Have been experiencing slow running and unresponsiveness in the laptop for some time. Running at 90% memory capacity when web browsing, and at 45-55% when idle. Had several BSOD, and was advised to check for malware.
DDS:
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 9.0.8112.16685
Run by ADB49 at 12:09:01 on 2015-08-31
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\Program Files\Secunia\PSI\PSIA.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\taskeng.exe
c:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Program Files\Secunia\PSI\sua.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\SiS VGA Utilities\SiSTray.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\FSC\TouchPad HotKey Utility\TouchPad_HotKey.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Secunia\PSI\psi_tray.exe
C:\Program Files\FSC\Wireless Utility\WirelessSelector.exe
C:\Users\ADB49\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Windows\System32\mobsync.exe
C:\Windows\system32\Taskmgr.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k hpdevmgmt
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
.
============== Pseudo HJT Report ===============
.
BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll
uRun: [CCleaner Monitoring] "c:\program files\ccleaner\CCleaner.exe" /MONITOR
uRun: [Dropbox Update] "c:\users\adb49\appdata\local\dropbox\update\DropboxUpdate.exe" /c
uRun: [SpybotPostWindows10UpgradeReInstall] "c:\program files\common files\av\spybot - search and destroy\Test.exe"
uRun: [Spybot-S&D Cleaning] "c:\program files\spybot - search & destroy 2\SDCleaner.exe" /autoclean
mRun: [Windows Defender] c:\program files\windows defender\MSASCui.exe -hide
mRun: [SiSTray] c:\program files\sis vga utilities\SiSTray.exe
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [Skytel] Skytel.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [TouchPadHotKey] c:\program files\fsc\touchpad hotkey utility\TouchPad_HotKey.exe
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [SDTray] "c:\program files\spybot - search & destroy 2\SDTray.exe"
mRun: [QuickTime Task] "c:\program files\quicktime alternative\QTTask.exe" -atboottime
mRun: [ZoneAlarm] "c:\program files\checkpoint\zonealarm\zatray.exe"
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: SoftwareSASGeneration = dword:1
mPolicies-System: EnableSecureUIAPath = dword:1
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{2B2610FD-EABF-4654-850F-5A4B9945AE07} : DHCPNameServer = 192.168.1.1
Notify: SDWinLogon - SDWinLogon.dll
LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg
Hosts: 127.0.0.1 Spyware Info | Spyware Info
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\adb49\appdata\roaming\mozilla\firefox\profiles\4vgpos24.default\
FF - prefs.js: browser.search.selectedEngine - Search By ZoneAlarm
FF - prefs.js: browser.startup.homepage - Google
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\picasa3\npPicasa3.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.40728.0\npctrlui.dll
FF - plugin: c:\users\adb49\appdata\roaming\mozilla\firefox\profiles\4vgpos24.default\extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2}\plugins\npAclmPlugin.dll
FF - plugin: c:\users\adb49\appdata\roaming\mozilla\firefox\profiles\4vgpos24.default\extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2}\plugins\npPitPlugin.dll
FF - plugin: c:\users\adb49\appdata\roaming\mozilla\firefox\profiles\4vgpos24.default\extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2}\plugins\npProductDetectPlugin.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_17_0_0_188.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_18_0_0_232.dll
.
============= SERVICES / DRIVERS ===============
.
R? CH341SER;CH341SER
R? clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86
R? eapihdrv;eapihdrv
R? MBAMService;MBAMService
R? MBAMWebAccessControl;MBAMWebAccessControl
R? SDWSCService;Spybot-S&D 2 Security Center Service
R? WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0
S? FontCache;Windows Font Cache Service
S? MBAMProtector;MBAMProtector
S? MpFilter;Microsoft Malware Protection Driver
S? MpKsle3030d05;MpKsle3030d05
S? NisDrv;Microsoft Network Inspection System
S? NisSrv;Microsoft Network Inspection
S? PSI;PSI
S? SDScannerService;Spybot-S&D 2 Scanner Service
S? SDUpdateService;Spybot-S&D 2 Updating Service
S? Secunia PSI Agent;Secunia PSI Agent
S? Secunia Update Agent;Secunia Update Agent
S? SiS6350;SiS6350
S? SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver
S? ZAPrivacyService;ZoneAlarm Privacy Service
.
=============== Created Last 30 ================
.
