Chronus
Posts: 118 +0
Hey, I've been having trouble with popup advertisements recently, and neither avast or malware bits have managed to deal with the issue.
It seems that each time I click on something wether in IE or FireFox I have a % chance of having a new tab opened up to an advertisement page. More recently, there are now in-page advertisements being added by some malware, where there normally isn't. For example, I have 3-4 extra advertisements labeled "ads not by this site" by YouTube as well as adds interrupting the videos which are not hosted by YouTube.
I used the HijackThis only to do a scan, I did not use it to perform any action.
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Database version: v2013.07.04.10
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16618
Kevin Felt :: KEVINFELT-LAP [administrator]
7/7/2013 5:30:50 PM
mbam-log-2013-07-07 (17-30-50).txt
Scan type: Full scan (C:\|D:\|E:\|F:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 542672
Time elapsed: 2 hour(s), 19 minute(s), 53 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 4
C:\Users\Kevin Felt\AppData\Local\Temp\CSM1A4.tmp (PUP.Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Users\Kevin Felt\AppData\Local\Temp\CSMD712.tmp (PUP.Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Users\Kevin Felt\AppData\Local\Temp\CSMFEED.tmp (PUP.Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Users\Kevin Felt\AppData\Local\Temp\pricepeep_130001_0101.exe (Adware.Agent) -> Quarantined and deleted successfully.
(end)
~~~~~~~~
ATTACH
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 6/10/2012 8:13:25 PM
System Uptime: 7/7/2013 7:58:06 PM (1 hours ago)
.
Motherboard: Dell Inc. | | 01HXXJ
Processor: Intel(R) Core(TM) i3-2330M CPU @ 2.20GHz | CPU 1 | 792/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 451 GiB total, 138.319 GiB free.
D: is CDROM ()
E: is CDROM (CDFS)
F: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP215: 7/4/2013 1:43:02 PM - Windows Update
RP216: 7/6/2013 3:00:18 AM - Windows Update
RP217: 7/7/2013 2:51:09 AM - Installed DirectX
RP218: 7/7/2013 6:03:36 PM - Installed HiJackThis
.
==== Installed Programs ======================
.
A Game of Dwarves
Accidental Damage Services Agreement
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.7)
Adobe Shockwave Player 11.6
Advanced Audio FX Engine
applicationupdater
Armada 2526
avast! Free Antivirus
Awesomenauts
Banctec Service Agreement
BioWare Premium Module: Neverwinter Nights(TM) Kingmaker
BitTorrent
Blio
Blood Bowl: Chaos Edition
Borderlands
Borderlands 2
Bundled software uninstaller
Castle Crashers
Chunky
Command and Conquer 3: Kane's Wrath
Command and Conquer 3: Tiberium Wars
Comodo Dragon
COMODO Internet Security
Complete Care Business Service Agreement
Consumer In-Home Service Agreement
Course Vector .minerva
Crystal Reports for Visual Studio
Cube World version 0.0.1
D3DX10
DAEMON Tools Lite
Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition
Dell DataSafe Local Backup
Dell Edoc Viewer
Dell Getting Started Guide
Dell Home Systems Service Agreement
Dell MusicStage
Dell PhotoStage
Dell Product Registration
Dell Touchpad
Dell VideoStage
Dell Webcam Central
Deus Ex: Game of the Year Edition
Deus Ex: Human Revolution
Deus Ex: Human Revolution - The Missing Link
Deus Ex: Invisible War
DirectX 9 Runtime
Dota 2
Dotfuscator Software Services - Community Edition
Dungeon Defenders
Dungeonland
DW WLAN Card
Editra 0.7.20
Ezvid
Fast Free Converter
FilesFrog Update Checker
FileZilla Client 3.7.0.2
Flash Decompiler Trillix
Game Dev Tycoon v1.3.9
gamelauncher-code4344-beta
gamelauncher-ps2-live
GameStop App
Garry's Mod
GeekBuddy
Google Chrome
Half-Life 2
HiJackThis
Hotfix for Microsoft Team Foundation Server 2010 Object Model - ENU (KB2813041)
Hotfix for Microsoft Visual Studio 2010 Professional - ENU (KB2529927)
Hotfix for Microsoft Visual Studio 2010 Professional - ENU (KB2542054)
Hotfix for Microsoft Visual Studio 2010 Professional - ENU (KB2548139)
Hotfix for Microsoft Visual Studio 2010 Professional - ENU (KB2549864)
Hotfix for Microsoft Visual Studio 2010 Professional - ENU (KB2635973)
Hotfix for Microsoft Visual Studio 2010 Professional - ENU (KB2813041)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2280741)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2284668)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2295689)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2420513)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2452649)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2455033)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2485545)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB982517)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB982721)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB983233)
HP Deskjet 3050A J611 series Basic Device Software
HP Product Detection
IDT Audio
Intel(R) Control Center
Intel(R) Management Engine Components
Intel(R) Processor Graphics
Intel(R) Rapid Storage Technology
IZArc 4.1.7
Java 7 Update 17 (64-bit)
Java 7 Update 25
Java Auto Updater
Junk Mail filter update
Knights of Pen and Paper
Lagarith lossless video codec (Remove Only)
League of Legends
Malwarebytes Anti-Malware version 1.75.0.1300
Mass Effect™ 3
Master of Orion
Master of Orion II
Mesh Runtime
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft .NET Framework 4 Multi-Targeting Pack
Microsoft Application Error Reporting
Microsoft ASP.NET MVC 2
Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools
Microsoft Help Viewer 1.1
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Office 32-bit Components 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared 32-bit MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Single Image 2010
Microsoft Office Word MUI (English) 2010
Microsoft Silverlight
Microsoft Silverlight 3 SDK
Microsoft Silverlight 4 SDK
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft SQL Server 2008 (64-bit)
Microsoft SQL Server 2008 Browser
Microsoft SQL Server 2008 Common Files
Microsoft SQL Server 2008 Database Engine Services
Microsoft SQL Server 2008 Database Engine Shared
Microsoft SQL Server 2008 Native Client
Microsoft SQL Server 2008 R2 Data-Tier Application Framework
Microsoft SQL Server 2008 R2 Data-Tier Application Project
Microsoft SQL Server 2008 R2 Management Objects
Microsoft SQL Server 2008 R2 Management Objects (x64)
Microsoft SQL Server 2008 R2 Transact-SQL Language Service
Microsoft SQL Server 2008 RsFx Driver
Microsoft SQL Server 2008 Setup Support Files
Microsoft SQL Server Compact 3.5 Design Tools ENU
Microsoft SQL Server Compact 3.5 SP2 ENU
Microsoft SQL Server Compact 3.5 SP2 x64 ENU
Microsoft SQL Server Database Publishing Wizard 1.4
Microsoft SQL Server System CLR Types
Microsoft SQL Server System CLR Types (x64)
Microsoft SQL Server VSS Writer
Microsoft Sync Framework Runtime v1.0 SP1 (x64)
Microsoft Sync Framework SDK v1.0 SP1
Microsoft Sync Framework Services v1.0 SP1 (x64)
Microsoft Sync Services for ADO.NET v2.0 SP1 (x64)
Microsoft Team Foundation Server 2010 Object Model - ENU
Microsoft Visual Basic 2008 Express Edition - ENU
Microsoft Visual C++ Compilers 2010 Standard - enu - x64
Microsoft Visual C++ Compilers 2010 Standard - enu - x86
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Designtime - 10.0.30319
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x64 Runtime - 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219
Microsoft Visual F# 2.0 Runtime
Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
Microsoft Visual Studio 2010 Office Developer Tools (x64)
Microsoft Visual Studio 2010 Professional - ENU
Microsoft Visual Studio 2010 Service Pack 1
Microsoft Visual Studio 2010 SharePoint Developer Tools
Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
Microsoft Visual Studio Macro Tools
Microsoft Windows SDK for Visual Studio 2008 Express Tools for .NET Framework
Microsoft Windows SDK for Visual Studio 2008 Express Tools for Win32
Microsoft Xbox 360 Accessories 1.2
Microsoft XNA Framework Redistributable 3.1
Microsoft XNA Framework Redistributable 4.0
Monaco
Mozilla Firefox 22.0 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Mumble 1.2.3
My Dell
MyITLab
MyITLab ActiveX Installer 2, 9, 8, 65535
MySQL Connector C++ 1.1.2
MySQL Connector J
MySQL Connector Net 6.6.5
MySQL Connector/ODBC 5.2(w)
MySQL Documents 5.6
MySQL Examples and Samples 5.6
MySQL For Excel 1.1.0
MySQL Installer
MySQL Notifier 1.0.3
MySQL Server 5.6
MySQL Workbench 5.2 CE
Natural Selection 2
Neverwinter
Neverwinter Nights
Notepad++
NVIDIA PhysX
Orcs Must Die!
