Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Win32:RootKit-gen[Rtk] \Hotkey\PowerBiosServer.exe Avast


  • This topic is locked This topic is locked
1 reply to this topic

#1 robertbible

robertbible

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:05:06 AM

Posted 21 August 2014 - 11:23 PM

Avast is flagging c:\......\Hotkey\PowerBiosServer.exe  as a virus.  I let it be removed and scanned with malwarbytes and everything came up clean. I re-installed hotkey support for my laptop from the mfg disk and it comes back. I need the hotkey support.  I sent the file to AVAST and got no response.

 

thanks,

 robert

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 9.0.8112.16464  BrowserJavaVersion: 10.60.2
Run by Robert at 21:14:43 on 2014-08-21
Microsoft Windows 7 Professional   6.1.7601.1.1252.1.1033.18.16276.12823 [GMT -7:00]
.
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\WLANExt.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
C:\Program Files (x86)\CodeGear\RAD Studio\5.0\bin\BSQLServer.exe
C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files\Option\GlobeTrotter Connect\GtDetectSc.exe
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\SysWOW64\lkcitdl.exe
C:\Windows\SysWOW64\lkads.exe
C:\Windows\SysWOW64\lktsrv.exe
C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe
C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Classic Shell\ClassicStartMenu.exe
C:\Windows\SysWOW64\nisvcloc.exe
C:\Windows\etLiveClk.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files (x86)\PDF Architect\HelperService.exe
C:\Program Files\Elantech\ETDCtrl.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Program Files (x86)\PDF Architect\ConversionService.exe
C:\Windows\System32\svchost.exe -k HPZ12
c:\Program Files (x86)\Hotkey\PowerBiosServer.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
C:\Program Files (x86)\RocketDock\RocketDock.exe
C:\Program Files\Elantech\ETDCtrlHelper.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Hotkey\Hotkey.exe
C:\Program Files\Option\GlobeTrotter Connect\GlobeTrotter Connect.exe
C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
C:\Windows\SysWOW64\rpcnet.exe
C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe
C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Free Download Manager\fdm.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://go.speedbit.com/?s=DA6aYA1
mWinlogon: Userinit = userinit.exe,
BHO: PDF Architect Helper: {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll
BHO: ExplorerBHO Class: {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Skype Click to Call for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
BHO: Free Download Manager: {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: Classic Explorer Bar: {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
TB: PDF Architect Toolbar: {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll
uRun: [RocketDock] "C:\Program Files (x86)\RocketDock\RocketDock.exe"
uRun: [ISUSPM Startup] C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
uRun: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
uRun: [GoogleChromeAutoLaunch_8CC0C224CAA679A6B63017BE99A17B85] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
mRun: [THX Audio Control Panel] "C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe" /r
mRun: [UpdReg] C:\Windows\UpdReg.EXE
mRun: [NUSB3MON] "c:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
mRun: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
mRun: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
mRun: [RemoteControl8] "C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe"
mRun: [PDVD8LanguageShortcut] "C:\Program Files (x86)\CyberLink\PowerDVD8\Language\Language.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mRun: [TrueImageMonitor.exe] "C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe"
mRun: [AcronisTibMounterMonitor] C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
mRun: [ISUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
StartupFolder: C:\Users\Robert\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\GLOBET~1.LNK - C:\Program Files\Option\GlobeTrotter Connect\GlobeTrotter Connect.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\Hotkey.lnk - C:\Program Files (x86)\Hotkey\Hotkey.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MICROS~1.LNK - C:\Program Files (x86)\Microsoft Office\Office\OSA9.EXE
uPolicies-Explorer: NoDriveAutoRun = dword:67108863
uPolicies-Explorer: NoDriveTypeAutoRun = dword:323
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-Explorer: NoDriveAutoRun = dword:67108863
mPolicies-Explorer: NoDriveTypeAutoRun = dword:323
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveAutoRun = dword:67108863
mPolicies-Explorer: NoDriveTypeAutoRun = dword:323
IE: Download all with Free Download Manager - C:\Program Files (x86)\Free Download Manager\dlall.htm
IE: Download selected with Free Download Manager - C:\Program Files (x86)\Free Download Manager\dlselected.htm
IE: Download video with Free Download Manager - C:\Program Files (x86)\Free Download Manager\dlfvideo.htm
