BillAllen55
Posts: 363 +0
My computer is having performance issues. (slow sluggish) After uninstalling Kaspersky anti-spyware my Outlook PST file is now missing resulting in all of my inbound and contacts/calendar entries are missing. Please see requested files from my malware scan and DDS scan. Please accepts my appreciation in advance for whatever assistance you can provide.
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Database version: v2013.12.01.06
Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 11.0.9600.16428
Owner :: OWNER-PC [administrator]
12/1/2013 12:29:10 PM
MBAM-log-2013-12-01 (13-46-26).txt
Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 349864
Time elapsed: 1 hour(s), 16 minute(s), 52 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 4
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{10AD2C61-0898-4348-8600-14A342F22AC3} (PUP.Optional.ScorpionSaver) -> No action taken.
HKCU\Software\Conduit\FF (PUP.Optional.Conduit.A) -> No action taken.
HKCU\SOFTWARE\SEARCHPROTECT (PUP.Optional.SearchProtect.A) -> No action taken.
HKLM\SOFTWARE\Scorpion Saver (PUP.Optional.ScorpionSaver) -> No action taken.
Registry Values Detected: 1
HKCU\Software\SearchProtect|IELastInstalledTBHomepage (PUP.Optional.SearchProtect.A) -> Data: http://search.conduit.com?SearchSource=10&CUI=UN42971736467971392&UM=2&ctid=CT3306061 -> No action taken.
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 3
C:\Users\Owner\AppData\Local\temp\ct3306061 (PUP.Optional.Conduit.A) -> No action taken.
C:\ProgramData\Conduit\IE (PUP.Optional.Conduit.A) -> No action taken.
C:\ProgramData\Conduit\IE\CT3306061 (PUP.Optional.Conduit.A) -> No action taken.
Files Detected: 31
C:\AdwCleaner\Quarantine\C\Program Files\weDownload Manager Pro\utils.exe.vir (PUP.Optional.WeDownload.A) -> No action taken.
C:\AdwCleaner\Quarantine\C\Program Files\weDownload Manager Pro\weDownload Manager Pro-bg.exe.vir (PUP.Optional.WeDownload.A) -> No action taken.
C:\AdwCleaner\Quarantine\C\Program Files\weDownload Manager Pro\weDownload Manager Pro-buttonutil.exe.vir (PUP.Optional.WeDownload.A) -> No action taken.
C:\AdwCleaner\Quarantine\C\Program Files\weDownload Manager Pro\weDownload Manager Pro-chromeinstaller.exe.vir (PUP.Optional.WeDownload.A) -> No action taken.
C:\AdwCleaner\Quarantine\C\Program Files\weDownload Manager Pro\weDownload Manager Pro-codedownloader.exe.vir (PUP.Optional.WeDownload.A) -> No action taken.
C:\AdwCleaner\Quarantine\C\Program Files\weDownload Manager Pro\weDownload Manager Pro-enabler.exe.vir (PUP.Optional.WeDownload.A) -> No action taken.
C:\AdwCleaner\Quarantine\C\Program Files\weDownload Manager Pro\weDownload Manager Pro-firefoxinstaller.exe.vir (PUP.Optional.WeDownload.A) -> No action taken.
C:\AdwCleaner\Quarantine\C\Program Files\weDownload Manager Pro\weDownload Manager Pro-updater.exe.vir (PUP.Optional.WeDownload.A) -> No action taken.
C:\Users\Owner\AppData\Local\temp\nsi44B1.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Owner\AppData\Local\temp\SPStub.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Owner\AppData\Local\temp\nsi910E.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Owner\AppData\Local\temp\nsjE0E3.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Owner\AppData\Local\temp\nsy20B0.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Owner\AppData\Local\temp\nsy79A5.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Owner\AppData\Local\temp\nsyCB9B.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Owner\AppData\Local\temp\nsyF911.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Owner\AppData\Local\temp\ct3306061\chLogic.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Owner\AppData\Local\temp\ct3306061\ctbe.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Owner\AppData\Local\temp\ct3306061\ffLogic.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Owner\AppData\Local\temp\ct3306061\ieLogic.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Owner\AppData\Local\temp\ct3306061\spch.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Owner\AppData\Local\temp\ct3306061\spff.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Owner\AppData\Local\temp\ct3306061\statisticsStub.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Owner\AppData\Local\temp\ct3306061\stub.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Owner\Downloads\Adobe%20Flash%20Player%2011(1).exe (PUP.Optional.BundleInstaller.A) -> No action taken.
C:\Users\Owner\Downloads\Adobe%20Flash%20Player%2011.exe (PUP.Optional.BundleInstaller.A) -> No action taken.
C:\Users\Owner\AppData\Local\temp\ct3306061\chromeid.txt (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Owner\AppData\Local\temp\ct3306061\conduit.xml (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Owner\AppData\Local\temp\ct3306061\CT3306061.xpi (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Owner\AppData\Local\temp\ct3306061\setup.ini.txt (PUP.Optional.Conduit.A) -> No action taken.
C:\ProgramData\Conduit\IE\CT3306061\UninstallerUI.exe (PUP.Optional.Conduit.A) -> No action taken.
(end)
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 11.0.9600.16428
Run by Owner at 12:29:57 on 2013-12-01
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.2038.448 [GMT -8:00]
.
AV: Avira Desktop *Enabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Enabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe
C:\Windows\system32\crypserv.exe
C:\Program Files\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe
C:\Program Files\Level Quality Watcher\v1.01\levelqualitywatcher32.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
C:\Windows\System32\snmp.exe
C:\Windows\system32\STacSV.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Dell\QuickSet\NicConfigSvc.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Windows\system32\msiexec.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_12_0_0_17.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_12_0_0_17.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\System32\svchost.exe -k secsvcs
.
