Can someone take a look at things for me
ty
Malwarebytes Anti-Malware (PRO) 1.70.0.1100
www.malwarebytes.org
Database version: v2013.03.28.11
Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Chris :: DELL-530 [administrator]
Protection: Enabled
29/03/2013 19:02:35
mbam-log-2013-03-29 (19-02-35).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 198214
Time elapsed: 3 minute(s), 41 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 04/02/2011 10:32:19
System Uptime: 28/03/2013 22:30:29 (21 hours ago)
.
Motherboard: Dell Inc. | | 0K216C
Processor: Intel(R) Core(TM)2 Duo CPU E6750 @ 2.66GHz | Socket 775 | 2664/333mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 288 GiB total, 175.035 GiB free.
D: is FIXED (NTFS) - 10 GiB total, 3.888 GiB free.
E: is CDROM (UDF)
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: GoTrusted TAP Adapter
Device ID: ROOT\NET\0000
Manufacturer: GoTrusted TAP Provider
Name: GoTrusted TAP Adapter
PNP Device ID: ROOT\NET\0000
Service: gttap1
.
==== System Restore Points ===================
.
RP542: 24/02/2013 16:06:13 - Scheduled Checkpoint
RP543: 26/02/2013 06:10:42 - Scheduled Checkpoint
RP544: 26/02/2013 21:03:55 - Scheduled Checkpoint
RP545: 28/02/2013 23:00:14 - Scheduled Checkpoint
RP546: 02/03/2013 01:20:04 - Scheduled Checkpoint
RP547: 03/03/2013 01:23:22 - Scheduled Checkpoint
RP548: 03/03/2013 19:11:32 - Installed Microsoft Fix it 50195
RP549: 07/03/2013 00:23:24 - Scheduled Checkpoint
RP550: 08/03/2013 14:35:52 - Scheduled Checkpoint
RP551: 09/03/2013 14:19:02 - Removed Java 7 Update 17
RP552: 09/03/2013 14:21:49 - Installed Java 7 Update 17
RP553: 10/03/2013 10:40:40 - Scheduled Checkpoint
RP554: 13/03/2013 22:25:54 - Device Driver Package Install: TAP-Win32 Provider V9 Network adapters
RP555: 13/03/2013 22:34:11 - Windows Update
RP556: 15/03/2013 00:29:51 - Scheduled Checkpoint
RP557: 15/03/2013 22:30:10 - Removed Ask Toolbar
RP558: 16/03/2013 13:14:35 - Scheduled Checkpoint
RP559: 16/03/2013 15:42:43 - Device Driver Package Install: TAP-Win32 Provider V9 Network adapters
RP560: 17/03/2013 23:23:09 - Windows Update
RP561: 18/03/2013 12:13:19 - Removed Samsung Kies
RP562: 18/03/2013 21:00:42 - Installed Samsung Kies
RP563: 20/03/2013 00:03:28 - Scheduled Checkpoint
RP564: 21/03/2013 01:21:00 - Scheduled Checkpoint
RP565: 21/03/2013 13:31:38 - Scheduled Checkpoint
RP566: 22/03/2013 13:35:05 - Scheduled Checkpoint
RP567: 22/03/2013 22:20:00 - Removed Java 7 Update 17
RP568: 22/03/2013 22:23:00 - Installed Java 7 Update 17
RP570: 22/03/2013 22:31:47 - Revo Uninstaller's restore point - Java 7 Update 17
RP571: 22/03/2013 22:31:57 - Removed Java 7 Update 17
RP573: 22/03/2013 22:53:33 - Revo Uninstaller's restore point - Java 7 Update 17
RP574: 23/03/2013 13:20:36 - Windows Update
RP575: 24/03/2013 01:43:33 - Scheduled Checkpoint
RP576: 29/03/2013 01:15:00 - Scheduled Checkpoint
.
==== Installed Programs ======================
.
