Hi there. I'm running Windows 7 on a Samsung laptop. I have AVG Internet Security 2013 which is updated automatically. I don't have access to an install disc or boot CD.
This laptop has been running very slowly for some months and seems to be geting worse. I have carried out some of the actions suggested by your Sticky in the Computer Running Slow section, but not all as I don't understand some of them.

Anything you can do to help much appreciated.
The attche file is attached and here is the dds output:

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.18098
Run by Rob at 16:53:28 on 2015-11-29
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.4010.1856 [GMT 0:00]
.
AV: AVG Internet Security 2013 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: AVG update module *Disabled/Updated* {4D41356F-32AD-7C42-C820-63775EE4F413}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG update module *Disabled/Updated* {F620D48B-1497-73CC-F290-58052563BEAE}
SP: AVG Internet Security 2013 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
FW: AVG update module *Disabled* {757AB44A-78C2-7D1A-E37F-CA42A037B368}
FW: AVG Internet Security 2013 *Enabled* {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}
.
============== Running Processes ===============
.
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\nvvsvc.exe
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\windows\System32\spoolsv.exe
C:\windows\system32\taskhost.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
C:\Program Files (x86)\3 Mobile Broadband\3Connect\BecHelperService.exe
C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\windows\system32\taskeng.exe
C:\windows\system32\svchost.exe -k bthsvcs
C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
C:\windows\System32\svchost.exe -k utcsvc
C:\windows\system32\GWX\GWX.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Elantech\ETDCtrl.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Samsung\Easy Software Manager\SWMAgent.exe
C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
C:\Users\Rob\AppData\Roaming\Spotify\SpotifyWebHelper.exe
C:\Users\Rob\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
C:\Program Files (x86)\KNOWHOW\KNOWHOWAPPCENTRE\bin\serviceManager.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\Common Files\Motive\pcCMService.exe
C:\Program Files\Common Files\Motive\pcCMService.exe
C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe
C:\windows\system32\taskeng.exe
C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe
C:\Program Files (x86)\Samsung\Easy Settings\SmartSetting.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe
C:\Program Files (x86)\Samsung\Easy Settings\EasySpeedUpManager.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
C:\windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
C:\Program Files\Elantech\ETDCtrlHelper.exe
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\windows\system32\igfxext.exe
C:\windows\system32\igfxsrvc.exe
C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
C:\Program Files (x86)\Samsung\Easy Support Center\SSCKbdHk.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\AVG\AVG2013\avgui.exe
C:\Program Files (x86)\AVG\AVG2013\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe
C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
C:\Program Files (x86)\AVG\AVG2013\avgfws.exe
C:\Program Files (x86)\AVG\AVG2013\avgemca.exe
C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
C:\windows\servicing\TrustedInstaller.exe
C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\windows\system32\taskhost.exe
C:\windows\system32\SearchProtocolHost.exe
C:\windows\system32\SearchFilterHost.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.raintoday.co.uk/
uDefault_Page_URL = hxxp://samsung.msn.com
mWinlogon: Userinit = userinit.exe,
BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
uRun: [SRSHDAudioLab] "C:\Program Files\SRS Labs\SRS Audio Essentials\AudioEssentials.exe" auto
uRun: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"
uRun: [Spotify Web Helper] "C:\Users\Rob\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
uRun: [Rainlendar2] C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe
uRun: [AmazonMP3DownloaderHelper] C:\Users\Rob\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
uRun: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
uRun: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
mRun: [KNOWHOW(TM) APP CENTRE] "C:\Program Files (x86)\KNOWHOW\KNOWHOWAPPCENTRE\bin\serviceManager.lnk"
mRun: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
mRun: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
mRun: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
StartupFolder: C:\Users\Rob\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\BIRTHD~1.LNK - C:\Program Files (x86)\Birthday Reminder\bday.exe
StartupFolder: C:\Users\Rob\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
TCP: NameServer = 192.168.1.254
TCP: Interfaces\{30D7C833-E5FA-4C80-A89C-D88799B00E4D} : DHCPNameServer = 10.0.0.1
TCP: Interfaces\{7BD26433-5FE5-4C93-A217-8307E48E672A} : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{7BD26433-5FE5-4C93-A217-8307E48E672A}\244584F6D6563507F647D2053383 : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{7BD26433-5FE5-4C93-A217-8307E48E672A}\84F6C6964616970294E6E60254163747C6569676860275966496 : DHCPNameServer = 10.0.0.1
TCP: Interfaces\{7BD26433-5FE5-4C93-A217-8307E48E672A}\D416272796F64747F57457563747 : DHCPNameServer = 172.16.2.5 8.8.8.8
TCP: Interfaces\{7BD26433-5FE5-4C93-A217-8307E48E672A}\F5642756560235F4550214962707F62747 : DHCPNameServer = 10.32.11.254
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs= C:\windows\SysWOW64\nvinit.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-Run: [IgfxTray] C:\windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\windows\System32\igfxpers.exe
x64-Run: [BTMTrayAgent] rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
x64-Run: [ETDCtrl] C:\Program Files (x86)\Elantech\ETDCtrl.exe
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [Logitech Download Assistant] C:\windows\System32\rundll32.exe C:\windows\System32\LogiLDA.dll,LogiFetch
x64-Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Rob\AppData\Roaming\Mozilla\Firefox\Profiles\cxji3rts.default\
FF - prefs.js: browser.startup.homepage - hxxps://www.google.co.uk/
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Common Files\Motive\npMotive.dll
FF - plugin: C:\Program Files (x86)\Common Files\Motive\npMotiveRequest.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrlui.dll
FF - plugin: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll
FF - plugin: C:\Users\Rob\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll
FF - plugin: C:\Users\Rob\AppData\Roaming\Mozilla\Firefox\Profiles\cxji3rts.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}\plugins\npGarmin.dll
FF - plugin: C:\Users\Rob\AppData\Roaming\Mozilla\plugins\npatgpc.dll
FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHA;AVGIDSHA;C:\windows\System32\drivers\avgidsha.sys [2015-5-21 158160]
R0 Avgloga;AVG Logging Driver;C:\windows\System32\drivers\avgloga.sys [2015-5-21 360400]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\windows\System32\drivers\avgmfx64.sys [2015-7-3 204704]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\windows\System32\drivers\avgrkx64.sys [2013-10-23 45880]
R0 nvpciflt;nvpciflt;C:\windows\System32\drivers\nvpciflt.sys [2011-10-11 25960]
R1 Avgfwfd;AVG network filter service;C:\windows\System32\drivers\avgfwd6a.sys [2011-5-23 73688]
R1 AVGIDSDriver;AVGIDSDriver;C:\windows\System32\drivers\avgidsdrivera.sys [2013-11-25 246072]
R1 Avgldx64;AVG AVI Loader Driver;C:\windows\System32\drivers\avgldx64.sys [2014-11-4 209720]
R1 Avgtdia;AVG TDI Driver;C:\windows\System32\drivers\avgtdia.sys [2015-5-26 249296]
R1 SABI;SAMSUNG Kernel Driver For Windows 7;C:\windows\System32\drivers\SABI.sys [2011-10-11 13824]
R2 AMPPALR3;Intel® Centrino® Bluetooth 3.0 + High Speed Service;C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-4-21 1136640]
R2 Apple Mobile Device Service;Apple Mobile Device Service;C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2015-1-19 77128]
R2 avgfws;AVG Firewall;C:\Program Files (x86)\AVG\AVG2013\avgfws.exe [2015-10-5 1442344]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [2015-10-5 4948456]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [2013-11-20 283136]
R2 BecHelperService;BecHelperService;C:\Program Files (x86)\3 Mobile Broadband\3Connect\BecHelperService.exe [2011-11-30 1740696]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-3-30 923984]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2011-3-30 1001808]
R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service;C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2011-4-21 134928]
R2 DiagTrack;Diagnostics Tracking Service;C:\windows\System32\svchost.exe -k utcsvc [2011-10-11 27648]
R2 pcCMService;pcCMService;C:\Program Files (x86)\Common Files\Motive\pcCMService.exe [2014-1-30 375608]
R2 pcCMService64;pcCMService64;C:\Program Files\Common Files\Motive\pcCMService.exe [2014-1-30 467256]
R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [2012-11-29 38608]
R2 RosettaStoneDaemon;RosettaStoneDaemon;C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe [2011-3-31 1646056]
R2 SGDrv;SGDrv;C:\windows\System32\drivers\SGDrv64.sys [2011-10-11 7680]
R2 TomTomHOMEService;TomTomHOMEService;C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2012-12-5 92632]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-10-11 2656536]
R3 AMPPAL;Intel(R) Centrino(R) Bluetooth 3.0 + High Speed Virtual Adapter;C:\windows\System32\drivers\AmpPal.sys [2011-4-21 294912]
R3 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE [2014-3-11 247968]
R3 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2011-3-30 1321296]
R3 btmaux;Intel Bluetooth Auxiliary Service;C:\windows\System32\drivers\btmaux.sys [2011-3-8 51712]
R3 btmhsf;btmhsf;C:\windows\System32\drivers\btmhsf.sys [2011-3-8 274944]
R3 clwvd;CyberLink WebCam Virtual Driver;C:\windows\System32\drivers\clwvd.sys [2011-8-17 31216]
R3 ETD;ELAN PS/2 Port Input Device;C:\windows\System32\drivers\ETD.sys [2011-10-11 186152]
R3 huawei_enumerator;huawei_enumerator;C:\windows\System32\drivers\ew_jubusenum.sys [2011-11-30 86016]
R3 iBtFltCoex;iBtFltCoex;C:\windows\System32\drivers\iBtFltCoex.sys [2011-3-22 59904]
R3 IntcDAud;Intel(R) Display Audio;C:\windows\System32\drivers\IntcDAud.sys [2011-7-21 317440]
R3 MBAMProtector;MBAMProtector;C:\windows\System32\drivers\mbam.sys [2015-1-17 25816]
R3 RTL8167;Realtek 8167 NT Driver;C:\windows\System32\drivers\Rt64win7.sys [2011-10-11 471144]
S2 BBSvc;BingBar Service;C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.EXE [2014-3-11 193696]
S2 BT Help Wizard;BT Help Wizard;C:\Program Files (x86)\BT Broadband Desktop Help\btbb\MA\8.4.0.53.bt.0.5\ma\bin\MAHostService.exe [2014-1-21 321024]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-4-11 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-4-11 124088]
S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-1-17 1133880]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 AMPPALP;Intel(R) Centrino(R) Bluetooth 3.0 + High Speed Protocol;C:\windows\System32\drivers\AmpPal.sys [2011-4-21 294912]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;C:\windows\System32\drivers\ew_hwusbdev.sys [2011-11-30 117248]
S3 ew_usbenumfilter;huawei_CompositeFilter;C:\windows\System32\drivers\ew_usbenumfilter.sys [2011-11-30 13952]
S3 ewusbmbb;HUAWEI USB-WWAN miniport;C:\windows\System32\drivers\ewusbwwan.sys [2011-11-30 421376]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\windows\System32\ieetwcollector.exe [2015-11-24 114688]
S3 MBAMWebAccessControl;MBAMWebAccessControl;C:\windows\System32\drivers\mwac.sys [2015-1-17 63704]
S3 SRS_AE_Service;SRS Audio Essentials;C:\windows\System32\drivers\SRS_AE_amd64.sys [2011-8-1 513824]
S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 USBAAPL64;Apple Mobile USB Driver;C:\windows\System32\drivers\usbaapl64.sys [2014-8-15 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\System32\Wat\WatAdminSvc.exe [2011-11-29 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2015-11-24 20:58:59 5570496 ----a-w- C:\windows\System32\ntoskrnl.exe
2015-11-24 20:53:56 3168768 ----a-w- C:\windows\System32\wucltux.dll
2015-11-24 20:37:04 497664 ----a-w- C:\windows\System32\drivers\afd.sys
2015-11-24 20:37:04 118272 ----a-w- C:\windows\System32\drivers\tdx.sys
2015-11-24 20:37:01 72192 ----a-w- C:\windows\System32\aelupsvc.dll
2015-11-24 20:37:01 342016 ----a-w- C:\windows\System32\apphelp.dll
2015-11-24 20:37:01 295936 ----a-w- C:\windows\SysWow64\apphelp.dll
2015-11-24 20:37:00 6656 ----a-w- C:\windows\System32\shimeng.dll
2015-11-24 20:37:00 5120 ----a-w- C:\windows\SysWow64\shimeng.dll
2015-11-24 20:37:00 23552 ----a-w- C:\windows\System32\sdbinst.exe
2015-11-24 20:37:00 20992 ----a-w- C:\windows\SysWow64\sdbinst.exe
2015-11-24 20:15:42 3211264 ----a-w- C:\windows\System32\win32k.sys
2015-11-24 20:15:17 950720 ----a-w- C:\windows\System32\drivers\ndis.sys
.
==================== Find3M ====================
.
2015-11-16 09:15:12 780488 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe
2015-11-16 09:15:12 142536 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-10-30 23:40:49 2724864 ----a-w- C:\windows\System32\mshtml.tlb
2015-10-30 23:40:38 4096 ----a-w- C:\windows\System32\ieetwcollectorres.dll
2015-10-30 23:25:55 66560 ----a-w- C:\windows\System32\iesetup.dll
2015-10-30 23:25:15 48640 ----a-w- C:\windows\System32\ieetwproxystub.dll
2015-10-30 23:25:08 417792 ----a-w- C:\windows\System32\html.iec
2015-10-30 23:24:50 585728 ----a-w- C:\windows\System32\vbscript.dll
2015-10-30 23:24:34 88064 ----a-w- C:\windows\System32\MshtmlDac.dll
2015-10-30 23:12:09 144384 ----a-w- C:\windows\System32\ieUnatt.exe
2015-10-30 23:12:09 114688 ----a-w- C:\windows\System32\ieetwcollector.exe
2015-10-30 23:11:58 814080 ----a-w- C:\windows\System32\jscript9diag.dll
2015-10-30 23:11:46 5990912 ----a-w- C:\windows\System32\jscript9.dll
2015-10-30 23:04:48 968704 ----a-w- C:\windows\System32\MsSpellCheckingFacility.exe
2015-10-30 22:58:29 2724864 ----a-w- C:\windows\SysWow64\mshtml.tlb
2015-10-30 22:53:49 77824 ----a-w- C:\windows\System32\JavaScriptCollectionAgent.dll
2015-10-30 22:47:08 504832 ----a-w- C:\windows\SysWow64\vbscript.dll
2015-10-30 22:46:27 62464 ----a-w- C:\windows\SysWow64\iesetup.dll
2015-10-30 22:45:51 47616 ----a-w- C:\windows\SysWow64\ieetwproxystub.dll
2015-10-30 22:45:42 341504 ----a-w- C:\windows\SysWow64\html.iec
2015-10-30 22:44:57 64000 ----a-w- C:\windows\SysWow64\MshtmlDac.dll
2015-10-30 22:36:25 115712 ----a-w- C:\windows\SysWow64\ieUnatt.exe
2015-10-30 22:36:06 620032 ----a-w- C:\windows\SysWow64\jscript9diag.dll
2015-10-30 22:29:57 1359360 ----a-w- C:\windows\System32\mshtmlmedia.dll
2015-10-30 22:29:52 2126336 ----a-w- C:\windows\System32\inetcpl.cpl
2015-10-30 22:23:51 60416 ----a-w- C:\windows\SysWow64\JavaScriptCollectionAgent.dll
2015-10-30 22:17:06 2487808 ----a-w- C:\windows\System32\wininet.dll
2015-10-30 22:16:43 4527616 ----a-w- C:\windows\SysWow64\jscript9.dll
2015-10-30 22:09:23 1155072 ----a-w- C:\windows\SysWow64\mshtmlmedia.dll
2015-10-30 22:09:15 2052608 ----a-w- C:\windows\SysWow64\inetcpl.cpl
2015-10-30 21:51:28 2011136 ----a-w- C:\windows\SysWow64\wininet.dll
2015-10-29 17:50:29 350208 ----a-w- C:\windows\apppatch\AppPatch64\AcLayers.dll
2015-10-29 17:50:29 309248 ----a-w- C:\windows\apppatch\AppPatch64\AcGenral.dll
2015-10-29 17:50:29 135168 ----a-w- C:\windows\apppatch\AppPatch64\AcXtrnal.dll
2015-10-29 17:50:29 103424 ----a-w- C:\windows\apppatch\AppPatch64\acspecfc.dll
2015-10-29 17:49:57 562176 ----a-w- C:\windows\apppatch\AcLayers.dll
2015-10-29 17:49:57 470528 ----a-w- C:\windows\apppatch\AcSpecfc.dll
2015-10-29 17:49:57 2178560 ----a-w- C:\windows\apppatch\AcGenral.dll
2015-10-29 17:49:57 211968 ----a-w- C:\windows\apppatch\AcXtrnal.dll
2015-10-29 17:39:57 2560 ----a-w- C:\windows\apppatch\AcRes.dll
2015-10-20 18:42:14 98816 ----a-w- C:\windows\System32\wudriver.dll
2015-10-20 18:42:14 192512 ----a-w- C:\windows\System32\wuwebv.dll
2015-10-20 18:41:36 91136 ----a-w- C:\windows\System32\WinSetupUI.dll
2015-10-20 18:41:25 12288 ----a-w- C:\windows\System32\wu.upgrade.ps.dll
2015-10-20 18:41:22 37888 ----a-w- C:\windows\System32\wuapp.exe
2015-10-20 17:46:02 93696 ----a-w- C:\windows\SysWow64\wudriver.dll
2015-10-20 17:46:02 174080 ----a-w- C:\windows\SysWow64\wuwebv.dll
2015-10-20 17:45:08 35328 ----a-w- C:\windows\SysWow64\wuapp.exe
2015-10-20 01:12:10 95680 ----a-w- C:\windows\System32\drivers\ksecdd.sys
2015-10-20 01:12:10 154560 ----a-w- C:\windows\System32\drivers\ksecpkg.sys
2015-10-20 01:09:05 1730496 ----a-w- C:\windows\System32\ntdll.dll
2015-10-20 01:06:18 362496 ----a-w- C:\windows\System32\wow64win.dll
2015-10-20 01:06:18 243712 ----a-w- C:\windows\System32\wow64.dll
2015-10-20 01:06:18 215040 ----a-w- C:\windows\System32\winsrv.dll
2015-10-20 01:06:18 13312 ----a-w- C:\windows\System32\wow64cpu.dll
2015-10-20 01:04:53 31232 ----a-w- C:\windows\System32\lsass.exe
2015-10-20 01:04:40 338432 ----a-w- C:\windows\System32\conhost.exe
2015-10-20 01:04:35 64000 ----a-w- C:\windows\System32\auditpol.exe
2015-10-20 01:00:20 60416 ----a-w- C:\windows\System32\msobjs.dll
2015-10-20 00:59:20 146432 ----a-w- C:\windows\System32\msaudite.dll
2015-10-20 00:52:02 3991488 ----a-w- C:\windows\SysWow64\ntkrnlpa.exe
2015-10-20 00:52:02 3935680 ----a-w- C:\windows\SysWow64\ntoskrnl.exe
2015-10-20 00:48:46 1311768 ----a-w- C:\windows\SysWow64\ntdll.dll
2015-10-20 00:44:35 50176 ----a-w- C:\windows\SysWow64\auditpol.exe
2015-10-20 00:44:19 5120 ----a-w- C:\windows\SysWow64\wow32.dll
2015-10-20 00:44:18 96768 ----a-w- C:\windows\SysWow64\sspicli.dll
2015-10-20 00:44:18 665088 ----a-w- C:\windows\SysWow64\rpcrt4.dll
2015-10-20 00:44:18 274944 ----a-w- C:\windows\SysWow64\KernelBase.dll
2015-10-20 00:39:32 60416 ----a-w- C:\windows\SysWow64\msobjs.dll
2015-10-20 00:39:11 146432 ----a-w- C:\windows\SysWow64\msaudite.dll
2015-10-19 23:41:20 159232 ----a-w- C:\windows\System32\drivers\mrxsmb.sys
2015-10-19 23:40:43 290816 ----a-w- C:\windows\System32\drivers\mrxsmb10.sys
2015-10-19 23:40:39 129024 ----a-w- C:\windows\System32\drivers\mrxsmb20.sys
2015-10-19 23:29:36 7680 ----a-w- C:\windows\SysWow64\instnm.exe
2015-10-19 23:29:34 2048 ----a-w- C:\windows\SysWow64\user.exe
2015-10-19 23:27:10 6144 ---ha-w- C:\windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2015-10-19 23:27:10 4608 ---ha-w- C:\windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2015-10-19 23:27:10 3584 ---ha-w- C:\windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2015-10-19 23:27:10 3072 ---ha-w- C:\windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2015-10-13 01:29:08 875720 ----a-w- C:\windows\SysWow64\msvcr120_clr0400.dll
2015-10-13 01:22:02 869568 ----a-w- C:\windows\System32\msvcr120_clr0400.dll
2015-10-01 18:06:49 692672 ----a-w- C:\windows\System32\winload.efi
2015-10-01 18:04:11 616360 ----a-w- C:\windows\System32\winresume.efi
2015-10-01 18:00:59 63488 ----a-w- C:\windows\System32\setbcdlocale.dll
2015-10-01 18:00:51 24576 ----a-w- C:\windows\System32\jnwmon.dll
2015-10-01 18:00:50 275456 ----a-w- C:\windows\System32\InkEd.dll
2015-10-01 18:00:43 59392 ----a-w- C:\windows\System32\appidapi.dll
2015-10-01 18:00:43 32768 ----a-w- C:\windows\System32\appidsvc.dll
2015-10-01 18:00:06 17920 ----a-w- C:\windows\System32\appidcertstorecheck.exe
2015-10-01 18:00:06 147456 ----a-w- C:\windows\System32\appidpolicyconverter.exe
2015-10-01 17:50:43 216064 ----a-w- C:\windows\SysWow64\InkEd.dll
2015-10-01 17:50:35 50688 ----a-w- C:\windows\SysWow64\appidapi.dll
2015-10-01 17:00:54 61440 ----a-w- C:\windows\System32\drivers\appid.sys
2015-09-23 13:15:25 460776 ----a-w- C:\windows\System32\drivers\cng.sys
2015-09-23 13:15:24 299632 ----a-w- C:\windows\System32\bcryptprimitives.dll
2015-09-23 13:09:57 251000 ----a-w- C:\windows\SysWow64\bcryptprimitives.dll
2015-09-18 19:22:39 25432 ----a-w- C:\windows\System32\CompatTelRunner.exe
2015-09-18 19:19:26 700416 ----a-w- C:\windows\System32\invagent.dll
2015-09-18 19:19:23 766464 ----a-w- C:\windows\System32\generaltel.dll
2015-09-18 19:19:20 503808 ----a-w- C:\windows\System32\devinv.dll
.
============= FINISH: 16:55:23.31 ===============

Attached Files

attach.txt (13.2 KB)

hi all
i had infected from interpol virus
i had deep freeze in c partition
when i restart pc the infected disappear from c files because of deep freeze

now all my important files i can not open it or use because encrypted :banghead:


can any one help me to remove that encrypted :confused:



i use win 7
i do not use antivirus


thanks in advance for your help

with my best regards

saad

I am experiencing trouble with my search tacking over my computer. I think it is running IE instead of Edge and I have lost Bing as my search engine. Whenever I am directed to another site is tells me to use Microsoft store app and it does not go to browser. Following is the files you requested.

