Recently pop-ups, usually from "Roll around ads" keep showing up all over my browser, when I click on any link it will re-direct to roll around ads in a new tab before going to the actual page and several ads pop up all over the screen, especially if I visit Amazon. When I ran DDS and GMER, DDS worked fine but my system crashed halfway through GMER so I did a scan with only Sections and C:\.
Thanks in advance for any help.
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17631 BrowserJavaVersion: 11.31.2
Run by Arun at 13:37:17 on 2015-02-22
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.6035.3618 [GMT 0:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
SP: Microsoft Security Essentials *Enabled/Updated* {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\windows\system32\taskhost.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
C:\windows\system32\taskeng.exe
C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe
C:\ProgramData\2a617352-d396-46a3-a71b-5d89535356cf\plugincontainer.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\system32\taskeng.exe
C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe
C:\Program Files (x86)\Samsung\Easy Settings\SmartSetting.exe
C:\Program Files (x86)\Samsung\Easy Settings\EasySpeedUpManager.exe
C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe
C:\Program Files (x86)\Common Files\2a617352-d396-46a3-a71b-5d89535356cf\updater.exe
C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
C:\windows\system32\wbem\wmiprvse.exe
c:\Program Files\Microsoft Security Client\NisSrv.exe
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\system32\svchost.exe -k bthsvcs
C:\windows\System32\rundll32.exe
C:\windows\system32\igfxext.exe
C:\windows\system32\igfxsrvc.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Users\Arun\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\Samsung\Easy Support Center\SamoyedAgent.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\windows\system32\SearchIndexer.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\windows\system32\hkcmd.exe
C:\windows\system32\igfxpers.exe
C:\ProgramData\2a617352-d396-46a3-a71b-5d89535356cf\plugins\8\plugin.exe
C:\ProgramData\2a617352-d396-46a3-a71b-5d89535356cf\plugins\3\plugin.exe
C:\ProgramData\2a617352-d396-46a3-a71b-5d89535356cf\plugins\5\plugin.exe
C:\Users\Arun\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\ProgramData\2a617352-d396-46a3-a71b-5d89535356cf\plugins\3\plugin.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.zonealarm.com/?src=hp&tbid=base2013&Lan=en&gu=52eddfd27d5c4a5c949347154488a8d3&tu=11JL0008C2B000s&sku=&tstsId=&ver=&
uDefault_Page_URL = hxxp://samsung.msn.com
mWinlogon: Userinit = userinit.exe
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll
BHO: Roll Around: {83c0e288-8fa0-43d3-acc7-c1e839d85abc} - C:\Program Files (x86)\Roll Around\Extensions\83c0e288-8fa0-43d3-acc7-c1e839d85abc.dll
BHO: CIESpeechBHO Class: {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll
uRun: [Spotify Web Helper] "C:\Users\Arun\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
uRun: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
mRun: [UnlockerAssistant] "C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
mRun: [BrowserPlugInHelper] C:\Program Files (x86)\Aimersoft\Video Converter Ultimate\BrowserPlugInHelper.exe
mRun: [Aimersoft Helper Compact.exe] C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe
StartupFolder: C:\Users\Arun\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\BBCIPL~1.LNK - C:\Program Files (x86)\BBC iPlayer Desktop\BBC iPlayer Desktop.exe
StartupFolder: C:\Users\Arun\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Arun\AppData\Roaming\Dropbox\bin\Dropbox.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{3DF34757-F5A1-4117-9A25-E7074E7760F3} : DHCPNameServer = 172.20.10.1
TCP: Interfaces\{3EA7873C-D3F5-4B59-A8C1-76986C8627AC} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{3EA7873C-D3F5-4B59-A8C1-76986C8627AC}\1435B4430275962756C6563737 : DHCPNameServer = 10.138.208.1
TCP: Interfaces\{3EA7873C-D3F5-4B59-A8C1-76986C8627AC}\1435B4430275962756C65637370282830323E2138792 : DHCPNameServer = 10.138.208.1
TCP: Interfaces\{3EA7873C-D3F5-4B59-A8C1-76986C8627AC}\14E6962757468602960586F6E656 : DHCPNameServer = 172.20.10.1
TCP: Interfaces\{3EA7873C-D3F5-4B59-A8C1-76986C8627AC}\E45464142594F45535 : DHCPNameServer = 194.168.4.100 194.168.8.100
TCP: Interfaces\{4EFC3541-9449-4BBC-A444-D2535C03A83E} : DHCPNameServer = 172.31.139.17 172.30.139.17
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [AtherosBtStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
x64-Run: [AthBtTray] "C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Arun\AppData\Roaming\Mozilla\Firefox\Profiles\udeloguq.default\
FF - prefs.js: browser.startup.homepage - about:home
FF - prefs.js: network.proxy.type - 0
FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
FF - plugin: C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Veetle\Player\npvlc.dll
FF - plugin: C:\Program Files (x86)\Veetle\plugins\npVeetle.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Arun\AppData\Local\Hola\firefox\app\vlc\npvlc.dll
FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll
.
