Hi guys,
I think I have a virus/malware etc. My PC is running slow and Spybot found entries but couldn't remove all of them (can't remember names).
I am normally very careful but think they maybe came from some pop-ups when I tried streaming football. I also have utorrent installed but I use a private torrent site that is invite only and never download brand new stuff until others have so all that stuff is safe. Also I have used that loads and never been any problems until I tired watching the football.
I have read the instructions so please find attached all the required info and I am unsure if I have an install DVD but don't think so:
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16476 BrowserJavaVersion: 10.17.2
Run by Dave at 12:45:13 on 2013-04-15
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.8082.5248 [GMT 1:00]
.
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\nvvsvc.exe
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\windows\system32\nvvsvc.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\windows\System32\spoolsv.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\AllShareFrameworkManagerDMS.exe
C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\AllShareFrameworkDMS.exe
C:\Program Files\Samsung\AllShare Play\AllShare Play Service.exe
C:\Program Files\Samsung\AllShare Play\AllShare Play Service.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\windows\SysWOW64\IoctlSvc.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\system32\taskhost.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
C:\windows\system32\ThpSrv.exe
C:\windows\system32\TODDSrv.exe
C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\TOSHIBA\TECO\TecoService.exe
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\system32\wbem\wmiprvse.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\ThpSrv.exe
C:\Windows\System32\igfxtray.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files (x86)\Windows Sidebar\sidebar.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\uTorrent\uTorrent.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
C:\windows\system32\svchost.exe -k SDRSVC
C:\windows\system32\SearchProtocolHost.exe
C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_169.exe
C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_169.exe
C:\windows\system32\SearchFilterHost.exe
C:\windows\servicing\TrustedInstaller.exe
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.searchqu.com/406
uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TEUA&bmod=TEUA
mWinlogon: Userinit = userinit.exe,
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: TOSHIBA Media Controller Plug-in: {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll
TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
uRun: [Sidebar] C:\Program Files (x86)\Windows Sidebar\sidebar.exe /autoRun
uRun: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
mRun: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
dRun: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STARTUP
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
IE: Free YouTube Download - C:\Users\Dave\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm
IE: Free YouTube to MP3 Converter - C:\Users\Dave\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll/cmsidewiki.html
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{00F3ECBC-8DC8-4ACA-917F-E473CE402533} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{00F3ECBC-8DC8-4ACA-917F-E473CE402533}\441667562E08993702960586F6E656 : DHCPNameServer = 109.249.185.224 109.249.186.32
TCP: Interfaces\{059D40D1-A959-4578-B5C7-8FBAD7562378} : NameServer = 88.82.13.28 88.82.13.28
TCP: Interfaces\{08C0E097-0034-4B04-A3BE-1B271AA41E5A} : NameServer = 88.82.13.60 88.82.13.60
TCP: Interfaces\{19F93077-6888-45AE-AAF6-AC7105FED242} : DHCPNameServer = 149.254.230.7 149.254.199.126
TCP: Interfaces\{5E0695D9-A120-4CE1-BD3C-265E460DEA69} : DHCPNameServer = 109.249.185.224 109.249.188.32
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs= C:\PROGRA~2\SEARCH~1\SEARCH~1\datamngr.dll C:\PROGRA~2\SEARCH~1\SEARCH~1\IEBHO.dll C:\windows\SysWOW64\nvinit.dll
SSODL: WebCheck - <orphaned>
x64-BHO: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: TOSHIBA Media Controller Plug-in: {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\x64\TOSHIBAMediaControllerIE.dll
x64-TB: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [ThpSrv] C:\windows\System32\thpsrv /logon
x64-Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe
x64-Run: [IgfxTray] C:\windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\windows\System32\igfxpers.exe
.
