megabomination
Posts: 151 +0
Hi all. I installed windows seven in Feburary and besides PC being not quite as 'fresh' and IE being very slow the PC doesnt seem to have any irregular behaviour.
I however, havent set a system restore point yet so I thought it might be a good idea to get you lot(Guru's) to have a quick peak under the hood before I do so. Appreciate any help given.
Regards Adam.
Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 21/11/2014
Scan Time: 6:17:55 PM
Logfile: MBAM scan.txt
Administrator: Yes
Version: 2.00.3.1025
Malware Database: v2014.11.21.05
Rootkit Database: v2014.11.18.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
OS: Windows 7 Service Pack 1
CPU: x86
File System: NTFS
User: Adam
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 283401
Time Elapsed: 5 min, 57 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 0
(No malicious items detected)
Registry Values: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Folders: 0
(No malicious items detected)
Files: 0
(No malicious items detected)
Physical Sectors: 0
(No malicious items detected)
(end)
--------------------------------------------------------------------------------------------------------------------------
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 11.0.9600.17420
Run by Adam at 19:41:18 on 2014-11-21
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.61.1033.18.3583.2938 [GMT 11:00]
.
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\Google\Update\1.3.25.11\GoogleCrashHandler.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Windows\system\HsMgr.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\ASUS Xonar DGX Audio\Customapp\ASUSAUDIOCENTER.EXE
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\VIRGIN BROADBAND\VIRGIN BROADBAND.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\svchost.exe -k SDRSVC
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.techspot.com/
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
mRun: [AvastUI.exe] "c:\program files\avast software\avast\AvastUI.exe" /nogui
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [Cmaudio8788GX] c:\windows\system\HsMgr.exe Envoke
mRun: [Cmaudio8788] RunDll32 cmicnfgp.cpl,CMICtrlWnd
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
TCP: Interfaces\{31BC7A36-69EE-4CBF-908B-C0395ABD1E64} : DHCPNameServer = 192.168.9.1 192.168.9.1
TCP: Interfaces\{469C7788-1A20-4C51-B3C4-C6077CF2E005} : DHCPNameServer = 192.168.9.1 192.168.9.1
TCP: Interfaces\{B13F0638-6983-4BEC-9C9B-7AA35F8F669D} : DHCPNameServer = 192.168.9.1 192.168.9.1
TCP: Interfaces\{F5B5C681-BCB2-4666-BBAC-C6F6B084E16A} : DHCPNameServer = 192.168.9.1 192.168.9.1
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\39.0.2171.65\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;avast! Revert;c:\windows\system32\drivers\aswRvrt.sys [2014-2-16 49944]
R0 aswVmm;avast! VM Monitor;c:\windows\system32\drivers\aswVmm.sys [2014-2-16 192352]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswsnx.sys [2014-2-16 779536]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswsp.sys [2014-2-16 414520]
R2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys [2014-5-17 24184]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2014-2-16 67824]
R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2014-9-17 50344]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [2013-12-20 77824]
R3 cmudaxp;ASUS Xonar DGX Audio Interface;c:\windows\system32\drivers\cmudaxp.sys [2014-5-12 1762304]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\drivers\L1C62x86.sys [2009-6-11 50688]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswstm.sys [2014-2-16 71944]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes anti-malware\mbamscheduler.exe [2014-2-19 1871160]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]
S3 fssfltr;fssfltr;c:\windows\system32\drivers\fssfltr.sys [2014-2-21 49856]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2014-3-31 1512640]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\ieetwcollector.exe [2014-11-13 102912]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2010-11-21 52224]
S3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 27264]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2014-2-16 1343400]
S4 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2014-4-18 208896]
S4 VmbService;Vodafone Mobile Broadband Service;c:\program files\vodafone\vodafone mobile broadband\bin\VmbService.exe [2013-5-14 8704]
.
=============== Created Last 30 ================
.
