Hi,
I got a virus after downloading a program from what I thought was a reputable site. I noticed frequent pop-ups in my browser so I uninstalled the program as well as the crapware bundled with it. Performed quick scans with Malwarebytes and Avast but they didn't find anything. I then performed a scan using Spybot, which found and deleted a win32.downloader.gen virus but I'm not sure my computer is clean.
Here's the DDS:
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16476 BrowserJavaVersion: 10.21.2
Run by Shu at 18:47:08 on 2013-06-02
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3990.1514 [GMT 1:00]
.
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\windows\system32\taskhost.exe
C:\windows\system32\taskeng.exe
C:\windows\system32\Dwm.exe
C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\windows\system32\svchost.exe -k bthsvcs
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe
C:\Program Files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exe
C:\windows\SysWOW64\irstrtsv.exe
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\windows\system32\WLANExt.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\windows\system32\wbem\unsecapp.exe
C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
C:\Program Files\Elantech\ETDCtrl.exe
C:\Windows\WindowsMobile\wmdcBase.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\svchost.exe -k WindowsMobile
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Users\Shu\AppData\Local\Akamai\netsession_win.exe
C:\Users\Shu\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Users\Shu\AppData\Local\Akamai\netsession_win.exe
C:\Program Files\Elantech\ETDCtrlHelper.exe
C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe
C:\Program Files (x86)\Samsung\Easy Settings\SmartSetting.exe
C:\Program Files (x86)\Samsung\Easy Settings\EasySpeedUpManager.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\windows\system32\igfxext.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Samsung\Easy Support Center\SSCKbdHk.exe
C:\windows\system32\wuauclt.exe
C:\windows\explorer.exe
C:\Program Files (x86)\Pidgin\pidgin.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe
C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\windows\system32\SearchProtocolHost.exe
C:\windows\system32\SearchFilterHost.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://samsung.msn.com
uDefault_Page_URL = hxxp://samsung.msn.com
mStart Page = hxxp://samsung.msn.com
uURLSearchHooks: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - <orphaned>
mWinlogon: Userinit = userinit.exe
BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
uRun: [ISUSPM] "C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe" -scheduler
uRun: [Akamai NetSession Interface] "C:\Users\Shu\AppData\Local\Akamai\netsession_win.exe"
uRun: [Spotify Web Helper] "C:\Users\Shu\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
uRun: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mRun: [EasySpeedUpManager] C:\Program Files (x86)\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe
mRun: [EasySpeedUpManager2] C:\Program Files (x86)\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager2.exe /s
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
TCP: NameServer = 194.168.4.100 194.168.8.100
TCP: Interfaces\{2438484D-C1F3-4F3F-8EA3-FFADCA600F45} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{384F254A-6739-4C30-9FA9-F94704C4C409} : DHCPNameServer = 192.168.42.129
TCP: Interfaces\{7E2D1931-C405-4563-9AA2-E163B6DA1A54} : DHCPNameServer = 194.168.4.100 194.168.8.100
TCP: Interfaces\{7E2D1931-C405-4563-9AA2-E163B6DA1A54}\4514C4B44514C4B4D2131323039383 : DHCPNameServer = 192.168.1.1 192.168.1.1
