mom26gr8kids
Posts: 574 +0
My computer is running all right, and so far no home page changes, but Avast has been blocking potentially harmful sites today. Nothing showing up on Avast, SAS and Malware Bytes found no threats either. I am including the logs from DDS just in case. I think I am okay and didn't get infected, but just want to make sure.
DDS Log
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.17028 BrowserJavaVersion: 10.60.2
Run by Kendra at 23:01:05 on 2014-07-20
Microsoft Windows 8 6.2.9200.0.1252.1.1033.18.5578.1527 [GMT -6:00]
.
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: COMODO Antivirus *Disabled/Outdated* {0C2D2636-923D-EE52-2A83-E643204A8275}
FW: COMODO Firewall *Enabled* {8F7746F7-FE68-E084-3B6C-7404A51E8FB3}
.
============== Running Processes ===============
.
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atiesrxx.exe
C:\Windows\system32\dwm.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\atieclxx.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\Program Files (x86)\Launch Manager\dsiwmis.exe
C:\Windows\system32\dashost.exe
C:\Program Files\Elantech\ETDService.exe
C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
C:\Program Files (x86)\NTI\Gateway MyBackup\IScheduleSvc.exe
C:\Windows\RfBtnSvc64.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
C:\Program Files (x86)\Nero\Update\NASvc.exe
C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\taskhostex.exe
C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
C:\Windows\Explorer.EXE
C:\Program Files\Elantech\ETDCtrl.exe
C:\Program Files (x86)\Launch Manager\LMutilps32.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files\Elantech\ETDCtrlHelper.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
C:\Program Files\Gateway\Gateway Power Management\ePowerTray.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
C:\Program Files (x86)\NTI\Gateway MyBackup\BackupManagerTray.exe
C:\Program Files (x86)\RadioController\RfBtnHelper.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Users\Kendra\Documents\RCA Detective\RCADetective.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\DoroPDFWriter\DoroServer.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files\Gateway\Gateway Power Management\ePowerSvc.exe
C:\Program Files\Gateway\Gateway Power Management\ePowerEvent.exe
C:\Program Files\COMODO\COMODO Internet Security\cis.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uSearch Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
mDefault_Page_URL = hxxp://www.google.com
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
uRun: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
uRun: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [RadioController] "C:\Program Files (x86)\RadioController\RfBtnHelper.exe" Start_Run
mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [DoroServer] C:\Program Files (x86)\DoroPDFWriter\DoroServer.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
StartupFolder: C:\Users\Kendra\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\RCADET~1.LNK - C:\Users\Kendra\Documents\RCA Detective\RCADetective.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\GATEWA~1.LNK - C:\Program Files (x86)\NTI\Gateway MyBackup\BackupManagerTray.exe
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: EnableSecureUIAPath = dword:1
IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\office15\onbttnie.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{3B38C2B9-E5C1-4A75-9EE1-F1892D0EC33C} : NameServer = 156.154.70.22,156.154.71.22