---- FIREFOX POLICIES ----
FF - user.js: extensions.zonealarm.autoRvrt - false
FF - user.js: extensions.zonealarm_i.hmpg - true
FF - user.js: extensions.zonealarm.hmpgUrl - hxxp://search.zonealarm.com/?src=hp&tbid=base2013&Lan=en&gu=52eddfd27d5c4a5c949347154488a8d3&tu=11JL0008C2B000s&sku=&tstsId=&ver=&
FF - user.js: extensions.zonealarm.dfltSrch - true
FF - user.js: extensions.zonealarm.srchPrvdr - Search By ZoneAlarm
FF - user.js: extensions.zonealarm.keyWordUrl - hxxp://search.zonealarm.com/search?src=sp&tbid=base2013&Lan=en&q={searchTerms}&gu=52eddfd27d5c4a5c949347154488a8d3&tu=11JL0008C2B000s&sku=&tstsId=&ver=&
FF - user.js: extensions.zonealarm_i.dnsErr - true
FF - user.js: extensions.zonealarm_i.newTab - true
FF - user.js: extensions.zonealarm.newTabUrl - hxxp://search.zonealarm.com/?src=nt&tbid=base2013&Lan=en&gu=52eddfd27d5c4a5c949347154488a8d3&tu=11JL0008C2B000s&sku=&tstsId=&ver=&
FF - user.js: extensions.zonealarm.tlbrSrchUrl - hxxp://search.zonealarm.com/search?src=tb&tbid=base2013&Lan={dfltLng}&gu=52eddfd27d5c4a5c949347154488a8d3&tu=11JL0008C2B000s&sku=&tstsId=&ver=&&q=
FF - user.js: extensions.zonealarm.id - 54c5727d00000000000072b7c3182e2d
FF - user.js: extensions.zonealarm.appId - {C56C48A0-DA4E-46F6-9859-1553DC865F84}
FF - user.js: extensions.zonealarm.instlDay - 15848
FF - user.js: extensions.zonealarm.vrsn - 1.8.3.16
FF - user.js: extensions.zonealarm.vrsni - 1.8.3.16
FF - user.js: extensions.zonealarm_i.vrsnTs - 1.8.3.1614:44:39
FF - user.js: extensions.zonealarm.prtnrId - checkpoint
FF - user.js: extensions.zonealarm.prdct - zonealarm
FF - user.js: extensions.zonealarm.aflt - 5043
FF - user.js: extensions.zonealarm_i.smplGrp - none
FF - user.js: extensions.zonealarm.tlbrId - base2013
FF - user.js: extensions.zonealarm.instlRef - ZLN118175294138873-5043
FF - user.js: extensions.zonealarm.dfltLng - en
FF - user.js: extensions.zonealarm.excTlbr - false
FF - user.js: extensions.zonealarm.admin - false
user_pref(extensions.autoDisableScopes,14);
.
============= SERVICES / DRIVERS ===============
.
R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;C:\windows\System32\drivers\iusb3hcs.sys [2012-2-27 16152]
R0 MpFilter;Microsoft Malware Protection Driver;C:\windows\System32\drivers\MpFilter.sys [2014-11-15 274696]
R1 SABI;SAMSUNG Kernel Driver For Windows 7;C:\windows\System32\drivers\SABI.sys [2012-5-28 13824]
R2 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Bluetooth Suite\AdminService.exe [2012-3-9 107648]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-5-28 13592]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-3-6 629984]
R2 Intel(R) ME Service;Intel(R) ME Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-5-28 127320]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [2012-5-28 164184]
R2 NisDrv;Microsoft Network Inspection System;C:\windows\System32\drivers\NisDrvWFP.sys [2012-8-30 124560]
R2 SamsungDeviceConfigurationWinService;SamsungDeviceConfiguration;C:\Program Files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe [2012-7-3 31624]
R2 Service Mgr RollAround;Service Mgr RollAround;C:\ProgramData\2a617352-d396-46a3-a71b-5d89535356cf\plugincontainer.exe [2015-2-21 577264]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-5-28 362840]
R2 Update Mgr RollAround;Update Mgr RollAround;C:\Program Files (x86)\Common Files\2a617352-d396-46a3-a71b-5d89535356cf\updater.exe [2015-2-21 384752]
R2 ZAtheros Bt&Wlan Coex Agent;ZAtheros Bt&Wlan Coex Agent;C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2012-3-9 163456]
R3 AthBTPort;Atheros Virtual Bluetooth Class;C:\windows\System32\drivers\btath_flt.sys [2012-3-9 36480]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\windows\System32\drivers\btath_a2dp.sys [2012-3-9 340096]
R3 btath_avdt;Atheros Bluetooth AVDT Service;C:\windows\System32\drivers\btath_avdt.sys [2012-3-9 111232]
R3 BTATH_BUS;Atheros Bluetooth Bus;C:\windows\System32\drivers\btath_bus.sys [2012-3-9 30848]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\windows\System32\drivers\btath_hcrp.sys [2012-3-9 168064]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\windows\System32\drivers\btath_lwflt.sys [2012-3-9 68736]
R3 BTATH_RCP;Bluetooth AVRCP Device;C:\windows\System32\drivers\btath_rcp.sys [2012-3-9 281472]
R3 BtFilter;BtFilter;C:\windows\System32\drivers\btfilter.sys [2012-3-9 551552]
R3 IntcDAud;Intel(R) Display Audio;C:\windows\System32\drivers\IntcDAud.sys [2011-12-5 331264]
R3 iusb3hub;Intel(R) USB 3.0 Hub Driver;C:\windows\System32\drivers\iusb3hub.sys [2012-2-27 356120]
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;C:\windows\System32\drivers\iusb3xhc.sys [2012-2-27 788760]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2015-1-30 366512]
R3 RTL8167;Realtek 8167 NT Driver;C:\windows\System32\drivers\Rt64win7.sys [2012-5-28 685160]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-4-11 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-4-11 124088]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 HtcVCom32;HTC Diagnostic Port;C:\windows\System32\drivers\HtcVComV64.sys [2010-3-8 121800]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\windows\System32\ieetwcollector.exe [2015-2-11 114688]