TCP: Interfaces\{7E2D1931-C405-4563-9AA2-E163B6DA1A54}\56465727F616D6 : DHCPNameServer = 128.40.200.1 128.40.200.2
TCP: Interfaces\{7E2D1931-C405-4563-9AA2-E163B6DA1A54}\7596D264960225F657475627 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{7E2D1931-C405-4563-9AA2-E163B6DA1A54}\8505542594140245 : DHCPNameServer = 192.168.43.1
TCP: Interfaces\{7E2D1931-C405-4563-9AA2-E163B6DA1A54}\86F6473707F647 : DHCPNameServer = 8.8.8.8
TCP: Interfaces\{7E2D1931-C405-4563-9AA2-E163B6DA1A54}\B416C67237028507562796160235 : DHCPNameServer = 192.168.43.1
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-TB: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-Run: [IgfxTray] C:\windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\windows\System32\igfxpers.exe
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [ETDCtrl] C:\Program Files (x86)\Elantech\ETDCtrl.exe
x64-Run: [Windows Mobile-based device management] C:\windows\WindowsMobile\wmdcBase.exe
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Shu\AppData\Roaming\Mozilla\Firefox\Profiles\xpsrtw6c.default-1365611071075\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.co.uk/ig?hl=en
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101721.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll
FF - ExtSQL: 2013-04-10 17:27; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; C:\Users\Shu\AppData\Roaming\Mozilla\Firefox\Profiles\xpsrtw6c.default-1365611071075\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF - ExtSQL: 2013-04-10 17:27; {8b86149f-01fb-4842-9dd8-4d7eb02fd055}; C:\Users\Shu\AppData\Roaming\Mozilla\Firefox\Profiles\xpsrtw6c.default-1365611071075\extensions\{8b86149f-01fb-4842-9dd8-4d7eb02fd055}
FF - ExtSQL: 2013-04-10 17:38; {99B98C2C-7274-45a3-A640-D9DF1A1C8460}; C:\Users\Shu\AppData\Roaming\Mozilla\Firefox\Profiles\xpsrtw6c.default-1365611071075\extensions\{99B98C2C-7274-45a3-A640-D9DF1A1C8460}.xpi
FF - ExtSQL: 2013-04-10 17:38; foobar@unnecessarilylongurl.com; C:\Users\Shu\AppData\Roaming\Mozilla\Firefox\Profiles\xpsrtw6c.default-1365611071075\extensions\foobar@unnecessarilylongurl.com.xpi
FF - ExtSQL: 2013-04-10 18:42; superstop@gavinsharp.com; C:\Users\Shu\AppData\Roaming\Mozilla\Firefox\Profiles\xpsrtw6c.default-1365611071075\extensions\superstop@gavinsharp.com.xpi
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;aswRvrt;C:\windows\System32\drivers\aswRvrt.sys [2013-3-9 65336]
R0 aswVmm;aswVmm;C:\windows\System32\drivers\aswVmm.sys [2013-3-9 189936]
R0 excsd;ExpressCache Storage Filter Driver;C:\windows\System32\drivers\excsd.sys [2011-12-27 80688]
R0 stdflt;Disk Filter Driver for Accelerometer;C:\windows\System32\drivers\stdflt.sys [2011-12-27 19504]
R1 aswSnx;aswSnx;C:\windows\System32\drivers\aswSnx.sys [2012-8-22 1025808]
R1 aswSP;aswSP;C:\windows\System32\drivers\aswSP.sys [2012-8-22 378432]
R1 excfs;ExpressCache File System Filter Driver;C:\windows\System32\drivers\excfs.sys [2011-12-27 23344]
R1 SABI;SAMSUNG Kernel Driver For Windows 7;C:\windows\System32\drivers\SABI.sys [2011-12-27 13824]
R2 aswFsBlk;aswFsBlk;C:\windows\System32\drivers\aswFsBlk.sys [2012-8-22 33400]
R2 aswMonFlt;aswMonFlt;C:\windows\System32\drivers\aswMonFlt.sys [2012-8-22 80816]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-5-21 46808]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-10-18 936272]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2011-10-18 1001808]
R2 ExpressCache;ExpressCache;C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe [2011-9-23 79664]
R2 InstallFilterService;FF Install Filter Service;C:\Program Files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exe [2011-12-27 60928]
R2 irstrtsv;Intel(R) Rapid Start Technology Service;C:\Windows\SysWOW64\irstrtsv.exe [2011-12-27 184320]
