Jump to content

sjfinanceguy

Members
  • Posts

    1
  • Joined

  • Last visited

Reputation

0 Neutral
  1. I believe that I have been infected, I have ran Malware Pro and believe that I got most of it out of my system. But it still seems to be running a little odd. Here are the logs and thanks for your assistance.DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 10.0.9200.16537 BrowserJavaVersion: 10.21.2 Run by Z at 10:41:25 on 2013-06-08 Microsoft Windows 8 Pro 6.2.9200.0.1252.1.1033.18.16333.12252 [GMT -7:00] . AV: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\WINDOWS\system32\svchost.exe -k DcomLaunch C:\WINDOWS\system32\svchost.exe -k RPCSS C:\WINDOWS\system32\atiesrxx.exe C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted C:\WINDOWS\system32\svchost.exe -k netsvcs C:\WINDOWS\system32\dwm.exe C:\WINDOWS\system32\svchost.exe -k LocalService C:\WINDOWS\system32\atieclxx.exe C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe C:\Program Files (x86)\Stardock\Start8\Start8_64.exe C:\WINDOWS\system32\svchost.exe -k NetworkService C:\WINDOWS\System32\spoolsv.exe C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork E:\Program Files\ABBYY\NetworkLicenseServer.exe C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe C:\WINDOWS\system32\svchost.exe -k apphost C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe C:\Program Files (x86)\DYMO\DYMO Label Software\DymoPnpService.exe C:\Program Files (x86)\Comodo\IceDragon\icedragon_updater.exe C:\WINDOWS\System32\svchost.exe -k ipripsvc C:\Program Files\Listary\Listary.exe C:\WINDOWS\System32\svchost.exe -k LPDService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\MSI\MSI SUITE\ControlCenter\ComCenService.exe C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe C:\WINDOWS\system32\mqsvc.exe C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVC.EXE C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSvcm.exe C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe C:\Windows\SysWOW64\NLSSRV32.EXE C:\Program Files (x86)\NetSetMan Pro\nsmservice.exe C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe C:\WINDOWS\system32\spool\DRIVERS\x64\3\fppdis4.exe e:\Program Files (x86)\PRTG Network Monitor\64 bit\PRTG Server.exe e:\Program Files (x86)\PRTG Network Monitor\PRTG Probe.exe c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe C:\Program Files (x86)\ShareMouse\smService.exe C:\Program Files (x86)\ShareMouse\sharemouse.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe C:\WINDOWS\SysWOW64\UTSCSI.EXE C:\WINDOWS\SysWOW64\vmnat.exe C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter-a.exe C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter.exe C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter.exe C:\WINDOWS\system32\svchost.exe -k iissvcs C:\Program Files (x86)\Brother\BRAgent\BRAgtSrv.exe C:\Program Files\Windows Firewall Control\wfcs.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe E:\Program Files\VMWare\VMPlayer\vmware-authd.exe C:\WINDOWS\SysWOW64\vmnetdhcp.exe C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\WINDOWS\System32\svchost.exe -k LocalServicePeerNet C:\WINDOWS\sysWOW64\wbem\wmiprvse.exe C:\WINDOWS\sysWOW64\wbem\wmiprvse.exe C:\Windows\System32\WUDFHost.exe c:\windows\system32\inetsrv\w3wp.exe C:\WINDOWS\system32\taskhostex.exe C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\Listary\Listary.exe C:\WINDOWS\Explorer.EXE C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1114.318_x64__8wekyb3d8bbwe\LiveComm.exe C:\WINDOWS\system32\taskeng.exe C:\Program Files (x86)\ShareMouse\sharemouse.exe C:\Program Files\Process Lasso\processgovernor.exe C:\Program Files\Process Lasso\processlasso.exe C:\Windows\System32\RuntimeBroker.exe C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe C:\Program Files\Box Sync\BoxSyncHelper.exe C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe C:\Program Files (x86)\Internet Download Manager\IDMan.exe C:\Program Files\Listary\ListaryHelper64.exe C:\Users\Z\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe C:\Program Files (x86)\Deskcalc Pro\deskcalc.exe C:\Program Files (x86)\Memonic\Memonic.exe C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe C:\Program Files (x86)\Google\Drive\googledrivesync.exe C:\Program Files (x86)\RingCentral\RingCentral Softphone\RCHotKey.exe C:\Users\Z\AppData\Local\DeskTime\DeskTime.exe C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE C:\Program Files (x86)\Google\Drive\googledrivesync.exe C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\DYMO\DYMO Label Software\DymoQuickPrint.exe C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe C:\Program Files (x86)\LastPass\lastapp_x64.exe C:\Program Files (x86)\TechSmith\Snagit 11\Snagit32.exe E:\Logitech\LWS\Webcam Software\LWS.exe C:\Program Files\Windows Firewall Control\wfc.exe C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe C:\Program Files (x86)\PowerISO\PWRISOVM.EXE E:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe C:\Program Files (x86)\TechSmith\Snagit 11\TSCHelp.exe C:\Program Files (x86)\Plantronics\PlantronicsURE\PlantronicsURE.exe C:\Program Files (x86)\TechSmith\Snagit 11\SnagPriv.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\WINDOWS\splwow64.exe C:\Program Files (x86)\MSI\Fast Boot\FastBoot.exe C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe C:\Program Files (x86)\Zero Click Spellchecker\ZeroClickSpellchecker.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Program Files (x86)\TechSmith\Snagit 11\snagiteditor.exe C:\Program Files (x86)\Zero Click Spellchecker\ZeroClickSpellchecker_Helper64.exe C:\Users\Z\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe C:\Program Files (x86)\Evernote\Evernote\EvernoteTray.exe C:\Program Files (x86)\Evernote\Evernote\Evernote.exe E:\Program Files (x86)\PRTG Network Monitor\PRTG Enterprise Console.exe C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\svchost.exe -k SDRSVC C:\WINDOWS\system32\vssvc.exe C:\WINDOWS\System32\svchost.exe -k swprv C:\Program Files\Genie9\Zoolz2\Zoolz.exe C:\WINDOWS\explorer.exe C:\Program Files (x86)\Clover\clover.exe C:\WINDOWS\system32\svchost.exe -k GPSvcGroup C:\WINDOWS\explorer.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe C:\Program Files (x86)\ActiveTracker\rn5.exe C:\Program Files\Microsoft Office 15\root\office15\OUTLOOK.EXE C:\Windows\SysWOW64\mshta.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\WINDOWS\system32\wbem\WmiApSrv.