Hoops88
2013-02-11, 06:25
Could someone please have a look I keep getting redirects to blekko.
Windows Vista™ Home Premium 6.0.6002.2.1252.353.1033.18.2008.986 [GMT 0:00]
.
AV: Avira Desktop *Enabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Enabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Spybot - Search and Destroy *Enabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
C:\Windows\Explorer.EXE
C:\Program Files\Samsung\EBM\EasyBatteryMgr3.exe
C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe
C:\Program Files\Samsung\Samsung Magic Doctor\MagicDoctorKbdHk.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\SearchProtect\bin\CltMngSvc.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Zune\ZuneLauncher.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Opera\opera.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn
mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=SMSN&bmod=SMSN
BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy 2\SDHelper.dll
uRun: [Spybot-S&D Cleaning] "c:\program files\spybot - search & destroy 2\SDCleaner.exe" /autoclean
mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe -s
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [IAAnotif] c:\program files\intel\intel matrix storage manager\iaanotif.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
mRun: [Zune Launcher] "c:\program files\zune\ZuneLauncher.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [SDTray] "c:\program files\spybot - search & destroy 2\SDTray.exe"
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy 2\SDHelper.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{67C601B1-1E2D-426F-832C-AD94CE568CB7} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{ABA8842C-511E-4DE7-907F-5AA21C1675C3} : DHCPNameServer = 8.8.8.8
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - c:\program files\belarc\advisor\system\BAVoilaX.dll
Handler: sacore - <Clsid value has no data>
Notify: igfxcui - igfxdev.dll
Notify: SDWinLogon - SDWinLogon.dll
SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - c:\windows\system32\CbFsMntNtf3.dll
STS: Virtual Storage Mount Notification - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - c:\windows\system32\CbFsMntNtf3.dll
LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg
Hosts: 127.0.0.1 www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\sandra\appdata\roaming\mozilla\firefox\profiles\4p741xj1.default\
FF - prefs.js: browser.search.selectedEngine - Delta Search
FF - prefs.js: browser.startup.homepage - www.google.ie
FF - plugin: c:\program files\google\update\1.3.21.135\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: c:\windows\system32\npDeployJava1.dll
FF - plugin: c:\windows\system32\npmproxy.dll
FF - ExtSQL: 2013-02-06 18:12; {f0e59437-6148-4a98-b0a6-60d557ef57f4}; c:\users\sandra\appdata\roaming\mozilla\firefox\profiles\4p741xj1.default\extensions\{f0e59437-6148-4a98-b0a6-60d557ef57f4}
FF - ExtSQL: 2013-02-06 22:56; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
.
---- FIREFOX POLICIES ----
FF - user.js: extensions.delta.tlbrSrchUrl -
FF - user.js: extensions.delta.id - a2db0ee800000000000000ffaba8842c
FF - user.js: extensions.delta.appId - {C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
FF - user.js: extensions.delta.instlDay - 15745
FF - user.js: extensions.delta.vrsn - 1.8.10.0
FF - user.js: extensions.delta.vrsni - 1.8.10.0
FF - user.js: extensions.delta.vrsnTs - 1.8.10.019:01:45
FF - user.js: extensions.delta.prtnrId - delta
FF - user.js: extensions.delta.prdct - delta
FF - user.js: extensions.delta.aflt - babsst
FF - user.js: extensions.delta.smplGrp - none
FF - user.js: extensions.delta.tlbrId - base
FF - user.js: extensions.delta.instlRef - sst
FF - user.js: extensions.delta.dfltLng - en
FF - user.js: extensions.delta.excTlbr - false
FF - user.js: extensions.delta.admin - false
FF - user.js: extensions.delta.autoRvrt - false
FF - user.js: extensions.delta.rvrt - false
FF - user.js: extensions.delta.newTab - false
.
============= SERVICES / DRIVERS ===============
.
R1 avkmgr;avkmgr;c:\windows\system32\drivers\avkmgr.sys [2013-2-6 36552]
R2 AntiVirSchedulerService;Avira Scheduler;c:\program files\avira\antivir desktop\sched.exe [2013-2-6 85280]
R2 AntiVirService;Avira Real-Time Protection;c:\program files\avira\antivir desktop\avguard.exe [2013-2-6 109344]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2013-2-6 83944]
R2 CltMngSvc;Search Protect by Conduit Updater;c:\program files\searchprotect\bin\CltMngSvc.exe [2013-1-27 95008]
R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-21 21504]
R2 KMDFMEMIO;SAMSUNG Kernel Driver;c:\windows\system32\drivers\KMDFMEMIO.sys [2009-6-11 13312]
R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2013-2-7 398184]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files\spybot - search & destroy 2\SDFSSvc.exe [2013-2-10 1103392]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files\spybot - search & destroy 2\SDUpdSvc.exe [2013-2-10 1369624]
R2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files\spybot - search & destroy 2\SDWSCSvc.exe [2013-2-10 168384]
R3 cbfs3;EldoS Callback File System driver v3;c:\windows\system32\drivers\cbfs3.sys [2013-2-7 299024]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-2-7 21104]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2013-2-7 682344]
S3 Ph3xIB32;Philips 713x Inbox PCI TV Card;c:\windows\system32\drivers\Ph3xIB32.sys [2006-11-2 1083520]
S3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\drivers\taphss6.sys [2013-1-20 37064]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== Created Last 30 ================
.