R2 SamsungDeviceConfigurationWinService;SamsungDeviceConfiguration;C:\Program Files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe [2012-8-28 31624]
R2 SGDrv;SGDrv;C:\windows\System32\drivers\SGDrv64.sys [2011-12-27 7680]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-12-27 2656536]
R2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2012-4-17 2671376]
R3 asmthub3;ASMedia USB3 Hub Service;C:\windows\System32\drivers\asmthub3.sys [2011-6-2 128488]
R3 asmtxhci;ASMEDIA XHCI Service;C:\windows\System32\drivers\asmtxhci.sys [2011-6-2 401896]
R3 btmaux;Intel Bluetooth Auxiliary Service;C:\windows\System32\drivers\btmaux.sys [2011-8-30 53760]
R3 btmhsf;btmhsf;C:\windows\System32\drivers\btmhsf.sys [2011-10-11 288768]
R3 clwvd;CyberLink WebCam Virtual Driver;C:\windows\System32\drivers\clwvd.sys [2011-8-17 31216]
R3 ETD;Samsung PS/2 Port Input Device;C:\windows\System32\drivers\ETD.sys [2012-6-7 293712]
R3 iBtFltCoex;iBtFltCoex;C:\windows\System32\drivers\iBtFltCoex.sys [2011-10-11 59904]
R3 IntcDAud;Intel(R) Display Audio;C:\windows\System32\drivers\IntcDAud.sys [2011-8-23 317440]
R3 irstrtdv;Intel(R) Rapid Start Technology Driver;C:\windows\System32\drivers\irstrtdv.sys [2011-12-2 26504]
R3 iwdbus;IWD Bus Enumerator;C:\windows\System32\drivers\iwdbus.sys [2011-9-8 25496]
R3 RTL8167;Realtek 8167 NT Driver;C:\windows\System32\drivers\Rt64win7.sys [2011-12-27 533096]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2013-6-2 1153368]
S3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter;C:\windows\System32\drivers\AmpPal.sys [2012-3-1 195584]
S3 androidusb;ADB Interface Driver;C:\windows\System32\drivers\androidusb.sys [2010-4-29 32768]
S3 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2011-10-18 1354064]
S3 cpudrv64;cpudrv64;C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [2011-6-2 17864]
S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\windows\System32\drivers\intelaud.sys [2011-9-8 34200]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2012-4-17 273168]
S3 pwdrvio;pwdrvio;C:\windows\System32\pwdrvio.sys [2013-1-5 19032]
S3 pwdspio;pwdspio;C:\windows\System32\pwdspio.sys [2013-1-5 12384]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\windows\System32\drivers\rdpvideominiport.sys [2013-5-1 19456]
S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2013-5-1 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\System32\drivers\TsUsbGD.sys [2013-5-1 30208]
S3 USBAAPL64;Apple Mobile USB Driver;C:\windows\System32\drivers\usbaapl64.sys [2012-4-25 52736]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\System32\Wat\WatAdminSvc.exe [2012-8-20 1255736]
.
=============== File Associations ===============
.
FileExt: .js: jsfile="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\Dreamweaver.exe","%1"
ShellExec: dreamweaver.exe: Open="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\dreamweaver.exe", "%1"
.
=============== Created Last 30 ================
.
2013-06-02 16:47:16 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2013-06-02 16:47:16 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy
2013-06-01 15:38:29 -------- d-----w- C:\Program Files (x86)\pazera-software
2013-06-01 15:38:09 -------- d-----w- C:\Program Files (x86)\MyPC Backup
2013-06-01 14:09:27 -------- d--h--w- C:\ProgramData\CanonIJEGV
2013-06-01 14:08:54 -------- d-----w- C:\Program Files (x86)\Canon
2013-05-22 21:17:54 -------- d-----w- C:\Users\Shu\AppData\Local\backburner
2013-05-04 15:12:44 -------- d-----w- C:\Users\Shu\AppData\Roaming\calibre
2013-05-04 15:12:12 -------- d-----w- C:\Program Files (x86)\Calibre2
.
==================== Find3M ====================
.
