ozymandiaspoem
2013-07-14, 05:31
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16635 BrowserJavaVersion: 10.25.2
Run by Anonymous at 19:26:24 on 2013-07-13
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8086.5423 [GMT -7:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Spybot - Search and Destroy *Enabled/Outdated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: Microsoft Security Essentials *Enabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
c:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
c:\Program Files\Microsoft Security Client\MpCmdRun.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Users\Anonymous\Pictures\aswMBR.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
mWinlogon: Userinit = userinit.exe
BHO: SDHelper: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: WeCareReminder Class: {D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} - C:\ProgramData\WeCareReminder\IEHelperv2.5.0.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: Yontoo Layers: {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} -
uRun: [Epson Stylus NX420(Network)] C:\Windows\System32\spool\DRIVERS\x64\3\E_IATIGCA.EXE /FU "C:\Windows\TEMP\E_SA33C.tmp" /EF "HKCU"
uRun: [Spybot-S&D Cleaning] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe
mRun: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"
mRun: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"
mRun: [AccuWeatherWidget] "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup
mRun: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
mRun: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} - hxxp://ccfiles.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab
DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/110926/CTPID.cab
TCP: NameServer = 71.9.127.107 68.190.192.35 24.205.224.36
TCP: Interfaces\{11BE7138-72B0-433A-A483-2F2C02E3B12F} : DHCPNameServer = 71.9.127.107 68.190.192.35 24.205.224.36
TCP: Interfaces\{E29D120B-78BA-4125-AB49-C782AB7BDABA} : DHCPNameServer = 71.9.127.107 68.190.192.35 24.205.224.36
TCP: Interfaces\{E29D120B-78BA-4125-AB49-C782AB7BDABA}\34F666665656245616E675966496 : DHCPNameServer = 192.168.180.1
TCP: Interfaces\{E29D120B-78BA-4125-AB49-C782AB7BDABA}\D497759602A5163686162797D2348696C64656273737D2960586F6E656 : DHCPNameServer = 8.8.8.8
Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - c:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
Notify: SDWinLogon - SDWinLogon.dll
AppInit_DLLs= C:\Windows\SysWOW64\nvinit.dll
SSODL: WebCheck - <orphaned>
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} -
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [NVHotkey] rundll32.exe C:\Windows\System32\nvHotkey.dll,Start
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [FreeFallProtection] C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
x64-Run: [BTMTrayAgent] rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
x64-Run: [IntelPAN] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel PAN Tray
x64-Run: [QuickSet] c:\Program Files\Dell\QuickSet\QuickSet.exe
x64-Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
x64-Run: [DellStage] "C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\start.umj" --startup
x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
.
INFO: x64-HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
x64-Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
Hosts: 127.0.0.1 www.spywareinfo.com (http://www.spywareinfo.com)
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Anonymous\AppData\Roaming\Mozilla\Firefox\Profiles\a2liz99q.default\
FF - prefs.js: browser.search.selectedEngine - Blekko
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll
FF - plugin: C:\Windows\SysWOW64\npdeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
FF - ExtSQL: 2013-05-28 04:01; {b9db16a4-6edc-47ec-a1f4-b86292ed211d}; C:\Users\Anonymous\AppData\Roaming\Mozilla\Firefox\Profiles\a2liz99q.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2013-1-20 230320]
R0 nvpciflt;nvpciflt;C:\Windows\System32\drivers\nvpciflt.sys [2011-10-28 25960]
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2011-10-28 55856]
R0 stdcfltn;Disk Class Filter Driver for Accelerometer;C:\Windows\System32\drivers\stdcfltn.sys [2011-10-28 21616]