Orcs Must Die! 2
Origin
Pando Media Booster
PDFCreator
PhotoShowExpress
PlanetSide 2
PlanetSide 2 Beta
PlayReady PC Runtime x86
Portal 2
Premium Service Agreement
Prison Architect
Python 3.3.2 (64-bit)
QualxServ Service Agreement
Quickset64
RBVirtualFolder64Inst
Realtek Ethernet Controller Driver
Realtek USB 2.0 Card Reader
Roxio Activation Module
Roxio BackOnTrack
Roxio Burn
Roxio Creator Starter
Roxio Express Labeler 3
Roxio File Backup
Scrolls
Secure Download Manager
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
Security Update for Microsoft Excel 2010 (KB2597126) 64-Bit Edition
Security Update for Microsoft Filter Pack 2.0 (KB2553501) 64-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2760406) 64-Bit Edition
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553096)
Security Update for Microsoft Office 2010 (KB2553371) 64-Bit Edition
Security Update for Microsoft Office 2010 (KB2553447) 64-Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 64-Bit Edition
Security Update for Microsoft Office 2010 (KB2598243) 64-Bit Edition
Security Update for Microsoft Office 2010 (KB2687501) 64-Bit Edition
Security Update for Microsoft Office 2010 (KB2687510) 64-Bit Edition
Security Update for Microsoft OneNote 2010 (KB2760600) 64-Bit Edition
Security Update for Microsoft Publisher 2010 (KB2553147) 64-Bit Edition
Security Update for Microsoft Visio 2010 (KB2810068) 64-Bit Edition
Security Update for Microsoft Visio Viewer 2010 (KB2687505) 64-Bit Edition
Security Update for Microsoft Visual Studio 2010 Professional - ENU (KB2644980)
Security Update for Microsoft Visual Studio 2010 Professional - ENU (KB2645410)
Security Update for Microsoft Visual Studio Macro Tools (KB2669970)
Security Update for Microsoft Word 2010 (KB2760410) 64-Bit Edition
Service Pack 3 for SQL Server 2008 (KB2546951) (64-bit)
Sid Meier's Civilization V
SimCity™
Sins of a Solar Empire
Sins of a Solar Empire - Diplomacy
Sins of a Solar Empire - Entrenchment
Sol Survivor
Sonic CinePlayer Decoder Pack
SPORE
SPORE Cute & Creepy Parts Pack
SPORE™ Creepy & Cute Parts Pack
Sql Server Customer Experience Improvement Program
StarCraft II
Steam
swMSM
System Requirements Lab CYRI
TeamSpeak 3 Client
Terraria
The Settlers II - 10th Anniversary
The Showdown Effect
Torchlight II
Towns
Trillian
Unepic
UnInstall Yogventures_Alpha_64bit
Unity Web Player
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2836939)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 64-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 64-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 64-Bit Edition
Update for Microsoft Office 2010 (KB2553378) 64-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2598242) 64-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 64-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition
Update for Microsoft Office 2010 (KB2767886) 64-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 64-Bit Edition
Update for Microsoft Outlook 2010 (KB2597090) 64-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 64-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 64-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2598240) 64-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 64-Bit Edition
VC Runtimes MSI
Ventrilo Client for Windows x64
Virtual Audio Cable 4.12
Visual Studio 2010 Prerequisites - English
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU
VLC media player 2.0.5
WCF RIA Services V1.0 SP1
Web Deployment Tool
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
WinRAR 4.11 (64-bit)
World of Warcraft
Xfire 2.0
Xfire Codec (remove only)
Zinio Reader 4
.
==== Event Viewer Messages From Past Week ========
.
7/7/2013 8:01:51 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Microsoft .NET Framework NGEN v4.0.30319_X64 service to connect.
7/7/2013 7:59:04 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: CFRMD
7/7/2013 1:56:22 PM, Error: Service Control Manager [7034] - The Audio Service service terminated unexpectedly. It has done this 1 time(s).
7/4/2013 5:50:08 AM, Error: Service Control Manager [7030] - The FastFreeConverterUpdt service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
7/2/2013 7:37:50 AM, Error: Service Control Manager [7034] - The COMODO Dragon Update Service service terminated unexpectedly. It has done this 1 time(s).
.
==== End Of File ===========================
DDS
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16611 BrowserJavaVersion: 10.25.2
Run by Kevin Felt at 20:07:35 on 2013-07-07
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4004.2403 [GMT -4:00]
.
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: COMODO Defense+ *Disabled/Updated* {FEEA52D5-051E-08DD-07EF-2F009097607D}
FW: COMODO Firewall *Disabled* {7DB03214-694B-060B-1600-BD4715C36DBB}
.
============== Running Processes ===============
.
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe
C:\windows\system32\svchost.exe -k RPCSS
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\windows\system32\WLANExt.exe
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\IDT\WDM\AESTSr64.exe
C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
C:\Program Files (x86)\Fast Free Converter\FastFreeConverterUpdt.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\system32\taskhost.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\windows\system32\SearchIndexer.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Trillian\trillian.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Comodo\GeekBuddy\unit_manager.exe
C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
C:\Program Files (x86)\Comodo\GeekBuddy\unit.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\windows\system32\sppsvc.exe
C:\windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Common Files\Steam\SteamService.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\windows\servicing\TrustedInstaller.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\SearchProtocolHost.exe
C:\windows\system32\SearchFilterHost.exe
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://myitlab.pearsoned.com/
uSearch Bar = Preserve
mWinlogon: Userinit = userinit.exe,
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Fast Free Converter 4.1: {8232785C-5C98-4A6E-B7B4-911FFBED7582} - C:\Program Files (x86)\Fast Free Converter\FastFreeConverter\FastFreeConverter.dll
BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
uRun: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
uRun: [EADM] "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
uRun: [AlcoholAutomount] "C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" -automount
uRun: [Google Update] "C:\Users\Kevin Felt\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun: [Dell Registration] C:\Program Files (x86)\System Registration\prodreg.exe /boot
mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [gbrspcontrol] "C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe" -controlservice -slave
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
StartupFolder: C:\Users\KEVINF~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Trillian.lnk - C:\Program Files (x86)\Trillian\trillian.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\STARTG~1.LNK - C:\Program Files (x86)\Comodo\GeekBuddy\launcher.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: myitlab.com
Trusted Zone: pearsoncmg.com
Trusted Zone: pearsoned.com
Trusted Zone: researchnavigator.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: NameServer = 10.0.0.1
TCP: Interfaces\{E4664713-1C56-4162-B566-AD8D964E228B} : NameServer = 68.94.156.1
TCP: Interfaces\{E4664713-1C56-4162-B566-AD8D964E228B} : DHCPNameServer = 10.0.0.1
TCP: Interfaces\{EC156190-9549-4308-B1D9-17E7519ABDAC} : NameServer = 8.26.56.26,156.154.70.22
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs= C:\windows\SysWOW64\guard32.dll
SSODL: WebCheck - <orphaned>
x64-BHO: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-TB: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-Run: [IgfxTray] C:\windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\windows\System32\igfxpers.exe
x64-Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
x64-Run: [Logitech Download Assistant] C:\windows\System32\rundll32.exe C:\windows\System32\LogiLDA.dll,LogiFetch
x64-Run: [XboxStat] "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Kevin Felt\AppData\Roaming\Mozilla\Firefox\Profiles\u0r0i02l.default\
FF - prefs.js: browser.startup.homepage - hxxp://74.125.225.176/
FF - prefs.js: network.proxy.type - 0
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Kevin Felt\AppData\Local\Google\Update\1.3.21.149\npGoogleUpdate3.dll
FF - plugin: C:\Users\Kevin Felt\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\Users\Kevin Felt\AppData\Roaming\Mozilla\Firefox\Profiles\u0r0i02l.default\extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2}\plugins\npAclmPlugin.dll
FF - plugin: C:\Users\Kevin Felt\AppData\Roaming\Mozilla\Firefox\Profiles\u0r0i02l.default\extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2}\plugins\npPitPlugin.dll
FF - plugin: C:\Users\Kevin Felt\AppData\Roaming\Mozilla\Firefox\Profiles\u0r0i02l.default\extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2}\plugins\npProductDetectPlugin.dll
FF - plugin: C:\windows\SysWOW64\Adobe\Director\np32dsw.dll
FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll
FF - plugin: C:\windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\windows\SysWOW64\npmproxy.dll
FF - ExtSQL: 2013-05-13 14:42; {ab91efd4-6975-4081-8552-1b3922ed79e2}; C:\Users\Kevin Felt\AppData\Roaming\Mozilla\Firefox\Profiles\u0r0i02l.default\extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2}
FF - ExtSQL: 2013-05-15 19:16; SQLiteManager@mrinalkant.blogspot.com; C:\Users\Kevin Felt\AppData\Roaming\Mozilla\Firefox\Profiles\u0r0i02l.default\extensions\SQLiteManager@mrinalkant.blogspot.com.xpi
.