S3 libusb0;libusb-win32 - Kernel Driver 03/15/2014 0.0.0.0;C:\windows\System32\drivers\libusb0.sys [2014-3-15 52832]
S3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;C:\windows\System32\drivers\MijXfilt.sys [2012-10-14 117520]
S3 Netaapl;Apple Mobile Device Ethernet Service;C:\windows\System32\drivers\netaapl64.sys [2013-7-25 23040]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\windows\System32\drivers\rdpvideominiport.sys [2013-3-24 19456]
S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;C:\windows\System32\drivers\RtsUVStor.sys [2012-5-28 314472]
S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2013-3-24 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\System32\drivers\TsUsbGD.sys [2013-3-24 30208]
S3 USBAAPL64;Apple Mobile USB Driver;C:\windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\System32\Wat\WatAdminSvc.exe [2012-10-6 1255736]
S3 WsAudio_Device(1);WsAudio_Device(1);C:\windows\System32\drivers\VirtualAudio1.sys [2014-1-18 31080]
S3 WsAudio_Device(2);WsAudio_Device(2);C:\windows\System32\drivers\VirtualAudio2.sys [2014-1-18 31080]
S3 WsAudio_Device(3);WsAudio_Device(3);C:\windows\System32\drivers\VirtualAudio3.sys [2014-1-18 31080]
S3 WsAudio_Device(4);WsAudio_Device(4);C:\windows\System32\drivers\VirtualAudio4.sys [2014-1-18 31080]
S3 WsAudio_Device(5);WsAudio_Device(5);C:\windows\System32\drivers\VirtualAudio5.sys [2014-1-18 31080]
S3 WsAudio_Device;WsAudio_Device;C:\windows\System32\drivers\VirtualAudio.sys [2015-2-20 31080]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2015-02-22 00:06:38 1188440 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3DB34E3E-0235-452C-B0B5-CEFE35852D02}\gapaengine.dll
2015-02-22 00:06:17 11910896 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{8F419DE7-A07F-4D16-898A-4DE7BE3DA09E}\mpengine.dll
2015-02-21 22:20:08 -------- d-----w- C:\Program Files (x86)\Common Files\2a617352-d396-46a3-a71b-5d89535356cf
2015-02-21 22:20:07 -------- d-----w- C:\ProgramData\2a617352-d396-46a3-a71b-5d89535356cf
2015-02-21 22:20:06 -------- d-----w- C:\Program Files (x86)\Roll Around
2015-02-21 22:19:55 -------- d-----w- C:\Users\Arun\AppData\Roaming\RHEng
2015-02-21 01:01:14 11910896 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2015-02-20 17:17:55 -------- d-----w- C:\Users\Arun\AppData\Roaming\Aimersoft Video Converter Ultimate
2015-02-20 17:17:55 -------- d-----w- C:\Users\Arun\AppData\Roaming\{950EB46C-6AC7-4ACC-AB36-9A6A77C08B6A}
2015-02-20 17:17:36 -------- d-----w- C:\Users\Arun\AppData\Local\Aimersoft
2015-02-20 17:17:35 -------- d-----w- C:\Program Files\Common Files\Aimersoft
2015-02-20 17:17:25 31080 ----a-w- C:\windows\System32\drivers\VirtualAudio.sys
2015-02-20 17:17:11 -------- d-----w- C:\ProgramData\Aimersoft Video Converter Ultimate
2015-02-20 17:17:06 -------- d-----w- C:\Program Files (x86)\Aimersoft
2015-02-20 17:10:51 -------- d-----w- C:\Users\Arun\AppData\Roaming\GetRightToGo
2015-02-18 19:12:05 950272 ----a-w- C:\windows\System32\perftrack.dll
2015-02-18 19:12:05 29696 ----a-w- C:\windows\System32\powertracker.dll
2015-02-18 19:12:04 91136 ----a-w- C:\windows\System32\wdi.dll
2015-02-18 19:12:04 76800 ----a-w- C:\windows\SysWow64\wdi.dll
2015-02-12 17:38:42 620032 ----a-w- C:\windows\SysWow64\jscript9diag.dll
2015-02-12 17:38:41 814080 ----a-w- C:\windows\System32\jscript9diag.dll
2015-02-12 17:38:41 6041600 ----a-w- C:\windows\System32\jscript9.dll
2015-02-12 17:38:41 4300800 ----a-w- C:\windows\SysWow64\jscript9.dll
2015-02-11 15:04:11 609280 ----a-w- C:\windows\System32\generaltel.dll
2015-02-11 15:04:10 894976 ----a-w- C:\windows\System32\appraiser.dll
2015-02-11 15:04:10 1098752 ----a-w- C:\windows\System32\aeinv.dll
2015-02-11 15:04:09 762368 ----a-w- C:\windows\System32\invagent.dll
2015-02-11 15:04:08 414720 ----a-w- C:\windows\System32\devinv.dll
2015-02-11 15:04:08 1239720 ----a-w- C:\windows\System32\aitstatic.exe
2015-02-11 15:04:06 227328 ----a-w- C:\windows\System32\aepdu.dll
2015-02-11 15:04:05 192000 ----a-w- C:\windows\System32\aepic.dll
2015-02-11 15:01:37 1424384 ----a-w- C:\windows\System32\WindowsCodecs.dll
2015-02-11 15:00:26 406528 ----a-w- C:\windows\System32\scesrv.dll
2015-02-11 15:00:26 308224 ----a-w- C:\windows\SysWow64\scesrv.dll
2015-02-11 15:00:20 5554112 ----a-w- C:\windows\System32\ntoskrnl.exe
2015-02-11 15:00:19 3972544 ----a-w- C:\windows\SysWow64\ntkrnlpa.exe
2015-02-11 15:00:19 3917760 ----a-w- C:\windows\SysWow64\ntoskrnl.exe
2015-02-11 15:00:18 503808 ----a-w- C:\windows\System32\srcore.dll
2015-02-11 15:00:17 50176 ----a-w- C:\windows\System32\srclient.dll
2015-02-11 15:00:17 43008 ----a-w- C:\windows\SysWow64\srclient.dll
2015-02-11 15:00:17 296960 ----a-w- C:\windows\System32\rstrui.exe
2015-02-04 22:53:20 5070512 ----a-w- C:\windows\SysWow64\FlashPlayerInstaller.exe
2015-01-31 14:20:01 -------- d-----w- C:\GAMS
2015-01-26 00:14:28 -------- d-----w- C:\Users\Arun\AppData\Local\BBC
.
==================== Find3M ====================
.