INFO: x64-HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
Hosts: 127.0.0.1 Spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\ukmp5vdf.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.co.uk/
FF - prefs.js: keyword.URL - hxxp://www.searchqu.com/web?src=ffb&appid=0&systemid=406&sr=0&q=
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Program Files\Samsung\AllShare Play\utils\npAllSharePlayPCPlugin.dll
FF - plugin: C:\Users\Dave\AppData\Roaming\TorrentStream\player\npts_plugin.dll
FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll
FF - plugin: C:\windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\windows\SysWOW64\npmproxy.dll
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;aswRvrt;C:\windows\System32\drivers\aswRvrt.sys [2013-3-14 65336]
R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;C:\windows\System32\drivers\iusb3hcs.sys [2012-1-28 16152]
R0 nvpciflt;nvpciflt;C:\windows\System32\drivers\nvpciflt.sys [2012-11-30 30056]
R0 Thpdrv;TOSHIBA HDD Protection Driver;C:\windows\System32\drivers\thpdrv.sys [2011-3-24 36992]
R0 Thpevm;TOSHIBA HDD Protection - Shock Sensor Driver;C:\windows\System32\drivers\Thpevm.sys [2009-6-30 14784]
R0 tos_sps64;TOSHIBA tos_sps64 Service;C:\windows\System32\drivers\tos_sps64.sys [2012-4-20 482384]
R1 aswSnx;aswSnx;C:\windows\System32\drivers\aswSnx.sys [2012-6-13 1025808]
R1 aswSP;aswSP;C:\windows\System32\drivers\aswSP.sys [2012-6-13 377920]
R2 {73526619-C24F-470B-9BED-53D455FBB5C6};Power Control [2012/11/30 11:04:14];C:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\000.fcl [2012-8-10 147704]
R2 AllShare Framework DMS;AllShare Framework DMS;C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\AllShareFrameworkManagerDMS.exe [2012-10-23 408184]
R2 AllShare Play Service;AllShare Play Service;C:\Program Files\Samsung\AllShare Play\AllShare Play Service.exe [2013-4-4 662600]
R2 aswFsBlk;aswFsBlk;C:\windows\System32\drivers\aswFsBlk.sys [2012-6-13 33400]
R2 aswMonFlt;aswMonFlt;C:\windows\System32\drivers\aswMonFlt.sys [2012-6-13 80816]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-3-14 45248]
R2 CLHNServiceForPowerDVD12;CLHNServiceForPowerDVD12;C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe [2012-11-30 90640]
R2 CyberLink PowerDVD 12 Media Server Monitor Service;CyberLink PowerDVD 12 Media Server Monitor Service;C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [2012-11-30 78352]
R2 CyberLink PowerDVD 12 Media Server Service;CyberLink PowerDVD 12 Media Server Service;C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [2012-11-30 295440]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-2-3 628448]
R2 Intel(R) ME Service;Intel(R) ME Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-4-20 128280]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [2012-4-20 161560]
R2 ntk_PowerDVD12;ntk_PowerDVD12;C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys [2012-11-30 83704]
R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2013-2-13 1153368]
R2 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO);C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [2011-2-10 112080]
R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;C:\Program Files\TOSHIBA\TECO\TecoService.exe [2012-2-10 295360]
R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;C:\windows\System32\drivers\TVALZFL.sys [2009-6-20 14472]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-4-20 363800]
R3 CeKbFilter;CeKbFilter;C:\windows\System32\drivers\CeKbFilter.sys [2012-4-20 20592]
R3 huawei_enumerator;huawei_enumerator;C:\windows\System32\drivers\ew_jubusenum.sys [2013-1-30 90112]
R3 IntcDAud;Intel(R) Display Audio;C:\windows\System32\drivers\IntcDAud.sys [2011-12-6 331264]
R3 iusb3hub;Intel(R) USB 3.0 Hub Driver;C:\windows\System32\drivers\iusb3hub.sys [2012-1-28 356120]
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;C:\windows\System32\drivers\iusb3xhc.sys [2012-1-28 787736]
R3 PGEffect;Pangu effect driver;C:\windows\System32\drivers\PGEffect.sys [2012-4-20 38096]
R3 RTL8167;Realtek 8167 NT Driver;C:\windows\System32\drivers\Rt64win7.sys [2012-4-20 677480]
R3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;C:\windows\System32\drivers\rtwlane.sys [2012-4-20 1082472]
R3 SmbDrv;SmbDrv;C:\windows\System32\drivers\Smb_driver.sys [2012-2-25 22800]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2011-11-26 138152]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 aswVmm;aswVmm;C:\windows\System32\drivers\aswVmm.sys [2013-3-14 178624]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;C:\windows\System32\drivers\ew_hwusbdev.sys [2013-1-30 117248]
S3 ew_usbenumfilter;huawei_CompositeFilter;C:\windows\System32\drivers\ew_usbenumfilter.sys [2013-1-30 13952]
S3 huawei_cdcacm;huawei_cdcacm;C:\windows\System32\drivers\ew_jucdcacm.sys [2013-1-30 104448]
S3 huawei_ext_ctrl;huawei_ext_ctrl;C:\windows\System32\drivers\ew_juextctrl.sys [2013-1-30 30720]
S3 huawei_wwanecm;huawei_wwanecm;C:\windows\System32\drivers\ew_juwwanecm.sys [2013-1-30 229376]
S3 Netaapl;Apple Mobile Device Ethernet Service;C:\windows\System32\drivers\netaapl64.sys [2012-3-26 22528]
S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\windows\System32\drivers\rdpvideominiport.sys [2013-2-2 19456]
S3 RSP2STOR;Realtek PCIE CardReader Driver - P2;C:\windows\System32\drivers\RtsP2Stor.sys [2012-4-20 259176]
S3 RtkBtFilter;Realtek Bluetooth Filter Driver;C:\windows\System32\drivers\RtkBtfilter.sys [2012-1-5 21096]
S3 TMachInfo;TMachInfo;C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2012-4-20 57216]
S3 TPCHSrv;TPCH Service;C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2011-12-14 833976]
S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2013-2-2 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\System32\drivers\TsUsbGD.sys [2013-2-2 30208]
S3 USBAAPL64;Apple Mobile USB Driver;C:\windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\System32\Wat\WatAdminSvc.exe [2012-6-15 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-23 57184]
.
=============== Created Last 30 ================
.