---- FIREFOX POLICIES ----
FF - user.js: general.useragent.extra.brc -
.
.
.
.
============= SERVICES / DRIVERS ===============
.
R0 PxHlpa64;PxHlpa64;C:\windows\System32\drivers\PxHlpa64.sys [2012-1-19 55856]
R1 aswSnx;aswSnx;C:\windows\System32\drivers\aswSnx.sys [2012-6-10 984144]
R1 aswSP;aswSP;C:\windows\System32\drivers\aswSP.sys [2012-6-10 370288]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;C:\windows\System32\drivers\cmdGuard.sys [2012-3-11 577824]
R1 cmdHlp;COMODO Internet Security Helper Driver;C:\windows\System32\drivers\cmdhlp.sys [2012-3-11 43248]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\windows\System32\drivers\dtsoftbus01.sys [2013-6-25 283200]
R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2012-1-19 89600]
R2 aswFsBlk;aswFsBlk;C:\windows\System32\drivers\aswFsBlk.sys [2012-6-10 25232]
R2 aswMonFlt;aswMonFlt;C:\windows\System32\drivers\aswMonFlt.sys [2012-6-10 71600]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-11-18 44808]
R2 CLPSLauncher;COMODO LPS Launcher;C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe [2013-4-17 70344]
R2 DragonUpdater;COMODO Dragon Update Service;C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2013-6-20 2095752]
R2 FastFreeConverterUpdt;FastFreeConverterUpdt;C:\Program Files (x86)\Fast Free Converter\FastFreeConverterUpdt.exe [2012-11-26 687104]
R2 GeekBuddyRSP;GeekBuddyRSP Service;C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2013-4-17 1851088]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-1-19 13336]
R2 StarWindServiceAE;StarWind AE Service;C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-1-19 2656280]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\windows\System32\drivers\CtClsFlt.sys [2012-1-19 176096]
R3 EuMusDesignVirtualAudioCableWdm;Virtual Audio Cable (WDM);C:\windows\System32\drivers\vrtaucbl.sys [2013-6-2 101376]
R3 IntcDAud;Intel(R) Display Audio;C:\windows\System32\drivers\IntcDAud.sys [2012-1-19 317440]
R3 RTL8167;Realtek 8167 NT Driver;C:\windows\System32\drivers\Rt64win7.sys [2011-6-10 539240]
S2 AxAutoMntSrv;Alcohol Virtual Drive Auto-mount Service;C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [2012-1-5 75624]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 RoxWatch12;Roxio Hard Drive Watcher 12;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632]
S3 HP8207_8307;HP-HP8207_8307;C:\windows\System32\drivers\HP8207_8307.sys [2010-2-4 15360]
S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\windows\System32\drivers\rdpvideominiport.sys [2012-12-25 19456]
S3 RoxMediaDB12OEM;RoxMediaDB12OEM;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\windows\System32\drivers\RtsUStor.sys [2012-1-19 250984]
S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2012-12-25 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\System32\drivers\TsUsbGD.sys [2012-12-25 30208]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\System32\Wat\WatAdminSvc.exe [2012-6-10 1255736]
S3 XFDriver64;XFDriver64;C:\Program Files (x86)\Xfire2\XFDriver64.sys [2013-5-26 17160]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;C:\Program Files\Microsoft SQL Server\100\Shared\sqladhlp.exe [2009-7-22 61976]
S4 MySQL56;MySQL56;"C:\Program Files\MySQL\MySQL Server 5.6\bin\mysqld" --defaults-file="C:\ProgramData\MySQL\MySQL Server 5.6\my.ini" MySQL56 --> C:\Program Files\MySQL\MySQL Server 5.6\bin\mysqld [?]
S4 RsFx0105;RsFx0105 Driver;C:\windows\System32\drivers\RsFx0105.sys [2011-9-22 311144]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2011-9-22 431464]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2013-07-07 22:04:57 388096 ----a-r- C:\Users\Kevin Felt\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-07-07 22:04:56 -------- d-----w- C:\Program Files (x86)\Trend Micro
2013-07-07 19:13:41 -------- d-----w- C:\Users\Kevin Felt\AppData\Roaming\enchant
2013-07-07 19:13:41 -------- d-----w- C:\Users\Kevin Felt\AppData\Roaming\Editra
2013-07-07 19:13:31 -------- d-----w- C:\Program Files (x86)\Editra
2013-07-07 09:17:29 -------- d-----w- C:\Users\Kevin Felt\AppData\Roaming\unepic
2013-07-07 09:17:01 -------- d-----w- C:\Program Files (x86)\unepic
2013-07-07 07:17:48 -------- d-----w- C:\Users\Kevin Felt\AppData\Local\S2
2013-07-05 13:50:30 9552976 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{389651A1-EA60-493C-A254-7078F5A62657}\mpengine.dll
2013-07-04 18:48:17 -------- d-----w- C:\ProgramData\PreEmptive Solutions
2013-07-04 18:01:47 -------- d-----w- C:\ProgramData\VS
2013-07-04 17:53:49 73064 ----a-w- C:\windows\SysWow64\perf-MSSQL$SQLEXPRESS-sqlctr10.3.5500.0.dll
2013-07-04 17:53:49 109416 ----a-w- C:\windows\System32\perf-MSSQL$SQLEXPRESS-sqlctr10.3.5500.0.dll
2013-07-04 17:53:48 105832 ----a-w- C:\windows\System32\SQSRVRES.DLL
2013-07-04 17:20:30 -------- d-----w- C:\ProgramData\Picroma
2013-07-04 17:20:30 -------- d-----w- C:\Program Files (x86)\Cube World
2013-07-04 09:51:47 -------- d-----w- C:\Users\Kevin Felt\AppData\Local\Bundled software uninstaller
2013-07-04 09:51:10 -------- d-----w- C:\Users\Kevin Felt\AppData\Roaming\pdfforge
2013-07-04 09:51:04 137000 ----a-w- C:\windows\SysWow64\MSMAPI32.OCX
2013-07-04 09:51:03 65024 ----a-w- C:\windows\System32\pdfcmon.dll
2013-07-04 09:51:01 23552 ----a-w- C:\windows\SysWow64\MSMPIDE.DLL
2013-07-04 09:51:01 -------- d-----w- C:\Program Files (x86)\PDFCreator
2013-07-04 09:50:09 -------- d-----w- C:\Program Files (x86)\File Type Helper
2013-07-04 09:50:06 -------- d-----w- C:\Program Files (x86)\Fast Free Converter