Leawo Video Converter version 5.1.0.0
Adobe AIR
Adobe Community Help
Adobe Download Assistant
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader XI (11.0.02)
Adobe Shockwave Player 12.0
Apple Application Support
Apple Mobile Device Support
Apple Software Update
avast! Internet Security
CCleaner
ConvertXtoDVD 4.0.9.322
D3DX10
EasyBCD 1.7
ESET Online Scanner v3
ffdshow [rev 2180] [2008-10-04]
FileHippo.com Update Checker
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Microsoft .NET Framework 4 Client Profile (KB2461678)
Intel(R) Graphics Media Accelerator Driver
K-Lite Codec Pack 7.0.0 (Standard)
Malwarebytes Anti-Malware version 1.70.0.1100
McAfee SiteAdvisor
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Office Excel Viewer 2003
Microsoft Office Word Viewer 2003
Microsoft Silverlight
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft_VC80_ATL_x86
Microsoft_VC80_CRT_x86
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFCLOC_x86
Microsoft_VC90_ATL_x86
Microsoft_VC90_CRT_x86
Microsoft_VC90_MFC_x86
Microsoft_VC90_MFCLOC_x86
Mozilla Firefox 19.0.2 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSXML 4.0 SP3 Parser
MSXML 4.0 SP3 Parser (KB2721691)
MSXML 4.0 SP3 Parser (KB2758694)
MSXML 4.0 SP3 Parser (KB973685)
MyFreeCodec
Nero 7 Lite 7.10.1.2
Panda Cloud Cleaner
QuickTime
RealDownloader
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealNetworks - Microsoft Visual C++ 2010 Runtime
RealPlayer
Realtek High Definition Audio Driver
RealUpgrade 1.1
Revo Uninstaller 1.94
Samsung Kies
SAMSUNG USB Driver for Mobile Phones
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Segoe UI
Skitch
swMSM
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
VLC media player 2.0.5
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Messenger
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Media Player Firefox Plugin
WinRAR 4.20 (32-bit)
YouTube Downloader App 3.00
.
==== Event Viewer Messages From Past Week ========
.
28/03/2013 22:32:32, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
28/03/2013 22:32:32, Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error 2147749155 (0x80040D23).
28/03/2013 22:30:53, Error: EventLog [6008] - The previous system shutdown at 22:28:47 on 28/03/2013 was unexpected.
22/03/2013 11:55:47, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
22/03/2013 11:47:52, Error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 1 time(s).
.
==== End Of File ===========================
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 9.0.8112.16470
Run by Chris at 19:06:51 on 2013-03-29
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.44.1033.18.3060.1288 [GMT 0:00]
.
AV: avast! Internet Security *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Internet Security *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: avast! Internet Security *Enabled* {131692B0-0864-D491-4E21-3A3A1D8BBB47}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\SLsvc.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files\AVAST Software\Avast\afwServ.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\AERTSrv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe
C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\igfxpers.exe
C:\Windows\System32\hkcmd.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Panda Security\Panda Cloud Cleaner\PCloudCleaner.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Mail\WinMail.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe
C:\Windows\notepad.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
.
============== Pseudo HJT Report ===============
.
BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\programdata\realnetworks\realdownloader\browserplugins\ie\rndlbrowserrecordplugin.dll
BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\program files\mcafee\siteadvisor\McIEPlg.dll
TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [KiesTrayAgent] c:\program files\samsung\kies\KiesTrayAgent.exe
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxps://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{24808C3F-DF8E-4DBB-B40F-D7DB39A51B71} : DHCPNameServer = 192.168.0.203
TCP: Interfaces\{C010AF49-0C76-4353-BB35-19AE24C74C4F} : DHCPNameServer = 192.168.0.1
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\program files\mcafee\siteadvisor\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\program files\mcafee\siteadvisor\McIEPlg.dll
Notify: igfxcui - igfxdev.dll
LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\chris\appdata\roaming\mozilla\firefox\profiles\q908vuqn.default-1364514302772\
FF - plugin: c:\program files\adobe\reader 11.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\mcafee\siteadvisor\NPMcFFPlg32.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.20125.0\npctrlui.dll
FF - plugin: c:\program files\real\realplayer\netscape6\nprpplugin.dll
FF - plugin: c:\programdata\real\realplayer\browserrecordplugin\mozillaplugins\nprpchromebrowserrecordext.dll
FF - plugin: c:\programdata\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll
FF - plugin: c:\programdata\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlchromebrowserrecordext.dll
FF - plugin: c:\programdata\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlhtml5videoshim.dll
FF - plugin: c:\programdata\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlpepperflashvideoshim.dll
FF - plugin: c:\programdata\realnetworks\realdownloader\browserplugins\npdlplugin.dll
FF - plugin: c:\windows\system32\adobe\director\np32dsw_1200112.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_6_602_180.dll
FF - ExtSQL: 2013-03-10 09:49; wrc@avast.com; c:\program files\avast software\avast\webrep\FF
FF - ExtSQL: 2013-03-18 13:42; {DAC3F861-B30D-40dd-9166-F4E75327FAC7}; c:\programdata\realnetworks\realdownloader\browserplugins\firefox\Ext
FF - ExtSQL: 2013-03-28 21:56; {4ED1F68A-5463-4931-9384-8FFF5ED91D92}; c:\program files\mcafee\SiteAdvisor
.