2014-11-21 06:32:22 8941456 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{9feffa70-d690-4968-869f-5e4ceea31195}\mpengine.dll
2014-11-18 19:27:00 186880 ----a-w- c:\windows\system32\pku2u.dll
2014-11-18 19:26:59 550912 ----a-w- c:\windows\system32\kerberos.dll
2014-11-15 04:57:10 -------- d-sh--w- c:\users\adam\appdata\local\EmieBrowserModeList
2014-11-08 06:55:48 -------- d-----w- c:\program files\PENTAX
2014-11-08 06:54:57 225280 ----a-w- c:\program files\common files\installshield\iscript\iscript.dll
2014-11-08 06:54:56 77824 ----a-w- c:\program files\common files\installshield\engine\6\intel 32\ctor.dll
2014-11-08 06:54:56 32768 ----a-w- c:\program files\common files\installshield\engine\6\intel 32\objectps.dll
2014-11-08 06:54:56 176128 ----a-w- c:\program files\common files\installshield\engine\6\intel 32\iuser.dll
.
==================== Find3M ====================
.
2014-11-21 07:14:01 114904 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-11-12 08:41:05 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-11-12 08:41:05 701104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-11-06 03:28:20 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2014-11-06 03:28:06 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2014-11-06 03:13:43 501248 ----a-w- c:\windows\system32\vbscript.dll
2014-11-06 03:13:36 62464 ----a-w- c:\windows\system32\iesetup.dll
2014-11-06 03:12:44 47616 ----a-w- c:\windows\system32\ieetwproxystub.dll
2014-11-06 03:10:58 64000 ----a-w- c:\windows\system32\MshtmlDac.dll
2014-11-06 02:59:36 115712 ----a-w- c:\windows\system32\ieUnatt.exe
2014-11-06 02:59:34 102912 ----a-w- c:\windows\system32\ieetwcollector.exe
2014-11-06 02:58:38 620032 ----a-w- c:\windows\system32\jscript9diag.dll
2014-11-06 02:51:33 667648 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2014-11-06 02:42:36 60416 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2014-11-06 02:21:49 4298240 ----a-w- c:\windows\system32\jscript9.dll
2014-11-06 02:21:25 2051072 ----a-w- c:\windows\system32\inetcpl.cpl
2014-11-06 02:20:37 1155072 ----a-w- c:\windows\system32\mshtmlmedia.dll
2014-11-06 01:52:35 1892864 ----a-w- c:\windows\system32\wininet.dll
2014-11-05 17:50:47 254464 ----a-w- c:\windows\system32\generaltel.dll
2014-11-05 17:50:28 203776 ----a-w- c:\windows\system32\aepdu.dll
2014-11-05 17:47:40 302592 ----a-w- c:\windows\system32\aeinv.dll
2014-11-04 03:30:58 229000 ------w- c:\windows\system32\MpSigStub.exe
2014-10-25 01:32:37 67584 ----a-w- c:\windows\system32\packager.dll
2014-10-18 01:33:18 571904 ----a-w- c:\windows\system32\oleaut32.dll
2014-10-14 01:56:19 136632 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2014-10-14 01:50:50 523776 ----a-w- c:\windows\system32\termsrv.dll
2014-10-14 01:50:41 2363904 ----a-w- c:\windows\system32\msi.dll
2014-10-14 01:50:39 1059840 ----a-w- c:\windows\system32\lsasrv.dll
2014-10-14 01:47:30 146432 ----a-w- c:\windows\system32\msaudite.dll
2014-10-14 01:46:02 681984 ----a-w- c:\windows\system32\adtschema.dll
2014-10-10 00:45:54 2379264 ----a-w- c:\windows\system32\win32k.sys
2014-10-03 01:44:42 442880 ----a-w- c:\windows\system32\AUDIOKSE.dll
2014-10-03 01:44:31 275968 ----a-w- c:\windows\system32\EncDump.dll
2014-10-03 01:44:26 475136 ----a-w- c:\windows\system32\audiosrv.dll
2014-10-03 01:44:26 374784 ----a-w- c:\windows\system32\AudioEng.dll
2014-10-03 01:44:26 195584 ----a-w- c:\windows\system32\AudioSes.dll
2014-10-01 00:11:24 51928 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-10-01 00:11:14 75480 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-10-01 00:11:10 23256 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-09-25 01:40:50 519680 ----a-w- c:\windows\system32\qdvd.dll