2015-02-04 22:53:36 71344 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-02-04 22:53:36 701616 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe
2015-01-25 23:36:21 98216 ----a-w- C:\windows\SysWow64\WindowsAccessBridge-32.dll
2015-01-15 08:14:17 155072 ----a-w- C:\windows\System32\drivers\ksecpkg.sys
2015-01-15 08:14:16 95680 ----a-w- C:\windows\System32\drivers\ksecdd.sys
2015-01-15 08:09:58 29184 ----a-w- C:\windows\System32\sspisrv.dll
2015-01-15 08:09:58 136192 ----a-w- C:\windows\System32\sspicli.dll
2015-01-15 08:09:57 28160 ----a-w- C:\windows\System32\secur32.dll
2015-01-15 08:09:51 1461760 ----a-w- C:\windows\System32\lsasrv.dll
2015-01-15 08:09:15 31232 ----a-w- C:\windows\System32\lsass.exe
2015-01-15 08:08:59 64000 ----a-w- C:\windows\System32\auditpol.exe
2015-01-15 08:06:22 60416 ----a-w- C:\windows\System32\msobjs.dll
2015-01-15 08:06:11 146432 ----a-w- C:\windows\System32\msaudite.dll
2015-01-15 08:04:23 686080 ----a-w- C:\windows\System32\adtschema.dll
2015-01-15 07:42:59 22016 ----a-w- C:\windows\SysWow64\secur32.dll
2015-01-15 07:42:05 50176 ----a-w- C:\windows\SysWow64\auditpol.exe
2015-01-15 07:41:53 96768 ----a-w- C:\windows\SysWow64\sspicli.dll
2015-01-15 07:39:53 60416 ----a-w- C:\windows\SysWow64\msobjs.dll
2015-01-15 07:39:36 146432 ----a-w- C:\windows\SysWow64\msaudite.dll
2015-01-15 07:37:55 686080 ----a-w- C:\windows\SysWow64\adtschema.dll
2015-01-15 04:22:18 458824 ----a-w- C:\windows\System32\drivers\cng.sys
2015-01-13 02:49:19 1230336 ----a-w- C:\windows\SysWow64\WindowsCodecs.dll
2015-01-12 03:05:32 2724864 ----a-w- C:\windows\System32\mshtml.tlb
2015-01-12 03:05:19 4096 ----a-w- C:\windows\System32\ieetwcollectorres.dll
2015-01-12 02:49:42 66560 ----a-w- C:\windows\System32\iesetup.dll
2015-01-12 02:48:57 48640 ----a-w- C:\windows\System32\ieetwproxystub.dll
2015-01-12 02:48:52 584192 ----a-w- C:\windows\System32\vbscript.dll
2015-01-12 02:47:25 88064 ----a-w- C:\windows\System32\MshtmlDac.dll
2015-01-12 02:34:42 144384 ----a-w- C:\windows\System32\ieUnatt.exe
2015-01-12 02:34:30 114688 ----a-w- C:\windows\System32\ieetwcollector.exe
2015-01-12 02:25:28 968704 ----a-w- C:\windows\System32\MsSpellCheckingFacility.exe
2015-01-12 02:21:19 2724864 ----a-w- C:\windows\SysWow64\mshtml.tlb
2015-01-12 02:13:27 77824 ----a-w- C:\windows\System32\JavaScriptCollectionAgent.dll
2015-01-12 02:08:09 503296 ----a-w- C:\windows\SysWow64\vbscript.dll
2015-01-12 02:07:51 62464 ----a-w- C:\windows\SysWow64\iesetup.dll
2015-01-12 02:07:06 47616 ----a-w- C:\windows\SysWow64\ieetwproxystub.dll
2015-01-12 02:05:36 64000 ----a-w- C:\windows\SysWow64\MshtmlDac.dll
2015-01-12 01:55:47 115712 ----a-w- C:\windows\SysWow64\ieUnatt.exe
2015-01-12 01:46:29 1359360 ----a-w- C:\windows\System32\mshtmlmedia.dll
2015-01-12 01:46:00 2125824 ----a-w- C:\windows\System32\inetcpl.cpl
2015-01-12 01:40:43 60416 ----a-w- C:\windows\SysWow64\JavaScriptCollectionAgent.dll
2015-01-12 01:27:32 2358272 ----a-w- C:\windows\System32\wininet.dll
2015-01-12 01:23:09 2052608 ----a-w- C:\windows\SysWow64\inetcpl.cpl
2015-01-12 01:22:17 1155072 ----a-w- C:\windows\SysWow64\mshtmlmedia.dll
2015-01-12 01:00:17 1888256 ----a-w- C:\windows\SysWow64\wininet.dll
2015-01-10 06:48:22 210944 ----a-w- C:\windows\System32\wdigest.dll
2015-01-10 06:48:19 86528 ----a-w- C:\windows\System32\TSpkg.dll
2015-01-10 06:48:17 341504 ----a-w- C:\windows\System32\schannel.dll
2015-01-10 06:48:13 309760 ----a-w- C:\windows\System32\ncrypt.dll
2015-01-10 06:48:12 314880 ----a-w- C:\windows\System32\msv1_0.dll
2015-01-10 06:48:10 728064 ----a-w- C:\windows\System32\kerberos.dll
2015-01-10 06:48:05 22016 ----a-w- C:\windows\System32\credssp.dll
2015-01-10 06:27:54 172032 ----a-w- C:\windows\SysWow64\wdigest.dll
2015-01-10 06:27:51 65536 ----a-w- C:\windows\SysWow64\TSpkg.dll
2015-01-10 06:27:47 248832 ----a-w- C:\windows\SysWow64\schannel.dll
2015-01-10 06:27:44 221184 ----a-w- C:\windows\SysWow64\ncrypt.dll
2015-01-10 06:27:43 259584 ----a-w- C:\windows\SysWow64\msv1_0.dll
2015-01-10 06:27:39 550912 ----a-w- C:\windows\SysWow64\kerberos.dll
2015-01-10 06:27:32 17408 ----a-w- C:\windows\SysWow64\credssp.dll
2015-01-09 02:03:01 3201536 ----a-w- C:\windows\System32\win32k.sys
2014-12-31 11:14:31 298120 ------w- C:\windows\System32\MpSigStub.exe
2014-12-19 03:06:55 210432 ----a-w- C:\windows\System32\profsvc.dll
2014-12-19 01:46:45 141312 ----a-w- C:\windows\System32\drivers\mrxdav.sys
2014-12-12 05:31:39 1480192 ----a-w- C:\windows\System32\crypt32.dll
2014-12-12 05:07:26 1174528 ----a-w- C:\windows\SysWow64\crypt32.dll
2014-12-11 17:47:16 62976 ----a-w- C:\windows\System32\TSWbPrxy.exe
2014-12-06 04:17:27 303616 ----a-w- C:\windows\System32\nlasvc.dll
2014-12-06 03:50:19 52224 ----a-w- C:\windows\SysWow64\nlaapi.dll
2014-12-06 03:50:18 156672 ----a-w- C:\windows\SysWow64\ncsi.dll
2014-11-26 03:53:59 861696 ----a-w- C:\windows\System32\oleaut32.dll
2014-11-26 03:32:05 571904 ----a-w- C:\windows\SysWow64\oleaut32.dll
.
