.
DDS (Ver_11-03-05.01) - NTFSx86
Run by gatesys at 10:58:35.55 on Thu 10/24/2013
Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 10.45.2
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.2036.1289 [GMT 5.5:30]
.
AV: Kaspersky Internet Security *Disabled/Updated* {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}
SP: Kaspersky Internet Security *Disabled/Updated* {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security *Disabled* {FB2ABE9A-01A4-4539-FCD2-C7EA1246D49E}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\wuauclt.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\gatesys\Desktop\dds.scr
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
mStart Page = about:blank
BHO: IDM integration (IDMIEHlprObj Class): {0055c089-8582-441b-a0bf-17b458c2a3a8} - c:\program files\internet download manager\IDMIECC.dll
BHO: Content Blocker Plugin: {5564cc73-efa7-4cbf-918a-5cf7fbbfff4f} - c:\program files\kaspersky lab\kaspersky internet security 2013\ieext\contentblocker\ie_content_blocker_plugin.dll
BHO: Virtual Keyboard Plugin: {73455575-e40c-433c-9784-c78dc7761455} - c:\program files\kaspersky lab\kaspersky internet security 2013\ieext\virtualkeyboard\ie_virtual_keyboard_plugin.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Safe Money Plugin: {9e6d0d23-3d72-4a94-ae1f-2d167624e3d9} - c:\program files\kaspersky lab\kaspersky internet security 2013\ieext\onlinebanking\online_banking_bho.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre7\bin\jp2ssv.dll
BHO: URL Advisor Plugin: {e33cf602-d945-461a-83f0-819f76a199f8} - c:\program files\kaspersky lab\kaspersky internet security 2013\ieext\urladvisor\klwtbbho.dll
uRun: [IDMan] c:\program files\internet download manager\IDMan.exe /onboot
mRun: [AVP] "c:\program files\kaspersky lab\kaspersky internet security 2013\avp.exe"
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe -s
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Add to Anti-Banner - c:\program files\kaspersky lab\kaspersky internet security 2013\ie_banner_deny.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Download all links with IDM - c:\program files\internet download manager\IEGetAll.htm
IE: Download with IDM - c:\program files\internet download manager\IEExt.htm
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {0C4CC089-D306-440D-9772-464E226F6539} - {0BA14598-4178-4CE5-B1F1-B5C6408A3F2E} - c:\program files\kaspersky lab\kaspersky internet security 2013\ieext\virtualkeyboard\ie_virtual_keyboard_plugin.dll
IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - c:\program files\kaspersky lab\kaspersky internet security 2013\ieext\urladvisor\klwtbbho.dll
Notify: igfxcui - igfxdev.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\30.0.1599.101\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
============= SERVICES / DRIVERS ===============
.
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\drivers\klim6.sys [2012-8-2 24408]
R1 kltdi;kltdi;c:\windows\system32\drivers\kltdi.sys [2013-5-2 44000]
R1 kneps;kneps;c:\windows\system32\drivers\kneps.sys [2013-5-2 145040]
R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common files\adobe\arm\1.0\armsvc.exe [2013-5-11 65640]
R2 AVP;Kaspersky Anti-Virus Service;c:\program files\kaspersky lab\kaspersky internet security 2013\avp.exe [2013-5-2 356128]
R2 IDMWFP;IDMWFP;c:\windows\system32\drivers\idmwfp.sys [2013-2-21 100216]
R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2013-9-12 418376]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2013-9-12 701512]
R3 klkbdflt;Kaspersky Lab KLKBDFLT;c:\windows\system32\drivers\klkbdflt.sys [2013-5-2 25696]
R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\drivers\klmouflt.sys [2013-5-2 25696]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-9-12 22856]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2009-6-11 139776]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2013-10-4 116648]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2013-7-22 257416]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2013-10-4 116648]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2013-10-16 15872]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2013-10-16 52224]
.
=============== Created Last 30 ================
.