2013-04-15 00:23:13 -------- d-----w- C:\Users\Dave\AppData\Local\{42C0B184-396F-48DD-AE77-EFF23B47D10D}
2013-04-14 12:22:59 -------- d-----w- C:\Users\Dave\AppData\Local\{EDC08BD1-42CE-4408-990D-70DFB0992F58}
2013-04-13 10:25:27 -------- d-----w- C:\Users\Dave\AppData\Local\{93B1B727-56A0-446C-83ED-43D6C6F3AF20}
2013-04-12 06:46:58 -------- d-----w- C:\Users\Dave\AppData\Local\{739A0CEC-7650-4794-BE34-33EED81BE624}
2013-04-12 06:30:26 9311288 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{817CDEEA-8249-4D9B-A6FB-49D03220BF25}\mpengine.dll
2013-04-11 14:59:23 -------- d-----w- C:\Users\Dave\AppData\Local\{F083AE5C-84E6-401B-8484-7C9F8B029002}
2013-04-10 14:01:00 3153408 ----a-w- C:\windows\System32\win32k.sys
2013-04-10 14:00:59 1655656 ----a-w- C:\windows\System32\drivers\ntfs.sys
2013-04-10 14:00:56 223752 ----a-w- C:\windows\System32\drivers\fvevol.sys
2013-04-10 14:00:46 5550424 ----a-w- C:\windows\System32\ntoskrnl.exe
2013-04-10 14:00:44 3913560 ----a-w- C:\windows\SysWow64\ntoskrnl.exe
2013-04-10 14:00:43 3968856 ----a-w- C:\windows\SysWow64\ntkrnlpa.exe
2013-04-10 14:00:42 6656 ----a-w- C:\windows\SysWow64\apisetschema.dll
2013-04-10 14:00:42 43520 ----a-w- C:\windows\System32\csrsrv.dll
2013-04-10 14:00:42 112640 ----a-w- C:\windows\System32\smss.exe
2013-04-10 06:34:30 -------- d-----w- C:\Users\Dave\AppData\Local\{15D295CE-25FB-43B4-AA31-AF17E62F41B6}
2013-04-09 06:43:05 -------- d-----w- C:\Users\Dave\AppData\Local\{A079669B-5323-4D06-8C8D-F6BB0F6F2D7A}
2013-04-07 18:24:39 -------- d-----w- C:\Users\Dave\AppData\Local\{8D9B22FE-EA33-45DC-B1E0-3D54A2DAAB25}
2013-04-07 06:24:23 -------- d-----w- C:\Users\Dave\AppData\Local\{0C94C39A-7F0F-4352-A3FF-8C82F4942650}
2013-04-06 15:44:18 -------- d-----w- C:\Users\Dave\AppData\Local\{C1203D38-1B2A-4762-9663-F70D29C8C191}
2013-04-05 16:45:00 -------- d-----w- C:\Users\Dave\AppData\Local\{F305FA17-2B72-48AA-87E5-6E4638FD1D02}
2013-04-04 17:49:13 -------- d-----w- C:\Users\Dave\.swt
2013-04-04 17:47:37 -------- d-----w- C:\Upload
2013-04-04 17:47:31 -------- d-----w- C:\Users\Dave\AppData\Local\{C896FECB-3BE4-40B9-94DE-49AD6668067D}
2013-04-04 17:46:24 -------- d-----w- C:\Program Files\Samsung
2013-04-04 17:46:24 -------- d-----w- C:\AllShare Play
2013-04-03 05:00:19 -------- d-----w- C:\Users\Dave\AppData\Local\{156EB173-10F5-4FAF-9DAF-31F65B6A8E11}
2013-04-02 15:58:19 -------- d-----w- C:\Users\Dave\AppData\Local\{95A835B5-29E4-4639-9A73-EED93326EB76}
2013-04-02 03:58:04 -------- d-----w- C:\Users\Dave\AppData\Local\{1D08AEDD-0C97-4D35-A7E8-F4F4FD290FE4}
2013-04-01 12:32:13 -------- d-----w- C:\Users\Dave\AppData\Local\{D4A7D05D-FDD9-4D45-85E5-4C492A0836D9}
2013-03-30 03:25:01 -------- d-----w- C:\Users\Dave\AppData\Local\{D38AD429-4D87-4401-8F17-A79C204E38ED}
2013-03-29 03:35:25 -------- d-----w- C:\Users\Dave\AppData\Local\{423C6A64-F026-4A23-8120-6733F479EB60}
2013-03-28 11:09:44 -------- d-----w- C:\Users\Dave\AppData\Local\{A2D0377C-ADEB-431A-8AE5-9176C14022F6}
2013-03-27 12:44:46 -------- d-----w- C:\Users\Dave\AppData\Local\{6B267842-2B6A-4CF4-96E2-4DCB4E102E03}
2013-03-27 00:44:34 -------- d-----w- C:\Users\Dave\AppData\Local\{6447AF92-E6F7-4B38-822C-9393E6A202AE}
2013-03-26 12:44:24 -------- d-----w- C:\Users\Dave\AppData\Local\{1A717ED4-4084-4631-98DE-091F37802CB4}
2013-03-25 23:27:44 19968 ----a-w- C:\windows\System32\drivers\usb8023.sys
2013-03-25 19:35:10 -------- d-----w- C:\Users\Dave\AppData\Local\{47DF2E07-17F0-424F-96BB-F624B379349C}