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.10586.0
Run by JVB at 17:45:04 on 2015-11-30
Microsoft Windows 10 Home 10.0.10586.0.1252.1.1033.18.16383.12458 [GMT -5:00]
.
AV: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\dwm.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\WINDOWS\system32\nvvsvc.exe
C:\WINDOWS\System32\svchost.exe -k NetworkService
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\dashost.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\WINDOWS\system32\svchost.exe -k apphost
C:\WINDOWS\System32\svchost.exe -k utcsvc
C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
C:\WINDOWS\system32\mqsvc.exe
C:\WINDOWS\system32\svchost.exe -k iissvcs
C:\WINDOWS\system32\svchost.exe -k appmodel
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpert.exe
C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
C:\WINDOWS\system32\sihost.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Windows\System32\RuntimeBroker.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\WINDOWS\system32\taskhostw.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\uTorrent\uTorrent.exe
C:\Users\JVB\AppData\Local\Akamai\netsession_win.exe
C:\Users\JVB\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Windows\System32\spool\drivers\x64\3\E_IATIHAA.EXE
C:\Users\JVB\AppData\Local\Akamai\netsession_win.exe
C:\Windows\System32\spool\drivers\x64\3\E_IATIHAA.EXE
C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe
C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe
C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
C:\Program Files (x86)\Glary Utilities 5\Integrator.exe
C:\WINDOWS\SysWOW64\WinMsgBalloonServer.exe
C:\WINDOWS\SysWOW64\WinMsgBalloonClient.exe
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
C:\Program Files\WindowsApps\Microsoft.Messaging_1.11.19004.0_x86__8wekyb3d8bbwe\SkypeHost.exe
C:\WINDOWS\system32\SettingSyncHost.exe
C:\WINDOWS\system32\ApplicationFrameHost.exe
C:\WINDOWS\ImmersiveControlPanel\SystemSettings.exe
C:\Program Files\WindowsApps\Microsoft.WindowsStore_2015.23.23.0_x64__8wekyb3d8bbwe\WinStore.Mobile.exe
C:\Program Files\Newsbin\newsbinpro64.exe
C:\Program Files\Windows Defender\MpCmdRun.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\WINDOWS\system32\fontdrvhost.exe
C:\Program Files (x86)\Glary Utilities 5\MemfilesService.exe
C:\Program Files (x86)\Glary Utilities 5\x64\Win64ShellLink.exe
C:\Program Files\WindowsApps\Microsoft.ZuneVideo_3.6.15361.0_x64__8wekyb3d8bbwe\Video.UI.exe
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
C:\WINDOWS\system32\browser_broker.exe
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RevoUninPro.exe
C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.86\Installer\setup.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\svchost.exe -k SDRSVC
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uSearch Bar = Preserve
mSearch Bar = hxxp://www.google.com
uProxyOverride = <local>
BHO: Skype for Business Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
BHO: Adobe Acrobat Create PDF Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL
BHO: Adobe Acrobat Create PDF from Selection: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
TB: Adobe Acrobat Create PDF Toolbar: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
TB: Adobe Acrobat Create PDF Toolbar: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
uRun: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe"
uRun: [Akamai NetSession Interface] "C:\Users\JVB\AppData\Local\Akamai\netsession_win.exe"
uRun: [GUDelayStartup] "C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe" -delayrun
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
uRun: [OneDrive] "C:\Users\JVB\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
uRun: [EPLTarget\P0000000000000001] C:\WINDOWS\System32\spool\DRIVERS\x64\3\E_IATIHAA.EXE /EPT "EPLTarget\P0000000000000001" /M "Epson Stylus NX330"
uRun: [EPLTarget\P0000000000000000] C:\WINDOWS\System32\spool\DRIVERS\x64\3\E_IATIHAA.EXE /EPT "EPLTarget\P0000000000000000" /M "Epson Stylus NX330"
mRun: [dellsupportcenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P dellsupportcenter
mRun: [ShwiconXP9106] C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe
mRun: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe"
mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
mRun: [LifeCam] "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe"
StartupFolder: C:\Users\JVB\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\JZIP.lnk - C:\WINDOWS\System32\schtasks.exe
mPolicies-System: DSCAutomationHostEnabled = dword:2
IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
TCP: Interfaces\{8600e961-1b41-430d-bc1a-d6bbeb971729} : NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
SSODL: WebCheck - <orphaned>
CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
x64-BHO: Skype for Business Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
x64-BHO: Adobe Acrobat Create PDF Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll
x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
x64-BHO: Adobe Acrobat Create PDF from Selection: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll
x64-TB: Adobe Acrobat Create PDF Toolbar: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-Run: [ShadowPlay] C:\WINDOWS\System32\rundll32.exe C:\WINDOWS\System32\nvspcap64.dll,ShadowPlayOnSystemStart
x64-mPolicies-System: DSCAutomationHostEnabled = dword:2
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
x64-DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
x64-Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL
x64-Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - U
x64-CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
.
============= SERVICES / DRIVERS ===============
.
R0 WindowsTrustedRT;Windows Trusted Execution Environment Class Extension;C:\WINDOWS\System32\drivers\WindowsTrustedRT.sys [2015-10-30 106520]
R0 WindowsTrustedRTProxy;Microsoft Windows Trusted Runtime Secure Service;C:\WINDOWS\System32\drivers\WindowsTrustedRTProxy.sys [2015-10-30 17944]
R0 Wof;Windows Overlay File System Filter Driver;C:\WINDOWS\System32\drivers\wof.sys [2015-10-30 199008]
R1 ahcache;Application Compatibility Cache;C:\WINDOWS\System32\drivers\ahcache.sys [2015-10-30 218624]
R1 FileCrypt;FileCrypt;C:\WINDOWS\System32\drivers\filecrypt.sys [2015-10-30 87040]
R1 GpuEnergyDrv;GPU Energy Driver;C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2015-10-30 8192]
R1 GUBootStartup;GUBootStartup;C:\WINDOWS\System32\drivers\GUBootStartup.sys [2014-11-16 20160]
R1 RawDisk3;RawDisk3;C:\WINDOWS\System32\drivers\rawdsk3.sys [2014-10-31 32912]
R2 AMD_RAIDXpert;AMD RAIDXpert;C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe [2009-3-15 122880]
R2 CoreMessagingRegistrar;CoreMessaging;C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork [2015-10-30 43944]
R2 DiagTrack;Connected User Experiences and Telemetry;C:\WINDOWS\System32\svchost.exe -k utcsvc [2015-10-30 43944]
R2 EPSON_PM_RPCV4_04;EPSON V3 Service4(04);C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE [2015-8-4 151648]
R2 EpsonCustomerParticipation;EpsonCustomerParticipation;C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe [2011-6-9 555392]
R2 GfExperienceService;NVIDIA GeForce Experience Service;C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-5-27 1156384]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-10-29 1513784]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-10-29 1135416]
R2 NvNetworkService;NVIDIA Network Service;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-5-27 1873696]
R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2015-7-15 5568288]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2015-11-20 416432]
R2 storqosflt;Storage QoS Filter Driver;C:\WINDOWS\System32\drivers\storqosflt.sys [2015-10-30 78848]
R2 tiledatamodelsvc;Tile Data model server;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-10-30 43944]
R2 UserManager;User Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
R3 DsSvc;Data Sharing Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;C:\WINDOWS\System32\drivers\k57nd60a.sys [2015-10-30 446464]
R3 LcUvcUpper;LcUvcUpper Service;C:\WINDOWS\System32\drivers\LcUvcUpper.sys [2015-9-28 37912]
R3 lfsvc;Geolocation Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
R3 LicenseManager;Windows License Manager Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
R3 MBAMProtector;MBAMProtector;C:\WINDOWS\System32\drivers\mbam.sys [2014-10-29 25816]
R3 MBAMSwissArmy;MBAMSwissArmy;C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [2014-10-29 192216]
R3 MBAMWebAccessControl;MBAMWebAccessControl;C:\WINDOWS\System32\drivers\mwac.sys [2014-10-29 64216]
R3 NcbService;Network Connection Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
R3 NdisVirtualBus;Microsoft Virtual Network Adapter Enumerator;C:\WINDOWS\System32\drivers\NdisVirtualBus.sys [2015-10-30 20480]
R3 NvStreamKms;NvStreamKms;C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-5-27 20768]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\WINDOWS\System32\drivers\nvvad64v.sys [2015-8-24 50472]
R3 StateRepository;State Repository Service;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-10-30 43944]
R3 UsoSvc;Update Orchestrator Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
R3 WdNisDrv;Windows Defender Network Inspection System Driver;C:\WINDOWS\System32\drivers\WdNisDrv.sys [2015-10-30 118112]
R3 WdNisSvc;Windows Defender Network Inspection Service;C:\Program Files\Windows Defender\NisSrv.exe [2015-10-30 364464]
S2 DoSvc;Delivery Optimization;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S2 MapsBroker;Downloaded Maps Manager;C:\WINDOWS\System32\svchost.exe -k NetworkService [2015-10-30 43944]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-2-18 315488]
S2 sys_service;sys_service;"C:\Program Files (x86)\SystemManager\Systemmgr\sysupdator.exe" --> C:\Program Files (x86)\SystemManager\Systemmgr\sysupdator.exe [?]
S3 ADP80XX;ADP80XX;C:\WINDOWS\System32\drivers\adp80xx.sys [2015-10-30 1135456]
S3 AJRouter;AllJoyn Router Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
S3 AppReadiness;App Readiness;C:\WINDOWS\System32\svchost.exe -k AppReadiness [2015-10-30 43944]
S3 AppXSvc;AppX Deployment Service (AppXSVC);C:\WINDOWS\System32\svchost.exe -k wsappx [2015-10-30 43944]
S3 bcmfn;bcmfn Service;C:\WINDOWS\System32\drivers\bcmfn.sys [2015-10-30 9728]
S3 bcmfn2;bcmfn2 Service;C:\WINDOWS\System32\drivers\bcmfn2.sys [2015-10-30 9728]
S3 BthHFSrv;Bluetooth Handsfree Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceAndNoImpersonation [2015-10-30 43944]
S3 buttonconverter;Service for Portable Device Control devices;C:\WINDOWS\System32\drivers\buttonconverter.sys [2015-10-30 37376]
S3 CapImg;HID driver for CapImg touch screen;C:\WINDOWS\System32\drivers\capimg.sys [2015-10-30 117248]
S3 ClipSVC;Client License Service (ClipSVC);C:\WINDOWS\System32\svchost.exe -k wsappx [2015-10-30 43944]
S3 DcpSvc;DataCollectionPublishingService;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 DevQueryBroker;DevQuery Background Discovery Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\WINDOWS\System32\drivers\ssudbus.sys [2014-1-22 108800]
S3 diagnosticshub.standardcollector.service;Microsoft (R) Diagnostics Hub Standard Collector Service;C:\WINDOWS\System32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-10-30 31744]
S3 DmEnrollmentSvc;Device Management Enrollment Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 dmwappushservice;dmwappushsvc;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 embeddedmode;embeddedmode;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 EntAppSvc;Enterprise App Management Service;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-10-30 43944]
S3 genericusbfn;Generic USB Function Class;C:\WINDOWS\System32\drivers\genericusbfn.sys [2015-10-30 20992]
S3 hidinterrupt;Common Driver for HID Buttons implemented with interrupts;C:\WINDOWS\System32\drivers\hidinterrupt.sys [2015-10-30 50016]
S3 iai2c;Intel(R) Serial IO I2C Host Controller;C:\WINDOWS\System32\drivers\iai2c.sys [2015-10-30 81408]
S3 iaLPSS2i_I2C;Intel(R) Serial IO I2C Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2015-10-30 165888]
S3 iaLPSSi_GPIO;Intel(R) Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [2015-10-30 38128]
S3 iaLPSSi_I2C;Intel(R) Serial IO I2C Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [2015-10-30 113152]
S3 iaStorAV;Intel(R) SATA RAID Controller Windows;C:\WINDOWS\System32\drivers\iaStorAV.sys [2015-10-30 673120]
S3 ibbus;Mellanox InfiniBand Bus/AL (Filter Driver);C:\WINDOWS\System32\drivers\ibbus.sys [2015-10-30 424800]
S3 icssvc;Windows Mobile Hotspot Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2015-10-30 43944]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\WINDOWS\System32\ieetwcollector.exe [2015-10-30 117760]
S3 intelpep;Intel(R) Power Engine Plug-in Driver;C:\WINDOWS\System32\drivers\intelpep.sys [2015-10-30 46432]
S3 IoQos;IoQos;C:\WINDOWS\System32\drivers\ioqos.sys [2015-10-30 26624]
S3 LSI_SAS2i;LSI_SAS2i;C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2015-10-30 104800]
S3 LSI_SAS3i;LSI_SAS3i;C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2015-10-30 99168]
S3 mlx4_bus;Mellanox ConnectX Bus Enumerator;C:\WINDOWS\System32\drivers\mlx4_bus.sys [2015-10-30 705376]
S3 ndfltr;NetworkDirect Service;C:\WINDOWS\System32\drivers\ndfltr.sys [2015-10-30 76128]
S3 NetSetupSvc;Network Setup Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 NgcCtnrSvc;Microsoft Passport Container;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2015-10-30 43944]
S3 NgcSvc;Microsoft Passport;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\microsoft shared\Source Engine\OSE.EXE [2014-1-23 178760]
S3 percsas2i;percsas2i;C:\WINDOWS\System32\drivers\percsas2i.sys [2015-10-30 58208]
S3 percsas3i;percsas3i;C:\WINDOWS\System32\drivers\percsas3i.sys [2015-10-30 58720]
S3 PhoneSvc;Phone Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
S3 ReFSv1;ReFSv1;C:\WINDOWS\System32\drivers\refsv1.sys [2015-10-30 930656]
S3 RetailDemo;Retail Demo Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 Revoflt;Revoflt;C:\WINDOWS\System32\drivers\revoflt.sys [2015-2-18 31800]
S3 ScDeviceEnum;Smart Card Device Enumeration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 SensorDataService;Sensor Data Service;C:\WINDOWS\System32\SensorDataService.exe [2015-10-30 1297408]
S3 SensorService;Sensor Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 SerCx2;Serial UART Support Library;C:\WINDOWS\System32\drivers\SerCx2.sys [2015-10-30 155488]
S3 smphost;Microsoft Storage Spaces SMP;C:\WINDOWS\System32\svchost.exe -k smphost [2015-10-30 43944]
S3 SmsRouter;Microsoft Windows SMS Router Service.;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\WINDOWS\System32\drivers\ssudmdm.sys [2014-1-22 206080]
S3 stornvme;Microsoft Standard NVM Express Driver;C:\WINDOWS\System32\drivers\stornvme.sys [2015-10-30 79200]
S3 storufs;Microsoft Universal Flash Storage (UFS) Driver;C:\WINDOWS\System32\drivers\storufs.sys [2015-10-30 34144]
S3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 TeamViewer;TeamViewer 10;C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2015-10-13 5702416]
S3 TieringEngineService;Storage Tiers Management;C:\WINDOWS\System32\TieringEngineService.exe [2015-10-30 290304]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmCx.sys [2015-10-30 61952]
S3 UcmUcsi;USB Connector Manager UCSI Client;C:\WINDOWS\System32\drivers\UcmUcsi.sys [2015-10-30 46592]
S3 UdeCx;USB Device Emulation Support Library;C:\WINDOWS\System32\drivers\Udecx.sys [2015-10-30 45056]
S3 UEFI;Microsoft UEFI Driver;C:\WINDOWS\System32\drivers\uefi.sys [2015-10-30 28512]
S3 Ufx01000;USB Function Class Extension;C:\WINDOWS\System32\drivers\ufx01000.sys [2015-10-30 254816]
S3 UfxChipidea;USB Chipidea Controller;C:\WINDOWS\System32\drivers\UfxChipidea.sys [2015-10-30 94048]
S3 ufxsynopsys;USB Synopsys Controller;C:\WINDOWS\System32\drivers\ufxsynopsys.sys [2015-10-30 131424]
S3 UrsChipidea;Chipidea USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urschipidea.sys [2015-10-30 28512]
S3 UrsCx01000;USB Role-Switch Support Library;C:\WINDOWS\System32\drivers\urscx01000.sys [2015-10-30 57696]
S3 UrsSynopsys;Synopsys USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urssynopsys.sys [2015-10-30 27488]
S3 vhf;Virtual HID Framework (VHF) Driver;C:\WINDOWS\System32\drivers\vhf.sys [2015-10-30 31744]
S3 vmicguestinterface;Hyper-V Guest Service Interface;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 vmicvmsession;Hyper-V VM Session Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 w3logsvc;W3C Logging Service;C:\WINDOWS\System32\svchost.exe -k apphost [2015-10-30 43944]
S3 WalletService;WalletService;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-10-30 43944]
S3 wdiwifi;WDI Driver Framework;C:\WINDOWS\System32\drivers\WdiWiFi.sys [2015-10-30 694784]
S3 WEPHOSTSVC;Windows Encryption Provider Host Service;C:\WINDOWS\System32\svchost.exe -k WepHostSvcGroup [2015-10-30 43944]
S3 WinMad;WinMad Service;C:\WINDOWS\System32\drivers\winmad.sys [2015-10-30 26976]
S3 WinVerbs;WinVerbs Service;C:\WINDOWS\System32\drivers\winverbs.sys [2015-10-30 59232]
S3 workfolderssvc;Work Folders;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
S3 WpnService;Windows Push Notifications Service;C:\WINDOWS\System32\svchost.exe -k wswpnservice [2015-10-30 43944]
S3 WSDScan;WSD Scan Support;C:\WINDOWS\System32\drivers\WSDScan.sys [2015-10-30 24576]
S3 WUDFWpdMtp;WUDFWpdMtp;C:\WINDOWS\System32\drivers\WUDFRd.sys [2015-10-30 216064]
S3 XblAuthManager;Xbox Live Auth Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 XblGameSave;Xbox Live Game Save;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 xboxgip;Xbox Game Input Protocol Driver;C:\WINDOWS\System32\drivers\xboxgip.sys [2015-10-30 238592]
S3 XboxNetApiSvc;Xbox Live Networking Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 xinputhid;XINPUT HID Filter Driver;C:\WINDOWS\System32\drivers\xinputhid.sys [2015-10-30 26112]
S4 CDPSvc;Connected Device Platform Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
S4 tzautoupdate;Auto Time Zone Updater;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
.
=============== Created Last 30 ================
.
2015-11-30 06:26:56 11138400 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{4DD2A3BA-E58F-4AB5-8263-B6C6CB6DDA1B}\mpengine.dll
2015-11-29 05:25:18 11138400 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2015-11-29 02:03:41 290304 ----a-w- C:\WINDOWS\SysWow64\subinacl.exe
2015-11-29 02:03:40 -------- d-----w- C:\Program Files (x86)\Adware Removal Tool by TSA
2015-11-28 22:54:37 -------- d-----w- C:\Users\JVB\AppData\Local\speech
2015-11-25 04:51:27 -------- d-----w- C:\WINDOWS\Simple Static IP
2015-11-25 04:51:27 -------- d-----w- C:\Program Files (x86)\Simple Static IP
2015-11-25 01:43:00 870400 ----a-w- C:\WINDOWS\System32\modernexecserver.dll
2015-11-25 01:43:00 286720 ----a-w- C:\WINDOWS\System32\deviceaccess.dll
2015-11-25 01:42:59 809312 ----a-w- C:\WINDOWS\System32\WWAHost.exe
2015-11-25 01:42:59 704352 ----a-w- C:\WINDOWS\SysWow64\WWAHost.exe
2015-11-25 01:42:59 227840 ----a-w- C:\WINDOWS\SysWow64\deviceaccess.dll
2015-11-25 01:42:59 204800 ----a-w- C:\WINDOWS\System32\Microsoft-Windows-AppModelExecEvents.dll
2015-11-25 01:01:36 -------- d-----w- C:\Program Files (x86)\S5
2015-11-25 01:01:34 -------- d-----w- C:\Users\JVB\AppData\Roaming\c
2015-11-25 01:01:34 -------- d-----w- C:\ProgramData\1448413294
2015-11-25 01:01:06 -------- d-----w- C:\Users\JVB\AppData\Roaming\Itibiti
2015-11-25 00:59:46 185856 ----a-w- C:\WINDOWS\rsrcs.dll
2015-11-25 00:59:40 -------- d-----w- C:\Users\JVB\AppData\Local\Geckofx
2015-11-25 00:59:11 -------- d-----w- C:\Users\JVB\AppData\Roaming\SSN
2015-11-23 17:10:54 -------- d-----w- C:\Users\JVB\AppData\Roaming\Curse Advertising
2015-11-23 17:10:37 -------- d-----w- C:\Users\JVB\AppData\Local\Deployment
2015-11-20 17:27:43 608048 ----a-w- C:\WINDOWS\SysWow64\nvStreaming.exe
2015-11-20 17:26:51 82744 ----a-w- C:\WINDOWS\System32\OpenCL.dll
2015-11-20 17:26:51 68280 ----a-w- C:\WINDOWS\SysWow64\OpenCL.dll
2015-11-20 04:00:58 17721840 ----a-w- C:\WINDOWS\System32\nvd3dumx.dll
2015-11-20 04:00:58 14633232 ----a-w- C:\WINDOWS\SysWow64\nvd3dum.dll
2015-11-20 04:00:58 11316168 ----a-w- C:\WINDOWS\SysWow64\nvcuda.dll
2015-11-20 04:00:56 2857536 ----a-w- C:\WINDOWS\SysWow64\nvapi.dll
2015-11-20 04:00:56 16278496 ----a-w- C:\WINDOWS\SysWow64\nvwgf2um.dll
2015-11-20 04:00:56 14047120 ----a-w- C:\WINDOWS\System32\nvopencl.dll
2015-11-20 04:00:56 13957976 ----a-w- C:\WINDOWS\System32\nvcuda.dll
2015-11-20 04:00:56 11379416 ----a-w- C:\WINDOWS\SysWow64\nvopencl.dll
2015-11-18 04:42:13 -------- d-----w- C:\WINDOWS\System32\SleepStudy
2015-11-17 05:52:38 -------- dc----w- C:\WINDOWS\Panther
2015-11-17 05:49:06 -------- d-----w- C:\WINDOWS\System32\Microsoft
2015-11-17 05:47:06 -------- d-----w- C:\WINDOWS\SysWow64\BestPractices
2015-11-17 05:47:06 -------- d-----w- C:\WINDOWS\System32\msmq
2015-11-17 05:47:06 -------- d-----w- C:\WINDOWS\System32\BestPractices
2015-11-17 05:47:04 -------- d-----w- C:\inetpub
2015-11-17 05:46:24 35480 ----a-w- C:\WINDOWS\SysWow64\TsWpfWrp.exe
2015-11-17 05:46:23 778936 ----a-w- C:\WINDOWS\SysWow64\PresentationNative_v0300.dll
2015-11-17 05:46:23 103120 ----a-w- C:\WINDOWS\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2015-11-17 05:46:22 35480 ----a-w- C:\WINDOWS\System32\TsWpfWrp.exe
2015-11-17 05:46:22 124624 ----a-w- C:\WINDOWS\System32\PresentationCFFRasterizerNative_v0300.dll
2015-11-17 05:46:22 1166520 ----a-w- C:\WINDOWS\System32\PresentationNative_v0300.dll
2015-11-17 03:27:14 -------- d-----w- C:\Users\JVB\AppData\Local\ActiveSync
2015-11-17 03:24:37 -------- d-sh--we C:\ProgramData\Documents
2015-11-17 03:24:37 -------- d-sh--w- C:\Recovery
2015-11-17 03:16:50 -------- d-----w- C:\WINDOWS\System32\wbem\Performance
2015-11-17 03:12:49 -------- d-----w- C:\WINDOWS\System32\wbem\MOF\good
2015-11-17 03:12:49 -------- d-----w- C:\WINDOWS\System32\wbem\MOF\bad
2015-11-17 03:04:31 -------- d-----w- C:\Program Files (x86)\Common Files\SpeechEngines
2015-11-17 03:04:24 -------- d-----w- C:\Program Files\Common Files\SpeechEngines
2015-11-17 02:58:22 -------- d-----w- C:\WINDOWS\SysWow64\RTCOM
2015-11-17 02:58:22 -------- d-----w- C:\Program Files\Realtek
2015-11-17 02:58:15 933168 ----a-w- C:\WINDOWS\System32\nvvsvc.exe
2015-11-17 02:58:15 6783280 ----a-w- C:\WINDOWS\System32\nvcpl.dll
2015-11-17 02:58:15 62584 ----a-w- C:\WINDOWS\System32\nvshext.dll
2015-11-17 02:58:15 5972783 ----a-w- C:\WINDOWS\System32\nvcoproc.bin
2015-11-17 02:58:15 384176 ----a-w- C:\WINDOWS\System32\nvmctray.dll
2015-11-17 02:58:15 3522168 ----a-w- C:\WINDOWS\System32\nvsvc64.dll
2015-11-17 02:58:15 2557616 ----a-w- C:\WINDOWS\System32\nvsvcr.dll
2015-11-17 02:58:02 -------- d-----w- C:\ProgramData\NVIDIA Corporation
2015-11-17 02:57:50 -------- d-----w- C:\Program Files\NVIDIA Corporation
2015-11-17 02:57:41 -------- d---a-w- C:\Program Files (x86)\Microsoft LifeCam
2015-11-17 02:57:38 -------- d---a-w- C:\Program Files\Microsoft LifeCam
2015-11-17 02:54:44 2718208 ----a-w- C:\WINDOWS\SysWow64\PrintConfig.dll
2015-11-17 02:54:15 -------- d-----w- C:\WINDOWS\System32\wbem\MOF
2015-11-16 22:12:43 18805920 ----a-w- C:\WINDOWS\System32\nvwgf2umx.dll
2015-11-16 22:12:41 12907704 ----a-w- C:\WINDOWS\System32\drivers\nvlddmkm.sys
2015-11-16 22:12:40 1917240 ----a-w- C:\WINDOWS\System32\nvdispco6434181.dll
2015-11-16 22:12:40 1565368 ----a-w- C:\WINDOWS\System32\nvdispgenco6434181.dll
2015-11-16 22:12:39 3246848 ----a-w- C:\WINDOWS\System32\nvapi64.dll
2015-11-15 17:14:42 -------- d-----w- C:\ProgramData\NzbDrone
2015-11-12 18:27:39 -------- d-----w- C:\Users\JVB\AppData\Local\Collectorz.com
2015-11-12 18:27:09 -------- d-----w- C:\Program Files (x86)\Collectorz.com
.
==================== Find3M ====================
.
2015-11-30 22:29:22 192216 ----a-w- C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys
2015-11-17 05:50:05 969728 ----a-w- C:\WINDOWS\System32\kerberos.dll
2015-11-17 05:47:02 96768 ----a-w- C:\WINDOWS\SysWow64\mqoa.tlb
2015-11-17 05:47:02 91136 ----a-w- C:\WINDOWS\SysWow64\mqoa30.tlb
2015-11-17 05:47:02 55808 ----a-w- C:\WINDOWS\SysWow64\mqoa20.tlb
2015-11-17 05:47:02 37376 ----a-w- C:\WINDOWS\SysWow64\mqoa10.tlb
2015-11-17 05:47:01 635904 ----a-w- C:\WINDOWS\SysWow64\mqsnap.dll
2015-11-17 05:47:01 14848 ----a-w- C:\WINDOWS\SysWow64\mqcertui.dll
2015-11-17 05:47:00 56320 ----a-w- C:\WINDOWS\System32\admwprox.dll
2015-11-17 05:47:00 53248 ----a-w- C:\WINDOWS\System32\ahadmin.dll
2015-11-17 05:47:00 202240 ----a-w- C:\WINDOWS\System32\iisRtl.dll
2015-11-17 05:47:00 19456 ----a-w- C:\WINDOWS\System32\iisreset.exe
2015-11-17 05:47:00 15360 ----a-w- C:\WINDOWS\System32\wamregps.dll
2015-11-17 05:47:00 13312 ----a-w- C:\WINDOWS\System32\iisrstap.dll
2015-11-13 06:55:02 35680 ----a-w- C:\WINDOWS\System32\drivers\wimmount.sys
2015-11-13 06:54:58 7476576 ----a-w- C:\WINDOWS\System32\ntoskrnl.exe
2015-11-13 06:51:54 698208 ----a-w- C:\WINDOWS\System32\wimgapi.dll
2015-11-13 06:51:18 523616 ----a-w- C:\WINDOWS\System32\wimserv.exe
2015-11-13 06:51:07 334736 ----a-w- C:\WINDOWS\System32\policymanager.dll
2015-11-13 06:43:09 2544264 ----a-w- C:\WINDOWS\System32\mfcore.dll
2015-11-13 06:43:07 586208 ----a-w- C:\WINDOWS\System32\mf.dll
2015-11-13 06:43:07 369912 ----a-w- C:\WINDOWS\System32\audiodg.exe
2015-11-13 06:43:07 110032 ----a-w- C:\WINDOWS\System32\EncDump.dll
2015-11-13 06:43:05 35656 ----a-w- C:\WINDOWS\System32\mfpmp.exe
2015-11-13 06:43:05 245848 ----a-w- C:\WINDOWS\System32\mfps.dll
2015-11-13 06:43:03 536768 ----a-w- C:\WINDOWS\System32\AudioSes.dll
2015-11-13 06:42:59 408128 ----a-w- C:\WINDOWS\System32\AUDIOKSE.dll
2015-11-13 06:42:58 516544 ----a-w- C:\WINDOWS\System32\AudioEng.dll
2015-11-13 06:42:57 88392 ----a-w- C:\WINDOWS\System32\remoteaudioendpoint.dll
2015-11-13 06:33:32 911648 ----a-w- C:\WINDOWS\System32\dcomp.dll
2015-11-13 06:33:26 92352 ----a-w- C:\WINDOWS\System32\acmigration.dll
2015-11-13 06:33:17 586080 ----a-w- C:\WINDOWS\SysWow64\wimgapi.dll
2015-11-13 06:32:40 296488 ----a-w- C:\WINDOWS\SysWow64\policymanager.dll
2015-11-13 06:21:49 2179584 ----a-w- C:\WINDOWS\SysWow64\mfcore.dll
2015-11-13 06:21:39 511320 ----a-w- C:\WINDOWS\SysWow64\mf.dll
2015-11-13 06:21:37 32040 ----a-w- C:\WINDOWS\SysWow64\mfpmp.exe
2015-11-13 06:21:35 116728 ----a-w- C:\WINDOWS\SysWow64\mfps.dll
2015-11-13 06:21:33 405048 ----a-w- C:\WINDOWS\SysWow64\AudioSes.dll
2015-11-13 06:21:31 454056 ----a-w- C:\WINDOWS\SysWow64\AudioEng.dll
2015-11-13 06:21:29 366224 ----a-w- C:\WINDOWS\SysWow64\AUDIOKSE.dll
2015-11-13 06:21:28 73360 ----a-w- C:\WINDOWS\SysWow64\remoteaudioendpoint.dll
2015-11-13 06:09:31 675064 ----a-w- C:\WINDOWS\SysWow64\dcomp.dll
2015-11-13 06:09:31 320352 ----a-w- C:\WINDOWS\apppatch\AcRes.dll
2015-11-13 06:07:39 28160 ----a-w- C:\WINDOWS\System32\Windows.Management.Provisioning.ProxyStub.dll
2015-11-13 06:06:33 1268736 ----a-w- C:\WINDOWS\System32\Windows.UI.Xaml.Resources.dll
2015-11-13 06:06:00 52736 ----a-w- C:\WINDOWS\System32\RemovableMediaProvisioningPlugin.dll
2015-11-13 06:05:46 43520 ----a-w- C:\WINDOWS\System32\bcastdvr.proxy.dll
2015-11-13 06:05:30 122368 ----a-w- C:\WINDOWS\System32\KnobsCsp.dll
2015-11-13 06:05:21 78336 ----a-w- C:\WINDOWS\System32\BarcodeProvisioningPlugin.dll
2015-11-13 06:05:19 16984064 ----a-w- C:\WINDOWS\System32\Windows.UI.Xaml.dll
2015-11-13 06:05:01 30720 ----a-w- C:\WINDOWS\System32\tetheringconfigsp.dll
2015-11-13 06:04:59 17408 ----a-w- C:\WINDOWS\System32\IcsEntitlementHost.exe
2015-11-13 06:04:54 37376 ----a-w- C:\WINDOWS\System32\LaunchWinApp.exe
2015-11-13 06:04:53 75264 ----a-w- C:\WINDOWS\System32\wwanprotdim.dll
2015-11-13 06:04:30 89600 ----a-w- C:\WINDOWS\System32\NFCProvisioningPlugin.dll
2015-11-13 06:03:12 77312 ----a-w- C:\WINDOWS\System32\ProvPluginEng.dll
2015-11-13 06:03:04 52736 ----a-w- C:\WINDOWS\System32\tetheringclient.dll
2015-11-13 06:02:34 231936 ----a-w- C:\WINDOWS\System32\KnobsCore.dll
2015-11-13 06:02:22 198656 ----a-w- C:\WINDOWS\System32\InstallAgent.exe
2015-11-13 06:01:06 192000 ----a-w- C:\WINDOWS\System32\provisioningcsp.dll
2015-11-13 06:00:34 87040 ----a-w- C:\WINDOWS\System32\tzautoupdate.dll
2015-11-13 06:00:27 56320 ----a-w- C:\WINDOWS\System32\provtool.exe
2015-11-13 06:00:22 161792 ----a-w- C:\WINDOWS\System32\DeviceCensus.exe
2015-11-13 05:59:47 86528 ----a-w- C:\WINDOWS\System32\AppCapture.dll
2015-11-13 05:58:04 162304 ----a-w- C:\WINDOWS\System32\tetheringservice.dll
2015-11-13 05:58:04 11545088 ----a-w- C:\WINDOWS\System32\twinui.dll
2015-11-13 05:57:36 543232 ----a-w- C:\WINDOWS\System32\StoreAgent.dll
2015-11-13 05:57:23 623616 ----a-w- C:\WINDOWS\System32\PhoneProviders.dll
2015-11-13 05:56:23 286208 ----a-w- C:\WINDOWS\System32\provhandlers.dll
2015-11-13 05:56:18 292352 ----a-w- C:\WINDOWS\System32\provengine.dll
2015-11-13 05:56:12 163328 ----a-w- C:\WINDOWS\System32\provops.dll
2015-11-13 05:55:55 165376 ----a-w- C:\WINDOWS\System32\provdatastore.dll
2015-11-13 05:55:38 450560 ----a-w- C:\WINDOWS\System32\Windows.Internal.Bluetooth.dll
2015-11-13 05:54:57 275456 ----a-w- C:\WINDOWS\System32\AudioEndpointBuilder.dll
2015-11-13 05:53:26 497664 ----a-w- C:\WINDOWS\System32\mfmkvsrcsnk.dll
2015-11-13 05:53:17 517632 ----a-w- C:\WINDOWS\System32\winspool.drv
2015-11-13 05:50:44 914944 ----a-w- C:\WINDOWS\System32\usermgr.dll
2015-11-13 05:50:37 1063424 ----a-w- C:\WINDOWS\System32\audiosrv.dll
2015-11-13 05:49:55 1212416 ----a-w- C:\WINDOWS\System32\wwansvc.dll
2015-11-13 05:49:25 674816 ----a-w- C:\WINDOWS\System32\Windows.UI.dll
2015-11-13 05:45:51 2587136 ----a-w- C:\WINDOWS\System32\MFMediaEngine.dll
2015-11-13 05:41:51 1268736 ----a-w- C:\WINDOWS\SysWow64\Windows.UI.Xaml.Resources.dll
2015-11-13 05:40:59 27136 ----a-w- C:\WINDOWS\SysWow64\bcastdvr.proxy.dll
2015-11-13 05:40:13 29696 ----a-w- C:\WINDOWS\SysWow64\LaunchWinApp.exe
2015-11-13 05:39:07 1998848 ----a-w- C:\WINDOWS\System32\ActiveSyncProvider.dll
2015-11-13 05:39:05 2444288 ----a-w- C:\WINDOWS\System32\twinui.appcore.dll
2015-11-13 05:38:30 13017088 ----a-w- C:\WINDOWS\SysWow64\Windows.UI.Xaml.dll
2015-11-13 05:37:27 160768 ----a-w- C:\WINDOWS\SysWow64\InstallAgent.exe
2015-11-13 05:34:44 70656 ----a-w- C:\WINDOWS\SysWow64\AppCapture.dll
2015-11-13 05:33:21 414720 ----a-w- C:\WINDOWS\System32\bcastdvr.exe
2015-11-13 05:32:14 409088 ----a-w- C:\WINDOWS\SysWow64\StoreAgent.dll
2015-11-13 05:30:28 334336 ----a-w- C:\WINDOWS\SysWow64\bcastdvr.exe
2015-11-13 05:30:17 315904 ----a-w- C:\WINDOWS\SysWow64\Windows.Internal.Bluetooth.dll
2015-11-13 05:29:34 9918976 ----a-w- C:\WINDOWS\SysWow64\twinui.dll
2015-11-13 05:28:00 382464 ----a-w- C:\WINDOWS\SysWow64\mfmkvsrcsnk.dll
2015-11-13 05:27:40 400896 ----a-w- C:\WINDOWS\SysWow64\winspool.drv
2015-11-13 05:23:47 490496 ----a-w- C:\WINDOWS\SysWow64\Windows.UI.dll
2015-11-13 05:19:04 2001408 ----a-w- C:\WINDOWS\SysWow64\twinui.appcore.dll
2015-11-13 05:17:33 2064384 ----a-w- C:\WINDOWS\SysWow64\MFMediaEngine.dll
2015-11-13 05:15:53 1707008 ----a-w- C:\WINDOWS\SysWow64\ActiveSyncProvider.dll
.
============= FINISH: 17:46:53.46 ===============