R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service;C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-8-8 1166848]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-5-18 921664]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2011-5-18 995392]
R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service;C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2011-6-3 134928]
R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2011-4-27 130008]
R2 NOBU;Dell DataSafe Online;C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe [2010-8-25 2823000]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2013-2-14 1103392]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2013-2-14 1369624]
R2 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2013-2-14 168384]
R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2011-10-28 1692480]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-4-21 378472]
R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\System32\drivers\TurboB.sys [2010-11-29 16120]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-10-28 2656280]
R3 Acceler;Accelerometer Service;C:\Windows\System32\drivers\Accelern.sys [2011-10-28 27760]
R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Virtual Adapter;C:\Windows\System32\drivers\AmpPal.sys [2011-8-8 299008]
R3 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2011-5-18 1335360]
R3 btmaudio;Intel Bluetooth Audio Service;C:\Windows\System32\drivers\btmaud.sys [2011-5-18 51712]
R3 btmaux;Intel Bluetooth Auxiliary Service;C:\Windows\System32\drivers\btmaux.sys [2011-5-18 53248]
R3 btmhsf;btmhsf;C:\Windows\System32\drivers\btmhsf.sys [2011-7-19 282624]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\System32\drivers\CtClsFlt.sys [2012-6-26 176000]
R3 iBtFltCoex;iBtFltCoex;C:\Windows\System32\drivers\iBtFltCoex.sys [2011-7-19 59904]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2011-10-28 317440]
R3 iwdbus;IWD Bus Enumerator;C:\Windows\System32\drivers\iwdbus.sys [2011-5-17 25496]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-1-27 379360]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2011-10-28 82432]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2011-10-28 181760]
R3 qicflt;upper Device Filter Driver;C:\Windows\System32\drivers\qicflt.sys [2011-10-28 29288]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-10-28 428136]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 RoxWatch12;Roxio Hard Drive Watcher 12;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632]
S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Protocol;C:\Windows\System32\drivers\AmpPal.sys [2011-8-8 299008]
S3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2011-10-28 158976]
S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\Windows\System32\drivers\intelaud.sys [2011-5-17 34200]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-7-27 340240]
S3 NvStUSB;NVIDIA Stereoscopic 3D USB driver;C:\Windows\System32\drivers\nvstusb.sys [2011-10-28 121960]
S3 RoxMediaDB12OEM;RoxMediaDB12OEM;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-11-3 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2013-07-14 01:10:20 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-07-13 20:34:46 -------- d-----w- C:\Users\Anonymous\AppData\Local\{8200E3AB-CA7A-45E1-A1FA-B1ED3BDF468D}
2013-07-13 20:34:30 -------- d-----w- C:\Users\Anonymous\AppData\Local\{F0B0A517-73CD-45C1-AD1A-DA5EB26DA2F4}
2013-07-13 12:08:10 9552976 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{7591F6A4-8F33-4F0B-9878-27B92D9F48FD}\mpengine.dll
2013-07-13 07:47:44 -------- d-----w- C:\Users\Anonymous\AppData\Local\{6E4F1832-9291-4274-8878-A32A8731BA70}
2013-07-12 07:52:58 9552976 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-07-12 06:01:42 -------- d-----w- C:\Users\Anonymous\AppData\Local\{527A9426-38F4-4525-AE08-C24C7AB7C0E4}
2013-07-11 10:05:59 3958784 ----a-w- C:\Windows\System32\jscript9.dll
2013-07-10 23:11:03 571904 ----a-w- C:\Program Files\Windows Defender\MpClient.dll
2013-07-10 23:11:03 1011712 ----a-w- C:\Program Files\Windows Defender\MpSvc.dll
2013-07-10 23:11:02 9216 ----a-w- C:\Program Files (x86)\Windows Defender\MpAsDesc.dll
2013-07-10 23:11:02 54784 ----a-w- C:\Program Files (x86)\Windows Defender\MpOAV.dll