IE: Download with Free Download Manager - C:\Program Files (x86)\Free Download Manager\dllink.htm
IE: {64964764-1101-4bbd-8891-B56B1A53B9B3} - {553891B7-A0D5-4526-BE18-D3CE461D6310}
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
TCP: NameServer = 192.168.1.1 0.0.0.0
TCP: Interfaces\{0BF3675B-2312-4652-8EE2-A9A6B647CE50} : NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{0BF3675B-2312-4652-8EE2-A9A6B647CE50} : DHCPNameServer = 192.168.1.1 0.0.0.0
TCP: Interfaces\{0BF3675B-2312-4652-8EE2-A9A6B647CE50}\14454533833373 : NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{0BF3675B-2312-4652-8EE2-A9A6B647CE50}\14454533833373 : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{0BF3675B-2312-4652-8EE2-A9A6B647CE50}\3557276634F41435455425 : NameServer = 8.8.4.4,4.4.4.4
TCP: Interfaces\{0BF3675B-2312-4652-8EE2-A9A6B647CE50}\3557276634F41435455425 : DHCPNameServer = 192.168.10.1
TCP: Interfaces\{0BF3675B-2312-4652-8EE2-A9A6B647CE50}\441647163456E6475627 : NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{0BF3675B-2312-4652-8EE2-A9A6B647CE50}\441647163456E6475627 : DHCPNameServer = 192.168.10.254
TCP: Interfaces\{0BF3675B-2312-4652-8EE2-A9A6B647CE50}\65562796A7F6E602D494649443531303C4023303431302355636572756 : NameServer = 8.8.4.4,4.4.4.4
TCP: Interfaces\{0BF3675B-2312-4652-8EE2-A9A6B647CE50}\65562796A7F6E602D494649443531303C4023303431302355636572756 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{0BF3675B-2312-4652-8EE2-A9A6B647CE50}\65562796A7F6E6D2D496649653531303C4D223343354 : NameServer = 8.8.4.4,4.4.4.4
TCP: Interfaces\{0BF3675B-2312-4652-8EE2-A9A6B647CE50}\65562796A7F6E6D2D496649653531303C4D223343354 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{0BF3675B-2312-4652-8EE2-A9A6B647CE50}\E45445745414253363D27457563747 : NameServer = 8.8.4.4,4.4.4.4
TCP: Interfaces\{0BF3675B-2312-4652-8EE2-A9A6B647CE50}\E45445745414253363D27457563747 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{C4D8F8A6-6623-412C-8A93-E7C957C06C74} : DHCPNameServer = 192.168.1.1 192.168.1.1 192.168.1.1
TCP: Interfaces\{C4D8F8A6-6623-412C-8A93-E7C957C06C74}\05340214962707F627470275966496 : DHCPNameServer = 216.176.128.20 216.176.128.10
TCP: Interfaces\{C4D8F8A6-6623-412C-8A93-E7C957C06C74}\25F6265627473784F6473507F63747 : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{C4D8F8A6-6623-412C-8A93-E7C957C06C74}\45548435F5039313232414 : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{C4D8F8A6-6623-412C-8A93-E7C957C06C74}\46C696E6B6 : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{C4D8F8A6-6623-412C-8A93-E7C957C06C74}\640594F575F627B6 : DHCPNameServer = 64.247.152.9 65.181.47.20
TCP: Interfaces\{C4D8F8A6-6623-412C-8A93-E7C957C06C74}\75572626C65623 : DHCPNameServer = 68.87.66.234 162.150.8.16
TCP: Interfaces\{C4D8F8A6-6623-412C-8A93-E7C957C06C74}\77572626C656 : DHCPNameServer = 75.75.75.75 75.75.76.76
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
AppInit_DLLs= C:\Windows\SysWOW64\nvinit.dll
SSODL: WebCheck - <orphaned>
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\Windows\System32\wpdshserviceobj.dll
SEH: {56F9679E-7826-4C84-81F3-532071A8BCC5} - <orphaned>
SEH: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: ExplorerBHO Class: {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer64.dll
x64-BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: Skype Click to Call for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-TB: Classic Explorer Bar: {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll
x64-TB: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [THXCfg64] C:\Windows\System32\RunDLL32.exe C:\Windows\System32\THXCfg64.dll,RunDLLEntry THXCfg64
x64-Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
x64-Run: [IntelWireless] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray
x64-Run: [BTMTrayAgent] rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
x64-Run: [Classic Start Menu] C:\Program Files\Classic Shell\ClassicStartMenu.exe
x64-Run: [etLiveClk] C:\Windows\etLiveClk.exe
x64-Run: [ETDCtrl] C:\Program Files (x86)\Elantech\ETDCtrl.exe
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [Acronis Scheduler2 Service] "C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe"
x64-IE: {64964764-1101-4bbd-8891-B56B1A53B9B3} - {553891B7-A0D5-4526-BE18-D3CE461D6310}
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
x64-IFEO: Your Image File Name Here without a path - ntsd -d
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\isvul0wk.default\
FF - prefs.js: browser.search.defaulturl - hxxp://go.speedbit.com/search.aspx?s=DA6aYA1&q=
FF - prefs.js: browser.search.selectedEngine - Speedbit Search
FF - prefs.js: browser.startup.homepage - https:google.com
FF - prefs.js: keyword.URL - hxxp://go.speedbit.com/search.aspx?s=DA6aYA1&q=
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Soda PDF 6\np-previewer.dll
FF - plugin: C:\Program Files\Dassault Systemes\3D XML Player\win_b64\code\bin32\NP3DXMLPlugin.dll
FF - plugin: C:\Users\Robert\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\Windows\System32\Wat\npWatWeb.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll
.
============= SERVICES / DRIVERS ===============
.
R0 %ServiceName%;Intel® USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2013-3-4 19264]
R0 fltsrv;Acronis Storage Filter Management;C:\Windows\System32\drivers\fltsrv.sys [2013-3-12 108832]
R0 nipbcfk;National Instruments Class Upper Filter Driver;C:\Windows\System32\drivers\nipbcfk.sys [2007-2-15 16672]
R0 nvpciflt;nvpciflt;C:\Windows\System32\drivers\nvpciflt.sys [2012-10-8 30056]
R0 tib;Acronis TIB Manager;C:\Windows\System32\drivers\tib.sys [2013-4-8 1120032]
R0 tib_mounter;Acronis TIB Mounter;C:\Windows\System32\drivers\tib_mounter.sys [2013-4-8 183224]
R0 vididr;Acronis Virtual Disk;C:\Windows\System32\drivers\vididr.sys [2013-4-8 161568]
R0 vidsflt;Acronis Disk Storage Filter;C:\Windows\System32\drivers\vidsflt.sys [2013-3-12 117024]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2012-9-5 984144]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2012-9-5 370288]
R1 ElRawDisk;ElRawDisk;C:\Windows\System32\drivers\ElRawDsk.sys [2013-3-13 30752]
R2 afcdpsrv;Acronis Nonstop Backup Service;C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2013-4-8 3783672]
R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2012-9-5 25232]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2012-9-5 71600]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-1-16 44808]
R2 BlackfishSQL;BlackfishSQL;C:\Program Files (x86)\CodeGear\RAD Studio\5.0\bin\BSQLServer.exe [2007-8-26 65536]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2010-12-14 901184]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2010-12-14 974912]
R2 c2cautoupdatesvc;Skype Click to Call Updater;C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-7-14 1390176]
R2 c2cpnrsvc;Skype Click to Call PNR Service;C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-7-14 1767520]
R2 GtDetectSc;GtDetectSc;C:\Program Files\Option\GlobeTrotter Connect\GtDetectSc.exe [2009-4-2 807424]
R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-3-7 629984]
R2 Intel® ME Service;Intel® ME Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [2013-3-4 127320]
R2 ioloSystemService;iolo System Service;C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe [2013-3-13 1027792]
R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe [2013-3-4 164184]
R2 Motorola Device Manager;Motorola Device Manager Service;C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [2013-11-15 137528]
R2 NiViPxiK;NI-VISA PXI Driver;C:\Windows\System32\drivers\NiViPxiKl.sys [2007-2-23 12064]
R2 OS Selector;Acronis OS Selector activator;C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe [2011-11-15 2139400]
R2 PDF Architect Helper Service;PDF Architect Helper Service;C:\Program Files (x86)\PDF Architect\HelperService.exe [2013-4-8 1320496]
R2 PDF Architect Service;PDF Architect Service;C:\Program Files (x86)\PDF Architect\ConversionService.exe [2013-4-8 799280]
R2 PowerBiosServer;PowerBiosServer;C:\Program Files (x86)\Hotkey\PowerBiosServer.exe [2011-1-27 33792]
R2 PST Service;PST Service;C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [2014-5-13 65657]
R2 syncagentsrv;Acronis Sync Agent Service;C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [2012-8-18 7084672]
R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\System32\drivers\TurboB.sys [2010-11-29 16120]
R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-4-25 362840]
R3 afcdp;afcdp;C:\Windows\System32\drivers\afcdp.sys [2013-4-8 367200]
R3 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2010-12-14 1298496]
R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\System32\drivers\ETD.sys [2013-3-4 314192]
R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2013-3-4 331264]
R3 iusb3hub;Intel® USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2013-3-4 357184]
R3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2013-3-4 789824]
R3 PslIGvFilter;AVT & Prosilica GigE Vision Filter Service;C:\Windows\System32\drivers\psligvfilter.sys [2011-7-16 47776]
R3 RSBASTOR;Realtek PCIE CardReader Driver - BA;C:\Windows\System32\drivers\RtsBaStor.sys [2013-3-4 295056]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2013-3-4 685160]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate1c92900a38472f8;Google Update Service (gupdate1c92900a38472f8);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-7-16 136176]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 btmaux;Intel Bluetooth Auxiliary Service;C:\Windows\System32\drivers\btmaux.sys [2010-12-14 58128]
S3 btmhsf;btmhsf;C:\Windows\System32\drivers\btmhsf.sys [2010-12-14 274432]
S3 CH341SER_A64;CH341SER_A64;C:\Windows\System32\drivers\CH341S64.SYS [2011-11-4 58368]
S3 DCamUSBET;Marc ++ Digital Version 2;C:\Windows\System32\drivers\etDevice64.sys [2010-11-5 176384]
S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2010-11-21 71168]
S3 FiltUSBET;ET USB Device Lower Filter;C:\Windows\System32\drivers\etFilter64.sys [2010-11-5 346496]
S3 FlexNet Licensing Service 64;FlexNet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2013-9-7 1471352]