Attached Files

attach.txt (19.0 KB)

This problem is very similar to the one described in thread:
http://www.techsupportforum.com/foru...p-1046785.html

HP Pavilion g6 laptop purchased with Win8 now upgraded to Win10, running Norton Antivirus.

Norton Startup Manager lists "Windows Command Processor", and when I deselect it, it re-selects when I click on APPLY.

Win10 task manager does not show this task in the Startup list.

No noticable symptoms, but I was wondering if it was some kind of infection.

Following the advice given to the member in the thread mentioned above, I downloaded and ran FRST, then ran it again with the fixlist. The problem persists.

Any advice would be greatly appreciated.

Yeah I did a bad thing and now karma is paying me back for it. I have been cleaning up my computer but I feel like something else is still there.

I have run Malware Bytes about 4 times in the last 2 days and it has found 100+ at first and latest 11 malwares. I have run Spybot also and taken out a few things.

I'm still having issues with a misc. window popping open and giving me an message that I need to call Microsoft. Also, on Facebook I can not get Angry Birds to load. I checked to see if my flash player was installed and Adobe says it's good.

I ran Hijack this because I know in the past when I've asked for help, that is one thing that is asked of me.

Thanks for any help.

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 8:43:56 PM, on 12/3/2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)


Boot mode: Normal

Running processes:
C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreamsDownloader.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
c:\PROGRA~2\mcafee\SITEAD~1\saui.exe
C:\Users\Shelly\AppData\Local\Microsoft\Windows\INetCache\IE\J0NFYJZW\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://att.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com - Hotmail, Outlook, Skype, Bing, Latest News, Photos & Videos
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll
O2 - BHO: DVDVideoSoft.WebPageAdjuster - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - (no file)
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Intel AppUp(SM) center] "C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe" --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [CLMLServer_For_P2G8] "C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
O4 - HKLM\..\Run: [CLVirtualDrive] "C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R
O4 - HKLM\..\Run: [DelaypluginInstall] C:\ProgramData\Wondershare\Player\DelayPluginI.exe
O4 - HKLM\..\Run: [Conime] %windir%\system32\conime.exe
O4 - HKLM\..\Run: [NielsenOnline] C:\Program Files (x86)\NetRatingsNetSight\NetSight\NielsenOnline.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
O4 - HKCU\..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
O4 - HKCU\..\Run: [AppleIEDAV] C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
O4 - HKCU\..\Run: [Spybot-S&D Cleaning] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
O4 - HKCU\..\Run: [SpybotPostWindows10UpgradeReInstall] "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe"
O4 - HKCU\..\Run: [PCKeeperLive] "C:\Program Files\Essentware\PCKeeper\PCKeeper.exe" /autorun
O4 - HKUS\S-1-5-18\..\RunOnce: [KodakHomeCenter] "C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [KodakHomeCenter] "C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe" (User 'Default user')
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - (no file)
O9 - Extra 'Tools' menuitem: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - (no file)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://*.webcompanion.com
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) -
O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} (SysInfo Class) - http://content.systemrequirementslab...l_4.5.15.0.cab
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\mcafee\msc\mcsniepl.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O21 - SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\windows\SysWow64\CbFsMntNtf3.dll
O22 - SharedTaskScheduler: Virtual Storage Mount Notification - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\windows\SysWow64\CbFsMntNtf3.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AllShare Framework DMS - Samsung - C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe
O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bluetooth Device Monitor - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth OBEX Service - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Easy Launcher - Samsung Electronics CO., LTD. - C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: McAfee Home Network (HomeNetSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Wireless Bluetooth(R) 4.0 Radio Management - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Update Manager (iumsvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Kodak AiO Network Discovery Service - Eastman Kodak Company - C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe
O23 - Service: Kodak AiO Status Monitor Service - Eastman Kodak Company - C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee AP Service (McAPExe) - McAfee, Inc. - C:\Program Files\McAfee\MSC\McAPExe.exe
O23 - Service: McAfee CSP Service (mccspsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\CSP\1.6.1180.0\McCSPServiceHost.exe
O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe
O23 - Service: McAfee Platform Services (mcpltsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
O23 - Service: McAfee Service Controller (mfemms) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\windows\system32\mfevtps.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Nielsen Update (NielsenUpdate) - The Nielsen Company - C:\Program Files (x86)\NetRatingsNetSight\NetSight\NielsenUpdate.exe
O23 - Service: Norton PC Checkup Application Launcher - Symantec Corporation - C:\Program Files (x86)\Norton PC Checkup 3.0\SymcPCCULaunchSvc.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Samsung Link Service - Copyright 2013 SAMSUNG - C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: Print Spooler (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 16760 bytes

Im guessing my pc is infected...Anyone could verify it for me? The mouse moves very slow.. I cant run DDS, so i run farbar instead..

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-12-2015
Ran by Shakree Elmi (administrator) on SHAKREEPC (05-12-2015 17:39:21)
Running from C:\Users\Shakree Elmi\Desktop
Loaded Profiles: Shakree Elmi (Available Profiles: Shakree Elmi)
Platform: Windows 8.1 Pro (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices) C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(MICRO-STAR INTERNATIONAL CO., LTD.) C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(VIA Technologies, Inc.) C:\Program Files\VIA XHCI UASP Utility\usb3Monitor.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cnext.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr_im.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr\raptr_ep64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8484056 2015-06-12] (Realtek Semiconductor)
HKLM\...\Run: [ISCT Tray] => C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe [5860656 2014-08-26] (Intel Corporation)
HKLM\...\Run: [VIAxHCUtl] => C:\Program Files\VIA XHCI UASP Utility\usb3Monitor
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\cnext.exe [4859592 2015-11-18] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe [1695744 2015-12-05] (Bitdefender)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [56080 2015-12-02] (Raptr, Inc)
HKU\S-1-5-21-82547152-812739698-690536826-1002\...\Run: [Bitdefender Wallet Agent] => C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe [790880 2015-12-05] (Bitdefender)
ShellIconOverlayIdentifiers: [__SafeBox1] -> {152C96EB-288E-4EDC-B7C6-D21F8250ADF3} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll [2014-07-04] (Bitdefender)
ShellIconOverlayIdentifiers: [__SafeBox2] -> {342DAA0B-D796-460D-8566-901E08A1CCAD} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll [2014-07-04] (Bitdefender)
ShellIconOverlayIdentifiers: [__SafeBox3] -> {57595DAE-1AE1-4D97-A49E-67CBB53B52DF} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll [2014-07-04] (Bitdefender)
ShellIconOverlayIdentifiers: [__SafeBox4] -> {33816773-98AE-4723-ADE0-EBE54C8B5A67} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll [2014-07-04] (Bitdefender)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{604A1550-C69B-4C5C-8CDD-DEF2A46EC6C9}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
BHO: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll [2015-12-05] (Bitdefender)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2015-12-03] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2015-12-03] (Microsoft Corporation)
BHO-x32: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll [2015-12-05] (Bitdefender)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2015-12-03] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2015-12-03] (Microsoft Corporation)
Toolbar: HKLM - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll [2015-12-05] (Bitdefender)
Toolbar: HKLM-x32 - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll [2015-12-05] (Bitdefender)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2015-12-03] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2015-12-03] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2015-12-03] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2015-12-03] (Microsoft Corporation)

FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-11-10] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-11-10] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-12-03] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2015-12-03] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-03] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-03] (Google Inc.)
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext
FF Extension: Bitdefender Antispam Toolbar - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext [2014-12-17] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [bdwteff@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff
FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff [2014-12-17] [not signed]
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext

Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Profile: C:\Users\Shakree Elmi\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Bitdefender Wallet) - C:\Users\Shakree Elmi\AppData\Local\Google\Chrome\User Data\Default\Extensions\fabcmochhfpldjekobfaaggijgohadih [2015-12-05]
CHR Extension: (AdBlock) - C:\Users\Shakree Elmi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-12-03]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Shakree Elmi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-12-03]
CHR HKLM-x32\...\Chrome\Extension: [fabcmochhfpldjekobfaaggijgohadih] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [121856 2015-11-18] (Advanced Micro Devices) [File not signed]
S3 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender 2015\bdparentalservice.exe [78144 2014-12-09] (Bitdefender)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2776664 2015-08-16] (Microsoft Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel(R) Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [209712 2014-08-26] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [158496 2014-11-10] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 MSI_Trigger_Service; C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe [30240 2013-09-26] (MICRO-STAR INTERNATIONAL CO., LTD.)
S4 SafeBox; C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe [94624 2013-07-08] (Bitdefender)
S2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [734400 2015-08-13] (@ByELDI) [File not signed]
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe [67320 2014-10-27] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe [1545376 2015-12-05] (Bitdefender)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 amdacpksd; C:\Windows\system32\drivers\amdacpksd.sys [296648 2015-11-18] (Advanced Micro Devices)
S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-22] (Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [102912 2015-07-15] (Advanced Micro Devices)
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1369288 2015-12-05] (BitDefender)
R3 avchv; C:\Windows\system32\DRIVERS\avchv.sys [271272 2015-12-05] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [747120 2015-12-05] (BitDefender)
S0 bdelam; C:\Windows\System32\drivers\bdelam.sys [23568 2013-09-08] (Bitdefender)
R1 BdfNdisf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfndisf6.sys [98768 2015-12-05] (BitDefender LLC)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [107008 2013-07-29] (BitDefender LLC)
S3 bdfwfpf_pc; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [121928 2013-07-02] (Bitdefender SRL)
S3 BDSandBox; C:\Windows\system32\drivers\bdsandbox.sys [82824 2015-12-05] (BitDefender SRL)
R1 BDVEDISK; C:\Windows\system32\DRIVERS\bdvedisk.sys [79192 2013-07-30] (BitDefender)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [160032 2015-12-05] (BitDefender LLC)
R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [22216 2014-05-27] ()
R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [22728 2014-05-27] ()
R3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [25800 2014-05-27] ()
R3 ISCT; C:\Windows\System32\drivers\ISCTD.sys [44744 2014-05-27] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2015-12-05] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2014-11-10] (Intel Corporation)
S3 MSICDSetup; G:\Mobo Driver\CDriver64.sys [28984 2009-08-12] (Your Corporation)
S3 NTIOLib_1_0_C; G:\Mobo Driver\NTIOLib_X64.sys [11888 2011-06-29] (MSI) [File not signed]
S3 RtlWlanu; C:\Windows\system32\DRIVERS\rtwlanu.sys [3860224 2015-08-05] (Realtek Semiconductor Corporation )
R3 ScpVBus; C:\Windows\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Scarlet.Crush Productions)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [477272 2015-12-05] (BitDefender S.R.L.)
R3 VUSB3HUB; C:\Windows\System32\drivers\ViaHub3.sys [227840 2014-10-31] (VIA Technologies, Inc.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
R3 xhcdrv; C:\Windows\System32\drivers\xhcdrv.sys [305664 2014-10-31] (VIA Technologies, Inc.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-12-05 17:39 - 2015-12-05 17:39 - 00016269 _____ C:\Users\Shakree Elmi\Desktop\FRST.txt
2015-12-05 17:38 - 2015-12-05 17:39 - 00000000 ____D C:\FRST
2015-12-05 17:38 - 2015-12-05 17:38 - 02369024 _____ (Farbar) C:\Users\Shakree Elmi\Desktop\FRST64.exe
2015-12-05 17:29 - 2015-12-05 17:29 - 00000017 _____ C:\Users\Shakree Elmi\AppData\Local\resmon.resmoncfg
2015-12-05 17:18 - 2015-12-05 17:18 - 00000841 _____ C:\bdlog.txt
2015-12-05 16:47 - 2015-12-05 17:19 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-12-05 16:46 - 2015-12-05 16:46 - 00001110 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-12-05 16:46 - 2015-12-05 16:46 - 00000000 ____D C:\Users\Shakree Elmi\AppData\Temp
2015-12-05 16:46 - 2015-12-05 16:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-12-05 16:46 - 2015-12-05 16:46 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-12-05 16:46 - 2015-12-05 16:46 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-12-05 16:46 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-12-05 16:46 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-12-05 16:46 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2015-12-05 16:41 - 2015-12-05 16:41 - 00003518 _____ C:\Windows\System32\Tasks\Bitdefender Update Product Data_A17FD818A96743FAB28AC221BEB4B2C8
2015-12-05 16:41 - 2015-12-05 16:41 - 00000000 ____D C:\Program Files\Common Files\AV
2015-12-05 16:39 - 2015-12-05 16:39 - 00160032 _____ (BitDefender LLC) C:\Windows\system32\Drivers\gzflt.sys
2015-12-05 16:39 - 2015-12-05 16:39 - 00074000 _____ (BitDefender SRL) C:\Windows\system32\bdsandboxuiskin32.dll
2015-12-05 16:37 - 2015-12-05 16:37 - 00488697 _____ C:\ProgramData\1449333196.bdinstall.bin
2015-12-05 16:36 - 2015-12-05 16:36 - 00000385 _____ C:\Users\Shakree Elmi\AppData\Roaminguser_gensett.xml
2015-12-05 16:35 - 2015-12-05 16:41 - 00000000 ____D C:\Users\Shakree Elmi\AppData\Roaming\Bitdefender
2015-12-05 16:35 - 2015-12-05 16:38 - 01369288 _____ (BitDefender) C:\Windows\system32\Drivers\avc3.sys
2015-12-05 16:35 - 2015-12-05 16:38 - 00747120 _____ (BitDefender) C:\Windows\system32\Drivers\avckf.sys
2015-12-05 16:35 - 2015-12-05 16:38 - 00271272 _____ (BitDefender) C:\Windows\system32\Drivers\avchv.sys
2015-12-05 16:35 - 2015-12-05 16:38 - 00082824 _____ (BitDefender SRL) C:\Windows\system32\Drivers\bdsandbox.sys
2015-12-05 16:35 - 2015-12-05 16:35 - 00002209 _____ C:\Users\Public\Desktop\Bitdefender Total Security 2015.lnk
2015-12-05 16:35 - 2015-12-05 16:35 - 00000385 _____ C:\Windows\system32\user_gensett.xml
2015-12-05 16:35 - 2015-12-05 16:35 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_avchv_01009.Wdf
2015-12-05 16:35 - 2015-12-05 16:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2015
2015-12-05 16:35 - 2015-12-05 16:35 - 00000000 ____D C:\ProgramData\BDLogging
2015-12-05 16:35 - 2014-12-02 16:37 - 00074000 _____ (BitDefender SRL) C:\Windows\SysWOW64\bdsandboxuiskin32.dll
2015-12-05 16:35 - 2013-11-19 14:44 - 00098768 _____ (BitDefender LLC) C:\Windows\system32\Drivers\bdfndisf6.sys
2015-12-05 16:35 - 2013-09-08 20:04 - 00023568 _____ (Bitdefender) C:\Windows\system32\Drivers\bdelam.sys
2015-12-05 16:35 - 2013-07-30 18:41 - 00079192 _____ (BitDefender) C:\Windows\system32\Drivers\bdvedisk.sys
2015-12-05 16:35 - 2009-07-14 14:21 - 01721576 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01009.dll
2015-12-05 16:35 - 2007-04-11 11:11 - 00511328 _____ (Microsoft Corporation) C:\Windows\capicom.dll
2015-12-05 16:33 - 2015-12-05 16:38 - 00477272 _____ (BitDefender S.R.L.) C:\Windows\system32\Drivers\trufos.sys
2015-12-05 16:33 - 2015-12-05 16:38 - 00084848 _____ (BitDefender SRL) C:\Windows\system32\bdsandboxuiskin.dll
2015-12-05 16:33 - 2015-12-05 16:38 - 00033360 _____ (BitDefender SRL) C:\Windows\system32\bdsandboxuh.dll
2015-12-05 16:33 - 2015-12-05 16:35 - 00000000 ____D C:\ProgramData\Bitdefender
2015-12-05 16:33 - 2015-12-05 16:35 - 00000000 ____D C:\Program Files\Bitdefender
2015-12-05 16:33 - 2015-12-05 16:33 - 00000000 ____D C:\Users\Shakree Elmi\AppData\Roaming\QuickScan
2015-12-05 16:33 - 2015-12-05 16:33 - 00000000 ____D C:\Program Files\Common Files\Bitdefender
2015-12-05 02:41 - 2015-12-05 02:41 - 00000000 ____D C:\Users\Shakree Elmi\Documents\My Cheat Tables
2015-12-04 21:20 - 2015-12-05 03:46 - 00000000 ____D C:\Users\Shakree Elmi\Documents\The Witcher 3
2015-12-04 12:29 - 2015-12-04 21:20 - 00000937 _____ C:\Users\Public\Desktop\The Witcher 3 - Wild Hunt.lnk
2015-12-04 01:17 - 2015-12-04 01:17 - 00000000 ____D C:\ProgramData\DSDCS
2015-12-04 01:15 - 2015-12-04 01:17 - 00000000 ____D C:\Users\Shakree Elmi\AppData\Roaming\InputMapper
2015-12-04 01:15 - 2015-12-04 01:15 - 00001806 _____ C:\Users\Public\Desktop\InputMapper.lnk
2015-12-04 01:15 - 2015-12-04 01:15 - 00000000 ____D C:\Users\Shakree Elmi\AppData\Roaming\DSDCS
2015-12-04 01:15 - 2015-12-04 01:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InputMapper
2015-12-04 01:15 - 2015-12-04 01:15 - 00000000 ____D C:\ProgramData\Caphyon
2015-12-04 01:07 - 2015-12-04 01:07 - 00000000 ____D C:\Users\Shakree Elmi\AppData\Local\Criterion Games
2015-12-04 01:06 - 2015-12-04 01:06 - 00001084 _____ C:\Users\Public\Desktop\Burnout Paradise - The Ultimate Box.lnk
2015-12-04 01:06 - 2015-12-04 01:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-12-04 00:39 - 2015-12-04 00:39 - 00000000 ____D C:\Users\Shakree Elmi\Documents\My Games
2015-12-04 00:39 - 2015-12-04 00:39 - 00000000 ____D C:\Users\Shakree Elmi\AppData\Roaming\Steam
2015-12-04 00:39 - 2015-12-04 00:39 - 00000000 ____D C:\Users\Shakree Elmi\AppData\Local\Fallout4
2015-12-04 00:18 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2015-12-04 00:18 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2015-12-04 00:18 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2015-12-04 00:18 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2015-12-04 00:18 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2015-12-04 00:18 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2015-12-04 00:18 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2015-12-04 00:18 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2015-12-04 00:18 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2015-12-04 00:18 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2015-12-04 00:18 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2015-12-04 00:18 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2015-12-04 00:18 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2015-12-04 00:18 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2015-12-04 00:18 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2015-12-04 00:18 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2015-12-04 00:18 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2015-12-04 00:18 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2015-12-04 00:18 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2015-12-04 00:18 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2015-12-04 00:18 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2015-12-04 00:18 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2015-12-04 00:18 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2015-12-04 00:18 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2015-12-04 00:18 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2015-12-04 00:18 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2015-12-04 00:18 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2015-12-04 00:18 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2015-12-04 00:18 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2015-12-04 00:18 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2015-12-04 00:18 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2015-12-04 00:18 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2015-12-04 00:18 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2015-12-04 00:18 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2015-12-04 00:18 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2015-12-04 00:18 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2015-12-04 00:18 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2015-12-04 00:18 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2015-12-04 00:18 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2015-12-04 00:18 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2015-12-04 00:18 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2015-12-04 00:18 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2015-12-04 00:18 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2015-12-04 00:18 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2015-12-04 00:18 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2015-12-04 00:18 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2015-12-04 00:18 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2015-12-04 00:18 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2015-12-04 00:18 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2015-12-04 00:18 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2015-12-04 00:18 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2015-12-04 00:18 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2015-12-04 00:18 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2015-12-04 00:18 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2015-12-04 00:18 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2015-12-04 00:18 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2015-12-04 00:18 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2015-12-04 00:18 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2015-12-04 00:18 - 2008-10-10 04:52 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2015-12-04 00:18 - 2008-10-10 04:52 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2015-12-04 00:18 - 2008-10-10 04:52 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2015-12-04 00:18 - 2008-10-10 04:52 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2015-12-04 00:18 - 2008-10-10 04:52 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2015-12-04 00:18 - 2008-10-10 04:52 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2015-12-04 00:18 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2015-12-04 00:18 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2015-12-04 00:18 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2015-12-04 00:18 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2015-12-04 00:18 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2015-12-04 00:18 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2015-12-04 00:18 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2015-12-04 00:18 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2015-12-04 00:18 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2015-12-04 00:18 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2015-12-04 00:18 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2015-12-04 00:18 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2015-12-04 00:18 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2015-12-04 00:18 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2015-12-04 00:18 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2015-12-04 00:18 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2015-12-04 00:18 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2015-12-04 00:18 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2015-12-04 00:18 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2015-12-04 00:18 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2015-12-04 00:18 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2015-12-04 00:18 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2015-12-04 00:18 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2015-12-04 00:18 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2015-12-04 00:18 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2015-12-04 00:18 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2015-12-04 00:18 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2015-12-04 00:18 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2015-12-04 00:18 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2015-12-04 00:18 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2015-12-04 00:18 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2015-12-04 00:18 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2015-12-04 00:18 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2015-12-04 00:18 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2015-12-04 00:18 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2015-12-04 00:18 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2015-12-04 00:18 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2015-12-04 00:18 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2015-12-04 00:18 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2015-12-04 00:18 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2015-12-04 00:18 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2015-12-04 00:18 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2015-12-04 00:18 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2015-12-04 00:18 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2015-12-04 00:18 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2015-12-04 00:18 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2015-12-04 00:18 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2015-12-04 00:18 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2015-12-04 00:18 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2015-12-04 00:18 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2015-12-04 00:18 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2015-12-04 00:18 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2015-12-04 00:18 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2015-12-04 00:18 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2015-12-04 00:18 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2015-12-04 00:18 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2015-12-04 00:18 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2015-12-04 00:18 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2015-12-04 00:18 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2015-12-04 00:18 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2015-12-04 00:18 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2015-12-04 00:18 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2015-12-04 00:18 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2015-12-04 00:18 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2015-12-04 00:18 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2015-12-04 00:18 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2015-12-04 00:18 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2015-12-04 00:18 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2015-12-04 00:18 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2015-12-04 00:18 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2015-12-04 00:18 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2015-12-04 00:18 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2015-12-04 00:18 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2015-12-04 00:18 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2015-12-04 00:18 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2015-12-04 00:18 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2015-12-04 00:18 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2015-12-04 00:18 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2015-12-04 00:18 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2015-12-04 00:18 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2015-12-04 00:18 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2015-12-04 00:18 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2015-12-04 00:18 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2015-12-04 00:18 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2015-12-04 00:18 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2015-12-04 00:18 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2015-12-04 00:18 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2015-12-04 00:18 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2015-12-04 00:18 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2015-12-04 00:18 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2015-12-04 00:18 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2015-12-04 00:18 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2015-12-04 00:18 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2015-12-04 00:18 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2015-12-04 00:18 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2015-12-04 00:18 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2015-12-04 00:18 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2015-12-04 00:18 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2015-12-04 00:18 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2015-12-04 00:18 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2015-12-04 00:18 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2015-12-04 00:18 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2015-12-04 00:18 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2015-12-04 00:18 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2015-12-04 00:18 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2015-12-04 00:18 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2015-12-04 00:18 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2015-12-04 00:18 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2015-12-04 00:18 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2015-12-04 00:18 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2015-12-04 00:18 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2015-12-04 00:18 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2015-12-04 00:17 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2015-12-04 00:17 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2015-12-04 00:17 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2015-12-04 00:17 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2015-12-04 00:09 - 2015-12-04 00:09 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2015-12-04 00:08 - 2015-12-04 00:08 - 00002324 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-82547152-812739698-690536826-500
2015-12-03 23:15 - 2015-12-04 00:18 - 00000000 ____D C:\Windows\SysWOW64\directx
2015-12-03 23:15 - 2015-12-03 23:15 - 00000817 _____ C:\Users\Shakree Elmi\Desktop\Fallout 4.lnk
2015-12-03 23:15 - 2015-12-03 23:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\by.xatab
2015-12-03 21:57 - 2015-12-03 21:57 - 00000000 ____D C:\Users\Shakree Elmi\AppData\Roaming\TVMC
2015-12-03 21:49 - 2015-12-05 17:32 - 00000000 ____D C:\Users\Shakree Elmi\Documents\YEAR 3
2015-12-03 21:37 - 2015-12-03 21:37 - 00000000 ____D C:\Users\Shakree Elmi\AppData\Roaming\Macromedia
2015-12-03 21:32 - 2015-12-03 22:49 - 00000000 ____D C:\Users\Shakree Elmi\AppData\Roaming\Kodi
2015-12-03 21:32 - 2015-12-03 21:32 - 00000000 ____D C:\Users\Shakree Elmi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kodi
2015-12-03 21:32 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2015-12-03 21:32 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2015-12-03 17:49 - 2015-10-13 17:10 - 00559616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-12-03 17:49 - 2015-10-13 17:10 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-12-03 17:49 - 2015-09-24 17:51 - 00130560 _____ (Microsoft Corporation) C:\Windows\system32\BdeHdCfg.exe
2015-12-03 17:49 - 2015-09-24 17:38 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\BdeHdCfgLib.dll
2015-12-03 17:49 - 2015-09-24 17:30 - 00322048 _____ (Microsoft Corporation) C:\Windows\system32\fvecpl.dll
2015-12-03 17:49 - 2015-09-24 16:42 - 00348672 _____ (Microsoft Corporation) C:\Windows\system32\bdesvc.dll
2015-12-03 17:49 - 2015-09-24 16:40 - 00737280 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2015-12-03 17:48 - 2015-10-15 16:08 - 00990208 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-12-03 17:48 - 2015-10-15 15:46 - 00803328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-12-03 17:48 - 2015-10-14 23:02 - 07455064 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-12-03 17:48 - 2015-10-14 23:02 - 01659560 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-12-03 17:48 - 2015-10-14 23:02 - 01519592 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-12-03 17:48 - 2015-10-14 23:02 - 01487008 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-12-03 17:48 - 2015-10-14 23:02 - 01355848 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-12-03 17:48 - 2015-10-13 15:59 - 00397224 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2015-12-03 17:48 - 2015-10-13 15:59 - 00340872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2015-12-03 17:48 - 2015-10-13 15:59 - 00137960 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-12-03 17:48 - 2015-10-13 15:59 - 00120376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-12-03 17:48 - 2015-10-13 15:59 - 00106952 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll
2015-12-03 17:48 - 2015-10-13 15:59 - 00091416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
2015-12-03 17:48 - 2015-10-11 06:36 - 00561952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-12-03 17:48 - 2015-10-11 06:36 - 00177496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-12-03 17:48 - 2015-10-10 18:40 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-12-03 17:48 - 2015-10-10 18:39 - 00401408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-12-03 17:48 - 2015-10-10 18:07 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-12-03 17:48 - 2015-10-10 17:33 - 01441280 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-12-03 17:48 - 2015-10-10 17:27 - 00432640 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-12-03 17:48 - 2015-10-10 17:11 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-12-03 17:48 - 2015-10-10 16:45 - 00359424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-12-03 17:48 - 2015-09-29 12:24 - 00155480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tpm.sys
2015-12-03 17:48 - 2015-09-12 13:47 - 00414559 _____ C:\Windows\system32\ApnDatabase.xml
2015-12-03 17:48 - 2015-09-07 16:22 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2015-12-03 17:48 - 2015-09-07 16:21 - 00825856 _____ (Microsoft Corporation) C:\Windows\system32\pmcsnap.dll
2015-12-03 17:48 - 2015-09-07 16:17 - 00260096 _____ (Microsoft Corporation) C:\Windows\system32\ppcsnap.dll
2015-12-03 17:48 - 2015-09-07 15:54 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2015-12-03 17:48 - 2015-09-07 15:30 - 01091584 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2015-12-03 17:48 - 2015-09-04 19:24 - 00154112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tunnel.sys
2015-12-03 17:48 - 2015-08-28 22:20 - 00183368 _____ (Microsoft Corporation) C:\Windows\system32\AuthHost.exe
2015-12-03 17:48 - 2015-08-27 02:43 - 22372152 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-12-03 17:48 - 2015-08-27 02:42 - 19795904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-12-03 17:48 - 2015-08-20 20:45 - 01380048 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-12-03 17:48 - 2015-08-20 17:48 - 01096704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-12-03 17:48 - 2015-08-07 21:40 - 01736520 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-12-03 17:48 - 2015-08-07 21:40 - 01499920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-12-03 17:48 - 2015-08-07 21:40 - 01134752 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-12-03 17:48 - 2015-08-07 21:40 - 00686960 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-12-03 17:48 - 2015-08-07 21:40 - 00507176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-12-03 17:48 - 2015-08-07 14:13 - 00862720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-12-03 17:48 - 2015-08-06 17:05 - 00669184 _____ (Microsoft Corporation) C:\Windows\system32\hhctrl.ocx
2015-12-03 17:48 - 2015-08-06 16:47 - 04710400 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2015-12-03 17:48 - 2015-08-06 16:37 - 00536576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hhctrl.ocx
2015-12-03 17:48 - 2015-08-06 16:18 - 04068352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2015-12-03 17:47 - 2015-10-30 23:46 - 25818624 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-12-03 17:47 - 2015-10-30 23:25 - 02886656 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-12-03 17:47 - 2015-10-30 23:24 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-12-03 17:47 - 2015-10-30 23:11 - 05990912 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-12-03 17:47 - 2015-10-30 23:11 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-12-03 17:47 - 2015-10-30 22:52 - 20331520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-12-03 17:47 - 2015-10-30 22:47 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-12-03 17:47 - 2015-10-30 22:42 - 02279936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-12-03 17:47 - 2015-10-30 22:39 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-12-03 17:47 - 2015-10-30 22:36 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-12-03 17:47 - 2015-10-30 22:32 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-12-03 17:47 - 2015-10-30 22:31 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-12-03 17:47 - 2015-10-30 22:22 - 14457856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-12-03 17:47 - 2015-10-30 22:17 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-12-03 17:47 - 2015-10-30 22:16 - 04527616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-12-03 17:47 - 2015-10-30 22:14 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-12-03 17:47 - 2015-10-30 22:10 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-12-03 17:47 - 2015-10-30 22:09 - 12854272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-12-03 17:47 - 2015-10-30 22:04 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-12-03 17:47 - 2015-10-30 21:53 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-12-03 17:47 - 2015-10-30 21:51 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-12-03 17:47 - 2015-10-30 21:48 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-12-03 17:47 - 2015-10-30 21:46 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-12-03 17:47 - 2015-10-17 14:19 - 04176384 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-12-03 17:47 - 2015-10-08 16:08 - 01083904 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2015-12-03 17:47 - 2015-09-19 03:18 - 00035384 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-12-03 17:47 - 2015-09-18 13:42 - 01290752 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-12-03 17:47 - 2015-09-18 13:42 - 01163776 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-12-03 17:47 - 2015-09-18 13:42 - 00766464 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-12-03 17:47 - 2015-09-18 13:42 - 00699904 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-12-03 17:47 - 2015-09-18 13:42 - 00503296 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-12-03 17:47 - 2015-09-18 13:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-12-03 17:47 - 2015-09-10 17:18 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-12-03 17:47 - 2015-09-10 17:06 - 00616960 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-12-03 17:47 - 2015-09-10 16:51 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-12-03 17:47 - 2015-09-10 16:37 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-12-03 17:47 - 2015-09-10 16:37 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-12-03 17:47 - 2015-09-10 16:35 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-12-03 17:47 - 2015-09-10 16:28 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-12-03 17:47 - 2015-09-10 16:21 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-12-03 17:47 - 2015-09-10 16:19 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-12-03 17:47 - 2015-09-10 16:17 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-12-03 17:47 - 2015-09-10 16:17 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-12-03 17:47 - 2015-09-10 16:07 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-12-03 17:47 - 2015-09-10 16:05 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-12-03 17:47 - 2015-09-10 15:57 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-12-03 17:47 - 2015-09-10 15:55 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-12-03 17:47 - 2015-09-10 15:55 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-12-03 17:47 - 2015-08-10 18:15 - 00845312 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2015-12-03 17:47 - 2015-08-10 18:06 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2015-12-03 17:47 - 2015-08-10 17:49 - 00713216 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2015-12-03 17:47 - 2015-08-10 16:56 - 00272384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2015-12-03 17:47 - 2015-08-10 16:46 - 00561664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2015-12-03 17:47 - 2015-07-16 18:58 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\NcdAutoSetup.dll
2015-12-03 17:37 - 2015-12-03 17:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Data Recovery Wizard
2015-12-03 17:37 - 2015-12-03 17:37 - 00000000 ____D C:\Program Files\EaseUS
2015-12-03 17:32 - 2015-12-03 17:32 - 00000000 ____D C:\Users\Shakree Elmi\AppData\Roaming\WinRAR
