Thanks in advance.
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16464 BrowserJavaVersion: 10.13.2
Run by user at 11:56:33 on 2013-02-20
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3071.983 [GMT 0:00]
.
AV: ESET Smart Security 6.0 *Enabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET Smart Security 6.0 *Enabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Personal firewall *Enabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\WUDFHost.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files (x86)\NETGEAR\WNDA3100v2\WNDA3100v2.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\sppsvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.b1.org/?bsrc=4hixr&chid=c162341
uWindow Title = Internet Explorer, optimized for Bing and MSN
uSearch Page = hxxp://search.b1.org/?bsrc=4hixr&chid=c162341
uURLSearchHooks: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - <orphaned>
mWinlogon: Userinit = userinit.exe,
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\NETGEA~1.LNK - C:\Program Files (x86)\NETGEAR\WNDA3100v2\WNDA3100v2.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: &Download with &DAP - C:\Program Files (x86)\DAP\dapextie.htm
IE: &Verify with DAP - C:\Program Files (x86)\DAP\dapverify.htm
IE: Download &all with DAP - C:\Program Files (x86)\DAP\dapextie2.htm
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Turbo Internet: Bookmark this page - C:\Program Files (x86)\Turbo Internet\exts\addFav.html
IE: Turbo Internet: Download this link - C:\Program Files (x86)\Turbo Internet\exts\dl.html
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
LSP: %SYSTEMROOT%\system32\nvLsp.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
TCP: NameServer = 192.168.1.254
TCP: Interfaces\{992CA1D5-352F-4FBD-9840-73F786C5B69D} : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{E567FE5E-8C6F-4A72-94F9-36A585920C85} : DHCPNameServer = 192.168.1.254
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.56\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
IFEO: skype.exe - "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-IFEO: skype.exe - "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
Hosts: 192.168.1.65 blackshades.ru
Hosts: 192.168.1.65 bshades.eu
Hosts: 192.168.1.65 bsbackup.mine.nu
Hosts: 192.168.1.65 blackshades.info
.
============= SERVICES / DRIVERS ===============
.
R0 epfwwfp;epfwwfp;C:\Windows\System32\drivers\epfwwfp.sys [2012-12-21 57904]
R0 SCMNdisP;General NDIS Protocol Driver;C:\Windows\System32\drivers\SCMNdisP.sys [2013-1-13 25056]
R1 eamonm;eamonm;C:\Windows\System32\drivers\eamonm.sys [2012-12-21 213416]
R1 EpfwLWF;Epfw NDIS LightWeight Filter;C:\Windows\System32\drivers\EpfwLWF.sys [2012-12-21 59440]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R2 ekrn;ESET Service;C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2012-12-21 1333424]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-1-10 398184]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-1-10 682344]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2013-1-31 2402080]
R3 BCMH43XX;Broadcom 802.11 USB Network Adapter Driver;C:\Windows\System32\drivers\bcmwlhigh664.sys [2013-1-13 1256192]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-1-10 24176]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [2012-11-16 11880]
R3 WsAudio_DeviceS(1);WsAudio_DeviceS(1);C:\Windows\System32\drivers\WsAudio_DeviceS(1).sys [2012-12-18 29288]
R3 WsAudio_DeviceS(2);WsAudio_DeviceS(2);C:\Windows\System32\drivers\WsAudio_DeviceS(2).sys [2012-12-18 29288]
R3 WsAudio_DeviceS(3);WsAudio_DeviceS(3);C:\Windows\System32\drivers\WsAudio_DeviceS(3).sys [2012-12-18 29288]
R3 WsAudio_DeviceS(4);WsAudio_DeviceS(4);C:\Windows\System32\drivers\WsAudio_DeviceS(4).sys [2012-12-18 29288]
R3 WsAudio_DeviceS(5);WsAudio_DeviceS(5);C:\Windows\System32\drivers\WsAudio_DeviceS(5).sys [2012-12-18 29288]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 athrusb;Belkin Wireless LAN USB device driver;C:\Windows\System32\drivers\athrxusb.sys [2008-7-28 1075712]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-12-15 1255736]
S3 WsAudio_Device;WsAudio_Device;C:\Windows\System32\drivers\VirtualAudio.sys [2013-1-10 31080]
S4 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2012-7-11 140672]
S4 lxdq_device;lxdq_device;C:\Windows\System32\lxdqcoms.exe -service --> C:\Windows\System32\lxdqcoms.exe -service [?]