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\Internet Explorer\IELowutil.exe C:\WINDOWS\explorer.exe C:\WINDOWS\System32\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxps://www.duckduckgo.com/ mWinlogon: Userinit = userinit.exe, BHO: CRnPluginSite Object: {0050A87F-CF26-41AE-9C0A-C32307C941CB} - C:\Program Files (x86)\ActiveTracker\plugins\internetexplorer\wegie\wegie.dll BHO: IDM integration (IDMIEHlprObj Class): {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll BHO: RCIEBrowserToolbar Class: {05F8C4F4-44DA-49D7-92EE-0944AB774D99} - C:\Program Files (x86)\RingCentral\RingCentral Softphone\IEBHO.dll BHO: VIPTToolbarManager Class: {1A2641AE-2C42-4C51-A05F-8ECEC3FDC94D} - C:\Program Files (x86)\Visual IP Trace 2009\VisualIPTraceIE.dll BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Lync\OCHelper.dll BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll BHO: Evernote extension: {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll BHO: LastPass Vault: {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar.dll BHO: Samsung BHO Class: {AA609D72-8482-4076-8991-8CDAE5B93BCB} - C:\Program Files (x86)\Samsung AnyWeb Print\W2PBrowser.dll BHO: Adobe Acrobat Create PDF Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll BHO: Logitech SetPoint: {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\URLREDIR.DLL BHO: {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - <orphaned> BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll BHO: Adobe Acrobat Create PDF from Selection: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll TB: Adobe Acrobat Create PDF Toolbar: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll TB: RingCentral For Internet Explorer: {A50F643C-3C5B-4D99-B68C-21A13C81E50E} - C:\Program Files (x86)\RingCentral\RingCentral Softphone\IEBHO.dll TB: Adobe Acrobat Create PDF Toolbar: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll TB: RingCentral For Internet Explorer: {A50F643C-3C5B-4D99-B68C-21A13C81E50E} - C:\Program Files (x86)\RingCentral\RingCentral Softphone\IEBHO.dll TB: LastPass Toolbar: {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll TB: Visual IP Trace: {E70C26AE-DFF1-40A8-8D37-19180F56F0AA} - C:\Program Files (x86)\Visual IP Trace 2009\VisualIPTraceIE.dll TB: <No Name>: {4bf21840-c53d-4e2d-b203-77d2b2b43781} - LocalServer32 - <no file> uRun: [iDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot uRun: [iSUSPM] "C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe" -scheduler uRun: [skyDrive] "C:\Users\Z\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background uRun: [DeskCalc] "c:\program files (x86)\deskcalc pro\deskcalc.exe" /hide uRun: [Memonic] C:\Program Files (x86)\Memonic\Memonic.exe uRun: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart uRun: [E7B8B8B145EA1DC5DEB98AD487425D06713FED55._service_run] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=service uRun: [RCHotKey] "C:\Program Files (x86)\RingCentral\RingCentral Softphone\RCHotKey.exe" uRun: [DeskTime] "C:\Users\Z\AppData\Local\DeskTime\DeskTime.exe" uRun: [PCShowServer] "C:\Users\Z\AppData\Local\DIRECTV Player\PCShowServerPMWrapper.exe" uRun: [HydraVisionDesktopManager] "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe" uRun: [rn5.exe] "C:\Program Files (x86)\ActiveTracker\rn5.exe" uRun: [GoogleChromeAutoLaunch_D1801CD989927B7FDAF4036BC5F318FA] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window uRun: [Google Update] "C:\Users\Z\AppData\Local\Google\Update\GoogleUpdate.exe" /c uRun: [DymoQuickPrint] "C:\Program Files (x86)\DYMO\DYMO Label Software\DymoQuickPrint.exe" /startup mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe" mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun: [LastApp] C:\Program Files (x86)\LastPass\lastapp_x64.exe mRun: [LWS] E:\Logitech\LWS\Webcam Software\LWS.exe -hide mRun: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" mRun: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup mRun: [TrueImageMonitor.exe] "E:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe" mRun: [PlantronicsURE.exe] C:\Program Files (x86)\Plantronics\PlantronicsURE\PlantronicsURE.exe mRun: [vspdfprsrv.exe] C:\Program Files (x86)\Avanquest\Expert PDF 8 Professional\vspdfprsrv.exe --background mRun: [ControlCenterCount] C:\Program Files (x86)\MSI\ControlCenter\ControlCenterCount.exe mRun: [sendmng] "C:\Program Files (x86)\OneSuiteFax\Client\SendMng.exe" mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun: [Communicator] "C:\Program Files (x86)\Microsoft Lync\communicator.exe" /fromrunkey mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun mRun: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW mRun: [Live Update 5] C:\Program Files (x86)\MSI\Live Update 5\BootStartLiveupdate.exe /reminder mRun: [Fast Boot] C:\Program Files (x86)\MSI\Fast Boot\StartFastBoot.exe mRun: [bonus.SSR.FR11] "E:\Program Files\ABBYY\Bonus.ScreenshotReader.exe" /autorun mRun: [RUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe" mRun: [iTunesHelper] "E:\Itunes\iTunesHelper.exe" dRunOnce: [WUAppSetup] C:\Program Files\Common Files\logishrd\WUApp64.exe -v 0x046d -p 0x082c -f audio -m logitech -d 13.51.823.0 StartupFolder: C:\Users\Z\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Z\AppData\Roaming\Dropbox\bin\Dropbox.exe StartupFolder: C:\Users\Z\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\EVERNO~1.LNK - C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe StartupFolder: C:\Users\Z\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\EVERNO~2.LNK - C:\Program Files (x86)\Evernote\Evernote\EvernoteTray.exe StartupFolder: C:\Users\Z\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\PRTGEN~1.LNK - E:\Program Files (x86)\PRTG Network Monitor\PRTG Enterprise Console.exe StartupFolder: C:\Users\Z\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\SENDTO~1.LNK - C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\INSTAL~2.LNK - C:\Program Files (x86)\Common Files\lpuninstall.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\LUNASC~1.LNK - C:\Program Files (x86)\Lunascape\Lunascape6\Luna.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\SNAGIT~1.LNK - C:\Program Files (x86)\TechSmith\Snagit 11\Snagit32.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\WINDOW~1.LNK - C:\Program Files\Windows Firewall Control\wfc.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\ZEROCL~1.LNK - C:\Program Files (x86)\Zero Click Spellchecker\ZeroClickSpellchecker.