TCP: Interfaces\{3B38C2B9-E5C1-4A75-9EE1-F1892D0EC33C} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{3B38C2B9-E5C1-4A75-9EE1-F1892D0EC33C}\25F636B6751405D223 : NameServer = 156.154.70.22,156.154.71.22
TCP: Interfaces\{3B38C2B9-E5C1-4A75-9EE1-F1892D0EC33C}\25F636B6751405D223 : DHCPNameServer = 10.0.0.2
TCP: Interfaces\{3B38C2B9-E5C1-4A75-9EE1-F1892D0EC33C}\3456E647572797C496E6B693630323 : NameServer = 156.154.70.22,156.154.71.22
TCP: Interfaces\{3B38C2B9-E5C1-4A75-9EE1-F1892D0EC33C}\3456E647572797C496E6B693630323 : DHCPNameServer = 192.168.0.1 205.171.2.25
TCP: Interfaces\{3B38C2B9-E5C1-4A75-9EE1-F1892D0EC33C}\35F6C696467427F657E64637 : NameServer = 156.154.70.22,156.154.71.22
TCP: Interfaces\{3B38C2B9-E5C1-4A75-9EE1-F1892D0EC33C}\35F6C696467427F657E64637 : DHCPNameServer = 75.75.75.75 75.75.76.76 192.168.3.1
TCP: Interfaces\{3B38C2B9-E5C1-4A75-9EE1-F1892D0EC33C}\441444D20534F577962756C6563737 : NameServer = 156.154.70.22,156.154.71.22
TCP: Interfaces\{3B38C2B9-E5C1-4A75-9EE1-F1892D0EC33C}\441444D20534F577962756C6563737 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{3B38C2B9-E5C1-4A75-9EE1-F1892D0EC33C}\7416C6168797F53543F5143647966756F533638383 : NameServer = 156.154.70.22,156.154.71.22
TCP: Interfaces\{3B38C2B9-E5C1-4A75-9EE1-F1892D0EC33C}\7416C6168797F53543F5143647966756F533638383 : DHCPNameServer = 192.168.43.1
TCP: Interfaces\{93861460-374F-46E0-90B7-36421D29E88F} : NameServer = 156.154.70.22,156.154.71.22
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\msosb.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ochelper.dll
x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-Run: [ETDCtrl] C:\Program Files (x86)\Elantech\ETDCtrl.exe
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-mPolicies-Explorer: NoDrives = dword:0
x64-mPolicies-System: EnableSecureUIAPath = dword:1
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\onbttnie.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ochelper.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Kendra\AppData\Roaming\Mozilla\Firefox\Profiles\mw4f2lte.default-1404454475497\
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\7\NP_wtapp.dll
FF - plugin: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL
FF - plugin: C:\Users\Kendra\AppData\Local\Roblox\Versions\version-f77fe2742c314291\NPRobloxProxy.dll
FF - plugin: C:\Users\Kendra\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;avast! Revert;C:\Windows\System32\Drivers\aswRvrt.sys [2013-4-15 65776]
R0 aswVmm;avast! VM Monitor;C:\Windows\System32\Drivers\aswVmm.sys [2013-4-15 208416]
R1 aswSnx;aswSnx;C:\Windows\System32\Drivers\aswsnx.sys [2013-4-15 1039096]
R1 aswSP;aswSP;C:\Windows\System32\Drivers\aswsp.sys [2013-4-15 423240]
R1 cmderd;COMODO Internet Security Eradication Driver;C:\Windows\System32\Drivers\cmderd.sys [2013-1-16 23168]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;C:\Windows\System32\Drivers\cmdguard.sys [2013-1-16 748784]
R1 cmdhlp;COMODO Internet Security Helper Driver;C:\Windows\System32\Drivers\cmdhlp.sys [2013-1-16 37560]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2012-7-11 140672]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-12-27 239616]
R2 APXACC;AppEx Networks Accelerator LWF;C:\Windows\System32\Drivers\appexDrv.sys [2013-1-16 199008]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\Drivers\aswMonFlt.sys [2013-4-15 79184]
R2 aswStm;aswStm;C:\Windows\System32\Drivers\aswstm.sys [2013-12-26 85328]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-6-11 50344]
R2 ClickToRunSvc;Microsoft Office ClickToRun Service;C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe [2014-5-12 2356408]
