DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16457 BrowserJavaVersion: 10.15.2
Run by Alan at 16:41:29 on 2013-02-24
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.7934.4273 [GMT -8:00]
.
AV: Avira Desktop *Enabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Enabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\svchost.exe -k NetworkService
C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
C:\Windows\system32\svchost.exe -k apphost
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Kaseya\KServer\Kserver.exe
C:\Kaseya\KServer\KWebExec.exe
C:\Windows\system32\mqsvc.exe
c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
C:\Program Files\Microsoft SQL Server\MSSQL10.MSSQLSERVER\MSSQL\Binn\sqlservr.exe
C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
C:\Program Files (x86)\Novatel Wireless\Verizon\Drivers\NWHelper_001.exe
C:\Program Files\Microsoft SQL Server\MSRS10.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exe
C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k iissvcs
C:\Kaseya\MessageSys\KaseyaMessageSysAdmin.exe
C:\Kaseya\MessageSys\KaseyaMessageSys.exe
C:\Program Files (x86)\Sendori\Sendori.Service.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Sendori\SendoriSvc.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\Sendori\SendoriUp.exe
C:\Windows\SysWOW64\inetsrv\w3wp.exe
C:\Windows\system32\taskeng.exe
C:\Windows\DAODx.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Kaseya\KServer\KSrvrChk.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe
C:\Program Files (x86)\Audible\Bin\AudibleDownloadHelper.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe
C:\Program Files (x86)\Sendori\sndappv2.exe
C:\Users\Alan\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe
C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Sendori\SendoriTray.exe
C:\Program Files (x86)\MagicDisc\MagicDisc.exe
C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoDashboard.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\UI0Detect.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Seagate\Seagate Dashboard\HipServAgent\HipServAgent.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxps://vpn.rph.com/+CSCOE+/logon.html
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe"
uRun: [Google Update] "C:\Users\Alan\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [Yugma] C:\Users\Alan\Yugma\4.1\LaunchExtractor.exe 1
uRun: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
mRun: [NBKeyScan] "C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
mRun: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [Seagate Dashboard] C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoLauncher.exe --silent --no_ui
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [Aimersoft Helper Compact.exe] C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [Sendori Tray] "C:\Program Files (x86)\Sendori\SendoriTray.exe"
mRunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
StartupFolder: C:\Users\Alan\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Alan\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\Users\Alan\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\MAGICD~1.LNK - C:\Program Files (x86)\MagicDisc\MagicDisc.exe
StartupFolder: C:\Users\Alan\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\OPENOF~1.LNK - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ADOBEG~1.LNK - C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\AUDIBL~1.LNK - C:\Program Files (x86)\Audible\Bin\AudibleDownloadHelper.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
LSP: C:\Windows\System32\Sendori.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {1CBF1F26-C9D6-4573-884A-3EC702A7333E} - hxxps://saas4.kaseya.net/klc/resources/ ... nnectX.cab
DPF: {42C384CA-2518-4150-97B8-461E11308305} - hxxps://saas4.kaseya.net/klc/resources/ ... nnectX.cab
DPF: {538793D5-659C-4639-A56C-A179AD87ED44} - hxxps://vpn.rph.com/CACHE/stc/1/binaries/vpnweb.cab
DPF: {55963676-2F5E-4BAF-AC28-CF26AA587566} - hxxps://vpn.rph.com/CACHE/stc/1/binaries/vpnweb.cab