2013-07-10 23:11:02 4608 ----a-w- C:\Program Files (x86)\Windows Defender\MsMpLics.dll
2013-07-10 23:11:02 392704 ----a-w- C:\Program Files (x86)\Windows Defender\MpClient.dll
2013-07-10 23:11:02 314880 ----a-w- C:\Program Files\Windows Defender\MpCommu.dll
2013-07-10 23:11:01 624128 ----a-w- C:\Windows\System32\qedit.dll
2013-07-10 23:11:01 509440 ----a-w- C:\Windows\SysWow64\qedit.dll
2013-07-10 23:11:00 1887744 ----a-w- C:\Windows\System32\WMVDECOD.DLL
2013-07-10 23:11:00 1620480 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL
2013-07-10 23:05:38 3153920 ----a-w- C:\Windows\System32\win32k.sys
2013-07-10 23:05:12 1732608 ----a-w- C:\Program Files\Windows Journal\NBDoc.DLL
2013-07-10 23:05:12 1393152 ----a-w- C:\Program Files\Windows Journal\JNTFiltr.dll
2013-07-10 23:05:12 1367040 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll
2013-07-10 23:05:11 936448 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2013-07-10 23:05:11 1402880 ----a-w- C:\Program Files\Windows Journal\JNWDRV.dll
2013-07-10 23:05:02 1643520 ----a-w- C:\Windows\System32\DWrite.dll
2013-07-10 23:05:01 1247744 ----a-w- C:\Windows\SysWow64\DWrite.dll
2013-07-09 23:13:57 -------- d-----w- C:\Users\Anonymous\AppData\Local\{0419DFD0-8D6C-4AD8-B4B8-FD1AC399B602}
2013-07-09 22:35:52 -------- d-----w- C:\Users\Anonymous\AppData\Local\{E8783CBD-EB88-4782-B045-49AAC0822731}
2013-07-09 01:53:32 -------- d-----w- C:\Users\Anonymous\AppData\Local\{924E2FA2-B5BD-4593-A927-6EE28FDEF0F3}
2013-07-07 23:37:52 -------- d-----w- C:\Users\Anonymous\AppData\Local\{BC8145B2-8250-4952-829E-F76E9D51278C}
2013-07-07 00:20:01 -------- d-----w- C:\Users\Anonymous\AppData\Local\{04702219-8CC3-4B29-9C59-DF1D07FA5756}
2013-07-06 23:41:49 -------- d-----w- C:\Users\Anonymous\AppData\Local\{D4BFAC5C-C8A6-4995-BFD4-CACD88E339DF}
2013-07-06 02:40:47 -------- d-----w- C:\Users\Anonymous\AppData\Local\{81EC55F3-9250-49D0-A9B4-62C872514F9A}
2013-07-03 03:30:13 -------- d-----w- C:\Users\Anonymous\AppData\Local\{DD3C1CB3-109E-4067-8287-7459F99C42CB}
2013-07-01 10:45:33 -------- d-----w- C:\Users\Anonymous\AppData\Local\{0C6108A9-C22F-4441-ACD2-FF86DFD45605}
2013-06-29 20:10:05 -------- d-----w- C:\Users\Anonymous\AppData\Local\{3435F724-E151-4617-9E6E-3EC4BE2D1EF7}
2013-06-29 08:45:04 -------- d-----w- C:\Users\Anonymous\AppData\Local\{DBB4DCF1-9228-492B-B15F-CA9770FE9CA7}
2013-06-28 08:44:41 -------- d-----w- C:\Users\Anonymous\AppData\Local\{AD64AFAE-8956-48E0-86C7-668E0469AF6A}
2013-06-26 22:27:37 -------- d-----w- C:\Users\Anonymous\AppData\Local\{BE7E5CA9-1635-4FA3-99FD-AA30D01BB62C}
2013-06-25 21:13:27 -------- d-----w- C:\Users\Anonymous\AppData\Local\{276DF3B8-7540-49B7-B908-683730F9F846}
2013-06-25 21:12:32 -------- d-----w- C:\Users\Anonymous\AppData\Local\{D6766B00-59D3-4354-AD52-6CBC38B34A99}
2013-06-24 16:00:56 -------- d-----w- C:\Users\Anonymous\AppData\Local\{06BB1B64-926A-45B3-82BB-787984F5AF4A}
2013-06-23 13:45:42 -------- d-----w- C:\Users\Anonymous\AppData\Local\{242713B5-0F54-4F2C-AE8B-39478EA71427}
2013-06-22 18:45:09 -------- d-----w- C:\Users\Anonymous\AppData\Local\{0EF3C982-CB16-403D-BCD2-B4A9A8F03E83}
2013-06-22 18:42:39 -------- d-----w- C:\Users\Anonymous\AppData\Local\{E64F6659-C02C-46A6-91D6-7087FE7A0592}
2013-06-21 22:38:15 -------- d-----w- C:\Users\Anonymous\AppData\Local\{FCBA6C48-47EA-48ED-9F24-8BA0CF1B5E94}
2013-06-21 14:05:53 964552 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{63FC7DF3-ACF9-47D8-9B5A-3B2B028FC702}\gapaengine.dll
2013-06-20 23:07:16 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-06-20 19:13:13 -------- d-----w- C:\Users\Anonymous\AppData\Local\{217E8959-FFDE-4F7B-AF95-F72F0AA1E65B}
2013-06-19 22:04:22 -------- d-----w- C:\Users\Anonymous\AppData\Local\{0FBB5394-52B1-499E-B655-A2CE3FD860D9}
2013-06-18 03:22:53 -------- d-----w- C:\Users\Anonymous\AppData\Local\{4BE9AD8C-15D3-49F2-A57F-874635BF0F0C}
2013-06-17 02:07:13 -------- d-----w- C:\Users\Anonymous\AppData\Local\{E0CA8857-FE79-4B71-9CAC-9DF5FDE24859}
2013-06-14 23:57:24 -------- d-----w- C:\Users\Anonymous\AppData\Local\{B003FBE7-8C23-4592-B46B-771A3DA1C41B}
2013-06-14 14:34:55 -------- d-----w- C:\Users\Anonymous\AppData\Local\{3C3CA499-D9A5-4488-8AD1-49CC8DA3F98A}
.
==================== Find3M ====================
.