============= FINISH: 13:54:23.18 ===============
Thanks in advance for any help.
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17631 BrowserJavaVersion: 11.31.2
Run by Arun at 13:37:17 on 2015-02-22
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.6035.3618 [GMT 0:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
SP: Microsoft Security Essentials *Enabled/Updated* {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\windows\system32\taskhost.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
C:\windows\system32\taskeng.exe
C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe
C:\ProgramData\2a617352-d396-46a3-a71b-5d89535356cf\plugincontainer.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\system32\taskeng.exe
C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe
C:\Program Files (x86)\Samsung\Easy Settings\SmartSetting.exe
C:\Program Files (x86)\Samsung\Easy Settings\EasySpeedUpManager.exe
C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe
C:\Program Files (x86)\Common Files\2a617352-d396-46a3-a71b-5d89535356cf\updater.exe
C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
C:\windows\system32\wbem\wmiprvse.exe
c:\Program Files\Microsoft Security Client\NisSrv.exe
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\system32\svchost.exe -k bthsvcs
C:\windows\System32\rundll32.exe
C:\windows\system32\igfxext.exe
C:\windows\system32\igfxsrvc.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Users\Arun\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\Samsung\Easy Support Center\SamoyedAgent.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\windows\system32\SearchIndexer.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\windows\system32\hkcmd.exe
C:\windows\system32\igfxpers.exe
C:\ProgramData\2a617352-d396-46a3-a71b-5d89535356cf\plugins\8\plugin.exe
C:\ProgramData\2a617352-d396-46a3-a71b-5d89535356cf\plugins\3\plugin.exe
C:\ProgramData\2a617352-d396-46a3-a71b-5d89535356cf\plugins\5\plugin.exe
C:\Users\Arun\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\ProgramData\2a617352-d396-46a3-a71b-5d89535356cf\plugins\3\plugin.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.zonealarm.com/?src=hp&tbid=base2013&Lan=en&gu=52eddfd27d5c4a5c949347154488a8d3&tu=11JL0008C2B000s&sku=&tstsId=&ver=&
uDefault_Page_URL = hxxp://samsung.msn.com
mWinlogon: Userinit = userinit.exe
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll
BHO: Roll Around: {83c0e288-8fa0-43d3-acc7-c1e839d85abc} - C:\Program Files (x86)\Roll Around\Extensions\83c0e288-8fa0-43d3-acc7-c1e839d85abc.dll
BHO: CIESpeechBHO Class: {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll
uRun: [Spotify Web Helper] "C:\Users\Arun\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
uRun: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
mRun: [UnlockerAssistant] "C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
mRun: [BrowserPlugInHelper] C:\Program Files (x86)\Aimersoft\Video Converter Ultimate\BrowserPlugInHelper.exe
mRun: [Aimersoft Helper Compact.exe] C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe
StartupFolder: C:\Users\Arun\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\BBCIPL~1.LNK - C:\Program Files (x86)\BBC iPlayer Desktop\BBC iPlayer Desktop.exe
StartupFolder: C:\Users\Arun\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Arun\AppData\Roaming\Dropbox\bin\Dropbox.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{3DF34757-F5A1-4117-9A25-E7074E7760F3} : DHCPNameServer = 172.20.10.1
TCP: Interfaces\{3EA7873C-D3F5-4B59-A8C1-76986C8627AC} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{3EA7873C-D3F5-4B59-A8C1-76986C8627AC}\1435B4430275962756C6563737 : DHCPNameServer = 10.138.208.1
TCP: Interfaces\{3EA7873C-D3F5-4B59-A8C1-76986C8627AC}\1435B4430275962756C65637370282830323E2138792 : DHCPNameServer = 10.138.208.1
TCP: Interfaces\{3EA7873C-D3F5-4B59-A8C1-76986C8627AC}\14E6962757468602960586F6E656 : DHCPNameServer = 172.20.10.1
TCP: Interfaces\{3EA7873C-D3F5-4B59-A8C1-76986C8627AC}\E45464142594F45535 : DHCPNameServer = 194.168.4.100 194.168.8.100
TCP: Interfaces\{4EFC3541-9449-4BBC-A444-D2535C03A83E} : DHCPNameServer = 172.31.139.17 172.30.139.17
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [AtherosBtStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
x64-Run: [AthBtTray] "C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Arun\AppData\Roaming\Mozilla\Firefox\Profiles\udeloguq.default\
FF - prefs.js: browser.startup.homepage - about:home
FF - prefs.js: network.proxy.type - 0
FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
FF - plugin: C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Veetle\Player\npvlc.dll
FF - plugin: C:\Program Files (x86)\Veetle\plugins\npVeetle.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Arun\AppData\Local\Hola\firefox\app\vlc\npvlc.dll
FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll
.