2013-07-04 09:50:01 -------- d-----w- C:\Users\Kevin Felt\AppData\Local\FilesFrog Update Checker
2013-07-03 19:06:42 -------- d-----w- C:\Users\Kevin Felt\AppData\Roaming\.Freeland
2013-06-30 13:17:14 -------- d-----w- C:\Users\Kevin Felt\Bit
2013-06-30 13:14:02 -------- d-----w- C:\Users\Kevin Felt\AppData\Roaming\BitTorrent
2013-06-27 20:44:55 -------- d-----w- C:\Users\Kevin Felt\AppData\Local\Game Dev Tycoon
2013-06-27 20:43:53 -------- d-----w- C:\Program Files (x86)\1-click run
2013-06-27 20:19:39 56072 ----a-w- C:\windows\System32\certsentry.dll
2013-06-27 20:19:39 47368 ----a-w- C:\windows\SysWow64\certsentry.dll
2013-06-26 04:59:27 -------- d-----w- C:\Program Files (x86)\Knights of Pen and Paper
2013-06-26 02:24:14 283200 ----a-w- C:\windows\System32\drivers\dtsoftbus01.sys
2013-06-26 02:24:08 -------- d-----w- C:\Program Files (x86)\DAEMON Tools Lite
2013-06-26 02:04:38 96168 ----a-w- C:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-06-25 02:05:49 -------- d-----w- C:\Users\Kevin Felt\.chunky
2013-06-25 02:04:27 -------- d-----w- C:\Program Files (x86)\Chunky
2013-06-22 07:08:05 -------- d-----w- C:\Users\Kevin Felt\AppData\Roaming\com.shirogames.evoland
2013-06-16 07:02:01 2706432 ----a-w- C:\windows\System32\mshtml.tlb
2013-06-16 07:02:00 2706432 ----a-w- C:\windows\SysWow64\mshtml.tlb
2013-06-16 07:01:59 279040 ----a-w- C:\Program Files\Internet Explorer\sqmapi.dll
2013-06-16 07:01:59 218112 ----a-w- C:\Program Files (x86)\Internet Explorer\sqmapi.dll
2013-06-14 19:09:08 -------- d-----w- C:\Users\Kevin Felt\.idlerc
2013-06-14 19:06:56 -------- d-----w- C:\Python33
2013-06-13 08:31:12 -------- d-----w- C:\Users\Kevin Felt\AppData\Local\Introversion
2013-06-12 08:09:38 1910632 ----a-w- C:\windows\System32\drivers\tcpip.sys
2013-06-12 08:09:35 751104 ----a-w- C:\windows\System32\win32spl.dll
2013-06-12 08:09:35 492544 ----a-w- C:\windows\SysWow64\win32spl.dll
2013-06-12 08:09:21 30720 ----a-w- C:\windows\System32\cryptdlg.dll
2013-06-12 08:09:21 24576 ----a-w- C:\windows\SysWow64\cryptdlg.dll
2013-06-12 08:09:16 1424384 ----a-w- C:\windows\System32\WindowsCodecs.dll
2013-06-12 08:09:16 1230336 ----a-w- C:\windows\SysWow64\WindowsCodecs.dll
2013-06-12 08:08:42 903168 ----a-w- C:\windows\SysWow64\certutil.exe
2013-06-12 08:08:42 1192448 ----a-w- C:\windows\System32\certutil.exe
2013-06-12 08:08:39 1464320 ----a-w- C:\windows\System32\crypt32.dll
2013-06-12 08:08:37 1160192 ----a-w- C:\windows\SysWow64\crypt32.dll
2013-06-12 08:08:28 184320 ----a-w- C:\windows\System32\cryptsvc.dll
2013-06-12 08:08:28 139776 ----a-w- C:\windows\System32\cryptnet.dll
2013-06-12 08:08:27 103936 ----a-w- C:\windows\SysWow64\cryptnet.dll
2013-06-12 08:08:26 140288 ----a-w- C:\windows\SysWow64\cryptsvc.dll
2013-06-12 08:08:25 52224 ----a-w- C:\windows\System32\certenc.dll
2013-06-12 08:08:25 43008 ----a-w- C:\windows\SysWow64\certenc.dll
2013-06-12 08:08:15 1887232 ----a-w- C:\windows\System32\d3d11.dll
2013-06-12 08:08:14 1505280 ----a-w- C:\windows\SysWow64\d3d11.dll
.
==================== Find3M ====================
.
2013-06-26 02:04:14 867240 ----a-w- C:\windows\SysWow64\npDeployJava1.dll
2013-06-26 02:04:14 789416 ----a-w- C:\windows\SysWow64\deployJava1.dll
2013-06-12 23:59:53 71048 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-06-12 23:59:53 692104 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe
2013-06-02 07:01:46 101376 ----a-w- C:\windows\System32\drivers\vrtaucbl.sys
2013-05-24 06:41:27 753873 ----a-w- C:\windows\unins001.exe
2013-05-17 01:25:57 1767936 ----a-w- C:\windows\SysWow64\wininet.dll
2013-05-17 01:25:27 2877440 ----a-w- C:\windows\SysWow64\jscript9.dll
2013-05-17 01:25:26 61440 ----a-w- C:\windows\SysWow64\iesetup.dll
2013-05-17 01:25:26 109056 ----a-w- C:\windows\SysWow64\iesysprep.dll
2013-05-17 00:59:03 2241024 ----a-w- C:\windows\System32\wininet.dll
2013-05-17 00:58:10 3958784 ----a-w- C:\windows\System32\jscript9.dll
2013-05-17 00:58:08 67072 ----a-w- C:\windows\System32\iesetup.dll
2013-05-17 00:58:08 136704 ----a-w- C:\windows\System32\iesysprep.dll
2013-05-16 04:07:08 3920384 ----a-w- C:\windows\System32\python33.dll
2013-05-16 04:06:12 93696 ----a-w- C:\windows\py.exe
2013-05-16 04:06:10 94208 ----a-w- C:\windows\pyw.exe
2013-05-14 15:38:56 265976 ----a-w- C:\windows\SysWow64\BytescoutScreenCapturingFilter.dll
2013-05-14 15:38:56 175864 ----a-w- C:\windows\SysWow64\BytescoutVideoMixerFilter.dll
2013-05-14 15:38:54 438008 ----a-w- C:\windows\SysWow64\BytescoutScreenCapturing.dll
2013-05-14 12:23:25 89600 ----a-w- C:\windows\System32\RegisterIEPKEYs.exe
2013-05-14 08:40:13 71680 ----a-w- C:\windows\SysWow64\RegisterIEPKEYs.exe
2013-05-02 06:06:08 278800 ------w- C:\windows\System32\MpSigStub.exe
2013-04-13 05:49:23 135168 ----a-w- C:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-04-13 05:49:19 350208 ----a-w- C:\windows\apppatch\AppPatch64\AcLayers.dll
2013-04-13 05:49:19 308736 ----a-w- C:\windows\apppatch\AppPatch64\AcGenral.dll
2013-04-13 05:49:19 111104 ----a-w- C:\windows\apppatch\AppPatch64\acspecfc.dll
2013-04-13 04:45:16 474624 ----a-w- C:\windows\apppatch\AcSpecfc.dll
2013-04-13 04:45:15 2176512 ----a-w- C:\windows\apppatch\AcGenral.dll
2013-04-12 14:45:08 1656680 ----a-w- C:\windows\System32\drivers\ntfs.sys
2013-04-10 06:01:54 265064 ----a-w- C:\windows\System32\drivers\dxgmms1.sys
2013-04-10 06:01:53 983400 ----a-w- C:\windows\System32\drivers\dxgkrnl.sys
2013-04-10 03:30:50 3153920 ----a-w- C:\windows\System32\win32k.sys
.