2013-02-11 01:18:29 -------- d-----w- c:\users\sandra\appdata\local\Microsoft Games
2013-02-10 22:02:22 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2013-02-10 22:02:07 15224 ----a-w- c:\windows\system32\sdnclean.exe
2013-02-10 22:01:57 -------- d-----w- c:\program files\Spybot - Search & Destroy 2
2013-02-10 21:04:52 2730536 ----a-w- c:\programdata\microsoft\windows defender\definition updates\backup\mpengine.dll
2013-02-10 21:04:48 6991832 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{d11b1fc0-8405-4374-bccf-960bb416f1cf}\mpengine.dll
2013-02-10 21:04:47 232336 ------w- c:\windows\system32\MpSigStub.exe
2013-02-10 20:52:56 -------- d-----w- c:\users\sandra\appdata\local\Microsoft_Corporation
2013-02-10 19:44:10 -------- d-----w- C:\TDSSKiller_Quarantine
2013-02-10 10:05:38 -------- d-----w- c:\programdata\Martau
2013-02-10 10:05:32 -------- d-----w- c:\program files\Total Uninstall 6
2013-02-09 19:01:11 18096 ----a-w- c:\windows\system32\roboot.exe
2013-02-09 19:01:11 -------- d-----w- c:\program files\File Scout
2013-02-09 18:59:49 -------- d-----w- c:\program files\VideoLAN
2013-02-09 09:16:49 -------- d-sh--w- C:\$RECYCLE.BIN
2013-02-09 05:17:09 -------- d-----w- c:\users\sandra\appdata\roaming\iolo
2013-02-09 05:07:51 -------- d-----w- c:\users\sandra\appdata\roaming\WinPatrol
2013-02-09 05:07:44 -------- d-----w- c:\program files\BillP Studios
2013-02-09 03:53:40 -------- d-----w- c:\users\sandra\appdata\local\ElevatedDiagnostics
2013-02-09 03:31:55 -------- d-----w- c:\windows\pss
2013-02-09 01:09:58 -------- d-----w- c:\users\sandra\appdata\local\temp
2013-02-09 00:15:59 -------- d-----w- c:\windows\ERUNT
2013-02-09 00:15:46 -------- d-----w- C:\JRT
2013-02-08 20:36:19 66800 ----a-w- c:\windows\UnDeployV.exe
2013-02-08 20:36:19 -------- d-----w- c:\program files\LookInMyPC
2013-02-08 20:15:14 -------- d-----w- c:\program files\Belarc
2013-02-08 20:08:26 -------- d-----w- c:\programdata\Acunetix WVS 8
2013-02-08 19:36:20 -------- d-----w- c:\users\sandra\appdata\roaming\uTorrent
2013-02-08 17:01:31 -------- d-----w- C:\Samsung
2013-02-08 16:59:57 -------- d-----w- c:\windows\system32\NetsyncAgent
2013-02-08 00:25:19 -------- d-----w- c:\users\sandra\appdata\roaming\GlarySoft
2013-02-07 23:32:02 -------- d-----w- c:\users\sandra\appdata\local\Opera
2013-02-07 20:59:46 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin7.dll
2013-02-07 20:59:46 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin6.dll
2013-02-07 20:59:46 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin5.dll
2013-02-07 20:59:46 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin4.dll
2013-02-07 20:59:46 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin3.dll
2013-02-07 20:59:46 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin2.dll
2013-02-07 20:59:46 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin.dll
2013-02-07 18:06:35 876032 ----a-w- c:\windows\system32\XpsPrint.dll
2013-02-07 18:06:34 219648 ----a-w- c:\windows\system32\d3d10_1core.dll
2013-02-07 18:06:34 1069056 ----a-w- c:\windows\system32\DWrite.dll
2013-02-07 18:06:33 683008 ----a-w- c:\windows\system32\d2d1.dll
2013-02-07 18:06:33 160768 ----a-w- c:\windows\system32\d3d10_1.dll
2013-02-07 18:06:33 1172480 ----a-w- c:\windows\system32\d3d10warp.dll
2013-02-07 15:38:10 -------- d-----w- c:\program files\Windows Portable Devices
2013-02-07 14:35:25 92672 ----a-w- c:\windows\system32\UIAnimation.dll
2013-02-07 14:35:24 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll
2013-02-07 14:35:23 3023360 ----a-w- c:\windows\system32\UIRibbon.dll
2013-02-07 14:16:08 5120 ----a-w- c:\windows\system32\wmi.dll
2013-02-07 14:16:08 157696 ----a-w- c:\windows\system32\imagehlp.dll
2013-02-07 14:16:08 12800 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2013-02-07 14:00:14 979456 ----a-w- c:\windows\system32\MFH264Dec.dll
2013-02-07 13:58:54 -------- d-----w- c:\users\sandra\appdata\local\Apple Computer
2013-02-07 13:58:21 369664 ----a-w- c:\windows\system32\WMPhoto.dll
2013-02-07 13:58:21 252928 ----a-w- c:\windows\system32\dxdiag.exe
2013-02-07 13:58:21 195584 ----a-w- c:\windows\system32\dxdiagn.dll
2013-02-07 13:58:19 519680 ----a-w- c:\windows\system32\d3d11.dll
2013-02-07 13:58:17 974848 ----a-w- c:\windows\system32\WindowsCodecs.dll
2013-02-07 13:58:17 321024 ----a-w- c:\windows\system32\PhotoMetadataHandler.dll
2013-02-07 13:58:17 189440 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2013-02-07 13:58:05 26840 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2013-02-07 13:56:51 -------- d-----w- c:\program files\iPod
2013-02-07 13:56:34 -------- d-----w- c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1
2013-02-07 13:56:34 -------- d-----w- c:\program files\iTunes
2013-02-07 13:55:19 -------- d-----w- c:\users\sandra\appdata\local\Apple
2013-02-07 13:53:18 -------- d-----w- c:\program files\Bonjour
2013-02-07 13:26:34 -------- d-----w- c:\users\sandra\appdata\local\Macroplant_LLC
2013-02-07 13:25:03 223760 ----a-w- c:\windows\system32\CbFsNetRdr3.dll
2013-02-07 13:25:03 158224 ----a-w- c:\windows\system32\CbFsMntNtf3.dll
2013-02-07 13:24:38 299024 ----a-w- c:\windows\system32\drivers\cbfs3.sys
2013-02-07 13:24:30 -------- d-----w- c:\program files\iExplorer
2013-02-07 13:11:55 9728 ----a-w- c:\windows\system32\Wdfres.dll
2013-02-07 13:11:51 66560 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2013-02-07 13:11:51 155136 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2013-02-07 13:11:50 73216 ----a-w- c:\windows\system32\WUDFSvc.dll
2013-02-07 13:11:50 526952 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2013-02-07 13:11:50 47720 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2013-02-07 13:11:50 172032 ----a-w- c:\windows\system32\WUDFPlatform.dll
2013-02-07 13:11:50 16896 ----a-w- c:\windows\system32\winusb.dll
2013-02-07 13:11:49 34944 ----a-w- c:\windows\system32\drivers\winusb.sys
2013-02-07 13:11:48 613888 ----a-w- c:\windows\system32\WUDFx.dll
2013-02-07 13:11:48 38912 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2013-02-07 13:11:48 196608 ----a-w- c:\windows\system32\WUDFHost.exe
2013-02-07 12:54:34 34304 ----a-w- c:\windows\system32\atmlib.dll
2013-02-07 12:54:34 293376 ----a-w- c:\windows\system32\atmfd.dll
2013-02-07 12:53:12 53120 ----a-w- c:\windows\system32\drivers\partmgr.sys
2013-02-07 12:53:12 1205064 ----a-w- c:\windows\system32\ntdll.dll
2013-02-07 12:53:11 376320 ----a-w- c:\windows\system32\dpnet.dll
2013-02-07 12:53:11 23040 ----a-w- c:\windows\system32\dpnsvr.exe
2013-02-07 12:53:08 623616 ----a-w- c:\windows\system32\localspl.dll
2013-02-07 12:51:09 497152 ----a-w- c:\windows\system32\qdvd.dll