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\AUTORU~1\LUNASC~1.LNK - C:\Program Files (x86)\Lunascape\Lunascape6\Luna.exe uPolicies-Explorer: NoDriveTypeAutoRun = dword:145 uPolicies-Explorer: NoInplaceSharing = dword:0 mPolicies-System: PromptOnSecureDesktop = dword:0 mPolicies-System: DisplayLastLogonInfo = dword:1 mPolicies-System: SynchronousMachineGroupPolicy = dword:1 mPolicies-System: SynchronousUserGroupPolicy = dword:1 mPolicies-System: NoConnectedUser = dword:0 mPolicies-System: DontDisplayLockedUserId = dword:1 mPolicies-Windows\System: AllowBlockingAppsAtShutdown = dword:0 IE: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr/200 IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIEAppend.html IE: Clip Image - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=4 IE: Clip selection - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=3 IE: Clip this page - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=1 IE: Clip URL - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0 IE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html IE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIECapture.html IE: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm IE: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm IE: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000 IE: LastPass - C:\Users\Z\AppData\LocalLow\LastPass\context.html?cmd=lastpass IE: LastPass Fill Forms - C:\Users\Z\AppData\LocalLow\LastPass\context.html?cmd=fillforms IE: New Note - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\NewNote.html IE: Open Client to monitor &1 - C:\WINDOWS\web\AOpenClient.htm IE: Open Client to monitor &2 - C:\WINDOWS\web\AOpenClient.htm IE: Open with WordPerfect - c:\Program Files (x86)\Corel\WordPerfect Office X6\Programs\WPLauncher.hta IE: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105 IE: {0050A87F-CF26-41AE-9C0A-C32307C941CB} - {0050A87F-CF26-41AE-9C0A-C32307C941CB} - C:\Program Files (x86)\ActiveTracker\plugins\internetexplorer\wegie\wegie.dll IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Lync\OCHelper.dll IE: {328ECD19-C167-40eb-A0C7-16FE7634105E} - {94BB0C4C-B957-479A-85E4-42F53B89F681} - C:\Program Files (x86)\Samsung AnyWeb Print\W2PBrowser.dll IE: {43699cd0-e34f-11de-8a39-0800200c9a66} - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html IE: {bd02e86d-dc3d-40dd-bc65-c1bb4ac45c3a} - C:\Program Files (x86)\Internet Explorer\extensions\memonic\script.htm LSP: %windir%\system32\vsocklib.dll DPF: {1663ed61-23eb-11d2-b92f-008048fdd814} - hxxps://www.caljobs.ca.gov/controls/smsx.cab DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: {5554DCB0-700B-498D-9B58-4E40E5814405} - hxxps://bcw.mybenefitscalwin.org/Reserved.ReportViewerWebControl.axd?ReportSession=ddyd4255go0zfcf32fkxl045&Culture=1033&CultureOverrides=True&UICulture=9&UICultureOverrides=True&ReportStack=1&ControlID=f214fbc54e364a679b019ab47ea1f864&OpType=PrintCab&Arch=X86 DPF: {8F2EACD9-51A6-4915-B9AD-2AA8657CB472} - hxxps://webpostage.stamps.com/webpostage/plugin/SdcWebClientServices.cab TCP: Interfaces\{F9FE9C4C-1F38-4F64-9814-288791A16E81} : NameServer = 208.201.224.11,208.201.224.33 TCP: Interfaces\{F9FE9C4C-1F38-4F64-9814-288791A16E81} : DHCPNameServer = 192.168.1.254 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll SSODL: WebCheck - <orphaned> SSODL: EldosMountNotificator - {C28617FD-4FE7-4043-AD51-C8132CE90106} - C:\WINDOWS\SysWow64\SSCbFsMntNtf3.dll STS: Virtual Storage Mount Notification - {C28617FD-4FE7-4043-AD51-C8132CE90106} - C:\Windows\SysWOW64\SSCbFsMntNtf3.dll LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg pku2u livessp msoidssp mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.37\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome x64-BHO: IDM integration (IDMIEHlprObj Class): {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll x64-BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll x64-BHO: LastPass Vault: {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll x64-BHO: Logitech SetPoint: {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL x64-BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll x64-BHO: ExplorerWatcher Class: {F8A6CAA2-533D-4AED-9E05-8EB19A4021AB} - C:\Program Files (x86)\Clover\TabHelper64.dll x64-TB: LastPass Toolbar: {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll x64-Run: [Logitech Download Assistant] C:\WINDOWS\System32\rundll32.exe C:\WINDOWS\System32\LogiLDA.dll,LogiFetch x64-Run: [Acronis Scheduler2 Service] "C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe" x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" x64-Run: [boxSyncHelper] "C:\Program Files\Box Sync\BoxSyncHelper.exe" x64-Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming x64-Run: [Zoolz Tray] "C:\Program Files\Genie9\Zoolz2\ZoolzLauncher.exe" "C:\Program Files\Genie9\Zoolz2\Zoolz.exe" "-Delay" x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s x64-mPolicies-System: PromptOnSecureDesktop = dword:0 x64-mPolicies-System: DisplayLastLogonInfo = dword:1 x64-mPolicies-System: SynchronousMachineGroupPolicy = dword:1 x64-mPolicies-System: SynchronousUserGroupPolicy = dword:1 x64-mPolicies-System: NoConnectedUser = dword:0 x64-mPolicies-System: DontDisplayLockedUserId = dword:1 x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll x64-IE: {43699cd0-e34f-11de-8a39-0800200c9a66} - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - <orphaned> x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned> x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned> x64-Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll x64-SSODL: WebCheck - <orphaned> x64-STS: Virtual Storage Mount Notification - {C28617FD-4FE7-4043-AD51-C8132CE90106} - C:\WINDOWS\System32\SSCbFsMntNtf3.dll . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Z\AppData\Roaming\Mozilla\Firefox\Profiles\c1pdkb81.default\ FF - prefs.js: browser.startup.homepage - hxxps://www.duckduckgo.com/ FF - plugin: C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll FF - plugin: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll FF - plugin: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll FF - plugin: C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll FF - plugin: C:\Program Files (x86)\DYMO\DYMO Label Software\Framework\npDYMOLabelFramework.dll FF - plugin: C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll FF - plugin: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\Nitro\Pro 8\npdf.dll FF - plugin: C:\Program Files (x86)\Nitro\Pro 8\npnitroie.dll FF - plugin: C:\Program Files (x86)\Nitro\Pro 8\npnitromozilla.