DPF: {62FA83F7-20EC-4D62-AC86-BAB705EE1CCD} - hxxp://saas4.kaseya.net/klc/resources/c ... nnectX.cab
DPF: {9210FB3F-586D-45A6-9668-D28EB62669DA} - hxxp://saas4.kaseya.net/klc/resources/c ... nnectX.cab
DPF: {BC9E8CBE-1226-4A6D-9D3C-F46F0971BF88} - hxxps://saas4.kaseya.net/klc/resources/ ... nnectX.cab
DPF: {CC679CB8-DC4B-458B-B817-D447B3B6AC31} - hxxps://vpn.rph.com/CACHE/stc/1/binaries/vpnweb.cab
DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} - hxxps://vconnect.kaseya.com/dana-cached ... Client.cab
TCP: NameServer = 192.168.15.1
TCP: Interfaces\{83A890E5-6F2C-4991-A617-51E99E7E750D} : NameServer = 216.146.35.240,216.146.36.240,192.168.15.1
TCP: Interfaces\{83A890E5-6F2C-4991-A617-51E99E7E750D} : DHCPNameServer = 192.168.15.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
SSODL: WebCheck - <orphaned>
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
x64-DPF: {CAFEEFAC-0017-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
Hosts: 127.0.0.1 ads.mcafee.com
Hosts: 127.0.0.1 wdcs.trendmicro.com
Hosts: 127.0.0.1 om.symantec.com
Hosts: 127.0.0.1 oms.symantec.com
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Alan\AppData\Roaming\Mozilla\Firefox\Profiles\5xmswq9z.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.as ... ource=3&q={searchTerms}&CUI=UN15120074024675268
FF - prefs.js: browser.startup.homepage - about:home
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.as ... M=UM_ID&q=
FF - prefs.js: network.proxy.type - 4
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npCouponPrinter.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npMozCouponPrinter.dll
FF - plugin: C:\Program Files\Microsoft\Web Platform Installer\NPWPIDetector.dll
FF - plugin: C:\Users\Alan\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll
FF - plugin: C:\Users\Alan\AppData\Roaming\Mozilla\Firefox\Profiles\5xmswq9z.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}\plugins\npGarmin.dll
FF - plugin: C:\Users\Alan\AppData\Roaming\Mozilla\Firefox\Profiles\5xmswq9z.default\extensions\{ad32743c-16ef-46ec-977b-dce0c3c85b20}\plugins\np-mswmp.dll
FF - plugin: C:\Users\Alan\AppData\Roaming\Mozilla\Firefox\Profiles\5xmswq9z.default\extensions\{ad32743c-16ef-46ec-977b-dce0c3c85b20}\plugins\npConduitFirefoxPlugin.dll
FF - plugin: C:\Users\Alan\AppData\Roaming\Mozilla\Firefox\Profiles\5xmswq9z.default\extensions\DeviceDetection@logitech.com\plugins\npLogitechDeviceDetection.dll
FF - plugin: C:\Users\Alan\AppData\Roaming\Mozilla\Firefox\Profiles\5xmswq9z.default\extensions\widevinemediatransformer@widevine\plugins\npwidevinemediatransformer.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_168.dll
FF - plugin: C:\Windows\SysWOW64\npdeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
FF - ExtSQL: 2013-01-29 15:23; {6AC85730-7D0F-4de0-B3FA-21142DD85326}; C:\Users\Alan\AppData\Roaming\Mozilla\Firefox\Profiles\5xmswq9z.default\extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326}
FF - ExtSQL: 2013-02-23 16:36; {ad32743c-16ef-46ec-977b-dce0c3c85b20}; C:\Users\Alan\AppData\Roaming\Mozilla\Firefox\Profiles\5xmswq9z.default\extensions\{ad32743c-16ef-46ec-977b-dce0c3c85b20}
.
---- FIREFOX POLICIES ----
FF - user.js: general.useragent.extra.brc - BRI/1
.
============= SERVICES / DRIVERS ===============
.
R0 NBVol;Nero Backup Volume Filter Driver;C:\Windows\System32\drivers\NBVol.sys [2012-4-24 72240]
R0 NBVolUp;Nero Backup Volume Upper Filter Driver;C:\Windows\System32\drivers\NBVolUp.sys [2012-4-24 15920]
R1 avkmgr;avkmgr;C:\Windows\System32\drivers\avkmgr.sys [2011-10-29 27760]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2009-8-18 203264]
R2 AntiVirSchedulerService;Avira Scheduler;C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2011-10-29 86224]
R2 AntiVirService;Avira Realtime Protection;C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2011-10-29 110032]
R2 Application Sendori;Application Sendori;C:\Program Files (x86)\Sendori\SendoriSvc.exe [2013-2-6 119072]
R2 avgntflt;avgntflt;C:\Windows\System32\drivers\avgntflt.sys [2011-10-29 98848]
R2 Kaseya MessageSys Admin Service;Kaseya MessageSys Admin Service;C:\Kaseya\MessageSys\KaseyaMessageSysAdmin.exe [2010-1-14 69632]