---- FIREFOX POLICIES ----
FF - user.js: extensions.zonealarm.autoRvrt - false
FF - user.js: extensions.zonealarm_i.hmpg - true
FF - user.js: extensions.zonealarm.hmpgUrl - hxxp://search.zonealarm.com/?src=hp&tbid=base2013&Lan=en&gu=52eddfd27d5c4a5c949347154488a8d3&tu=11JL0008C2B000s&sku=&tstsId=&ver=&
FF - user.js: extensions.zonealarm.dfltSrch - true
FF - user.js: extensions.zonealarm.srchPrvdr - Search By ZoneAlarm
FF - user.js: extensions.zonealarm.keyWordUrl - hxxp://search.zonealarm.com/search?src=sp&tbid=base2013&Lan=en&q={searchTerms}&gu=52eddfd27d5c4a5c949347154488a8d3&tu=11JL0008C2B000s&sku=&tstsId=&ver=&
FF - user.js: extensions.zonealarm_i.dnsErr - true
FF - user.js: extensions.zonealarm_i.newTab - true
FF - user.js: extensions.zonealarm.newTabUrl - hxxp://search.zonealarm.com/?src=nt&tbid=base2013&Lan=en&gu=52eddfd27d5c4a5c949347154488a8d3&tu=11JL0008C2B000s&sku=&tstsId=&ver=&
FF - user.js: extensions.zonealarm.tlbrSrchUrl - hxxp://search.zonealarm.com/search?src=tb&tbid=base2013&Lan={dfltLng}&gu=52eddfd27d5c4a5c949347154488a8d3&tu=11JL0008C2B000s&sku=&tstsId=&ver=&&q=
FF - user.js: extensions.zonealarm.id - 54c5727d00000000000072b7c3182e2d
FF - user.js: extensions.zonealarm.appId - {C56C48A0-DA4E-46F6-9859-1553DC865F84}
FF - user.js: extensions.zonealarm.instlDay - 15848
FF - user.js: extensions.zonealarm.vrsn - 1.8.3.16
FF - user.js: extensions.zonealarm.vrsni - 1.8.3.16
FF - user.js: extensions.zonealarm_i.vrsnTs - 1.8.3.1614:44:39
FF - user.js: extensions.zonealarm.prtnrId - checkpoint
FF - user.js: extensions.zonealarm.prdct - zonealarm
FF - user.js: extensions.zonealarm.aflt - 5043
FF - user.js: extensions.zonealarm_i.smplGrp - none
FF - user.js: extensions.zonealarm.tlbrId - base2013
FF - user.js: extensions.zonealarm.instlRef - ZLN118175294138873-5043
FF - user.js: extensions.zonealarm.dfltLng - en
FF - user.js: extensions.zonealarm.excTlbr - false
FF - user.js: extensions.zonealarm.admin - false
user_pref(extensions.autoDisableScopes,14);
.
============= SERVICES / DRIVERS ===============
.
R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;C:\windows\System32\drivers\iusb3hcs.sys [2012-2-27 16152]
R0 MpFilter;Microsoft Malware Protection Driver;C:\windows\System32\drivers\MpFilter.sys [2014-11-15 274696]
R1 SABI;SAMSUNG Kernel Driver For Windows 7;C:\windows\System32\drivers\SABI.sys [2012-5-28 13824]
R2 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Bluetooth Suite\AdminService.exe [2012-3-9 107648]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-5-28 13592]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-3-6 629984]
R2 Intel(R) ME Service;Intel(R) ME Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-5-28 127320]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [2012-5-28 164184]
R2 NisDrv;Microsoft Network Inspection System;C:\windows\System32\drivers\NisDrvWFP.sys [2012-8-30 124560]
R2 SamsungDeviceConfigurationWinService;SamsungDeviceConfiguration;C:\Program Files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe [2012-7-3 31624]
R2 Service Mgr RollAround;Service Mgr RollAround;C:\ProgramData\2a617352-d396-46a3-a71b-5d89535356cf\plugincontainer.exe [2015-2-21 577264]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-5-28 362840]
R2 Update Mgr RollAround;Update Mgr RollAround;C:\Program Files (x86)\Common Files\2a617352-d396-46a3-a71b-5d89535356cf\updater.exe [2015-2-21 384752]
R2 ZAtheros Bt&Wlan Coex Agent;ZAtheros Bt&Wlan Coex Agent;C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2012-3-9 163456]
R3 AthBTPort;Atheros Virtual Bluetooth Class;C:\windows\System32\drivers\btath_flt.sys [2012-3-9 36480]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\windows\System32\drivers\btath_a2dp.sys [2012-3-9 340096]
R3 btath_avdt;Atheros Bluetooth AVDT Service;C:\windows\System32\drivers\btath_avdt.sys [2012-3-9 111232]
R3 BTATH_BUS;Atheros Bluetooth Bus;C:\windows\System32\drivers\btath_bus.sys [2012-3-9 30848]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\windows\System32\drivers\btath_hcrp.sys [2012-3-9 168064]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\windows\System32\drivers\btath_lwflt.sys [2012-3-9 68736]
R3 BTATH_RCP;Bluetooth AVRCP Device;C:\windows\System32\drivers\btath_rcp.sys [2012-3-9 281472]
R3 BtFilter;BtFilter;C:\windows\System32\drivers\btfilter.sys [2012-3-9 551552]
R3 IntcDAud;Intel(R) Display Audio;C:\windows\System32\drivers\IntcDAud.sys [2011-12-5 331264]
R3 iusb3hub;Intel(R) USB 3.0 Hub Driver;C:\windows\System32\drivers\iusb3hub.sys [2012-2-27 356120]
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;C:\windows\System32\drivers\iusb3xhc.sys [2012-2-27 788760]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2015-1-30 366512]
R3 RTL8167;Realtek 8167 NT Driver;C:\windows\System32\drivers\Rt64win7.sys [2012-5-28 685160]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-4-11 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-4-11 124088]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 HtcVCom32;HTC Diagnostic Port;C:\windows\System32\drivers\HtcVComV64.sys [2010-3-8 121800]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\windows\System32\ieetwcollector.exe [2015-2-11 114688]