2013-05-20 13:46:15 71048 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-05-20 13:46:15 692104 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe
2013-05-09 08:59:07 72016 ----a-w- C:\windows\System32\drivers\aswRdr2.sys
2013-05-09 08:59:07 65336 ----a-w- C:\windows\System32\drivers\aswRvrt.sys
2013-05-09 08:59:07 189936 ----a-w- C:\windows\System32\drivers\aswVmm.sys
2013-05-09 08:59:07 1025808 ----a-w- C:\windows\System32\drivers\aswSnx.sys
2013-05-09 08:59:06 80816 ----a-w- C:\windows\System32\drivers\aswMonFlt.sys
2013-05-09 08:58:37 41664 ----a-w- C:\windows\avastSS.scr
2013-04-12 14:45:08 1656680 ----a-w- C:\windows\System32\drivers\ntfs.sys
2013-04-04 13:50:32 25928 ----a-w- C:\windows\System32\drivers\mbam.sys
2013-04-04 04:35:05 95648 ----a-w- C:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-03-28 23:44:00 861088 ----a-w- C:\windows\SysWow64\npDeployJava1.dll
2013-03-28 23:44:00 782240 ----a-w- C:\windows\SysWow64\deployJava1.dll
2013-03-19 06:04:06 5550424 ----a-w- C:\windows\System32\ntoskrnl.exe
2013-03-19 05:46:56 43520 ----a-w- C:\windows\System32\csrsrv.dll
2013-03-19 05:04:13 3968856 ----a-w- C:\windows\SysWow64\ntkrnlpa.exe
2013-03-19 05:04:10 3913560 ----a-w- C:\windows\SysWow64\ntoskrnl.exe
2013-03-19 04:47:50 6656 ----a-w- C:\windows\SysWow64\apisetschema.dll
2013-03-19 03:06:33 112640 ----a-w- C:\windows\System32\smss.exe
2013-03-12 00:10:56 282744 ------w- C:\windows\System32\MpSigStub.exe
.
============= FINISH: 18:47:45.30 ===============
I got a virus after downloading a program from what I thought was a reputable site. I noticed frequent pop-ups in my browser so I uninstalled the program as well as the crapware bundled with it. Performed quick scans with Malwarebytes and Avast but they didn't find anything. I then performed a scan using Spybot, which found and deleted a win32.downloader.gen virus but I'm not sure my computer is clean.
Here's the DDS:
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16476 BrowserJavaVersion: 10.21.2
Run by Shu at 18:47:08 on 2013-06-02
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3990.1514 [GMT 1:00]
.
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\windows\system32\taskhost.exe
C:\windows\system32\taskeng.exe
C:\windows\system32\Dwm.exe
C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\windows\system32\svchost.exe -k bthsvcs
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe
C:\Program Files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exe
C:\windows\SysWOW64\irstrtsv.exe
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\windows\system32\WLANExt.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\windows\system32\wbem\unsecapp.exe
C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
C:\Program Files\Elantech\ETDCtrl.exe
C:\Windows\WindowsMobile\wmdcBase.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\svchost.exe -k WindowsMobile
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Users\Shu\AppData\Local\Akamai\netsession_win.exe
C:\Users\Shu\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Users\Shu\AppData\Local\Akamai\netsession_win.exe
C:\Program Files\Elantech\ETDCtrlHelper.exe
C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe
C:\Program Files (x86)\Samsung\Easy Settings\SmartSetting.exe
C:\Program Files (x86)\Samsung\Easy Settings\EasySpeedUpManager.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\windows\system32\igfxext.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Samsung\Easy Support Center\SSCKbdHk.exe
C:\windows\system32\wuauclt.exe
C:\windows\explorer.exe
C:\Program Files (x86)\Pidgin\pidgin.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe
C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\windows\system32\SearchProtocolHost.exe
C:\windows\system32\SearchFilterHost.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://samsung.msn.com