2014-09-19 09:23:55 172032 ----a-w- c:\windows\system32\wdigest.dll
2014-09-19 09:23:52 65536 ----a-w- c:\windows\system32\TSpkg.dll
2014-09-19 09:23:49 248832 ----a-w- c:\windows\system32\schannel.dll
2014-09-19 09:23:46 221184 ----a-w- c:\windows\system32\ncrypt.dll
2014-09-19 09:23:45 259584 ----a-w- c:\windows\system32\msv1_0.dll
2014-09-19 09:23:36 17408 ----a-w- c:\windows\system32\credssp.dll
2014-09-17 07:30:26 71944 ----a-w- c:\windows\system32\drivers\aswstm.sys
2014-09-17 07:30:25 81768 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-09-17 07:30:25 779536 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2014-09-17 07:30:25 67824 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-09-17 07:30:25 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-09-17 07:30:25 24184 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2014-09-17 07:30:25 192352 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-09-17 07:30:24 43152 ----a-w- c:\windows\avastSS.scr
2014-09-09 21:47:10 2048 ----a-w- c:\windows\system32\tzres.dll
2014-09-04 05:04:15 372736 ----a-w- c:\windows\system32\rastls.dll
.
============= FINISH: 19:41:38.47 ===============
------------------------------------------------------------------------------------------------------------------------
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 15/02/2014 6:40:51 PM
System Uptime: 21/11/2014 5:28:08 PM (2 hours ago)
.
Motherboard: ASUSTeK Computer INC. | | P5G41T-M LX
Processor: Intel(R) Core(TM)2 Duo CPU E7500 @ 2.93GHz | LGA775 | 2936/266mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 466 GiB total, 337.527 GiB free.
D: is CDROM (CDFS)
E: is CDROM (CDFS)
F: is Removable
I: is Removable
J: is Removable
K: is Removable
L: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP120: 4/11/2014 9:22:29 PM - Windows Update
RP122: 8/11/2014 5:55:36 PM - Installed MediaImpression 3.0 for PENTAX
RP123: 9/11/2014 5:15:24 PM - Windows Update
RP124: 13/11/2014 7:14:25 PM - Windows Update
RP125: 19/11/2014 6:25:40 AM - Windows Update
RP126: 19/11/2014 6:38:51 AM - Windows Update
.
==== Installed Programs ======================
.
Adobe Flash Player 15 ActiveX
Adobe Premiere Pro 2.0
Adobe Reader XI (11.0.09)
AMD Accelerated Video Transcoding
AMD Catalyst Control Center
AMD Catalyst Install Manager
AMD Drag and Drop Transcoding
AMD Wireless Display v3.0
ASUS Xonar DGX Audio Driver
avast! Free Antivirus
Canon MP Navigator EX 1.0
Canon MP220 series
Canon My Printer
Canon Utilities Easy-PhotoPrint EX
Canon Utilities Solution Menu
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-utility
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
CCleaner
D3DX10
Far Cry 3
Google Chrome
Google Update Helper
Java 7 Update 55
Java Auto Updater
Junk Mail filter update
Malwarebytes Anti-Malware version 2.0.3.1025
MediaImpression 3.0 for PENTAX
Microsoft .NET Framework 4.5.1
Microsoft Application Error Reporting
Microsoft OneDrive
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727
Movie Maker
MSVCRT
MSVCRT110
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
OpenAL
Photo Common
Photo Gallery
PunkBuster Services
Raptr
ScanSoft OmniPage SE 4
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 4.5.1 (KB2894854v2)
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
Security Update for Microsoft .NET Framework 4.5.1 (KB2931368)
Security Update for Microsoft .NET Framework 4.5.1 (KB2972107)
Security Update for Microsoft .NET Framework 4.5.1 (KB2972216)
Security Update for Microsoft .NET Framework 4.5.1 (KB2978128)
Security Update for Microsoft .NET Framework 4.5.1 (KB2979578v2)
SketchUp 2014
Uplay
VIRGIN BROADBAND
Vodafone Mobile Broadband
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Mail
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
.