============== Pseudo HJT Report ===============
.
uSearch Bar = hxxp://www.google.com/ie
uSearch Page = hxxp://www.google.com
uDefault_Search_URL = hxxp://www.google.com/ie
uProxyServer = hxxp=127.0.0.1:49163;https=127.0.0.1:49163
uProxyOverride = <-loopback>
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
mSearchAssistant = hxxp://www.google.com/ie
mURLSearchHooks: {8480b7b1-a45c-4feb-8653-60f834f7ca4b} - <orphaned>
uPolicies-Explorer: NoDriveTypeAutoRun = dword:1
uPolicies-Explorer: NoDriveAutoRun- = dword:0
uPolicies-Explorer: NoDriveTypeAutoRun- = dword:0
uPolicies-Explorer: NoDriveAutoRun = dword:67108863
uPolicies-Explorer: NoDrives = dword:0
uPolicies-System: NoScrSavPage = dword:0
uPolicies-System: NoDispApprearancePage = dword:0
mPolicies-Explorer: NoDriveAutoRun- = dword:0
mPolicies-Explorer: NoDriveTypeAutoRun- = dword:0
mPolicies-Explorer: NoDriveAutoRun = dword:67108863
mPolicies-Explorer: NoDriveTypeAutoRun = dword:253
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
TCP: NameServer = 216.228.160.7 216.228.160.8 216.228.160.5 216.228.160.6
TCP: Interfaces\{07AE6EC5-2B47-403F-BBC0-4AF2A6DB3EDE} : NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{153AD536-538C-4465-AFC8-58B94BDEC93D} : NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{22542FF5-7590-40F2-9B2A-5FB89C04FAA9} : NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{4966B34F-BFAF-49D2-9DC8-FFF506C7304A} : NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{4966B34F-BFAF-49D2-9DC8-FFF506C7304A} : DHCPNameServer = 198.224.166.135 198.224.167.135
TCP: Interfaces\{4DCB2D10-C777-443E-89A6-979AD115657B} : NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{518CD836-4FC2-4A22-AE14-B86249DAFE29} : NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{AE2C0F72-3496-4135-9EC1-A45251CA19E9} : NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{AE2C0F72-3496-4135-9EC1-A45251CA19E9} : DHCPNameServer = 216.228.160.7 216.228.160.8 216.228.160.5 216.228.160.6
TCP: Interfaces\{AE2C0F72-3496-4135-9EC1-A45251CA19E9}\3616D6075737F577962756C6563737 : NameServer = 8.8.8.8,216.228.160.7
TCP: Interfaces\{AE2C0F72-3496-4135-9EC1-A45251CA19E9}\3616D6075737F577962756C6563737 : DHCPNameServer = 172.16.44.186 172.16.44.185
TCP: Interfaces\{AE2C0F72-3496-4135-9EC1-A45251CA19E9}\4656661657C647 : NameServer = 205.171.3.25,216.228.160.7
TCP: Interfaces\{AE2C0F72-3496-4135-9EC1-A45251CA19E9}\4656661657C647 : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{AE2C0F72-3496-4135-9EC1-A45251CA19E9}\F40756E60234F6D6D657E696479702E4564777F627B6 : NameServer = 8.8.8.8,216.228.160.7
TCP: Interfaces\{AE2C0F72-3496-4135-9EC1-A45251CA19E9}\F40756E60234F6D6D657E696479702E4564777F627B6 : DHCPNameServer = 216.228.160.7 216.228.160.8 216.228.160.5
TCP: Interfaces\{B819E948-EA6F-41CF-9848-95199EBFC197} : NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{B925B4EC-95DC-4FC3-9E8E-68F2E330D626} : NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{E17B4E4D-9C95-4C58-B453-5AA9E72A2EC8} : NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{EF1A7DF2-51C7-439F-AD61-408A50762872} : NameServer = 8.8.8.8,8.8.4.4
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - <orphaned>
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Notify: igfxcui - igfxdev.dll
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
SEH: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - c:\program files\superantispyware\SASSEH.DLL
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\31.0.1650.57\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\owner\appdata\roaming\mozilla\firefox\profiles\16hca966.default-1378132565160\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3306061&CUI=UN53349359313028257&UM=2&SearchSource=3&q={searchTerms}
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3306061&SearchSource=2&CUI=UN53349359313028257&UM=2&q=
FF - prefs.js: network.proxy.type - 4
FF - plugin: c:\mozilla plugins\npitunes.dll
FF - plugin: c:\progra~1\micros~3\office14\NPSPWRAP.DLL
FF - plugin: c:\program files\adobe\reader 11.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\canon\easy-photoprint ex\NPEZFFPI.DLL
FF - plugin: c:\program files\google\google updater\2.4.2432.1652\npCIDetect14.dll
FF - plugin: c:\program files\google\picasa3\npPicasa3.dll
FF - plugin: c:\program files\google\update\1.3.21.165\npGoogleUpdate3.dll
FF - plugin: c:\users\owner\appdata\roaming\mozilla\firefox\profiles\16hca966.default-1378132565160\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\plugins\np-mswmp.dll
FF - plugin: c:\users\owner\appdata\roaming\mozilla\firefox\profiles\16hca966.default-1378132565160\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\plugins\npConduitFirefoxPlugin.dll
FF - plugin: c:\windows\system32\adobe\director\np32dsw_1205146.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_12_0_0_17.dll
FF - ExtSQL: 2013-12-01 11:43; {d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}; c:\users\owner\appdata\roaming\mozilla\firefox\profiles\16hca966.default-1378132565160\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}
.
---- FIREFOX POLICIES ----
.
FF - user.js: extensions.enabledAddons - sp2@sp.com:1.0
FF - user.js: extensions.shownSelectionUI - true
FF - user.js: extensions.enabledScopes - 15
user_pref(extensions.newAddons,false);
.
.
.
.
.
============= SERVICES / DRIVERS ===============
.
R0 MxEFUF;Matrox Extio Upper Function Filter;c:\windows\system32\drivers\MxEFUF32.sys [2012-8-9 102728]
R0 SmartDefragDriver;SmartDefragDriver;c:\windows\system32\drivers\SmartDefragDriver.sys [2012-1-14 15672]
R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [2013-11-9 37664]
R1 avkmgr;avkmgr;c:\windows\system32\drivers\avkmgr.sys [2013-11-30 37352]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2013-5-23 119056]
R2 AntiVirService;Avira Real-Time Protection;c:\program files\avira\antivir desktop\avguard.exe [2013-11-30 440376]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2013-11-30 90400]
R2 avnetflt;avnetflt;c:\windows\system32\drivers\avnetflt.sys [2013-11-30 67680]
R2 BrcmMgmtAgent;Broadcom Management Agent;c:\program files\broadcom\mgmtagent\BrcmMgmtAgent.exe [2012-8-2 154624]
R2 IHA_MessageCenter;IHA_MessageCenter;c:\program files\verizon\iha_messagecenter\bin\Verizon_IHAMessageCenter.exe [2012-8-3 350792]
R2 Level Quality Watcher;Level Quality Watcher;c:\program files\level quality watcher\v1.01\levelqualitywatcher32.exe run options=01110010000000000000000000000000 sourceguid=f5d333a8-c748-4686-ae0a-9e008f670c22 --> c:\program files\level quality watcher\v1.01\levelqualitywatcher32.exe run options=01110010000000000000000000000000 sourceguid=F5D333A8-C748-4686-AE0A-9E008F670C22 [?]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2012-9-4 384824]
R3 BTHFILT;Bluetooth Command Filter;c:\windows\system32\drivers\BthFilt.sys [2011-12-17 13824]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2013-12-1 40776]
R3 NETwLv32; Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\drivers\NETwLv32.sys [2012-8-19 6637056]
R3 Sftplay;Sftplay;c:\windows\system32\drivers\Sftplaywin7.sys [2011-10-1 194408]
R3 Sftvol;Sftvol;c:\windows\system32\drivers\Sftvolwin7.sys [2011-10-1 19304]
R3 sftvsa;Application Virtualization Service Agent;c:\program files\microsoft application virtualization client\sftvsa.exe [2011-10-1 219496]
S2 AntiVirSchedulerService;Avira Scheduler;c:\program files\avira\antivir desktop\sched.exe [2013-11-30 440376]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 cvhsvc;Client Virtualization Handler;c:\program files\common files\microsoft shared\virtualization handler\CVHSVC.EXE [2012-2-7 822624]
S2 sftlist;Application Virtualization Client;c:\program files\microsoft application virtualization client\sftlist.exe [2011-10-1 508776]
S3 BTCFilterService;USB Networking Driver Filter Service;c:\windows\system32\drivers\motfilt.sys [2009-1-29 6016]
S3 cpudrv;cpudrv;c:\program files\systemrequirementslab\cpudrv.sys [2009-12-18 11336]
S3 dfg;dfg;c:\windows\system32\drivers\dfg.sys [2012-11-22 23552]
S3 efavdrv;efavdrv;c:\windows\system32\drivers\efavdrv.sys [2012-9-3 115008]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\ieetwcollector.exe [2013-11-16 108032]
S3 JQIVQWH;JQIVQWH;c:\users\owner\appdata\local\temp\jqivqwh.exe --> c:\users\owner\appdata\local\temp\JQIVQWH.exe [?]