============= FINISH: 20:08:26.98 ===============
It seems that each time I click on something wether in IE or FireFox I have a % chance of having a new tab opened up to an advertisement page. More recently, there are now in-page advertisements being added by some malware, where there normally isn't. For example, I have 3-4 extra advertisements labeled "ads not by this site" by YouTube as well as adds interrupting the videos which are not hosted by YouTube.
I used the HijackThis only to do a scan, I did not use it to perform any action.
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Database version: v2013.07.04.10
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16618
Kevin Felt :: KEVINFELT-LAP [administrator]
7/7/2013 5:30:50 PM
mbam-log-2013-07-07 (17-30-50).txt
Scan type: Full scan (C:\|D:\|E:\|F:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 542672
Time elapsed: 2 hour(s), 19 minute(s), 53 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 4
C:\Users\Kevin Felt\AppData\Local\Temp\CSM1A4.tmp (PUP.Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Users\Kevin Felt\AppData\Local\Temp\CSMD712.tmp (PUP.Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Users\Kevin Felt\AppData\Local\Temp\CSMFEED.tmp (PUP.Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Users\Kevin Felt\AppData\Local\Temp\pricepeep_130001_0101.exe (Adware.Agent) -> Quarantined and deleted successfully.
(end)
~~~~~~~~
ATTACH
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 6/10/2012 8:13:25 PM
System Uptime: 7/7/2013 7:58:06 PM (1 hours ago)
.
Motherboard: Dell Inc. | | 01HXXJ
Processor: Intel(R) Core(TM) i3-2330M CPU @ 2.20GHz | CPU 1 | 792/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 451 GiB total, 138.319 GiB free.
D: is CDROM ()
E: is CDROM (CDFS)
F: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP215: 7/4/2013 1:43:02 PM - Windows Update
RP216: 7/6/2013 3:00:18 AM - Windows Update
RP217: 7/7/2013 2:51:09 AM - Installed DirectX
RP218: 7/7/2013 6:03:36 PM - Installed HiJackThis
.
==== Installed Programs ======================
.
A Game of Dwarves
Accidental Damage Services Agreement
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.7)
Adobe Shockwave Player 11.6
Advanced Audio FX Engine
applicationupdater
Armada 2526
avast! Free Antivirus
Awesomenauts
Banctec Service Agreement
BioWare Premium Module: Neverwinter Nights(TM) Kingmaker
BitTorrent
Blio
Blood Bowl: Chaos Edition
Borderlands
Borderlands 2
Bundled software uninstaller
Castle Crashers
Chunky
Command and Conquer 3: Kane's Wrath
Command and Conquer 3: Tiberium Wars
Comodo Dragon
COMODO Internet Security
Complete Care Business Service Agreement
Consumer In-Home Service Agreement
Course Vector .minerva
Crystal Reports for Visual Studio
Cube World version 0.0.1
D3DX10
DAEMON Tools Lite
Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition
Dell DataSafe Local Backup
Dell Edoc Viewer
Dell Getting Started Guide
Dell Home Systems Service Agreement
Dell MusicStage
Dell PhotoStage
Dell Product Registration
Dell Touchpad
Dell VideoStage
Dell Webcam Central
Deus Ex: Game of the Year Edition
Deus Ex: Human Revolution
Deus Ex: Human Revolution - The Missing Link
Deus Ex: Invisible War
DirectX 9 Runtime
Dota 2
Dotfuscator Software Services - Community Edition
Dungeon Defenders
Dungeonland
DW WLAN Card
Editra 0.7.20
Ezvid
Fast Free Converter
FilesFrog Update Checker
FileZilla Client 3.7.0.2
Flash Decompiler Trillix
Game Dev Tycoon v1.3.9
gamelauncher-code4344-beta
gamelauncher-ps2-live
GameStop App
Garry's Mod
GeekBuddy
Google Chrome
Half-Life 2
HiJackThis
Hotfix for Microsoft Team Foundation Server 2010 Object Model - ENU (KB2813041)
Hotfix for Microsoft Visual Studio 2010 Professional - ENU (KB2529927)
Hotfix for Microsoft Visual Studio 2010 Professional - ENU (KB2542054)
Hotfix for Microsoft Visual Studio 2010 Professional - ENU (KB2548139)
Hotfix for Microsoft Visual Studio 2010 Professional - ENU (KB2549864)
Hotfix for Microsoft Visual Studio 2010 Professional - ENU (KB2635973)
Hotfix for Microsoft Visual Studio 2010 Professional - ENU (KB2813041)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2280741)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2284668)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2295689)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2420513)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2452649)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2455033)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2485545)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB982517)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB982721)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB983233)
HP Deskjet 3050A J611 series Basic Device Software
HP Product Detection
IDT Audio
Intel(R) Control Center
Intel(R) Management Engine Components
Intel(R) Processor Graphics
Intel(R) Rapid Storage Technology
IZArc 4.1.7
Java 7 Update 17 (64-bit)
Java 7 Update 25
Java Auto Updater
Junk Mail filter update
Knights of Pen and Paper
Lagarith lossless video codec (Remove Only)
League of Legends
Malwarebytes Anti-Malware version 1.75.0.1300
Mass Effect™ 3
Master of Orion
Master of Orion II
Mesh Runtime
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft .NET Framework 4 Multi-Targeting Pack
Microsoft Application Error Reporting
Microsoft ASP.NET MVC 2
Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools
Microsoft Help Viewer 1.1
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Office 32-bit Components 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared 32-bit MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Single Image 2010
Microsoft Office Word MUI (English) 2010
Microsoft Silverlight
Microsoft Silverlight 3 SDK
Microsoft Silverlight 4 SDK
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft SQL Server 2008 (64-bit)
Microsoft SQL Server 2008 Browser
Microsoft SQL Server 2008 Common Files
Microsoft SQL Server 2008 Database Engine Services
Microsoft SQL Server 2008 Database Engine Shared
Microsoft SQL Server 2008 Native Client
Microsoft SQL Server 2008 R2 Data-Tier Application Framework
Microsoft SQL Server 2008 R2 Data-Tier Application Project
Microsoft SQL Server 2008 R2 Management Objects
Microsoft SQL Server 2008 R2 Management Objects (x64)
Microsoft SQL Server 2008 R2 Transact-SQL Language Service
Microsoft SQL Server 2008 RsFx Driver
Microsoft SQL Server 2008 Setup Support Files
Microsoft SQL Server Compact 3.5 Design Tools ENU
Microsoft SQL Server Compact 3.5 SP2 ENU
Microsoft SQL Server Compact 3.5 SP2 x64 ENU
Microsoft SQL Server Database Publishing Wizard 1.4
Microsoft SQL Server System CLR Types
Microsoft SQL Server System CLR Types (x64)
Microsoft SQL Server VSS Writer
Microsoft Sync Framework Runtime v1.0 SP1 (x64)
Microsoft Sync Framework SDK v1.0 SP1
Microsoft Sync Framework Services v1.0 SP1 (x64)
Microsoft Sync Services for ADO.NET v2.0 SP1 (x64)
Microsoft Team Foundation Server 2010 Object Model - ENU
Microsoft Visual Basic 2008 Express Edition - ENU
Microsoft Visual C++ Compilers 2010 Standard - enu - x64
Microsoft Visual C++ Compilers 2010 Standard - enu - x86
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Designtime - 10.0.30319
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x64 Runtime - 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219
Microsoft Visual F# 2.0 Runtime
Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
Microsoft Visual Studio 2010 Office Developer Tools (x64)
Microsoft Visual Studio 2010 Professional - ENU
Microsoft Visual Studio 2010 Service Pack 1
Microsoft Visual Studio 2010 SharePoint Developer Tools
Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
Microsoft Visual Studio Macro Tools
Microsoft Windows SDK for Visual Studio 2008 Express Tools for .NET Framework
Microsoft Windows SDK for Visual Studio 2008 Express Tools for Win32
Microsoft Xbox 360 Accessories 1.2
Microsoft XNA Framework Redistributable 3.1
Microsoft XNA Framework Redistributable 4.0
Monaco
Mozilla Firefox 22.0 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Mumble 1.2.3
My Dell
MyITLab
MyITLab ActiveX Installer 2, 9, 8, 65535
MySQL Connector C++ 1.1.2
MySQL Connector J
MySQL Connector Net 6.6.5
MySQL Connector/ODBC 5.2(w)
MySQL Documents 5.6
MySQL Examples and Samples 5.6
MySQL For Excel 1.1.0
MySQL Installer
MySQL Notifier 1.0.3
MySQL Server 5.6
MySQL Workbench 5.2 CE
Natural Selection 2
Neverwinter
Neverwinter Nights
Notepad++
NVIDIA PhysX
Orcs Must Die!