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL FF - plugin: C:\Users\Z\AppData\Local\DIRECTV Player\npPlayerPlugin.dll FF - plugin: C:\Users\Z\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll FF - plugin: C:\Users\Z\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll FF - plugin: C:\Users\Z\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll FF - plugin: C:\Users\Z\AppData\Roaming\Mozilla\plugins\npMeetingJoinPluginOC.dll FF - plugin: C:\Users\Z\AppData\Roaming\Mozilla\plugins\npo1d.dll FF - plugin: C:\Users\Z\AppData\Roaming\Mozilla\plugins\nppdf32.dll FF - plugin: C:\Users\Z\AppData\Roaming\Mozilla\plugins\npqtplugin.dll FF - plugin: C:\Users\Z\AppData\Roaming\Mozilla\plugins\npqtplugin2.dll FF - plugin: C:\Users\Z\AppData\Roaming\Mozilla\plugins\npqtplugin3.dll FF - plugin: C:\Users\Z\AppData\Roaming\Mozilla\plugins\npqtplugin4.dll FF - plugin: C:\Users\Z\AppData\Roaming\Mozilla\plugins\npqtplugin5.dll FF - plugin: C:\Users\Z\AppData\Roaming\Mozilla\plugins\npqtplugin6.dll FF - plugin: C:\Users\Z\AppData\Roaming\Mozilla\plugins\npqtplugin7.dll FF - plugin: C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1202122.dll FF - plugin: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_75.dll FF - plugin: C:\WINDOWS\SysWOW64\npDeployJava1.dll FF - plugin: C:\WINDOWS\SysWOW64\npmproxy.dll FF - plugin: E:\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll FF - plugin: E:\Itunes\Mozilla Plugins\npitunes.dll FF - plugin: E:\Program Files\Amazon Music\npAmazonMP3DownloaderPlugin101721.dll FF - ExtSQL: 2013-05-30 21:51; {23fcfd51-4958-4f00-80a3-ae97e717ed8b}; C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 FF - ExtSQL: 2013-06-01 11:57; mozilla_cc@internetdownloadmanager.com; C:\Users\Z\AppData\Roaming\IDM\idmmzcc5 FF - ExtSQL: 2013-06-06 16:27; jid1-xUfzOsOFlzSOXg@jetpack; C:\Users\Z\AppData\Roaming\Mozilla\Firefox\Profiles\c1pdkb81.default\extensions\jid1-xUfzOsOFlzSOXg@jetpack.xpi FF - ExtSQL: 2013-06-06 16:27; 4or6@hunen.net; C:\Users\Z\AppData\Roaming\Mozilla\Firefox\Profiles\c1pdkb81.default\extensions\4or6@hunen.net.xpi FF - ExtSQL: 2013-06-06 16:34; {ada4b710-8346-4b82-8199-5de2b400a6ae}; C:\Users\Z\AppData\Roaming\Mozilla\Firefox\Profiles\c1pdkb81.default\extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae} FF - ExtSQL: 2013-06-06 16:34; {9c491c49-071c-4039-98a5-66d3fe53b1b2}; C:\Users\Z\AppData\Roaming\Mozilla\Firefox\Profiles\c1pdkb81.default\extensions\{9c491c49-071c-4039-98a5-66d3fe53b1b2}.xpi FF - ExtSQL: 2013-06-06 16:34; {5C46D283-ABDE-4dce-B83C-08881401921C}; C:\Users\Z\AppData\Roaming\Mozilla\Firefox\Profiles\c1pdkb81.default\extensions\{5C46D283-ABDE-4dce-B83C-08881401921C}.xpi FF - ExtSQL: 2013-06-06 16:34; printedit@DW-dev; C:\Users\Z\AppData\Roaming\Mozilla\Firefox\Profiles\c1pdkb81.default\extensions\printedit@DW-dev.xpi FF - ExtSQL: 2013-06-06 16:34; FavIconReloader@mozilla.org; C:\Users\Z\AppData\Roaming\Mozilla\Firefox\Profiles\c1pdkb81.default\extensions\FavIconReloader@mozilla.org FF - ExtSQL: 2013-06-06 16:40; {d40f5e7b-d2cf-4856-b441-cc613eeffbe3}; C:\Users\Z\AppData\Roaming\Mozilla\Firefox\Profiles\c1pdkb81.default\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi FF - ExtSQL: 2013-06-06 16:40; {E0B8C461-F8FB-49b4-8373-FE32E9252800}; C:\Users\Z\AppData\Roaming\Mozilla\Firefox\Profiles\c1pdkb81.default\extensions\{E0B8C461-F8FB-49b4-8373-FE32E9252800} FF - ExtSQL: 2013-06-06 16:40; firefox@ghostery.com; C:\Users\Z\AppData\Roaming\Mozilla\Firefox\Profiles\c1pdkb81.default\extensions\firefox@ghostery.com FF - ExtSQL: 2013-06-06 16:44; jid1-ZAdIEUB7XOzOJw@jetpack; C:\Users\Z\AppData\Roaming\Mozilla\Firefox\Profiles\c1pdkb81.default\extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi FF - ExtSQL: 2013-06-06 16:44; {f759ca51-3a91-4dd1-ae78-9db5eee9ebf0}; C:\Users\Z\AppData\Roaming\Mozilla\Firefox\Profiles\c1pdkb81.default\extensions\{f759ca51-3a91-4dd1-ae78-9db5eee9ebf0}.xpi FF - ExtSQL: 2013-06-06 16:45; map@quickmaps.me; C:\Users\Z\AppData\Roaming\Mozilla\Firefox\Profiles\c1pdkb81.default\extensions\map@quickmaps.me.xpi FF - ExtSQL: 2013-06-06 16:47; restartless.restart@erikvold.com; C:\Users\Z\AppData\Roaming\Mozilla\Firefox\Profiles\c1pdkb81.default\extensions\restartless.restart@erikvold.com.xpi FF - ExtSQL: 2013-06-06 16:48; CSTBB@NArisT2_Noia4dev; C:\Users\Z\AppData\Roaming\Mozilla\Firefox\Profiles\c1pdkb81.default\extensions\CSTBB@NArisT2_Noia4dev.xpi FF - ExtSQL: 2013-06-06 16:49; about-addons-memory@tn123.org; C:\Users\Z\AppData\Roaming\Mozilla\Firefox\Profiles\c1pdkb81.default\extensions\about-addons-memory@tn123.org.xpi FF - ExtSQL: 2013-06-06 16:53; jid1-BVejmheDFohuFQ@jetpack; C:\Users\Z\AppData\Roaming\Mozilla\Firefox\Profiles\c1pdkb81.default\extensions\jid1-BVejmheDFohuFQ@jetpack.xpi FF - ExtSQL: 2013-06-06 16:59; {f69e22c7-bc50-414a-9269-0f5c344cd94c}; C:\Users\Z\AppData\Roaming\Mozilla\Firefox\Profiles\c1pdkb81.default\extensions\{f69e22c7-bc50-414a-9269-0f5c344cd94c} FF - ExtSQL: 2013-06-06 16:59; {ce7e73df-6a44-4028-8079-5927a588c948}; C:\Users\Z\AppData\Roaming\Mozilla\Firefox\Profiles\c1pdkb81.default\extensions\{ce7e73df-6a44-4028-8079-5927a588c948}.xpi FF - ExtSQL: 2013-06-06 16:59; {bd54afa8-b14a-4d7a-aecf-37e34e882796}; C:\Users\Z\AppData\Roaming\Mozilla\Firefox\Profiles\c1pdkb81.default\extensions\{bd54afa8-b14a-4d7a-aecf-37e34e882796} FF - ExtSQL: 2013-06-06 16:59; {9c51bd27-6ed8-4000-a2bf-36cb95c0c947}; C:\Users\Z\AppData\Roaming\Mozilla\Firefox\Profiles\c1pdkb81.default\extensions\{9c51bd27-6ed8-4000-a2bf-36cb95c0c947}.xpi FF - ExtSQL: 2013-06-06 16:59; {097d3191-e6fa-4728-9826-b533d755359d}; C:\Users\Z\AppData\Roaming\Mozilla\Firefox\Profiles\c1pdkb81.default\extensions\{097d3191-e6fa-4728-9826-b533d755359d}.xpi FF - ExtSQL: 2013-06-06 16:59; tineye@ideeinc.com; C:\Users\Z\AppData\Roaming\Mozilla\Firefox\Profiles\c1pdkb81.default\extensions\tineye@ideeinc.com.xpi FF - ExtSQL: 2013-06-06 16:59; thumbnailZoom@dadler.github.com; C:\Users\Z\AppData\Roaming\Mozilla\Firefox\Profiles\c1pdkb81.default\extensions\thumbnailZoom@dadler.github.com.xpi FF - ExtSQL: 2013-06-06 16:59; support@lastpass.com; C:\Users\Z\AppData\Roaming\Mozilla\Firefox\Profiles\c1pdkb81.default\extensions\support@lastpass.com FF - ExtSQL: 2013-06-06 16:59; smarterwiki@wikiatic.com; C:\Users\Z\AppData\Roaming\Mozilla\Firefox\Profiles\c1pdkb81.default\extensions\smarterwiki@wikiatic.com.xpi FF - ExtSQL: 2013-06-06 16:59; readable@evernote.com; C:\Users\Z\AppData\Roaming\Mozilla\Firefox\Profiles\c1pdkb81.default\extensions\readable@evernote.com.xpi FF - ExtSQL: 2013-06-06 16:59; printPages2Pdf@reinhold.ripper; C:\Users\Z\AppData\Roaming\Mozilla\Firefox\Profiles\c1pdkb81.default\extensions\printPages2Pdf@reinhold.ripper FF - ExtSQL: 2013-06-06 16:59; pavel.sherbakov@gmail.com; C:\Users\Z\AppData\Roaming\Mozilla\Firefox\Profiles\c1pdkb81.default\extensions\pavel.sherbakov@gmail.com FF - ExtSQL: 2013-06-06 16:59; jsprintsetup@edabg.com; C:\Users\Z\AppData\Roaming\Mozilla\Firefox\Profiles\c1pdkb81.default\extensions\jsprintsetup@edabg.com.xpi FF - ExtSQL: 2013-06-06 16:59; autopager@mozilla.org; C:\Users\Z\AppData\Roaming\Mozilla\Firefox\Profiles\c1pdkb81.default\extensions\autopager@mozilla.org.xpi . ============= SERVICES / DRIVERS =============== . R0 fltsrv;Acronis Storage Filter Management;C:\WINDOWS\System32\Drivers\fltsrv.sys [2013-1-17 155272] R0 PxHlpa64;PxHlpa64;C:\WINDOWS\System32\Drivers\PxHlpa64.sys [2012-12-30 56208] R0 tib_mounter;Acronis TIB Mounter;C:\WINDOWS\System32\Drivers\tib_mounter.sys [2013-1-17 1093256] R0 vidsflt;Acronis Disk Storage Filter;C:\WINDOWS\System32\Drivers\vidsflt.sys [2013-1-17 166024] R0 vsock;vSockets Driver;C:\WINDOWS\System32\Drivers\vsock.sys [2013-3-8 70296] R2 ABBYY.Licensing.FineReader.Professional.11.0;ABBYY FineReader 11 PE Licensing Service;E:\Program Files\ABBYY\NetworkLicenseServer.exe [2013-5-15 821048] R2 afcdpsrv;Acronis Nonstop Backup Service;C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2013-1-17 3696632] R2 AMD External Events Utility;AMD External Events Utility;C:\WINDOWS\System32\atiesrxx.exe [2013-3-28 241152] R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2013-3-28 361984] R2 AODDriver4.2.0;AODDriver4.2.0;C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver2.sys [2012-9-20 57512] R2 AODDriver4.2;AODDriver4.2;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2012-4-9 57472] R2 AODService;AODService;C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe [2012-9-20 136648] R2 DymoPnpService;DYMO PnP Service;C:\Program Files (x86)\DYMO\DYMO Label Software\DymoPnpService.exe [2012-10-9 32368] R2 IceDragonUpdater;COMODO IceDragon Update Service;C:\Program Files (x86)\Comodo\IceDragon\icedragon_updater.exe [2013-6-5 1821384] R2 IDMWFP;IDMWFP;C:\WINDOWS\System32\Drivers\idmwfp.sys [2013-5-31 168288] R2 iprip;RIP Listener;C:\WINDOWS\System32\svchost.exe -k ipripsvc [2013-1-24 29696] R2 ListaryService;ListaryService;C:\Program Files\Listary\Listary.exe [2013-3-8 3716880] R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-4-9 418376] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-4-9 701512] R2 MSI_ComCenService;MSI_ComCenService;C:\MSI\MSI SUITE\ControlCenter\ComCenService.exe [2013-2-26 75280] R2 MSI_FastBoot;MSI_FastBoot;C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe [2013-6-1 103992] R2 msoidsvc;Microsoft Online Services Sign-in Assistant;C:\Program Files\Common Files\microsoft shared\Microsoft Online Services\MSOIDSVC.EXE [2012-5-17 2079520] R2 NitroDriverReadSpool8;NitroPDFDriverCreatorReadSpool8;C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [2013-5-27 230408] R2 nlsX86cc;Nalpeiron Licensing Service;C:\Windows\SysWOW64\NLSSRV32.EXE [2013-5-27 70152] R2 nsmService;NSM Service;C:\Program Files (x86)\NetSetMan Pro\nsmservice.exe [2013-6-3 1417328] R2 OfficeSvc;Microsoft Office Service;C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2013-4-14 1872568] R2 pdfFactory4;pdfFactory Pro 4;C:\WINDOWS\System32\spool\drivers\x64\3\fppdis4.exe [2012-12-31 677592] R2 PRTGCoreService;PRTG Core Server Service;E:\Program Files (x86)\PRTG Network Monitor\64 bit\PRTG Server.exe [2013-6-5 7225344] R2 PRTGProbeService;PRTG Probe Service;E:\Program Files (x86)\PRTG Network Monitor\PRTG Probe.exe [2013-6-5 8535264] R2 PSI_SVC_2_x64;Protexis Licensing V2 x64;C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2010-11-30 336824] R2 regi;regi;C:\WINDOWS\System32\Drivers\regi.sys [2012-12-20 15672] R2 ShareMouse Service;ShareMouse Service;C:\Program Files (x86)\ShareMouse\smService.exe [2013-5-7 188632] R2 SSPORT;SSPORT;C:\WINDOWS\System32\Drivers\SSPORT.SYS [2012-12-18 11576] R2 Start8;Stardock Start8;C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe [2013-3-7 142960] R2 syncagentsrv;Acronis Sync Agent Service;C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [2012-8-18 7017888] R2 VMUSBArbService;VMware USB Arbitration Service;C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [2012-10-11 918680] R2 vmware-converter-agent;VMware vCenter Converter Standalone Agent;C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter-a.exe [2011-8-19 423536] R2 vmware-converter-server;VMware vCenter Converter Standalone Server;C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter.exe [2011-8-19 423536] R2 vmware-converter-worker;VMware vCenter Converter Standalone Worker;C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter.exe [2011-8-19 423536] R2 WBA_Agent_Client;Brother BRAgent;C:\Program Files (x86)\Brother\BRAgent\BRAgtSrv.exe [2013-5-15 86016] R2 wfcs;Windows Firewall Control;C:\Program Files\Windows Firewall Control\wfcs.exe [2013-4-8 76912] R2 WinisoCDBus;WinISO Virtual CD Drive;C:\WINDOWS\System32\Drivers\WinisoCDBus.sys [2013-1-27 204032] R3 AE1000;Linksys AE1000 Driver;C:\WINDOWS\System32\Drivers\ae1000w7.sys [1980-1-1 1101600] R3 afcdp;afcdp;C:\WINDOWS\System32\Drivers\afcdp.sys [2013-1-17 367200] R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\WINDOWS\System32\Drivers\AtihdW86.sys [2013-2-14 94208] R3 CompFilter64;UVCCompositeFilter;C:\WINDOWS\System32\Drivers\lvbflt64.sys [2012-10-26 26784] R3 DM150Drv;DM150Drv;C:\WINDOWS\System32\Drivers\DM150Drv.sys [2013-1-26 24312] R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;C:\WINDOWS\System32\Drivers\LEqdUsb.sys [2013-1-3 79240] R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;C:\WINDOWS\System32\Drivers\LHidEqd.sys [2013-1-3 15752] R3 LVRS64;Logitech RightSound Filter Driver;C:\WINDOWS\System32\Drivers\lvrs64.sys [2012-10-26 351520] R3 LVUVC64;@oem91.inf,%PID_082C_DD%(UVC);Logitech HD Webcam C615(UVC);C:\WINDOWS\System32\Drivers\lvuvc64.sys [2012-10-26 4758176] R3 MBAMProtector;MBAMProtector;C:\WINDOWS\System32\Drivers\mbam.sys [2013-4-9 25928] R3 MBfilt;MBfilt;C:\WINDOWS\System32\Drivers\MBfilt64.sys [2013-6-1 32344] R3 NTIOLib_FastBoot;NTIOLib_FastBoot;C:\Program Files (x86)\MSI\Fast Boot\NTIOLib_X64.sys [2013-6-1 13368] R3 RTL8168;Realtek 8168 NT Driver;C:\WINDOWS\System32\Drivers\Rt630x64.sys [2013-5-23 801864] R3 rusb3hub;Renesas Electronics USB 3.0 Hub Driver (Version 3.0);C:\WINDOWS\System32\Drivers\rusb3hub.sys [2012-8-27 114568] R3 rusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver (Version 3.0);C:\WINDOWS\System32\Drivers\rusb3xhc.sys [2012-8-27 230280] R3 SSCBFS3;SugarSync CallBack File System driver v3;C:\WINDOWS\System32\Drivers\sscbfs3.sys [2013-2-10 347456] R3 usbfilter;AMD USB Filter Driver;C:\WINDOWS\System32\Drivers\usbfilter.sys [2012-12-18 58536] R3 WPRO_41_2001;WinPcap Packet Driver (WPRO_41_2001);C:\WINDOWS\System32\Drivers\WPRO_41_2001.sys [2013-6-8 35344] R3 WUDFWpdMtp;WUDFWpdMtp;C:\WINDOWS\System32\Drivers\WUDFRd.sys [2012-7-25 198656] S2 OS Selector;Acronis OS Selector activator;C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe [2010-5-25 2139400] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-2-28 161384] S3 AIDA64Driver;FinalWire AIDA64 Kernel Driver;C:\Program Files (x86)\FinalWire\AIDA64 Extreme Edition\kerneld.x64 [2013-3-30 32088] S3 amd_sata;amd_sata;C:\WINDOWS\System32\Drivers\amd_sata.sys [2013-2-26 79528] S3 amd_xata;amd_xata;C:\WINDOWS\System32\Drivers\amd_xata.sys [2013-2-26 