S3 GTUHSBUS;GT UHS BUS;C:\Windows\System32\drivers\gtuhsbus.sys [2009-12-15 89600]
S3 GTUHSSER;GT UHS SER;C:\Windows\System32\drivers\gtuhsser.sys [2009-12-15 10624]
S3 iBtFltCoex;iBtFltCoex;C:\Windows\System32\drivers\iBtFltCoex.sys [2010-12-14 59904]
S3 JMCR;JMCR;C:\Windows\System32\drivers\jmcr.sys [2011-4-25 174168]
S3 LAN9500;LAN9500 USB 2.0 to Ethernet 10/100 Adapter Service;C:\Windows\System32\drivers\lan9500-x64-n620f.sys [2013-5-13 76288]
S3 LULU Software CrashHandler;LULU Software CrashHandler;C:\Program Files (x86)\Soda PDF 6\crash-handler-ws.exe [2014-4-3 744288]
S3 mu3camX64;XIMEA USB3.0 ver. 1.0.0.10 x64;C:\Windows\System32\drivers\ximeausbX64.sys [2014-2-19 92008]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2010-11-2 340240]
S3 nidimk;nidimk;C:\Windows\System32\drivers\nidimkl.sys [2007-2-21 12064]
S3 nipalfwedl;nipalfwedl;C:\Windows\System32\drivers\nipalfwedl.sys [2007-2-16 12064]
S3 nipalusbedl;nipalusbedl;C:\Windows\System32\drivers\nipalusbedl.sys [2007-2-16 12064]
S3 NiViFWK;NI-VISA FireWire Driver;C:\Windows\System32\drivers\NiViFWKl.sys [2007-2-22 12064]
S3 NiViPciK;NI-VISA PCI Driver;C:\Windows\System32\drivers\NiViPciKl.sys [2007-2-23 12064]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2010-11-18 80384]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2010-11-18 181248]
S3 PGRUSBCam;PGR USB Camera;C:\Windows\System32\drivers\PGRUSBCam.sys [2014-4-8 44032]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-3-7 19456]
S3 ScanUSBET;ET USB Still Image Capture Device;C:\Windows\System32\drivers\etScan64.sys [2010-11-5 9216]
S3 SNTUSB64;SafeNet USB SuperPro/UltraPro/HardwareKey;C:\Windows\System32\drivers\SNTUSB64.SYS [2009-9-17 58792]
S3 Soda PDF 6;Soda PDF 6;C:\Program Files (x86)\Soda PDF 6\ws.exe [2014-4-3 1600352]
S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-3-7 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2013-3-7 30208]
S3 TurboBoost;Intel® Turbo Boost Technology Monitor 2.0;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-11-18 1255736]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464]
S3 WSDScan;WSD Scan Support via UMB;C:\Windows\System32\drivers\WSDScan.sys [2009-7-13 25088]
S3 ZTEusbwwan;ZTE MBN Miniport;C:\Windows\System32\drivers\ZTEusbwwan.sys [2011-4-9 235008]
S4 AX88178;ASIX AX88178 USB2.0 to Gigabit Ethernet Adapter;C:\Windows\System32\drivers\ax88178.sys [2011-7-21 40448]
S4 BCMH43XX;Broadcom 802.11 USB Network Adapter Driver;C:\Windows\System32\drivers\bcmwlhigh664.sys [2011-4-19 1254464]
S4 GTNDIS62;GT62 UHS IP NDIS;C:\Windows\System32\drivers\gtuhs62.sys [2009-12-21 190976]
S4 JME;JMicron Ethernet Adapter NDIS6.20 Driver (Amd64 Bits);C:\Windows\System32\drivers\JME.sys [2011-4-25 131600]
S4 wna3100m;NETGEAR WNA3100M N300 Wireless Mini USB Adapter;C:\Windows\System32\drivers\wna3100m.sys [2012-9-5 1057896]
.
=============== File Associations ===============
.
FileExt: .inf: inffile=C:\Windows\System32\NOTEPAD.EXE %1 [UserChoice]
.
=============== Created Last 30 ================
.
2014-08-12 21:07:45 -------- d-----w- C:\Users\Robert\AppData\Local\MathWorks
2014-07-25 00:06:15 -------- d-----w- C:\ProgramData\MathWorks
2014-07-24 22:25:40 -------- d-----w- C:\Program Files\MATLAB
.
==================== Find3M  ====================
.
2014-08-22 03:43:46 17920 ----a-w- C:\Windows\System32\rpcnetp.exe
2014-08-22 03:43:44 69792 ----a-w- C:\Windows\SysWow64\rpcnet.dll
2014-07-10 23:44:06 122584 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-07-10 18:48:43 91352 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2014-07-10 18:40:12 17920 ----a-w- C:\Windows\SysWow64\rpcnetp.dll
2014-07-10 18:39:51 17920 ----a-w- C:\Windows\SysWow64\rpcnetp.exe
2014-07-08 23:22:42 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-07-08 23:22:42 699056 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2011-12-01 20:09:31 480588 ----a-w- C:\Program Files (x86)\Uninstall.exe
2011-10-14 09:35:02 937984 ----a-w- C:\Program Files (x86)\HackEdit.exe
2011-10-12 14:31:44 282624 ----a-w- C:\Program Files (x86)\TEditor.exe
2011-10-12 14:31:42 180224 ----a-w- C:\Program Files (x86)\Update.exe
2011-10-12 14:31:40 434176 ----a-w- C:\Program Files (x86)\pManager.exe
2011-10-12 14:31:34 757760 ----a-w- C:\Program Files (x86)\HackAsm.exe
2011-10-12 14:31:32 356352 ----a-w- C:\Program Files (x86)\Calc.exe
2011-10-12 14:31:28 4280320 ----a-w- C:\Program Files (x86)\Hackman.exe
2011-10-12 14:24:14 45056 ----a-w- C:\Program Files (x86)\AutoPatch.exe
2010-11-19 05:27:34 162816 ----a-w- C:\Program Files\7z.sfx
2010-11-19 05:27:34 152064 ----a-w- C:\Program Files\7zCon.sfx
2010-11-19 05:24:20 1422336 ----a-w- C:\Program Files\7z.dll
2010-11-19 05:11:38 387072 ----a-w- C:\Program Files\7zG.exe
2010-11-19 05:10:48 740352 ----a-w- C:\Program Files\7zFM.exe
2010-11-19 05:08:50 86016 ----a-w- C:\Program Files\7-zip.dll
2010-11-19 05:08:30 284160 ----a-w- C:\Program Files\7z.exe
2009-06-30 14:06:38 16384 ----a-w- C:\Program Files (x86)\engine.exe
1999-12-29 11:04:40 21744 ----a-r- C:\Program Files (x86)\NFI.EXE