S3 KV;KV;c:\users\owner\appdata\local\temp\kv.exe --> c:\users\owner\appdata\local\temp\KV.exe [?]
S3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\drivers\motccgp.sys [2012-6-11 20864]
S3 motccgpfl;MotCcgpFlService;c:\windows\system32\drivers\motccgpfl.sys [2012-1-25 8448]
S3 Motousbnet;Motorola USB Networking Driver Service;c:\windows\system32\drivers\Motousbnet.sys [2012-6-8 23808]
S3 motusbdevice;Motorola USB Dev Driver;c:\windows\system32\drivers\motusbdevice.sys [2011-11-8 11008]
S3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\drivers\netaapl.sys [2012-3-26 18432]
S3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\drivers\NETw5v32.sys [2009-5-28 4233728]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-10-31 14848]
S3 RegGuard;RegGuard;c:\windows\system32\drivers\regguard.sys [2012-8-23 24416]
S3 Sftfs;Sftfs;c:\windows\system32\drivers\Sftfswin7.sys [2011-10-1 581480]
S3 Sftredir;Sftredir;c:\windows\system32\drivers\Sftredirwin7.sys [2011-10-1 21864]
S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\drivers\VSTAZL3.SYS [2009-7-13 207360]
S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\drivers\VSTDPV3.SYS [2009-7-13 980992]
S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\drivers\VSTCNXT3.SYS [2009-7-13 661504]
S3 SWDUMon;SWDUMon;c:\windows\system32\drivers\SWDUMon.sys [2011-12-17 13464]
S3 Te.Service;Te.Service;c:\program files\windows kits\8.0\testing\runtimes\taef\Wex.Services.exe [2012-7-25 94208]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2012-10-31 49664]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2011-3-13 1343400]
S4 AJNZPONDLY;AJNZPONDLY;c:\users\owner\appdata\local\temp\ajnzpondly.exe --> c:\users\owner\appdata\local\temp\AJNZPONDLY.exe [?]
S4 AntiVirWebService;Avira Web Protection;c:\program files\avira\antivir desktop\avwebg7.exe [2013-11-30 1164360]
S4 BthFilterHelper;Bluetooth Feature Support;c:\program files\csr\vista profile pack\BthFilterHelper.exe [2006-11-7 127488]
S4 Motorola Device Manager;Motorola Device Manager Service;c:\program files\motorola mobility\motorola device manager\MotoHelperService.exe [2012-10-23 120728]
S4 PST Service;PST Service;c:\program files\motorola\motforwarddaemon\ForwardDaemon.exe [2012-6-15 65657]
S4 VYGTB;VYGTB;c:\users\owner\appdata\local\temp\vygtb.exe --> c:\users\owner\appdata\local\temp\VYGTB.exe [?]
S4 XHSJPQ;XHSJPQ;c:\users\owner\appdata\local\temp\xhsjpq.exe --> c:\users\owner\appdata\local\temp\XHSJPQ.exe [?]
SUnknown vToolbarUpdater17.1.2;vToolbarUpdater17.1.2; [x]
.
=============== Created Last 30 ================
.
2013-12-01 20:28:30 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2013-12-01 19:55:28 -------- d-----w- C:\temp
2013-12-01 19:55:26 -------- d-----w- c:\program files\Level Quality Watcher
2013-12-01 19:54:57 -------- d-----w- c:\program files\MyPC Backup
2013-12-01 19:44:26 -------- d-----w- c:\programdata\Conduit
2013-12-01 19:44:08 -------- d-----w- c:\users\owner\appdata\local\NativeMessaging
2013-12-01 19:44:06 -------- d-----w- c:\users\owner\appdata\local\Conduit
2013-12-01 19:44:02 -------- d-----w- c:\users\owner\appdata\local\CRE
2013-12-01 19:44:00 -------- d-----w- c:\program files\Conduit
2013-12-01 19:34:46 -------- d-----w- c:\users\owner\appdata\local\ElevatedDiagnostics
2013-12-01 17:48:01 -------- d-----w- c:\users\owner\appdata\local\Adobe
2013-12-01 17:47:23 -------- d-----w- c:\programdata\CrypKey
2013-12-01 17:46:20 27648 ----a-r- c:\windows\Setup_ck.exe
2013-12-01 17:46:20 19584 ----a-w- c:\windows\system32\Ckldrv.sys
2013-12-01 17:46:20 18432 ----a-w- c:\windows\Setup_ck.dll
2013-12-01 17:46:20 165888 ----a-w- c:\windows\Ckconfig.exe
2013-12-01 17:46:20 122880 ----a-w- c:\windows\system32\Crypserv.exe
2013-12-01 17:46:20 11776 ----a-w- c:\windows\Ckrfresh.exe
2013-12-01 17:46:16 -------- d-----w- c:\program files\Stellar Phoenix Outlook PST Repair
2013-12-01 17:45:51 10016840 ----a-w- C:\spopr.exe
2013-12-01 17:45:42 -------- d-----w- c:\users\owner\appdata\local\Programs
2013-12-01 17:12:28 -------- d-----w- c:\users\owner\appdata\local\Apple Computer
2013-12-01 16:35:38 -------- d-----w- c:\users\owner\appdata\local\Microsoft Help
2013-11-30 19:50:05 -------- d-----w- c:\users\owner\appdata\local\Macromedia
2013-11-30 19:49:41 -------- d-----w- c:\users\owner\appdata\local\Mozilla
2013-11-30 19:23:46 -------- d-----w- c:\users\owner\appdata\local\Diagnostics
2013-11-30 19:20:48 -------- d-----w- c:\users\owner\appdata\local\Google
2013-11-30 17:42:17 -------- d-----w- c:\users\owner\appdata\roaming\Avira
2013-11-30 17:35:04 67680 ----a-w- c:\windows\system32\drivers\avnetflt.sys