2013-10-19 19:32:07 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-10-16 09:07:51 -------- d-----w- c:\users\gatesys\appdata\roaming\Qualys
2013-10-16 05:37:53 -------- d-----w- c:\windows\system32\SPReview
2013-10-16 05:22:59 80720 ----a-w- c:\windows\system32\mscories.dll
2013-10-16 05:20:53 -------- d-----w- c:\windows\system32\EventProviders
2013-10-15 17:10:50 1077248 ----a-w- c:\windows\system32\DWrite.dll
2013-10-15 17:09:07 94208 ----a-w- c:\program files\common files\system\ole db\msdaosp.dll
2013-10-15 17:09:07 86016 ----a-w- c:\windows\system32\odbccu32.dll
2013-10-15 17:09:07 81920 ----a-w- c:\windows\system32\odbccr32.dll
2013-10-15 17:09:07 319488 ----a-w- c:\windows\system32\odbcjt32.dll
2013-10-15 17:09:07 163840 ----a-w- c:\windows\system32\odbctrac.dll
2013-10-15 17:09:07 122880 ----a-w- c:\windows\system32\odbccp32.dll
2013-10-15 17:03:45 1164288 ----a-w- c:\windows\system32\mfc42u.dll
2013-10-15 17:03:45 1137664 ----a-w- c:\windows\system32\mfc42.dll
2013-10-15 17:03:43 2048 ----a-w- c:\windows\system32\tzres.dll
2013-10-15 16:36:08 2422272 ----a-w- c:\windows\system32\wucltux.dll
2013-10-15 16:35:57 33792 ----a-w- c:\windows\system32\wuapp.exe
2013-10-15 16:35:57 171904 ----a-w- c:\windows\system32\wuwebv.dll
2013-10-10 09:05:22 -------- d-sh--w- C:\$RECYCLE.BIN
2013-10-04 07:08:55 -------- d-----w- c:\program files\GUM7129.tmp
2013-10-04 07:07:59 -------- d-----w- c:\users\gatesys\appdata\local\Deployment
2013-10-04 07:07:59 -------- d-----w- c:\users\gatesys\appdata\local\Apps
2013-10-02 08:56:38 -------- d-----w- c:\progra~2\Oracle
2013-10-02 08:48:08 209272 ----a-w- c:\program files\mozilla firefox\plugins\nppdf32.dll
2013-10-02 08:48:08 16192 ----a-w- c:\program files\mozilla firefox\plugins\NPOFF12.DLL
.
==================== Find3M ====================
.
2013-10-16 05:35:12 152576 ----a-w- c:\windows\system32\msclmd.dll
2013-10-13 07:50:03 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-10-13 07:50:03 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-08-14 18:00:00 112640 ----a-w- c:\windows\system32\ff_vfw.dll
2013-08-06 22:52:04 238872 ------w- c:\windows\system32\MpSigStub.exe
2013-08-02 17:29:58 217176 ----a-w- c:\windows\system32\unrar.dll
.
============= FINISH: 10:59:09.40 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_11-03-05.01)
.
Microsoft Windows 7 Ultimate
Boot Device: \Device\HarddiskVolume1
Install Date: 7/22/2013 9:04:49 PM
System Uptime: 10/24/2013 10:02:10 AM (0 hours ago)
.
Motherboard: Intel Corporation | | DG31PR
Processor: Intel(R) Core(TM)2 Duo CPU E7500 @ 2.93GHz | J3E1 | 2933/1066mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 93 GiB total, 74.803 GiB free.
D: is FIXED (NTFS) - 63 GiB total, 63.386 GiB free.
E: is FIXED (NTFS) - 63 GiB total, 63.058 GiB free.
F: is FIXED (NTFS) - 78 GiB total, 55.701 GiB free.
G: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP44: 10/16/2013 10:51:43 AM - Windows 7 Service Pack 1
RP45: 10/20/2013 1:01:16 AM - Installed Java 7 Update 45
RP47: 10/23/2013 10:15:37 PM - Removed Microsoft Office Enterprise 2007
.
==== Installed Programs ======================
.
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader XI (11.0.05)
CCleaner
Google Chrome
Google Update Helper
Intel(R) Graphics Media Accelerator Driver
Intel(R) TV Wizard
Internet Download Manager
Java 7 Update 45
Java Auto Updater
K-Lite Mega Codec Pack 10.0.0
Kaspersky Internet Security 2013
Malwarebytes Anti-Malware version 1.75.0.1300
MSXML 4.0 SP2 Parser and SDK
MSXML 4.0 SP3 Parser
Picasa 3
Realtek High Definition Audio Driver
WinRAR 5.00 (32-bit)
.
==== Event Viewer Messages From Past Week ========
.
10/24/2013 10:02:19 AM, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Performance power management features on processor 1 in group 0 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware.
10/24/2013 10:02:19 AM, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Performance power management features on processor 0 in group 0 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware.
.
==== End Of File ===========================