1998-12-02 06:11:02 143360 ----a-w- C:\Program Files (x86)\Unzip32.dll
1998-01-31 10:25:22 133120 ----a-w- C:\Program Files (x86)\zip32.dll
.
============= FINISH: 21:15:44.80 ===============
DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 9.0.8112.16464  BrowserJavaVersion: 10.60.2
Run by Robert at 21:14:43 on 2014-08-21
Microsoft Windows 7 Professional   6.1.7601.1.1252.1.1033.18.16276.12823 [GMT -7:00]
.
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\WLANExt.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
C:\Program Files (x86)\CodeGear\RAD Studio\5.0\bin\BSQLServer.exe
C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files\Option\GlobeTrotter Connect\GtDetectSc.exe
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\SysWOW64\lkcitdl.exe
C:\Windows\SysWOW64\lkads.exe
C:\Windows\SysWOW64\lktsrv.exe
C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe
C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Classic Shell\ClassicStartMenu.exe
C:\Windows\SysWOW64\nisvcloc.exe
C:\Windows\etLiveClk.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files (x86)\PDF Architect\HelperService.exe
C:\Program Files\Elantech\ETDCtrl.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Program Files (x86)\PDF Architect\ConversionService.exe
C:\Windows\System32\svchost.exe -k HPZ12
c:\Program Files (x86)\Hotkey\PowerBiosServer.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
C:\Program Files (x86)\RocketDock\RocketDock.exe
C:\Program Files\Elantech\ETDCtrlHelper.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Hotkey\Hotkey.exe
C:\Program Files\Option\GlobeTrotter Connect\GlobeTrotter Connect.exe
C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
C:\Windows\SysWOW64\rpcnet.exe
C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe
C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Free Download Manager\fdm.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://go.speedbit.com/?s=DA6aYA1
mWinlogon: Userinit = userinit.exe,
BHO: PDF Architect Helper: {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll
BHO: ExplorerBHO Class: {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Skype Click to Call for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
BHO: Free Download Manager: {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: Classic Explorer Bar: {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
TB: PDF Architect Toolbar: {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll
uRun: [RocketDock] "C:\Program Files (x86)\RocketDock\RocketDock.exe"
uRun: [ISUSPM Startup] C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
uRun: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
uRun: [GoogleChromeAutoLaunch_8CC0C224CAA679A6B63017BE99A17B85] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
mRun: [THX Audio Control Panel] "C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe" /r
mRun: [UpdReg] C:\Windows\UpdReg.EXE
mRun: [NUSB3MON] "c:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
mRun: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
mRun: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
mRun: [RemoteControl8] "C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe"
mRun: [PDVD8LanguageShortcut] "C:\Program Files (x86)\CyberLink\PowerDVD8\Language\Language.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mRun: [TrueImageMonitor.exe] "C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe"
mRun: [AcronisTibMounterMonitor] C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
mRun: [ISUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
StartupFolder: C:\Users\Robert\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\GLOBET~1.LNK - C:\Program Files\Option\GlobeTrotter Connect\GlobeTrotter Connect.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\Hotkey.lnk - C:\Program Files (x86)\Hotkey\Hotkey.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MICROS~1.LNK - C:\Program Files (x86)\Microsoft Office\Office\OSA9.EXE
uPolicies-Explorer: NoDriveAutoRun = dword:67108863
uPolicies-Explorer: NoDriveTypeAutoRun = dword:323
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-Explorer: NoDriveAutoRun = dword:67108863
mPolicies-Explorer: NoDriveTypeAutoRun = dword:323
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveAutoRun = dword:67108863
mPolicies-Explorer: NoDriveTypeAutoRun = dword:323
IE: Download all with Free Download Manager - C:\Program Files (x86)\Free Download Manager\dlall.htm
IE: Download selected with Free Download Manager - C:\Program Files (x86)\Free Download Manager\dlselected.htm
IE: Download video with Free Download Manager - C:\Program Files (x86)\Free Download Manager\dlfvideo.htm
IE: Download with Free Download Manager - C:\Program Files (x86)\Free Download Manager\dllink.htm
IE: {64964764-1101-4bbd-8891-B56B1A53B9B3} - {553891B7-A0D5-4526-BE18-D3CE461D6310}
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
TCP: NameServer = 192.168.1.1 0.0.0.0
TCP: Interfaces\{0BF3675B-2312-4652-8EE2-A9A6B647CE50} : NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{0BF3675B-2312-4652-8EE2-A9A6B647CE50} : DHCPNameServer = 192.168.1.1 0.0.0.0