==== End Of File ===========================
I however, havent set a system restore point yet so I thought it might be a good idea to get you lot(Guru's) to have a quick peak under the hood before I do so. Appreciate any help given.
Regards Adam.
Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 21/11/2014
Scan Time: 6:17:55 PM
Logfile: MBAM scan.txt
Administrator: Yes
Version: 2.00.3.1025
Malware Database: v2014.11.21.05
Rootkit Database: v2014.11.18.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
OS: Windows 7 Service Pack 1
CPU: x86
File System: NTFS
User: Adam
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 283401
Time Elapsed: 5 min, 57 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 0
(No malicious items detected)
Registry Values: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Folders: 0
(No malicious items detected)
Files: 0
(No malicious items detected)
Physical Sectors: 0
(No malicious items detected)
(end)
--------------------------------------------------------------------------------------------------------------------------
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 11.0.9600.17420
Run by Adam at 19:41:18 on 2014-11-21
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.61.1033.18.3583.2938 [GMT 11:00]
.
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\Google\Update\1.3.25.11\GoogleCrashHandler.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Windows\system\HsMgr.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\ASUS Xonar DGX Audio\Customapp\ASUSAUDIOCENTER.EXE
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\VIRGIN BROADBAND\VIRGIN BROADBAND.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\svchost.exe -k SDRSVC
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.techspot.com/
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
mRun: [AvastUI.exe] "c:\program files\avast software\avast\AvastUI.exe" /nogui
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [Cmaudio8788GX] c:\windows\system\HsMgr.exe Envoke
mRun: [Cmaudio8788] RunDll32 cmicnfgp.cpl,CMICtrlWnd
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
TCP: Interfaces\{31BC7A36-69EE-4CBF-908B-C0395ABD1E64} : DHCPNameServer = 192.168.9.1 192.168.9.1
TCP: Interfaces\{469C7788-1A20-4C51-B3C4-C6077CF2E005} : DHCPNameServer = 192.168.9.1 192.168.9.1
TCP: Interfaces\{B13F0638-6983-4BEC-9C9B-7AA35F8F669D} : DHCPNameServer = 192.168.9.1 192.168.9.1
TCP: Interfaces\{F5B5C681-BCB2-4666-BBAC-C6F6B084E16A} : DHCPNameServer = 192.168.9.1 192.168.9.1
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\39.0.2171.65\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;avast! Revert;c:\windows\system32\drivers\aswRvrt.sys [2014-2-16 49944]
R0 aswVmm;avast! VM Monitor;c:\windows\system32\drivers\aswVmm.sys [2014-2-16 192352]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswsnx.sys [2014-2-16 779536]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswsp.sys [2014-2-16 414520]
R2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys [2014-5-17 24184]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2014-2-16 67824]
R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2014-9-17 50344]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [2013-12-20 77824]
R3 cmudaxp;ASUS Xonar DGX Audio Interface;c:\windows\system32\drivers\cmudaxp.sys [2014-5-12 1762304]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\drivers\L1C62x86.sys [2009-6-11 50688]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswstm.sys [2014-2-16 71944]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes anti-malware\mbamscheduler.exe [2014-2-19 1871160]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]
S3 fssfltr;fssfltr;c:\windows\system32\drivers\fssfltr.sys [2014-2-21 49856]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2014-3-31 1512640]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\ieetwcollector.exe [2014-11-13 102912]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2010-11-21 52224]
S3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 27264]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2014-2-16 1343400]
S4 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2014-4-18 208896]
S4 VmbService;Vodafone Mobile Broadband Service;c:\program files\vodafone\vodafone mobile broadband\bin\VmbService.exe [2013-5-14 8704]
.
=============== Created Last 30 ================
.