2013-11-30 17:35:04 37352 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2013-11-30 17:35:03 90400 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2013-11-30 17:35:01 -------- d-----w- c:\program files\Avira
2013-11-28 22:17:40 1796096 ----a-w- c:\windows\system32\authui.dll
2013-11-28 22:17:40 168960 ----a-w- c:\windows\system32\credui.dll
2013-11-28 22:17:40 152576 ----a-w- c:\windows\system32\SmartcardCredentialProvider.dll
2013-11-28 22:17:32 434688 ----a-w- c:\windows\system32\scavengeui.dll
2013-11-28 22:17:26 81920 ----a-w- c:\windows\system32\davclnt.dll
2013-11-28 22:17:26 205824 ----a-w- c:\windows\system32\WebClnt.dll
2013-11-28 22:17:26 115712 ----a-w- c:\windows\system32\drivers\mrxdav.sys
2013-11-28 21:46:27 -------- d-----w- c:\programdata\Kaspersky Lab
2013-11-28 21:01:52 -------- d-----w- c:\programdata\CDB
2013-11-28 20:47:08 -------- d-sh--w- C:\$RECYCLE.BIN
2013-11-28 20:44:40 -------- d-----w- c:\users\owner\appdata\local\temp
2013-11-28 20:24:31 -------- d-----w- c:\program files\sp
2013-11-28 19:43:24 -------- d-----w- c:\users\owner\appdata\local\Mozilla Firefox
2013-11-24 17:05:13 -------- d-----w- C:\AdwCleaner
2013-11-24 16:28:23 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2013-11-24 16:27:48 75992 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2013-11-16 18:50:02 99840 ----a-w- c:\windows\system32\sspicli.dll
2013-11-16 18:50:02 67520 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2013-11-16 18:50:02 369848 ----a-w- c:\windows\system32\drivers\cng.sys
2013-11-16 18:50:02 247808 ----a-w- c:\windows\system32\schannel.dll
2013-11-16 18:50:02 220160 ----a-w- c:\windows\system32\ncrypt.dll
2013-11-16 18:50:02 22016 ----a-w- c:\windows\system32\secur32.dll
2013-11-16 18:50:02 22016 ----a-w- c:\windows\system32\lsass.exe
2013-11-16 18:50:02 15872 ----a-w- c:\windows\system32\sspisrv.dll
2013-11-16 18:50:02 136640 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2013-11-16 18:50:02 1038848 ----a-w- c:\windows\system32\lsasrv.dll
2013-11-16 18:50:00 305152 ----a-w- c:\windows\system32\gdi32.dll
2013-11-16 18:49:58 679424 ----a-w- c:\windows\system32\IKEEXT.DLL
2013-11-16 18:49:57 656896 ----a-w- c:\windows\system32\nshwfp.dll
2013-11-16 18:49:57 216576 ----a-w- c:\windows\system32\FWPUCLNT.DLL
2013-11-16 18:49:53 1168384 ----a-w- c:\windows\system32\crypt32.dll
2013-11-16 18:23:59 338944 ----a-w- c:\windows\system32\drivers\afd.sys
2013-11-16 18:23:59 231424 ----a-w- c:\windows\system32\mswsock.dll
2013-11-16 18:23:59 1294272 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-11-09 23:44:08 37664 ----a-w- c:\windows\system32\drivers\avgtpx86.sys
2013-11-09 23:43:32 -------- d-----w- c:\program files\SlimDrivers
2013-11-09 23:33:43 -------- d-----w- C:\Mozilla Plugins
2013-11-09 23:33:43 -------- d-----w- C:\iTunesMiniPlayer.Resources
2013-11-09 23:33:42 -------- d-----w- C:\iTunesHelper.Resources
2013-11-09 23:33:06 -------- d-----w- C:\iTunes.Resources
2013-11-09 23:33:05 -------- d-----w- c:\program files\iPod
2013-11-09 23:32:59 -------- d-----w- c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1
2013-11-09 23:32:59 -------- d-----w- C:\CD Configuration
2013-11-02 08:29:46 293192 ----a-w- C:\iTunesOutlookAddIn.dll
2013-11-02 08:29:44 9789256 ----a-w- C:\iTunes.exe
2013-11-02 08:29:44 405320 ----a-w- C:\iTunesAdmin.dll
2013-11-02 08:29:44 152392 ----a-w- C:\iTunesHelper.exe
2013-11-02 08:29:44 148808 ----a-w- C:\iTunesHelper.dll
2013-11-02 08:29:44 117576 ----a-w- C:\iTunesMiniPlayer.dll
2013-11-02 08:29:36 25449288 ----a-w- C:\iTunes.dll
2013-11-02 08:29:34 776216 ----a-w- C:\gnsdk_sdkmanager.dll
2013-11-02 08:29:34 649032 ----a-w- C:\iPodUpdaterExt.dll
2013-11-02 08:29:34 3008536 ----a-w- C:\gnsdk_dsp.dll
2013-11-02 08:29:34 262680 ----a-w- C:\gnsdk_submit.dll
2013-11-02 08:29:34 219672 ----a-w- C:\gnsdk_musicid.dll
.
==================== Find3M ====================
.
2013-11-30 19:23:41 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-11-30 19:23:41 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-11-28 20:07:03 13464 ----a-w- c:\windows\system32\drivers\SWDUMon.sys
2013-11-19 11:33:38 230048 ------w- c:\windows\system32\MpSigStub.exe
2013-10-02 02:15:34 112968 ----a-w- C:\ITDetector.ocx
2013-10-02 02:15:32 1741128 ----a-w- C:\iAdCore.dll
2013-09-04 01:15:32 258560 ----a-w- c:\windows\system32\drivers\usbhub.sys
2013-09-04 01:14:52 76288 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2013-09-04 01:14:52 284672 ----a-w- c:\windows\system32\drivers\usbport.sys
2013-09-04 01:14:45 43008 ----a-w- c:\windows\system32\drivers\usbehci.sys
2013-09-04 01:14:45 20480 ----a-w- c:\windows\system32\drivers\usbohci.sys
2013-09-04 01:14:43 24064 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2013-09-04 01:14:40 6016 ----a-w- c:\windows\system32\drivers\usbd.sys
.