S3 libusb0;libusb-win32 - Kernel Driver 03/15/2014 0.0.0.0;C:\windows\System32\drivers\libusb0.sys [2014-3-15 52832]
S3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;C:\windows\System32\drivers\MijXfilt.sys [2012-10-14 117520]
S3 Netaapl;Apple Mobile Device Ethernet Service;C:\windows\System32\drivers\netaapl64.sys [2013-7-25 23040]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\windows\System32\drivers\rdpvideominiport.sys [2013-3-24 19456]
S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;C:\windows\System32\drivers\RtsUVStor.sys [2012-5-28 314472]
S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2013-3-24 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\System32\drivers\TsUsbGD.sys [2013-3-24 30208]
S3 USBAAPL64;Apple Mobile USB Driver;C:\windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\System32\Wat\WatAdminSvc.exe [2012-10-6 1255736]
S3 WsAudio_Device(1);WsAudio_Device(1);C:\windows\System32\drivers\VirtualAudio1.sys [2014-1-18 31080]
S3 WsAudio_Device(2);WsAudio_Device(2);C:\windows\System32\drivers\VirtualAudio2.sys [2014-1-18 31080]
S3 WsAudio_Device(3);WsAudio_Device(3);C:\windows\System32\drivers\VirtualAudio3.sys [2014-1-18 31080]
S3 WsAudio_Device(4);WsAudio_Device(4);C:\windows\System32\drivers\VirtualAudio4.sys [2014-1-18 31080]
S3 WsAudio_Device(5);WsAudio_Device(5);C:\windows\System32\drivers\VirtualAudio5.sys [2014-1-18 31080]
S3 WsAudio_Device;WsAudio_Device;C:\windows\System32\drivers\VirtualAudio.sys [2015-2-20 31080]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2015-02-22 00:06:38 1188440 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3DB34E3E-0235-452C-B0B5-CEFE35852D02}\gapaengine.dll
2015-02-22 00:06:17 11910896 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{8F419DE7-A07F-4D16-898A-4DE7BE3DA09E}\mpengine.dll
2015-02-21 22:20:08 -------- d-----w- C:\Program Files (x86)\Common Files\2a617352-d396-46a3-a71b-5d89535356cf
2015-02-21 22:20:07 -------- d-----w- C:\ProgramData\2a617352-d396-46a3-a71b-5d89535356cf
2015-02-21 22:20:06 -------- d-----w- C:\Program Files (x86)\Roll Around
2015-02-21 22:19:55 -------- d-----w- C:\Users\Arun\AppData\Roaming\RHEng
2015-02-21 01:01:14 11910896 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2015-02-20 17:17:55 -------- d-----w- C:\Users\Arun\AppData\Roaming\Aimersoft Video Converter Ultimate
2015-02-20 17:17:55 -------- d-----w- C:\Users\Arun\AppData\Roaming\{950EB46C-6AC7-4ACC-AB36-9A6A77C08B6A}
2015-02-20 17:17:36 -------- d-----w- C:\Users\Arun\AppData\Local\Aimersoft
2015-02-20 17:17:35 -------- d-----w- C:\Program Files\Common Files\Aimersoft
2015-02-20 17:17:25 31080 ----a-w- C:\windows\System32\drivers\VirtualAudio.sys
2015-02-20 17:17:11 -------- d-----w- C:\ProgramData\Aimersoft Video Converter Ultimate
2015-02-20 17:17:06 -------- d-----w- C:\Program Files (x86)\Aimersoft
2015-02-20 17:10:51 -------- d-----w- C:\Users\Arun\AppData\Roaming\GetRightToGo
2015-02-18 19:12:05 950272 ----a-w- C:\windows\System32\perftrack.dll
2015-02-18 19:12:05 29696 ----a-w- C:\windows\System32\powertracker.dll
2015-02-18 19:12:04 91136 ----a-w- C:\windows\System32\wdi.dll
2015-02-18 19:12:04 76800 ----a-w- C:\windows\SysWow64\wdi.dll
2015-02-12 17:38:42 620032 ----a-w- C:\windows\SysWow64\jscript9diag.dll
2015-02-12 17:38:41 814080 ----a-w- C:\windows\System32\jscript9diag.dll
2015-02-12 17:38:41 6041600 ----a-w- C:\windows\System32\jscript9.dll
2015-02-12 17:38:41 4300800 ----a-w- C:\windows\SysWow64\jscript9.dll
2015-02-11 15:04:11 609280 ----a-w- C:\windows\System32\generaltel.dll
2015-02-11 15:04:10 894976 ----a-w- C:\windows\System32\appraiser.dll
2015-02-11 15:04:10 1098752 ----a-w- C:\windows\System32\aeinv.dll
2015-02-11 15:04:09 762368 ----a-w- C:\windows\System32\invagent.dll
2015-02-11 15:04:08 414720 ----a-w- C:\windows\System32\devinv.dll
2015-02-11 15:04:08 1239720 ----a-w- C:\windows\System32\aitstatic.exe
2015-02-11 15:04:06 227328 ----a-w- C:\windows\System32\aepdu.dll
2015-02-11 15:04:05 192000 ----a-w- C:\windows\System32\aepic.dll
2015-02-11 15:01:37 1424384 ----a-w- C:\windows\System32\WindowsCodecs.dll
2015-02-11 15:00:26 406528 ----a-w- C:\windows\System32\scesrv.dll
2015-02-11 15:00:26 308224 ----a-w- C:\windows\SysWow64\scesrv.dll
2015-02-11 15:00:20 5554112 ----a-w- C:\windows\System32\ntoskrnl.exe
2015-02-11 15:00:19 3972544 ----a-w- C:\windows\SysWow64\ntkrnlpa.exe
2015-02-11 15:00:19 3917760 ----a-w- C:\windows\SysWow64\ntoskrnl.exe
2015-02-11 15:00:18 503808 ----a-w- C:\windows\System32\srcore.dll
2015-02-11 15:00:17 50176 ----a-w- C:\windows\System32\srclient.dll
2015-02-11 15:00:17 43008 ----a-w- C:\windows\SysWow64\srclient.dll
2015-02-11 15:00:17 296960 ----a-w- C:\windows\System32\rstrui.exe
2015-02-04 22:53:20 5070512 ----a-w- C:\windows\SysWow64\FlashPlayerInstaller.exe
2015-01-31 14:20:01 -------- d-----w- C:\GAMS
2015-01-26 00:14:28 -------- d-----w- C:\Users\Arun\AppData\Local\BBC
.
==================== Find3M ====================
.