============= SERVICES / DRIVERS ===============
.
R0 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys [2012-9-23 21576]
R0 aswNdis;avast! Firewall NDIS Filter Service;c:\windows\system32\drivers\aswNdis.sys [2012-9-23 12112]
R0 aswNdis2;avast! Firewall Core Firewall Service;c:\windows\system32\drivers\aswNdis2.sys [2012-9-23 199384]
R0 aswRvrt;aswRvrt;c:\windows\system32\drivers\aswRvrt.sys [2013-3-1 49248]
R1 aswFW;avast! TDI Firewall driver;c:\windows\system32\drivers\aswFW.sys [2012-9-23 101656]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2012-9-23 765736]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2012-9-23 368176]
R2 AERTFilters;Andrea RT Filters Service;c:\windows\system32\AERTSrv.exe [2007-12-5 77824]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2012-9-23 29816]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-9-23 66336]
R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2012-9-23 45248]
R2 avast! Firewall;avast! Firewall;c:\program files\avast software\avast\afwServ.exe [2012-9-23 136912]
R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-21 21504]
R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2013-3-22 398184]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2013-3-22 682344]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\progra~1\mcafee\sitead~1\mcsacore.exe [2012-8-29 95232]
R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files\realnetworks\realdownloader\rndlresolversvc.exe [2013-3-6 39056]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-3-22 21104]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 aswVmm;aswVmm;c:\windows\system32\drivers\aswVmm.sys [2013-3-1 164736]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\drivers\ssudbus.sys [2013-3-18 83168]
S3 MOSUMAC;USB-Ethernet Driver;c:\windows\system32\drivers\MOSUMAC.SYS [2010-11-19 43520]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\drivers\ssudmdm.sys [2013-3-18 181344]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== Created Last 30 ================
.
2013-03-22 23:05:30 21104 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-03-22 23:05:30 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-03-22 19:27:27 -------- d-----w- c:\program files\ESET
2013-03-22 11:57:37 -------- d-sh--w- C:\$RECYCLE.BIN
2013-03-22 11:57:31 -------- d-----w- c:\users\chris\appdata\local\temp
2013-03-20 17:46:14 -------- d-----w- c:\program files\Emsisoft Anti-Malware
2013-03-18 21:09:17 83168 ----a-w- c:\windows\system32\drivers\ssudbus.sys
2013-03-18 21:09:17 181344 ----a-w- c:\windows\system32\drivers\ssudmdm.sys
2013-03-18 21:02:20 821824 ----a-w- c:\windows\system32\dgderapi.dll
2013-03-18 21:02:20 319456 ----a-w- c:\windows\system32\DIFxAPI.dll
2013-03-18 21:02:20 20032 ----a-w- c:\windows\system32\drivers\dgderdrv.sys
2013-03-18 13:42:27 -------- d-----w- c:\program files\RealNetworks
2013-03-18 13:42:26 -------- d-----w- c:\programdata\RealNetworks
2013-03-18 13:41:46 -------- d-----w- c:\program files\common files\xing shared
2013-03-17 23:23:05 15872 ----a-w- c:\windows\system32\drivers\usb8023.sys
2013-03-16 15:41:33 -------- d-----w- c:\program files\TunnelBear
2013-03-08 01:50:21 96664 ----a-w- c:\program files\mozilla firefox\webapprt-stub.exe
2013-03-01 23:36:42 164736 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-03-01 23:36:41 49248 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-03-01 08:53:04 -------- d-----w- C:\LeG_VGRs_Installation
.