TCP: Interfaces\{0BF3675B-2312-4652-8EE2-A9A6B647CE50}\14454533833373 : NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{0BF3675B-2312-4652-8EE2-A9A6B647CE50}\14454533833373 : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{0BF3675B-2312-4652-8EE2-A9A6B647CE50}\3557276634F41435455425 : NameServer = 8.8.4.4,4.4.4.4
TCP: Interfaces\{0BF3675B-2312-4652-8EE2-A9A6B647CE50}\3557276634F41435455425 : DHCPNameServer = 192.168.10.1
TCP: Interfaces\{0BF3675B-2312-4652-8EE2-A9A6B647CE50}\441647163456E6475627 : NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{0BF3675B-2312-4652-8EE2-A9A6B647CE50}\441647163456E6475627 : DHCPNameServer = 192.168.10.254
TCP: Interfaces\{0BF3675B-2312-4652-8EE2-A9A6B647CE50}\65562796A7F6E602D494649443531303C4023303431302355636572756 : NameServer = 8.8.4.4,4.4.4.4
TCP: Interfaces\{0BF3675B-2312-4652-8EE2-A9A6B647CE50}\65562796A7F6E602D494649443531303C4023303431302355636572756 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{0BF3675B-2312-4652-8EE2-A9A6B647CE50}\65562796A7F6E6D2D496649653531303C4D223343354 : NameServer = 8.8.4.4,4.4.4.4
TCP: Interfaces\{0BF3675B-2312-4652-8EE2-A9A6B647CE50}\65562796A7F6E6D2D496649653531303C4D223343354 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{0BF3675B-2312-4652-8EE2-A9A6B647CE50}\E45445745414253363D27457563747 : NameServer = 8.8.4.4,4.4.4.4
TCP: Interfaces\{0BF3675B-2312-4652-8EE2-A9A6B647CE50}\E45445745414253363D27457563747 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{C4D8F8A6-6623-412C-8A93-E7C957C06C74} : DHCPNameServer = 192.168.1.1 192.168.1.1 192.168.1.1
TCP: Interfaces\{C4D8F8A6-6623-412C-8A93-E7C957C06C74}\05340214962707F627470275966496 : DHCPNameServer = 216.176.128.20 216.176.128.10
TCP: Interfaces\{C4D8F8A6-6623-412C-8A93-E7C957C06C74}\25F6265627473784F6473507F63747 : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{C4D8F8A6-6623-412C-8A93-E7C957C06C74}\45548435F5039313232414 : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{C4D8F8A6-6623-412C-8A93-E7C957C06C74}\46C696E6B6 : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{C4D8F8A6-6623-412C-8A93-E7C957C06C74}\640594F575F627B6 : DHCPNameServer = 64.247.152.9 65.181.47.20
TCP: Interfaces\{C4D8F8A6-6623-412C-8A93-E7C957C06C74}\75572626C65623 : DHCPNameServer = 68.87.66.234 162.150.8.16
TCP: Interfaces\{C4D8F8A6-6623-412C-8A93-E7C957C06C74}\77572626C656 : DHCPNameServer = 75.75.75.75 75.75.76.76
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
AppInit_DLLs= C:\Windows\SysWOW64\nvinit.dll
SSODL: WebCheck - <orphaned>
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\Windows\System32\wpdshserviceobj.dll
SEH: {56F9679E-7826-4C84-81F3-532071A8BCC5} - <orphaned>
SEH: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: ExplorerBHO Class: {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer64.dll
x64-BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: Skype Click to Call for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-TB: Classic Explorer Bar: {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll
x64-TB: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [THXCfg64] C:\Windows\System32\RunDLL32.exe C:\Windows\System32\THXCfg64.dll,RunDLLEntry THXCfg64
x64-Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
x64-Run: [IntelWireless] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray
x64-Run: [BTMTrayAgent] rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
x64-Run: [Classic Start Menu] C:\Program Files\Classic Shell\ClassicStartMenu.exe
x64-Run: [etLiveClk] C:\Windows\etLiveClk.exe
x64-Run: [ETDCtrl] C:\Program Files (x86)\Elantech\ETDCtrl.exe
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [Acronis Scheduler2 Service] "C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe"
x64-IE: {64964764-1101-4bbd-8891-B56B1A53B9B3} - {553891B7-A0D5-4526-BE18-D3CE461D6310}
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
x64-IFEO: Your Image File Name Here without a path - ntsd -d
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\isvul0wk.default\
FF - prefs.js: browser.search.defaulturl - hxxp://go.speedbit.com/search.aspx?s=DA6aYA1&q=
FF - prefs.js: browser.search.selectedEngine - Speedbit Search
FF - prefs.js: browser.startup.homepage - https:google.com
FF - prefs.js: keyword.URL - hxxp://go.speedbit.com/search.aspx?s=DA6aYA1&q=
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Soda PDF 6\np-previewer.dll
FF - plugin: C:\Program Files\Dassault Systemes\3D XML Player\win_b64\code\bin32\NP3DXMLPlugin.dll
FF - plugin: C:\Users\Robert\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\Windows\System32\Wat\npWatWeb.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll
.
============= SERVICES / DRIVERS ===============
.
R0 %ServiceName%;Intel® USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2013-3-4 19264]
R0 fltsrv;Acronis Storage Filter Management;C:\Windows\System32\drivers\fltsrv.sys [2013-3-12 108832]
R0 nipbcfk;National Instruments Class Upper Filter Driver;C:\Windows\System32\drivers\nipbcfk.sys [2007-2-15 16672]