2013-07-11 06:56:42 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-07-11 06:56:42 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-06-13 04:48:23 867240 ----a-w- C:\Windows\SysWow64\npdeployJava1.dll
2013-06-13 04:48:17 789416 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2013-06-11 23:43:37 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-06-11 23:43:00 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-06-11 23:42:58 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
2013-06-11 23:42:58 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2013-06-11 23:26:20 2241024 ----a-w- C:\Windows\System32\wininet.dll
2013-06-11 23:25:13 67072 ----a-w- C:\Windows\System32\iesetup.dll
2013-06-11 23:25:13 136704 ----a-w- C:\Windows\System32\iesysprep.dll
2013-06-11 22:51:45 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe
2013-06-11 22:50:58 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe
2013-06-07 03:22:18 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
2013-06-07 02:37:52 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-05-30 19:27:37 33958 ----a-w- C:\ProgramData\uninstaller.exe
2013-05-22 15:21:06 4325376 ----a-w- C:\ProgramData\ReadOnlyInstaller.msi
2013-05-13 05:51:01 184320 ----a-w- C:\Windows\System32\cryptsvc.dll
2013-05-13 05:51:00 1464320 ----a-w- C:\Windows\System32\crypt32.dll
2013-05-13 05:51:00 139776 ----a-w- C:\Windows\System32\cryptnet.dll
2013-05-13 05:50:40 52224 ----a-w- C:\Windows\System32\certenc.dll
2013-05-13 04:45:55 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
2013-05-13 04:45:55 1160192 ----a-w- C:\Windows\SysWow64\crypt32.dll
2013-05-13 04:45:55 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
2013-05-13 03:43:55 1192448 ----a-w- C:\Windows\System32\certutil.exe
2013-05-13 03:08:10 903168 ----a-w- C:\Windows\SysWow64\certutil.exe
2013-05-13 03:08:06 43008 ----a-w- C:\Windows\SysWow64\certenc.dll
2013-05-10 05:49:27 30720 ----a-w- C:\Windows\System32\cryptdlg.dll
2013-05-10 03:20:54 24576 ----a-w- C:\Windows\SysWow64\cryptdlg.dll
2013-05-08 06:39:01 1910632 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2013-05-02 15:29:56 278800 ------w- C:\Windows\System32\MpSigStub.exe
2013-04-26 05:51:36 751104 ----a-w- C:\Windows\System32\win32spl.dll
2013-04-26 04:55:21 492544 ----a-w- C:\Windows\SysWow64\win32spl.dll
2013-04-25 23:30:32 1505280 ----a-w- C:\Windows\SysWow64\d3d11.dll
2013-04-17 07:02:06 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll
2013-04-17 06:24:46 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll
.
============= FINISH: 19:26:47.65 ===============
aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-07-13 19:27:55
-----------------------------
19:27:55.590 OS Version: Windows x64 6.1.7601 Service Pack 1
19:27:55.590 Number of processors: 8 586 0x2A07
19:27:55.590 ComputerName: ANONYMOUS-PC UserName: Anonymous
19:27:57.805 Initialize success
19:28:03.563 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
19:28:03.563 Disk 0 Vendor: WDC_WD75 01.0 Size: 715404MB BusType: 3
19:28:03.657 Disk 0 MBR read successfully
19:28:03.657 Disk 0 MBR scan
19:28:03.673 Disk 0 Windows VISTA default MBR code
19:28:03.673 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 101 MB offset 63
19:28:03.688 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 20000 MB offset 212992
19:28:03.688 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 695299 MB offset 41172992
19:28:03.704 Disk 0 scanning C:\Windows\system32\drivers
19:28:09.133 Service scanning
19:28:20.489 Modules scanning
19:28:20.505 Disk 0 trace - called modules:
19:28:20.521 ntoskrnl.exe CLASSPNP.SYS disk.sys stdcfltn.sys ACPI.sys iaStor.sys hal.dll
19:28:20.536 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8009605790]
19:28:20.552 3 CLASSPNP.SYS[fffff88001a1f43f] -> nt!IofCallDriver -> [0xfffffa8009521cb0]
19:28:20.552 5 stdcfltn.sys[fffff880017e2c52] -> nt!IofCallDriver -> [0xfffffa8006ce3720]
19:28:20.567 7 ACPI.sys[fffff88000f337a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa80078ee050]
19:28:20.583 Scan finished successfully
19:28:30.427 Disk 0 MBR has been saved successfully to "C:\Users\Anonymous\Pictures\MBR.dat"
19:28:30.427 The log file has been saved successfully to "C:\Users\Anonymous\Pictures\aswMBR.txt"
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