==================== Find3M ====================
.
2013-03-22 22:23:38 861088 ----a-w- c:\windows\system32\npdeployJava1.dll
2013-03-22 22:23:38 782240 ----a-w- c:\windows\system32\deployJava1.dll
2013-03-15 22:58:55 73432 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-03-15 22:58:55 693976 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-03-06 23:33:24 765736 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-03-06 23:33:23 66336 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-03-06 23:33:23 199384 ----a-w- c:\windows\system32\drivers\aswNdis2.sys
2013-03-06 23:33:22 21576 ----a-w- c:\windows\system32\drivers\aswKbd.sys
2013-03-06 23:33:22 101656 ----a-w- c:\windows\system32\drivers\aswFW.sys
2013-03-06 23:32:51 41664 ----a-w- c:\windows\avastSS.scr
2013-03-03 19:50:21 499712 ----a-w- c:\windows\system32\msvcp71.dll
2013-02-05 17:53:34 4659712 ----a-w- c:\windows\system32\Redemption.dll
2013-02-05 17:52:54 90112 ----a-w- c:\windows\MAMCityDownload.ocx
2013-02-05 17:52:54 330240 ----a-w- c:\windows\MASetupCaller.dll
2013-02-05 17:52:54 30568 ----a-w- c:\windows\MusiccityDownload.exe
2013-02-02 03:38:35 1800704 ----a-w- c:\windows\system32\jscript9.dll
2013-02-02 03:30:32 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2013-02-02 03:30:21 1129472 ----a-w- c:\windows\system32\wininet.dll
2013-02-02 03:26:47 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2013-02-02 03:26:21 420864 ----a-w- c:\windows\system32\vbscript.dll
2013-02-02 03:23:28 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2013-01-05 05:26:01 3602808 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-01-05 05:26:01 3550072 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-01-04 11:28:18 905576 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-01-04 01:38:50 2048512 ----a-w- c:\windows\system32\win32k.sys
.
============= FINISH: 19:07:18.18 ===============
ty
Malwarebytes Anti-Malware (PRO) 1.70.0.1100
www.malwarebytes.org
Database version: v2013.03.28.11
Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Chris :: DELL-530 [administrator]
Protection: Enabled
29/03/2013 19:02:35
mbam-log-2013-03-29 (19-02-35).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 198214
Time elapsed: 3 minute(s), 41 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 04/02/2011 10:32:19
System Uptime: 28/03/2013 22:30:29 (21 hours ago)
.
Motherboard: Dell Inc. | | 0K216C
Processor: Intel(R) Core(TM)2 Duo CPU E6750 @ 2.66GHz | Socket 775 | 2664/333mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 288 GiB total, 175.035 GiB free.
D: is FIXED (NTFS) - 10 GiB total, 3.888 GiB free.
E: is CDROM (UDF)
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: GoTrusted TAP Adapter
Device ID: ROOT\NET\0000
Manufacturer: GoTrusted TAP Provider
Name: GoTrusted TAP Adapter
PNP Device ID: ROOT\NET\0000
Service: gttap1
.
==== System Restore Points ===================
.