26280] S3 amdkmafd;AMD Audio Bus Lower Filter;C:\WINDOWS\System32\Drivers\amdkmafd.sys [2013-3-28 21600] S3 BingDesktopUpdate;Bing Desktop Update service;C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [2012-11-22 166424] S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\WINDOWS\System32\Drivers\ssudbus.sys [2013-2-6 102936] S3 DragonSvc;Dragon Service;C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe [2010-7-23 296808] S3 epmntdrv;epmntdrv;C:\WINDOWS\System32\epmntdrv.sys [2013-1-27 17480] S3 EuGdiDrv;EuGdiDrv;C:\WINDOWS\System32\EuGdiDrv.sys [2013-1-27 9800] S3 NTIOLib_1_0_2;NTIOLib_1_0_2;C:\Program Files (x86)\MSI\ControlCenter\NTIOLib_X64.sys [2012-12-31 13328] S3 NTIOLib_1_0_4;NTIOLib_1_0_4;C:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys [2013-4-26 14136] S3 NTIOLib_1_0_C;NTIOLib_1_0_C;C:\MSI\MSI SUITE\NTIOLib_X64.sys [2012-12-30 11888] S3 NTIOLib_1_1_S;NTIOLib_1_1_S;C:\MSI\MSI SUITE\Super-Charger\NTIOLib_X64.sys [2013-2-26 13368] S3 NTIOLib_MSISMB_CC;NTIOLib_MSISMB_CC;C:\Program Files (x86)\MSI\ControlCenter\Sleep\NTIOLib_X64.sys [2013-6-1 13368] S3 RTL8167;Realtek 8167 NT Driver;C:\WINDOWS\System32\Drivers\Rt64win7.sys [2012-12-16 676968] S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\WINDOWS\System32\Drivers\ssudmdm.sys [2013-2-6 203544] S3 USBAAPL64;Apple Mobile USB Driver;C:\WINDOWS\System32\Drivers\usbaapl64.sys [2012-12-13 54784] S3 vididr;Acronis Virtual Disk;C:\WINDOWS\System32\Drivers\vididr.sys [2013-1-17 228488] S3 vmbusr;Virtual Machine Bus Provider;C:\WINDOWS\System32\Drivers\vmbusr.sys [2012-7-25 117248] S3 WSDScan;WSD Scan Support;C:\WINDOWS\System32\Drivers\WSDScan.sys [2013-1-24 23552] S4 BRA_Scheduler;Brother BRAdminPro Scheduler;C:\Program Files (x86)\Brother\BRAdmin Professional 3\bratimer.exe [2013-1-26 98304] S4 CLPSLS;COMODO livePCsupport Service;C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe [2011-11-23 1267000] S4 CorelCreatorMessages;CorelCreatorMessages;C:\WINDOWS\System32\CorelCreatorMessages.exe [2011-4-14 105984] S4 FinePrint7;FinePrint 7;C:\WINDOWS\System32\spool\drivers\x64\3\fpdisp7.exe [2012-12-31 684248] S4 MSI_SuiteCharger;MSI_SuiteCharger;C:\MSI\MSI SUITE\Super-Charger\SuiteChargeService.exe [2013-2-26 122936] S4 MSI_SuiteFastBoot;MSI_SuiteFastBoot;C:\MSI\MSI SUITE\FastBoot\SuiteFastBootService.exe [2013-2-26 105016] S4 MSIFileSyncMonitor;MSI FileSync Monitor;C:\MSI\MSI SUITE\MSIMonitor\MSIFileSyncMonitor.exe [2013-2-26 9728] S4 MSISleep;MSISleep;C:\Program Files (x86)\MSI\ControlCenter\Sleep\MSISleepService.exe [2013-6-1 282624] S4 PanService;PandoraService;C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe [2013-1-25 625304] S4 Samsung UPD Service2;Samsung UPD Service2;C:\WINDOWS\System32\SUPDSvc2.exe [2012-4-5 158208] S4 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096] S4 XobniService;XobniService;C:\Program Files (x86)\Xobni\XobniService.exe [2012-4-9 62184] S4 Zoolz 2 Service;Zoolz Service;C:\Program Files\Genie9\Zoolz2\ZoolzService.exe [2013-5-19 453136] . =============== File Associations =============== . FileExt: .scr: SageThumbsImage.scr="%1" /S [userChoice] FileExt: .txt: txtfile="C:\Program Files\Just Great Software\EditPad Lite 7\EditPadLite7.exe" "%1" [userChoice] FileExt: .js: JSFile="E:\Adobe\Adobe Dreamweaver CS6\Dreamweaver.exe","%1" ShellExec: dreamweaver.exe: Open="E:\Adobe\Adobe Dreamweaver CS6\dreamweaver.exe", "%1" ShellExec: LightningViewer.exe: View="c:\Program Files (x86)\Corel\WordPerfect Office X6\Programs\LightningNavigator.exe" "-ViewDocument" "%1" . =============== Created Last 30 ================ . 2013-06-08 17:30:06 207968 ----a-w- C:\WINDOWS\System32\drivers\94116601.sys 2013-06-08 16:48:49 96784 ----a-w- C:\WINDOWS\SysWow64\WPRO_41_2001woem.tmp 2013-06-08 16:48:49 35344 ----a-w- C:\WINDOWS\System32\drivers\WPRO_41_2001.sys 2013-06-08 16:48:31 76232 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{FFBD7B98-F9CD-4589-8EA9-918CE300B8E3}\offreg.dll 2013-06-08 08:39:37 -------- d-----w- C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2013-06-08 07:30:58 -------- d-----w- C:\Program Files (x86)\LibreOfficeDev 4 2013-06-08 02:06:31 580096 ----a-w- C:\WINDOWS\System32\ac3filter.acm.old 2013-06-08 02:06:31 361472 ----a-w- C:\WINDOWS\System32\aacacm.acm 2013-06-08 02:06:31 3554304 ----a-w- C:\WINDOWS\System32\x264vfw.dll 2013-06-08 02:06:31 2231296 ----a-w- C:\WINDOWS\System32\ac3filter.acm.new 2013-06-08 02:06:31 2231296 ----a-w- C:\WINDOWS\System32\ac3filter.acm 2013-06-08 02:06:31 206336 ----a-w- C:\WINDOWS\System32\unrar64.dll 2013-06-08 02:06:31 1922048 ----a-w- C:\WINDOWS\System32\VSFilter.dll 2013-06-08 02:06:31 180736 ----a-w- C:\WINDOWS\System32\ac3acm.acm 2013-06-08 02:06:31 148992 ----a-w- C:\WINDOWS\System32\lagarith.dll 2013-06-08 02:06:31 127488 ----a-w- C:\WINDOWS\System32\ff_vfw.dll 2013-06-08 02:06:31 124909 ----a-w- C:\WINDOWS\System32\pthreadGC2.dll 2013-06-08 01:55:55 9460464 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{FFBD7B98-F9CD-4589-8EA9-918CE300B8E3}\mpengine.dll 2013-06-07 16:00:25 9460464 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll 2013-06-07 00:05:42 -------- d-----w- C:\Users\Z\MHT Files 2013-06-06 23:04:13 513024 ----a-w- C:\WINDOWS\SysWow64\mfmpeg2srcsnk.dll.bak 2013-06-06 23:04:13 332800 ----a-w- C:\WINDOWS\SysWow64\mfds.dll.bak 2013-06-06 23:03:40 1679360 ----a-w- C:\WINDOWS\SysWow64\ac3filter.acm.new 2013-06-06 23:03:28 -------- d-----w- C:\Users\Z\AppData\Roaming\Advanced 2013-06-06 22:48:15 -------- d-----w- C:\Program Files (x86)\Shark007 2013-06-06 21:42:05 -------- d-----w- C:\Program Files\Wireshark 2013-06-06 21:38:39 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2013-06-06 21:38:39 -------- d-----w- C:\Program Files\iTunes 2013-06-06 21:38:39 -------- d-----w- C:\Program Files\iPod 2013-06-06 21:33:16 263576 ----a-w- C:\Program Files (x86)\Mozilla Firefox\browser\components\browsercomps.dll 2013-06-06 21:15:06 405320 ----a-w- C:\WINDOWS\SysWow64\is-5CP9U.tmp 2013-06-05 09:57:12 -------- d-----w- C:\ProgramData\Paessler 2013-06-05 09:57:06 -------- d-----w- C:\usr 2013-06-05 09:57:02 -------- d-----w- C:\ProgramData\Logs 2013-06-05 09:56:23 405320 ----a-w- C:\WINDOWS\SysWow64\is-0T3LB.tmp 2013-06-05 08:12:06 -------- d-----w- C:\Program Files (x86)\Network Security Task Manager 2013-06-05 08:09:10 -------- d-----w- C:\Program Files (x86)\WinPcap 2013-06-04 20:35:03 -------- d-----w- C:\Users\Z\AppData\Roaming\Final Draft 2013-06-04 16:37:47 -------- d-sh--w- C:\Users\Z\AppData\Local\ms-drivers 2013-06-04 16:37:47 -------- d-----w- C:\Users\Z\AppData\Local\MetaGeek,_LLC 2013-06-04 12:57:49 -------- d-----w- C:\Program Files (x86)\MetaGeek 2013-06-04 06:38:36 -------- d-----w- C:\Program Files\Nightly 2013-06-04 