2013-02-07 12:51:09 1314816 ----a-w- c:\windows\system32\quartz.dll
2013-02-07 12:50:50 2409784 ----a-w- c:\program files\windows mail\OESpamFilter.dat
2013-02-07 12:49:25 429056 ----a-w- c:\windows\system32\EncDec.dll
2013-02-07 12:48:56 1248768 ----a-w- c:\windows\system32\msxml3.dll
2013-02-07 12:48:50 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll
2013-02-07 12:48:50 4096 ----a-w- c:\windows\system32\oleaccrc.dll
2013-02-07 12:48:49 563712 ----a-w- c:\windows\system32\oleaut32.dll
2013-02-07 12:48:49 238080 ----a-w- c:\windows\system32\oleacc.dll
2013-02-07 12:48:36 613376 ----a-w- c:\windows\system32\rdpencom.dll
2013-02-07 08:59:12 180736 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2013-02-07 08:59:10 707584 ----a-w- c:\program files\common files\system\wab32.dll
2013-02-07 08:55:20 2048 ----a-w- c:\windows\system32\tzres.dll
2013-02-07 08:55:02 2048000 ----a-w- c:\windows\system32\win32k.sys
2013-02-07 08:55:01 75776 ----a-w- c:\windows\system32\synceng.dll
2013-02-07 08:52:30 377344 ----a-w- c:\windows\system32\winhttp.dll
2013-02-07 08:51:47 985088 ----a-w- c:\windows\system32\crypt32.dll
2013-02-07 08:51:47 98304 ----a-w- c:\windows\system32\cryptnet.dll
2013-02-07 08:51:47 133120 ----a-w- c:\windows\system32\cryptsvc.dll
2013-02-07 08:51:31 224640 ----a-w- c:\windows\system32\drivers\volsnap.sys
2013-02-07 08:49:16 86528 ----a-w- c:\windows\system32\dnsrslvr.dll
2013-02-07 08:49:16 25088 ----a-w- c:\windows\system32\dnscacheugc.exe
2013-02-07 08:48:42 288768 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2013-02-07 08:48:41 797696 ----a-w- c:\windows\system32\FntCache.dll
2013-02-07 08:48:41 486400 ----a-w- c:\windows\system32\d3d10level9.dll
2013-02-07 08:48:40 847360 ----a-w- c:\windows\system32\OpcServices.dll
2013-02-07 08:48:40 189952 ----a-w- c:\windows\system32\d3d10core.dll
2013-02-07 08:48:40 1554432 ----a-w- c:\windows\system32\xpsservices.dll
2013-02-07 08:48:40 1029120 ----a-w- c:\windows\system32\d3d10.dll
2013-02-07 08:46:04 17920 ----a-w- c:\windows\system32\netevent.dll
2013-02-07 08:46:04 125952 ----a-w- c:\windows\system32\srvsvc.dll
2013-02-07 08:37:01 23872 ----a-w- c:\windows\system32\RegistryDefragBootTime.exe
2013-02-07 08:29:28 440704 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2013-02-07 08:29:28 278528 ----a-w- c:\windows\system32\schannel.dll
2013-02-07 08:29:27 1259008 ----a-w- c:\windows\system32\lsasrv.dll
2013-02-07 08:29:26 9728 ----a-w- c:\windows\system32\lsass.exe
2013-02-07 08:29:26 72704 ----a-w- c:\windows\system32\secur32.dll
2013-02-07 08:29:22 231424 ----a-w- c:\windows\system32\msshsq.dll
2013-02-07 08:09:05 680448 ----a-w- c:\windows\system32\msvcrt.dll
2013-02-07 08:06:10 -------- d-----w- c:\windows\system32\RTCOM
2013-02-07 08:03:59 1836376 ----a-w- c:\windows\system32\MaxxAudioEQ.dll
2013-02-07 08:03:58 709976 ----a-w- c:\windows\system32\MaxxAudioAPOShell.dll
2013-02-07 08:03:58 232792 ----a-w- c:\windows\system32\MaxxAudioAPO20.dll
2013-02-07 08:03:58 132368 ----a-w- c:\windows\system32\MaxxAudioAPO.dll
2013-02-07 08:03:49 2193472 ----a-w- c:\windows\system32\FMAPO.dll
2013-02-07 08:03:43 95840 ----a-w- c:\windows\system32\AERTARen.dll
2013-02-07 08:03:43 176736 ----a-w- c:\windows\system32\AERTACap.dll
2013-02-07 08:02:59 5632 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\DotNetInstaller.exe
2013-02-07 07:59:48 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-02-07 07:59:47 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-02-07 07:50:17 2422272 ----a-w- c:\windows\system32\wucltux.dll
2013-02-07 07:50:01 88576 ----a-w- c:\windows\system32\wudriver.dll
2013-02-07 07:49:53 33792 ----a-w- c:\windows\system32\wuapp.exe
2013-02-07 07:49:53 171904 ----a-w- c:\windows\system32\wuwebv.dll
2013-02-07 04:51:43 -------- d-----w- c:\users\sandra\appdata\roaming\Malwarebytes
2013-02-07 04:51:34 -------- d-----w- c:\programdata\Malwarebytes
2013-02-07 04:51:32 21104 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-02-07 04:51:32 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-02-07 04:41:23 -------- d-----w- c:\windows\system32\x64
2013-02-07 04:22:26 -------- d-----w- c:\users\sandra\appdata\local\SlimWare Utilities Inc
2013-02-07 04:21:55 -------- d-----w- c:\program files\SlimComputer
2013-02-07 04:15:58 -------- d-----w- c:\users\sandra\appdata\local\eSupport.com
2013-02-07 02:39:03 -------- d-----w- c:\programdata\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A}
2013-02-07 02:38:59 -------- d-----w- c:\programdata\IObit
2013-02-07 02:38:57 -------- d-----w- c:\users\sandra\appdata\roaming\IObit
2013-02-07 02:38:43 -------- d-----w- c:\program files\IObit
2013-02-07 01:42:32 293376 ----a-w- c:\windows\system32\browserchoice.exe
2013-02-07 01:38:57 24064 ----a-w- c:\windows\system32\nshhttp.dll
2013-02-07 01:38:56 411648 ----a-w- c:\windows\system32\drivers\http.sys
2013-02-07 01:38:56 30720 ----a-w- c:\windows\system32\httpapi.dll
2013-02-07 01:32:07 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2013-02-07 01:32:07 168960 ----a-w- c:\program files\windows media player\wmplayer.exe
2013-02-07 01:30:52 317952 ----a-w- c:\windows\system32\MP4SDECD.DLL
2013-02-07 01:28:56 677888 ----a-w- c:\windows\system32\mstsc.exe
2013-02-07 01:13:25 310784 ----a-w- c:\windows\system32\unregmp2.exe
2013-02-07 01:13:25 1418752 ----a-w- c:\program files\windows media player\setup_wm.exe
2013-02-07 01:13:23 7680 ----a-w- c:\windows\system32\spwmp.dll
2013-02-07 01:13:23 107520 ----a-w- c:\program files\windows media player\wmpshare.exe
2013-02-07 01:13:23 107520 ----a-w- c:\program files\windows media player\wmpconfig.exe
2013-02-07 01:13:22 4096 ----a-w- c:\windows\system32\msdxm.ocx
2013-02-07 01:13:22 4096 ----a-w- c:\windows\system32\dxmasf.dll
2013-02-07 01:12:44 30720 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2013-02-07 01:10:51 91136 ----a-w- c:\windows\system32\avifil32.dll
2013-02-07 01:10:51 82944 ----a-w- c:\windows\system32\mciavi32.dll
2013-02-07 01:10:51 50176 ----a-w- c:\windows\system32\iyuv_32.dll
2013-02-07 01:10:51 31744 ----a-w- c:\windows\system32\msvidc32.dll
2013-02-07 01:10:51 22528 ----a-w- c:\windows\system32\msyuv.dll
2013-02-07 01:10:51 13312 ----a-w- c:\windows\system32\msrle32.dll
2013-02-07 01:10:51 123904 ----a-w- c:\windows\system32\msvfw32.dll
2013-02-07 01:10:51 12288 ----a-w- c:\windows\system32\tsbyuv.dll
2013-02-07 01:10:49 243712 ----a-w- c:\windows\system32\rastls.dll
2013-02-07 01:10:46 531968 ----a-w- c:\windows\system32\comctl32.dll
2013-02-07 01:10:43 355328 ----a-w- c:\windows\system32\WSDApi.dll
2013-02-07 01:10:26 604672 ----a-w- c:\windows\system32\WMSPDMOD.DLL
2013-02-07 00:42:23 -------- d-----w- c:\windows\system32\ms-MY