R2 DsiWMIService;Dritek WMI Service;C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2012-12-27 350544]
R2 ETDService;Elan Service;C:\Program Files\Elantech\ETDService.exe [2012-12-27 100752]
R2 GamesAppIntegrationService;GamesAppIntegrationService;C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [2013-9-5 227904]
R2 Garmin Core Update Service;Garmin Core Update Service;C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [2013-11-8 250712]
R2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2013-1-16 2466448]
R2 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2011-11-25 687400]
R2 NTI IScheduleSvc;NTI IScheduleSvc;C:\Program Files (x86)\NTI\Gateway MyBackup\IScheduleSvc.exe [2012-11-2 259136]
R2 RfButtonDriverService;Dritek RF Button Command Service;C:\Windows\RfBtnSvc64.exe [2013-1-16 98160]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\Drivers\AtihdW86.sys [2012-12-27 91648]
R3 ePowerSvc;ePower Service;C:\Program Files\Gateway\Gateway Power Management\ePowerSvc.exe [2012-12-13 664288]
R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\System32\Drivers\ETD.sys [2012-12-27 331152]
R3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;C:\Windows\System32\Drivers\L1C63x64.sys [2012-12-27 118936]
R3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\Drivers\MBAMSwissArmy.sys [2014-6-14 122584]
R3 Ps2Kb2Hid;PS/2 Keyboard to HID Driver;C:\Windows\System32\Drivers\aPs2Kb2Hid.sys [2013-1-16 26736]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\System32\Drivers\RtsPStor.sys [2013-1-16 343696]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\Drivers\usbfilter.sys [2013-1-16 58536]
S2 aswHwid;avast! HardwareID;C:\Windows\System32\Drivers\aswHwid.sys [2014-6-11 29208]
S3 cmdvirth;COMODO Virtual Service Manager;C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2013-1-24 2264280]
S3 DeviceFastLaneService;Device Fast-lane Service;C:\Program Files\Gateway\Gateway Device Fast-lane\DeviceFastLaneSvc.exe [2012-11-16 469648]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\Drivers\ssudbus.sys [2014-1-22 108800]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;C:\Windows\System32\Drivers\rtwlane.sys [2012-6-29 1119232]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\Drivers\ssudmdm.sys [2014-1-22 206080]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784]
S3 WSDScan;WSD Scan Support;C:\Windows\System32\Drivers\WSDScan.sys [2012-12-27 23552]
S3 WUDFWpdMtp;WUDFWpdMtp;C:\Windows\System32\Drivers\WUDFRd.sys [2012-7-25 198656]
.
=============== Created Last 30 ================
.
2014-07-09 16:48:04 703968 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-07-09 16:48:04 105440 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-07-09 07:05:25 -------- d-s---w- C:\Windows\System32\CompatTel
2014-07-08 19:13:52 596480 ----a-w- C:\Windows\System32\qedit.dll
2014-07-08 19:13:52 497152 ----a-w- C:\Windows\SysWow64\qedit.dll
2014-07-07 02:06:03 253440 ----a-w- C:\Windows\System32\WUSettingsProvider.dll
2014-07-07 02:06:03 176640 ----a-w- C:\Windows\System32\storewuauth.dll
2014-07-07 02:06:03 1623040 ----a-w- C:\Windows\System32\wucltux.dll
2014-07-01 13:49:28 257704 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10243.bin
2014-06-27 05:29:29 98216 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2014-06-27 05:26:31 111016 ----a-w- C:\Windows\System32\WindowsAccessBridge-64.dll
2014-06-22 23:11:09 -------- d-----w- C:\Program Files (x86)\ESET
.
==================== Find3M ====================
.