I just visited two porn sites - xvideos and motherless - with Firefox Adblock turned off. I have Windows Vista. I get a "Start Center has stopped working" popup when I click on Spypot but no solution from Windows. I tried turning on Windows Defense but it won't turn on. I downloaded Malwarebytes to check for malware, and got this log:
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org (http://www.malwarebytes.org)
Database version: v2013.07.14.01
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16635
Anonymous :: ANONYMOUS-PC [administrator]
7/13/2013 6:14:32 PM
mbam-log-2013-07-13 (18-14-32).txt
Scan type: Full scan (C:\|D:\|Y:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 355815
Time elapsed: 37 minute(s), 40 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
Internet Explorer: 10.0.9200.16635 BrowserJavaVersion: 10.25.2
Run by Anonymous at 19:26:24 on 2013-07-13
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8086.5423 [GMT -7:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Spybot - Search and Destroy *Enabled/Outdated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: Microsoft Security Essentials *Enabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
c:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
c:\Program Files\Microsoft Security Client\MpCmdRun.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Users\Anonymous\Pictures\aswMBR.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
mWinlogon: Userinit = userinit.exe
BHO: SDHelper: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: WeCareReminder Class: {D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} - C:\ProgramData\WeCareReminder\IEHelperv2.5.0.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: Yontoo Layers: {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} -
uRun: [Epson Stylus NX420(Network)] C:\Windows\System32\spool\DRIVERS\x64\3\E_IATIGCA.EXE /FU "C:\Windows\TEMP\E_SA33C.tmp" /EF "HKCU"
uRun: [Spybot-S&D Cleaning] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe
mRun: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"
mRun: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"
mRun: [AccuWeatherWidget] "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup
mRun: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
mRun: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} - hxxp://ccfiles.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab
DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/110926/CTPID.cab
TCP: NameServer = 71.9.127.107 68.190.192.35 24.205.224.36
TCP: Interfaces\{11BE7138-72B0-433A-A483-2F2C02E3B12F} : DHCPNameServer = 71.9.127.107 68.190.192.35 24.205.224.36
TCP: Interfaces\{E29D120B-78BA-4125-AB49-C782AB7BDABA} : DHCPNameServer = 71.9.127.107 68.190.192.35 24.205.224.36
TCP: Interfaces\{E29D120B-78BA-4125-AB49-C782AB7BDABA}\34F666665656245616E675966496 : DHCPNameServer = 192.168.180.1
TCP: Interfaces\{E29D120B-78BA-4125-AB49-C782AB7BDABA}\D497759602A5163686162797D2348696C64656273737D2960586F6E656 : DHCPNameServer = 8.8.8.8
Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - c:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
Notify: SDWinLogon - SDWinLogon.dll
AppInit_DLLs= C:\Windows\SysWOW64\nvinit.dll
SSODL: WebCheck - <orphaned>
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} -
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [NVHotkey] rundll32.exe C:\Windows\System32\nvHotkey.dll,Start
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [FreeFallProtection] C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
x64-Run: [BTMTrayAgent] rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
x64-Run: [IntelPAN] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel PAN Tray
x64-Run: [QuickSet] c:\Program Files\Dell\QuickSet\QuickSet.exe
x64-Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
x64-Run: [DellStage] "C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\start.umj" --startup
x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
.
INFO: x64-HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
x64-Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
Hosts: 127.0.0.1 www.spywareinfo.com (http://www.spywareinfo.com)
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Anonymous\AppData\Roaming\Mozilla\Firefox\Profiles\a2liz99q.default\
FF - prefs.js: browser.search.selectedEngine - Blekko
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll
FF - plugin: C:\Windows\SysWOW64\npdeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