2015-12-03 17:32 - 2015-12-03 17:32 - 00000000 ____D C:\Users\Shakree Elmi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-12-03 17:32 - 2015-12-03 17:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-12-03 17:32 - 2015-12-03 17:32 - 00000000 ____D C:\Program Files\WinRAR
2015-12-03 17:31 - 2015-12-03 17:31 - 00000000 ____D C:\Users\Shakree Elmi\AppData\Local\MSfree Inc
2015-12-03 17:29 - 2015-12-04 14:37 - 00003112 _____ C:\Windows\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-82547152-812739698-690536826-1002
2015-12-03 17:29 - 2015-12-04 14:37 - 00000000 ___RD C:\Users\Shakree Elmi\OneDrive
2015-12-03 17:29 - 2015-12-03 17:29 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2015-12-03 17:29 - 2015-07-17 13:51 - 00984448 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2015-12-03 17:29 - 2015-07-17 13:51 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2015-12-03 17:29 - 2015-07-17 13:51 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2015-12-03 17:29 - 2015-07-17 13:51 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2015-12-03 17:29 - 2015-07-17 13:51 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2015-12-03 17:29 - 2015-07-17 13:51 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2015-12-03 17:29 - 2015-07-17 13:51 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2015-12-03 17:29 - 2015-07-17 13:51 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2015-12-03 17:29 - 2015-07-17 13:51 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2015-12-03 17:29 - 2015-07-17 13:51 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2015-12-03 17:29 - 2015-07-17 13:51 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2015-12-03 17:29 - 2015-07-17 13:51 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2015-12-03 17:29 - 2015-07-17 13:51 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2015-12-03 17:29 - 2015-07-17 13:51 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2015-12-03 17:29 - 2015-07-17 13:51 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2015-12-03 17:29 - 2015-07-17 13:51 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2015-12-03 17:29 - 2015-07-17 13:47 - 00901264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2015-12-03 17:29 - 2015-07-17 13:47 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2015-12-03 17:29 - 2015-07-17 13:47 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2015-12-03 17:29 - 2015-07-17 13:47 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2015-12-03 17:29 - 2015-07-17 13:47 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2015-12-03 17:29 - 2015-07-17 13:47 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2015-12-03 17:29 - 2015-07-17 13:47 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2015-12-03 17:29 - 2015-07-17 13:47 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2015-12-03 17:29 - 2015-07-17 13:47 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2015-12-03 17:29 - 2015-07-17 13:47 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2015-12-03 17:29 - 2015-07-17 13:47 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2015-12-03 17:29 - 2015-07-17 13:47 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2015-12-03 17:29 - 2015-07-17 13:47 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2015-12-03 17:29 - 2015-07-17 13:47 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2015-12-03 17:29 - 2015-07-17 13:47 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2015-12-03 17:29 - 2015-07-17 13:47 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2015-12-03 17:22 - 2015-12-03 17:22 - 00001182 _____ C:\Users\Shakree Elmi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CNext.lnk
2015-12-03 17:21 - 2015-12-03 17:21 - 00002477 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
2015-12-03 17:21 - 2015-12-03 17:21 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business 2016.lnk
2015-12-03 17:21 - 2015-12-03 17:21 - 00002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2015-12-03 17:21 - 2015-12-03 17:21 - 00002435 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2015-12-03 17:21 - 2015-12-03 17:21 - 00002399 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2015-12-03 17:21 - 2015-12-03 17:21 - 00002398 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2015-12-03 17:21 - 2015-12-03 17:21 - 00002392 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2015-12-03 17:21 - 2015-12-03 17:21 - 00002386 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2015-12-03 17:21 - 2015-12-03 17:21 - 00002378 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2015-12-03 17:21 - 2015-12-03 17:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016 Tools
2015-12-03 17:19 - 2015-12-04 00:40 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2015-12-03 17:19 - 2015-12-03 17:19 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-12-03 17:16 - 2015-12-03 17:16 - 00004238 _____ C:\Windows\System32\Tasks\AMD Updater
2015-12-03 17:16 - 2015-12-03 17:16 - 00000000 ____D C:\Users\Shakree Elmi\AppData\Roaming\library_dir
2015-12-03 17:16 - 2015-12-03 17:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Gaming Evolved
2015-12-03 17:15 - 2015-12-05 17:20 - 00000000 ____D C:\Users\Shakree Elmi\AppData\Roaming\Raptr
2015-12-03 17:15 - 2015-12-03 17:16 - 00000000 ____D C:\Program Files (x86)\Raptr
2015-12-03 17:15 - 2015-12-03 17:15 - 00000000 ____D C:\Users\Shakree Elmi\AppData\Local\AMD
2015-12-03 17:15 - 2015-12-03 17:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings
2015-12-03 17:15 - 2015-12-03 17:15 - 00000000 ____D C:\Program Files (x86)\AMD
2015-12-03 17:14 - 2015-12-05 17:18 - 00065536 _____ C:\Windows\system32\spu_storage.bin
2015-12-03 17:14 - 2015-12-03 17:14 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies
2015-12-03 17:14 - 2015-12-03 17:14 - 00000000 _____ C:\Windows\ativpsrm.bin
2015-12-03 17:12 - 2015-12-03 17:15 - 00000000 ____D C:\Program Files\AMD
2015-12-03 17:12 - 2015-12-03 17:12 - 00000000 ____D C:\AMD
2015-12-03 16:41 - 2015-12-03 16:41 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_INETMON_01011.Wdf
2015-12-03 16:41 - 2014-05-27 19:21 - 00025800 _____ C:\Windows\system32\Drivers\INETMON.sys
2015-12-03 16:40 - 2015-12-03 16:40 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2015-12-03 16:39 - 2015-12-05 17:37 - 00000926 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-03 16:39 - 2015-12-05 17:19 - 00000922 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-03 16:39 - 2015-12-03 21:32 - 00003898 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-03 16:39 - 2015-12-03 21:32 - 00003662 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-12-03 16:39 - 2015-12-03 21:26 - 00002271 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-12-03 16:39 - 2015-12-03 16:41 - 00000000 ____D C:\ProgramData\Intel
2015-12-03 16:39 - 2015-12-03 16:39 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2015-12-03 16:39 - 2015-12-03 16:39 - 00000000 ____D C:\Users\Shakree Elmi\Intel
2015-12-03 16:39 - 2015-12-03 16:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2015-12-03 16:39 - 2015-12-03 16:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-12-03 16:39 - 2015-12-03 16:39 - 00000000 ____D C:\Program Files\VIA XHCI UASP Utility
2015-12-03 16:39 - 2015-12-03 16:39 - 00000000 ____D C:\Program Files (x86)\VIA
2015-12-03 16:39 - 2015-12-03 16:39 - 00000000 ____D C:\Program Files (x86)\Intel
2015-12-03 16:39 - 2014-10-31 18:43 - 00305664 _____ (VIA Technologies, Inc.) C:\Windows\system32\Drivers\xhcdrv.sys
2015-12-03 16:39 - 2014-10-31 18:43 - 00227840 _____ (VIA Technologies, Inc.) C:\Windows\system32\Drivers\ViaHub3.sys
2015-12-03 16:39 - 2013-01-18 11:11 - 00086064 _____ (VIA Technologies, Inc.) C:\Windows\system32\Drivers\vusbstor.sys
2015-12-03 16:38 - 2015-12-03 22:10 - 00000000 ____D C:\Users\Shakree Elmi\AppData\Local\Google
2015-12-03 16:38 - 2015-12-03 16:39 - 00000000 ____D C:\Program Files (x86)\Google
2015-12-03 16:38 - 2015-12-03 16:38 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2015-12-03 16:38 - 2015-12-03 16:38 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2015-12-03 16:38 - 2015-12-03 16:38 - 00000000 ____D C:\Windows\system32\DAX2
2015-12-03 16:38 - 2015-12-03 16:38 - 00000000 ____D C:\Program Files\Realtek
2015-12-03 16:38 - 2015-06-15 13:41 - 02808859 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2015-12-03 16:38 - 2015-06-15 12:58 - 04493528 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2015-12-03 16:38 - 2015-06-15 09:39 - 01748184 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2015-12-03 16:38 - 2015-06-11 11:40 - 03157796 _____ C:\Windows\system32\Drivers\rtkSSTsetting.dat
2015-12-03 16:38 - 2015-06-09 03:17 - 05708736 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICV2apo.dll
2015-12-03 16:38 - 2015-06-05 05:45 - 02848472 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2015-12-03 16:38 - 2015-06-05 05:45 - 02531544 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RltkAPO.dll
2015-12-03 16:38 - 2015-05-26 03:59 - 00166616 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2015-12-03 16:38 - 2015-05-20 08:14 - 03234520 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2015-12-03 16:38 - 2015-05-18 06:47 - 02702040 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2015-12-03 16:38 - 2015-05-15 11:27 - 02918104 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2015-12-03 16:38 - 2015-05-15 08:32 - 01316056 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2015-12-03 16:38 - 2015-05-11 10:53 - 12996528 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO3064.dll
2015-12-03 16:38 - 2015-05-11 05:08 - 00980400 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO2064.dll
2015-12-03 16:38 - 2015-04-23 21:42 - 00858256 _____ (Sound Research, Corp.) C:\Windows\system32\SEHDRA64.dll
2015-12-03 16:38 - 2015-04-23 21:42 - 00684176 _____ (Sound Research, Corp.) C:\Windows\system32\SECOMN64.dll
2015-12-03 16:38 - 2015-04-23 21:42 - 00435856 _____ (Sound Research, Corp.) C:\Windows\system32\SEAPO64.dll
2015-12-03 16:38 - 2015-04-23 21:41 - 00555664 _____ (Sound Research, Corp.) C:\Windows\SysWOW64\SECOMN32.DLL
2015-12-03 16:38 - 2015-04-13 08:25 - 03262184 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE2.dll
2015-12-03 16:38 - 2015-02-05 09:48 - 12834736 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO4064.dll
2015-12-03 16:38 - 2015-02-03 16:38 - 01413776 _____ (Synopsys, Inc.) C:\Windows\system32\SRRPTR64.dll
2015-12-03 16:38 - 2015-02-03 16:38 - 00454288 _____ (Synopsys, Inc.) C:\Windows\system32\SRAPO64.dll
2015-12-03 16:38 - 2015-02-03 16:38 - 00369296 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM64.dll
2015-12-03 16:38 - 2015-02-03 16:38 - 00329360 _____ (Synopsys, Inc.) C:\Windows\SysWOW64\SRCOM.dll
2015-12-03 16:38 - 2015-02-03 16:38 - 00329360 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM.dll
2015-12-03 16:38 - 2015-01-23 10:16 - 00213432 _____ (TOSHIBA Corporation) C:\Windows\system32\tossaemaxapo64.dll
2015-12-03 16:38 - 2015-01-19 10:10 - 72113152 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2015-12-03 16:38 - 2014-12-11 00:10 - 01104040 _____ (SRS Labs, Inc.) C:\Windows\system32\slcnt64.dll
2015-12-03 16:38 - 2014-12-11 00:10 - 00943784 _____ (DTS, Inc.) C:\Windows\system32\sl3apo64.dll
2015-12-03 16:38 - 2014-12-11 00:10 - 00734376 _____ (DTS, Inc.) C:\Windows\system32\sltech64.dll
2015-12-03 16:38 - 2014-12-11 00:10 - 00250536 _____ (TODO: <Company name>) C:\Windows\system32\slprp64.dll
2015-12-03 16:38 - 2014-11-11 05:44 - 00631000 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2015-12-03 16:38 - 2014-10-24 02:12 - 05234952 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOlfx.dll
2015-12-03 16:38 - 2014-10-24 02:12 - 00995120 _____ (Nahimic Inc) C:\Windows\system32\NahimicAPONSControl.dll
2015-12-03 16:38 - 2014-08-14 11:16 - 05804772 _____ C:\Windows\system32\Drivers\rtvienna.dat
2015-12-03 16:38 - 2014-06-17 11:17 - 00856992 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll
2015-12-03 16:38 - 2014-04-10 04:19 - 02101848 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll
2015-12-03 16:38 - 2014-02-27 12:02 - 02162992 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE.dll
2015-12-03 16:38 - 2014-01-31 09:27 - 01313904 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxSpeechAPO64.dll
2015-12-03 16:38 - 2013-10-11 03:31 - 00947760 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2015-12-03 16:38 - 2013-08-14 07:36 - 00662784 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2015-12-03 16:38 - 2013-07-23 07:39 - 14048512 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek64.dll
2015-12-03 16:38 - 2013-06-25 04:47 - 00871856 _____ (TOSHIBA Corporation) C:\Windows\system32\tossaeapo64.dll
2015-12-03 16:38 - 2013-06-25 04:47 - 00162224 _____ (TOSHIBA Corporation) C:\Windows\system32\toseaeapo64.dll
2015-12-03 16:38 - 2013-06-25 04:46 - 00582056 _____ (TOSHIBA Corporation) C:\Windows\system32\tosasfapo64.dll
2015-12-03 16:38 - 2013-04-03 06:13 - 00906800 _____ (Sony Corporation) C:\Windows\system32\MISS_APO.dll
2015-12-03 16:38 - 2012-08-31 11:18 - 07164176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll
2015-12-03 16:38 - 2012-08-31 11:17 - 00434960 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
2015-12-03 16:38 - 2012-08-31 11:17 - 00141584 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
2015-12-03 16:38 - 2012-08-31 11:17 - 00124176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2015-12-03 16:38 - 2012-08-31 11:17 - 00075024 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll
2015-12-03 16:38 - 2012-01-10 02:20 - 00065944 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\tepeqapo64.dll
2015-12-03 16:38 - 2011-12-20 07:32 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2015-12-03 16:38 - 2011-11-22 08:28 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2015-12-03 16:38 - 2011-09-02 06:21 - 00221024 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll
2015-12-03 16:38 - 2011-09-02 06:21 - 00081248 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll
2015-12-03 16:38 - 2011-09-02 06:21 - 00078688 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll
2015-12-03 16:38 - 2011-03-17 04:17 - 01361336 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll
2015-12-03 16:38 - 2011-03-07 09:11 - 00148416 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll
2015-12-03 16:38 - 2010-11-07 23:31 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2015-12-03 16:38 - 2010-11-07 23:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2015-12-03 16:38 - 2010-11-07 23:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2015-12-03 16:38 - 2010-11-07 23:31 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2015-12-03 16:38 - 2010-11-07 23:31 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2015-12-03 16:38 - 2010-11-07 23:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2015-12-03 16:38 - 2010-07-22 08:48 - 00074064 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll
2015-12-03 16:38 - 2009-11-24 01:55 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2015-12-03 16:38 - 2009-11-24 01:55 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2015-12-03 16:38 - 2009-11-24 01:55 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2015-12-03 16:38 - 2009-11-24 01:55 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2015-12-03 16:37 - 2015-12-03 16:38 - 00000000 ___HD C:\Program Files (x86)\Temp
2015-12-03 16:37 - 2015-06-10 05:20 - 03129672 _____ (Intel Corporation) C:\Windows\system32\IntelSSTAPO.dll
2015-12-03 16:37 - 2015-06-10 05:20 - 00728392 _____ (Intel Corporation) C:\Windows\system32\IntelSstCApoPropPage.dll
2015-12-03 16:37 - 2015-06-02 11:25 - 01576976 _____ (Conexant Systems Inc.) C:\Windows\system32\CX64APO.dll
2015-12-03 16:37 - 2015-05-27 10:51 - 02461016 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOv211.dll
2015-12-03 16:37 - 2015-05-27 10:51 - 02393432 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOv201.dll
2015-12-03 16:37 - 2015-05-27 10:51 - 00944984 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOProp.dll
2015-12-03 16:37 - 2015-05-27 10:51 - 00349528 _____ (Dolby Laboratories) C:\Windows\system32\HiFiDAX2API.dll
2015-12-03 16:37 - 2015-05-27 09:38 - 02825944 _____ (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2015-12-03 16:37 - 2015-05-25 07:18 - 03195416 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2015-12-03 16:37 - 2015-05-11 05:08 - 01374640 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO6064.dll
2015-12-03 16:37 - 2015-05-11 05:08 - 01192368 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO5064.dll
2015-12-03 16:37 - 2015-05-11 05:08 - 01145264 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO4064.dll
2015-12-03 16:37 - 2015-04-27 08:09 - 00328816 _____ (ICEpower a/s) C:\Windows\system32\ICEsoundAPO64.dll
2015-12-03 16:37 - 2015-02-05 09:48 - 02789808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO7064.dll
2015-12-03 16:37 - 2014-11-04 05:42 - 06242576 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64AF3.dll
2015-12-03 16:37 - 2014-11-04 05:42 - 01933584 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64AF3.dll
2015-12-03 16:37 - 2014-11-04 05:42 - 00336144 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64AF3.dll
2015-12-03 16:37 - 2014-11-04 05:42 - 00284944 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64F3.dll
2015-12-03 16:37 - 2014-09-24 03:31 - 07087448 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll
2015-12-03 16:37 - 2014-09-24 03:31 - 01939800 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll
2015-12-03 16:37 - 2014-09-24 03:31 - 00315736 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll
2015-12-03 16:37 - 2014-09-24 03:31 - 00261464 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll
2015-12-03 16:37 - 2014-06-09 02:59 - 00560328 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2015-12-03 16:37 - 2014-05-22 08:24 - 00096568 _____ C:\Windows\system32\audioLibVc.dll
2015-12-03 16:37 - 2014-04-10 04:19 - 02041432 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2015-12-03 16:37 - 2013-10-11 04:47 - 00113576 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2015-12-03 16:37 - 2013-10-06 16:26 - 00501184 _____ (DTS) C:\Windows\system32\DTSU2PLFX64.dll
2015-12-03 16:37 - 2013-10-06 16:26 - 00487360 _____ (DTS) C:\Windows\system32\DTSU2PGFX64.dll
2015-12-03 16:37 - 2013-10-06 16:26 - 00415680 _____ (DTS) C:\Windows\system32\DTSU2PREC64.dll
2015-12-03 16:37 - 2013-08-14 07:35 - 00663296 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2015-12-03 16:37 - 2013-07-23 07:39 - 00922880 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2015-12-03 16:37 - 2013-06-21 03:01 - 00109848 _____ C:\Windows\system32\AcpiServiceVnA64.dll
2015-12-03 16:37 - 2012-03-08 03:47 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2015-12-03 16:37 - 2011-08-23 09:00 - 00603984 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT64.dll
2015-12-03 16:37 - 2011-05-31 01:42 - 01756264 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll
2015-12-03 16:37 - 2011-05-31 01:42 - 01568360 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2015-12-03 16:37 - 2011-05-31 01:42 - 01486952 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll
2015-12-03 16:37 - 2011-05-31 01:42 - 00728680 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll
2015-12-03 16:37 - 2011-05-31 01:42 - 00712296 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll
2015-12-03 16:37 - 2011-05-31 01:42 - 00693352 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll
2015-12-03 16:37 - 2011-05-31 01:42 - 00491112 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll
2015-12-03 16:37 - 2011-05-31 01:42 - 00432744 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll
2015-12-03 16:37 - 2011-05-31 01:42 - 00428648 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll
2015-12-03 16:37 - 2011-05-31 01:42 - 00242792 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll
2015-12-03 16:37 - 2011-05-31 01:42 - 00242792 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll
2015-12-03 16:37 - 2011-05-31 01:42 - 00241768 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll
2015-12-03 16:37 - 2010-09-27 01:34 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2015-12-03 16:30 - 2015-12-05 17:24 - 00003590 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-82547152-812739698-690536826-1002
2015-12-03 16:29 - 2015-12-04 00:23 - 00000000 ____D C:\ProgramData\Package Cache
2015-12-03 16:29 - 2015-12-03 16:39 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-12-03 16:29 - 2015-12-03 16:39 - 00000000 ____D C:\Program Files\Intel
2015-12-03 16:29 - 2015-12-03 16:37 - 00000000 ____D C:\Program Files (x86)\Realtek
2015-12-03 16:29 - 2015-12-03 16:29 - 00000000 ____D C:\Program Files (x86)\MSI
2015-12-03 16:29 - 2015-01-15 06:42 - 00881368 _____ (Realtek ) C:\Windows\system32\Drivers\Rt630x64.sys
2015-12-03 16:29 - 2015-01-15 06:42 - 00073800 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2015-12-03 16:26 - 2015-12-03 16:26 - 00000000 ____D C:\Users\Shakree Elmi\AppData\Local\GWX
2015-12-03 16:25 - 2015-12-03 17:29 - 00000000 ____D C:\Users\Shakree Elmi
2015-12-03 16:25 - 2015-12-03 16:26 - 00000000 ____D C:\Users\Shakree Elmi\AppData\Local\Packages
2015-12-03 16:25 - 2015-12-03 16:25 - 00004608 _____ C:\Windows\SECOH-QAD.exe
2015-12-03 16:25 - 2015-12-03 16:25 - 00003584 _____ C:\Windows\SECOH-QAD.dll
2015-12-03 16:25 - 2015-12-03 16:25 - 00003366 _____ C:\Windows\System32\Tasks\AutoPico Daily Restart
2015-12-03 16:25 - 2015-12-03 16:25 - 00001438 _____ C:\Users\Shakree Elmi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-12-03 16:25 - 2015-12-03 16:25 - 00000020 ___SH C:\Users\Shakree Elmi\ntuser.ini
2015-12-03 16:25 - 2015-12-03 16:25 - 00000000 _SHDL C:\Users\Shakree Elmi\My Documents
2015-12-03 16:25 - 2015-12-03 16:25 - 00000000 _SHDL C:\Users\Shakree Elmi\Documents\My Videos
2015-12-03 16:25 - 2015-12-03 16:25 - 00000000 _SHDL C:\Users\Shakree Elmi\Documents\My Pictures
2015-12-03 16:25 - 2015-12-03 16:25 - 00000000 _SHDL C:\Users\Shakree Elmi\Documents\My Music
2015-12-03 16:25 - 2015-12-03 16:25 - 00000000 ____D C:\Users\Shakree Elmi\AppData\Roaming\Adobe
2015-12-03 16:25 - 2015-12-03 16:25 - 00000000 ____D C:\Users\Shakree Elmi\AppData\Local\VirtualStore
2015-12-03 16:25 - 2015-12-03 16:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico
2015-12-03 16:25 - 2015-12-03 16:25 - 00000000 ____D C:\Program Files\KMSpico
2015-12-03 16:25 - 2014-11-21 07:48 - 00000369 _____ C:\Users\Shakree Elmi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-12-03 16:25 - 2014-11-21 07:48 - 00000369 _____ C:\Users\Shakree Elmi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-12-03 16:25 - 2010-12-06 02:16 - 00090112 _____ (Vestris Inc.) C:\Windows\system32\Vestris.ResourceLib.dll
2015-12-03 16:17 - 2015-12-04 00:33 - 00000000 ___SD C:\Windows\system32\GWX
2015-12-03 16:17 - 2015-12-03 16:24 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-12-03 16:17 - 2015-12-03 16:17 - 00000000 ____D C:\Windows\CSC
2015-12-03 16:17 - 2015-11-14 14:50 - 00133248 _____ (Microsoft Corporation) C:\Windows\system32\RestoreOptIn.exe
2015-12-03 16:17 - 2015-11-14 14:50 - 00114160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RestoreOptIn.exe
2015-12-03 16:17 - 2015-10-20 21:54 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-12-03 16:17 - 2015-10-20 14:53 - 03705856 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-12-03 16:17 - 2015-10-20 14:36 - 02243072 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-12-03 16:17 - 2015-10-20 14:35 - 00891904 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-12-03 16:17 - 2015-10-20 14:34 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-12-03 16:17 - 2015-10-20 14:34 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-12-03 16:17 - 2015-10-20 14:34 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-12-03 16:17 - 2015-10-20 14:33 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-12-03 16:17 - 2015-10-20 14:14 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-12-03 16:17 - 2015-10-20 14:13 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-12-03 16:17 - 2015-10-20 14:13 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-12-03 16:17 - 2015-10-20 14:13 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-12-03 16:17 - 2015-08-11 02:47 - 02757072 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2015-12-03 16:17 - 2015-08-11 02:47 - 02414096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2015-11-18 08:20 - 2015-11-18 08:20 - 13189336 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atidxx64.dll
2015-11-18 08:20 - 2015-11-18 08:20 - 10907328 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atidxx32.dll
2015-11-18 08:20 - 2015-11-18 08:20 - 01496736 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx64.dll
2015-11-18 08:20 - 2015-11-18 08:20 - 01229984 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2015-11-18 08:20 - 2015-11-18 08:20 - 00458472 _____ C:\Windows\system32\amdmiracast.dll
2015-11-18 08:20 - 2015-11-18 08:20 - 00152568 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiuxp64.dll
2015-11-18 08:20 - 2015-11-18 08:20 - 00141792 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdhcp64.dll
2015-11-18 08:20 - 2015-11-18 08:20 - 00133016 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiuxpag.dll
2015-11-18 08:20 - 2015-11-18 08:20 - 00128384 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdhcp32.dll
2015-11-18 08:20 - 2015-11-18 08:20 - 00120656 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiu9p64.dll
2015-11-18 08:20 - 2015-11-18 08:20 - 00118608 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdave64.dll
2015-11-18 08:20 - 2015-11-18 08:20 - 00110344 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdave32.dll
2015-11-18 08:20 - 2015-11-18 08:20 - 00102616 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiu9pag.dll
2015-11-18 08:20 - 2015-11-18 08:20 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll
2015-11-18 08:20 - 2015-11-18 08:20 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll
2015-11-18 08:20 - 2015-11-18 08:20 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2015-11-18 08:20 - 2015-11-18 08:20 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2015-11-18 08:19 - 2015-11-18 08:19 - 10815664 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd64.dll
2015-11-18 08:19 - 2015-11-18 08:19 - 09070320 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdag.dll
2015-11-18 08:19 - 2015-11-18 08:19 - 09017808 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd6a.dll
2015-11-18 08:19 - 2015-11-18 08:19 - 08089248 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdva.dll
2015-11-18 08:17 - 2015-11-18 08:17 - 00296648 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdacpksd.sys
2015-11-18 08:13 - 2015-11-18 08:13 - 23960064 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmdag.sys
2015-11-18 08:08 - 2015-11-18 08:08 - 49984000 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl64.dll
2015-11-18 08:08 - 2015-11-18 08:08 - 00235008 _____ C:\Windows\system32\clinfo.exe
2015-11-18 08:02 - 2015-11-18 08:02 - 41510912 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl.dll
2015-11-18 07:58 - 2015-11-18 07:58 - 00065024 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-11-18 07:57 - 2015-11-18 07:57 - 00059392 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-11-18 07:55 - 2015-11-18 07:55 - 02412544 _____ C:\Windows\system32\amdacpusl.pdb
2015-11-18 07:50 - 2015-11-18 07:50 - 27596288 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl12cl64.dll
2015-11-18 07:49 - 2015-11-18 07:49 - 22348288 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl12cl.dll
2015-11-18 07:41 - 2015-11-18 07:41 - 00364544 _____ (Advanced Micro Devices) C:\Windows\system32\amdacpusl.dll
2015-11-18 07:41 - 2015-11-18 07:41 - 00306176 _____ C:\Windows\system32\amdacpusl.pdb.pub
2015-11-18 07:41 - 2015-11-18 07:41 - 00248832 _____ (Advanced Micro Devices) C:\Windows\SysWOW64\amdacpusl.dll
2015-11-18 05:50 - 2015-11-18 05:50 - 00677888 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdlvr64.dll
2015-11-18 05:48 - 2015-11-18 05:48 - 00562688 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdlvr32.dll
2015-11-18 05:46 - 2015-11-18 05:46 - 06643200 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmantle64.dll
2015-11-18 05:46 - 2015-11-18 05:46 - 00127488 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantle64.dll
2015-11-18 05:46 - 2015-11-18 05:46 - 00113664 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantle32.dll
2015-11-18 05:14 - 2015-11-18 05:14 - 05223936 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmantle32.dll
2015-11-18 04:48 - 2015-11-18 04:48 - 00096256 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantleaxl64.dll
2015-11-18 04:48 - 2015-11-18 04:48 - 00089088 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantleaxl32.dll
2015-11-18 04:08 - 2015-11-18 04:08 - 00683960 _____ C:\Windows\SysWOW64\atiapfxx.blb
2015-11-18 04:08 - 2015-11-18 04:08 - 00683960 _____ C:\Windows\system32\atiapfxx.blb
2015-11-18 04:06 - 2015-11-18 04:06 - 00134656 _____ C:\Windows\system32\amdhdl64.dll
2015-11-18 04:06 - 2015-11-18 04:06 - 00123392 _____ C:\Windows\SysWOW64\amdhdl32.dll
2015-11-18 04:05 - 2015-11-18 04:05 - 31376896 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atio6axx.dll
2015-11-18 03:43 - 2015-11-18 03:43 - 15711744 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticaldd64.dll
2015-11-18 03:43 - 2015-11-18 03:43 - 00367104 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiapfxx.exe
2015-11-18 03:43 - 2015-11-18 03:43 - 00062464 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalrt64.dll
2015-11-18 03:43 - 2015-11-18 03:43 - 00055808 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalcl64.dll
2015-11-18 03:43 - 2015-11-18 03:43 - 00052224 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalrt.dll
2015-11-18 03:43 - 2015-11-18 03:43 - 00049152 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalcl.dll
2015-11-18 03:40 - 2015-11-18 03:40 - 25840128 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atioglxx.dll
2015-11-18 03:40 - 2015-11-18 03:40 - 14302208 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticaldd.dll
2015-11-18 03:40 - 2015-11-18 03:40 - 00865280 _____ (AMD) C:\Windows\system32\coinst_15.30.dll
2015-11-18 03:32 - 2015-11-18 03:32 - 00050688 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmmcl6.dll
2015-11-18 03:32 - 2015-11-18 03:32 - 00039424 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmmcl.dll
2015-11-18 03:27 - 2015-11-18 03:27 - 03437632 _____ C:\Windows\system32\atiumd6a.cap
2015-11-18 03:26 - 2015-11-18 03:26 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll
2015-11-18 03:26 - 2015-11-18 03:26 - 00223744 _____ C:\Windows\system32\dgtrayicon.exe
2015-11-18 03:25 - 2015-11-18 03:25 - 00552448 _____ (AMD) C:\Windows\system32\atieclxx.exe
2015-11-18 03:25 - 2015-11-18 03:25 - 00204800 _____ C:\Windows\system32\amdgfxinfo64.dll
2015-11-18 03:25 - 2015-11-18 03:25 - 00189952 _____ C:\Windows\SysWOW64\amdgfxinfo32.dll
2015-11-18 03:25 - 2015-11-18 03:25 - 00162304 _____ C:\Windows\system32\atieah64.exe
2015-11-18 03:25 - 2015-11-18 03:25 - 00145408 _____ C:\Windows\SysWOW64\atieah32.exe
2015-11-18 03:25 - 2015-11-18 03:25 - 00031744 _____ (AMD) C:\Windows\system32\atimuixx.dll
2015-11-18 03:24 - 2015-11-18 03:24 - 00246272 _____ (AMD) C:\Windows\system32\atiesrxx.exe
2015-11-18 03:24 - 2015-11-18 03:24 - 00204952 _____ C:\Windows\SysWOW64\ativvsvl.dat
2015-11-18 03:24 - 2015-11-18 03:24 - 00204952 _____ C:\Windows\system32\ativvsvl.dat
2015-11-18 03:24 - 2015-11-18 03:24 - 00157144 _____ C:\Windows\SysWOW64\ativvsva.dat
2015-11-18 03:24 - 2015-11-18 03:24 - 00157144 _____ C:\Windows\system32\ativvsva.dat
2015-11-18 03:22 - 2015-11-18 03:22 - 00190976 _____ (AMD) C:\Windows\system32\atitmm64.dll
2015-11-18 03:10 - 2015-11-18 03:10 - 03471376 _____ C:\Windows\SysWOW64\atiumdva.cap
2015-11-18 02:58 - 2015-11-18 02:58 - 00089088 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atisamu64.dll
2015-11-18 02:58 - 2015-11-18 02:58 - 00080896 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atisamu32.dll
2015-11-18 02:54 - 2015-11-18 02:54 - 01272832 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll
2015-11-18 02:54 - 2015-11-18 02:54 - 00941568 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2015-11-18 02:54 - 2015-11-18 02:54 - 00941568 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxx.dll
2015-11-18 02:54 - 2015-11-18 02:54 - 00157696 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll
2015-11-18 02:54 - 2015-11-18 02:54 - 00075776 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6pxx.dll
2015-11-18 02:54 - 2015-11-18 02:54 - 00070144 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiglpxx.dll
2015-11-18 02:54 - 2015-11-18 02:54 - 00070144 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiglpxx.dll
2015-11-18 02:53 - 2015-11-18 02:53 - 00671232 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmpag.sys
2015-11-18 02:53 - 2015-11-18 02:53 - 00142336 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2015-11-18 02:45 - 2015-11-18 02:45 - 00195072 _____ C:\Windows\system32\hsa-thunk64.dll
2015-11-18 02:45 - 2015-11-18 02:45 - 00174592 _____ C:\Windows\SysWOW64\hsa-thunk.dll
2015-11-18 02:43 - 2015-11-18 02:43 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\ati2erec.dll
2015-11-13 06:50 - 2015-11-13 06:50 - 00026880 _____ (Western Digital Technologies, Inc.) C:\Windows\system32\Drivers\wdcsam64.sys