S4 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [2012-11-29 38608]
S4 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-2-7 161384]
S4 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-11-30 382824]
S4 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S4 TeamViewer8;TeamViewer 8;C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-1-15 3467768]
S4 WSWNDA3100v2;WSWNDA3100v2;C:\Program Files (x86)\NETGEAR\WNDA3100v2\WifiSvc.exe [2013-1-13 303360]
.
=============== File Associations ===============
.
FileExt: .js: jsfile="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\Dreamweaver.exe","%1"
ShellExec: dreamweaver.exe: Open="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\dreamweaver.exe", "%1"
.
=============== Created Last 30 ================
.
2013-02-19 21:27:26 9162192 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{1AE15795-6AB1-4C63-BF11-A2DF4760DB5D}\mpengine.dll
2013-02-17 21:46:16 95648 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-02-17 15:28:41 -------- d-----w- C:\Users\user\AppData\Roaming\YGOPro
2013-02-17 15:27:42 -------- d-----w- C:\Users\user\AppData\Roaming\DevPro
2013-02-17 15:11:57 -------- d-----w- C:\Users\user\AppData\Roaming\EQATEC Analytics
2013-02-17 15:10:48 -------- d-----w- C:\ProgramData\SpeedBit
2013-02-17 15:10:20 172032 ----a-w- C:\Windows\SysWow64\AniGIF.ocx
2013-02-17 15:09:27 -------- d-----w- C:\Program Files (x86)\Common Files\SpeedBit
2013-02-16 21:36:48 -------- d-----w- C:\Users\user\AppData\Local\Geckofx
2013-02-15 18:46:23 35104 ----a-w- C:\Windows\System32\TURegOpt.exe
2013-02-15 18:46:21 26400 ----a-w- C:\Windows\System32\authuitu.dll
2013-02-15 18:46:21 21792 ----a-w- C:\Windows\SysWow64\authuitu.dll
2013-02-15 18:46:02 -------- d-----w- C:\Program Files (x86)\TuneUp Utilities 2013
2013-02-14 10:07:24 -------- d-sh--w- C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2013-02-13 17:48:20 996352 ----a-w- C:\Program Files\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-13 17:48:20 768000 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-13 12:10:31 5553512 ----a-w- C:\Windows\System32\ntoskrnl.exe
2013-02-13 12:10:31 3967848 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2013-02-13 12:10:30 3913064 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2013-02-13 12:10:24 3153408 ----a-w- C:\Windows\System32\win32k.sys
2013-02-13 12:10:23 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2013-02-13 12:10:23 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2013-02-13 12:10:23 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2013-02-13 12:10:23 215040 ----a-w- C:\Windows\System32\winsrv.dll
2013-02-13 12:10:23 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2013-02-13 12:10:22 2048 ----a-w- C:\Windows\SysWow64\user.exe
2013-02-13 12:10:21 288088 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS
2013-02-13 12:10:21 1913192 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2013-02-12 18:20:37 -------- d-----w- C:\Program Files (x86)\Microsoft Synchronization Services
2013-02-12 18:20:01 -------- d-----w- C:\Windows\PCHEALTH
2013-02-12 18:20:01 -------- d-----w- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2013-02-12 18:16:37 -------- d-----w- C:\Program Files (x86)\Microsoft Visual Studio 8
2013-02-12 18:15:55 -------- d-----w- C:\Program Files (x86)\Microsoft Analysis Services
2013-02-12 11:06:52 91264 ----a-w- C:\Windows\SysWow64\EasyHook32.dll
2013-02-09 18:24:19 -------- d-----w- C:\wordpress
2013-02-09 14:29:12 -------- d-----w- C:\Program Files (x86)\Total Video Converter
2013-02-05 17:16:34 -------- d-----w- C:\Program Files (x86)\VS Revo Group
2013-02-05 17:08:50 -------- d-----w- C:\Users\user\AppData\Roaming\SUPERAntiSpyware.com
2013-02-05 17:08:32 -------- d-----w- C:\Program Files (x86)\SpywareBlaster
2013-02-05 17:08:21 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com
2013-02-05 17:08:21 -------- d-----w- C:\Program Files\SUPERAntiSpyware