FF - ExtSQL: 2013-05-28 04:01; {b9db16a4-6edc-47ec-a1f4-b86292ed211d}; C:\Users\Anonymous\AppData\Roaming\Mozilla\Firefox\Profiles\a2liz99q.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2013-1-20 230320]
R0 nvpciflt;nvpciflt;C:\Windows\System32\drivers\nvpciflt.sys [2011-10-28 25960]
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2011-10-28 55856]
R0 stdcfltn;Disk Class Filter Driver for Accelerometer;C:\Windows\System32\drivers\stdcfltn.sys [2011-10-28 21616]
R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service;C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-8-8 1166848]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-5-18 921664]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2011-5-18 995392]
R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service;C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2011-6-3 134928]
R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2011-4-27 130008]
R2 NOBU;Dell DataSafe Online;C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe [2010-8-25 2823000]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2013-2-14 1103392]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2013-2-14 1369624]
R2 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2013-2-14 168384]
R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2011-10-28 1692480]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-4-21 378472]
R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\System32\drivers\TurboB.sys [2010-11-29 16120]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-10-28 2656280]
R3 Acceler;Accelerometer Service;C:\Windows\System32\drivers\Accelern.sys [2011-10-28 27760]
R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Virtual Adapter;C:\Windows\System32\drivers\AmpPal.sys [2011-8-8 299008]
R3 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2011-5-18 1335360]
R3 btmaudio;Intel Bluetooth Audio Service;C:\Windows\System32\drivers\btmaud.sys [2011-5-18 51712]
R3 btmaux;Intel Bluetooth Auxiliary Service;C:\Windows\System32\drivers\btmaux.sys [2011-5-18 53248]
R3 btmhsf;btmhsf;C:\Windows\System32\drivers\btmhsf.sys [2011-7-19 282624]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\System32\drivers\CtClsFlt.sys [2012-6-26 176000]
R3 iBtFltCoex;iBtFltCoex;C:\Windows\System32\drivers\iBtFltCoex.sys [2011-7-19 59904]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2011-10-28 317440]
R3 iwdbus;IWD Bus Enumerator;C:\Windows\System32\drivers\iwdbus.sys [2011-5-17 25496]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-1-27 379360]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2011-10-28 82432]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2011-10-28 181760]
R3 qicflt;upper Device Filter Driver;C:\Windows\System32\drivers\qicflt.sys [2011-10-28 29288]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-10-28 428136]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 RoxWatch12;Roxio Hard Drive Watcher 12;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632]
S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Protocol;C:\Windows\System32\drivers\AmpPal.sys [2011-8-8 299008]
S3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2011-10-28 158976]
S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\Windows\System32\drivers\intelaud.sys [2011-5-17 34200]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-7-27 340240]
S3 NvStUSB;NVIDIA Stereoscopic 3D USB driver;C:\Windows\System32\drivers\nvstusb.sys [2011-10-28 121960]
S3 RoxMediaDB12OEM;RoxMediaDB12OEM;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-11-3 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2013-07-14 01:10:20 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-07-13 20:34:46 -------- d-----w- C:\Users\Anonymous\AppData\Local\{8200E3AB-CA7A-45E1-A1FA-B1ED3BDF468D}
2013-07-13 20:34:30 -------- d-----w- C:\Users\Anonymous\AppData\Local\{F0B0A517-73CD-45C1-AD1A-DA5EB26DA2F4}
2013-07-13 12:08:10 9552976 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{7591F6A4-8F33-4F0B-9878-27B92D9F48FD}\mpengine.dll
2013-07-13 07:47:44 -------- d-----w- C:\Users\Anonymous\AppData\Local\{6E4F1832-9291-4274-8878-A32A8731BA70}
2013-07-12 07:52:58 9552976 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-07-12 06:01:42 -------- d-----w- C:\Users\Anonymous\AppData\Local\{527A9426-38F4-4525-AE08-C24C7AB7C0E4}
2013-07-11 10:05:59 3958784 ----a-w- C:\Windows\System32\jscript9.dll
2013-07-10 23:11:03 571904 ----a-w- C:\Program Files\Windows Defender\MpClient.dll
2013-07-10 23:11:03 1011712 ----a-w- C:\Program Files\Windows Defender\MpSvc.dll