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-12-05 17:38 - 2013-08-22 13:36 - 00000000 ____D C:\Windows
2015-12-05 17:24 - 2014-11-21 07:38 - 00863592 _____ C:\Windows\system32\PerfStringBackup.INI
2015-12-05 17:24 - 2013-08-22 13:36 - 00000000 ____D C:\Windows\Inf
2015-12-05 17:19 - 2013-08-22 14:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-12-05 17:19 - 2013-08-22 13:25 - 00262144 ___SH C:\Windows\system32\config\ELAM
2015-12-05 17:18 - 2013-08-22 13:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-12-05 03:50 - 2013-08-22 14:44 - 00472712 _____ C:\Windows\system32\FNTCACHE.DAT
2015-12-05 03:49 - 2015-09-11 00:36 - 00000000 ____D C:\Windows\system32\appraiser
2015-12-05 03:49 - 2014-11-21 15:14 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-12-05 03:49 - 2013-08-22 15:36 - 00000000 ___RD C:\Windows\ToastData
2015-12-05 03:48 - 2015-09-10 21:14 - 00000000 ____D C:\Windows\system32\MRT
2015-12-04 04:07 - 2013-08-22 15:36 - 00000000 ___HD C:\Program Files\WindowsApps
2015-12-04 04:07 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\AppReadiness
2015-12-04 04:06 - 2013-08-22 15:20 - 00000000 ____D C:\Windows\CbsTemp
2015-12-04 00:35 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\AppCompat
2015-12-04 00:08 - 2013-08-22 15:36 - 00262144 _____ C:\Windows\system32\config\BCD-Template
2015-12-03 17:29 - 2013-08-22 15:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2015-12-03 17:19 - 2013-08-22 15:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-12-03 16:25 - 2015-09-10 21:21 - 00000000 ____D C:\Windows\Panther
2015-12-03 16:25 - 2015-09-10 20:29 - 00000000 ____D C:\Windows\System32\Tasks\WPD