2014-07-21 03:51:07 122584 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-06-30 22:42:56 394240 ----a-w- C:\Windows\System32\devinv.dll
2014-06-30 22:42:48 87552 ----a-w- C:\Windows\System32\aepic.dll
2014-06-30 22:42:48 702464 ----a-w- C:\Windows\System32\aepdu.dll
2014-06-28 03:35:04 556544 ----a-w- C:\Windows\System32\aeinv.dll
2014-06-19 02:12:11 2239488 ----a-w- C:\Windows\System32\wininet.dll
2014-06-19 02:12:02 915968 ----a-w- C:\Windows\System32\uxtheme.dll
2014-06-19 02:12:02 53760 ----a-w- C:\Windows\System32\UXInit.dll
2014-06-19 02:10:33 3959296 ----a-w- C:\Windows\System32\jscript9.dll
2014-06-19 02:10:28 67072 ----a-w- C:\Windows\System32\iesetup.dll
2014-06-19 02:10:28 136704 ----a-w- C:\Windows\System32\iesysprep.dll
2014-06-19 02:09:55 1508864 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-06-19 00:53:52 1766400 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-06-19 00:53:42 44032 ----a-w- C:\Windows\SysWow64\UXInit.dll
2014-06-19 00:52:46 2863616 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-06-19 00:52:42 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-06-19 00:52:42 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2014-06-19 00:52:19 1440768 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-06-19 00:33:44 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
2014-06-19 00:30:35 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-06-18 22:05:00 534528 ----a-w- C:\Windows\SysWow64\uxtheme.dll
2014-06-17 23:27:37 1440256 ----a-w- C:\Windows\SysWow64\osk.exe
2014-06-17 23:24:48 1557504 ----a-w- C:\Windows\System32\osk.exe
2014-06-12 00:57:04 85328 ----a-w- C:\Windows\System32\drivers\aswstm.sys
2014-06-12 00:57:04 1039096 ----a-w- C:\Windows\System32\drivers\aswsnx.sys
2014-06-12 00:56:33 208416 ----a-w- C:\Windows\System32\drivers\aswVmm.sys
2014-06-12 00:56:32 93568 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2014-06-12 00:56:32 79184 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2014-06-12 00:56:32 65776 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys
2014-06-12 00:56:32 29208 ----a-w- C:\Windows\System32\drivers\aswHwid.sys
2014-06-12 00:56:29 43152 ----a-w- C:\Windows\avastSS.scr
2014-06-11 04:18:14 4038144 ----a-w- C:\Windows\System32\win32k.sys
2014-06-02 22:33:45 265216 ----a-w- C:\Windows\System32\InkEd.dll
2014-05-29 23:31:26 452608 ----a-w- C:\Windows\SysWow64\SHCore.dll
2014-05-29 23:03:04 588288 ----a-w- C:\Windows\System32\SHCore.dll
2014-05-29 23:02:28 439808 ----a-w- C:\Windows\System32\lsm.dll
2014-05-29 23:02:27 1281536 ----a-w- C:\Windows\System32\lsasrv.dll
2014-05-29 22:24:46 576512 ----a-w- C:\Windows\System32\drivers\afd.sys
2014-05-12 13:26:14 64216 ----a-w- C:\Windows\System32\drivers\mwac.sys
2014-05-12 13:26:00 91352 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2014-05-12 13:25:56 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys
2014-05-03 06:34:30 6974808 ----a-w- C:\Windows\System32\ntoskrnl.exe
2014-05-03 06:33:02 1824808 ----a-w- C:\Windows\System32\ntdll.dll
2014-05-03 05:47:22 3246592 ----a-w- C:\Windows\System32\rdpcorets.dll
2014-05-03 04:51:57 1408976 ----a-w- C:\Windows\SysWow64\ntdll.dll
2014-05-03 03:34:54 235520 ----a-w- C:\Windows\System32\rdpudd.dll
2014-05-01 22:37:16 1023488 ----a-w- C:\Windows\System32\localspl.dll
2014-04-29 22:32:46 126464 ----a-w- C:\Windows\System32\Robocopy.exe
2014-04-29 22:32:07 1301504 ----a-w- C:\Windows\System32\gdi32.dll
2014-04-29 22:32:00 106496 ----a-w- C:\Windows\SysWow64\Robocopy.exe
2014-04-29 22:22:23 1023488 ----a-w- C:\Windows\SysWow64\gdi32.dll
2014-04-23 23:51:02 566784 ----a-w- C:\Windows\SysWow64\WSShared.dll
2014-04-23 23:51:02 124928 ----a-w- C:\Windows\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-04-23 23:38:47 693760 ----a-w- C:\Windows\System32\WSShared.dll
2014-04-23 23:38:47 163840 ----a-w- C:\Windows\System32\Windows.ApplicationModel.Store.TestingFramework.dll
.