2013-02-07 00:24:16 -------- d-----w- c:\windows\system32\drivers\umdf\ko-KR
2013-02-07 00:24:15 -------- d-----w- c:\windows\system32\drivers\umdf\ms-MY
2013-02-07 00:24:14 -------- d-----w- c:\windows\system32\drivers\umdf\id-ID
2013-02-07 00:24:13 -------- d-----w- c:\windows\system32\drivers\umdf\sv-SE
2013-02-07 00:24:12 -------- d-----w- c:\windows\system32\drivers\umdf\nb-NO
2013-02-07 00:24:11 -------- d-----w- c:\windows\system32\drivers\umdf\hu-HU
2013-02-07 00:24:10 -------- d-----w- c:\windows\system32\drivers\umdf\fi-FI
2013-02-07 00:24:08 -------- d-----w- c:\windows\system32\drivers\umdf\da-DK
2013-02-07 00:24:07 -------- d-----w- c:\windows\system32\drivers\umdf\cs-CZ
2013-02-07 00:24:05 -------- d-----w- c:\windows\system32\drivers\umdf\ru-RU
2013-02-07 00:24:01 -------- d-----w- c:\windows\system32\drivers\umdf\ja-JP
2013-02-07 00:24:00 -------- d-----w- c:\windows\system32\drivers\umdf\pt-BR
2013-02-07 00:23:59 -------- d-----w- c:\windows\system32\drivers\umdf\pt-PT
2013-02-07 00:23:58 -------- d-----w- c:\windows\system32\drivers\umdf\nl-NL
2013-02-07 00:23:55 -------- d-----w- c:\windows\system32\drivers\umdf\de-DE
2013-02-07 00:23:53 -------- d-----w- c:\windows\system32\drivers\umdf\fr-FR
2013-02-07 00:23:51 -------- d-----w- c:\windows\system32\drivers\umdf\es-ES
2013-02-06 23:59:04 1547776 ----a-w- c:\windows\system32\WMVDECOD.DLL
2013-02-06 23:58:55 -------- d-----w- c:\windows\PCHEALTH
2013-02-06 23:46:30 -------- d-----w- c:\program files\Glary Utilities
2013-02-06 23:37:07 -------- d-----w- c:\users\sandra\appdata\local\DoNotTrackPlus
2013-02-06 23:20:30 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2013-02-06 23:20:30 49472 ----a-w- c:\windows\system32\netfxperf.dll
2013-02-06 23:20:30 297808 ----a-w- c:\windows\system32\mscoree.dll
2013-02-06 23:20:30 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2013-02-06 23:20:30 1130824 ----a-w- c:\windows\system32\dfshim.dll
2013-02-06 23:11:58 2297552 ----a-w- c:\windows\system32\d3dx9_26.dll
2013-02-06 23:04:45 -------- d-----w- c:\windows\system32\directx
2013-02-06 22:43:18 -------- d-----w- c:\windows\system32\eu-ES
2013-02-06 22:43:18 -------- d-----w- c:\windows\system32\ca-ES
2013-02-06 22:43:17 -------- d-----w- c:\windows\system32\vi-VN
2013-02-06 22:40:21 -------- d-----w- c:\windows\system32\SPReview
2013-02-06 22:28:11 928768 ----a-w- c:\windows\system32\scavenge.dll
2013-02-06 22:28:06 57856 ----a-w- c:\windows\system32\compcln.exe
2013-02-06 22:26:59 97792 ----a-w- c:\windows\system32\mprapi.dll
2013-02-06 20:34:38 -------- d-----w- c:\users\sandra\appdata\roaming\Samsung
2013-02-06 20:18:59 -------- d-----w- c:\users\sandra\appdata\roaming\Avira
2013-02-06 20:18:52 -------- d-----w- c:\windows\system32\EventProviders
2013-02-06 20:11:48 83944 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2013-02-06 20:11:48 36552 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2013-02-06 20:11:41 -------- d-----w- c:\programdata\Avira
2013-02-06 20:11:41 -------- d-----w- c:\program files\Avira
2013-02-06 20:05:31 861088 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-02-06 20:05:31 782240 ----a-w- c:\windows\system32\deployJava1.dll
2013-02-06 20:05:23 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-02-06 19:42:22 -------- d-----w- c:\windows\CheckSur
2013-02-06 19:38:28 -------- d-----w- c:\users\sandra\appdata\local\Macromedia
2013-02-06 19:28:34 697712 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-02-06 18:13:10 -------- d-----w- c:\users\sandra\appdata\roaming\PeaZip
2013-02-06 18:12:16 -------- d-----w- c:\program files\SearchProtect
2013-02-06 18:11:02 -------- d-----w- c:\program files\PeaZip
2013-02-06 17:07:54 -------- d-----w- c:\program files\common files\DivX Shared
2013-02-06 17:07:06 -------- d-----w- c:\users\sandra\appdata\roaming\Canneverbe Limited
2013-02-06 17:07:06 -------- d-----w- c:\programdata\Canneverbe Limited
2013-02-06 17:06:20 -------- d-----w- c:\program files\DivX
2013-02-06 17:05:37 -------- d-----w- c:\programdata\DivX
2013-02-06 15:32:09 -------- d-----w- c:\users\sandra\appdata\local\Mozilla
2013-02-06 14:28:36 -------- d-----w- c:\users\sandra\appdata\local\Google
2013-01-20 06:14:20 37064 ----a-w- c:\windows\system32\drivers\taphss6.sys
2013-01-20 06:00:58 36040 ----a-w- c:\windows\system32\drivers\hssdrv6.sys
.
==================== Find3M ====================
.
2013-02-07 14:00:14 357376 ----a-w- c:\windows\system32\MFHEAACdec.dll
2013-02-07 13:58:24 4096 ----a-w- c:\windows\system32\drivers\en-us\dxgkrnl.sys.mui
2013-02-07 08:40:13 36864 ----a-w- c:\windows\system32\drivers\en-us\http.sys.mui
2013-02-07 08:04:33 319456 ----a-w- c:\windows\DIFxAPI.dll
2012-11-20 04:22:50 204288 ----a-w- c:\windows\system32\ncrypt.dll
.
============= FINISH: 4:35:36.60 ===============
aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2013-02-11 04:45:08
-----------------------------
04:45:08.694 OS Version: Windows 6.0.6002 Service Pack 2
04:45:08.694 Number of processors: 2 586 0xF0D
04:45:08.694 ComputerName: SANDRA-PC UserName: sandra
04:45:09.261 Initialize success
04:58:28.493 AVAST engine defs: 13021001
05:00:03.792 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
05:00:03.808 Disk 0 Vendor: Hitachi_ FCDO Size: 238475MB BusType: 3
05:00:03.824 Disk 0 MBR read successfully
05:00:03.824 Disk 0 MBR scan
05:00:03.870 Disk 0 unknown MBR code
05:00:03.902 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 13312 MB offset 2048
05:00:03.907 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 112518 MB offset 27265024
05:00:03.938 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 112644 MB offset 257701888
05:00:03.969 Disk 0 scanning sectors +488396800
05:00:04.063 Disk 0 scanning C:\Windows\system32\drivers
05:00:19.214 Service scanning
05:00:47.649 Modules scanning
05:00:52.873 Disk 0 trace - called modules:
05:00:52.905 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
05:00:52.920 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x85f25928]
05:00:52.920 3 CLASSPNP.SYS[882b08b3] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x84e11028]
05:00:53.841 AVAST engine scan C:\Windows
05:00:57.120 AVAST engine scan C:\Windows\system32
05:05:05.866 AVAST engine scan C:\Windows\system32\drivers
05:05:19.667 AVAST engine scan C:\Users\sandra
05:08:38.162 AVAST engine scan C:\ProgramData
05:09:02.477 Scan finished successfully
05:16:24.643 Disk 0 MBR has been saved successfully to "C:\Users\sandra\Desktop\MBR.dat"
05:16:24.674 The log file has been saved successfully to "C:\Users\sandra\Desktop\aswMBR.txt"
Windows Vista™ Home Premium 6.0.6002.2.1252.353.1033.18.2008.986 [GMT 0:00]
.