2015-08-30 16:00:16 39168 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{3588452f-c4a1-4bb9-a2b0-e83fc26a9633}\MpKsle3030d05.sys
2015-08-30 15:24:56 912000 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{f1deb663-44b7-403b-a021-5e674a917742}\gapaengine.dll
2015-08-30 15:23:38 9234960 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{3588452f-c4a1-4bb9-a2b0-e83fc26a9633}\mpengine.dll
2015-08-30 15:18:49 -------- d-----w- c:\program files\Microsoft Security Client
2015-08-29 10:27:28 62576 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{40bb5cbb-2086-4592-92e6-681d33c94b06}\offreg.964.dll
2015-08-29 10:06:29 9234960 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{40bb5cbb-2086-4592-92e6-681d33c94b06}\mpengine.dll
2015-08-19 19:49:48 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2015-08-19 19:49:45 758000 ----a-w- c:\program files\internet explorer\iexplore.exe
2015-08-19 19:49:45 151184 ----a-w- c:\program files\internet explorer\sqmapi.dll
2015-08-16 15:46:37 -------- d-----w- c:\programdata\Fujitsu
2015-08-12 18:52:38 56256 ----a-w- c:\windows\system32\drivers\mountmgr.sys
2015-08-12 18:52:38 49664 ----a-w- c:\windows\system32\csrsrv.dll
2015-08-12 18:52:37 140224 ----a-w- c:\windows\system32\drivers\ecache.sys
2015-08-12 18:52:37 1206192 ----a-w- c:\windows\system32\ntdll.dll
2015-08-12 18:52:37 10752 ----a-w- c:\windows\system32\msmmsp.dll
2015-08-12 18:52:36 564224 ----a-w- c:\windows\system32\emdmgmt.dll
2015-08-12 18:52:35 3605440 ----a-w- c:\windows\system32\ntkrnlpa.exe
2015-08-12 18:52:32 3553216 ----a-w- c:\windows\system32\ntoskrnl.exe
2015-08-12 18:45:17 103120 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 18:44:24 304640 ----a-w- c:\windows\system32\drivers\srv.sys
2015-08-12 18:40:41 2067968 ----a-w- c:\windows\system32\mstscax.dll
2015-08-12 17:59:27 68608 ----a-w- c:\windows\system32\basesrv.dll
2015-08-12 17:56:21 1402368 ----a-w- c:\windows\system32\msxml6.dll
2015-08-12 17:56:21 1253376 ----a-w- c:\windows\system32\msxml3.dll
2015-08-12 17:53:53 486400 ----a-w- c:\windows\system32\d3d10level9.dll
2015-08-12 17:53:53 219648 ----a-w- c:\windows\system32\d3d10_1core.dll
2015-08-12 17:53:53 160768 ----a-w- c:\windows\system32\d3d10_1.dll
2015-08-12 17:53:52 297472 ----a-w- c:\windows\system32\atmfd.dll
2015-08-12 17:53:52 189952 ----a-w- c:\windows\system32\d3d10core.dll
2015-08-12 17:53:52 1172480 ----a-w- c:\windows\system32\d3d10warp.dll
2015-08-12 17:53:51 682496 ----a-w- c:\windows\system32\d2d1.dll
2015-08-12 17:53:51 34304 ----a-w- c:\windows\system32\atmlib.dll
2015-08-12 17:53:50 2066944 ----a-w- c:\windows\system32\win32k.sys
2015-08-12 17:53:50 1029120 ----a-w- c:\windows\system32\d3d10.dll
2015-08-12 17:53:49 802304 ----a-w- c:\windows\system32\FntCache.dll
2015-08-12 17:53:49 1072640 ----a-w- c:\windows\system32\DWrite.dll
2015-08-12 17:52:43 -------- d-sh--w- c:\windows\system32\%APPDATA%
2015-08-12 17:49:54 199680 ----a-w- c:\windows\system32\WebClnt.dll
2015-08-12 17:49:05 151040 ----a-w- c:\windows\system32\notepad.exe
2015-08-12 17:49:05 151040 ----a-w- c:\windows\notepad.exe
2015-08-04 23:03:08 877152 ----a-w- c:\windows\system32\msvcr120_clr0400.dll
2015-08-04 23:03:08 538208 ----a-w- c:\windows\system32\msvcp120_clr0400.dll
2015-08-02 20:28:01 -------- d-----w- c:\users\adb49\appdata\local\DriverToolkit
2015-08-02 20:27:36 -------- d-----w- c:\program files\DriverToolkit
2015-08-02 12:06:50 -------- d-----w- c:\program files\NirSoft
.