============= FINISH: 23:03:14.69 ===============
DDS Log
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.17028 BrowserJavaVersion: 10.60.2
Run by Kendra at 23:01:05 on 2014-07-20
Microsoft Windows 8 6.2.9200.0.1252.1.1033.18.5578.1527 [GMT -6:00]
.
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: COMODO Antivirus *Disabled/Outdated* {0C2D2636-923D-EE52-2A83-E643204A8275}
FW: COMODO Firewall *Enabled* {8F7746F7-FE68-E084-3B6C-7404A51E8FB3}
.
============== Running Processes ===============
.
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atiesrxx.exe
C:\Windows\system32\dwm.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\atieclxx.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\Program Files (x86)\Launch Manager\dsiwmis.exe
C:\Windows\system32\dashost.exe
C:\Program Files\Elantech\ETDService.exe
C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
C:\Program Files (x86)\NTI\Gateway MyBackup\IScheduleSvc.exe
C:\Windows\RfBtnSvc64.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
C:\Program Files (x86)\Nero\Update\NASvc.exe
C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\taskhostex.exe
C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
C:\Windows\Explorer.EXE
C:\Program Files\Elantech\ETDCtrl.exe
C:\Program Files (x86)\Launch Manager\LMutilps32.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files\Elantech\ETDCtrlHelper.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
C:\Program Files\Gateway\Gateway Power Management\ePowerTray.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
C:\Program Files (x86)\NTI\Gateway MyBackup\BackupManagerTray.exe
C:\Program Files (x86)\RadioController\RfBtnHelper.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Users\Kendra\Documents\RCA Detective\RCADetective.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\DoroPDFWriter\DoroServer.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files\Gateway\Gateway Power Management\ePowerSvc.exe
C:\Program Files\Gateway\Gateway Power Management\ePowerEvent.exe
C:\Program Files\COMODO\COMODO Internet Security\cis.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uSearch Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
mDefault_Page_URL = hxxp://www.google.com
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
uRun: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
uRun: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [RadioController] "C:\Program Files (x86)\RadioController\RfBtnHelper.exe" Start_Run
mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [DoroServer] C:\Program Files (x86)\DoroPDFWriter\DoroServer.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
StartupFolder: C:\Users\Kendra\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\RCADET~1.LNK - C:\Users\Kendra\Documents\RCA Detective\RCADetective.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\GATEWA~1.LNK - C:\Program Files (x86)\NTI\Gateway MyBackup\BackupManagerTray.exe
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: EnableSecureUIAPath = dword:1
IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\office15\onbttnie.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{3B38C2B9-E5C1-4A75-9EE1-F1892D0EC33C} : NameServer = 156.154.70.22,156.154.71.22
TCP: Interfaces\{3B38C2B9-E5C1-4A75-9EE1-F1892D0EC33C} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{3B38C2B9-E5C1-4A75-9EE1-F1892D0EC33C}\25F636B6751405D223 : NameServer = 156.154.70.22,156.154.71.22