AV: Avira Desktop *Enabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Enabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Spybot - Search and Destroy *Enabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
C:\Windows\Explorer.EXE
C:\Program Files\Samsung\EBM\EasyBatteryMgr3.exe
C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe
C:\Program Files\Samsung\Samsung Magic Doctor\MagicDoctorKbdHk.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\SearchProtect\bin\CltMngSvc.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Zune\ZuneLauncher.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Opera\opera.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn
mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=SMSN&bmod=SMSN
BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy 2\SDHelper.dll
uRun: [Spybot-S&D Cleaning] "c:\program files\spybot - search & destroy 2\SDCleaner.exe" /autoclean
mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe -s
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [IAAnotif] c:\program files\intel\intel matrix storage manager\iaanotif.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
mRun: [Zune Launcher] "c:\program files\zune\ZuneLauncher.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [SDTray] "c:\program files\spybot - search & destroy 2\SDTray.exe"
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy 2\SDHelper.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{67C601B1-1E2D-426F-832C-AD94CE568CB7} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{ABA8842C-511E-4DE7-907F-5AA21C1675C3} : DHCPNameServer = 8.8.8.8
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - c:\program files\belarc\advisor\system\BAVoilaX.dll
Handler: sacore - <Clsid value has no data>
Notify: igfxcui - igfxdev.dll
Notify: SDWinLogon - SDWinLogon.dll
SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - c:\windows\system32\CbFsMntNtf3.dll
STS: Virtual Storage Mount Notification - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - c:\windows\system32\CbFsMntNtf3.dll
LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg
Hosts: 127.0.0.1 www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\sandra\appdata\roaming\mozilla\firefox\profiles\4p741xj1.default\
FF - prefs.js: browser.search.selectedEngine - Delta Search
FF - prefs.js: browser.startup.homepage - www.google.ie
FF - plugin: c:\program files\google\update\1.3.21.135\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: c:\windows\system32\npDeployJava1.dll
FF - plugin: c:\windows\system32\npmproxy.dll
FF - ExtSQL: 2013-02-06 18:12; {f0e59437-6148-4a98-b0a6-60d557ef57f4}; c:\users\sandra\appdata\roaming\mozilla\firefox\profiles\4p741xj1.default\extensions\{f0e59437-6148-4a98-b0a6-60d557ef57f4}
FF - ExtSQL: 2013-02-06 22:56; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
.
---- FIREFOX POLICIES ----
FF - user.js: extensions.delta.tlbrSrchUrl -
FF - user.js: extensions.delta.id - a2db0ee800000000000000ffaba8842c
FF - user.js: extensions.delta.appId - {C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
FF - user.js: extensions.delta.instlDay - 15745
FF - user.js: extensions.delta.vrsn - 1.8.10.0
FF - user.js: extensions.delta.vrsni - 1.8.10.0
FF - user.js: extensions.delta.vrsnTs - 1.8.10.019:01:45
FF - user.js: extensions.delta.prtnrId - delta
FF - user.js: extensions.delta.prdct - delta
FF - user.js: extensions.delta.aflt - babsst
FF - user.js: extensions.delta.smplGrp - none
FF - user.js: extensions.delta.tlbrId - base
FF - user.js: extensions.delta.instlRef - sst
FF - user.js: extensions.delta.dfltLng - en
FF - user.js: extensions.delta.excTlbr - false
FF - user.js: extensions.delta.admin - false
FF - user.js: extensions.delta.autoRvrt - false
FF - user.js: extensions.delta.rvrt - false
FF - user.js: extensions.delta.newTab - false
.
============= SERVICES / DRIVERS ===============
.
R1 avkmgr;avkmgr;c:\windows\system32\drivers\avkmgr.sys [2013-2-6 36552]
R2 AntiVirSchedulerService;Avira Scheduler;c:\program files\avira\antivir desktop\sched.exe [2013-2-6 85280]
R2 AntiVirService;Avira Real-Time Protection;c:\program files\avira\antivir desktop\avguard.exe [2013-2-6 109344]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2013-2-6 83944]
R2 CltMngSvc;Search Protect by Conduit Updater;c:\program files\searchprotect\bin\CltMngSvc.exe [2013-1-27 95008]
R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-21 21504]
R2 KMDFMEMIO;SAMSUNG Kernel Driver;c:\windows\system32\drivers\KMDFMEMIO.sys [2009-6-11 13312]
R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2013-2-7 398184]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files\spybot - search & destroy 2\SDFSSvc.exe [2013-2-10 1103392]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files\spybot - search & destroy 2\SDUpdSvc.exe [2013-2-10 1369624]
R2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files\spybot - search & destroy 2\SDWSCSvc.exe [2013-2-10 168384]
R3 cbfs3;EldoS Callback File System driver v3;c:\windows\system32\drivers\cbfs3.sys [2013-2-7 299024]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-2-7 21104]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2013-2-7 682344]
S3 Ph3xIB32;Philips 713x Inbox PCI TV Card;c:\windows\system32\drivers\Ph3xIB32.sys [2006-11-2 1083520]
S3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\drivers\taphss6.sys [2013-1-20 37064]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== Created Last 30 ================
.