2013-03-25 07:34:40 -------- d-----w- C:\Users\Dave\AppData\Local\{C05E5554-188D-4BFF-BA56-CC35C65FC757}
2013-03-24 14:23:53 -------- d-----w- C:\Users\Dave\AppData\Local\{A236EC90-D960-49AD-BEB6-2D60141D1F52}
2013-03-21 19:39:48 -------- d-----w- C:\Users\Dave\AppData\Local\{E2464B60-6E78-4241-A500-DA6D37E1FB71}
2013-03-21 07:39:38 -------- d-----w- C:\Users\Dave\AppData\Local\{CEF6C0A7-5642-44FE-BD0E-C913FB09617B}
2013-03-20 20:02:40 -------- d-----w- C:\Program Files\iPod
2013-03-20 20:02:39 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-03-20 20:02:39 -------- d-----w- C:\Program Files\iTunes
2013-03-20 20:02:39 -------- d-----w- C:\Program Files (x86)\iTunes
2013-03-20 15:58:57 -------- d-----w- C:\Users\Dave\AppData\Local\{151DA809-8968-41FF-9CE9-EC5080A840F2}
2013-03-19 16:53:33 -------- d-----w- C:\Users\Dave\AppData\Local\{400951DE-3F1B-47FD-A48D-D1BC1F765207}
2013-03-18 19:42:02 -------- d-----w- C:\Users\Dave\AppData\Local\{37EE71CE-6D76-4F69-95DE-AE9D26A0FB18}
2013-03-17 00:05:04 -------- d-----w- C:\Users\Dave\AppData\Local\{F7B61217-2BAC-4AA1-9D85-D91EA85D26B0}
2013-03-16 12:04:38 -------- d-----w- C:\Users\Dave\AppData\Local\{0BA67D99-17D3-493B-8FAF-E1A178DDBC8F}
.
==================== Find3M ====================
.
2013-04-11 06:38:32 71048 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-04-11 06:38:32 691592 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe
2013-04-04 13:50:32 25928 ----a-w- C:\windows\System32\drivers\mbam.sys
2013-03-12 00:10:56 282744 ------w- C:\windows\System32\MpSigStub.exe
2013-03-07 17:57:50 95648 ----a-w- C:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-03-07 17:57:49 861088 ----a-w- C:\windows\SysWow64\npDeployJava1.dll
2013-03-07 17:57:49 782240 ----a-w- C:\windows\SysWow64\deployJava1.dll
2013-03-06 23:33:21 70992 ----a-w- C:\windows\System32\drivers\aswRdr2.sys
2013-03-06 23:33:21 65336 ----a-w- C:\windows\System32\drivers\aswRvrt.sys
2013-03-06 23:33:21 178624 ----a-w- C:\windows\System32\drivers\aswVmm.sys
2013-03-06 23:33:21 1025808 ----a-w- C:\windows\System32\drivers\aswSnx.sys
2013-03-06 23:33:20 80816 ----a-w- C:\windows\System32\drivers\aswMonFlt.sys
2013-03-06 23:32:51 41664 ----a-w- C:\windows\avastSS.scr
2013-02-22 06:27:49 2312704 ----a-w- C:\windows\System32\jscript9.dll
2013-02-22 06:20:51 1392128 ----a-w- C:\windows\System32\wininet.dll
2013-02-22 06:19:37 1494528 ----a-w- C:\windows\System32\inetcpl.cpl
2013-02-22 06:15:48 173056 ----a-w- C:\windows\System32\ieUnatt.exe
2013-02-22 06:15:23 599040 ----a-w- C:\windows\System32\vbscript.dll
2013-02-22 06:12:41 2382848 ----a-w- C:\windows\System32\mshtml.tlb
2013-02-22 03:46:00 1800704 ----a-w- C:\windows\SysWow64\jscript9.dll
2013-02-22 03:38:00 1129472 ----a-w- C:\windows\SysWow64\wininet.dll
2013-02-22 03:37:50 1427968 ----a-w- C:\windows\SysWow64\inetcpl.cpl
2013-02-22 03:34:17 142848 ----a-w- C:\windows\SysWow64\ieUnatt.exe
2013-02-22 03:34:03 420864 ----a-w- C:\windows\SysWow64\vbscript.dll
2013-02-22 03:31:46 2382848 ----a-w- C:\windows\SysWow64\mshtml.tlb
2013-02-12 05:45:24 135168 ----a-w- C:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-02-12 05:45:22 350208 ----a-w- C:\windows\apppatch\AppPatch64\AcLayers.dll
2013-02-12 05:45:22 308736 ----a-w- C:\windows\apppatch\AppPatch64\AcGenral.dll
2013-02-12 05:45:22 111104 ----a-w- C:\windows\apppatch\AppPatch64\acspecfc.dll
2013-02-12 04:48:31 474112 ----a-w- C:\windows\apppatch\AcSpecfc.dll
2013-02-12 04:48:26 2176512 ----a-w- C:\windows\apppatch\AcGenral.dll
.