TCP: Interfaces\{3B38C2B9-E5C1-4A75-9EE1-F1892D0EC33C}\25F636B6751405D223 : DHCPNameServer = 10.0.0.2
TCP: Interfaces\{3B38C2B9-E5C1-4A75-9EE1-F1892D0EC33C}\3456E647572797C496E6B693630323 : NameServer = 156.154.70.22,156.154.71.22
TCP: Interfaces\{3B38C2B9-E5C1-4A75-9EE1-F1892D0EC33C}\3456E647572797C496E6B693630323 : DHCPNameServer = 192.168.0.1 205.171.2.25
TCP: Interfaces\{3B38C2B9-E5C1-4A75-9EE1-F1892D0EC33C}\35F6C696467427F657E64637 : NameServer = 156.154.70.22,156.154.71.22
TCP: Interfaces\{3B38C2B9-E5C1-4A75-9EE1-F1892D0EC33C}\35F6C696467427F657E64637 : DHCPNameServer = 75.75.75.75 75.75.76.76 192.168.3.1
TCP: Interfaces\{3B38C2B9-E5C1-4A75-9EE1-F1892D0EC33C}\441444D20534F577962756C6563737 : NameServer = 156.154.70.22,156.154.71.22
TCP: Interfaces\{3B38C2B9-E5C1-4A75-9EE1-F1892D0EC33C}\441444D20534F577962756C6563737 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{3B38C2B9-E5C1-4A75-9EE1-F1892D0EC33C}\7416C6168797F53543F5143647966756F533638383 : NameServer = 156.154.70.22,156.154.71.22
TCP: Interfaces\{3B38C2B9-E5C1-4A75-9EE1-F1892D0EC33C}\7416C6168797F53543F5143647966756F533638383 : DHCPNameServer = 192.168.43.1
TCP: Interfaces\{93861460-374F-46E0-90B7-36421D29E88F} : NameServer = 156.154.70.22,156.154.71.22
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\msosb.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ochelper.dll
x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-Run: [ETDCtrl] C:\Program Files (x86)\Elantech\ETDCtrl.exe
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-mPolicies-Explorer: NoDrives = dword:0
x64-mPolicies-System: EnableSecureUIAPath = dword:1
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\onbttnie.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ochelper.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Kendra\AppData\Roaming\Mozilla\Firefox\Profiles\mw4f2lte.default-1404454475497\
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\7\NP_wtapp.dll
FF - plugin: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL
FF - plugin: C:\Users\Kendra\AppData\Local\Roblox\Versions\version-f77fe2742c314291\NPRobloxProxy.dll
FF - plugin: C:\Users\Kendra\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;avast! Revert;C:\Windows\System32\Drivers\aswRvrt.sys [2013-4-15 65776]
R0 aswVmm;avast! VM Monitor;C:\Windows\System32\Drivers\aswVmm.sys [2013-4-15 208416]
R1 aswSnx;aswSnx;C:\Windows\System32\Drivers\aswsnx.sys [2013-4-15 1039096]
R1 aswSP;aswSP;C:\Windows\System32\Drivers\aswsp.sys [2013-4-15 423240]
R1 cmderd;COMODO Internet Security Eradication Driver;C:\Windows\System32\Drivers\cmderd.sys [2013-1-16 23168]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;C:\Windows\System32\Drivers\cmdguard.sys [2013-1-16 748784]
R1 cmdhlp;COMODO Internet Security Helper Driver;C:\Windows\System32\Drivers\cmdhlp.sys [2013-1-16 37560]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2012-7-11 140672]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-12-27 239616]
R2 APXACC;AppEx Networks Accelerator LWF;C:\Windows\System32\Drivers\appexDrv.sys [2013-1-16 199008]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\Drivers\aswMonFlt.sys [2013-4-15 79184]
R2 aswStm;aswStm;C:\Windows\System32\Drivers\aswstm.sys [2013-12-26 85328]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-6-11 50344]
R2 ClickToRunSvc;Microsoft Office ClickToRun Service;C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe [2014-5-12 2356408]