02:09:37 -------- d-----w- C:\WINDOWS\WICCodecs 2013-06-04 01:14:48 -------- d-----w- C:\ProgramData\Final Draft 2013-06-04 01:14:47 -------- d-----w- C:\Program Files (x86)\Final Draft 8 2013-06-04 01:13:48 -------- d-----w- C:\Program Files (x86)\Advanced 2013-06-04 01:13:23 -------- d-----w- C:\ProgramData\Advanced 2013-06-04 01:09:08 -------- d-----w- C:\Program Files (x86)\Common Files\Wise Installation Wizard 2013-06-04 01:07:11 -------- d-----w- C:\Users\Z\AppData\Local\Amazon 2013-06-03 23:46:17 -------- d-----w- C:\Program Files (x86)\Elcomsoft Password Recovery 2013-06-03 23:16:45 -------- d-----w- C:\Program Files (x86)\NetSetMan Pro 2013-06-03 22:52:24 -------- d-----w- C:\Program Files\Active Directory Rights Management Services Client 2.1 2013-06-03 22:52:24 -------- d-----w- C:\Program Files (x86)\Active Directory Rights Management Services Client 2.1 2013-06-03 22:51:56 -------- d-----w- C:\ProgramData\Applications 2013-06-03 22:00:55 -------- d-----w- C:\Icons 2013-06-03 22:00:44 -------- d-----w- C:\New folder 2013-06-03 08:45:28 -------- d-s---w- C:\WINDOWS\SysWow64\Microsoft 2013-06-03 08:44:50 -------- d-----w- C:\Program Files (x86)\USPS 2013-06-02 03:56:04 -------- d-----w- C:\WINDOWS\SysWow64\RTCOM 2013-06-02 03:56:04 -------- d-----w- C:\Program Files\Realtek 2013-06-02 01:44:38 -------- d--h--w- C:\msiFastBoot 2013-06-02 00:18:03 -------- d-----w- C:\Users\Z\AppData\Local\Micro-Star_Int'l_Co.,_Ltd 2013-06-01 20:30:57 106496 ----a-w- C:\Program Files (x86)\Windows Media Player\wmp.dll 2013-06-01 20:30:56 -------- d-----w- C:\Program Files (x86)\Windows Media Player Plus! 2013-06-01 04:10:29 168288 ----a-w- C:\WINDOWS\System32\drivers\idmwfp.sys 2013-05-31 10:05:21 -------- d-----w- C:\Users\Z\dsc 2013-05-31 04:58:59 -------- d-----w- C:\Program Files (x86)\Fastcase, Inc 2013-05-31 04:07:10 -------- d-----w- C:\Users\Z\CallerIP 2013-05-31 04:07:06 -------- d-----w- C:\Program Files (x86)\CallerIP 2013-05-31 03:57:33 -------- d-----w- C:\Users\Z\VisualRoute 2013-05-31 03:56:38 -------- d-----w- C:\Program Files (x86)\VisualRoute 2013-05-31 03:50:11 -------- d-----w- C:\Users\Z\eMailTrackerPro 2013-05-31 03:50:06 -------- d-----w- C:\Program Files (x86)\eMailTrackerPro 2013-05-30 22:15:18 -------- d-----w- C:\Upload 2013-05-30 22:15:00 -------- d-----w- C:\Samsung Link 2013-05-30 20:50:53 -------- d-----w- C:\Users\Z\AppData\Roaming\Fenrir Inc 2013-05-30 20:50:43 -------- d-----w- C:\Program Files (x86)\Fenrir Inc 2013-05-30 20:43:19 29704 ----a-w- C:\WINDOWS\System32\nitrolocalmon2.dll 2013-05-30 20:43:19 17928 ----a-w- C:\WINDOWS\System32\nitrolocalui2.dll 2013-05-30 20:43:08 -------- d-----w- C:\Program Files\Common Files\Nitro 2013-05-30 20:43:07 -------- d-----w- C:\Program Files (x86)\Nitro 2013-05-30 20:43:07 -------- d-----w- C:\Program Files (x86)\Common Files\Nitro 2013-05-29 23:57:20 -------- d-----w- C:\Users\Z\AppData\Local\Nero 2013-05-29 23:41:31 -------- d-----w- C:\Users\Z\AppData\Roaming\GlarySoft 2013-05-29 23:40:28 -------- d-----w- C:\Program Files (x86)\Glary Utilities 2013-05-29 23:18:43 -------- d-----w- C:\WINDOWS\LastGood.Tmp 2013-05-27 20:54:46 70152 ----a-w- C:\WINDOWS\SysWow64\NLSSRV32.EXE 2013-05-25 18:29:42 -------- d-----w- C:\Program Files\Cyberfox 2013-05-25 06:28:36 2322264 ----a-w- C:\WINDOWS\SysWow64\snjawt11.dll 2013-05-25 06:28:35 3258748 ----a-w- C:\WINDOWS\SysWow64\symbeans.dll 2013-05-25 06:28:35 317636 ----a-w- C:\WINDOWS\SysWow64\snjbeans11.dll 2013-05-25 06:28:35 2822148 ----a-w- C:\WINDOWS\SysWow64\snjrt11.dll 2013-05-25 06:28:35 200292 ----a-w- C:\WINDOWS\SysWow64\snjmath11.dll 2013-05-25 06:28:35 167280 ----a-w- C:\WINDOWS\SysWow64\snjres11.dll 2013-05-25 06:28:34 -------- d-----w- C:\My VoiceMail 2013-05-25 06:28:20 306688 ----a-w- C:\WINDOWS\IsUninst.exe 2013-05-25 05:32:34 -------- d-----w- C:\Users\Z\AppData\Local\Sanford,_L.P 2013-05-25 02:53:39 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin5.dll 2013-05-25 02:53:39 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin4.dll 2013-05-25 02:53:39 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin3.dll 2013-05-25 02:53:39 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin2.dll 2013-05-25 02:53:39 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin.dll 2013-05-25 02:53:39 159744 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll 2013-05-25 02:53:39 159744 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll 2013-05-25 02:53:39 159744 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll 2013-05-25 02:53:39 159744 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll 2013-05-25 02:53:39 159744 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll 2013-05-24 03:12:14 801864 ----a-w- C:\WINDOWS\System32\drivers\Rt630x64.sys 2013-05-20 18:59:08 -------- d-----w- C:\Program Files\Genie9 2013-05-20 07:50:15 -------- d-----w- C:\Users\Z\.android 2013-05-19 12:43:51 -------- d-----w- C:\Users\Z\AppData\Local\Skitch 2013-05-17 04:26:22 -------- d-----w- C:\ContaCam 2013-05-17 04:26:21 -------- d-----w- C:\Users\Z\AppData\Roaming\Contaware 2013-05-17 04:25:01 -------- d-----w- C:\Program Files (x86)\ContaCam 2013-05-16 03:39:13 -------- d-----w- C:\brother 2013-05-14 22:39:24 78200 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl 2013-05-14 22:39:24 693112 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerApp.exe 2013-05-14 22:23:59 817152 ----a-w- C:\WINDOWS\System32\kerberos.dll 2013-05-14 22:21:01 2382336 ----a-w- C:\WINDOWS\SysWow64\esent.dll 2013-05-14 22:21:00 2851840 ----a-w- C:\WINDOWS\System32\esent.dll 2013-05-14 22:20:59 1455368 ----a-w- C:\WINDOWS\System32\drivers\dxgkrnl.sys 2013-05-14 22:20:38 861184 ----a-w- C:\WINDOWS\System32\drivers\http.sys 2013-05-14 22:20:38 6987528 ----a-w- C:\WINDOWS\System32\ntoskrnl.exe 2013-05-14 21:42:32 -------- d-----w- C:\Users\Z\AppData\Roaming\EssentialPIM Pro 2013-05-14 21:42:32 -------- d-----w- C:\Program Files (x86)\EssentialPIM Pro 2013-05-11 10:38:02 209472 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.dll 2013-05-10 04:47:29 -------- d-----w- C:\Program Files (x86)\LibreOffice 4.0 2013-05-09 22:27:15 -------- d-----w- C:\Program Files (x86)\Evernote . ==================== Find3M ==================== . 