Orcs Must Die! 2
Origin
Pando Media Booster
PDFCreator
PhotoShowExpress
PlanetSide 2
PlanetSide 2 Beta
PlayReady PC Runtime x86
Portal 2
Premium Service Agreement
Prison Architect
Python 3.3.2 (64-bit)
QualxServ Service Agreement
Quickset64
RBVirtualFolder64Inst
Realtek Ethernet Controller Driver
Realtek USB 2.0 Card Reader
Roxio Activation Module
Roxio BackOnTrack
Roxio Burn
Roxio Creator Starter
Roxio Express Labeler 3
Roxio File Backup
Scrolls
Secure Download Manager
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
Security Update for Microsoft Excel 2010 (KB2597126) 64-Bit Edition
Security Update for Microsoft Filter Pack 2.0 (KB2553501) 64-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2760406) 64-Bit Edition
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553096)
Security Update for Microsoft Office 2010 (KB2553371) 64-Bit Edition
Security Update for Microsoft Office 2010 (KB2553447) 64-Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 64-Bit Edition
Security Update for Microsoft Office 2010 (KB2598243) 64-Bit Edition
Security Update for Microsoft Office 2010 (KB2687501) 64-Bit Edition
Security Update for Microsoft Office 2010 (KB2687510) 64-Bit Edition
Security Update for Microsoft OneNote 2010 (KB2760600) 64-Bit Edition
Security Update for Microsoft Publisher 2010 (KB2553147) 64-Bit Edition
Security Update for Microsoft Visio 2010 (KB2810068) 64-Bit Edition
Security Update for Microsoft Visio Viewer 2010 (KB2687505) 64-Bit Edition
Security Update for Microsoft Visual Studio 2010 Professional - ENU (KB2644980)
Security Update for Microsoft Visual Studio 2010 Professional - ENU (KB2645410)
Security Update for Microsoft Visual Studio Macro Tools (KB2669970)
Security Update for Microsoft Word 2010 (KB2760410) 64-Bit Edition
Service Pack 3 for SQL Server 2008 (KB2546951) (64-bit)
Sid Meier's Civilization V
SimCity™
Sins of a Solar Empire
Sins of a Solar Empire - Diplomacy
Sins of a Solar Empire - Entrenchment
Sol Survivor
Sonic CinePlayer Decoder Pack
SPORE
SPORE Cute & Creepy Parts Pack
SPORE™ Creepy & Cute Parts Pack
Sql Server Customer Experience Improvement Program
StarCraft II
Steam
swMSM
System Requirements Lab CYRI
TeamSpeak 3 Client
Terraria
The Settlers II - 10th Anniversary
The Showdown Effect
Torchlight II
Towns
Trillian
Unepic
UnInstall Yogventures_Alpha_64bit
Unity Web Player
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2836939)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 64-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 64-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 64-Bit Edition
Update for Microsoft Office 2010 (KB2553378) 64-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2598242) 64-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 64-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition
Update for Microsoft Office 2010 (KB2767886) 64-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 64-Bit Edition
Update for Microsoft Outlook 2010 (KB2597090) 64-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 64-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 64-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2598240) 64-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 64-Bit Edition
VC Runtimes MSI
Ventrilo Client for Windows x64
Virtual Audio Cable 4.12
Visual Studio 2010 Prerequisites - English
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU
VLC media player 2.0.5
WCF RIA Services V1.0 SP1
Web Deployment Tool
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
WinRAR 4.11 (64-bit)
World of Warcraft
Xfire 2.0
Xfire Codec (remove only)
Zinio Reader 4
.
==== Event Viewer Messages From Past Week ========
.
7/7/2013 8:01:51 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Microsoft .NET Framework NGEN v4.0.30319_X64 service to connect.
7/7/2013 7:59:04 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: CFRMD
7/7/2013 1:56:22 PM, Error: Service Control Manager [7034] - The Audio Service service terminated unexpectedly. It has done this 1 time(s).
7/4/2013 5:50:08 AM, Error: Service Control Manager [7030] - The FastFreeConverterUpdt service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
7/2/2013 7:37:50 AM, Error: Service Control Manager [7034] - The COMODO Dragon Update Service service terminated unexpectedly. It has done this 1 time(s).
.
==== End Of File ===========================
DDS
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16611 BrowserJavaVersion: 10.25.2
Run by Kevin Felt at 20:07:35 on 2013-07-07
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4004.2403 [GMT -4:00]
.
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: COMODO Defense+ *Disabled/Updated* {FEEA52D5-051E-08DD-07EF-2F009097607D}
FW: COMODO Firewall *Disabled* {7DB03214-694B-060B-1600-BD4715C36DBB}
.
============== Running Processes ===============
.
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe
C:\windows\system32\svchost.exe -k RPCSS
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\windows\system32\WLANExt.exe
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\IDT\WDM\AESTSr64.exe
C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
C:\Program Files (x86)\Fast Free Converter\FastFreeConverterUpdt.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\system32\taskhost.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\windows\system32\SearchIndexer.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Trillian\trillian.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Comodo\GeekBuddy\unit_manager.exe
C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
C:\Program Files (x86)\Comodo\GeekBuddy\unit.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\windows\system32\sppsvc.exe
C:\windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Common Files\Steam\SteamService.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\windows\servicing\TrustedInstaller.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\SearchProtocolHost.exe
C:\windows\system32\SearchFilterHost.exe
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://myitlab.pearsoned.com/
uSearch Bar = Preserve
mWinlogon: Userinit = userinit.exe,
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Fast Free Converter 4.1: {8232785C-5C98-4A6E-B7B4-911FFBED7582} - C:\Program Files (x86)\Fast Free Converter\FastFreeConverter\FastFreeConverter.dll
BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
uRun: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
uRun: [EADM] "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
uRun: [AlcoholAutomount] "C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" -automount
uRun: [Google Update] "C:\Users\Kevin Felt\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun: [Dell Registration] C:\Program Files (x86)\System Registration\prodreg.exe /boot
mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [gbrspcontrol] "C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe" -controlservice -slave
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
StartupFolder: C:\Users\KEVINF~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Trillian.lnk - C:\Program Files (x86)\Trillian\trillian.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\STARTG~1.LNK - C:\Program Files (x86)\Comodo\GeekBuddy\launcher.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: myitlab.com
Trusted Zone: pearsoncmg.com
Trusted Zone: pearsoned.com
Trusted Zone: researchnavigator.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: NameServer = 10.0.0.1
TCP: Interfaces\{E4664713-1C56-4162-B566-AD8D964E228B} : NameServer = 68.94.156.1
TCP: Interfaces\{E4664713-1C56-4162-B566-AD8D964E228B} : DHCPNameServer = 10.0.0.1
TCP: Interfaces\{EC156190-9549-4308-B1D9-17E7519ABDAC} : NameServer = 8.26.56.26,156.154.70.22
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs= C:\windows\SysWOW64\guard32.dll
SSODL: WebCheck - <orphaned>
x64-BHO: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-TB: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-Run: [IgfxTray] C:\windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\windows\System32\igfxpers.exe
x64-Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
x64-Run: [Logitech Download Assistant] C:\windows\System32\rundll32.exe C:\windows\System32\LogiLDA.dll,LogiFetch
x64-Run: [XboxStat] "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Kevin Felt\AppData\Roaming\Mozilla\Firefox\Profiles\u0r0i02l.default\
FF - prefs.js: browser.startup.homepage - hxxp://74.125.225.176/
FF - prefs.js: network.proxy.type - 0
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Kevin Felt\AppData\Local\Google\Update\1.3.21.149\npGoogleUpdate3.dll
FF - plugin: C:\Users\Kevin Felt\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\Users\Kevin Felt\AppData\Roaming\Mozilla\Firefox\Profiles\u0r0i02l.default\extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2}\plugins\npAclmPlugin.dll
FF - plugin: C:\Users\Kevin Felt\AppData\Roaming\Mozilla\Firefox\Profiles\u0r0i02l.default\extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2}\plugins\npPitPlugin.dll
FF - plugin: C:\Users\Kevin Felt\AppData\Roaming\Mozilla\Firefox\Profiles\u0r0i02l.default\extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2}\plugins\npProductDetectPlugin.dll
FF - plugin: C:\windows\SysWOW64\Adobe\Director\np32dsw.dll
FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll
FF - plugin: C:\windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\windows\SysWOW64\npmproxy.dll
FF - ExtSQL: 2013-05-13 14:42; {ab91efd4-6975-4081-8552-1b3922ed79e2}; C:\Users\Kevin Felt\AppData\Roaming\Mozilla\Firefox\Profiles\u0r0i02l.default\extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2}
FF - ExtSQL: 2013-05-15 19:16; SQLiteManager@mrinalkant.blogspot.com; C:\Users\Kevin Felt\AppData\Roaming\Mozilla\Firefox\Profiles\u0r0i02l.default\extensions\SQLiteManager@mrinalkant.blogspot.com.xpi
.