R2 DsiWMIService;Dritek WMI Service;C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2012-12-27 350544]
R2 ETDService;Elan Service;C:\Program Files\Elantech\ETDService.exe [2012-12-27 100752]
R2 GamesAppIntegrationService;GamesAppIntegrationService;C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [2013-9-5 227904]
R2 Garmin Core Update Service;Garmin Core Update Service;C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [2013-11-8 250712]
R2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2013-1-16 2466448]
R2 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2011-11-25 687400]
R2 NTI IScheduleSvc;NTI IScheduleSvc;C:\Program Files (x86)\NTI\Gateway MyBackup\IScheduleSvc.exe [2012-11-2 259136]
R2 RfButtonDriverService;Dritek RF Button Command Service;C:\Windows\RfBtnSvc64.exe [2013-1-16 98160]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\Drivers\AtihdW86.sys [2012-12-27 91648]
R3 ePowerSvc;ePower Service;C:\Program Files\Gateway\Gateway Power Management\ePowerSvc.exe [2012-12-13 664288]
R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\System32\Drivers\ETD.sys [2012-12-27 331152]
R3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;C:\Windows\System32\Drivers\L1C63x64.sys [2012-12-27 118936]
R3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\Drivers\MBAMSwissArmy.sys [2014-6-14 122584]
R3 Ps2Kb2Hid;PS/2 Keyboard to HID Driver;C:\Windows\System32\Drivers\aPs2Kb2Hid.sys [2013-1-16 26736]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\System32\Drivers\RtsPStor.sys [2013-1-16 343696]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\Drivers\usbfilter.sys [2013-1-16 58536]
S2 aswHwid;avast! HardwareID;C:\Windows\System32\Drivers\aswHwid.sys [2014-6-11 29208]
S3 cmdvirth;COMODO Virtual Service Manager;C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2013-1-24 2264280]
S3 DeviceFastLaneService;Device Fast-lane Service;C:\Program Files\Gateway\Gateway Device Fast-lane\DeviceFastLaneSvc.exe [2012-11-16 469648]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\Drivers\ssudbus.sys [2014-1-22 108800]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;C:\Windows\System32\Drivers\rtwlane.sys [2012-6-29 1119232]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\Drivers\ssudmdm.sys [2014-1-22 206080]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784]
S3 WSDScan;WSD Scan Support;C:\Windows\System32\Drivers\WSDScan.sys [2012-12-27 23552]
S3 WUDFWpdMtp;WUDFWpdMtp;C:\Windows\System32\Drivers\WUDFRd.sys [2012-7-25 198656]
.
=============== Created Last 30 ================
.
2014-07-09 16:48:04 703968 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-07-09 16:48:04 105440 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-07-09 07:05:25 -------- d-s---w- C:\Windows\System32\CompatTel
2014-07-08 19:13:52 596480 ----a-w- C:\Windows\System32\qedit.dll
2014-07-08 19:13:52 497152 ----a-w- C:\Windows\SysWow64\qedit.dll
2014-07-07 02:06:03 253440 ----a-w- C:\Windows\System32\WUSettingsProvider.dll
2014-07-07 02:06:03 176640 ----a-w- C:\Windows\System32\storewuauth.dll
2014-07-07 02:06:03 1623040 ----a-w- C:\Windows\System32\wucltux.dll
2014-07-01 13:49:28 257704 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10243.bin
2014-06-27 05:29:29 98216 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2014-06-27 05:26:31 111016 ----a-w- C:\Windows\System32\WindowsAccessBridge-64.dll
2014-06-22 23:11:09 -------- d-----w- C:\Program Files (x86)\ESET
.
==================== Find3M ====================
.