uDefault_Page_URL = hxxp://samsung.msn.com
mStart Page = hxxp://samsung.msn.com
uURLSearchHooks: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - <orphaned>
mWinlogon: Userinit = userinit.exe
BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
uRun: [ISUSPM] "C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe" -scheduler
uRun: [Akamai NetSession Interface] "C:\Users\Shu\AppData\Local\Akamai\netsession_win.exe"
uRun: [Spotify Web Helper] "C:\Users\Shu\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
uRun: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mRun: [EasySpeedUpManager] C:\Program Files (x86)\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe
mRun: [EasySpeedUpManager2] C:\Program Files (x86)\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager2.exe /s
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
TCP: NameServer = 194.168.4.100 194.168.8.100
TCP: Interfaces\{2438484D-C1F3-4F3F-8EA3-FFADCA600F45} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{384F254A-6739-4C30-9FA9-F94704C4C409} : DHCPNameServer = 192.168.42.129
TCP: Interfaces\{7E2D1931-C405-4563-9AA2-E163B6DA1A54} : DHCPNameServer = 194.168.4.100 194.168.8.100
TCP: Interfaces\{7E2D1931-C405-4563-9AA2-E163B6DA1A54}\4514C4B44514C4B4D2131323039383 : DHCPNameServer = 192.168.1.1 192.168.1.1
TCP: Interfaces\{7E2D1931-C405-4563-9AA2-E163B6DA1A54}\56465727F616D6 : DHCPNameServer = 128.40.200.1 128.40.200.2
TCP: Interfaces\{7E2D1931-C405-4563-9AA2-E163B6DA1A54}\7596D264960225F657475627 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{7E2D1931-C405-4563-9AA2-E163B6DA1A54}\8505542594140245 : DHCPNameServer = 192.168.43.1
TCP: Interfaces\{7E2D1931-C405-4563-9AA2-E163B6DA1A54}\86F6473707F647 : DHCPNameServer = 8.8.8.8
TCP: Interfaces\{7E2D1931-C405-4563-9AA2-E163B6DA1A54}\B416C67237028507562796160235 : DHCPNameServer = 192.168.43.1
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-TB: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-Run: [IgfxTray] C:\windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\windows\System32\igfxpers.exe
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [ETDCtrl] C:\Program Files (x86)\Elantech\ETDCtrl.exe
x64-Run: [Windows Mobile-based device management] C:\windows\WindowsMobile\wmdcBase.exe
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Shu\AppData\Roaming\Mozilla\Firefox\Profiles\xpsrtw6c.default-1365611071075\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.co.uk/ig?hl=en
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101721.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll
FF - ExtSQL: 2013-04-10 17:27; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; C:\Users\Shu\AppData\Roaming\Mozilla\Firefox\Profiles\xpsrtw6c.default-1365611071075\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF - ExtSQL: 2013-04-10 17:27; {8b86149f-01fb-4842-9dd8-4d7eb02fd055}; C:\Users\Shu\AppData\Roaming\Mozilla\Firefox\Profiles\xpsrtw6c.default-1365611071075\extensions\{8b86149f-01fb-4842-9dd8-4d7eb02fd055}
FF - ExtSQL: 2013-04-10 17:38; {99B98C2C-7274-45a3-A640-D9DF1A1C8460}; C:\Users\Shu\AppData\Roaming\Mozilla\Firefox\Profiles\xpsrtw6c.default-1365611071075\extensions\{99B98C2C-7274-45a3-A640-D9DF1A1C8460}.xpi
FF - ExtSQL: 2013-04-10 17:38; foobar@unnecessarilylongurl.com; C:\Users\Shu\AppData\Roaming\Mozilla\Firefox\Profiles\xpsrtw6c.default-1365611071075\extensions\foobar@unnecessarilylongurl.com.xpi
FF - ExtSQL: 2013-04-10 18:42; superstop@gavinsharp.com; C:\Users\Shu\AppData\Roaming\Mozilla\Firefox\Profiles\xpsrtw6c.default-1365611071075\extensions\superstop@gavinsharp.com.xpi
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;aswRvrt;C:\windows\System32\drivers\aswRvrt.sys [2013-3-9 65336]
R0 aswVmm;aswVmm;C:\windows\System32\drivers\aswVmm.sys [2013-3-9 189936]
R0 excsd;ExpressCache Storage Filter Driver;C:\windows\System32\drivers\excsd.sys [2011-12-27 80688]