---- FIREFOX POLICIES ----
FF - user.js: general.useragent.extra.brc -
.
.
.
.
============= SERVICES / DRIVERS ===============
.
R0 PxHlpa64;PxHlpa64;C:\windows\System32\drivers\PxHlpa64.sys [2012-1-19 55856]
R1 aswSnx;aswSnx;C:\windows\System32\drivers\aswSnx.sys [2012-6-10 984144]
R1 aswSP;aswSP;C:\windows\System32\drivers\aswSP.sys [2012-6-10 370288]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;C:\windows\System32\drivers\cmdGuard.sys [2012-3-11 577824]
R1 cmdHlp;COMODO Internet Security Helper Driver;C:\windows\System32\drivers\cmdhlp.sys [2012-3-11 43248]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\windows\System32\drivers\dtsoftbus01.sys [2013-6-25 283200]
R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2012-1-19 89600]
R2 aswFsBlk;aswFsBlk;C:\windows\System32\drivers\aswFsBlk.sys [2012-6-10 25232]
R2 aswMonFlt;aswMonFlt;C:\windows\System32\drivers\aswMonFlt.sys [2012-6-10 71600]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-11-18 44808]
R2 CLPSLauncher;COMODO LPS Launcher;C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe [2013-4-17 70344]
R2 DragonUpdater;COMODO Dragon Update Service;C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2013-6-20 2095752]
R2 FastFreeConverterUpdt;FastFreeConverterUpdt;C:\Program Files (x86)\Fast Free Converter\FastFreeConverterUpdt.exe [2012-11-26 687104]
R2 GeekBuddyRSP;GeekBuddyRSP Service;C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2013-4-17 1851088]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-1-19 13336]
R2 StarWindServiceAE;StarWind AE Service;C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-1-19 2656280]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\windows\System32\drivers\CtClsFlt.sys [2012-1-19 176096]
R3 EuMusDesignVirtualAudioCableWdm;Virtual Audio Cable (WDM);C:\windows\System32\drivers\vrtaucbl.sys [2013-6-2 101376]
R3 IntcDAud;Intel(R) Display Audio;C:\windows\System32\drivers\IntcDAud.sys [2012-1-19 317440]
R3 RTL8167;Realtek 8167 NT Driver;C:\windows\System32\drivers\Rt64win7.sys [2011-6-10 539240]
S2 AxAutoMntSrv;Alcohol Virtual Drive Auto-mount Service;C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [2012-1-5 75624]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 RoxWatch12;Roxio Hard Drive Watcher 12;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632]
S3 HP8207_8307;HP-HP8207_8307;C:\windows\System32\drivers\HP8207_8307.sys [2010-2-4 15360]
S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\windows\System32\drivers\rdpvideominiport.sys [2012-12-25 19456]
S3 RoxMediaDB12OEM;RoxMediaDB12OEM;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\windows\System32\drivers\RtsUStor.sys [2012-1-19 250984]
S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2012-12-25 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\System32\drivers\TsUsbGD.sys [2012-12-25 30208]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\System32\Wat\WatAdminSvc.exe [2012-6-10 1255736]
S3 XFDriver64;XFDriver64;C:\Program Files (x86)\Xfire2\XFDriver64.sys [2013-5-26 17160]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;C:\Program Files\Microsoft SQL Server\100\Shared\sqladhlp.exe [2009-7-22 61976]
S4 MySQL56;MySQL56;"C:\Program Files\MySQL\MySQL Server 5.6\bin\mysqld" --defaults-file="C:\ProgramData\MySQL\MySQL Server 5.6\my.ini" MySQL56 --> C:\Program Files\MySQL\MySQL Server 5.6\bin\mysqld [?]
S4 RsFx0105;RsFx0105 Driver;C:\windows\System32\drivers\RsFx0105.sys [2011-9-22 311144]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2011-9-22 431464]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2013-07-07 22:04:57 388096 ----a-r- C:\Users\Kevin Felt\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-07-07 22:04:56 -------- d-----w- C:\Program Files (x86)\Trend Micro
2013-07-07 19:13:41 -------- d-----w- C:\Users\Kevin Felt\AppData\Roaming\enchant
2013-07-07 19:13:41 -------- d-----w- C:\Users\Kevin Felt\AppData\Roaming\Editra
2013-07-07 19:13:31 -------- d-----w- C:\Program Files (x86)\Editra
2013-07-07 09:17:29 -------- d-----w- C:\Users\Kevin Felt\AppData\Roaming\unepic
2013-07-07 09:17:01 -------- d-----w- C:\Program Files (x86)\unepic
2013-07-07 07:17:48 -------- d-----w- C:\Users\Kevin Felt\AppData\Local\S2
2013-07-05 13:50:30 9552976 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{389651A1-EA60-493C-A254-7078F5A62657}\mpengine.dll
2013-07-04 18:48:17 -------- d-----w- C:\ProgramData\PreEmptive Solutions
2013-07-04 18:01:47 -------- d-----w- C:\ProgramData\VS
2013-07-04 17:53:49 73064 ----a-w- C:\windows\SysWow64\perf-MSSQL$SQLEXPRESS-sqlctr10.3.5500.0.dll
2013-07-04 17:53:49 109416 ----a-w- C:\windows\System32\perf-MSSQL$SQLEXPRESS-sqlctr10.3.5500.0.dll
2013-07-04 17:53:48 105832 ----a-w- C:\windows\System32\SQSRVRES.DLL
2013-07-04 17:20:30 -------- d-----w- C:\ProgramData\Picroma
2013-07-04 17:20:30 -------- d-----w- C:\Program Files (x86)\Cube World
2013-07-04 09:51:47 -------- d-----w- C:\Users\Kevin Felt\AppData\Local\Bundled software uninstaller
2013-07-04 09:51:10 -------- d-----w- C:\Users\Kevin Felt\AppData\Roaming\pdfforge
2013-07-04 09:51:04 137000 ----a-w- C:\windows\SysWow64\MSMAPI32.OCX
2013-07-04 09:51:03 65024 ----a-w- C:\windows\System32\pdfcmon.dll
2013-07-04 09:51:01 23552 ----a-w- C:\windows\SysWow64\MSMPIDE.DLL
2013-07-04 09:51:01 -------- d-----w- C:\Program Files (x86)\PDFCreator
2013-07-04 09:50:09 -------- d-----w- C:\Program Files (x86)\File Type Helper
2013-07-04 09:50:06 -------- d-----w- C:\Program Files (x86)\Fast Free Converter
