2014-10-08 17:31:20 -------- d-----w- C:\xampp
2014-10-06 09:50:08 -------- d-----w- C:\Users\NANNU\Graboid
2014-10-06 09:44:36 -------- d-----w- C:\Users\NANNU\AppData\Local\pyGraboid
2014-10-06 09:17:00 -------- d-----w- C:\Users\NANNU\AppData\Roaming\Graboid Inc
2014-10-05 12:01:56 -------- d-----w- C:\ProgramData\Cloud Plus
2014-10-05 11:54:13 -------- d-----w- C:\Program Files (x86)\Idea Net Setter
2014-10-05 11:53:59 -------- d-----w- C:\ProgramData\DatacardService
2014-10-02 13:54:04 447752 ----a-w- C:\Windows\SysWow64\vp6vfw.dll
2014-10-02 13:53:57 -------- d-----w- C:\Program Files (x86)\Microsoft WSE
2014-10-02 12:13:41 -------- d-----w- C:\Users\NANNU\AppData\Local\Microsoft Games
2014-10-02 12:12:27 -------- d-----w- C:\Sims3
2014-10-02 12:10:15 -------- d-----w- C:\Users\NANNU\AppData\Roaming\PowerISO
2014-09-26 04:41:00 -------- d-----w- C:\Users\NANNU\AppData\Local\Hewlett-Packard_Developme
2014-09-25 12:45:15 260096 ----a-w- C:\Windows\SysWow64\RICHTX32.ocx
2014-09-25 12:45:15 209608 ----a-w- C:\Windows\SysWow64\tabctl32.ocx
2014-09-25 12:45:15 140288 ----a-w- C:\Windows\SysWow64\comdlg32.ocx
2014-09-25 12:45:15 124688 ----a-w- C:\Windows\SysWow64\Mswinsck.ocx
2014-09-25 12:45:15 115016 ----a-w- C:\Windows\SysWow64\MSInet.ocx
2014-09-25 12:45:14 -------- d-----w- C:\Program Files (x86)\ITSecTeam
2014-09-25 11:05:37 -------- d-----w- C:\Users\NANNU\AppData\Local\Mozilla
2014-09-24 14:52:39 -------- d-----w- C:\Users\NANNU\AppData\Roaming\Microsoft Corporation
2014-09-24 14:30:10 -------- d-----w- C:\Program Files\Microsoft Synchronization Services
2014-09-24 14:30:10 -------- d-----w- C:\Program Files\Microsoft SQL Server Compact Edition
2014-09-24 14:24:12 -------- d-----w- C:\Program Files (x86)\Microsoft ASP.NET
2014-09-24 14:24:08 -------- d-----w- C:\Program Files\IIS
2014-09-24 14:24:07 -------- d-----w- C:\Program Files (x86)\IIS
2014-09-24 14:23:30 2118848 ----a-w- C:\ProgramData\Microsoft\VisualStudio\10.0\1033\ResourceCache.dll
2014-09-24 14:13:51 -------- d-----w- C:\Windows\SysWow64\1033
2014-09-24 14:12:39 -------- d-----w- C:\Program Files (x86)\Microsoft Visual Studio 10.0
2014-09-24 14:08:28 -------- d-----w- C:\Windows\System32\1033
2014-09-24 14:08:15 -------- d-----w- C:\Program Files\Microsoft Visual Studio 10.0
2014-09-24 14:08:15 -------- d-----w- C:\Program Files\Microsoft Help Viewer
2014-09-23 07:56:41 -------- d-----w- C:\Program Files\apache-tomcat-8.0.12
.
==================== Find3M ====================
.
2014-10-22 17:20:45 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-10-22 17:20:45 701104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-10-16 16:26:25 562688 ----a-w- C:\install.exe
2014-09-20 14:45:52 65344 ----a-w- C:\Windows\SysWow64\PhysXLoader.dll
2014-09-15 16:06:02 278152 ------w- C:\Windows\System32\MpSigStub.exe
2014-09-10 20:47:30 61112 ----a-w- C:\Windows\System32\drivers\{0bd9bacb-0a2d-4412-900e-b2473afd87b4}Gw64.sys
2014-08-28 20:20:00 61120 ----a-w- C:\Windows\System32\drivers\{9a9157bb-003e-4fef-8bd1-c09bc4586a28}Gw64.sys
2014-08-25 16:23:59 62464 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
2014-08-25 16:22:36 878080 ----a-w- C:\Windows\System32\advapi32.dll
2014-08-25 16:19:10 9728 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-08-25 16:15:45 1887232 ----a-w- C:\Windows\System32\d3d11.dll
2014-08-25 16:15:45 1505280 ----a-w- C:\Windows\SysWow64\d3d11.dll
2014-08-12 23:00:10 4575232 ----a-w- C:\Windows\SysWow64\GPhotos.scr
.
============= FINISH: 11:36:21.08 ===============