2013-02-11 01:18:29 -------- d-----w- c:\users\sandra\appdata\local\Microsoft Games
2013-02-10 22:02:22 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2013-02-10 22:02:07 15224 ----a-w- c:\windows\system32\sdnclean.exe
2013-02-10 22:01:57 -------- d-----w- c:\program files\Spybot - Search & Destroy 2
2013-02-10 21:04:52 2730536 ----a-w- c:\programdata\microsoft\windows defender\definition updates\backup\mpengine.dll
2013-02-10 21:04:48 6991832 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{d11b1fc0-8405-4374-bccf-960bb416f1cf}\mpengine.dll
2013-02-10 21:04:47 232336 ------w- c:\windows\system32\MpSigStub.exe
2013-02-10 20:52:56 -------- d-----w- c:\users\sandra\appdata\local\Microsoft_Corporation
2013-02-10 19:44:10 -------- d-----w- C:\TDSSKiller_Quarantine
2013-02-10 10:05:38 -------- d-----w- c:\programdata\Martau
2013-02-10 10:05:32 -------- d-----w- c:\program files\Total Uninstall 6
2013-02-09 19:01:11 18096 ----a-w- c:\windows\system32\roboot.exe
2013-02-09 19:01:11 -------- d-----w- c:\program files\File Scout
2013-02-09 18:59:49 -------- d-----w- c:\program files\VideoLAN
2013-02-09 09:16:49 -------- d-sh--w- C:\$RECYCLE.BIN
2013-02-09 05:17:09 -------- d-----w- c:\users\sandra\appdata\roaming\iolo
2013-02-09 05:07:51 -------- d-----w- c:\users\sandra\appdata\roaming\WinPatrol
2013-02-09 05:07:44 -------- d-----w- c:\program files\BillP Studios
2013-02-09 03:53:40 -------- d-----w- c:\users\sandra\appdata\local\ElevatedDiagnostics
2013-02-09 03:31:55 -------- d-----w- c:\windows\pss
2013-02-09 01:09:58 -------- d-----w- c:\users\sandra\appdata\local\temp
2013-02-09 00:15:59 -------- d-----w- c:\windows\ERUNT
2013-02-09 00:15:46 -------- d-----w- C:\JRT
2013-02-08 20:36:19 66800 ----a-w- c:\windows\UnDeployV.exe
2013-02-08 20:36:19 -------- d-----w- c:\program files\LookInMyPC
2013-02-08 20:15:14 -------- d-----w- c:\program files\Belarc
2013-02-08 20:08:26 -------- d-----w- c:\programdata\Acunetix WVS 8
2013-02-08 19:36:20 -------- d-----w- c:\users\sandra\appdata\roaming\uTorrent
2013-02-08 17:01:31 -------- d-----w- C:\Samsung
2013-02-08 16:59:57 -------- d-----w- c:\windows\system32\NetsyncAgent
2013-02-08 00:25:19 -------- d-----w- c:\users\sandra\appdata\roaming\GlarySoft
2013-02-07 23:32:02 -------- d-----w- c:\users\sandra\appdata\local\Opera
2013-02-07 20:59:46 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin7.dll
2013-02-07 20:59:46 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin6.dll
2013-02-07 20:59:46 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin5.dll
2013-02-07 20:59:46 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin4.dll
2013-02-07 20:59:46 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin3.dll
2013-02-07 20:59:46 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin2.dll
2013-02-07 20:59:46 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin.dll
2013-02-07 18:06:35 876032 ----a-w- c:\windows\system32\XpsPrint.dll
2013-02-07 18:06:34 219648 ----a-w- c:\windows\system32\d3d10_1core.dll
2013-02-07 18:06:34 1069056 ----a-w- c:\windows\system32\DWrite.dll
2013-02-07 18:06:33 683008 ----a-w- c:\windows\system32\d2d1.dll
2013-02-07 18:06:33 160768 ----a-w- c:\windows\system32\d3d10_1.dll
2013-02-07 18:06:33 1172480 ----a-w- c:\windows\system32\d3d10warp.dll
2013-02-07 15:38:10 -------- d-----w- c:\program files\Windows Portable Devices
2013-02-07 14:35:25 92672 ----a-w- c:\windows\system32\UIAnimation.dll
2013-02-07 14:35:24 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll
2013-02-07 14:35:23 3023360 ----a-w- c:\windows\system32\UIRibbon.dll
2013-02-07 14:16:08 5120 ----a-w- c:\windows\system32\wmi.dll
2013-02-07 14:16:08 157696 ----a-w- c:\windows\system32\imagehlp.dll
2013-02-07 14:16:08 12800 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2013-02-07 14:00:14 979456 ----a-w- c:\windows\system32\MFH264Dec.dll
2013-02-07 13:58:54 -------- d-----w- c:\users\sandra\appdata\local\Apple Computer
2013-02-07 13:58:21 369664 ----a-w- c:\windows\system32\WMPhoto.dll
2013-02-07 13:58:21 252928 ----a-w- c:\windows\system32\dxdiag.exe
2013-02-07 13:58:21 195584 ----a-w- c:\windows\system32\dxdiagn.dll
2013-02-07 13:58:19 519680 ----a-w- c:\windows\system32\d3d11.dll
2013-02-07 13:58:17 974848 ----a-w- c:\windows\system32\WindowsCodecs.dll
2013-02-07 13:58:17 321024 ----a-w- c:\windows\system32\PhotoMetadataHandler.dll
2013-02-07 13:58:17 189440 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2013-02-07 13:58:05 26840 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2013-02-07 13:56:51 -------- d-----w- c:\program files\iPod
2013-02-07 13:56:34 -------- d-----w- c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1
2013-02-07 13:56:34 -------- d-----w- c:\program files\iTunes
2013-02-07 13:55:19 -------- d-----w- c:\users\sandra\appdata\local\Apple
2013-02-07 13:53:18 -------- d-----w- c:\program files\Bonjour
2013-02-07 13:26:34 -------- d-----w- c:\users\sandra\appdata\local\Macroplant_LLC
2013-02-07 13:25:03 223760 ----a-w- c:\windows\system32\CbFsNetRdr3.dll
2013-02-07 13:25:03 158224 ----a-w- c:\windows\system32\CbFsMntNtf3.dll
2013-02-07 13:24:38 299024 ----a-w- c:\windows\system32\drivers\cbfs3.sys
2013-02-07 13:24:30 -------- d-----w- c:\program files\iExplorer
2013-02-07 13:11:55 9728 ----a-w- c:\windows\system32\Wdfres.dll
2013-02-07 13:11:51 66560 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2013-02-07 13:11:51 155136 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2013-02-07 13:11:50 73216 ----a-w- c:\windows\system32\WUDFSvc.dll
2013-02-07 13:11:50 526952 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2013-02-07 13:11:50 47720 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2013-02-07 13:11:50 172032 ----a-w- c:\windows\system32\WUDFPlatform.dll
2013-02-07 13:11:50 16896 ----a-w- c:\windows\system32\winusb.dll
2013-02-07 13:11:49 34944 ----a-w- c:\windows\system32\drivers\winusb.sys
2013-02-07 13:11:48 613888 ----a-w- c:\windows\system32\WUDFx.dll
2013-02-07 13:11:48 38912 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2013-02-07 13:11:48 196608 ----a-w- c:\windows\system32\WUDFHost.exe
2013-02-07 12:54:34 34304 ----a-w- c:\windows\system32\atmlib.dll
2013-02-07 12:54:34 293376 ----a-w- c:\windows\system32\atmfd.dll
2013-02-07 12:53:12 53120 ----a-w- c:\windows\system32\drivers\partmgr.sys
2013-02-07 12:53:12 1205064 ----a-w- c:\windows\system32\ntdll.dll
2013-02-07 12:53:11 376320 ----a-w- c:\windows\system32\dpnet.dll
2013-02-07 12:53:11 23040 ----a-w- c:\windows\system32\dpnsvr.exe
2013-02-07 12:53:08 623616 ----a-w- c:\windows\system32\localspl.dll
2013-02-07 12:51:09 497152 ----a-w- c:\windows\system32\qdvd.dll