============= FINISH: 12:45:57.90 ===============
Thanks
Davy
I think I have a virus/malware etc. My PC is running slow and Spybot found entries but couldn't remove all of them (can't remember names).
I am normally very careful but think they maybe came from some pop-ups when I tried streaming football. I also have utorrent installed but I use a private torrent site that is invite only and never download brand new stuff until others have so all that stuff is safe. Also I have used that loads and never been any problems until I tired watching the football.
I have read the instructions so please find attached all the required info and I am unsure if I have an install DVD but don't think so:
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16476 BrowserJavaVersion: 10.17.2
Run by Dave at 12:45:13 on 2013-04-15
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.8082.5248 [GMT 1:00]
.
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\nvvsvc.exe
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\windows\system32\nvvsvc.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\windows\System32\spoolsv.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\AllShareFrameworkManagerDMS.exe
C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\AllShareFrameworkDMS.exe
C:\Program Files\Samsung\AllShare Play\AllShare Play Service.exe
C:\Program Files\Samsung\AllShare Play\AllShare Play Service.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\windows\SysWOW64\IoctlSvc.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\system32\taskhost.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
C:\windows\system32\ThpSrv.exe
C:\windows\system32\TODDSrv.exe
C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\TOSHIBA\TECO\TecoService.exe
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\system32\wbem\wmiprvse.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\ThpSrv.exe
C:\Windows\System32\igfxtray.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files (x86)\Windows Sidebar\sidebar.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\uTorrent\uTorrent.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
C:\windows\system32\svchost.exe -k SDRSVC
C:\windows\system32\SearchProtocolHost.exe
C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_169.exe
C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_169.exe
C:\windows\system32\SearchFilterHost.exe
C:\windows\servicing\TrustedInstaller.exe
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.searchqu.com/406
uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TEUA&bmod=TEUA
mWinlogon: Userinit = userinit.exe,
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: TOSHIBA Media Controller Plug-in: {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll
TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
uRun: [Sidebar] C:\Program Files (x86)\Windows Sidebar\sidebar.exe /autoRun
uRun: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
mRun: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
dRun: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STARTUP
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
IE: Free YouTube Download - C:\Users\Dave\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm
IE: Free YouTube to MP3 Converter - C:\Users\Dave\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll/cmsidewiki.html
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{00F3ECBC-8DC8-4ACA-917F-E473CE402533} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{00F3ECBC-8DC8-4ACA-917F-E473CE402533}\441667562E08993702960586F6E656 : DHCPNameServer = 109.249.185.224 109.249.186.32
TCP: Interfaces\{059D40D1-A959-4578-B5C7-8FBAD7562378} : NameServer = 88.82.13.28 88.82.13.28
TCP: Interfaces\{08C0E097-0034-4B04-A3BE-1B271AA41E5A} : NameServer = 88.82.13.60 88.82.13.60
TCP: Interfaces\{19F93077-6888-45AE-AAF6-AC7105FED242} : DHCPNameServer = 149.254.230.7 149.254.199.126
TCP: Interfaces\{5E0695D9-A120-4CE1-BD3C-265E460DEA69} : DHCPNameServer = 109.249.185.224 109.249.188.32
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs= C:\PROGRA~2\SEARCH~1\SEARCH~1\datamngr.dll C:\PROGRA~2\SEARCH~1\SEARCH~1\IEBHO.dll C:\windows\SysWOW64\nvinit.dll
SSODL: WebCheck - <orphaned>
x64-BHO: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: TOSHIBA Media Controller Plug-in: {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\x64\TOSHIBAMediaControllerIE.dll
x64-TB: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [ThpSrv] C:\windows\System32\thpsrv /logon
x64-Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe
x64-Run: [IgfxTray] C:\windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\windows\System32\igfxpers.exe
.