============= FINISH: 12:31:24.42 ===============
[dupe]
.
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Database version: v2013.12.01.06
Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 11.0.9600.16428
Owner :: OWNER-PC [administrator]
12/1/2013 12:29:10 PM
MBAM-log-2013-12-01 (13-46-26).txt
Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 349864
Time elapsed: 1 hour(s), 16 minute(s), 52 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 4
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{10AD2C61-0898-4348-8600-14A342F22AC3} (PUP.Optional.ScorpionSaver) -> No action taken.
HKCU\Software\Conduit\FF (PUP.Optional.Conduit.A) -> No action taken.
HKCU\SOFTWARE\SEARCHPROTECT (PUP.Optional.SearchProtect.A) -> No action taken.
HKLM\SOFTWARE\Scorpion Saver (PUP.Optional.ScorpionSaver) -> No action taken.
Registry Values Detected: 1
HKCU\Software\SearchProtect|IELastInstalledTBHomepage (PUP.Optional.SearchProtect.A) -> Data: http://search.conduit.com?SearchSource=10&CUI=UN42971736467971392&UM=2&ctid=CT3306061 -> No action taken.
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 3
C:\Users\Owner\AppData\Local\temp\ct3306061 (PUP.Optional.Conduit.A) -> No action taken.
C:\ProgramData\Conduit\IE (PUP.Optional.Conduit.A) -> No action taken.
C:\ProgramData\Conduit\IE\CT3306061 (PUP.Optional.Conduit.A) -> No action taken.
Files Detected: 31
C:\AdwCleaner\Quarantine\C\Program Files\weDownload Manager Pro\utils.exe.vir (PUP.Optional.WeDownload.A) -> No action taken.
C:\AdwCleaner\Quarantine\C\Program Files\weDownload Manager Pro\weDownload Manager Pro-bg.exe.vir (PUP.Optional.WeDownload.A) -> No action taken.
C:\AdwCleaner\Quarantine\C\Program Files\weDownload Manager Pro\weDownload Manager Pro-buttonutil.exe.vir (PUP.Optional.WeDownload.A) -> No action taken.
C:\AdwCleaner\Quarantine\C\Program Files\weDownload Manager Pro\weDownload Manager Pro-chromeinstaller.exe.vir (PUP.Optional.WeDownload.A) -> No action taken.
C:\AdwCleaner\Quarantine\C\Program Files\weDownload Manager Pro\weDownload Manager Pro-codedownloader.exe.vir (PUP.Optional.WeDownload.A) -> No action taken.
C:\AdwCleaner\Quarantine\C\Program Files\weDownload Manager Pro\weDownload Manager Pro-enabler.exe.vir (PUP.Optional.WeDownload.A) -> No action taken.
C:\AdwCleaner\Quarantine\C\Program Files\weDownload Manager Pro\weDownload Manager Pro-firefoxinstaller.exe.vir (PUP.Optional.WeDownload.A) -> No action taken.
C:\AdwCleaner\Quarantine\C\Program Files\weDownload Manager Pro\weDownload Manager Pro-updater.exe.vir (PUP.Optional.WeDownload.A) -> No action taken.
C:\Users\Owner\AppData\Local\temp\nsi44B1.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Owner\AppData\Local\temp\SPStub.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Owner\AppData\Local\temp\nsi910E.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Owner\AppData\Local\temp\nsjE0E3.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Owner\AppData\Local\temp\nsy20B0.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Owner\AppData\Local\temp\nsy79A5.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Owner\AppData\Local\temp\nsyCB9B.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Owner\AppData\Local\temp\nsyF911.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Owner\AppData\Local\temp\ct3306061\chLogic.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Owner\AppData\Local\temp\ct3306061\ctbe.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Owner\AppData\Local\temp\ct3306061\ffLogic.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Owner\AppData\Local\temp\ct3306061\ieLogic.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Owner\AppData\Local\temp\ct3306061\spch.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Owner\AppData\Local\temp\ct3306061\spff.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Owner\AppData\Local\temp\ct3306061\statisticsStub.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Owner\AppData\Local\temp\ct3306061\stub.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Owner\Downloads\Adobe%20Flash%20Player%2011(1).exe (PUP.Optional.BundleInstaller.A) -> No action taken.
C:\Users\Owner\Downloads\Adobe%20Flash%20Player%2011.exe (PUP.Optional.BundleInstaller.A) -> No action taken.
C:\Users\Owner\AppData\Local\temp\ct3306061\chromeid.txt (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Owner\AppData\Local\temp\ct3306061\conduit.xml (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Owner\AppData\Local\temp\ct3306061\CT3306061.xpi (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Owner\AppData\Local\temp\ct3306061\setup.ini.txt (PUP.Optional.Conduit.A) -> No action taken.
C:\ProgramData\Conduit\IE\CT3306061\UninstallerUI.exe (PUP.Optional.Conduit.A) -> No action taken.
(end)
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 11.0.9600.16428
Run by Owner at 12:29:57 on 2013-12-01
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.2038.448 [GMT -8:00]
.
AV: Avira Desktop *Enabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Enabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe
C:\Windows\system32\crypserv.exe
C:\Program Files\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe
C:\Program Files\Level Quality Watcher\v1.01\levelqualitywatcher32.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
C:\Windows\System32\snmp.exe
C:\Windows\system32\STacSV.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Dell\QuickSet\NicConfigSvc.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Windows\system32\msiexec.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_12_0_0_17.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_12_0_0_17.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\System32\svchost.exe -k secsvcs
.
============== Pseudo HJT Report ===============
.