==================== Files in the root of some directories =======

2015-12-05 17:29 - 2015-12-05 17:29 - 0000017 _____ () C:\Users\Shakree Elmi\AppData\Local\resmon.resmoncfg
2015-12-05 16:37 - 2015-12-05 16:37 - 0488697 _____ () C:\ProgramData\1449333196.bdinstall.bin
2015-12-03 16:38 - 2015-12-03 16:38 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
C:\Users\Shakree Elmi\AppData\Local\Temp\devcon64.exe
C:\Users\Shakree Elmi\AppData\Local\Temp\DVDChangeDisc.exe
C:\Users\Shakree Elmi\AppData\Local\Temp\radeon-crimson-15.11-minimalsetup.exe
C:\Users\Shakree Elmi\AppData\Local\Temp\raptrpatch.exe
C:\Users\Shakree Elmi\AppData\Local\Temp\raptr_stub.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-09-10 20:21

==================== End of FRST.txt ============================

Attached Files

Addition.txt (34.9 KB)

I have PeerBlock on my computer which starts up automatically but today a window popped up after startup saying something along the lines of "Peerguardian 2 cannot run whilst PeerBlock is running. Please close and restart". I haven't even heard of Peerguardian 2 let alone chosen to download it so I was suspicious about whether it was a virus. Googling it though is giving a bit of a mixed opinion - it seems to be a genuine program but I also came up with lots of results about it being a particularly nasty trojan. I'm inclined to believe the latter in my case as I recently reformatted my computer so it normally runs fairly fast but is being particularly slow to respond today.
Anyone know whether it is a virus and how to safely remove it? I cant find it on my computer anywhere to uninstall (even in control panel programs or task manager).

Thanks

OS is windows 7 web browser is opera (yes some people use opera :p)

i downloaded dreamscape to play a video as my desktop backgroup. the installer was filled with crap and i think thats where i got the virus or malware whatever it is

all guides i have found online dont cover opera or vaguely tell me to edit my registery or to download and buy spyhunter. most guides say to go into programs and features and simply uninstall it (which be great if it was there)

as always i appreciate your help very much :thumb:


DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 8.0.7601.19038
Run by Gary at 18:56:14 on 2015-11-17
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.8142.5468 [GMT 0:00]
.
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Spybot - Search and Destroy *Enabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Program Files (x86)\Stardock\DeskScapes8\ds8srv.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files (x86)\Stardock\DeskScapes8\DeskScapes64.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\system32\Dwm.exe
C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
E:\Steam\Steam.exe
E:\Steam\bin\steamwebhelper.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files (x86)\RivaTuner Statistics Server\EncoderServer.exe
C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooksLoader64.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Common Files\Steam\SteamService.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Opera\33.0.1990.58\opera.exe
C:\Program Files (x86)\Opera\33.0.1990.58\opera_crashreporter.exe
C:\Program Files (x86)\Opera\33.0.1990.58\opera.exe
C:\Program Files (x86)\Opera\33.0.1990.58\opera.exe
C:\Program Files (x86)\Opera\33.0.1990.58\opera.exe
C:\Program Files (x86)\Opera\33.0.1990.58\opera.exe
C:\Program Files (x86)\Opera\33.0.1990.58\opera.exe
C:\Program Files (x86)\Opera\33.0.1990.58\opera.exe
C:\Program Files (x86)\Opera\33.0.1990.58\opera.exe
C:\Program Files (x86)\Opera\33.0.1990.58\opera.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Program Files (x86)\Opera\33.0.1990.58\opera.exe
C:\Program Files (x86)\Opera\33.0.1990.58\opera.exe
C:\Program Files (x86)\Opera\33.0.1990.58\opera.exe
C:\Program Files (x86)\Opera\33.0.1990.58\opera.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www-searching.com/?pid=s&s=FBEzamobl1598,2fe1b957-bdde-4833-8aa4-ccce15f0e9e6,&vp=ch&prd=set
mWinlogon: Userinit = userinit.exe
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Skype Click to Call for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
uRun: [Steam] "E:\Steam\steam.exe" -silent
uRun: [WindApp] "C:\Users\Gary\AppData\Roaming\Store\WindApp\WindApp.exe" /winstartup
uRun: [Selection Tools] "C:\Users\Gary\AppData\Roaming\WTools\Selection Tools\Selection Tools.exe" /winstartup
uRun: [SpybotPostWindows10UpgradeReInstall] "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe"
mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
mRun: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
mRun: [ProductUpdater] C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
mRun: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: SoftwareSASGeneration = dword:1
mPolicies-Windows\System: UseOEMBackground = dword:1
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
TCP: NameServer = 194.168.4.100 194.168.8.100
TCP: Interfaces\{C2FB13D9-CC2D-48D6-BBC5-2C5F1F540B7C} : DHCPNameServer = 194.168.4.100 194.168.8.100
TCP: Interfaces\{D078EFC6-FEF0-4171-BCDF-5C972CBEA527} : DHCPNameServer = 192.168.42.129
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
Notify: SDWinLogon - SDWinLogon.dll
SSODL: WebCheck - <orphaned>
x64-BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Skype Click to Call for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Run: [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
x64-Run: [ShadowPlay] C:\Windows\System32\rundll32.exe C:\Windows\System32\nvspcap64.dll,ShadowPlayOnSystemStart
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;avast! Revert;C:\Windows\System32\drivers\aswRvrt.sys [2015-10-30 65224]
R0 aswVmm;avast! VM Monitor;C:\Windows\System32\drivers\aswVmm.sys [2015-10-30 274808]
R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2015-10-31 19264]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswsnx.sys [2015-10-30 1059656]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswsp.sys [2015-10-30 449992]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver;C:\Windows\System32\drivers\HWiNFO64A.SYS [2015-11-16 27552]
R2 aswHwid;avast! HardwareID;C:\Windows\System32\drivers\aswHwid.sys [2015-10-30 28656]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2015-10-30 90968]
R2 aswStm;aswStm;C:\Windows\System32\drivers\aswStm.sys [2015-10-30 153744]
R2 avast! Antivirus;Avast Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-10-30 146600]
R2 c2cautoupdatesvc;Skype Click to Call Updater;C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2015-10-12 1433216]
R2 c2cpnrsvc;Skype Click to Call PNR Service;C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2015-10-12 1773696]
R2 DeskScapes8;Stardock DeskScapes 8;C:\Program Files (x86)\Stardock\DeskScapes8\DS8Srv.exe [2014-3-10 75376]
R2 DiagTrack;Diagnostics Tracking Service;C:\Windows\System32\svchost.exe -k utcsvc [2009-7-13 27136]
R2 GfExperienceService;NVIDIA GeForce Experience Service;C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-10-30 1156384]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-4-20 635104]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [2015-10-31 166720]
R2 NvNetworkService;NVIDIA Network Service;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-10-30 1873696]
R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2015-10-30 5568288]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2015-11-16 1738168]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2015-11-16 2088408]
R2 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2015-11-16 171928]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2015-11-9 417584]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2015-10-31 365376]
R3 iusb3hub;Intel(R) USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2015-10-31 357184]
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2015-10-31 789824]
R3 NvStreamKms;NvStreamKms;C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-10-30 20768]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\Windows\System32\drivers\nvvad64v.sys [2015-10-30 50472]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2015-10-30 769168]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-4-11 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-4-11 124088]
S2 NetTcpHandler;Net.Tcp Service Handler;C:\Users\Gary\AppData\Roaming\NetService\netservice.exe -start --> C:\Users\Gary\AppData\Roaming\NetService\netservice.exe -start [?]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-7-9 327296]
S3 EasyAntiCheat;EasyAntiCheat;C:\Windows\System32\EasyAntiCheat.exe --> C:\Windows\System32\EasyAntiCheat.exe [?]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2015-10-30 19456]
S3 RTCore64;RTCore64;C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [2015-6-2 13536]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2015-10-30 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2015-10-30 30208]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2015-10-30 1255736]
.
=============== File Associations ===============
.
ShellExec: opera.exe: open="C:\Program Files (x86)\Opera\Launcher.exe" "%1"
.
=============== Created Last 30 ================
.
2015-11-16 16:53:17 27552 ----a-w- C:\Windows\System32\drivers\HWiNFO64A.SYS
2015-11-16 16:53:09 -------- d-----w- C:\Program Files\HWiNFO64
2015-11-16 15:49:09 -------- d-----w- C:\Program Files (x86)\RivaTuner Statistics Server
2015-11-16 15:48:04 -------- d-----w- C:\Program Files (x86)\MSI Afterburner
2015-11-16 10:35:25 -------- d-----w- C:\Program Files\Common Files\AV
2015-11-16 10:17:53 21040 ----a-w- C:\Windows\System32\sdnclean64.exe
2015-11-16 10:17:52 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2015-11-16 10:17:50 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-11-15 16:39:20 -------- d-----w- C:\Users\Gary\AppData\Roaming\NVIDIA
2015-11-15 16:39:14 466456 ----a-w- C:\Windows\System32\wrap_oal.dll
2015-11-15 16:39:14 122904 ----a-w- C:\Windows\System32\OpenAL32.dll
2015-11-15 16:39:14 -------- d-----w- C:\Program Files (x86)\OpenAL
2015-11-15 16:39:13 444952 ----a-w- C:\Windows\SysWow64\wrap_oal.dll
2015-11-15 16:39:13 109080 ----a-w- C:\Windows\SysWow64\OpenAL32.dll
2015-11-14 19:37:32 -------- d-----w- C:\Users\Gary\AppData\Roaming\WinAVI
2015-11-14 19:37:32 -------- d-----w- C:\Users\Gary\AppData\Local\WinAVI
2015-11-14 19:37:10 -------- d-----w- C:\Program Files (x86)\WinAVI
2015-11-14 14:45:25 -------- d-----w- C:\Users\Gary\AppData\Roaming\Apowersoft
2015-11-14 14:45:22 -------- d-----w- C:\ProgramData\Apowersoft
2015-11-14 14:45:22 -------- d-----w- C:\Program Files (x86)\Apowersoft
2015-11-14 14:34:10 -------- d-----w- C:\Users\Gary\AppData\Local\Stardock
2015-11-14 14:34:10 -------- d-----w- C:\ProgramData\Stardock
2015-11-14 14:34:05 -------- d-----w- C:\Program Files (x86)\Stardock
2015-11-14 14:31:02 -------- d-----w- C:\Users\Gary\AppData\Local\http___www.julien-manici
2015-11-14 14:30:16 -------- d-----w- C:\Program Files (x86)\Julien MANICI
2015-11-14 14:06:39 275360 ----a-w- C:\Windows\System32\DreamScene.dll.0
2015-11-14 14:06:39 275360 ----a-w- C:\Windows\System32\DreamScene.dll
2015-11-14 14:02:53 -------- d-----w- C:\Program Files (x86)\DreamScene Seven
2015-11-14 14:01:50 -------- d-----w- C:\Users\Gary\AppData\Roaming\WTools
2015-11-14 14:01:44 -------- d-----w- C:\Users\Gary\AppData\Roaming\Store
2015-11-14 14:01:34 -------- d-----w- C:\Users\Gary\AppData\Roaming\Nosibay
2015-11-14 14:01:20 -------- d-----w- C:\Program Files (x86)\CinePlus-1.44V09.11
2015-11-14 14:00:58 -------- d-----w- C:\Users\Gary\AppData\Roaming\RunDir
2015-11-14 14:00:58 -------- d-----w- C:\Users\Gary\AppData\Roaming\NetService
2015-11-13 16:14:28 -------- d-----w- C:\Users\Gary\AppData\Roaming\PacificPoker
2015-11-13 16:14:21 -------- d-----w- C:\Program Files (x86)\PacificPoker
2015-11-13 14:40:28 -------- d-----w- C:\Program Files\LSoft Technologies
2015-11-13 14:09:17 -------- d-----w- C:\Users\Gary\AppData\Roaming\EncryptStick
2015-11-13 11:31:56 11140960 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{63CFFAA6-A20A-4F88-B22B-9D1B4E3709EA}\mpengine.dll
2015-11-13 11:29:38 2777088 ----a-w- C:\Windows\System32\msmpeg2vdec.dll
2015-11-13 11:29:37 2285056 ----a-w- C:\Windows\SysWow64\msmpeg2vdec.dll
2015-11-13 11:23:05 67072 ----a-w- C:\Windows\splwow64.exe
2015-11-13 11:23:05 559104 ----a-w- C:\Windows\System32\spoolsv.exe
2015-11-12 20:09:29 -------- d-----w- C:\Users\Gary\AppData\Local\Arktos Entertainment
2015-11-12 20:07:30 -------- d-----w- C:\Users\Gary\AppData\Local\CrashRpt
2015-11-12 20:07:30 -------- d-----w- C:\Users\Gary\AppData\Local\Arktos
2015-11-12 11:07:08 -------- d-----w- C:\ProgramData\YTD Video Downloader
2015-11-12 11:06:37 -------- d-----w- C:\Program Files (x86)\GreenTree Applications
2015-11-11 21:48:59 -------- d-----w- C:\Users\Gary\AppData\Local\Microsoft Games
2015-11-10 21:41:16 -------- d-----w- C:\Users\Gary\AppData\Roaming\Fallout2
2015-11-10 11:13:22 -------- d-----w- C:\Users\Gary\AppData\Local\Fallout4
2015-11-09 17:09:58 -------- d-----w- C:\ProgramData\Package Cache
2015-11-09 16:55:21 102704 ----a-w- C:\Windows\SysWow64\nvStreaming.exe
2015-11-08 12:30:19 -------- d-----w- C:\Users\Gary\AppData\Local\Gas Powered Games
2015-11-06 17:42:58 -------- d-----w- C:\Users\Gary\AppData\Roaming\BitTorrent
2015-11-06 16:23:09 519000 ----a-w- C:\Windows\System32\d3dx10_40.dll
2015-11-06 16:23:09 452440 ----a-w- C:\Windows\SysWow64\d3dx10_40.dll
2015-11-06 16:23:09 2605920 ----a-w- C:\Windows\System32\D3DCompiler_40.dll
2015-11-06 16:23:09 2036576 ----a-w- C:\Windows\SysWow64\D3DCompiler_40.dll
2015-11-06 16:23:08 5631312 ----a-w- C:\Windows\System32\D3DX9_40.dll
2015-11-06 16:23:08 4379984 ----a-w- C:\Windows\SysWow64\D3DX9_40.dll
2015-11-05 18:36:11 -------- d-----w- C:\Users\Gary\AppData\Local\Rockstar Games
2015-11-05 18:35:34 -------- d-----w- C:\Windows\SysWow64\xlive
2015-11-05 18:35:34 -------- d-----w- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2015-11-05 15:38:31 -------- d-----w- C:\Users\Gary\AppData\Local\NVIDIA Corporation
2015-11-05 14:53:03 -------- d-----w- C:\Users\Gary\AppData\Roaming\Mionix
2015-11-05 14:53:03 -------- d-----w- C:\Program Files (x86)\Mionix
2015-11-05 14:52:48 -------- d-----w- C:\Users\Gary\AppData\Local\Downloaded Installations
2015-11-04 13:18:28 44544 ----a-w- C:\Users\Gary\AppData\Roaming\Microsoft\MSXML2\msxml4a.dll
2015-11-02 11:05:48 -------- d-----w- C:\Program Files\VideoLAN
2015-11-01 18:09:35 -------- d-----w- C:\Users\Gary\AppData\Roaming\Media Converter
2015-10-31 19:59:53 -------- d-----w- C:\Users\Gary\AppData\Roaming\7DaysToDie
2015-10-31 19:59:05 238376 ----a-w- C:\Windows\SysWow64\EasyAntiCheat.exe
2015-10-31 18:05:32 -------- d-----w- C:\Users\Gary\AppData\Local\Steam
2015-10-31 18:05:32 -------- d-----w- C:\Users\Gary\AppData\Local\CEF
2015-10-31 18:04:58 -------- d-----w- C:\Program Files (x86)\Common Files\Steam
2015-10-31 17:47:04 -------- d-----w- C:\ProgramData\Freemake
2015-10-31 17:47:04 -------- d-----w- C:\Program Files (x86)\Common Files\Freemake Shared
2015-10-31 17:46:55 -------- d-----w- C:\Program Files (x86)\Freemake
2015-10-31 17:45:13 -------- d-----w- C:\Program Files (x86)\mkvtoavi_setup
2015-10-31 17:44:15 -------- d-----w- C:\Program Files (x86)\Free MKV to AVI Converter
2015-10-31 17:43:48 -------- d-----w- C:\Users\Gary\AppData\Local\Programs
2015-10-31 17:37:14 15168 ----a-w- C:\Windows\System32\drivers\IntelMEFWVer.dll
2015-10-31 17:36:42 -------- d-----w- C:\Program Files (x86)\Common Files\postureAgent
2015-10-31 17:30:13 41984 ----a-w- C:\Windows\System32\drivers\USB3Ver.dll
2015-10-31 17:30:08 -------- d-----w- C:\Intel
2015-10-31 17:29:42 789824 ----a-w- C:\Windows\System32\drivers\iusb3xhc.sys
2015-10-31 17:29:42 357184 ----a-w- C:\Windows\System32\drivers\iusb3hub.sys
2015-10-31 17:29:42 19264 ----a-w- C:\Windows\System32\drivers\iusb3hcs.sys
2015-10-31 17:29:42 1721576 ----a-w- C:\Windows\System32\WdfCoInstaller01009.dll
2015-10-31 17:12:12 -------- d-----w- C:\Users\Gary\AppData\Roaming\mIRC
2015-10-31 17:12:12 -------- d-----w- C:\Program Files (x86)\mIRC
2015-10-30 18:55:38 -------- d-----w- C:\Users\Gary\AppData\Roaming\BitLord
2015-10-30 18:55:38 -------- d-----w- C:\Users\Gary\AppData\Local\BitLord
2015-10-30 18:30:44 -------- d-----w- C:\Windows\System32\MRT
2015-10-30 18:27:38 124624 ----a-w- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
2015-10-30 18:27:38 103120 ----a-w- C:\Windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2015-10-30 18:20:47 -------- d-----w- C:\Windows\Panther
2015-10-30 18:18:09 2565120 ----a-w- C:\Windows\System32\d3d10warp.dll
2015-10-30 18:18:09 1987584 ----a-w- C:\Windows\SysWow64\d3d10warp.dll
2015-10-30 18:18:09 1648128 ----a-w- C:\Windows\System32\DWrite.dll
2015-10-30 18:18:09 1251328 ----a-w- C:\Windows\SysWow64\DWrite.dll
2015-10-30 18:18:09 1180160 ----a-w- C:\Windows\System32\FntCache.dll
2015-10-30 18:18:08 1424896 ----a-w- C:\Windows\System32\WindowsCodecs.dll
2015-10-30 18:18:08 1230848 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll
2015-10-30 18:13:36 465920 ----a-w- C:\Windows\System32\WMPhoto.dll
2015-10-30 18:13:36 417792 ----a-w- C:\Windows\SysWow64\WMPhoto.dll
2015-10-30 18:02:41 -------- d-----w- C:\Windows\SysWow64\Wat
2015-10-30 18:02:41 -------- d-----w- C:\Windows\System32\Wat
2015-10-30 17:22:11 44544 ----a-w- C:\Windows\System32\TsUsbGDCoInstaller.dll
2015-10-30 17:22:07 3072 ----a-w- C:\Windows\System32\drivers\en-US\tsusbflt.sys.mui
2015-10-30 17:22:05 56832 ----a-w- C:\Windows\System32\drivers\TsUsbFlt.sys
2015-10-30 17:22:05 13824 ----a-w- C:\Windows\System32\TsUsbRedirectionGroupPolicyControl.exe
2015-10-30 17:22:05 12800 ----a-w- C:\Windows\System32\TsUsbRedirectionGroupPolicyExtension.dll
2015-10-30 17:22:04 56832 ----a-w- C:\Windows\System32\MsRdpWebAccess.dll
2015-10-30 17:22:04 50176 ----a-w- C:\Windows\SysWow64\MsRdpWebAccess.dll
2015-10-30 17:22:04 18944 ----a-w- C:\Windows\System32\wksprtPS.dll
2015-10-30 17:22:04 17920 ----a-w- C:\Windows\SysWow64\wksprtPS.dll
2015-10-30 17:22:04 1147392 ----a-w- C:\Windows\System32\mstsc.exe
2015-10-30 17:22:04 1068544 ----a-w- C:\Windows\SysWow64\mstsc.exe
2015-10-30 17:19:59 30208 ----a-w- C:\Windows\System32\drivers\TsUsbGD.sys
2015-10-30 17:19:59 19456 ----a-w- C:\Windows\System32\drivers\rdpvideominiport.sys
2015-10-30 17:19:57 228864 ----a-w- C:\Windows\System32\rdpendp_winip.dll
2015-10-30 17:19:57 192000 ----a-w- C:\Windows\SysWow64\rdpendp_winip.dll
2015-10-30 17:12:12 22528 ----a-w- C:\Windows\System32\icaapi.dll
2015-10-30 17:12:10 39936 ----a-w- C:\Windows\System32\drivers\tssecsrv.sys
2015-10-30 17:11:33 950272 ----a-w- C:\Windows\System32\perftrack.dll
2015-10-30 17:11:33 91136 ----a-w- C:\Windows\System32\wdi.dll
2015-10-30 17:11:33 76800 ----a-w- C:\Windows\SysWow64\wdi.dll
2015-10-30 17:11:33 29696 ----a-w- C:\Windows\System32\powertracker.dll
2015-10-30 17:11:03 -------- d-----w- C:\Users\Gary\Tracing
2015-10-30 17:10:13 -------- d-----w- C:\Users\Gary\AppData\Local\Skype
2015-10-30 17:09:52 -------- d-----r- C:\Program Files (x86)\Skype
2015-10-30 16:51:34 -------- d-s---w- C:\Windows\System32\CompatTel
2015-10-30 16:51:34 -------- d-----w- C:\Windows\System32\appraiser
2015-10-30 16:51:24 -------- d-s---w- C:\Windows\SysWow64\GWX
2015-10-30 16:51:24 -------- d-s---w- C:\Windows\System32\GWX
2015-10-30 14:44:27 -------- d-----w- C:\Windows\Migration
2015-10-30 14:31:57 11140960 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2015-10-30 14:25:43 2560 ----a-w- C:\Windows\System32\drivers\en-US\wdf01000.sys.mui
2015-10-30 13:19:47 87040 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys
2015-10-30 13:19:47 84992 ----a-w- C:\Windows\System32\WUDFSvc.dll
2015-10-30 13:19:47 198656 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys
2015-10-30 13:19:47 194048 ----a-w- C:\Windows\System32\WUDFPlatform.dll
2015-10-30 13:19:46 744448 ----a-w- C:\Windows\System32\WUDFx.dll
2015-10-30 13:19:46 45056 ----a-w- C:\Windows\System32\WUDFCoinstaller.dll
2015-10-30 13:19:46 229888 ----a-w- C:\Windows\System32\WUDFHost.exe
2015-10-30 13:12:59 83736 ----a-w- C:\Windows\System32\xinput1_2.dll
2015-10-30 13:03:43 5120 ----a-w- C:\Windows\SysWow64\wmi.dll
2015-10-30 13:03:43 5120 ----a-w- C:\Windows\System32\wmi.dll
2015-10-30 13:03:43 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys
2015-10-30 12:55:30 99480 ----a-w- C:\Windows\SysWow64\infocardapi.dll
2015-10-30 12:55:30 8856 ----a-w- C:\Windows\SysWow64\icardres.dll
2015-10-30 12:55:30 8856 ----a-w- C:\Windows\System32\icardres.dll
2015-10-30 12:55:30 619672 ----a-w- C:\Windows\SysWow64\icardagt.exe
2015-10-30 12:55:30 171160 ----a-w- C:\Windows\System32\infocardapi.dll
2015-10-30 12:55:30 1389208 ----a-w- C:\Windows\System32\icardagt.exe
2015-10-30 12:55:23 35480 ----a-w- C:\Windows\SysWow64\TsWpfWrp.exe
2015-10-30 12:55:23 35480 ----a-w- C:\Windows\System32\TsWpfWrp.exe
2015-10-30 12:52:55 52736 ----a-w- C:\Windows\System32\basesrv.dll
2015-10-30 12:51:51 48640 ----a-w- C:\Windows\System32\wwanprotdim.dll
2015-10-30 12:50:35 73216 ----a-w- C:\Windows\SysWow64\msiexec.exe
2015-10-30 12:49:49 455168 ----a-w- C:\Windows\System32\winlogon.exe
2015-10-30 12:48:54 155584 ----a-w- C:\Windows\System32\drivers\ataport.sys
2015-10-30 12:47:59 327168 ----a-w- C:\Windows\System32\mswsock.dll
2015-10-30 12:46:57 210432 ----a-w- C:\Windows\System32\profsvc.dll
2015-10-30 12:45:50 878080 ----a-w- C:\Windows\System32\IMJP10K.DLL
2015-10-30 12:37:22 780488 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2015-10-30 12:37:22 142536 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2015-10-30 12:36:58 -------- d-----w- C:\Users\Gary\AppData\Local\Adobe
2015-10-30 12:27:45 461312 ----a-w- C:\Windows\System32\scavengeui.dll
2015-10-30 11:40:26 769168 ----a-w- C:\Windows\System32\drivers\Rt64win7.sys
2015-10-30 11:40:26 74344 ----a-w- C:\Windows\System32\RtNicProp64.dll
2015-10-30 11:40:26 107552 ----a-w- C:\Windows\System32\RTNUninst64.dll
2015-10-30 11:40:22 -------- d-----w- C:\Program Files (x86)\Realtek
2015-10-30 11:36:46 -------- d-----w- C:\Users\Gary\AppData\Local\NVIDIA
2015-10-30 11:36:16 276832 ----a-w- C:\Windows\System32\d3dx11_43.dll
2015-10-30 11:36:16 248672 ----a-w- C:\Windows\SysWow64\d3dx11_43.dll
2015-10-30 11:36:15 511328 ----a-w- C:\Windows\System32\d3dx10_43.dll
2015-10-30 11:36:15 470880 ----a-w- C:\Windows\SysWow64\d3dx10_43.dll
2015-10-30 11:36:15 2401112 ----a-w- C:\Windows\System32\D3DX9_43.dll
2015-10-30 11:36:15 1998168 ----a-w- C:\Windows\SysWow64\D3DX9_43.dll
2015-10-30 11:34:56 -------- d-----w- C:\Program Files (x86)\NVIDIA Corporation
2015-10-30 11:32:12 -------- d-sh--w- C:\Windows\Installer
2015-10-30 11:31:06 72504 ----a-w- C:\Windows\System32\nvaudcap64v.dll
2015-10-30 11:31:06 69416 ----a-w- C:\Windows\SysWow64\nvaudcap32v.dll
2015-10-30 11:31:06 50472 ----a-w- C:\Windows\System32\drivers\nvvad64v.sys
2015-10-30 11:31:06 3579000 ----a-w- C:\Windows\System32\nvapi64.dll
2015-10-30 11:31:06 3158736 ----a-w- C:\Windows\SysWow64\nvapi.dll
2015-10-30 11:31:06 1905456 ----a-w- C:\Windows\System32\nvdispco6435850.dll
2015-10-30 11:31:06 17515208 ----a-w- C:\Windows\System32\nvwgf2umx.dll
2015-10-30 11:31:06 1572496 ----a-w- C:\Windows\System32\nvhdagenco6420103.dll
2015-10-30 11:31:06 1564976 ----a-w- C:\Windows\System32\nvdispgenco6435850.dll
2015-10-30 11:31:06 15121784 ----a-w- C:\Windows\SysWow64\nvwgf2um.dll
2015-10-30 11:31:06 12770752 ----a-w- C:\Windows\SysWow64\nvd3dum.dll
2015-10-30 11:30:40 -------- d-----w- C:\Program Files\NVIDIA Corporation
2015-10-30 11:30:26 -------- d-----w- C:\NVIDIA
2015-10-30 11:27:39 -------- d-----w- C:\Users\Gary\AppData\Roaming\AVAST Software
2015-10-30 11:27:11 274808 ----a-w- C:\Windows\System32\drivers\aswVmm.sys
2015-10-30 11:27:11 153744 ----a-w- C:\Windows\System32\drivers\aswStm.sys
2015-10-30 11:27:09 93528 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2015-10-30 11:27:09 90968 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2015-10-30 11:27:09 65224 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys
2015-10-30 11:27:09 28656 ----a-w- C:\Windows\System32\drivers\aswHwid.sys
2015-10-30 11:27:08 1059656 ----a-w- C:\Windows\System32\drivers\aswsnx.sys
2015-10-30 11:27:06 43112 ----a-w- C:\Windows\avastSS.scr
2015-10-30 11:26:27 -------- d-----w- C:\Program Files\AVAST Software
2015-10-30 11:25:49 -------- d-----w- C:\ProgramData\AVAST Software
2015-10-30 11:24:27 -------- d-----w- C:\Users\Gary\AppData\Roaming\Opera Software
2015-10-30 11:24:27 -------- d-----w- C:\Users\Gary\AppData\Local\Opera Software
.
==================== Find3M ====================
.
2015-11-05 15:13:09 6358648 ----a-w- C:\Windows\System32\nvcpl.dll
2015-11-05 15:13:09 2983032 ----a-w- C:\Windows\System32\nvsvc64.dll
2015-11-05 15:13:08 938616 ----a-w- C:\Windows\System32\nvvsvc.exe
2015-11-05 15:13:07 62584 ----a-w- C:\Windows\System32\nvshext.dll
2015-11-05 15:13:07 385328 ----a-w- C:\Windows\System32\nvmctray.dll
2015-11-05 15:13:07 2554488 ----a-w- C:\Windows\System32\nvsvcr.dll
2015-11-05 02:20:06 1188864 ----a-w- C:\Windows\System32\wininet.dll
2015-11-05 02:19:53 611840 ----a-w- C:\Windows\System32\vbscript.dll
2015-11-05 02:19:45 57856 ----a-w- C:\Windows\System32\licmgr10.dll
2015-11-05 02:19:41 22528 ----a-w- C:\Windows\System32\corpol.dll
2015-11-05 02:19:21 47616 ----a-w- C:\Windows\System32\mshta.exe
2015-11-05 02:19:17 174592 ----a-w- C:\Windows\System32\ieUnatt.exe
2015-11-05 02:19:04 1538048 ----a-w- C:\Windows\System32\inetcpl.cpl
2015-11-05 02:12:17 981504 ----a-w- C:\Windows\SysWow64\wininet.dll
2015-11-05 02:12:06 429568 ----a-w- C:\Windows\SysWow64\vbscript.dll
2015-11-05 02:11:47 44544 ----a-w- C:\Windows\SysWow64\licmgr10.dll
2015-11-05 02:11:22 18944 ----a-w- C:\Windows\SysWow64\corpol.dll
2015-11-05 02:11:03 50176 ----a-w- C:\Windows\SysWow64\mshta.exe
2015-11-05 02:11:00 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2015-11-05 02:10:48 1466368 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2015-11-05 01:50:07 483328 ----a-w- C:\Windows\System32\html.iec
2015-11-05 01:37:41 386560 ----a-w- C:\Windows\SysWow64\html.iec
2015-11-05 01:30:12 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
2015-11-05 01:22:09 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2015-11-03 17:55:32 3211264 ----a-w- C:\Windows\System32\win32k.sys
2015-10-29 17:50:44 6656 ----a-w- C:\Windows\System32\shimeng.dll
2015-10-29 17:50:30 342016 ----a-w- C:\Windows\System32\apphelp.dll
2015-10-29 17:50:29 72192 ----a-w- C:\Windows\System32\aelupsvc.dll
2015-10-29 17:50:29 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
2015-10-29 17:50:29 309248 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll
2015-10-29 17:50:29 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2015-10-29 17:50:29 103424 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll
2015-10-29 17:50:21 5120 ----a-w- C:\Windows\SysWow64\shimeng.dll
2015-10-29 17:50:14 23552 ----a-w- C:\Windows\System32\sdbinst.exe
2015-10-29 17:49:58 295936 ----a-w- C:\Windows\SysWow64\apphelp.dll
2015-10-29 17:49:57 562176 ----a-w- C:\Windows\apppatch\AcLayers.dll
2015-10-29 17:49:57 470528 ----a-w- C:\Windows\apppatch\AcSpecfc.dll
2015-10-29 17:49:57 2178560 ----a-w- C:\Windows\apppatch\AcGenral.dll
2015-10-29 17:49:57 211968 ----a-w- C:\Windows\apppatch\AcXtrnal.dll
2015-10-29 17:49:35 20992 ----a-w- C:\Windows\SysWow64\sdbinst.exe
2015-10-29 17:39:57 2560 ----a-w- C:\Windows\apppatch\AcRes.dll
2015-10-28 07:42:27 6027430 ----a-w- C:\Windows\System32\nvcoproc.bin
2015-10-20 18:42:14 98816 ----a-w- C:\Windows\System32\wudriver.dll
2015-10-20 18:42:14 3168768 ----a-w- C:\Windows\System32\wucltux.dll
2015-10-20 18:42:14 192512 ----a-w- C:\Windows\System32\wuwebv.dll
2015-10-20 18:41:36 91136 ----a-w- C:\Windows\System32\WinSetupUI.dll
2015-10-20 18:41:25 12288 ----a-w- C:\Windows\System32\wu.upgrade.ps.dll
2015-10-20 18:41:22 37888 ----a-w- C:\Windows\System32\wuapp.exe
2015-10-20 17:46:02 93696 ----a-w- C:\Windows\SysWow64\wudriver.dll
2015-10-20 17:46:02 174080 ----a-w- C:\Windows\SysWow64\wuwebv.dll
2015-10-20 17:45:08 35328 ----a-w- C:\Windows\SysWow64\wuapp.exe
2015-10-20 01:12:12 5570496 ----a-w- C:\Windows\System32\ntoskrnl.exe
2015-10-20 01:12:10 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2015-10-20 01:12:10 154560 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2015-10-20 01:09:05 1730496 ----a-w- C:\Windows\System32\ntdll.dll
2015-10-20 01:06:18 362496 ----a-w- C:\Windows\System32\wow64win.dll
2015-10-20 01:06:18 243712 ----a-w- C:\Windows\System32\wow64.dll
2015-10-20 01:06:18 215040 ----a-w- C:\Windows\System32\winsrv.dll
2015-10-20 01:06:18 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2015-10-20 01:04:53 31232 ----a-w- C:\Windows\System32\lsass.exe
2015-10-20 01:04:40 338432 ----a-w- C:\Windows\System32\conhost.exe
2015-10-20 01:04:35 64000 ----a-w- C:\Windows\System32\auditpol.exe
2015-10-20 01:00:20 60416 ----a-w- C:\Windows\System32\msobjs.dll
2015-10-20 00:59:20 146432 ----a-w- C:\Windows\System32\msaudite.dll
2015-10-20 00:52:02 3991488 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2015-10-20 00:52:02 3935680 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2015-10-20 00:48:46 1311768 ----a-w- C:\Windows\SysWow64\ntdll.dll
2015-10-20 00:44:35 50176 ----a-w- C:\Windows\SysWow64\auditpol.exe
2015-10-20 00:44:19 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2015-10-20 00:44:18 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2015-10-20 00:44:18 665088 ----a-w- C:\Windows\SysWow64\rpcrt4.dll
2015-10-20 00:44:18 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2015-10-20 00:39:32 60416 ----a-w- C:\Windows\SysWow64\msobjs.dll
2015-10-20 00:39:11 146432 ----a-w- C:\Windows\SysWow64\msaudite.dll
2015-10-19 23:41:20 159232 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys
2015-10-19 23:40:43 290816 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys
2015-10-19 23:40:39 129024 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys
2015-10-19 23:29:36 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2015-10-19 23:29:34 2048 ----a-w- C:\Windows\SysWow64\user.exe
2015-10-19 23:27:10 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2015-10-19 23:27:10 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2015-10-19 23:27:10 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2015-10-19 23:27:10 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2015-10-13 16:41:05 497664 ----a-w- C:\Windows\System32\drivers\afd.sys
2015-10-13 16:40:33 118272 ----a-w- C:\Windows\System32\drivers\tdx.sys
2015-10-13 04:57:21 950720 ----a-w- C:\Windows\System32\drivers\ndis.sys
2015-10-13 01:29:08 875720 ----a-w- C:\Windows\SysWow64\msvcr120_clr0400.dll
2015-10-13 01:22:02 869568 ----a-w- C:\Windows\System32\msvcr120_clr0400.dll
2015-10-12 03:05:01 1423304 ----a-w- C:\Windows\SysWow64\nvspcap.dll
2015-10-12 03:05:01 1316000 ----a-w- C:\Windows\SysWow64\nvspbridge.dll
2015-10-12 03:04:46 1756424 ----a-w- C:\Windows\System32\nvspbridge64.dll
2015-10-12 03:04:46 1710752 ----a-w- C:\Windows\System32\nvspcap64.dll
2015-10-01 18:06:49 692672 ----a-w- C:\Windows\System32\winload.efi
2015-10-01 18:04:11 616360 ----a-w- C:\Windows\System32\winresume.efi
2015-10-01 18:00:59 63488 ----a-w- C:\Windows\System32\setbcdlocale.dll
2015-10-01 18:00:51 24576 ----a-w- C:\Windows\System32\jnwmon.dll
2015-10-01 18:00:50 275456 ----a-w- C:\Windows\System32\InkEd.dll
2015-10-01 18:00:43 59392 ----a-w- C:\Windows\System32\appidapi.dll
2015-10-01 18:00:43 32768 ----a-w- C:\Windows\System32\appidsvc.dll
2015-10-01 18:00:06 17920 ----a-w- C:\Windows\System32\appidcertstorecheck.exe
.
============= FINISH: 18:56:52.71 ===============