INFO: x64-HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
Hosts: 127.0.0.1 Spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\ukmp5vdf.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.co.uk/
FF - prefs.js: keyword.URL - hxxp://www.searchqu.com/web?src=ffb&appid=0&systemid=406&sr=0&q=
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Program Files\Samsung\AllShare Play\utils\npAllSharePlayPCPlugin.dll
FF - plugin: C:\Users\Dave\AppData\Roaming\TorrentStream\player\npts_plugin.dll
FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll
FF - plugin: C:\windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\windows\SysWOW64\npmproxy.dll
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;aswRvrt;C:\windows\System32\drivers\aswRvrt.sys [2013-3-14 65336]
R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;C:\windows\System32\drivers\iusb3hcs.sys [2012-1-28 16152]
R0 nvpciflt;nvpciflt;C:\windows\System32\drivers\nvpciflt.sys [2012-11-30 30056]
R0 Thpdrv;TOSHIBA HDD Protection Driver;C:\windows\System32\drivers\thpdrv.sys [2011-3-24 36992]
R0 Thpevm;TOSHIBA HDD Protection - Shock Sensor Driver;C:\windows\System32\drivers\Thpevm.sys [2009-6-30 14784]
R0 tos_sps64;TOSHIBA tos_sps64 Service;C:\windows\System32\drivers\tos_sps64.sys [2012-4-20 482384]
R1 aswSnx;aswSnx;C:\windows\System32\drivers\aswSnx.sys [2012-6-13 1025808]
R1 aswSP;aswSP;C:\windows\System32\drivers\aswSP.sys [2012-6-13 377920]
R2 {73526619-C24F-470B-9BED-53D455FBB5C6};Power Control [2012/11/30 11:04:14];C:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\000.fcl [2012-8-10 147704]
R2 AllShare Framework DMS;AllShare Framework DMS;C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\AllShareFrameworkManagerDMS.exe [2012-10-23 408184]
R2 AllShare Play Service;AllShare Play Service;C:\Program Files\Samsung\AllShare Play\AllShare Play Service.exe [2013-4-4 662600]
R2 aswFsBlk;aswFsBlk;C:\windows\System32\drivers\aswFsBlk.sys [2012-6-13 33400]
R2 aswMonFlt;aswMonFlt;C:\windows\System32\drivers\aswMonFlt.sys [2012-6-13 80816]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-3-14 45248]
R2 CLHNServiceForPowerDVD12;CLHNServiceForPowerDVD12;C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe [2012-11-30 90640]
R2 CyberLink PowerDVD 12 Media Server Monitor Service;CyberLink PowerDVD 12 Media Server Monitor Service;C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [2012-11-30 78352]
R2 CyberLink PowerDVD 12 Media Server Service;CyberLink PowerDVD 12 Media Server Service;C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [2012-11-30 295440]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-2-3 628448]
R2 Intel(R) ME Service;Intel(R) ME Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-4-20 128280]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [2012-4-20 161560]
R2 ntk_PowerDVD12;ntk_PowerDVD12;C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys [2012-11-30 83704]
R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2013-2-13 1153368]
R2 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO);C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [2011-2-10 112080]
R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;C:\Program Files\TOSHIBA\TECO\TecoService.exe [2012-2-10 295360]
R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;C:\windows\System32\drivers\TVALZFL.sys [2009-6-20 14472]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-4-20 363800]
R3 CeKbFilter;CeKbFilter;C:\windows\System32\drivers\CeKbFilter.sys [2012-4-20 20592]
R3 huawei_enumerator;huawei_enumerator;C:\windows\System32\drivers\ew_jubusenum.sys [2013-1-30 90112]
R3 IntcDAud;Intel(R) Display Audio;C:\windows\System32\drivers\IntcDAud.sys [2011-12-6 331264]
R3 iusb3hub;Intel(R) USB 3.0 Hub Driver;C:\windows\System32\drivers\iusb3hub.sys [2012-1-28 356120]
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;C:\windows\System32\drivers\iusb3xhc.sys [2012-1-28 787736]
R3 PGEffect;Pangu effect driver;C:\windows\System32\drivers\PGEffect.sys [2012-4-20 38096]
R3 RTL8167;Realtek 8167 NT Driver;C:\windows\System32\drivers\Rt64win7.sys [2012-4-20 677480]
R3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;C:\windows\System32\drivers\rtwlane.sys [2012-4-20 1082472]
R3 SmbDrv;SmbDrv;C:\windows\System32\drivers\Smb_driver.sys [2012-2-25 22800]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2011-11-26 138152]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 aswVmm;aswVmm;C:\windows\System32\drivers\aswVmm.sys [2013-3-14 178624]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;C:\windows\System32\drivers\ew_hwusbdev.sys [2013-1-30 117248]
S3 ew_usbenumfilter;huawei_CompositeFilter;C:\windows\System32\drivers\ew_usbenumfilter.sys [2013-1-30 13952]
S3 huawei_cdcacm;huawei_cdcacm;C:\windows\System32\drivers\ew_jucdcacm.sys [2013-1-30 104448]
S3 huawei_ext_ctrl;huawei_ext_ctrl;C:\windows\System32\drivers\ew_juextctrl.sys [2013-1-30 30720]
S3 huawei_wwanecm;huawei_wwanecm;C:\windows\System32\drivers\ew_juwwanecm.sys [2013-1-30 229376]
S3 Netaapl;Apple Mobile Device Ethernet Service;C:\windows\System32\drivers\netaapl64.sys [2012-3-26 22528]
S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\windows\System32\drivers\rdpvideominiport.sys [2013-2-2 19456]
S3 RSP2STOR;Realtek PCIE CardReader Driver - P2;C:\windows\System32\drivers\RtsP2Stor.sys [2012-4-20 259176]
S3 RtkBtFilter;Realtek Bluetooth Filter Driver;C:\windows\System32\drivers\RtkBtfilter.sys [2012-1-5 21096]
S3 TMachInfo;TMachInfo;C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2012-4-20 57216]
S3 TPCHSrv;TPCH Service;C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2011-12-14 833976]
S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2013-2-2 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\System32\drivers\TsUsbGD.sys [2013-2-2 30208]
S3 USBAAPL64;Apple Mobile USB Driver;C:\windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\System32\Wat\WatAdminSvc.exe [2012-6-15 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-23 57184]
.
=============== Created Last 30 ================
.