uSearch Bar = hxxp://www.google.com/ie
uSearch Page = hxxp://www.google.com
uDefault_Search_URL = hxxp://www.google.com/ie
uProxyServer = hxxp=127.0.0.1:49163;https=127.0.0.1:49163
uProxyOverride = <-loopback>
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
mSearchAssistant = hxxp://www.google.com/ie
mURLSearchHooks: {8480b7b1-a45c-4feb-8653-60f834f7ca4b} - <orphaned>
uPolicies-Explorer: NoDriveTypeAutoRun = dword:1
uPolicies-Explorer: NoDriveAutoRun- = dword:0
uPolicies-Explorer: NoDriveTypeAutoRun- = dword:0
uPolicies-Explorer: NoDriveAutoRun = dword:67108863
uPolicies-Explorer: NoDrives = dword:0
uPolicies-System: NoScrSavPage = dword:0
uPolicies-System: NoDispApprearancePage = dword:0
mPolicies-Explorer: NoDriveAutoRun- = dword:0
mPolicies-Explorer: NoDriveTypeAutoRun- = dword:0
mPolicies-Explorer: NoDriveAutoRun = dword:67108863
mPolicies-Explorer: NoDriveTypeAutoRun = dword:253
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
TCP: NameServer = 216.228.160.7 216.228.160.8 216.228.160.5 216.228.160.6
TCP: Interfaces\{07AE6EC5-2B47-403F-BBC0-4AF2A6DB3EDE} : NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{153AD536-538C-4465-AFC8-58B94BDEC93D} : NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{22542FF5-7590-40F2-9B2A-5FB89C04FAA9} : NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{4966B34F-BFAF-49D2-9DC8-FFF506C7304A} : NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{4966B34F-BFAF-49D2-9DC8-FFF506C7304A} : DHCPNameServer = 198.224.166.135 198.224.167.135
TCP: Interfaces\{4DCB2D10-C777-443E-89A6-979AD115657B} : NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{518CD836-4FC2-4A22-AE14-B86249DAFE29} : NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{AE2C0F72-3496-4135-9EC1-A45251CA19E9} : NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{AE2C0F72-3496-4135-9EC1-A45251CA19E9} : DHCPNameServer = 216.228.160.7 216.228.160.8 216.228.160.5 216.228.160.6
TCP: Interfaces\{AE2C0F72-3496-4135-9EC1-A45251CA19E9}\3616D6075737F577962756C6563737 : NameServer = 8.8.8.8,216.228.160.7
TCP: Interfaces\{AE2C0F72-3496-4135-9EC1-A45251CA19E9}\3616D6075737F577962756C6563737 : DHCPNameServer = 172.16.44.186 172.16.44.185
TCP: Interfaces\{AE2C0F72-3496-4135-9EC1-A45251CA19E9}\4656661657C647 : NameServer = 205.171.3.25,216.228.160.7
TCP: Interfaces\{AE2C0F72-3496-4135-9EC1-A45251CA19E9}\4656661657C647 : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{AE2C0F72-3496-4135-9EC1-A45251CA19E9}\F40756E60234F6D6D657E696479702E4564777F627B6 : NameServer = 8.8.8.8,216.228.160.7
TCP: Interfaces\{AE2C0F72-3496-4135-9EC1-A45251CA19E9}\F40756E60234F6D6D657E696479702E4564777F627B6 : DHCPNameServer = 216.228.160.7 216.228.160.8 216.228.160.5
TCP: Interfaces\{B819E948-EA6F-41CF-9848-95199EBFC197} : NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{B925B4EC-95DC-4FC3-9E8E-68F2E330D626} : NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{E17B4E4D-9C95-4C58-B453-5AA9E72A2EC8} : NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{EF1A7DF2-51C7-439F-AD61-408A50762872} : NameServer = 8.8.8.8,8.8.4.4
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - <orphaned>
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Notify: igfxcui - igfxdev.dll
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
SEH: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - c:\program files\superantispyware\SASSEH.DLL
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\31.0.1650.57\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\owner\appdata\roaming\mozilla\firefox\profiles\16hca966.default-1378132565160\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3306061&CUI=UN53349359313028257&UM=2&SearchSource=3&q={searchTerms}
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3306061&SearchSource=2&CUI=UN53349359313028257&UM=2&q=
FF - prefs.js: network.proxy.type - 4
FF - plugin: c:\mozilla plugins\npitunes.dll
FF - plugin: c:\progra~1\micros~3\office14\NPSPWRAP.DLL
FF - plugin: c:\program files\adobe\reader 11.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\canon\easy-photoprint ex\NPEZFFPI.DLL
FF - plugin: c:\program files\google\google updater\2.4.2432.1652\npCIDetect14.dll
FF - plugin: c:\program files\google\picasa3\npPicasa3.dll
FF - plugin: c:\program files\google\update\1.3.21.165\npGoogleUpdate3.dll
FF - plugin: c:\users\owner\appdata\roaming\mozilla\firefox\profiles\16hca966.default-1378132565160\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\plugins\np-mswmp.dll
FF - plugin: c:\users\owner\appdata\roaming\mozilla\firefox\profiles\16hca966.default-1378132565160\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}\plugins\npConduitFirefoxPlugin.dll
FF - plugin: c:\windows\system32\adobe\director\np32dsw_1205146.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_12_0_0_17.dll
FF - ExtSQL: 2013-12-01 11:43; {d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}; c:\users\owner\appdata\roaming\mozilla\firefox\profiles\16hca966.default-1378132565160\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}
.
---- FIREFOX POLICIES ----
.
FF - user.js: extensions.enabledAddons - sp2@sp.com:1.0
FF - user.js: extensions.shownSelectionUI - true
FF - user.js: extensions.enabledScopes - 15
user_pref(extensions.newAddons,false);
.
.
.
.
.
============= SERVICES / DRIVERS ===============
.
R0 MxEFUF;Matrox Extio Upper Function Filter;c:\windows\system32\drivers\MxEFUF32.sys [2012-8-9 102728]
R0 SmartDefragDriver;SmartDefragDriver;c:\windows\system32\drivers\SmartDefragDriver.sys [2012-1-14 15672]
R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [2013-11-9 37664]
R1 avkmgr;avkmgr;c:\windows\system32\drivers\avkmgr.sys [2013-11-30 37352]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2013-5-23 119056]
R2 AntiVirService;Avira Real-Time Protection;c:\program files\avira\antivir desktop\avguard.exe [2013-11-30 440376]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2013-11-30 90400]
R2 avnetflt;avnetflt;c:\windows\system32\drivers\avnetflt.sys [2013-11-30 67680]
R2 BrcmMgmtAgent;Broadcom Management Agent;c:\program files\broadcom\mgmtagent\BrcmMgmtAgent.exe [2012-8-2 154624]
R2 IHA_MessageCenter;IHA_MessageCenter;c:\program files\verizon\iha_messagecenter\bin\Verizon_IHAMessageCenter.exe [2012-8-3 350792]
R2 Level Quality Watcher;Level Quality Watcher;c:\program files\level quality watcher\v1.01\levelqualitywatcher32.exe run options=01110010000000000000000000000000 sourceguid=f5d333a8-c748-4686-ae0a-9e008f670c22 --> c:\program files\level quality watcher\v1.01\levelqualitywatcher32.exe run options=01110010000000000000000000000000 sourceguid=F5D333A8-C748-4686-AE0A-9E008F670C22 [?]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2012-9-4 384824]
R3 BTHFILT;Bluetooth Command Filter;c:\windows\system32\drivers\BthFilt.sys [2011-12-17 13824]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2013-12-1 40776]
R3 NETwLv32; Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\drivers\NETwLv32.sys [2012-8-19 6637056]
R3 Sftplay;Sftplay;c:\windows\system32\drivers\Sftplaywin7.sys [2011-10-1 194408]
R3 Sftvol;Sftvol;c:\windows\system32\drivers\Sftvolwin7.sys [2011-10-1 19304]
R3 sftvsa;Application Virtualization Service Agent;c:\program files\microsoft application virtualization client\sftvsa.exe [2011-10-1 219496]
S2 AntiVirSchedulerService;Avira Scheduler;c:\program files\avira\antivir desktop\sched.exe [2013-11-30 440376]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 cvhsvc;Client Virtualization Handler;c:\program files\common files\microsoft shared\virtualization handler\CVHSVC.EXE [2012-2-7 822624]
S2 sftlist;Application Virtualization Client;c:\program files\microsoft application virtualization client\sftlist.exe [2011-10-1 508776]
S3 BTCFilterService;USB Networking Driver Filter Service;c:\windows\system32\drivers\motfilt.sys [2009-1-29 6016]
S3 cpudrv;cpudrv;c:\program files\systemrequirementslab\cpudrv.sys [2009-12-18 11336]
S3 dfg;dfg;c:\windows\system32\drivers\dfg.sys [2012-11-22 23552]
S3 efavdrv;efavdrv;c:\windows\system32\drivers\efavdrv.sys [2012-9-3 115008]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\ieetwcollector.exe [2013-11-16 108032]
S3 JQIVQWH;JQIVQWH;c:\users\owner\appdata\local\temp\jqivqwh.exe --> c:\users\owner\appdata\local\temp\JQIVQWH.exe [?]