2013-06-08 07:13:43 18960 ----a-w- C:\WINDOWS\System32\drivers\LNonPnP.sys 2013-06-06 06:37:04 204032 ----a-w- C:\WINDOWS\System32\drivers\WinisoCDBus.sys 2013-05-23 18:45:54 26432 ----a-w- C:\WINDOWS\System32\novamnp7.dll 2013-05-23 18:45:54 22336 ----a-w- C:\WINDOWS\System32\novamip7.dll 2013-05-19 01:09:32 5 ----a-w- C:\ProgramData\RICOH Aficio SP 100SF DDSTMonSet.bin 2013-05-13 20:22:46 287960 ------w- C:\WINDOWS\System32\fppr4-x64.dll 2013-05-13 20:22:38 596184 ------w- C:\WINDOWS\System32\fppmon4.dll 2013-05-13 20:22:36 75992 ------w- C:\WINDOWS\System32\fppent4a.dll 2013-05-13 04:55:36 346840 ------w- C:\WINDOWS\System32\fpres7-x64.dll 2013-05-13 04:55:28 568024 ------w- C:\WINDOWS\System32\fpmon7.dll 2013-05-13 04:55:26 49368 ------w- C:\WINDOWS\System32\fpent7a.dll 2013-05-02 15:29:56 278800 ------w- C:\WINDOWS\System32\MpSigStub.exe 2013-05-01 10:59:12 94208 ----a-w- C:\WINDOWS\SysWow64\QuickTimeVR.qtx 2013-05-01 10:59:12 69632 ----a-w- C:\WINDOWS\SysWow64\QuickTime.qts 2013-04-29 18:00:00 1566720 ----a-w- C:\WINDOWS\SysWow64\VSFilter.dll 2013-04-24 02:07:44 95648 ----a-w- C:\WINDOWS\SysWow64\WindowsAccessBridge-32.dll 2013-04-24 02:07:42 866720 ----a-w- C:\WINDOWS\SysWow64\npDeployJava1.dll 2013-04-24 02:07:42 788896 ----a-w- C:\WINDOWS\SysWow64\deployJava1.dll 2013-04-24 02:06:48 108448 ----a-w- C:\WINDOWS\System32\WindowsAccessBridge-64.dll 2013-04-24 02:06:47 1092512 ----a-w- C:\WINDOWS\System32\npDeployJava1.dll 2013-04-24 02:06:46 971680 ----a-w- C:\WINDOWS\System32\deployJava1.dll 2013-04-22 11:09:56 0 ----a-w- C:\SDT39AF.tmp 2013-04-22 07:59:20 208216 ----a-w- C:\WINDOWS\System32\drivers\13302766.sys 2013-04-16 00:48:03 27016 ----a-w- C:\WINDOWS\SysWow64\drivers\PROCEXP141.SYS 2013-04-15 09:38:12 0 ----a-w- C:\SDT3C3D.tmp 2013-04-13 05:56:35 444416 ----a-w- C:\WINDOWS\apppatch\AcSpecfc.dll 2013-04-10 03:09:50 73800 ----a-w- C:\WINDOWS\System32\RtNicProp64.dll 2013-04-09 23:17:44 2242048 ----a-w- C:\WINDOWS\System32\wininet.dll 2013-04-09 23:17:36 915968 ----a-w- C:\WINDOWS\System32\uxtheme.dll 2013-04-09 23:16:58 3958784 ----a-w- C:\WINDOWS\System32\jscript9.dll 2013-04-09 22:30:26 1767424 ----a-w- C:\WINDOWS\SysWow64\wininet.dll 2013-04-09 22:29:44 2877440 ----a-w- C:\WINDOWS\SysWow64\jscript9.dll 2013-04-09 05:33:02 489576 ----a-w- C:\WINDOWS\System32\AudioEng.dll 2013-04-09 05:33:02 446792 ----a-w- C:\WINDOWS\System32\AudioSes.dll 2013-04-09 05:33:02 253544 ----a-w- C:\WINDOWS\System32\audiodg.exe 2013-04-09 05:27:43 284424 ----a-w- C:\WINDOWS\System32\drivers\spaceport.sys 2013-04-09 05:20:02 86280 ----a-w- C:\WINDOWS\System32\kdnet.dll 2013-04-09 05:20:02 306952 ----a-w- C:\WINDOWS\System32\kd_02_10ec.dll 2013-04-09 05:18:05 77960 ----a-w- C:\WINDOWS\System32\kdvm.dll 2013-04-09 05:17:57 1829408 ----a-w- C:\WINDOWS\System32\ntdll.dll 2013-04-09 04:52:07 816128 ----a-w- C:\WINDOWS\System32\SearchIndexer.exe 2013-04-09 04:52:07 373760 ----a-w- C:\WINDOWS\System32\SearchProtocolHost.exe 2013-04-09 04:52:07 197120 ----a-w- C:\WINDOWS\System32\SearchFilterHost.exe 2013-04-09 04:52:07 126464 ----a-w- C:\WINDOWS\System32\Robocopy.exe 2013-04-09 04:52:06 804352 ----a-w- C:\WINDOWS\System32\RecoveryDrive.exe 2013-04-09 04:51:51 367616 ----a-w- C:\WINDOWS\System32\conhost.exe 2013-04-09 04:51:45 523264 ----a-w- C:\WINDOWS\System32\XpsGdiConverter.dll 2013-04-09 04:51:41 99840 ----a-w- C:\WINDOWS\System32\wscsvc.dll 2013-04-09 04:51:41 456704 ----a-w- C:\WINDOWS\System32\wpncore.dll 2013-04-09 04:51:20 13648384 ----a-w- C:\WINDOWS\System32\Windows.UI.Xaml.dll 2013-04-09 04:51:17 595456 ----a-w- C:\WINDOWS\System32\Windows.Networking.dll 2013-04-09 04:51:17 391168 ----a-w- C:\WINDOWS\System32\Windows.Networking.BackgroundTransfer.dll 2013-04-09 04:51:05 10116096 ----a-w- C:\WINDOWS\System32\twinui.dll 2013-04-09 04:51:03 3552768 ----a-w- C:\WINDOWS\System32\tquery.dll 2013-04-09 04:50:53 414720 ----a-w- C:\WINDOWS\System32\GenuineCenter.dll 2013-04-09 04:50:39 422400 ----a-w- C:\WINDOWS\System32\schannel.dll 2013-04-09 04:50:39 1285632 ----a-w- C:\WINDOWS\System32\schedsvc.dll 2013-04-09 04:50:03 96256 ----a-w- C:\WINDOWS\System32\mssprxy.dll 2013-04-09 04:50:03 745984 ----a-w- C:\WINDOWS\System32\mssvp.dll 2013-04-09 04:50:03 2107904 ----a-w- C:\WINDOWS\System32\mssrch.dll 2013-04-09 04:50:02 65024 ----a-w- C:\WINDOWS\System32\msscntrs.dll 2013-04-09 04:50:02 435200 ----a-w- C:\WINDOWS\System32\mssph.dll 2013-04-09 04:50:02 13824 ----a-w- C:\WINDOWS\System32\msshooks.dll 2013-04-09 04:49:54 1444864 ----a-w- C:\WINDOWS\System32\MSAudDecMFT.dll 2013-04-09 04:49:45 468992 ----a-w- C:\WINDOWS\System32\MFMediaEngine.dll 2013-04-09 04:49:45 281088 ----a-w- C:\WINDOWS\System32\mfreadwrite.dll 2013-04-09 04:49:33 210432 ----a-w- C:\WINDOWS\System32\iuilp.dll 2013-04-09 04:49:16 50176 ----a-w- C:\WINDOWS\System32\fmifs.dll 2013-04-09 04:49:16 231936 ----a-w- C:\WINDOWS\System32\fhengine.dll 2013-04-09 04:49:09 172544 ----a-w- C:\WINDOWS\System32\dwmredir.dll 2013-04-09 04:49:06 196096 ----a-w- C:\WINDOWS\System32\dmvdsitf.dll 2013-04-09 04:48:43 2303488 ----a-w- C:\WINDOWS\System32\authui.dll 2013-04-09 04:48:42 785408 ----a-w- C:\WINDOWS\System32\audiosrv.dll 2013-04-09 04:48:42 169472 ----a-w- C:\WINDOWS\System32\AudioEndpointBuilder.dll 2013-04-09 04:48:34 419840 ----a-w- C:\WINDOWS\System32\intl.cpl 2013-04-09 02:35:13 4038144 ----a-w- C:\WINDOWS\System32\win32k.sys 2013-04-09 02:34:49 83968 ----a-w- C:\WINDOWS\System32\drivers\hidclass.sys 2013-04-09 02:34:42 27648 ----a-w- C:\WINDOWS\System32\drivers\hidusb.sys 2013-04-09 02:34:30 95744 ----a-w- C:\WINDOWS\System32\drivers\hidbth.sys 2013-04-09 02:33:41 60416 ----a-w- C:\WINDOWS\System32\drivers\ndproxy.sys 2013-04-09 02:33:05 623104 ----a-w- C:\WINDOWS\System32\drivers\srv2.sys 2013-04-09 02:32:02 805376 ----a-w- C:\WINDOWS\System32\drivers\PEAuth.sys 2013-04-09 02:31:14 247808 ----a-w- C:\WINDOWS\System32\drivers\srvnet.sys 2013-04-09 02:31:01 83456 ----a-w- C:\WINDOWS\System32\drivers\wanarp.sys 2013-04-08 23:44:25 123880 ----a-w- C:\WINDOWS\SysWow64\wscapi.dll 2013-04-08 23:39:14 1408896 ----a-w- C:\WINDOWS\SysWow64\ntdll.dll 2013-04-08 23:37:29 426024 ----a-w- C:\WINDOWS\SysWow64\AudioEng.dll 2013-04-08 23:37:29 324368 ----a-w- C:\WINDOWS\SysWow64\AudioSes.dll 2013-04-08 21:52:16 670208 ----a-w- C:\WINDOWS\SysWow64\SearchIndexer.exe 2013-04-08 21:52:16 302592 ----a-w- C:\WINDOWS\SysWow64\SearchProtocolHost.exe 2013-04-08 21:52:16 171008 ----a-w- C:\WINDOWS\SysWow64\SearchFilterHost.exe 2013-04-08 21:52:16 106496 ----a-w- C:\WINDOWS\SysWow64\Robocopy.exe 2013-04-08 21:52:06 364544 ----a-w- C:\WINDOWS\SysWow64\XpsGdiConverter.dll 2013-04-06 04:26:24 1679360 ----a-w- C:\WINDOWS\SysWow64\ac3filter.acm 2013-04-04 23:30:17 503080 ----a-w- C:\WINDOWS\System32\ci.dll 2013-04-04 21:50:32 25928 ----a-w- C:\WINDOWS\System32\drivers\mbam.sys 2013-04-02 14:09:52 4550656 ----a-w- C:\WINDOWS\SysWow64\GPhotos.scr 2013-03-30 18:16:05 1403784 ----a-w- C:\WINDOWS\System32\winload.efi 2013-03-30 18:16:05 1267424 ----a-w- C:\WINDOWS\System32\winload.exe 2013-03-29 02:37:10 78432 ----a-w- C:\WINDOWS\System32\atimpc64.dll . ============= FINISH: 10:41:44.91 =============== Attached are my logs dds.txt attach.txt
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.