R0 nvpciflt;nvpciflt;C:\Windows\System32\drivers\nvpciflt.sys [2012-10-8 30056]
R0 tib;Acronis TIB Manager;C:\Windows\System32\drivers\tib.sys [2013-4-8 1120032]
R0 tib_mounter;Acronis TIB Mounter;C:\Windows\System32\drivers\tib_mounter.sys [2013-4-8 183224]
R0 vididr;Acronis Virtual Disk;C:\Windows\System32\drivers\vididr.sys [2013-4-8 161568]
R0 vidsflt;Acronis Disk Storage Filter;C:\Windows\System32\drivers\vidsflt.sys [2013-3-12 117024]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2012-9-5 984144]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2012-9-5 370288]
R1 ElRawDisk;ElRawDisk;C:\Windows\System32\drivers\ElRawDsk.sys [2013-3-13 30752]
R2 afcdpsrv;Acronis Nonstop Backup Service;C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2013-4-8 3783672]
R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2012-9-5 25232]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2012-9-5 71600]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-1-16 44808]
R2 BlackfishSQL;BlackfishSQL;C:\Program Files (x86)\CodeGear\RAD Studio\5.0\bin\BSQLServer.exe [2007-8-26 65536]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2010-12-14 901184]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2010-12-14 974912]
R2 c2cautoupdatesvc;Skype Click to Call Updater;C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-7-14 1390176]
R2 c2cpnrsvc;Skype Click to Call PNR Service;C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-7-14 1767520]
R2 GtDetectSc;GtDetectSc;C:\Program Files\Option\GlobeTrotter Connect\GtDetectSc.exe [2009-4-2 807424]
R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-3-7 629984]
R2 Intel® ME Service;Intel® ME Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [2013-3-4 127320]
R2 ioloSystemService;iolo System Service;C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe [2013-3-13 1027792]
R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe [2013-3-4 164184]
R2 Motorola Device Manager;Motorola Device Manager Service;C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [2013-11-15 137528]
R2 NiViPxiK;NI-VISA PXI Driver;C:\Windows\System32\drivers\NiViPxiKl.sys [2007-2-23 12064]
R2 OS Selector;Acronis OS Selector activator;C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe [2011-11-15 2139400]
R2 PDF Architect Helper Service;PDF Architect Helper Service;C:\Program Files (x86)\PDF Architect\HelperService.exe [2013-4-8 1320496]
R2 PDF Architect Service;PDF Architect Service;C:\Program Files (x86)\PDF Architect\ConversionService.exe [2013-4-8 799280]
R2 PowerBiosServer;PowerBiosServer;C:\Program Files (x86)\Hotkey\PowerBiosServer.exe [2011-1-27 33792]
R2 PST Service;PST Service;C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [2014-5-13 65657]
R2 syncagentsrv;Acronis Sync Agent Service;C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [2012-8-18 7084672]
R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\System32\drivers\TurboB.sys [2010-11-29 16120]
R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-4-25 362840]
R3 afcdp;afcdp;C:\Windows\System32\drivers\afcdp.sys [2013-4-8 367200]
R3 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2010-12-14 1298496]
R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\System32\drivers\ETD.sys [2013-3-4 314192]
R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2013-3-4 331264]
R3 iusb3hub;Intel® USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2013-3-4 357184]
R3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2013-3-4 789824]
R3 PslIGvFilter;AVT & Prosilica GigE Vision Filter Service;C:\Windows\System32\drivers\psligvfilter.sys [2011-7-16 47776]
R3 RSBASTOR;Realtek PCIE CardReader Driver - BA;C:\Windows\System32\drivers\RtsBaStor.sys [2013-3-4 295056]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2013-3-4 685160]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate1c92900a38472f8;Google Update Service (gupdate1c92900a38472f8);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-7-16 136176]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 btmaux;Intel Bluetooth Auxiliary Service;C:\Windows\System32\drivers\btmaux.sys [2010-12-14 58128]
S3 btmhsf;btmhsf;C:\Windows\System32\drivers\btmhsf.sys [2010-12-14 274432]
S3 CH341SER_A64;CH341SER_A64;C:\Windows\System32\drivers\CH341S64.SYS [2011-11-4 58368]
S3 DCamUSBET;Marc ++ Digital Version 2;C:\Windows\System32\drivers\etDevice64.sys [2010-11-5 176384]
S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2010-11-21 71168]
S3 FiltUSBET;ET USB Device Lower Filter;C:\Windows\System32\drivers\etFilter64.sys [2010-11-5 346496]
S3 FlexNet Licensing Service 64;FlexNet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2013-9-7 1471352]
S3 GTUHSBUS;GT UHS BUS;C:\Windows\System32\drivers\gtuhsbus.sys [2009-12-15 89600]
S3 GTUHSSER;GT UHS SER;C:\Windows\System32\drivers\gtuhsser.sys [2009-12-15 10624]
S3 iBtFltCoex;iBtFltCoex;C:\Windows\System32\drivers\iBtFltCoex.sys [2010-12-14 59904]
S3 JMCR;JMCR;C:\Windows\System32\drivers\jmcr.sys [2011-4-25 174168]
S3 LAN9500;LAN9500 USB 2.0 to Ethernet 10/100 Adapter Service;C:\Windows\System32\drivers\lan9500-x64-n620f.sys [2013-5-13 76288]