==================== Find3M ====================
.
2015-08-12 18:25:41 778440 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2015-08-12 18:25:40 142536 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2015-08-11 10:15:32 98520 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-07-22 20:54:48 367616 ----a-w- c:\windows\system32\html.iec
2015-07-22 20:51:20 1810432 ----a-w- c:\windows\system32\jscript9.dll
2015-07-22 20:46:19 1129472 ----a-w- c:\windows\system32\wininet.dll
2015-07-22 20:45:50 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2015-07-22 20:44:56 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2015-07-22 20:44:39 421888 ----a-w- c:\windows\system32\vbscript.dll
2015-07-22 20:43:19 11776 ----a-w- c:\windows\system32\mshta.exe
2015-07-05 10:11:18 246952 ------w- c:\windows\system32\MpSigStub.exe
2015-07-03 16:04:03 1316864 ----a-w- c:\windows\system32\ole32.dll
2015-06-27 16:03:22 783872 ----a-w- c:\windows\system32\rpcrt4.dll
2015-06-27 16:02:55 218112 ----a-w- c:\windows\system32\msv1_0.dll
2015-06-27 16:02:34 501248 ----a-w- c:\windows\system32\kerberos.dll
2015-06-27 16:01:58 801280 ----a-w- c:\windows\system32\advapi32.dll
2015-06-27 14:21:13 217088 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2015-06-27 14:21:10 81408 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2015-06-18 07:41:50 51928 ----a-w- c:\windows\system32\drivers\mwac.sys
2015-06-18 07:41:42 94936 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-06-18 07:41:36 23256 ----a-w- c:\windows\system32\drivers\mbam.sys
2015-06-17 16:50:20 2264576 ----a-w- c:\windows\system32\msi.dll
2015-06-17 15:09:17 73216 ----a-w- c:\windows\system32\msiexec.exe
2015-06-17 00:01:52 1202856 ----a-w- c:\windows\system32\FM20.DLL
2015-06-16 16:19:02 18688 ----a-w- c:\windows\system32\sdnclean.exe
2015-06-12 16:01:52 298496 ----a-w- c:\windows\system32\gdi32.dll
2015-06-12 13:13:52 440768 ----a-w- c:\windows\system32\drivers\ksecdd.sys
.
============= FINISH: 12:15:50.90 ===============
DDS:
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 9.0.8112.16685
Run by ADB49 at 12:09:01 on 2015-08-31
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\Program Files\Secunia\PSI\PSIA.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\taskeng.exe
c:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Program Files\Secunia\PSI\sua.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\SiS VGA Utilities\SiSTray.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\FSC\TouchPad HotKey Utility\TouchPad_HotKey.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Secunia\PSI\psi_tray.exe
C:\Program Files\FSC\Wireless Utility\WirelessSelector.exe
C:\Users\ADB49\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Windows\System32\mobsync.exe
C:\Windows\system32\Taskmgr.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k hpdevmgmt
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
.
============== Pseudo HJT Report ===============
.
BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll
uRun: [CCleaner Monitoring] "c:\program files\ccleaner\CCleaner.exe" /MONITOR
uRun: [Dropbox Update] "c:\users\adb49\appdata\local\dropbox\update\DropboxUpdate.exe" /c
uRun: [SpybotPostWindows10UpgradeReInstall] "c:\program files\common files\av\spybot - search and destroy\Test.exe"
uRun: [Spybot-S&D Cleaning] "c:\program files\spybot - search & destroy 2\SDCleaner.exe" /autoclean
mRun: [Windows Defender] c:\program files\windows defender\MSASCui.exe -hide
mRun: [SiSTray] c:\program files\sis vga utilities\SiSTray.exe
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [Skytel] Skytel.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [TouchPadHotKey] c:\program files\fsc\touchpad hotkey utility\TouchPad_HotKey.exe
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [SDTray] "c:\program files\spybot - search & destroy 2\SDTray.exe"
mRun: [QuickTime Task] "c:\program files\quicktime alternative\QTTask.exe" -atboottime
mRun: [ZoneAlarm] "c:\program files\checkpoint\zonealarm\zatray.exe"
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: SoftwareSASGeneration = dword:1
mPolicies-System: EnableSecureUIAPath = dword:1
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{2B2610FD-EABF-4654-850F-5A4B9945AE07} : DHCPNameServer = 192.168.1.1
Notify: SDWinLogon - SDWinLogon.dll
LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg
Hosts: 127.0.0.1 Spyware Info | Spyware Info
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\adb49\appdata\roaming\mozilla\firefox\profiles\4vgpos24.default\
FF - prefs.js: browser.search.selectedEngine - Search By ZoneAlarm
FF - prefs.js: browser.startup.homepage - Google
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\picasa3\npPicasa3.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.40728.0\npctrlui.dll
FF - plugin: c:\users\adb49\appdata\roaming\mozilla\firefox\profiles\4vgpos24.default\extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2}\plugins\npAclmPlugin.dll
FF - plugin: c:\users\adb49\appdata\roaming\mozilla\firefox\profiles\4vgpos24.default\extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2}\plugins\npPitPlugin.dll
FF - plugin: c:\users\adb49\appdata\roaming\mozilla\firefox\profiles\4vgpos24.default\extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2}\plugins\npProductDetectPlugin.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_17_0_0_188.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_18_0_0_232.dll
.