2013-04-15 00:23:13 -------- d-----w- C:\Users\Dave\AppData\Local\{42C0B184-396F-48DD-AE77-EFF23B47D10D}
2013-04-14 12:22:59 -------- d-----w- C:\Users\Dave\AppData\Local\{EDC08BD1-42CE-4408-990D-70DFB0992F58}
2013-04-13 10:25:27 -------- d-----w- C:\Users\Dave\AppData\Local\{93B1B727-56A0-446C-83ED-43D6C6F3AF20}
2013-04-12 06:46:58 -------- d-----w- C:\Users\Dave\AppData\Local\{739A0CEC-7650-4794-BE34-33EED81BE624}
2013-04-12 06:30:26 9311288 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{817CDEEA-8249-4D9B-A6FB-49D03220BF25}\mpengine.dll
2013-04-11 14:59:23 -------- d-----w- C:\Users\Dave\AppData\Local\{F083AE5C-84E6-401B-8484-7C9F8B029002}
2013-04-10 14:01:00 3153408 ----a-w- C:\windows\System32\win32k.sys
2013-04-10 14:00:59 1655656 ----a-w- C:\windows\System32\drivers\ntfs.sys
2013-04-10 14:00:56 223752 ----a-w- C:\windows\System32\drivers\fvevol.sys
2013-04-10 14:00:46 5550424 ----a-w- C:\windows\System32\ntoskrnl.exe
2013-04-10 14:00:44 3913560 ----a-w- C:\windows\SysWow64\ntoskrnl.exe
2013-04-10 14:00:43 3968856 ----a-w- C:\windows\SysWow64\ntkrnlpa.exe
2013-04-10 14:00:42 6656 ----a-w- C:\windows\SysWow64\apisetschema.dll
2013-04-10 14:00:42 43520 ----a-w- C:\windows\System32\csrsrv.dll
2013-04-10 14:00:42 112640 ----a-w- C:\windows\System32\smss.exe
2013-04-10 06:34:30 -------- d-----w- C:\Users\Dave\AppData\Local\{15D295CE-25FB-43B4-AA31-AF17E62F41B6}
2013-04-09 06:43:05 -------- d-----w- C:\Users\Dave\AppData\Local\{A079669B-5323-4D06-8C8D-F6BB0F6F2D7A}
2013-04-07 18:24:39 -------- d-----w- C:\Users\Dave\AppData\Local\{8D9B22FE-EA33-45DC-B1E0-3D54A2DAAB25}
2013-04-07 06:24:23 -------- d-----w- C:\Users\Dave\AppData\Local\{0C94C39A-7F0F-4352-A3FF-8C82F4942650}
2013-04-06 15:44:18 -------- d-----w- C:\Users\Dave\AppData\Local\{C1203D38-1B2A-4762-9663-F70D29C8C191}
2013-04-05 16:45:00 -------- d-----w- C:\Users\Dave\AppData\Local\{F305FA17-2B72-48AA-87E5-6E4638FD1D02}
2013-04-04 17:49:13 -------- d-----w- C:\Users\Dave\.swt
2013-04-04 17:47:37 -------- d-----w- C:\Upload
2013-04-04 17:47:31 -------- d-----w- C:\Users\Dave\AppData\Local\{C896FECB-3BE4-40B9-94DE-49AD6668067D}
2013-04-04 17:46:24 -------- d-----w- C:\Program Files\Samsung
2013-04-04 17:46:24 -------- d-----w- C:\AllShare Play
2013-04-03 05:00:19 -------- d-----w- C:\Users\Dave\AppData\Local\{156EB173-10F5-4FAF-9DAF-31F65B6A8E11}
2013-04-02 15:58:19 -------- d-----w- C:\Users\Dave\AppData\Local\{95A835B5-29E4-4639-9A73-EED93326EB76}
2013-04-02 03:58:04 -------- d-----w- C:\Users\Dave\AppData\Local\{1D08AEDD-0C97-4D35-A7E8-F4F4FD290FE4}
2013-04-01 12:32:13 -------- d-----w- C:\Users\Dave\AppData\Local\{D4A7D05D-FDD9-4D45-85E5-4C492A0836D9}
2013-03-30 03:25:01 -------- d-----w- C:\Users\Dave\AppData\Local\{D38AD429-4D87-4401-8F17-A79C204E38ED}
2013-03-29 03:35:25 -------- d-----w- C:\Users\Dave\AppData\Local\{423C6A64-F026-4A23-8120-6733F479EB60}
2013-03-28 11:09:44 -------- d-----w- C:\Users\Dave\AppData\Local\{A2D0377C-ADEB-431A-8AE5-9176C14022F6}
2013-03-27 12:44:46 -------- d-----w- C:\Users\Dave\AppData\Local\{6B267842-2B6A-4CF4-96E2-4DCB4E102E03}
2013-03-27 00:44:34 -------- d-----w- C:\Users\Dave\AppData\Local\{6447AF92-E6F7-4B38-822C-9393E6A202AE}
2013-03-26 12:44:24 -------- d-----w- C:\Users\Dave\AppData\Local\{1A717ED4-4084-4631-98DE-091F37802CB4}
2013-03-25 23:27:44 19968 ----a-w- C:\windows\System32\drivers\usb8023.sys
2013-03-25 19:35:10 -------- d-----w- C:\Users\Dave\AppData\Local\{47DF2E07-17F0-424F-96BB-F624B379349C}