2013-02-07 12:51:09 1314816 ----a-w- c:\windows\system32\quartz.dll
2013-02-07 12:50:50 2409784 ----a-w- c:\program files\windows mail\OESpamFilter.dat
2013-02-07 12:49:25 429056 ----a-w- c:\windows\system32\EncDec.dll
2013-02-07 12:48:56 1248768 ----a-w- c:\windows\system32\msxml3.dll
2013-02-07 12:48:50 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll
2013-02-07 12:48:50 4096 ----a-w- c:\windows\system32\oleaccrc.dll
2013-02-07 12:48:49 563712 ----a-w- c:\windows\system32\oleaut32.dll
2013-02-07 12:48:49 238080 ----a-w- c:\windows\system32\oleacc.dll
2013-02-07 12:48:36 613376 ----a-w- c:\windows\system32\rdpencom.dll
2013-02-07 08:59:12 180736 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2013-02-07 08:59:10 707584 ----a-w- c:\program files\common files\system\wab32.dll
2013-02-07 08:55:20 2048 ----a-w- c:\windows\system32\tzres.dll
2013-02-07 08:55:02 2048000 ----a-w- c:\windows\system32\win32k.sys
2013-02-07 08:55:01 75776 ----a-w- c:\windows\system32\synceng.dll
2013-02-07 08:52:30 377344 ----a-w- c:\windows\system32\winhttp.dll
2013-02-07 08:51:47 985088 ----a-w- c:\windows\system32\crypt32.dll
2013-02-07 08:51:47 98304 ----a-w- c:\windows\system32\cryptnet.dll
2013-02-07 08:51:47 133120 ----a-w- c:\windows\system32\cryptsvc.dll
2013-02-07 08:51:31 224640 ----a-w- c:\windows\system32\drivers\volsnap.sys
2013-02-07 08:49:16 86528 ----a-w- c:\windows\system32\dnsrslvr.dll
2013-02-07 08:49:16 25088 ----a-w- c:\windows\system32\dnscacheugc.exe
2013-02-07 08:48:42 288768 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2013-02-07 08:48:41 797696 ----a-w- c:\windows\system32\FntCache.dll
2013-02-07 08:48:41 486400 ----a-w- c:\windows\system32\d3d10level9.dll
2013-02-07 08:48:40 847360 ----a-w- c:\windows\system32\OpcServices.dll
2013-02-07 08:48:40 189952 ----a-w- c:\windows\system32\d3d10core.dll
2013-02-07 08:48:40 1554432 ----a-w- c:\windows\system32\xpsservices.dll
2013-02-07 08:48:40 1029120 ----a-w- c:\windows\system32\d3d10.dll
2013-02-07 08:46:04 17920 ----a-w- c:\windows\system32\netevent.dll
2013-02-07 08:46:04 125952 ----a-w- c:\windows\system32\srvsvc.dll
2013-02-07 08:37:01 23872 ----a-w- c:\windows\system32\RegistryDefragBootTime.exe
2013-02-07 08:29:28 440704 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2013-02-07 08:29:28 278528 ----a-w- c:\windows\system32\schannel.dll
2013-02-07 08:29:27 1259008 ----a-w- c:\windows\system32\lsasrv.dll
2013-02-07 08:29:26 9728 ----a-w- c:\windows\system32\lsass.exe
2013-02-07 08:29:26 72704 ----a-w- c:\windows\system32\secur32.dll
2013-02-07 08:29:22 231424 ----a-w- c:\windows\system32\msshsq.dll
2013-02-07 08:09:05 680448 ----a-w- c:\windows\system32\msvcrt.dll
2013-02-07 08:06:10 -------- d-----w- c:\windows\system32\RTCOM
2013-02-07 08:03:59 1836376 ----a-w- c:\windows\system32\MaxxAudioEQ.dll
2013-02-07 08:03:58 709976 ----a-w- c:\windows\system32\MaxxAudioAPOShell.dll
2013-02-07 08:03:58 232792 ----a-w- c:\windows\system32\MaxxAudioAPO20.dll
2013-02-07 08:03:58 132368 ----a-w- c:\windows\system32\MaxxAudioAPO.dll
2013-02-07 08:03:49 2193472 ----a-w- c:\windows\system32\FMAPO.dll
2013-02-07 08:03:43 95840 ----a-w- c:\windows\system32\AERTARen.dll
2013-02-07 08:03:43 176736 ----a-w- c:\windows\system32\AERTACap.dll
2013-02-07 08:02:59 5632 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\DotNetInstaller.exe
2013-02-07 07:59:48 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-02-07 07:59:47 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-02-07 07:50:17 2422272 ----a-w- c:\windows\system32\wucltux.dll
2013-02-07 07:50:01 88576 ----a-w- c:\windows\system32\wudriver.dll
2013-02-07 07:49:53 33792 ----a-w- c:\windows\system32\wuapp.exe
2013-02-07 07:49:53 171904 ----a-w- c:\windows\system32\wuwebv.dll
2013-02-07 04:51:43 -------- d-----w- c:\users\sandra\appdata\roaming\Malwarebytes
2013-02-07 04:51:34 -------- d-----w- c:\programdata\Malwarebytes
2013-02-07 04:51:32 21104 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-02-07 04:51:32 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-02-07 04:41:23 -------- d-----w- c:\windows\system32\x64
2013-02-07 04:22:26 -------- d-----w- c:\users\sandra\appdata\local\SlimWare Utilities Inc
2013-02-07 04:21:55 -------- d-----w- c:\program files\SlimComputer
2013-02-07 04:15:58 -------- d-----w- c:\users\sandra\appdata\local\eSupport.com
2013-02-07 02:39:03 -------- d-----w- c:\programdata\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A}
2013-02-07 02:38:59 -------- d-----w- c:\programdata\IObit
2013-02-07 02:38:57 -------- d-----w- c:\users\sandra\appdata\roaming\IObit
2013-02-07 02:38:43 -------- d-----w- c:\program files\IObit
2013-02-07 01:42:32 293376 ----a-w- c:\windows\system32\browserchoice.exe
2013-02-07 01:38:57 24064 ----a-w- c:\windows\system32\nshhttp.dll
2013-02-07 01:38:56 411648 ----a-w- c:\windows\system32\drivers\http.sys
2013-02-07 01:38:56 30720 ----a-w- c:\windows\system32\httpapi.dll
2013-02-07 01:32:07 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2013-02-07 01:32:07 168960 ----a-w- c:\program files\windows media player\wmplayer.exe
2013-02-07 01:30:52 317952 ----a-w- c:\windows\system32\MP4SDECD.DLL
2013-02-07 01:28:56 677888 ----a-w- c:\windows\system32\mstsc.exe
2013-02-07 01:13:25 310784 ----a-w- c:\windows\system32\unregmp2.exe
2013-02-07 01:13:25 1418752 ----a-w- c:\program files\windows media player\setup_wm.exe
2013-02-07 01:13:23 7680 ----a-w- c:\windows\system32\spwmp.dll
2013-02-07 01:13:23 107520 ----a-w- c:\program files\windows media player\wmpshare.exe
2013-02-07 01:13:23 107520 ----a-w- c:\program files\windows media player\wmpconfig.exe
2013-02-07 01:13:22 4096 ----a-w- c:\windows\system32\msdxm.ocx
2013-02-07 01:13:22 4096 ----a-w- c:\windows\system32\dxmasf.dll
2013-02-07 01:12:44 30720 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2013-02-07 01:10:51 91136 ----a-w- c:\windows\system32\avifil32.dll
2013-02-07 01:10:51 82944 ----a-w- c:\windows\system32\mciavi32.dll
2013-02-07 01:10:51 50176 ----a-w- c:\windows\system32\iyuv_32.dll
2013-02-07 01:10:51 31744 ----a-w- c:\windows\system32\msvidc32.dll
2013-02-07 01:10:51 22528 ----a-w- c:\windows\system32\msyuv.dll
2013-02-07 01:10:51 13312 ----a-w- c:\windows\system32\msrle32.dll
2013-02-07 01:10:51 123904 ----a-w- c:\windows\system32\msvfw32.dll
2013-02-07 01:10:51 12288 ----a-w- c:\windows\system32\tsbyuv.dll
2013-02-07 01:10:49 243712 ----a-w- c:\windows\system32\rastls.dll
2013-02-07 01:10:46 531968 ----a-w- c:\windows\system32\comctl32.dll
2013-02-07 01:10:43 355328 ----a-w- c:\windows\system32\WSDApi.dll
2013-02-07 01:10:26 604672 ----a-w- c:\windows\system32\WMSPDMOD.DLL