R0 stdflt;Disk Filter Driver for Accelerometer;C:\windows\System32\drivers\stdflt.sys [2011-12-27 19504]
R1 aswSnx;aswSnx;C:\windows\System32\drivers\aswSnx.sys [2012-8-22 1025808]
R1 aswSP;aswSP;C:\windows\System32\drivers\aswSP.sys [2012-8-22 378432]
R1 excfs;ExpressCache File System Filter Driver;C:\windows\System32\drivers\excfs.sys [2011-12-27 23344]
R1 SABI;SAMSUNG Kernel Driver For Windows 7;C:\windows\System32\drivers\SABI.sys [2011-12-27 13824]
R2 aswFsBlk;aswFsBlk;C:\windows\System32\drivers\aswFsBlk.sys [2012-8-22 33400]
R2 aswMonFlt;aswMonFlt;C:\windows\System32\drivers\aswMonFlt.sys [2012-8-22 80816]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-5-21 46808]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-10-18 936272]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2011-10-18 1001808]
R2 ExpressCache;ExpressCache;C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe [2011-9-23 79664]
R2 InstallFilterService;FF Install Filter Service;C:\Program Files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exe [2011-12-27 60928]
R2 irstrtsv;Intel(R) Rapid Start Technology Service;C:\Windows\SysWOW64\irstrtsv.exe [2011-12-27 184320]
R2 SamsungDeviceConfigurationWinService;SamsungDeviceConfiguration;C:\Program Files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe [2012-8-28 31624]
R2 SGDrv;SGDrv;C:\windows\System32\drivers\SGDrv64.sys [2011-12-27 7680]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-12-27 2656536]
R2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2012-4-17 2671376]
R3 asmthub3;ASMedia USB3 Hub Service;C:\windows\System32\drivers\asmthub3.sys [2011-6-2 128488]
R3 asmtxhci;ASMEDIA XHCI Service;C:\windows\System32\drivers\asmtxhci.sys [2011-6-2 401896]
R3 btmaux;Intel Bluetooth Auxiliary Service;C:\windows\System32\drivers\btmaux.sys [2011-8-30 53760]
R3 btmhsf;btmhsf;C:\windows\System32\drivers\btmhsf.sys [2011-10-11 288768]
R3 clwvd;CyberLink WebCam Virtual Driver;C:\windows\System32\drivers\clwvd.sys [2011-8-17 31216]
R3 ETD;Samsung PS/2 Port Input Device;C:\windows\System32\drivers\ETD.sys [2012-6-7 293712]
R3 iBtFltCoex;iBtFltCoex;C:\windows\System32\drivers\iBtFltCoex.sys [2011-10-11 59904]
R3 IntcDAud;Intel(R) Display Audio;C:\windows\System32\drivers\IntcDAud.sys [2011-8-23 317440]
R3 irstrtdv;Intel(R) Rapid Start Technology Driver;C:\windows\System32\drivers\irstrtdv.sys [2011-12-2 26504]
R3 iwdbus;IWD Bus Enumerator;C:\windows\System32\drivers\iwdbus.sys [2011-9-8 25496]
R3 RTL8167;Realtek 8167 NT Driver;C:\windows\System32\drivers\Rt64win7.sys [2011-12-27 533096]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2013-6-2 1153368]
S3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter;C:\windows\System32\drivers\AmpPal.sys [2012-3-1 195584]
S3 androidusb;ADB Interface Driver;C:\windows\System32\drivers\androidusb.sys [2010-4-29 32768]
S3 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2011-10-18 1354064]
S3 cpudrv64;cpudrv64;C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [2011-6-2 17864]
S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\windows\System32\drivers\intelaud.sys [2011-9-8 34200]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2012-4-17 273168]
S3 pwdrvio;pwdrvio;C:\windows\System32\pwdrvio.sys [2013-1-5 19032]
S3 pwdspio;pwdspio;C:\windows\System32\pwdspio.sys [2013-1-5 12384]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\windows\System32\drivers\rdpvideominiport.sys [2013-5-1 19456]
S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2013-5-1 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\System32\drivers\TsUsbGD.sys [2013-5-1 30208]
S3 USBAAPL64;Apple Mobile USB Driver;C:\windows\System32\drivers\usbaapl64.sys [2012-4-25 52736]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\System32\Wat\WatAdminSvc.exe [2012-8-20 1255736]
.