S3 LULU Software CrashHandler;LULU Software CrashHandler;C:\Program Files (x86)\Soda PDF 6\crash-handler-ws.exe [2014-4-3 744288]
S3 mu3camX64;XIMEA USB3.0 ver. 1.0.0.10 x64;C:\Windows\System32\drivers\ximeausbX64.sys [2014-2-19 92008]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2010-11-2 340240]
S3 nidimk;nidimk;C:\Windows\System32\drivers\nidimkl.sys [2007-2-21 12064]
S3 nipalfwedl;nipalfwedl;C:\Windows\System32\drivers\nipalfwedl.sys [2007-2-16 12064]
S3 nipalusbedl;nipalusbedl;C:\Windows\System32\drivers\nipalusbedl.sys [2007-2-16 12064]
S3 NiViFWK;NI-VISA FireWire Driver;C:\Windows\System32\drivers\NiViFWKl.sys [2007-2-22 12064]
S3 NiViPciK;NI-VISA PCI Driver;C:\Windows\System32\drivers\NiViPciKl.sys [2007-2-23 12064]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2010-11-18 80384]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2010-11-18 181248]
S3 PGRUSBCam;PGR USB Camera;C:\Windows\System32\drivers\PGRUSBCam.sys [2014-4-8 44032]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-3-7 19456]
S3 ScanUSBET;ET USB Still Image Capture Device;C:\Windows\System32\drivers\etScan64.sys [2010-11-5 9216]
S3 SNTUSB64;SafeNet USB SuperPro/UltraPro/HardwareKey;C:\Windows\System32\drivers\SNTUSB64.SYS [2009-9-17 58792]
S3 Soda PDF 6;Soda PDF 6;C:\Program Files (x86)\Soda PDF 6\ws.exe [2014-4-3 1600352]
S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-3-7 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2013-3-7 30208]
S3 TurboBoost;Intel® Turbo Boost Technology Monitor 2.0;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-11-18 1255736]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464]
S3 WSDScan;WSD Scan Support via UMB;C:\Windows\System32\drivers\WSDScan.sys [2009-7-13 25088]
S3 ZTEusbwwan;ZTE MBN Miniport;C:\Windows\System32\drivers\ZTEusbwwan.sys [2011-4-9 235008]
S4 AX88178;ASIX AX88178 USB2.0 to Gigabit Ethernet Adapter;C:\Windows\System32\drivers\ax88178.sys [2011-7-21 40448]
S4 BCMH43XX;Broadcom 802.11 USB Network Adapter Driver;C:\Windows\System32\drivers\bcmwlhigh664.sys [2011-4-19 1254464]
S4 GTNDIS62;GT62 UHS IP NDIS;C:\Windows\System32\drivers\gtuhs62.sys [2009-12-21 190976]
S4 JME;JMicron Ethernet Adapter NDIS6.20 Driver (Amd64 Bits);C:\Windows\System32\drivers\JME.sys [2011-4-25 131600]
S4 wna3100m;NETGEAR WNA3100M N300 Wireless Mini USB Adapter;C:\Windows\System32\drivers\wna3100m.sys [2012-9-5 1057896]
.
=============== File Associations ===============
.
FileExt: .inf: inffile=C:\Windows\System32\NOTEPAD.EXE %1 [UserChoice]
.
=============== Created Last 30 ================
.
2014-08-12 21:07:45 -------- d-----w- C:\Users\Robert\AppData\Local\MathWorks
2014-07-25 00:06:15 -------- d-----w- C:\ProgramData\MathWorks
2014-07-24 22:25:40 -------- d-----w- C:\Program Files\MATLAB
.
==================== Find3M  ====================
.
2014-08-22 03:43:46 17920 ----a-w- C:\Windows\System32\rpcnetp.exe
2014-08-22 03:43:44 69792 ----a-w- C:\Windows\SysWow64\rpcnet.dll
2014-07-10 23:44:06 122584 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-07-10 18:48:43 91352 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2014-07-10 18:40:12 17920 ----a-w- C:\Windows\SysWow64\rpcnetp.dll
2014-07-10 18:39:51 17920 ----a-w- C:\Windows\SysWow64\rpcnetp.exe
2014-07-08 23:22:42 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-07-08 23:22:42 699056 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2011-12-01 20:09:31 480588 ----a-w- C:\Program Files (x86)\Uninstall.exe
2011-10-14 09:35:02 937984 ----a-w- C:\Program Files (x86)\HackEdit.exe
2011-10-12 14:31:44 282624 ----a-w- C:\Program Files (x86)\TEditor.exe
2011-10-12 14:31:42 180224 ----a-w- C:\Program Files (x86)\Update.exe
2011-10-12 14:31:40 434176 ----a-w- C:\Program Files (x86)\pManager.exe
2011-10-12 14:31:34 757760 ----a-w- C:\Program Files (x86)\HackAsm.exe
2011-10-12 14:31:32 356352 ----a-w- C:\Program Files (x86)\Calc.exe
2011-10-12 14:31:28 4280320 ----a-w- C:\Program Files (x86)\Hackman.exe
2011-10-12 14:24:14 45056 ----a-w- C:\Program Files (x86)\AutoPatch.exe
2010-11-19 05:27:34 162816 ----a-w- C:\Program Files\7z.sfx
2010-11-19 05:27:34 152064 ----a-w- C:\Program Files\7zCon.sfx
2010-11-19 05:24:20 1422336 ----a-w- C:\Program Files\7z.dll
2010-11-19 05:11:38 387072 ----a-w- C:\Program Files\7zG.exe
2010-11-19 05:10:48 740352 ----a-w- C:\Program Files\7zFM.exe
2010-11-19 05:08:50 86016 ----a-w- C:\Program Files\7-zip.dll
2010-11-19 05:08:30 284160 ----a-w- C:\Program Files\7z.exe
2009-06-30 14:06:38 16384 ----a-w- C:\Program Files (x86)\engine.exe
1999-12-29 11:04:40 21744 ----a-r- C:\Program Files (x86)\NFI.EXE
1998-12-02 06:11:02 143360 ----a-w- C:\Program Files (x86)\Unzip32.dll
1998-01-31 10:25:22 133120 ----a-w- C:\Program Files (x86)\zip32.dll
.
============= FINISH: 21:15:44.80 ===============
 

 



BC AdBot (Login to Remove)

 


m

#2 Jo*

Jo*

  • Malware Response Team
  • 3,269 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:10:06 AM

Posted 22 August 2014 - 11:34 AM

double post

Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users