2014-11-21 06:32:22 8941456 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{9feffa70-d690-4968-869f-5e4ceea31195}\mpengine.dll
2014-11-18 19:27:00 186880 ----a-w- c:\windows\system32\pku2u.dll
2014-11-18 19:26:59 550912 ----a-w- c:\windows\system32\kerberos.dll
2014-11-15 04:57:10 -------- d-sh--w- c:\users\adam\appdata\local\EmieBrowserModeList
2014-11-08 06:55:48 -------- d-----w- c:\program files\PENTAX
2014-11-08 06:54:57 225280 ----a-w- c:\program files\common files\installshield\iscript\iscript.dll
2014-11-08 06:54:56 77824 ----a-w- c:\program files\common files\installshield\engine\6\intel 32\ctor.dll
2014-11-08 06:54:56 32768 ----a-w- c:\program files\common files\installshield\engine\6\intel 32\objectps.dll
2014-11-08 06:54:56 176128 ----a-w- c:\program files\common files\installshield\engine\6\intel 32\iuser.dll
.
==================== Find3M ====================
.
2014-11-21 07:14:01 114904 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-11-12 08:41:05 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-11-12 08:41:05 701104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-11-06 03:28:20 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2014-11-06 03:28:06 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2014-11-06 03:13:43 501248 ----a-w- c:\windows\system32\vbscript.dll
2014-11-06 03:13:36 62464 ----a-w- c:\windows\system32\iesetup.dll
2014-11-06 03:12:44 47616 ----a-w- c:\windows\system32\ieetwproxystub.dll
2014-11-06 03:10:58 64000 ----a-w- c:\windows\system32\MshtmlDac.dll
2014-11-06 02:59:36 115712 ----a-w- c:\windows\system32\ieUnatt.exe
2014-11-06 02:59:34 102912 ----a-w- c:\windows\system32\ieetwcollector.exe
2014-11-06 02:58:38 620032 ----a-w- c:\windows\system32\jscript9diag.dll
2014-11-06 02:51:33 667648 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2014-11-06 02:42:36 60416 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2014-11-06 02:21:49 4298240 ----a-w- c:\windows\system32\jscript9.dll
2014-11-06 02:21:25 2051072 ----a-w- c:\windows\system32\inetcpl.cpl
2014-11-06 02:20:37 1155072 ----a-w- c:\windows\system32\mshtmlmedia.dll
2014-11-06 01:52:35 1892864 ----a-w- c:\windows\system32\wininet.dll
2014-11-05 17:50:47 254464 ----a-w- c:\windows\system32\generaltel.dll
2014-11-05 17:50:28 203776 ----a-w- c:\windows\system32\aepdu.dll
2014-11-05 17:47:40 302592 ----a-w- c:\windows\system32\aeinv.dll
2014-11-04 03:30:58 229000 ------w- c:\windows\system32\MpSigStub.exe
2014-10-25 01:32:37 67584 ----a-w- c:\windows\system32\packager.dll
2014-10-18 01:33:18 571904 ----a-w- c:\windows\system32\oleaut32.dll
2014-10-14 01:56:19 136632 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2014-10-14 01:50:50 523776 ----a-w- c:\windows\system32\termsrv.dll
2014-10-14 01:50:41 2363904 ----a-w- c:\windows\system32\msi.dll
2014-10-14 01:50:39 1059840 ----a-w- c:\windows\system32\lsasrv.dll
2014-10-14 01:47:30 146432 ----a-w- c:\windows\system32\msaudite.dll
2014-10-14 01:46:02 681984 ----a-w- c:\windows\system32\adtschema.dll
2014-10-10 00:45:54 2379264 ----a-w- c:\windows\system32\win32k.sys
2014-10-03 01:44:42 442880 ----a-w- c:\windows\system32\AUDIOKSE.dll
2014-10-03 01:44:31 275968 ----a-w- c:\windows\system32\EncDump.dll
2014-10-03 01:44:26 475136 ----a-w- c:\windows\system32\audiosrv.dll
2014-10-03 01:44:26 374784 ----a-w- c:\windows\system32\AudioEng.dll
2014-10-03 01:44:26 195584 ----a-w- c:\windows\system32\AudioSes.dll
2014-10-01 00:11:24 51928 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-10-01 00:11:14 75480 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-10-01 00:11:10 23256 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-09-25 01:40:50 519680 ----a-w- c:\windows\system32\qdvd.dll
2014-09-19 09:23:55 172032 ----a-w- c:\windows\system32\wdigest.dll