2014-07-21 03:51:07 122584 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-06-30 22:42:56 394240 ----a-w- C:\Windows\System32\devinv.dll
2014-06-30 22:42:48 87552 ----a-w- C:\Windows\System32\aepic.dll
2014-06-30 22:42:48 702464 ----a-w- C:\Windows\System32\aepdu.dll
2014-06-28 03:35:04 556544 ----a-w- C:\Windows\System32\aeinv.dll
2014-06-19 02:12:11 2239488 ----a-w- C:\Windows\System32\wininet.dll
2014-06-19 02:12:02 915968 ----a-w- C:\Windows\System32\uxtheme.dll
2014-06-19 02:12:02 53760 ----a-w- C:\Windows\System32\UXInit.dll
2014-06-19 02:10:33 3959296 ----a-w- C:\Windows\System32\jscript9.dll
2014-06-19 02:10:28 67072 ----a-w- C:\Windows\System32\iesetup.dll
2014-06-19 02:10:28 136704 ----a-w- C:\Windows\System32\iesysprep.dll
2014-06-19 02:09:55 1508864 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-06-19 00:53:52 1766400 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-06-19 00:53:42 44032 ----a-w- C:\Windows\SysWow64\UXInit.dll
2014-06-19 00:52:46 2863616 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-06-19 00:52:42 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-06-19 00:52:42 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2014-06-19 00:52:19 1440768 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-06-19 00:33:44 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
2014-06-19 00:30:35 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-06-18 22:05:00 534528 ----a-w- C:\Windows\SysWow64\uxtheme.dll
2014-06-17 23:27:37 1440256 ----a-w- C:\Windows\SysWow64\osk.exe
2014-06-17 23:24:48 1557504 ----a-w- C:\Windows\System32\osk.exe
2014-06-12 00:57:04 85328 ----a-w- C:\Windows\System32\drivers\aswstm.sys
2014-06-12 00:57:04 1039096 ----a-w- C:\Windows\System32\drivers\aswsnx.sys
2014-06-12 00:56:33 208416 ----a-w- C:\Windows\System32\drivers\aswVmm.sys
2014-06-12 00:56:32 93568 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2014-06-12 00:56:32 79184 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2014-06-12 00:56:32 65776 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys
2014-06-12 00:56:32 29208 ----a-w- C:\Windows\System32\drivers\aswHwid.sys
2014-06-12 00:56:29 43152 ----a-w- C:\Windows\avastSS.scr
2014-06-11 04:18:14 4038144 ----a-w- C:\Windows\System32\win32k.sys
2014-06-02 22:33:45 265216 ----a-w- C:\Windows\System32\InkEd.dll
2014-05-29 23:31:26 452608 ----a-w- C:\Windows\SysWow64\SHCore.dll
2014-05-29 23:03:04 588288 ----a-w- C:\Windows\System32\SHCore.dll
2014-05-29 23:02:28 439808 ----a-w- C:\Windows\System32\lsm.dll
2014-05-29 23:02:27 1281536 ----a-w- C:\Windows\System32\lsasrv.dll
2014-05-29 22:24:46 576512 ----a-w- C:\Windows\System32\drivers\afd.sys
2014-05-12 13:26:14 64216 ----a-w- C:\Windows\System32\drivers\mwac.sys
2014-05-12 13:26:00 91352 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2014-05-12 13:25:56 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys
2014-05-03 06:34:30 6974808 ----a-w- C:\Windows\System32\ntoskrnl.exe
2014-05-03 06:33:02 1824808 ----a-w- C:\Windows\System32\ntdll.dll
2014-05-03 05:47:22 3246592 ----a-w- C:\Windows\System32\rdpcorets.dll
2014-05-03 04:51:57 1408976 ----a-w- C:\Windows\SysWow64\ntdll.dll
2014-05-03 03:34:54 235520 ----a-w- C:\Windows\System32\rdpudd.dll
2014-05-01 22:37:16 1023488 ----a-w- C:\Windows\System32\localspl.dll
2014-04-29 22:32:46 126464 ----a-w- C:\Windows\System32\Robocopy.exe
2014-04-29 22:32:07 1301504 ----a-w- C:\Windows\System32\gdi32.dll
2014-04-29 22:32:00 106496 ----a-w- C:\Windows\SysWow64\Robocopy.exe
2014-04-29 22:22:23 1023488 ----a-w- C:\Windows\SysWow64\gdi32.dll
2014-04-23 23:51:02 566784 ----a-w- C:\Windows\SysWow64\WSShared.dll
2014-04-23 23:51:02 124928 ----a-w- C:\Windows\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-04-23 23:38:47 693760 ----a-w- C:\Windows\System32\WSShared.dll
2014-04-23 23:38:47 163840 ----a-w- C:\Windows\System32\Windows.ApplicationModel.Store.TestingFramework.dll
.
============= FINISH: 23:03:14.69 ===============