2013-07-10 23:11:02 9216 ----a-w- C:\Program Files (x86)\Windows Defender\MpAsDesc.dll
2013-07-10 23:11:02 54784 ----a-w- C:\Program Files (x86)\Windows Defender\MpOAV.dll
2013-07-10 23:11:02 4608 ----a-w- C:\Program Files (x86)\Windows Defender\MsMpLics.dll
2013-07-10 23:11:02 392704 ----a-w- C:\Program Files (x86)\Windows Defender\MpClient.dll
2013-07-10 23:11:02 314880 ----a-w- C:\Program Files\Windows Defender\MpCommu.dll
2013-07-10 23:11:01 624128 ----a-w- C:\Windows\System32\qedit.dll
2013-07-10 23:11:01 509440 ----a-w- C:\Windows\SysWow64\qedit.dll
2013-07-10 23:11:00 1887744 ----a-w- C:\Windows\System32\WMVDECOD.DLL
2013-07-10 23:11:00 1620480 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL
2013-07-10 23:05:38 3153920 ----a-w- C:\Windows\System32\win32k.sys
2013-07-10 23:05:12 1732608 ----a-w- C:\Program Files\Windows Journal\NBDoc.DLL
2013-07-10 23:05:12 1393152 ----a-w- C:\Program Files\Windows Journal\JNTFiltr.dll
2013-07-10 23:05:12 1367040 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll
2013-07-10 23:05:11 936448 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2013-07-10 23:05:11 1402880 ----a-w- C:\Program Files\Windows Journal\JNWDRV.dll
2013-07-10 23:05:02 1643520 ----a-w- C:\Windows\System32\DWrite.dll
2013-07-10 23:05:01 1247744 ----a-w- C:\Windows\SysWow64\DWrite.dll
2013-07-09 23:13:57 -------- d-----w- C:\Users\Anonymous\AppData\Local\{0419DFD0-8D6C-4AD8-B4B8-FD1AC399B602}
2013-07-09 22:35:52 -------- d-----w- C:\Users\Anonymous\AppData\Local\{E8783CBD-EB88-4782-B045-49AAC0822731}
2013-07-09 01:53:32 -------- d-----w- C:\Users\Anonymous\AppData\Local\{924E2FA2-B5BD-4593-A927-6EE28FDEF0F3}
2013-07-07 23:37:52 -------- d-----w- C:\Users\Anonymous\AppData\Local\{BC8145B2-8250-4952-829E-F76E9D51278C}
2013-07-07 00:20:01 -------- d-----w- C:\Users\Anonymous\AppData\Local\{04702219-8CC3-4B29-9C59-DF1D07FA5756}
2013-07-06 23:41:49 -------- d-----w- C:\Users\Anonymous\AppData\Local\{D4BFAC5C-C8A6-4995-BFD4-CACD88E339DF}
2013-07-06 02:40:47 -------- d-----w- C:\Users\Anonymous\AppData\Local\{81EC55F3-9250-49D0-A9B4-62C872514F9A}
2013-07-03 03:30:13 -------- d-----w- C:\Users\Anonymous\AppData\Local\{DD3C1CB3-109E-4067-8287-7459F99C42CB}
2013-07-01 10:45:33 -------- d-----w- C:\Users\Anonymous\AppData\Local\{0C6108A9-C22F-4441-ACD2-FF86DFD45605}
2013-06-29 20:10:05 -------- d-----w- C:\Users\Anonymous\AppData\Local\{3435F724-E151-4617-9E6E-3EC4BE2D1EF7}
2013-06-29 08:45:04 -------- d-----w- C:\Users\Anonymous\AppData\Local\{DBB4DCF1-9228-492B-B15F-CA9770FE9CA7}
2013-06-28 08:44:41 -------- d-----w- C:\Users\Anonymous\AppData\Local\{AD64AFAE-8956-48E0-86C7-668E0469AF6A}
2013-06-26 22:27:37 -------- d-----w- C:\Users\Anonymous\AppData\Local\{BE7E5CA9-1635-4FA3-99FD-AA30D01BB62C}
2013-06-25 21:13:27 -------- d-----w- C:\Users\Anonymous\AppData\Local\{276DF3B8-7540-49B7-B908-683730F9F846}
2013-06-25 21:12:32 -------- d-----w- C:\Users\Anonymous\AppData\Local\{D6766B00-59D3-4354-AD52-6CBC38B34A99}
2013-06-24 16:00:56 -------- d-----w- C:\Users\Anonymous\AppData\Local\{06BB1B64-926A-45B3-82BB-787984F5AF4A}
2013-06-23 13:45:42 -------- d-----w- C:\Users\Anonymous\AppData\Local\{242713B5-0F54-4F2C-AE8B-39478EA71427}
2013-06-22 18:45:09 -------- d-----w- C:\Users\Anonymous\AppData\Local\{0EF3C982-CB16-403D-BCD2-B4A9A8F03E83}
2013-06-22 18:42:39 -------- d-----w- C:\Users\Anonymous\AppData\Local\{E64F6659-C02C-46A6-91D6-7087FE7A0592}
2013-06-21 22:38:15 -------- d-----w- C:\Users\Anonymous\AppData\Local\{FCBA6C48-47EA-48ED-9F24-8BA0CF1B5E94}
2013-06-21 14:05:53 964552 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{63FC7DF3-ACF9-47D8-9B5A-3B2B028FC702}\gapaengine.dll
2013-06-20 23:07:16 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-06-20 19:13:13 -------- d-----w- C:\Users\Anonymous\AppData\Local\{217E8959-FFDE-4F7B-AF95-F72F0AA1E65B}
2013-06-19 22:04:22 -------- d-----w- C:\Users\Anonymous\AppData\Local\{0FBB5394-52B1-499E-B655-A2CE3FD860D9}
2013-06-18 03:22:53 -------- d-----w- C:\Users\Anonymous\AppData\Local\{4BE9AD8C-15D3-49F2-A57F-874635BF0F0C}
2013-06-17 02:07:13 -------- d-----w- C:\Users\Anonymous\AppData\Local\{E0CA8857-FE79-4B71-9CAC-9DF5FDE24859}
2013-06-14 23:57:24 -------- d-----w- C:\Users\Anonymous\AppData\Local\{B003FBE7-8C23-4592-B46B-771A3DA1C41B}
2013-06-14 14:34:55 -------- d-----w- C:\Users\Anonymous\AppData\Local\{3C3CA499-D9A5-4488-8AD1-49CC8DA3F98A}
.
==================== Find3M ====================
.