RP542: 24/02/2013 16:06:13 - Scheduled Checkpoint
RP543: 26/02/2013 06:10:42 - Scheduled Checkpoint
RP544: 26/02/2013 21:03:55 - Scheduled Checkpoint
RP545: 28/02/2013 23:00:14 - Scheduled Checkpoint
RP546: 02/03/2013 01:20:04 - Scheduled Checkpoint
RP547: 03/03/2013 01:23:22 - Scheduled Checkpoint
RP548: 03/03/2013 19:11:32 - Installed Microsoft Fix it 50195
RP549: 07/03/2013 00:23:24 - Scheduled Checkpoint
RP550: 08/03/2013 14:35:52 - Scheduled Checkpoint
RP551: 09/03/2013 14:19:02 - Removed Java 7 Update 17
RP552: 09/03/2013 14:21:49 - Installed Java 7 Update 17
RP553: 10/03/2013 10:40:40 - Scheduled Checkpoint
RP554: 13/03/2013 22:25:54 - Device Driver Package Install: TAP-Win32 Provider V9 Network adapters
RP555: 13/03/2013 22:34:11 - Windows Update
RP556: 15/03/2013 00:29:51 - Scheduled Checkpoint
RP557: 15/03/2013 22:30:10 - Removed Ask Toolbar
RP558: 16/03/2013 13:14:35 - Scheduled Checkpoint
RP559: 16/03/2013 15:42:43 - Device Driver Package Install: TAP-Win32 Provider V9 Network adapters
RP560: 17/03/2013 23:23:09 - Windows Update
RP561: 18/03/2013 12:13:19 - Removed Samsung Kies
RP562: 18/03/2013 21:00:42 - Installed Samsung Kies
RP563: 20/03/2013 00:03:28 - Scheduled Checkpoint
RP564: 21/03/2013 01:21:00 - Scheduled Checkpoint
RP565: 21/03/2013 13:31:38 - Scheduled Checkpoint
RP566: 22/03/2013 13:35:05 - Scheduled Checkpoint
RP567: 22/03/2013 22:20:00 - Removed Java 7 Update 17
RP568: 22/03/2013 22:23:00 - Installed Java 7 Update 17
RP570: 22/03/2013 22:31:47 - Revo Uninstaller's restore point - Java 7 Update 17
RP571: 22/03/2013 22:31:57 - Removed Java 7 Update 17
RP573: 22/03/2013 22:53:33 - Revo Uninstaller's restore point - Java 7 Update 17
RP574: 23/03/2013 13:20:36 - Windows Update
RP575: 24/03/2013 01:43:33 - Scheduled Checkpoint
RP576: 29/03/2013 01:15:00 - Scheduled Checkpoint
.
==== Installed Programs ======================
.
Leawo Video Converter version 5.1.0.0
Adobe AIR
Adobe Community Help
Adobe Download Assistant
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader XI (11.0.02)
Adobe Shockwave Player 12.0
Apple Application Support
Apple Mobile Device Support
Apple Software Update
avast! Internet Security
CCleaner
ConvertXtoDVD 4.0.9.322
D3DX10
EasyBCD 1.7
ESET Online Scanner v3
ffdshow [rev 2180] [2008-10-04]
FileHippo.com Update Checker
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Microsoft .NET Framework 4 Client Profile (KB2461678)
Intel(R) Graphics Media Accelerator Driver
K-Lite Codec Pack 7.0.0 (Standard)
Malwarebytes Anti-Malware version 1.70.0.1100
McAfee SiteAdvisor
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Office Excel Viewer 2003
Microsoft Office Word Viewer 2003
Microsoft Silverlight
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft_VC80_ATL_x86
Microsoft_VC80_CRT_x86
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFCLOC_x86
Microsoft_VC90_ATL_x86
Microsoft_VC90_CRT_x86
Microsoft_VC90_MFC_x86
Microsoft_VC90_MFCLOC_x86
Mozilla Firefox 19.0.2 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSXML 4.0 SP3 Parser
MSXML 4.0 SP3 Parser (KB2721691)
MSXML 4.0 SP3 Parser (KB2758694)
MSXML 4.0 SP3 Parser (KB973685)
MyFreeCodec
Nero 7 Lite 7.10.1.2
Panda Cloud Cleaner
QuickTime
RealDownloader
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealNetworks - Microsoft Visual C++ 2010 Runtime
RealPlayer
Realtek High Definition Audio Driver
RealUpgrade 1.1
Revo Uninstaller 1.94
Samsung Kies
SAMSUNG USB Driver for Mobile Phones
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Segoe UI
Skitch
swMSM
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
VLC media player 2.0.5
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Messenger
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Media Player Firefox Plugin
WinRAR 4.20 (32-bit)
YouTube Downloader App 3.00
.
==== Event Viewer Messages From Past Week ========
.
28/03/2013 22:32:32, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
28/03/2013 22:32:32, Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error 2147749155 (0x80040D23).
28/03/2013 22:30:53, Error: EventLog [6008] - The previous system shutdown at 22:28:47 on 28/03/2013 was unexpected.
22/03/2013 11:55:47, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
22/03/2013 11:47:52, Error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 1 time(s).
.