S3 KV;KV;c:\users\owner\appdata\local\temp\kv.exe --> c:\users\owner\appdata\local\temp\KV.exe [?]
S3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\drivers\motccgp.sys [2012-6-11 20864]
S3 motccgpfl;MotCcgpFlService;c:\windows\system32\drivers\motccgpfl.sys [2012-1-25 8448]
S3 Motousbnet;Motorola USB Networking Driver Service;c:\windows\system32\drivers\Motousbnet.sys [2012-6-8 23808]
S3 motusbdevice;Motorola USB Dev Driver;c:\windows\system32\drivers\motusbdevice.sys [2011-11-8 11008]
S3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\drivers\netaapl.sys [2012-3-26 18432]
S3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\drivers\NETw5v32.sys [2009-5-28 4233728]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-10-31 14848]
S3 RegGuard;RegGuard;c:\windows\system32\drivers\regguard.sys [2012-8-23 24416]
S3 Sftfs;Sftfs;c:\windows\system32\drivers\Sftfswin7.sys [2011-10-1 581480]
S3 Sftredir;Sftredir;c:\windows\system32\drivers\Sftredirwin7.sys [2011-10-1 21864]
S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\drivers\VSTAZL3.SYS [2009-7-13 207360]
S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\drivers\VSTDPV3.SYS [2009-7-13 980992]
S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\drivers\VSTCNXT3.SYS [2009-7-13 661504]
S3 SWDUMon;SWDUMon;c:\windows\system32\drivers\SWDUMon.sys [2011-12-17 13464]
S3 Te.Service;Te.Service;c:\program files\windows kits\8.0\testing\runtimes\taef\Wex.Services.exe [2012-7-25 94208]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2012-10-31 49664]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2011-3-13 1343400]
S4 AJNZPONDLY;AJNZPONDLY;c:\users\owner\appdata\local\temp\ajnzpondly.exe --> c:\users\owner\appdata\local\temp\AJNZPONDLY.exe [?]
S4 AntiVirWebService;Avira Web Protection;c:\program files\avira\antivir desktop\avwebg7.exe [2013-11-30 1164360]
S4 BthFilterHelper;Bluetooth Feature Support;c:\program files\csr\vista profile pack\BthFilterHelper.exe [2006-11-7 127488]
S4 Motorola Device Manager;Motorola Device Manager Service;c:\program files\motorola mobility\motorola device manager\MotoHelperService.exe [2012-10-23 120728]
S4 PST Service;PST Service;c:\program files\motorola\motforwarddaemon\ForwardDaemon.exe [2012-6-15 65657]
S4 VYGTB;VYGTB;c:\users\owner\appdata\local\temp\vygtb.exe --> c:\users\owner\appdata\local\temp\VYGTB.exe [?]
S4 XHSJPQ;XHSJPQ;c:\users\owner\appdata\local\temp\xhsjpq.exe --> c:\users\owner\appdata\local\temp\XHSJPQ.exe [?]
SUnknown vToolbarUpdater17.1.2;vToolbarUpdater17.1.2; [x]
.
=============== Created Last 30 ================
.
2013-12-01 20:28:30 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2013-12-01 19:55:28 -------- d-----w- C:\temp
2013-12-01 19:55:26 -------- d-----w- c:\program files\Level Quality Watcher
2013-12-01 19:54:57 -------- d-----w- c:\program files\MyPC Backup
2013-12-01 19:44:26 -------- d-----w- c:\programdata\Conduit
2013-12-01 19:44:08 -------- d-----w- c:\users\owner\appdata\local\NativeMessaging
2013-12-01 19:44:06 -------- d-----w- c:\users\owner\appdata\local\Conduit
2013-12-01 19:44:02 -------- d-----w- c:\users\owner\appdata\local\CRE
2013-12-01 19:44:00 -------- d-----w- c:\program files\Conduit
2013-12-01 19:34:46 -------- d-----w- c:\users\owner\appdata\local\ElevatedDiagnostics
2013-12-01 17:48:01 -------- d-----w- c:\users\owner\appdata\local\Adobe
2013-12-01 17:47:23 -------- d-----w- c:\programdata\CrypKey
2013-12-01 17:46:20 27648 ----a-r- c:\windows\Setup_ck.exe
2013-12-01 17:46:20 19584 ----a-w- c:\windows\system32\Ckldrv.sys
2013-12-01 17:46:20 18432 ----a-w- c:\windows\Setup_ck.dll
2013-12-01 17:46:20 165888 ----a-w- c:\windows\Ckconfig.exe
2013-12-01 17:46:20 122880 ----a-w- c:\windows\system32\Crypserv.exe
2013-12-01 17:46:20 11776 ----a-w- c:\windows\Ckrfresh.exe
2013-12-01 17:46:16 -------- d-----w- c:\program files\Stellar Phoenix Outlook PST Repair
2013-12-01 17:45:51 10016840 ----a-w- C:\spopr.exe
2013-12-01 17:45:42 -------- d-----w- c:\users\owner\appdata\local\Programs
2013-12-01 17:12:28 -------- d-----w- c:\users\owner\appdata\local\Apple Computer
2013-12-01 16:35:38 -------- d-----w- c:\users\owner\appdata\local\Microsoft Help
2013-11-30 19:50:05 -------- d-----w- c:\users\owner\appdata\local\Macromedia
2013-11-30 19:49:41 -------- d-----w- c:\users\owner\appdata\local\Mozilla
2013-11-30 19:23:46 -------- d-----w- c:\users\owner\appdata\local\Diagnostics
2013-11-30 19:20:48 -------- d-----w- c:\users\owner\appdata\local\Google
2013-11-30 17:42:17 -------- d-----w- c:\users\owner\appdata\roaming\Avira
2013-11-30 17:35:04 67680 ----a-w- c:\windows\system32\drivers\avnetflt.sys
2013-11-30 17:35:04 37352 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2013-11-30 17:35:03 90400 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2013-11-30 17:35:01 -------- d-----w- c:\program files\Avira