2013-07-11 06:56:42 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-07-11 06:56:42 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-06-13 04:48:23 867240 ----a-w- C:\Windows\SysWow64\npdeployJava1.dll
2013-06-13 04:48:17 789416 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2013-06-11 23:43:37 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-06-11 23:43:00 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-06-11 23:42:58 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
2013-06-11 23:42:58 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2013-06-11 23:26:20 2241024 ----a-w- C:\Windows\System32\wininet.dll
2013-06-11 23:25:13 67072 ----a-w- C:\Windows\System32\iesetup.dll
2013-06-11 23:25:13 136704 ----a-w- C:\Windows\System32\iesysprep.dll
2013-06-11 22:51:45 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe
2013-06-11 22:50:58 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe
2013-06-07 03:22:18 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
2013-06-07 02:37:52 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-05-30 19:27:37 33958 ----a-w- C:\ProgramData\uninstaller.exe
2013-05-22 15:21:06 4325376 ----a-w- C:\ProgramData\ReadOnlyInstaller.msi
2013-05-13 05:51:01 184320 ----a-w- C:\Windows\System32\cryptsvc.dll
2013-05-13 05:51:00 1464320 ----a-w- C:\Windows\System32\crypt32.dll
2013-05-13 05:51:00 139776 ----a-w- C:\Windows\System32\cryptnet.dll
2013-05-13 05:50:40 52224 ----a-w- C:\Windows\System32\certenc.dll
2013-05-13 04:45:55 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
2013-05-13 04:45:55 1160192 ----a-w- C:\Windows\SysWow64\crypt32.dll
2013-05-13 04:45:55 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
2013-05-13 03:43:55 1192448 ----a-w- C:\Windows\System32\certutil.exe
2013-05-13 03:08:10 903168 ----a-w- C:\Windows\SysWow64\certutil.exe
2013-05-13 03:08:06 43008 ----a-w- C:\Windows\SysWow64\certenc.dll
2013-05-10 05:49:27 30720 ----a-w- C:\Windows\System32\cryptdlg.dll
2013-05-10 03:20:54 24576 ----a-w- C:\Windows\SysWow64\cryptdlg.dll
2013-05-08 06:39:01 1910632 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2013-05-02 15:29:56 278800 ------w- C:\Windows\System32\MpSigStub.exe
2013-04-26 05:51:36 751104 ----a-w- C:\Windows\System32\win32spl.dll
2013-04-26 04:55:21 492544 ----a-w- C:\Windows\SysWow64\win32spl.dll
2013-04-25 23:30:32 1505280 ----a-w- C:\Windows\SysWow64\d3d11.dll
2013-04-17 07:02:06 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll
2013-04-17 06:24:46 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll
.
============= FINISH: 19:26:47.65 ===============
aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-07-13 19:27:55
-----------------------------
19:27:55.590 OS Version: Windows x64 6.1.7601 Service Pack 1
19:27:55.590 Number of processors: 8 586 0x2A07
19:27:55.590 ComputerName: ANONYMOUS-PC UserName: Anonymous
19:27:57.805 Initialize success
19:28:03.563 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
19:28:03.563 Disk 0 Vendor: WDC_WD75 01.0 Size: 715404MB BusType: 3
19:28:03.657 Disk 0 MBR read successfully
19:28:03.657 Disk 0 MBR scan
19:28:03.673 Disk 0 Windows VISTA default MBR code
19:28:03.673 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 101 MB offset 63
19:28:03.688 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 20000 MB offset 212992
19:28:03.688 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 695299 MB offset 41172992
19:28:03.704 Disk 0 scanning C:\Windows\system32\drivers
19:28:09.133 Service scanning
19:28:20.489 Modules scanning
19:28:20.505 Disk 0 trace - called modules:
19:28:20.521 ntoskrnl.exe CLASSPNP.SYS disk.sys stdcfltn.sys ACPI.sys iaStor.sys hal.dll
19:28:20.536 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8009605790]
19:28:20.552 3 CLASSPNP.SYS[fffff88001a1f43f] -> nt!IofCallDriver -> [0xfffffa8009521cb0]
19:28:20.552 5 stdcfltn.sys[fffff880017e2c52] -> nt!IofCallDriver -> [0xfffffa8006ce3720]
19:28:20.567 7 ACPI.sys[fffff88000f337a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa80078ee050]
19:28:20.583 Scan finished successfully
19:28:30.427 Disk 0 MBR has been saved successfully to "C:\Users\Anonymous\Pictures\MBR.dat"
19:28:30.427 The log file has been saved successfully to "C:\Users\Anonymous\Pictures\aswMBR.txt"
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
I just visited two porn sites - xvideos and motherless - with Firefox Adblock turned off. I have Windows Vista. I get a "Start Center has stopped working" popup when I click on Spypot but no solution from Windows. I tried turning on Windows Defense but it won't turn on. I downloaded Malwarebytes to check for malware, and got this log:
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org (http://www.malwarebytes.org)
Database version: v2013.07.14.01
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16635
Anonymous :: ANONYMOUS-PC [administrator]
7/13/2013 6:14:32 PM
mbam-log-2013-07-13 (18-14-32).txt
Scan type: Full scan (C:\|D:\|Y:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 355815
Time elapsed: 37 minute(s), 40 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)