============= SERVICES / DRIVERS ===============
.
R? CH341SER;CH341SER
R? clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86
R? eapihdrv;eapihdrv
R? MBAMService;MBAMService
R? MBAMWebAccessControl;MBAMWebAccessControl
R? SDWSCService;Spybot-S&D 2 Security Center Service
R? WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0
S? FontCache;Windows Font Cache Service
S? MBAMProtector;MBAMProtector
S? MpFilter;Microsoft Malware Protection Driver
S? MpKsle3030d05;MpKsle3030d05
S? NisDrv;Microsoft Network Inspection System
S? NisSrv;Microsoft Network Inspection
S? PSI;PSI
S? SDScannerService;Spybot-S&D 2 Scanner Service
S? SDUpdateService;Spybot-S&D 2 Updating Service
S? Secunia PSI Agent;Secunia PSI Agent
S? Secunia Update Agent;Secunia Update Agent
S? SiS6350;SiS6350
S? SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver
S? ZAPrivacyService;ZoneAlarm Privacy Service
.
=============== Created Last 30 ================
.
2015-08-30 16:00:16 39168 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{3588452f-c4a1-4bb9-a2b0-e83fc26a9633}\MpKsle3030d05.sys
2015-08-30 15:24:56 912000 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{f1deb663-44b7-403b-a021-5e674a917742}\gapaengine.dll
2015-08-30 15:23:38 9234960 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{3588452f-c4a1-4bb9-a2b0-e83fc26a9633}\mpengine.dll
2015-08-30 15:18:49 -------- d-----w- c:\program files\Microsoft Security Client
2015-08-29 10:27:28 62576 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{40bb5cbb-2086-4592-92e6-681d33c94b06}\offreg.964.dll
2015-08-29 10:06:29 9234960 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{40bb5cbb-2086-4592-92e6-681d33c94b06}\mpengine.dll
2015-08-19 19:49:48 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2015-08-19 19:49:45 758000 ----a-w- c:\program files\internet explorer\iexplore.exe
2015-08-19 19:49:45 151184 ----a-w- c:\program files\internet explorer\sqmapi.dll
2015-08-16 15:46:37 -------- d-----w- c:\programdata\Fujitsu
2015-08-12 18:52:38 56256 ----a-w- c:\windows\system32\drivers\mountmgr.sys
2015-08-12 18:52:38 49664 ----a-w- c:\windows\system32\csrsrv.dll
2015-08-12 18:52:37 140224 ----a-w- c:\windows\system32\drivers\ecache.sys
2015-08-12 18:52:37 1206192 ----a-w- c:\windows\system32\ntdll.dll
2015-08-12 18:52:37 10752 ----a-w- c:\windows\system32\msmmsp.dll
2015-08-12 18:52:36 564224 ----a-w- c:\windows\system32\emdmgmt.dll
2015-08-12 18:52:35 3605440 ----a-w- c:\windows\system32\ntkrnlpa.exe
2015-08-12 18:52:32 3553216 ----a-w- c:\windows\system32\ntoskrnl.exe
2015-08-12 18:45:17 103120 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 18:44:24 304640 ----a-w- c:\windows\system32\drivers\srv.sys
2015-08-12 18:40:41 2067968 ----a-w- c:\windows\system32\mstscax.dll
2015-08-12 17:59:27 68608 ----a-w- c:\windows\system32\basesrv.dll
2015-08-12 17:56:21 1402368 ----a-w- c:\windows\system32\msxml6.dll
2015-08-12 17:56:21 1253376 ----a-w- c:\windows\system32\msxml3.dll
2015-08-12 17:53:53 486400 ----a-w- c:\windows\system32\d3d10level9.dll
2015-08-12 17:53:53 219648 ----a-w- c:\windows\system32\d3d10_1core.dll
2015-08-12 17:53:53 160768 ----a-w- c:\windows\system32\d3d10_1.dll
2015-08-12 17:53:52 297472 ----a-w- c:\windows\system32\atmfd.dll