2015-02-04 22:53:36 71344 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-02-04 22:53:36 701616 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe
2015-01-25 23:36:21 98216 ----a-w- C:\windows\SysWow64\WindowsAccessBridge-32.dll
2015-01-15 08:14:17 155072 ----a-w- C:\windows\System32\drivers\ksecpkg.sys
2015-01-15 08:14:16 95680 ----a-w- C:\windows\System32\drivers\ksecdd.sys
2015-01-15 08:09:58 29184 ----a-w- C:\windows\System32\sspisrv.dll
2015-01-15 08:09:58 136192 ----a-w- C:\windows\System32\sspicli.dll
2015-01-15 08:09:57 28160 ----a-w- C:\windows\System32\secur32.dll
2015-01-15 08:09:51 1461760 ----a-w- C:\windows\System32\lsasrv.dll
2015-01-15 08:09:15 31232 ----a-w- C:\windows\System32\lsass.exe
2015-01-15 08:08:59 64000 ----a-w- C:\windows\System32\auditpol.exe
2015-01-15 08:06:22 60416 ----a-w- C:\windows\System32\msobjs.dll
2015-01-15 08:06:11 146432 ----a-w- C:\windows\System32\msaudite.dll
2015-01-15 08:04:23 686080 ----a-w- C:\windows\System32\adtschema.dll
2015-01-15 07:42:59 22016 ----a-w- C:\windows\SysWow64\secur32.dll
2015-01-15 07:42:05 50176 ----a-w- C:\windows\SysWow64\auditpol.exe
2015-01-15 07:41:53 96768 ----a-w- C:\windows\SysWow64\sspicli.dll
2015-01-15 07:39:53 60416 ----a-w- C:\windows\SysWow64\msobjs.dll
2015-01-15 07:39:36 146432 ----a-w- C:\windows\SysWow64\msaudite.dll
2015-01-15 07:37:55 686080 ----a-w- C:\windows\SysWow64\adtschema.dll
2015-01-15 04:22:18 458824 ----a-w- C:\windows\System32\drivers\cng.sys
2015-01-13 02:49:19 1230336 ----a-w- C:\windows\SysWow64\WindowsCodecs.dll
2015-01-12 03:05:32 2724864 ----a-w- C:\windows\System32\mshtml.tlb
2015-01-12 03:05:19 4096 ----a-w- C:\windows\System32\ieetwcollectorres.dll
2015-01-12 02:49:42 66560 ----a-w- C:\windows\System32\iesetup.dll
2015-01-12 02:48:57 48640 ----a-w- C:\windows\System32\ieetwproxystub.dll
2015-01-12 02:48:52 584192 ----a-w- C:\windows\System32\vbscript.dll
2015-01-12 02:47:25 88064 ----a-w- C:\windows\System32\MshtmlDac.dll
2015-01-12 02:34:42 144384 ----a-w- C:\windows\System32\ieUnatt.exe
2015-01-12 02:34:30 114688 ----a-w- C:\windows\System32\ieetwcollector.exe
2015-01-12 02:25:28 968704 ----a-w- C:\windows\System32\MsSpellCheckingFacility.exe
2015-01-12 02:21:19 2724864 ----a-w- C:\windows\SysWow64\mshtml.tlb
2015-01-12 02:13:27 77824 ----a-w- C:\windows\System32\JavaScriptCollectionAgent.dll
2015-01-12 02:08:09 503296 ----a-w- C:\windows\SysWow64\vbscript.dll
2015-01-12 02:07:51 62464 ----a-w- C:\windows\SysWow64\iesetup.dll
2015-01-12 02:07:06 47616 ----a-w- C:\windows\SysWow64\ieetwproxystub.dll
2015-01-12 02:05:36 64000 ----a-w- C:\windows\SysWow64\MshtmlDac.dll
2015-01-12 01:55:47 115712 ----a-w- C:\windows\SysWow64\ieUnatt.exe
2015-01-12 01:46:29 1359360 ----a-w- C:\windows\System32\mshtmlmedia.dll
2015-01-12 01:46:00 2125824 ----a-w- C:\windows\System32\inetcpl.cpl
2015-01-12 01:40:43 60416 ----a-w- C:\windows\SysWow64\JavaScriptCollectionAgent.dll
2015-01-12 01:27:32 2358272 ----a-w- C:\windows\System32\wininet.dll
2015-01-12 01:23:09 2052608 ----a-w- C:\windows\SysWow64\inetcpl.cpl
2015-01-12 01:22:17 1155072 ----a-w- C:\windows\SysWow64\mshtmlmedia.dll
2015-01-12 01:00:17 1888256 ----a-w- C:\windows\SysWow64\wininet.dll
2015-01-10 06:48:22 210944 ----a-w- C:\windows\System32\wdigest.dll
2015-01-10 06:48:19 86528 ----a-w- C:\windows\System32\TSpkg.dll
2015-01-10 06:48:17 341504 ----a-w- C:\windows\System32\schannel.dll
2015-01-10 06:48:13 309760 ----a-w- C:\windows\System32\ncrypt.dll
2015-01-10 06:48:12 314880 ----a-w- C:\windows\System32\msv1_0.dll
2015-01-10 06:48:10 728064 ----a-w- C:\windows\System32\kerberos.dll
2015-01-10 06:48:05 22016 ----a-w- C:\windows\System32\credssp.dll
2015-01-10 06:27:54 172032 ----a-w- C:\windows\SysWow64\wdigest.dll
2015-01-10 06:27:51 65536 ----a-w- C:\windows\SysWow64\TSpkg.dll
2015-01-10 06:27:47 248832 ----a-w- C:\windows\SysWow64\schannel.dll
2015-01-10 06:27:44 221184 ----a-w- C:\windows\SysWow64\ncrypt.dll
2015-01-10 06:27:43 259584 ----a-w- C:\windows\SysWow64\msv1_0.dll
2015-01-10 06:27:39 550912 ----a-w- C:\windows\SysWow64\kerberos.dll
2015-01-10 06:27:32 17408 ----a-w- C:\windows\SysWow64\credssp.dll
2015-01-09 02:03:01 3201536 ----a-w- C:\windows\System32\win32k.sys
2014-12-31 11:14:31 298120 ------w- C:\windows\System32\MpSigStub.exe
2014-12-19 03:06:55 210432 ----a-w- C:\windows\System32\profsvc.dll
2014-12-19 01:46:45 141312 ----a-w- C:\windows\System32\drivers\mrxdav.sys
2014-12-12 05:31:39 1480192 ----a-w- C:\windows\System32\crypt32.dll
2014-12-12 05:07:26 1174528 ----a-w- C:\windows\SysWow64\crypt32.dll
2014-12-11 17:47:16 62976 ----a-w- C:\windows\System32\TSWbPrxy.exe
2014-12-06 04:17:27 303616 ----a-w- C:\windows\System32\nlasvc.dll
2014-12-06 03:50:19 52224 ----a-w- C:\windows\SysWow64\nlaapi.dll
2014-12-06 03:50:18 156672 ----a-w- C:\windows\SysWow64\ncsi.dll
2014-11-26 03:53:59 861696 ----a-w- C:\windows\System32\oleaut32.dll
2014-11-26 03:32:05 571904 ----a-w- C:\windows\SysWow64\oleaut32.dll
.
============= FINISH: 13:54:23.18 ===============