==== End Of File ===========================
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 9.0.8112.16470
Run by Chris at 19:06:51 on 2013-03-29
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.44.1033.18.3060.1288 [GMT 0:00]
.
AV: avast! Internet Security *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Internet Security *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: avast! Internet Security *Enabled* {131692B0-0864-D491-4E21-3A3A1D8BBB47}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\SLsvc.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files\AVAST Software\Avast\afwServ.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\AERTSrv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe
C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\igfxpers.exe
C:\Windows\System32\hkcmd.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Panda Security\Panda Cloud Cleaner\PCloudCleaner.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Mail\WinMail.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe
C:\Windows\notepad.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
.
============== Pseudo HJT Report ===============
.
BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\programdata\realnetworks\realdownloader\browserplugins\ie\rndlbrowserrecordplugin.dll
BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\program files\mcafee\siteadvisor\McIEPlg.dll
TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [KiesTrayAgent] c:\program files\samsung\kies\KiesTrayAgent.exe
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxps://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{24808C3F-DF8E-4DBB-B40F-D7DB39A51B71} : DHCPNameServer = 192.168.0.203
TCP: Interfaces\{C010AF49-0C76-4353-BB35-19AE24C74C4F} : DHCPNameServer = 192.168.0.1
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\program files\mcafee\siteadvisor\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\program files\mcafee\siteadvisor\McIEPlg.dll
Notify: igfxcui - igfxdev.dll
LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\chris\appdata\roaming\mozilla\firefox\profiles\q908vuqn.default-1364514302772\
FF - plugin: c:\program files\adobe\reader 11.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\mcafee\siteadvisor\NPMcFFPlg32.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.20125.0\npctrlui.dll
FF - plugin: c:\program files\real\realplayer\netscape6\nprpplugin.dll
FF - plugin: c:\programdata\real\realplayer\browserrecordplugin\mozillaplugins\nprpchromebrowserrecordext.dll
FF - plugin: c:\programdata\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll
FF - plugin: c:\programdata\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlchromebrowserrecordext.dll
FF - plugin: c:\programdata\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlhtml5videoshim.dll
FF - plugin: c:\programdata\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlpepperflashvideoshim.dll
FF - plugin: c:\programdata\realnetworks\realdownloader\browserplugins\npdlplugin.dll
FF - plugin: c:\windows\system32\adobe\director\np32dsw_1200112.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_6_602_180.dll
FF - ExtSQL: 2013-03-10 09:49; wrc@avast.com; c:\program files\avast software\avast\webrep\FF
FF - ExtSQL: 2013-03-18 13:42; {DAC3F861-B30D-40dd-9166-F4E75327FAC7}; c:\programdata\realnetworks\realdownloader\browserplugins\firefox\Ext
FF - ExtSQL: 2013-03-28 21:56; {4ED1F68A-5463-4931-9384-8FFF5ED91D92}; c:\program files\mcafee\SiteAdvisor
.
============= SERVICES / DRIVERS ===============
.
R0 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys [2012-9-23 21576]
R0 aswNdis;avast! Firewall NDIS Filter Service;c:\windows\system32\drivers\aswNdis.sys [2012-9-23 12112]
R0 aswNdis2;avast! Firewall Core Firewall Service;c:\windows\system32\drivers\aswNdis2.sys [2012-9-23 199384]
R0 aswRvrt;aswRvrt;c:\windows\system32\drivers\aswRvrt.sys [2013-3-1 49248]
R1 aswFW;avast! TDI Firewall driver;c:\windows\system32\drivers\aswFW.sys [2012-9-23 101656]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2012-9-23 765736]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2012-9-23 368176]
R2 AERTFilters;Andrea RT Filters Service;c:\windows\system32\AERTSrv.exe [2007-12-5 77824]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2012-9-23 29816]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-9-23 66336]
R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2012-9-23 45248]
R2 avast! Firewall;avast! Firewall;c:\program files\avast software\avast\afwServ.exe [2012-9-23 136912]
R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-21 21504]
R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2013-3-22 398184]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2013-3-22 682344]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\progra~1\mcafee\sitead~1\mcsacore.exe [2012-8-29 95232]
R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files\realnetworks\realdownloader\rndlresolversvc.exe [2013-3-6 39056]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-3-22 21104]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 aswVmm;aswVmm;c:\windows\system32\drivers\aswVmm.sys [2013-3-1 164736]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\drivers\ssudbus.sys [2013-3-18 83168]
S3 MOSUMAC;USB-Ethernet Driver;c:\windows\system32\drivers\MOSUMAC.SYS [2010-11-19 43520]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\drivers\ssudmdm.sys [2013-3-18 181344]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== Created Last 30 ================
.