2013-02-03 14:04:34 -------- d-----w- C:\Users\user\AppData\Roaming\ESET
2013-02-03 14:04:34 -------- d-----w- C:\Users\user\AppData\Local\ESET
2013-02-03 14:01:45 -------- d-----w- C:\Program Files\ESET
2013-02-02 19:33:57 -------- d-----w- C:\Program Files\Defraggler
2013-02-02 19:30:32 -------- d-----w- C:\Users\user\AppData\Roaming\TuneUp Software
2013-02-02 19:29:42 -------- d-----w- C:\ProgramData\TuneUp Software
2013-02-02 19:29:31 -------- d-sh--w- C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936}
2013-02-01 13:13:54 -------- d-----w- C:\Program Files (x86)\ESET
2013-02-01 12:48:39 -------- d-----w- C:\Program Files (x86)\Skillbrains
2013-02-01 12:48:37 -------- d-----w- C:\Users\user\AppData\Local\Skillbrains
2013-01-30 22:34:56 -------- d-----w- C:\Users\user\AppData\Roaming\PDAppFlex
2013-01-30 17:12:10 -------- d-----w- C:\Users\user\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2013-01-29 20:18:13 -------- d-----w- C:\ProgramData\OUTLAWS
2013-01-28 18:53:20 -------- d-----w- C:\ProgramData\regid.1986-12.com.adobe
2013-01-25 00:21:35 -------- d-----w- C:\Users\user\workspace
2013-01-24 17:34:50 -------- d-----w- C:\Users\user\.projrs06
2013-01-24 16:58:36 23552 ----a-w- C:\FreeTheWadsGUI.exe
2013-01-24 16:48:33 868352 ----a-w- C:\cygcrypto-0.9.8.dll
2013-01-24 16:48:33 1873396 ----a-w- C:\cygwin1.dll
2013-01-24 16:48:33 13894 ----a-w- C:\freethewads.exe
2013-01-21 19:07:47 -------- d-----w- C:\Users\user\ZarporCache
2013-01-21 18:26:25 -------- d-----w- C:\Program Files (x86)\HMA! Pro VPN
2013-01-21 12:14:59 -------- d-----w- C:\Users\user\SilGar
2013-01-21 12:05:24 -------- d-----w- C:\Users\user\.ultimatescape
.
==================== Find3M ====================
.
2013-02-17 21:46:02 861088 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
2013-02-17 21:46:02 782240 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2013-01-09 01:19:09 2312704 ----a-w- C:\Windows\System32\jscript9.dll
2013-01-09 01:12:03 1392128 ----a-w- C:\Windows\System32\wininet.dll
2013-01-09 01:11:06 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2013-01-09 01:07:51 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2013-01-09 01:07:47 599040 ----a-w- C:\Windows\System32\vbscript.dll
2013-01-09 01:04:42 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2013-01-08 22:11:21 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-01-08 22:03:20 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-01-08 22:03:12 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2013-01-08 21:59:02 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2013-01-08 21:58:29 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
2013-01-08 21:56:23 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-01-04 04:43:21 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
2013-01-03 10:01:35 499712 ----a-w- C:\Windows\SysWow64\msvcp71.dll
2013-01-03 10:01:35 348160 ----a-w- C:\Windows\SysWow64\msvcr71.dll
2012-12-21 13:09:28 57904 ----a-w- C:\Windows\System32\drivers\epfwwfp.sys
2012-12-21 13:09:24 59440 ----a-w- C:\Windows\System32\drivers\EpfwLWF.sys
2012-12-21 13:09:24 190232 ----a-w- C:\Windows\System32\drivers\epfw.sys
2012-12-21 13:08:54 150616 ----a-w- C:\Windows\System32\drivers\ehdrv.sys
2012-12-21 13:08:18 213416 ----a-w- C:\Windows\System32\drivers\eamonm.sys
2012-12-16 17:11:22 46080 ----a-w- C:\Windows\System32\atmlib.dll
2012-12-16 14:45:03 367616 ----a-w- C:\Windows\System32\atmfd.dll
2012-12-16 14:13:28 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll
2012-12-16 14:13:20 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2012-12-14 16:49:28 24176 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-12-14 14:39:15 959976 ----a-w- C:\Windows\System32\deployJava1.dll
2012-12-14 14:39:15 1081320 ----a-w- C:\Windows\System32\npDeployJava1.dll
2012-12-12 17:38:14 419840 ----a-w- C:\Windows\System32\systemcpl.dll