=============== File Associations ===============
.
FileExt: .js: jsfile="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\Dreamweaver.exe","%1"
ShellExec: dreamweaver.exe: Open="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\dreamweaver.exe", "%1"
.
=============== Created Last 30 ================
.
2013-06-02 16:47:16 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2013-06-02 16:47:16 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy
2013-06-01 15:38:29 -------- d-----w- C:\Program Files (x86)\pazera-software
2013-06-01 15:38:09 -------- d-----w- C:\Program Files (x86)\MyPC Backup
2013-06-01 14:09:27 -------- d--h--w- C:\ProgramData\CanonIJEGV
2013-06-01 14:08:54 -------- d-----w- C:\Program Files (x86)\Canon
2013-05-22 21:17:54 -------- d-----w- C:\Users\Shu\AppData\Local\backburner
2013-05-04 15:12:44 -------- d-----w- C:\Users\Shu\AppData\Roaming\calibre
2013-05-04 15:12:12 -------- d-----w- C:\Program Files (x86)\Calibre2
.
==================== Find3M ====================
.
2013-05-20 13:46:15 71048 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-05-20 13:46:15 692104 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe
2013-05-09 08:59:07 72016 ----a-w- C:\windows\System32\drivers\aswRdr2.sys
2013-05-09 08:59:07 65336 ----a-w- C:\windows\System32\drivers\aswRvrt.sys
2013-05-09 08:59:07 189936 ----a-w- C:\windows\System32\drivers\aswVmm.sys
2013-05-09 08:59:07 1025808 ----a-w- C:\windows\System32\drivers\aswSnx.sys
2013-05-09 08:59:06 80816 ----a-w- C:\windows\System32\drivers\aswMonFlt.sys
2013-05-09 08:58:37 41664 ----a-w- C:\windows\avastSS.scr
2013-04-12 14:45:08 1656680 ----a-w- C:\windows\System32\drivers\ntfs.sys
2013-04-04 13:50:32 25928 ----a-w- C:\windows\System32\drivers\mbam.sys
2013-04-04 04:35:05 95648 ----a-w- C:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-03-28 23:44:00 861088 ----a-w- C:\windows\SysWow64\npDeployJava1.dll
2013-03-28 23:44:00 782240 ----a-w- C:\windows\SysWow64\deployJava1.dll
2013-03-19 06:04:06 5550424 ----a-w- C:\windows\System32\ntoskrnl.exe
2013-03-19 05:46:56 43520 ----a-w- C:\windows\System32\csrsrv.dll
2013-03-19 05:04:13 3968856 ----a-w- C:\windows\SysWow64\ntkrnlpa.exe
2013-03-19 05:04:10 3913560 ----a-w- C:\windows\SysWow64\ntoskrnl.exe
2013-03-19 04:47:50 6656 ----a-w- C:\windows\SysWow64\apisetschema.dll
2013-03-19 03:06:33 112640 ----a-w- C:\windows\System32\smss.exe
2013-03-12 00:10:56 282744 ------w- C:\windows\System32\MpSigStub.exe
.
============= FINISH: 18:47:45.30 ===============