2014-09-19 09:23:52 65536 ----a-w- c:\windows\system32\TSpkg.dll
2014-09-19 09:23:49 248832 ----a-w- c:\windows\system32\schannel.dll
2014-09-19 09:23:46 221184 ----a-w- c:\windows\system32\ncrypt.dll
2014-09-19 09:23:45 259584 ----a-w- c:\windows\system32\msv1_0.dll
2014-09-19 09:23:36 17408 ----a-w- c:\windows\system32\credssp.dll
2014-09-17 07:30:26 71944 ----a-w- c:\windows\system32\drivers\aswstm.sys
2014-09-17 07:30:25 81768 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-09-17 07:30:25 779536 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2014-09-17 07:30:25 67824 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-09-17 07:30:25 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-09-17 07:30:25 24184 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2014-09-17 07:30:25 192352 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-09-17 07:30:24 43152 ----a-w- c:\windows\avastSS.scr
2014-09-09 21:47:10 2048 ----a-w- c:\windows\system32\tzres.dll
2014-09-04 05:04:15 372736 ----a-w- c:\windows\system32\rastls.dll
.
============= FINISH: 19:41:38.47 ===============
------------------------------------------------------------------------------------------------------------------------
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 15/02/2014 6:40:51 PM
System Uptime: 21/11/2014 5:28:08 PM (2 hours ago)
.
Motherboard: ASUSTeK Computer INC. | | P5G41T-M LX
Processor: Intel(R) Core(TM)2 Duo CPU E7500 @ 2.93GHz | LGA775 | 2936/266mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 466 GiB total, 337.527 GiB free.
D: is CDROM (CDFS)
E: is CDROM (CDFS)
F: is Removable
I: is Removable
J: is Removable
K: is Removable
L: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP120: 4/11/2014 9:22:29 PM - Windows Update
RP122: 8/11/2014 5:55:36 PM - Installed MediaImpression 3.0 for PENTAX
RP123: 9/11/2014 5:15:24 PM - Windows Update
RP124: 13/11/2014 7:14:25 PM - Windows Update
RP125: 19/11/2014 6:25:40 AM - Windows Update
RP126: 19/11/2014 6:38:51 AM - Windows Update
.
==== Installed Programs ======================
.
Adobe Flash Player 15 ActiveX
Adobe Premiere Pro 2.0
Adobe Reader XI (11.0.09)
AMD Accelerated Video Transcoding
AMD Catalyst Control Center
AMD Catalyst Install Manager
AMD Drag and Drop Transcoding
AMD Wireless Display v3.0
ASUS Xonar DGX Audio Driver
avast! Free Antivirus
Canon MP Navigator EX 1.0
Canon MP220 series
Canon My Printer
Canon Utilities Easy-PhotoPrint EX
Canon Utilities Solution Menu
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-utility
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
CCleaner
D3DX10
Far Cry 3
Google Chrome
Google Update Helper
Java 7 Update 55
Java Auto Updater
Junk Mail filter update
Malwarebytes Anti-Malware version 2.0.3.1025
MediaImpression 3.0 for PENTAX
Microsoft .NET Framework 4.5.1
Microsoft Application Error Reporting
Microsoft OneDrive
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727
Movie Maker
MSVCRT
MSVCRT110
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
OpenAL
Photo Common
Photo Gallery
PunkBuster Services
Raptr
ScanSoft OmniPage SE 4
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 4.5.1 (KB2894854v2)
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
Security Update for Microsoft .NET Framework 4.5.1 (KB2931368)
Security Update for Microsoft .NET Framework 4.5.1 (KB2972107)
Security Update for Microsoft .NET Framework 4.5.1 (KB2972216)
Security Update for Microsoft .NET Framework 4.5.1 (KB2978128)
Security Update for Microsoft .NET Framework 4.5.1 (KB2979578v2)
SketchUp 2014
Uplay
VIRGIN BROADBAND
Vodafone Mobile Broadband
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Mail
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
.
==== End Of File ===========================