R2 Kaseya MessageSys Service;Kaseya MessageSys Service;C:\Kaseya\MessageSys\KaseyaMessageSys.exe [2010-1-14 49152]
R2 Kserver.exe;Kaseya Service;C:\Kaseya\KServer\KServer.exe [2009-9-22 1298432]
R2 KWebExec;Kaseya Web Exec;C:\Kaseya\KServer\KWebExec.exe [2009-9-22 106496]
R3 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.EXE [2012-6-11 240208]
R3 WsAudio_DeviceS(1);WsAudio_DeviceS(1);C:\Windows\System32\drivers\WsAudio_DeviceS(1).sys [2012-4-23 29288]
R3 WsAudio_DeviceS(2);WsAudio_DeviceS(2);C:\Windows\System32\drivers\WsAudio_DeviceS(2).sys [2012-4-23 29288]
R3 WsAudio_DeviceS(3);WsAudio_DeviceS(3);C:\Windows\System32\drivers\WsAudio_DeviceS(3).sys [2012-4-23 29288]
R3 WsAudio_DeviceS(4);WsAudio_DeviceS(4);C:\Windows\System32\drivers\WsAudio_DeviceS(4).sys [2012-4-23 29288]
R3 WsAudio_DeviceS(5);WsAudio_DeviceS(5);C:\Windows\System32\drivers\WsAudio_DeviceS(5).sys [2012-4-23 29288]
S2 BBSvc;BingBar Service;C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.EXE [2012-6-11 193616]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 BVRPMPR5a64;BVRPMPR5a64 NDIS Protocol Driver;C:\Windows\System32\drivers\BVRPMPR5a64.SYS [2012-3-21 35840]
S3 MsDepSvc;Web Deployment Agent Service;C:\Program Files\IIS\Microsoft Web Deploy\MsDepSvc.exe [2011-2-4 63304]
S3 NWUSBCDFIL64;Novatel Wireless Installation CD;C:\Windows\System32\drivers\NwUsbCdFil64.sys [2010-7-8 25600]
S3 NWUSBModem_000;Novatel Wireless USB Modem Driver (vGEN);C:\Windows\System32\drivers\nwusbmdm_000.sys [2010-7-8 217728]
S3 NWUSBPort_000;Novatel Wireless USB Status Port Driver (vGEN);C:\Windows\System32\drivers\nwusbser_000.sys [2010-7-8 217728]
S3 NWUSBPort2_000;Novatel Wireless USB Status2 Port Driver (vGEN);C:\Windows\System32\drivers\nwusbser2_000.sys [2010-7-8 217728]
S3 SMSIVZAM5X64;SMSIVZAM5X64 NDIS Protocol Driver;C:\PROGRA~2\VERIZO~1\VZACCE~1\SMSIVZAM5X64.SYS [2009-5-25 43032]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-12-12 59392]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;C:\Program Files\Microsoft SQL Server\100\Shared\sqladhlp.exe [2008-7-10 61976]
S4 RsFx0105;RsFx0105 Driver;C:\Windows\System32\drivers\RsFx0105.sys [2011-9-22 311144]
.
=============== File Associations ===============
.
FileExt: .js: JSFile=C:\Windows\System32\Notepad.exe %1 [default=Edit - 'Open' doesn't exist]
.
=============== Created Last 30 ================
.
2013-02-24 00:38:24 325920 ----a-w- C:\Windows\SysWow64\Sendori.dll
2013-02-24 00:38:21 -------- d-----w- C:\ProgramData\Sendori
2013-02-24 00:38:20 -------- d-----w- C:\Program Files (x86)\Sendori
2013-02-24 00:37:09 -------- d-----w- C:\Program Files (x86)\Conduit
2013-02-24 00:37:07 -------- d-----w- C:\Users\Alan\AppData\Local\Conduit
2013-02-24 00:36:52 -------- d-----w- C:\Users\Alan\AppData\Local\CRE
2013-02-24 00:36:01 -------- d-----w- C:\ProgramData\Freemake
2013-02-24 00:35:57 -------- d-----w- C:\Users\Alan\AppData\Roaming\OpenCandy
2013-02-24 00:04:43 -------- d-----w- C:\Program Files\Handbrake
2013-02-23 23:44:11 -------- d-----w- C:\Users\Alan\AppData\Roaming\Digiarty
2013-02-23 23:29:11 -------- d-----w- C:\Program Files (x86)\VideoLAN
2013-02-19 22:39:42 95648 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-02-18 17:02:16 -------- d-----r- C:\Program Files (x86)\Skype
.
==================== Find3M ====================
.
2013-02-20 03:01:48 71024 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-02-20 03:01:48 691568 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-02-19 22:39:29 861088 ----a-w- C:\Windows\SysWow64\npdeployJava1.dll
2013-02-19 22:39:29 782240 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2012-12-16 17:11:22 46080 ----a-w- C:\Windows\System32\atmlib.dll
2012-12-16 14:45:03 367616 ----a-w- C:\Windows\System32\atmfd.dll
2012-12-16 14:13:28 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll
2012-12-16 14:13:20 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2012-12-15 00:49:28 24176 ----a-w- C:\Windows\System32\drivers\mbam.sys
.
============= FINISH: 16:43:54.85 ===============