2013-07-04 09:50:01 -------- d-----w- C:\Users\Kevin Felt\AppData\Local\FilesFrog Update Checker
2013-07-03 19:06:42 -------- d-----w- C:\Users\Kevin Felt\AppData\Roaming\.Freeland
2013-06-30 13:17:14 -------- d-----w- C:\Users\Kevin Felt\Bit
2013-06-30 13:14:02 -------- d-----w- C:\Users\Kevin Felt\AppData\Roaming\BitTorrent
2013-06-27 20:44:55 -------- d-----w- C:\Users\Kevin Felt\AppData\Local\Game Dev Tycoon
2013-06-27 20:43:53 -------- d-----w- C:\Program Files (x86)\1-click run
2013-06-27 20:19:39 56072 ----a-w- C:\windows\System32\certsentry.dll
2013-06-27 20:19:39 47368 ----a-w- C:\windows\SysWow64\certsentry.dll
2013-06-26 04:59:27 -------- d-----w- C:\Program Files (x86)\Knights of Pen and Paper
2013-06-26 02:24:14 283200 ----a-w- C:\windows\System32\drivers\dtsoftbus01.sys
2013-06-26 02:24:08 -------- d-----w- C:\Program Files (x86)\DAEMON Tools Lite
2013-06-26 02:04:38 96168 ----a-w- C:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-06-25 02:05:49 -------- d-----w- C:\Users\Kevin Felt\.chunky
2013-06-25 02:04:27 -------- d-----w- C:\Program Files (x86)\Chunky
2013-06-22 07:08:05 -------- d-----w- C:\Users\Kevin Felt\AppData\Roaming\com.shirogames.evoland
2013-06-16 07:02:01 2706432 ----a-w- C:\windows\System32\mshtml.tlb
2013-06-16 07:02:00 2706432 ----a-w- C:\windows\SysWow64\mshtml.tlb
2013-06-16 07:01:59 279040 ----a-w- C:\Program Files\Internet Explorer\sqmapi.dll
2013-06-16 07:01:59 218112 ----a-w- C:\Program Files (x86)\Internet Explorer\sqmapi.dll
2013-06-14 19:09:08 -------- d-----w- C:\Users\Kevin Felt\.idlerc
2013-06-14 19:06:56 -------- d-----w- C:\Python33
2013-06-13 08:31:12 -------- d-----w- C:\Users\Kevin Felt\AppData\Local\Introversion
2013-06-12 08:09:38 1910632 ----a-w- C:\windows\System32\drivers\tcpip.sys
2013-06-12 08:09:35 751104 ----a-w- C:\windows\System32\win32spl.dll
2013-06-12 08:09:35 492544 ----a-w- C:\windows\SysWow64\win32spl.dll
2013-06-12 08:09:21 30720 ----a-w- C:\windows\System32\cryptdlg.dll
2013-06-12 08:09:21 24576 ----a-w- C:\windows\SysWow64\cryptdlg.dll
2013-06-12 08:09:16 1424384 ----a-w- C:\windows\System32\WindowsCodecs.dll
2013-06-12 08:09:16 1230336 ----a-w- C:\windows\SysWow64\WindowsCodecs.dll
2013-06-12 08:08:42 903168 ----a-w- C:\windows\SysWow64\certutil.exe
2013-06-12 08:08:42 1192448 ----a-w- C:\windows\System32\certutil.exe
2013-06-12 08:08:39 1464320 ----a-w- C:\windows\System32\crypt32.dll
2013-06-12 08:08:37 1160192 ----a-w- C:\windows\SysWow64\crypt32.dll
2013-06-12 08:08:28 184320 ----a-w- C:\windows\System32\cryptsvc.dll
2013-06-12 08:08:28 139776 ----a-w- C:\windows\System32\cryptnet.dll
2013-06-12 08:08:27 103936 ----a-w- C:\windows\SysWow64\cryptnet.dll
2013-06-12 08:08:26 140288 ----a-w- C:\windows\SysWow64\cryptsvc.dll
2013-06-12 08:08:25 52224 ----a-w- C:\windows\System32\certenc.dll
2013-06-12 08:08:25 43008 ----a-w- C:\windows\SysWow64\certenc.dll
2013-06-12 08:08:15 1887232 ----a-w- C:\windows\System32\d3d11.dll
2013-06-12 08:08:14 1505280 ----a-w- C:\windows\SysWow64\d3d11.dll
.
==================== Find3M ====================
.
2013-06-26 02:04:14 867240 ----a-w- C:\windows\SysWow64\npDeployJava1.dll
2013-06-26 02:04:14 789416 ----a-w- C:\windows\SysWow64\deployJava1.dll
2013-06-12 23:59:53 71048 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-06-12 23:59:53 692104 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe
2013-06-02 07:01:46 101376 ----a-w- C:\windows\System32\drivers\vrtaucbl.sys
2013-05-24 06:41:27 753873 ----a-w- C:\windows\unins001.exe
2013-05-17 01:25:57 1767936 ----a-w- C:\windows\SysWow64\wininet.dll
2013-05-17 01:25:27 2877440 ----a-w- C:\windows\SysWow64\jscript9.dll
2013-05-17 01:25:26 61440 ----a-w- C:\windows\SysWow64\iesetup.dll
2013-05-17 01:25:26 109056 ----a-w- C:\windows\SysWow64\iesysprep.dll
2013-05-17 00:59:03 2241024 ----a-w- C:\windows\System32\wininet.dll
2013-05-17 00:58:10 3958784 ----a-w- C:\windows\System32\jscript9.dll
2013-05-17 00:58:08 67072 ----a-w- C:\windows\System32\iesetup.dll
2013-05-17 00:58:08 136704 ----a-w- C:\windows\System32\iesysprep.dll
2013-05-16 04:07:08 3920384 ----a-w- C:\windows\System32\python33.dll
2013-05-16 04:06:12 93696 ----a-w- C:\windows\py.exe
2013-05-16 04:06:10 94208 ----a-w- C:\windows\pyw.exe
2013-05-14 15:38:56 265976 ----a-w- C:\windows\SysWow64\BytescoutScreenCapturingFilter.dll
2013-05-14 15:38:56 175864 ----a-w- C:\windows\SysWow64\BytescoutVideoMixerFilter.dll
2013-05-14 15:38:54 438008 ----a-w- C:\windows\SysWow64\BytescoutScreenCapturing.dll
2013-05-14 12:23:25 89600 ----a-w- C:\windows\System32\RegisterIEPKEYs.exe
2013-05-14 08:40:13 71680 ----a-w- C:\windows\SysWow64\RegisterIEPKEYs.exe
2013-05-02 06:06:08 278800 ------w- C:\windows\System32\MpSigStub.exe
2013-04-13 05:49:23 135168 ----a-w- C:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-04-13 05:49:19 350208 ----a-w- C:\windows\apppatch\AppPatch64\AcLayers.dll
2013-04-13 05:49:19 308736 ----a-w- C:\windows\apppatch\AppPatch64\AcGenral.dll
2013-04-13 05:49:19 111104 ----a-w- C:\windows\apppatch\AppPatch64\acspecfc.dll
2013-04-13 04:45:16 474624 ----a-w- C:\windows\apppatch\AcSpecfc.dll
2013-04-13 04:45:15 2176512 ----a-w- C:\windows\apppatch\AcGenral.dll
2013-04-12 14:45:08 1656680 ----a-w- C:\windows\System32\drivers\ntfs.sys
2013-04-10 06:01:54 265064 ----a-w- C:\windows\System32\drivers\dxgmms1.sys
2013-04-10 06:01:53 983400 ----a-w- C:\windows\System32\drivers\dxgkrnl.sys
2013-04-10 03:30:50 3153920 ----a-w- C:\windows\System32\win32k.sys
.
============= FINISH: 20:08:26.98 ===============