2013-03-25 07:34:40 -------- d-----w- C:\Users\Dave\AppData\Local\{C05E5554-188D-4BFF-BA56-CC35C65FC757}
2013-03-24 14:23:53 -------- d-----w- C:\Users\Dave\AppData\Local\{A236EC90-D960-49AD-BEB6-2D60141D1F52}
2013-03-21 19:39:48 -------- d-----w- C:\Users\Dave\AppData\Local\{E2464B60-6E78-4241-A500-DA6D37E1FB71}
2013-03-21 07:39:38 -------- d-----w- C:\Users\Dave\AppData\Local\{CEF6C0A7-5642-44FE-BD0E-C913FB09617B}
2013-03-20 20:02:40 -------- d-----w- C:\Program Files\iPod
2013-03-20 20:02:39 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-03-20 20:02:39 -------- d-----w- C:\Program Files\iTunes
2013-03-20 20:02:39 -------- d-----w- C:\Program Files (x86)\iTunes
2013-03-20 15:58:57 -------- d-----w- C:\Users\Dave\AppData\Local\{151DA809-8968-41FF-9CE9-EC5080A840F2}
2013-03-19 16:53:33 -------- d-----w- C:\Users\Dave\AppData\Local\{400951DE-3F1B-47FD-A48D-D1BC1F765207}
2013-03-18 19:42:02 -------- d-----w- C:\Users\Dave\AppData\Local\{37EE71CE-6D76-4F69-95DE-AE9D26A0FB18}
2013-03-17 00:05:04 -------- d-----w- C:\Users\Dave\AppData\Local\{F7B61217-2BAC-4AA1-9D85-D91EA85D26B0}
2013-03-16 12:04:38 -------- d-----w- C:\Users\Dave\AppData\Local\{0BA67D99-17D3-493B-8FAF-E1A178DDBC8F}
.
==================== Find3M ====================
.
2013-04-11 06:38:32 71048 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-04-11 06:38:32 691592 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe
2013-04-04 13:50:32 25928 ----a-w- C:\windows\System32\drivers\mbam.sys
2013-03-12 00:10:56 282744 ------w- C:\windows\System32\MpSigStub.exe
2013-03-07 17:57:50 95648 ----a-w- C:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-03-07 17:57:49 861088 ----a-w- C:\windows\SysWow64\npDeployJava1.dll
2013-03-07 17:57:49 782240 ----a-w- C:\windows\SysWow64\deployJava1.dll
2013-03-06 23:33:21 70992 ----a-w- C:\windows\System32\drivers\aswRdr2.sys
2013-03-06 23:33:21 65336 ----a-w- C:\windows\System32\drivers\aswRvrt.sys
2013-03-06 23:33:21 178624 ----a-w- C:\windows\System32\drivers\aswVmm.sys
2013-03-06 23:33:21 1025808 ----a-w- C:\windows\System32\drivers\aswSnx.sys
2013-03-06 23:33:20 80816 ----a-w- C:\windows\System32\drivers\aswMonFlt.sys
2013-03-06 23:32:51 41664 ----a-w- C:\windows\avastSS.scr
2013-02-22 06:27:49 2312704 ----a-w- C:\windows\System32\jscript9.dll
2013-02-22 06:20:51 1392128 ----a-w- C:\windows\System32\wininet.dll
2013-02-22 06:19:37 1494528 ----a-w- C:\windows\System32\inetcpl.cpl
2013-02-22 06:15:48 173056 ----a-w- C:\windows\System32\ieUnatt.exe
2013-02-22 06:15:23 599040 ----a-w- C:\windows\System32\vbscript.dll
2013-02-22 06:12:41 2382848 ----a-w- C:\windows\System32\mshtml.tlb
2013-02-22 03:46:00 1800704 ----a-w- C:\windows\SysWow64\jscript9.dll
2013-02-22 03:38:00 1129472 ----a-w- C:\windows\SysWow64\wininet.dll
2013-02-22 03:37:50 1427968 ----a-w- C:\windows\SysWow64\inetcpl.cpl
2013-02-22 03:34:17 142848 ----a-w- C:\windows\SysWow64\ieUnatt.exe
2013-02-22 03:34:03 420864 ----a-w- C:\windows\SysWow64\vbscript.dll
2013-02-22 03:31:46 2382848 ----a-w- C:\windows\SysWow64\mshtml.tlb
2013-02-12 05:45:24 135168 ----a-w- C:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-02-12 05:45:22 350208 ----a-w- C:\windows\apppatch\AppPatch64\AcLayers.dll
2013-02-12 05:45:22 308736 ----a-w- C:\windows\apppatch\AppPatch64\AcGenral.dll
2013-02-12 05:45:22 111104 ----a-w- C:\windows\apppatch\AppPatch64\acspecfc.dll
2013-02-12 04:48:31 474112 ----a-w- C:\windows\apppatch\AcSpecfc.dll
2013-02-12 04:48:26 2176512 ----a-w- C:\windows\apppatch\AcGenral.dll
.
============= FINISH: 12:45:57.90 ===============
Thanks
Davy