2013-03-22 23:05:30 21104 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-03-22 23:05:30 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-03-22 19:27:27 -------- d-----w- c:\program files\ESET
2013-03-22 11:57:37 -------- d-sh--w- C:\$RECYCLE.BIN
2013-03-22 11:57:31 -------- d-----w- c:\users\chris\appdata\local\temp
2013-03-20 17:46:14 -------- d-----w- c:\program files\Emsisoft Anti-Malware
2013-03-18 21:09:17 83168 ----a-w- c:\windows\system32\drivers\ssudbus.sys
2013-03-18 21:09:17 181344 ----a-w- c:\windows\system32\drivers\ssudmdm.sys
2013-03-18 21:02:20 821824 ----a-w- c:\windows\system32\dgderapi.dll
2013-03-18 21:02:20 319456 ----a-w- c:\windows\system32\DIFxAPI.dll
2013-03-18 21:02:20 20032 ----a-w- c:\windows\system32\drivers\dgderdrv.sys
2013-03-18 13:42:27 -------- d-----w- c:\program files\RealNetworks
2013-03-18 13:42:26 -------- d-----w- c:\programdata\RealNetworks
2013-03-18 13:41:46 -------- d-----w- c:\program files\common files\xing shared
2013-03-17 23:23:05 15872 ----a-w- c:\windows\system32\drivers\usb8023.sys
2013-03-16 15:41:33 -------- d-----w- c:\program files\TunnelBear
2013-03-08 01:50:21 96664 ----a-w- c:\program files\mozilla firefox\webapprt-stub.exe
2013-03-01 23:36:42 164736 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-03-01 23:36:41 49248 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-03-01 08:53:04 -------- d-----w- C:\LeG_VGRs_Installation
.
==================== Find3M ====================
.
2013-03-22 22:23:38 861088 ----a-w- c:\windows\system32\npdeployJava1.dll
2013-03-22 22:23:38 782240 ----a-w- c:\windows\system32\deployJava1.dll
2013-03-15 22:58:55 73432 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-03-15 22:58:55 693976 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-03-06 23:33:24 765736 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-03-06 23:33:23 66336 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-03-06 23:33:23 199384 ----a-w- c:\windows\system32\drivers\aswNdis2.sys
2013-03-06 23:33:22 21576 ----a-w- c:\windows\system32\drivers\aswKbd.sys
2013-03-06 23:33:22 101656 ----a-w- c:\windows\system32\drivers\aswFW.sys
2013-03-06 23:32:51 41664 ----a-w- c:\windows\avastSS.scr
2013-03-03 19:50:21 499712 ----a-w- c:\windows\system32\msvcp71.dll
2013-02-05 17:53:34 4659712 ----a-w- c:\windows\system32\Redemption.dll
2013-02-05 17:52:54 90112 ----a-w- c:\windows\MAMCityDownload.ocx
2013-02-05 17:52:54 330240 ----a-w- c:\windows\MASetupCaller.dll
2013-02-05 17:52:54 30568 ----a-w- c:\windows\MusiccityDownload.exe
2013-02-02 03:38:35 1800704 ----a-w- c:\windows\system32\jscript9.dll
2013-02-02 03:30:32 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2013-02-02 03:30:21 1129472 ----a-w- c:\windows\system32\wininet.dll
2013-02-02 03:26:47 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2013-02-02 03:26:21 420864 ----a-w- c:\windows\system32\vbscript.dll
2013-02-02 03:23:28 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2013-01-05 05:26:01 3602808 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-01-05 05:26:01 3550072 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-01-04 11:28:18 905576 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-01-04 01:38:50 2048512 ----a-w- c:\windows\system32\win32k.sys
.
============= FINISH: 19:07:18.18 ===============