2013-02-07 00:42:23 -------- d-----w- c:\windows\system32\ms-MY
2013-02-07 00:24:16 -------- d-----w- c:\windows\system32\drivers\umdf\ko-KR
2013-02-07 00:24:15 -------- d-----w- c:\windows\system32\drivers\umdf\ms-MY
2013-02-07 00:24:14 -------- d-----w- c:\windows\system32\drivers\umdf\id-ID
2013-02-07 00:24:13 -------- d-----w- c:\windows\system32\drivers\umdf\sv-SE
2013-02-07 00:24:12 -------- d-----w- c:\windows\system32\drivers\umdf\nb-NO
2013-02-07 00:24:11 -------- d-----w- c:\windows\system32\drivers\umdf\hu-HU
2013-02-07 00:24:10 -------- d-----w- c:\windows\system32\drivers\umdf\fi-FI
2013-02-07 00:24:08 -------- d-----w- c:\windows\system32\drivers\umdf\da-DK
2013-02-07 00:24:07 -------- d-----w- c:\windows\system32\drivers\umdf\cs-CZ
2013-02-07 00:24:05 -------- d-----w- c:\windows\system32\drivers\umdf\ru-RU
2013-02-07 00:24:01 -------- d-----w- c:\windows\system32\drivers\umdf\ja-JP
2013-02-07 00:24:00 -------- d-----w- c:\windows\system32\drivers\umdf\pt-BR
2013-02-07 00:23:59 -------- d-----w- c:\windows\system32\drivers\umdf\pt-PT
2013-02-07 00:23:58 -------- d-----w- c:\windows\system32\drivers\umdf\nl-NL
2013-02-07 00:23:55 -------- d-----w- c:\windows\system32\drivers\umdf\de-DE
2013-02-07 00:23:53 -------- d-----w- c:\windows\system32\drivers\umdf\fr-FR
2013-02-07 00:23:51 -------- d-----w- c:\windows\system32\drivers\umdf\es-ES
2013-02-06 23:59:04 1547776 ----a-w- c:\windows\system32\WMVDECOD.DLL
2013-02-06 23:58:55 -------- d-----w- c:\windows\PCHEALTH
2013-02-06 23:46:30 -------- d-----w- c:\program files\Glary Utilities
2013-02-06 23:37:07 -------- d-----w- c:\users\sandra\appdata\local\DoNotTrackPlus
2013-02-06 23:20:30 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2013-02-06 23:20:30 49472 ----a-w- c:\windows\system32\netfxperf.dll
2013-02-06 23:20:30 297808 ----a-w- c:\windows\system32\mscoree.dll
2013-02-06 23:20:30 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2013-02-06 23:20:30 1130824 ----a-w- c:\windows\system32\dfshim.dll
2013-02-06 23:11:58 2297552 ----a-w- c:\windows\system32\d3dx9_26.dll
2013-02-06 23:04:45 -------- d-----w- c:\windows\system32\directx
2013-02-06 22:43:18 -------- d-----w- c:\windows\system32\eu-ES
2013-02-06 22:43:18 -------- d-----w- c:\windows\system32\ca-ES
2013-02-06 22:43:17 -------- d-----w- c:\windows\system32\vi-VN
2013-02-06 22:40:21 -------- d-----w- c:\windows\system32\SPReview
2013-02-06 22:28:11 928768 ----a-w- c:\windows\system32\scavenge.dll
2013-02-06 22:28:06 57856 ----a-w- c:\windows\system32\compcln.exe
2013-02-06 22:26:59 97792 ----a-w- c:\windows\system32\mprapi.dll
2013-02-06 20:34:38 -------- d-----w- c:\users\sandra\appdata\roaming\Samsung
2013-02-06 20:18:59 -------- d-----w- c:\users\sandra\appdata\roaming\Avira
2013-02-06 20:18:52 -------- d-----w- c:\windows\system32\EventProviders
2013-02-06 20:11:48 83944 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2013-02-06 20:11:48 36552 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2013-02-06 20:11:41 -------- d-----w- c:\programdata\Avira
2013-02-06 20:11:41 -------- d-----w- c:\program files\Avira
2013-02-06 20:05:31 861088 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-02-06 20:05:31 782240 ----a-w- c:\windows\system32\deployJava1.dll
2013-02-06 20:05:23 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-02-06 19:42:22 -------- d-----w- c:\windows\CheckSur
2013-02-06 19:38:28 -------- d-----w- c:\users\sandra\appdata\local\Macromedia
2013-02-06 19:28:34 697712 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-02-06 18:13:10 -------- d-----w- c:\users\sandra\appdata\roaming\PeaZip
2013-02-06 18:12:16 -------- d-----w- c:\program files\SearchProtect
2013-02-06 18:11:02 -------- d-----w- c:\program files\PeaZip
2013-02-06 17:07:54 -------- d-----w- c:\program files\common files\DivX Shared
2013-02-06 17:07:06 -------- d-----w- c:\users\sandra\appdata\roaming\Canneverbe Limited
2013-02-06 17:07:06 -------- d-----w- c:\programdata\Canneverbe Limited
2013-02-06 17:06:20 -------- d-----w- c:\program files\DivX
2013-02-06 17:05:37 -------- d-----w- c:\programdata\DivX
2013-02-06 15:32:09 -------- d-----w- c:\users\sandra\appdata\local\Mozilla
2013-02-06 14:28:36 -------- d-----w- c:\users\sandra\appdata\local\Google
2013-01-20 06:14:20 37064 ----a-w- c:\windows\system32\drivers\taphss6.sys
2013-01-20 06:00:58 36040 ----a-w- c:\windows\system32\drivers\hssdrv6.sys
.
==================== Find3M ====================
.
2013-02-07 14:00:14 357376 ----a-w- c:\windows\system32\MFHEAACdec.dll
2013-02-07 13:58:24 4096 ----a-w- c:\windows\system32\drivers\en-us\dxgkrnl.sys.mui
2013-02-07 08:40:13 36864 ----a-w- c:\windows\system32\drivers\en-us\http.sys.mui
2013-02-07 08:04:33 319456 ----a-w- c:\windows\DIFxAPI.dll
2012-11-20 04:22:50 204288 ----a-w- c:\windows\system32\ncrypt.dll
.
============= FINISH: 4:35:36.60 ===============
aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2013-02-11 04:45:08
-----------------------------
04:45:08.694 OS Version: Windows 6.0.6002 Service Pack 2
04:45:08.694 Number of processors: 2 586 0xF0D
04:45:08.694 ComputerName: SANDRA-PC UserName: sandra
04:45:09.261 Initialize success
04:58:28.493 AVAST engine defs: 13021001
05:00:03.792 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
05:00:03.808 Disk 0 Vendor: Hitachi_ FCDO Size: 238475MB BusType: 3
05:00:03.824 Disk 0 MBR read successfully
05:00:03.824 Disk 0 MBR scan
05:00:03.870 Disk 0 unknown MBR code
05:00:03.902 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 13312 MB offset 2048
05:00:03.907 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 112518 MB offset 27265024
05:00:03.938 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 112644 MB offset 257701888
05:00:03.969 Disk 0 scanning sectors +488396800
05:00:04.063 Disk 0 scanning C:\Windows\system32\drivers
05:00:19.214 Service scanning
05:00:47.649 Modules scanning
05:00:52.873 Disk 0 trace - called modules:
05:00:52.905 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
05:00:52.920 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x85f25928]
05:00:52.920 3 CLASSPNP.SYS[882b08b3] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x84e11028]
05:00:53.841 AVAST engine scan C:\Windows
05:00:57.120 AVAST engine scan C:\Windows\system32
05:05:05.866 AVAST engine scan C:\Windows\system32\drivers
05:05:19.667 AVAST engine scan C:\Users\sandra
05:08:38.162 AVAST engine scan C:\ProgramData
05:09:02.477 Scan finished successfully
05:16:24.643 Disk 0 MBR has been saved successfully to "C:\Users\sandra\Desktop\MBR.dat"
05:16:24.674 The log file has been saved successfully to "C:\Users\sandra\Desktop\aswMBR.txt"