2012-12-09 09:51:20 126944 ----a-w- C:\Windows\System32\drivers\scdemu.sys
2012-12-07 13:20:16 441856 ----a-w- C:\Windows\System32\Wpc.dll
2012-12-07 13:15:31 2746368 ----a-w- C:\Windows\System32\gameux.dll
2012-12-07 12:26:17 308736 ----a-w- C:\Windows\SysWow64\Wpc.dll
2012-12-07 12:20:43 2576384 ----a-w- C:\Windows\SysWow64\gameux.dll
2012-12-07 11:20:04 30720 ----a-w- C:\Windows\System32\usk.rs
2012-12-07 11:20:03 43520 ----a-w- C:\Windows\System32\csrr.rs
2012-12-07 11:20:03 23552 ----a-w- C:\Windows\System32\oflc.rs
2012-12-07 11:20:01 45568 ----a-w- C:\Windows\System32\oflc-nz.rs
2012-12-07 11:20:01 44544 ----a-w- C:\Windows\System32\pegibbfc.rs
2012-12-07 11:20:01 20480 ----a-w- C:\Windows\System32\pegi-fi.rs
2012-12-07 11:20:00 20480 ----a-w- C:\Windows\System32\pegi-pt.rs
2012-12-07 11:19:59 20480 ----a-w- C:\Windows\System32\pegi.rs
2012-12-07 11:19:58 46592 ----a-w- C:\Windows\System32\fpb.rs
2012-12-07 11:19:57 40960 ----a-w- C:\Windows\System32\cob-au.rs
2012-12-07 11:19:57 21504 ----a-w- C:\Windows\System32\grb.rs
2012-12-07 11:19:57 15360 ----a-w- C:\Windows\System32\djctq.rs
2012-12-07 11:19:56 55296 ----a-w- C:\Windows\System32\cero.rs
2012-12-07 11:19:55 51712 ----a-w- C:\Windows\System32\esrb.rs
2012-12-03 15:47:14 9271352 ----a-w- C:\Windows\System32\nvcuda.dll
2012-12-01 05:49:25 63336 ----a-w- C:\Windows\System32\nvshext.dll
2012-12-01 05:49:25 118120 ----a-w- C:\Windows\System32\nvmctray.dll
2012-12-01 05:49:24 890216 ----a-w- C:\Windows\System32\nvvsvc.exe
2012-12-01 05:48:41 6223208 ----a-w- C:\Windows\System32\nvcpl.dll
2012-12-01 05:48:37 3311464 ----a-w- C:\Windows\System32\nvsvc64.dll
2012-11-30 22:43:52 438632 ----a-w- C:\Windows\SysWow64\nvStreaming.exe
2012-11-30 05:45:35 362496 ----a-w- C:\Windows\System32\wow64win.dll
2012-11-30 05:45:35 243200 ----a-w- C:\Windows\System32\wow64.dll
2012-11-30 05:45:35 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2012-11-30 05:43:12 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2012-11-30 05:41:07 424448 ----a-w- C:\Windows\System32\KernelBase.dll
2012-11-30 04:53:59 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2012-11-30 03:23:48 338432 ----a-w- C:\Windows\System32\conhost.exe
2012-11-30 02:38:59 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2012-11-30 02:38:59 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2012-11-30 02:38:59 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2012-11-30 02:38:59 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2012-11-23 03:13:57 68608 ----a-w- C:\Windows\System32\taskhost.exe
.
============= FINISH: 11:57:06.68 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 12/12/2012 5:13:56 PM
System Uptime: 2/20/2013 11:06:40 AM (0 hours ago)
.
Motherboard: Acer | | WMCP78M
Processor: AMD Phenom(tm) 9650 Quad-Core Processor | Socket AM2 | 2300/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 290 GiB total, 53.651 GiB free.
D: is FIXED (NTFS) - 287 GiB total, 236.284 GiB free.
E: is CDROM (CDFS)
F: is Removable
G: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP128: 2/14/2013 10:27:51 AM - Installed TuneUp Utilities 2013
RP129: 2/14/2013 11:27:44 AM - Installed Java 7 Update 13
RP130: 2/15/2013 6:39:44 PM - Removed TuneUp Utilities 2013
RP131: 2/15/2013 6:40:15 PM - Revo Uninstaller's restore point - TuneUp Utilities 2013
RP132: 2/15/2013 6:40:36 PM - Removed TuneUp Utilities 2013
RP133: 2/15/2013 6:43:09 PM - Removed TuneUp Utilities Language Pack (en-US)
RP134: 2/15/2013 6:45:45 PM - Installed TuneUp Utilities 2013
RP135: 2/17/2013 1:44:41 PM - Removed Java 7 Update 13
RP136: 2/17/2013 3:28:08 PM - Installed DevPro YGO Launcher
RP137: 2/17/2013 7:56:15 PM - Revo Uninstaller's restore point - Download Accelerator Plus (DAP)
RP138: 2/17/2013 9:45:37 PM - Installed Java 7 Update 13
.
==== Installed Programs ======================
.
µTorrent
7-Zip 9.20
Action Replay Code Manager
Adobe Dreamweaver CS6
Adobe Photoshop CS6