2013-11-28 22:17:40 1796096 ----a-w- c:\windows\system32\authui.dll
2013-11-28 22:17:40 168960 ----a-w- c:\windows\system32\credui.dll
2013-11-28 22:17:40 152576 ----a-w- c:\windows\system32\SmartcardCredentialProvider.dll
2013-11-28 22:17:32 434688 ----a-w- c:\windows\system32\scavengeui.dll
2013-11-28 22:17:26 81920 ----a-w- c:\windows\system32\davclnt.dll
2013-11-28 22:17:26 205824 ----a-w- c:\windows\system32\WebClnt.dll
2013-11-28 22:17:26 115712 ----a-w- c:\windows\system32\drivers\mrxdav.sys
2013-11-28 21:46:27 -------- d-----w- c:\programdata\Kaspersky Lab
2013-11-28 21:01:52 -------- d-----w- c:\programdata\CDB
2013-11-28 20:47:08 -------- d-sh--w- C:\$RECYCLE.BIN
2013-11-28 20:44:40 -------- d-----w- c:\users\owner\appdata\local\temp
2013-11-28 20:24:31 -------- d-----w- c:\program files\sp
2013-11-28 19:43:24 -------- d-----w- c:\users\owner\appdata\local\Mozilla Firefox
2013-11-24 17:05:13 -------- d-----w- C:\AdwCleaner
2013-11-24 16:28:23 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2013-11-24 16:27:48 75992 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2013-11-16 18:50:02 99840 ----a-w- c:\windows\system32\sspicli.dll
2013-11-16 18:50:02 67520 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2013-11-16 18:50:02 369848 ----a-w- c:\windows\system32\drivers\cng.sys
2013-11-16 18:50:02 247808 ----a-w- c:\windows\system32\schannel.dll
2013-11-16 18:50:02 220160 ----a-w- c:\windows\system32\ncrypt.dll
2013-11-16 18:50:02 22016 ----a-w- c:\windows\system32\secur32.dll
2013-11-16 18:50:02 22016 ----a-w- c:\windows\system32\lsass.exe
2013-11-16 18:50:02 15872 ----a-w- c:\windows\system32\sspisrv.dll
2013-11-16 18:50:02 136640 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2013-11-16 18:50:02 1038848 ----a-w- c:\windows\system32\lsasrv.dll
2013-11-16 18:50:00 305152 ----a-w- c:\windows\system32\gdi32.dll
2013-11-16 18:49:58 679424 ----a-w- c:\windows\system32\IKEEXT.DLL
2013-11-16 18:49:57 656896 ----a-w- c:\windows\system32\nshwfp.dll
2013-11-16 18:49:57 216576 ----a-w- c:\windows\system32\FWPUCLNT.DLL
2013-11-16 18:49:53 1168384 ----a-w- c:\windows\system32\crypt32.dll
2013-11-16 18:23:59 338944 ----a-w- c:\windows\system32\drivers\afd.sys
2013-11-16 18:23:59 231424 ----a-w- c:\windows\system32\mswsock.dll
2013-11-16 18:23:59 1294272 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-11-09 23:44:08 37664 ----a-w- c:\windows\system32\drivers\avgtpx86.sys
2013-11-09 23:43:32 -------- d-----w- c:\program files\SlimDrivers
2013-11-09 23:33:43 -------- d-----w- C:\Mozilla Plugins
2013-11-09 23:33:43 -------- d-----w- C:\iTunesMiniPlayer.Resources
2013-11-09 23:33:42 -------- d-----w- C:\iTunesHelper.Resources
2013-11-09 23:33:06 -------- d-----w- C:\iTunes.Resources
2013-11-09 23:33:05 -------- d-----w- c:\program files\iPod
2013-11-09 23:32:59 -------- d-----w- c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1
2013-11-09 23:32:59 -------- d-----w- C:\CD Configuration
2013-11-02 08:29:46 293192 ----a-w- C:\iTunesOutlookAddIn.dll
2013-11-02 08:29:44 9789256 ----a-w- C:\iTunes.exe
2013-11-02 08:29:44 405320 ----a-w- C:\iTunesAdmin.dll
2013-11-02 08:29:44 152392 ----a-w- C:\iTunesHelper.exe
2013-11-02 08:29:44 148808 ----a-w- C:\iTunesHelper.dll
2013-11-02 08:29:44 117576 ----a-w- C:\iTunesMiniPlayer.dll
2013-11-02 08:29:36 25449288 ----a-w- C:\iTunes.dll
2013-11-02 08:29:34 776216 ----a-w- C:\gnsdk_sdkmanager.dll
2013-11-02 08:29:34 649032 ----a-w- C:\iPodUpdaterExt.dll
2013-11-02 08:29:34 3008536 ----a-w- C:\gnsdk_dsp.dll
2013-11-02 08:29:34 262680 ----a-w- C:\gnsdk_submit.dll
2013-11-02 08:29:34 219672 ----a-w- C:\gnsdk_musicid.dll
.
==================== Find3M ====================
.
2013-11-30 19:23:41 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-11-30 19:23:41 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-11-28 20:07:03 13464 ----a-w- c:\windows\system32\drivers\SWDUMon.sys
2013-11-19 11:33:38 230048 ------w- c:\windows\system32\MpSigStub.exe
2013-10-02 02:15:34 112968 ----a-w- C:\ITDetector.ocx
2013-10-02 02:15:32 1741128 ----a-w- C:\iAdCore.dll
2013-09-04 01:15:32 258560 ----a-w- c:\windows\system32\drivers\usbhub.sys
2013-09-04 01:14:52 76288 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2013-09-04 01:14:52 284672 ----a-w- c:\windows\system32\drivers\usbport.sys
2013-09-04 01:14:45 43008 ----a-w- c:\windows\system32\drivers\usbehci.sys
2013-09-04 01:14:45 20480 ----a-w- c:\windows\system32\drivers\usbohci.sys
2013-09-04 01:14:43 24064 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2013-09-04 01:14:40 6016 ----a-w- c:\windows\system32\drivers\usbd.sys
.
============= FINISH: 12:31:24.42 ===============
[dupe]
.