2015-08-12 17:53:52 189952 ----a-w- c:\windows\system32\d3d10core.dll
2015-08-12 17:53:52 1172480 ----a-w- c:\windows\system32\d3d10warp.dll
2015-08-12 17:53:51 682496 ----a-w- c:\windows\system32\d2d1.dll
2015-08-12 17:53:51 34304 ----a-w- c:\windows\system32\atmlib.dll
2015-08-12 17:53:50 2066944 ----a-w- c:\windows\system32\win32k.sys
2015-08-12 17:53:50 1029120 ----a-w- c:\windows\system32\d3d10.dll
2015-08-12 17:53:49 802304 ----a-w- c:\windows\system32\FntCache.dll
2015-08-12 17:53:49 1072640 ----a-w- c:\windows\system32\DWrite.dll
2015-08-12 17:52:43 -------- d-sh--w- c:\windows\system32\%APPDATA%
2015-08-12 17:49:54 199680 ----a-w- c:\windows\system32\WebClnt.dll
2015-08-12 17:49:05 151040 ----a-w- c:\windows\system32\notepad.exe
2015-08-12 17:49:05 151040 ----a-w- c:\windows\notepad.exe
2015-08-04 23:03:08 877152 ----a-w- c:\windows\system32\msvcr120_clr0400.dll
2015-08-04 23:03:08 538208 ----a-w- c:\windows\system32\msvcp120_clr0400.dll
2015-08-02 20:28:01 -------- d-----w- c:\users\adb49\appdata\local\DriverToolkit
2015-08-02 20:27:36 -------- d-----w- c:\program files\DriverToolkit
2015-08-02 12:06:50 -------- d-----w- c:\program files\NirSoft
.
==================== Find3M ====================
.
2015-08-12 18:25:41 778440 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2015-08-12 18:25:40 142536 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2015-08-11 10:15:32 98520 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-07-22 20:54:48 367616 ----a-w- c:\windows\system32\html.iec
2015-07-22 20:51:20 1810432 ----a-w- c:\windows\system32\jscript9.dll
2015-07-22 20:46:19 1129472 ----a-w- c:\windows\system32\wininet.dll
2015-07-22 20:45:50 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2015-07-22 20:44:56 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2015-07-22 20:44:39 421888 ----a-w- c:\windows\system32\vbscript.dll
2015-07-22 20:43:19 11776 ----a-w- c:\windows\system32\mshta.exe
2015-07-05 10:11:18 246952 ------w- c:\windows\system32\MpSigStub.exe
2015-07-03 16:04:03 1316864 ----a-w- c:\windows\system32\ole32.dll
2015-06-27 16:03:22 783872 ----a-w- c:\windows\system32\rpcrt4.dll
2015-06-27 16:02:55 218112 ----a-w- c:\windows\system32\msv1_0.dll
2015-06-27 16:02:34 501248 ----a-w- c:\windows\system32\kerberos.dll
2015-06-27 16:01:58 801280 ----a-w- c:\windows\system32\advapi32.dll
2015-06-27 14:21:13 217088 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2015-06-27 14:21:10 81408 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2015-06-18 07:41:50 51928 ----a-w- c:\windows\system32\drivers\mwac.sys
2015-06-18 07:41:42 94936 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-06-18 07:41:36 23256 ----a-w- c:\windows\system32\drivers\mbam.sys
2015-06-17 16:50:20 2264576 ----a-w- c:\windows\system32\msi.dll
2015-06-17 15:09:17 73216 ----a-w- c:\windows\system32\msiexec.exe
2015-06-17 00:01:52 1202856 ----a-w- c:\windows\system32\FM20.DLL
2015-06-16 16:19:02 18688 ----a-w- c:\windows\system32\sdnclean.exe
2015-06-12 16:01:52 298496 ----a-w- c:\windows\system32\gdi32.dll
2015-06-12 13:13:52 440768 ----a-w- c:\windows\system32\drivers\ksecdd.sys
.
============= FINISH: 12:15:50.90 ===============