Attached Files

attach.txt (6.9 KB)

I have a Windows10 O/S on a laptop system which was upgraded from version 8.1 . Therefore, it was installed online without any install disk available. Windows Defender found three different malware existing together. These are Win32/HiddenRun.B + BAT/Fired.A + Win32/Iroffer.C .
Windows Defender thinks it has removed the three versions of a virus. However, they all immediately come back after removal by the Win Defender software. I suspect one virus version hides from the virus scanner and then helps install the other two versions. The Defender software can not simultaneously handle all three virus versions working together.

Since help is needed, the following is the dds.txt file:

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.10240.16412
Run by mikes at 9:41:33 on 2015-12-07
Microsoft Windows 10 Home 10.0.10240.0.1252.1.1033.18.3978.2216 [GMT -6:00]
.
AV: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\igfxCUIService.exe
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\WINDOWS\System32\svchost.exe -k utcsvc
C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedul2.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\svchost.exe -k appmodel
C:\WINDOWS\system32\dashost.exe
C:\Program Files\Silicondust\HDHomeRun\hdhomerun_service.exe
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\WINDOWS\system32\SearchIndexer.exe
svchost.exe
C:\WINDOWS\system32\dwm.exe
C:\WINDOWS\system32\sihost.exe
C:\WINDOWS\system32\taskhostw.exe
C:\WINDOWS\system32\igfxEM.exe
C:\WINDOWS\system32\igfxHK.exe
C:\WINDOWS\system32\igfxTray.exe
C:\WINDOWS\Explorer.EXE
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedhlp.exe
C:\Users\mikes\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\Seagate\DiscWizard\DiscWizardMonitor.exe
C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
C:\Program Files (x86)\Winamp\winampa.exe
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
C:\Program Files\Windows Defender\MSASCui.exe
C:\WINDOWS\system32\ApplicationFrameHost.exe
C:\Program Files\WindowsApps\Microsoft.ZuneVideo_3.6.15361.0_x64__8wekyb3d8bbwe\Video.UI.exe
C:\WINDOWS\system32\SettingSyncHost.exe
C:\Program Files (x86)\ Firefox\firefox.exe
C:\Program Files\Windows Defender\MpCmdRun.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\vssvc.exe
C:\WINDOWS\System32\svchost.exe -k swprv
C:\WINDOWS\SysWOW64\NOTEPAD.EXE
C:\WINDOWS\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uLocal Page = %11%\blank.htm
uRun: [OneDrive] "C:\Users\mikes\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
mRun: [DiscWizardMonitor.exe] "C:\Program Files (x86)\Seagate\DiscWizard\DiscWizardMonitor.exe"
mRun: [AcronisTibMounterMonitor] C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
mRun: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe"
mPolicies-System: DSCAutomationHostEnabled = dword:2
TCP: Interfaces\{be5902c9-0af2-4d43-be23-3ef2ae3cf4c5} : NameServer = 192.168.0.1,192.168.43.1
TCP: Interfaces\{fc21af83-8b0e-40b4-9e3b-25babeb7c016}\14D6075646F51405142303F523E243 : DHCPNameServer = 192.168.80.240
TCP: Interfaces\{fc21af83-8b0e-40b4-9e3b-25babeb7c016}\4416C656 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{fc21af83-8b0e-40b4-9e3b-25babeb7c016}\458656023586962756 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{fc21af83-8b0e-40b4-9e3b-25babeb7c016}\74E43707F647 : DHCPNameServer = 192.168.43.1
Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
SSODL: WebCheck - <orphaned>
LSA: Security Packages = ""
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.86\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
x64-Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
x64-Run: [Seagate Scheduler2 Service] "C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedhlp.exe"
x64-mPolicies-System: DSCAutomationHostEnabled = dword:2
x64-Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - U
x64-CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\mikes\AppData\Roaming\Mozilla\Firefox\Profiles\rfj5z8rm.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.wunderground.com/cgi-bin/findweather/hdfForecast?query=78644
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll
FF - plugin: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll
.
============= SERVICES / DRIVERS ===============
.
R0 fltsrv;Acronis Storage Filter Management;C:\WINDOWS\System32\drivers\fltsrv.sys [2015-12-1 108832]
R0 intelpep;Intel(R) Power Engine Plug-in Driver;C:\WINDOWS\System32\drivers\intelpep.sys [2015-7-10 43872]
R0 tib;Acronis TIB Manager;C:\WINDOWS\System32\drivers\tib.sys [2015-12-1 1120032]
R0 tib_mounter;Acronis TIB Mounter;C:\WINDOWS\System32\drivers\tib_mounter.sys [2015-12-1 183224]
R0 WindowsTrustedRT;Windows Trusted Execution Environment Class Extension;C:\WINDOWS\System32\drivers\WindowsTrustedRT.sys [2015-7-10 106520]
R0 WindowsTrustedRTProxy;Microsoft Windows Trusted Runtime Secure Service;C:\WINDOWS\System32\drivers\WindowsTrustedRTProxy.sys [2015-7-10 17944]
R0 Wof;Windows Overlay File System Filter Driver;C:\WINDOWS\System32\drivers\wof.sys [2015-9-22 200528]
R1 ahcache;Application Compatibility Cache;C:\WINDOWS\System32\drivers\ahcache.sys [2015-7-10 215552]
R1 FileCrypt;FileCrypt;C:\WINDOWS\System32\drivers\filecrypt.sys [2015-7-10 83968]
R1 GpuEnergyDrv;GPU Energy Driver;C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2015-7-10 8192]
R2 CoreMessagingRegistrar;CoreMessaging;C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork [2015-7-10 39856]
R2 DiagTrack;Diagnostics Tracking Service;C:\WINDOWS\System32\svchost.exe -k utcsvc [2015-7-10 39856]
R2 HDHomeRun Service;HDHomeRun Service;C:\Program Files\Silicondust\HDHomeRun\hdhomerun_service.exe [2015-8-26 28296]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service;C:\WINDOWS\System32\igfxCUIService.exe [2015-7-30 330136]
R2 SgtSch2Svc;Seagate Scheduler2 Service;C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedul2.exe [2013-10-30 1128544]
R2 storqosflt;Storage QoS Filter Driver;C:\WINDOWS\System32\drivers\storqosflt.sys [2015-7-10 61952]
R2 tiledatamodelsvc;Tile Data model server;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-7-10 39856]
R2 UserManager;User Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-7-10 39856]
R2 WdNisDrv;Windows Defender Network Inspection System Driver;C:\WINDOWS\System32\drivers\WdNisDrv.sys [2015-7-10 119648]
R3 BtFilter;BtFilter;C:\WINDOWS\System32\drivers\btfilter.sys [2015-3-9 599240]
R3 ClipSVC;Client License Service (ClipSVC);C:\WINDOWS\System32\svchost.exe -k wsappx [2015-7-10 39856]
R3 DsSvc;Data Sharing Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-7-10 39856]
R3 GPIO;Intel SoC GPIO Controller Driver;C:\WINDOWS\System32\drivers\iaiogpioe.sys [2015-9-22 42416]
R3 iaioi2c;I2C Controller Service;C:\WINDOWS\System32\drivers\iaioi2ce.sys [2015-9-22 83576]
R3 IntcDAud;Intel(R) Display Audio;C:\WINDOWS\System32\drivers\IntcDAud.sys [2015-8-21 463112]
R3 iwdbus;IWD Bus Enumerator;C:\WINDOWS\System32\drivers\iwdbus.sys [2015-6-26 38976]
R3 LicenseManager;Windows License Manager Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-7-10 39856]
R3 NcbService;Network Connection Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-7-10 39856]
R3 NdisVirtualBus;Microsoft Virtual Network Adapter Enumerator;C:\WINDOWS\System32\drivers\NdisVirtualBus.sys [2015-7-10 20992]
R3 RTL8168;Realtek 8168 NT Driver;C:\WINDOWS\System32\drivers\Rt630x64.sys [2014-8-12 873176]
R3 RTSUER;Realtek USB Card Reader - UER;C:\WINDOWS\System32\drivers\RtsUer.sys [2015-5-14 402960]
R3 StateRepository;State Repository Service;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-7-10 39856]
R3 UEFI;Microsoft UEFI Driver;C:\WINDOWS\System32\drivers\uefi.sys [2015-7-10 28512]
R3 UsoSvc;Update Orchestrator Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-7-10 39856]
R3 WdNisSvc;Windows Defender Network Inspection Service;C:\Program Files\Windows Defender\NisSrv.exe [2015-7-10 362928]
S2 dmwappushservice;dmwappushsvc;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-7-10 39856]
S2 DoSvc;Delivery Optimization;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-7-10 39856]
S2 MapsBroker;Downloaded Maps Manager;C:\WINDOWS\System32\svchost.exe -k NetworkService [2015-7-10 39856]
S3 ADP80XX;ADP80XX;C:\WINDOWS\System32\drivers\adp80xx.sys [2015-7-10 1135456]
S3 AJRouter;AllJoyn Router Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-7-10 39856]
S3 AppReadiness;App Readiness;C:\WINDOWS\System32\svchost.exe -k AppReadiness [2015-7-10 39856]
S3 AppXSvc;AppX Deployment Service (AppXSVC);C:\WINDOWS\System32\svchost.exe -k wsappx [2015-7-10 39856]
S3 bcmfn2;bcmfn2 Service;C:\WINDOWS\System32\drivers\bcmfn2.sys [2015-7-10 17624]
S3 BthHFSrv;Bluetooth Handsfree Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceAndNoImpersonation [2015-7-10 39856]
S3 buttonconverter;Service for Portable Device Control devices;C:\WINDOWS\System32\drivers\buttonconverter.sys [2015-10-2 36352]
S3 CapImg;HID driver for CapImg touch screen;C:\WINDOWS\System32\drivers\capimg.sys [2015-7-10 116736]
S3 CDPSvc;CDPSvc;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-7-10 39856]
S3 DcpSvc;DataCollectionPublishingService;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-7-10 39856]
S3 DevQueryBroker;DevQuery Background Discovery Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-7-10 39856]
S3 diagnosticshub.standardcollector.service;Microsoft (R) Diagnostics Hub Standard Collector Service;C:\WINDOWS\System32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-7-10 27136]
S3 DmEnrollmentSvc;Device Management Enrollment Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-7-10 39856]
S3 embeddedmode;embeddedmode;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-7-10 39856]
S3 EntAppSvc;Enterprise App Management Service;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-7-10 39856]
S3 fcvsc;fcvsc;C:\WINDOWS\System32\drivers\fcvsc.sys [2015-7-10 31232]
S3 genericusbfn;Generic USB Function Class;C:\WINDOWS\System32\drivers\genericusbfn.sys [2015-7-10 20992]
S3 hidinterrupt;Common Driver for HID Buttons implemented with interrupts;C:\WINDOWS\System32\drivers\hidinterrupt.sys [2015-7-10 50016]
S3 iaLPSSi_GPIO;Intel(R) Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [2015-7-10 38128]
S3 iaLPSSi_I2C;Intel(R) Serial IO I2C Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [2015-7-10 122608]
S3 iaStorAV;Intel(R) SATA RAID Controller Windows;C:\WINDOWS\System32\drivers\iaStorAV.sys [2015-7-10 673120]
S3 ibbus;Mellanox InfiniBand Bus/AL (Filter Driver);C:\WINDOWS\System32\drivers\ibbus.sys [2015-7-10 424800]
S3 icssvc;Windows Mobile Hotspot Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2015-7-10 39856]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\WINDOWS\System32\ieetwcollector.exe [2015-7-10 115200]
S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\WINDOWS\System32\drivers\intelaud.sys [2015-6-26 50240]
S3 IoQos;IoQos;C:\WINDOWS\System32\drivers\ioqos.sys [2015-7-10 26624]
S3 lfsvc;Geolocation Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-7-10 39856]
S3 LSI_SAS2i;LSI_SAS2i;C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2015-7-10 104800]
S3 LSI_SAS3i;LSI_SAS3i;C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2015-7-10 99168]
S3 mlx4_bus;Mellanox ConnectX Bus Enumerator;C:\WINDOWS\System32\drivers\mlx4_bus.sys [2015-7-10 705376]
S3 ndfltr;NetworkDirect Service;C:\WINDOWS\System32\drivers\ndfltr.sys [2015-7-10 76128]
S3 NetSetupSvc;Network Setup Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-7-10 39856]
S3 netvsc;netvsc;C:\WINDOWS\System32\drivers\netvsc.sys [2015-7-10 94720]
S3 NgcCtnrSvc;Microsoft Passport Container;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2015-7-10 39856]
S3 NgcSvc;Microsoft Passport;C:\WINDOWS\System32\lsass.exe [2015-7-10 56344]
S3 percsas2i;percsas2i;C:\WINDOWS\System32\drivers\percsas2i.sys [2015-7-10 58208]
S3 percsas3i;percsas3i;C:\WINDOWS\System32\drivers\percsas3i.sys [2015-7-10 58720]
S3 ReFSv1;ReFSv1;C:\WINDOWS\System32\drivers\refsv1.sys [2015-9-22 934752]
S3 RetailDemo;Retail Demo Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-7-10 39856]
S3 ScDeviceEnum;Smart Card Device Enumeration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-7-10 39856]
S3 SensorDataService;Sensor Data Service;C:\WINDOWS\System32\SensorDataService.exe [2015-9-22 1031680]
S3 SensorService;Sensor Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-7-10 39856]
S3 SerCx2;Serial UART Support Library;C:\WINDOWS\System32\drivers\SerCx2.sys [2015-7-10 155488]
S3 smphost;Microsoft Storage Spaces SMP;C:\WINDOWS\System32\svchost.exe -k smphost [2015-7-10 39856]
S3 SmsRouter;Microsoft Windows SMS Router Service.;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-7-10 39856]
S3 stornvme;Microsoft Standard NVM Express Driver;C:\WINDOWS\System32\drivers\stornvme.sys [2015-9-22 80720]
S3 storufs;Microsoft Universal Flash Storage (UFS) Driver;C:\WINDOWS\System32\drivers\storufs.sys [2015-7-10 40288]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmCx.sys [2015-7-10 61952]
S3 UcmUcsi;USB Connector Manager UCSI Client;C:\WINDOWS\System32\drivers\UcmUcsi.sys [2015-9-22 46080]
S3 UdeCx;USB Device Emulation Support Library;C:\WINDOWS\System32\drivers\Udecx.sys [2015-7-10 44032]
S3 Ufx01000;USB Function Class Extension;C:\WINDOWS\System32\drivers\ufx01000.sys [2015-7-10 245088]
S3 UfxChipidea;USB Chipidea Controller;C:\WINDOWS\System32\drivers\UfxChipidea.sys [2015-7-10 94048]
S3 ufxsynopsys;USB Synopsys Controller;C:\WINDOWS\System32\drivers\ufxsynopsys.sys [2015-7-10 127840]
S3 UrsChipidea;Chipidea USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urschipidea.sys [2015-7-10 28512]
S3 UrsCx01000;USB Role-Switch Support Library;C:\WINDOWS\System32\drivers\urscx01000.sys [2015-7-10 57696]
S3 UrsSynopsys;Synopsys USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urssynopsys.sys [2015-7-10 27488]
S3 vhf;Virtual HID Framework (VHF) Driver;C:\WINDOWS\System32\drivers\vhf.sys [2015-7-10 31744]
S3 vmicguestinterface;Hyper-V Guest Service Interface;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-7-10 39856]
S3 vmicvmsession;Hyper-V VM Session Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-7-10 39856]
S3 WalletService;WalletService;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-7-10 39856]
S3 wdiwifi;WDI Driver Framework;C:\WINDOWS\System32\drivers\WdiWiFi.sys [2015-9-22 685568]
S3 WEPHOSTSVC;Windows Encryption Provider Host Service;C:\WINDOWS\System32\svchost.exe -k WepHostSvcGroup [2015-7-10 39856]
S3 WinMad;WinMad Service;C:\WINDOWS\System32\drivers\winmad.sys [2015-7-10 26976]
S3 WinVerbs;WinVerbs Service;C:\WINDOWS\System32\drivers\winverbs.sys [2015-7-10 59232]
S3 workfolderssvc;Work Folders;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-7-10 39856]
S3 WpnService;Windows Push Notifications Service;C:\WINDOWS\System32\svchost.exe -k wswpnservice [2015-7-10 39856]
S3 WSDScan;WSD Scan Support;C:\WINDOWS\System32\drivers\WSDScan.sys [2015-7-10 24576]
S3 XblAuthManager;Xbox Live Auth Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-7-10 39856]
S3 XblGameSave;Xbox Live Game Save;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-7-10 39856]
S3 xboxgip;Xbox Game Input Protocol Driver;C:\WINDOWS\System32\drivers\xboxgip.sys [2015-7-10 222720]
S3 XboxNetApiSvc;Xbox Live Networking Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-7-10 39856]
S3 xinputhid;XINPUT HID Filter Driver;C:\WINDOWS\System32\drivers\xinputhid.sys [2015-7-10 25600]
S4 HDHomeRun RECORD;HDHomeRun RECORD;C:\Program Files\Silicondust\HDHomeRun\hdhomerun_record.exe [2015-8-26 155784]
.
=============== Created Last 30 ================
.
2015-12-07 15:32:22 16148 ----a-w- C:\WINDOWS\System32\LAPACE_mikes_HistoryPrediction.bin
2015-12-07 04:40:22 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2015-12-07 04:40:22 -------- d-----w- C:\Program Files (x86)\Spybot
2015-12-07 04:38:57 11138400 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E33681AD-11D0-49D7-BC69-2D06940708C3}\mpengine.dll
2015-12-07 04:18:14 -------- d-----w- C:\Users\mikes\AppData\Roaming\OpenCandy
2015-12-07 04:18:11 1892184 ----a-w- C:\WINDOWS\SysWow64\D3DX9_42.dll
2015-12-07 04:18:09 2414360 ----a-w- C:\WINDOWS\SysWow64\d3dx9_31.dll
2015-12-07 04:16:44 -------- d-----w- C:\Program Files (x86)\Winamp Detect
2015-12-07 04:16:26 -------- d-----w- C:\Program Files (x86)\Common Files\PX Storage Engine
2015-12-06 14:51:30 11138400 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2015-12-01 12:58:37 -------- d-----w- C:\Users\mikes\AppData\Roaming\Seagate
2015-12-01 12:53:51 -------- d-----w- C:\ProgramData\Package Cache
2015-12-01 12:52:10 -------- d-----w- C:\ProgramData\Seagate
2015-12-01 12:51:54 183224 ----a-w- C:\WINDOWS\System32\drivers\tib_mounter.sys
2015-12-01 12:51:53 1120032 ----a-w- C:\WINDOWS\System32\drivers\tib.sys
2015-12-01 12:51:52 1462560 ----a-w- C:\WINDOWS\System32\drivers\tdrpman.sys
2015-12-01 12:51:50 233760 ----a-w- C:\WINDOWS\System32\drivers\snapman.sys
2015-12-01 12:51:49 108832 ----a-w- C:\WINDOWS\System32\drivers\fltsrv.sys
2015-12-01 12:51:38 -------- d-----w- C:\Program Files (x86)\Seagate
2015-12-01 12:51:38 -------- d-----w- C:\Program Files (x86)\Common Files\Seagate
2015-12-01 11:38:19 -------- d-----w- C:\Program Files (x86)\HDDScan_3.3
2015-12-01 11:31:08 -------- d-----w- C:\Program Files (x86)\DiskCheckup
2015-11-25 08:42:54 -------- d--h--w- C:\$WINDOWS.~BT
2015-11-22 13:16:36 -------- d-----w- C:\Users\mikes\AppData\Local\QuickPar
2015-11-22 13:10:47 -------- d-----w- C:\Program Files (x86)\QuickPar
2015-11-22 11:20:48 -------- d-----w- C:\altbinz
2015-11-22 11:15:44 -------- d-----w- C:\Users\mikes\AppData\Local\Alt.Binz
2015-11-22 11:15:27 -------- d-----w- C:\Program Files (x86)\Alt.Binz
.
==================== Find3M ====================
.
2015-11-06 20:31:04 328704 ----a-w- C:\WINDOWS\System32\hpinksts7012LM.dll
2015-11-06 20:31:04 264192 ----a-w- C:\WINDOWS\System32\hpinkcoi7012.dll
2015-11-06 20:31:04 2589184 ----a-w- C:\WINDOWS\System32\hpinkins7012.exe
2015-11-05 05:15:45 8020832 ----a-w- C:\WINDOWS\System32\ntoskrnl.exe
2015-11-05 05:15:43 541024 ----a-w- C:\WINDOWS\System32\mcupdate_GenuineIntel.dll
2015-11-05 05:14:21 459104 ----a-w- C:\WINDOWS\System32\drivers\netio.sys
2015-11-05 05:13:31 577888 ----a-w- C:\WINDOWS\System32\drivers\afd.sys
2015-11-05 05:11:46 1392480 ----a-w- C:\WINDOWS\System32\LicenseManager.dll
2015-11-05 05:06:10 966416 ----a-w- C:\WINDOWS\System32\twinapi.appcore.dll
2015-11-05 05:01:05 607408 ----a-w- C:\WINDOWS\System32\fontdrvhost.exe
2015-11-05 04:56:48 1083072 ----a-w- C:\WINDOWS\System32\appraiser.dll
2015-11-05 04:56:44 25280 ----a-w- C:\WINDOWS\System32\CompatTelRunner.exe
2015-11-05 04:56:39 116064 ----a-w- C:\WINDOWS\System32\drivers\tdx.sys
2015-11-05 04:30:20 961376 ----a-w- C:\WINDOWS\SysWow64\LicenseManager.dll
2015-11-05 04:23:42 76800 ----a-w- C:\WINDOWS\System32\browserbroker.dll
2015-11-05 04:23:32 762888 ----a-w- C:\WINDOWS\SysWow64\twinapi.appcore.dll
2015-11-05 04:20:43 21873664 ----a-w- C:\WINDOWS\System32\edgehtml.dll
2015-11-05 04:18:37 3248128 ----a-w- C:\WINDOWS\System32\Windows.Media.dll
2015-11-05 04:18:34 539728 ----a-w- C:\WINDOWS\SysWow64\fontdrvhost.exe
2015-11-05 04:17:35 2418688 ----a-w- C:\WINDOWS\System32\MFMediaEngine.dll
2015-11-05 04:12:31 515072 ----a-w- C:\WINDOWS\System32\internetmail.dll
2015-11-05 04:11:30 333312 ----a-w- C:\WINDOWS\System32\MusUpdateHandlers.dll
2015-11-05 04:10:48 2987520 ----a-w- C:\WINDOWS\System32\esent.dll
2015-11-05 04:07:02 1068032 ----a-w- C:\WINDOWS\System32\audiosrv.dll
2015-11-05 04:06:41 453120 ----a-w- C:\WINDOWS\System32\Windows.Devices.Usb.dll
2015-11-05 04:03:52 2180608 ----a-w- C:\WINDOWS\System32\AppXDeploymentServer.dll
2015-11-05 04:03:49 1015808 ----a-w- C:\WINDOWS\System32\RDXService.dll
2015-11-05 04:01:52 949760 ----a-w- C:\WINDOWS\System32\kerberos.dll
2015-11-05 04:01:41 579072 ----a-w- C:\WINDOWS\System32\winlogon.exe
2015-11-05 04:01:38 713216 ----a-w- C:\WINDOWS\System32\usermgr.dll
2015-11-05 03:59:20 3587072 ----a-w- C:\WINDOWS\System32\win32kfull.sys
2015-11-05 03:59:13 2675200 ----a-w- C:\WINDOWS\System32\Windows.StateRepository.dll
2015-11-05 03:58:50 627712 ----a-w- C:\WINDOWS\System32\Windows.UI.dll
2015-11-05 03:58:36 1383936 ----a-w- C:\WINDOWS\System32\win32kbase.sys
2015-11-05 03:58:02 48128 ----a-w- C:\WINDOWS\apppatch\apppatch64\acspecfc.dll
2015-11-05 03:56:30 1795072 ----a-w- C:\WINDOWS\System32\AppXDeploymentExtensions.dll
2015-11-05 03:55:55 145408 ----a-w- C:\WINDOWS\System32\dssvc.dll
2015-11-05 03:54:44 502272 ----a-w- C:\WINDOWS\System32\dlnashext.dll
2015-11-05 03:42:23 2647040 ----a-w- C:\WINDOWS\SysWow64\Windows.Media.dll
2015-11-05 03:40:41 1918976 ----a-w- C:\WINDOWS\SysWow64\MFMediaEngine.dll
2015-11-05 03:35:47 18803712 ----a-w- C:\WINDOWS\SysWow64\edgehtml.dll
2015-11-05 03:35:04 2639872 ----a-w- C:\WINDOWS\SysWow64\esent.dll
2015-11-05 03:34:45 311296 ----a-w- C:\WINDOWS\SysWow64\Windows.Devices.Usb.dll
2015-11-05 03:30:03 767488 ----a-w- C:\WINDOWS\SysWow64\kerberos.dll
2015-11-05 03:27:12 464896 ----a-w- C:\WINDOWS\SysWow64\Windows.UI.dll
2015-11-05 03:27:12 2049536 ----a-w- C:\WINDOWS\SysWow64\Windows.StateRepository.dll
2015-11-05 03:26:33 457728 ----a-w- C:\WINDOWS\apppatch\AcSpecfc.dll
2015-11-05 03:23:15 441344 ----a-w- C:\WINDOWS\SysWow64\dlnashext.dll
2015-11-03 18:20:11 810488 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
2015-11-03 18:20:11 176632 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
2015-10-28 21:44:12 644456 ----a-w- C:\WINDOWS\System32\hpzids40.dll
2015-10-18 13:22:03 451 ----a-w- C:\WINDOWS\System32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2015-10-10 08:54:45 1143031 ----a-w- C:\WINDOWS\System32\drivers\rtkhdasetting.zip
2015-10-10 08:51:38 618992 ----a-w- C:\WINDOWS\System32\MetroIntelGenericUIFramework.dll
2015-10-10 07:12:02 78528 ----a-w- C:\WINDOWS\System32\acmigration.dll
2015-10-10 01:11:04 144 ----a-w- C:\WINDOWS\System32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2015-10-06 03:03:57 16708608 ----a-w- C:\WINDOWS\System32\Windows.UI.Xaml.dll
2015-10-06 02:46:57 13027840 ----a-w- C:\WINDOWS\SysWow64\Windows.UI.Xaml.dll
2015-10-01 04:01:10 858408 ----a-w- C:\WINDOWS\System32\winresume.exe
2015-10-01 04:01:10 1018568 ----a-w- C:\WINDOWS\System32\winresume.efi
2015-10-01 04:01:03 1294352 ----a-w- C:\WINDOWS\System32\winload.efi
2015-10-01 04:01:03 1123400 ----a-w- C:\WINDOWS\System32\winload.exe
2015-10-01 03:03:36 757760 ----a-w- C:\WINDOWS\System32\fveapi.dll
2015-09-25 04:01:54 2573768 ----a-w- C:\WINDOWS\System32\msxml6.dll
2015-09-25 04:01:05 498016 ----a-w- C:\WINDOWS\System32\drivers\usbhub.sys
2015-09-25 03:52:05 980832 ----a-w- C:\WINDOWS\System32\SecConfig.efi
2015-09-25 03:33:37 1997336 ----a-w- C:\WINDOWS\SysWow64\msxml6.dll
2015-09-25 03:11:52 257024 ----a-w- C:\WINDOWS\System32\UserDataAccountApis.dll
2015-09-25 03:11:49 223232 ----a-w- C:\WINDOWS\System32\PhoneCallHistoryApis.dll
2015-09-25 03:07:38 1276416 ----a-w- C:\WINDOWS\System32\wifinetworkmanager.dll
2015-09-25 03:04:12 771072 ----a-w- C:\WINDOWS\System32\Chakradiag.dll
2015-09-25 03:03:53 576000 ----a-w- C:\WINDOWS\System32\vbscript.dll
2015-09-25 03:03:35 796160 ----a-w- C:\WINDOWS\System32\TokenBroker.dll
2015-09-25 03:02:56 689152 ----a-w- C:\WINDOWS\System32\Windows.Security.Authentication.Web.Core.dll
2015-09-25 03:02:35 7523840 ----a-w- C:\WINDOWS\System32\Chakra.dll
2015-09-25 03:01:26 4792320 ----a-w- C:\WINDOWS\System32\jscript9.dll
2015-09-25 03:00:50 1423872 ----a-w- C:\WINDOWS\System32\UserDataService.dll
2015-09-25 03:00:07 752640 ----a-w- C:\WINDOWS\System32\ChatApis.dll
2015-09-25 03:00:05 856576 ----a-w- C:\WINDOWS\System32\ContactApis.dll
2015-09-25 02:59:54 720896 ----a-w- C:\WINDOWS\System32\EmailApis.dll
2015-09-25 02:59:48 685568 ----a-w- C:\WINDOWS\System32\AppointmentApis.dll
2015-09-25 02:59:48 288256 ----a-w- C:\WINDOWS\System32\PimIndexMaintenance.dll
2015-09-25 02:59:38 1205248 ----a-w- C:\WINDOWS\System32\Unistore.dll
2015-09-25 02:59:31 163840 ----a-w- C:\WINDOWS\System32\CallHistoryClient.dll
2015-09-25 02:59:04 590336 ----a-w- C:\WINDOWS\System32\MessagingDataModel2.dll
2015-09-25 02:58:37 1871360 ----a-w- C:\WINDOWS\System32\msxml3.dll
2015-09-25 02:47:16 195584 ----a-w- C:\WINDOWS\SysWow64\UserDataAccountApis.dll
2015-09-25 02:47:16 172032 ----a-w- C:\WINDOWS\SysWow64\PhoneCallHistoryApis.dll
2015-09-25 02:38:45 574464 ----a-w- C:\WINDOWS\SysWow64\Chakradiag.dll
2015-09-25 02:38:40 504320 ----a-w- C:\WINDOWS\SysWow64\vbscript.dll
2015-09-25 02:38:19 3580416 ----a-w- C:\WINDOWS\SysWow64\jscript9.dll
2015-09-25 02:37:35 613376 ----a-w- C:\WINDOWS\SysWow64\TokenBroker.dll
2015-09-25 02:37:09 480256 ----a-w- C:\WINDOWS\SysWow64\Windows.Security.Authentication.Web.Core.dll
2015-09-25 02:36:04 5454848 ----a-w- C:\WINDOWS\SysWow64\Chakra.dll
2015-09-25 02:34:21 557568 ----a-w- C:\WINDOWS\SysWow64\ChatApis.dll
2015-09-25 02:34:19 625152 ----a-w- C:\WINDOWS\SysWow64\ContactApis.dll
2015-09-25 02:34:07 579584 ----a-w- C:\WINDOWS\SysWow64\AppointmentApis.dll
2015-09-25 02:34:03 525312 ----a-w- C:\WINDOWS\SysWow64\EmailApis.dll
2015-09-25 02:34:00 928256 ----a-w- C:\WINDOWS\SysWow64\Unistore.dll
2015-09-25 02:33:44 131072 ----a-w- C:\WINDOWS\SysWow64\CallHistoryClient.dll
.
============= FINISH: 9:41:49.15 ===============

Attached Files

attach.txt (4.9 KB)

Hi,

1) Recently, Avast blocked an access to a malicious site while the system was idle & no web browser was active. Screenshot of the threat attached as first thumbnail.

2) Also, the USB drives being used with this system are getting infected.

3) Getting an error message 'ubd.exe - Entry Point Not Found' every time on startup. Screenshot of the same attached as second thumbnail.

4) Also, the system is running slow. Nothing else in particular observed.

Hence, I hereby post the DDS logs for review. Kindly assist;

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 11.0.9600.18098 BrowserJavaVersion: 11.66.2
Run by USER at 17:18:21 on 2015-12-09
Microsoft Windows 7 Professional 6.1.7601.1.1252.91.1033.18.3069.1463 [GMT 5.5:30]
.
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Disabled/Outdated* {D68DUSER3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\WIUSEROMM\Bluetooth Software\btwdins.exe
C:\Windows\system32\FsUsbExService.Exe
C:\Program Files\Sony\Network Utility\NSUService.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Sony\VAIO Update 4\VAIOUpdt.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files\Logitech\SetPointP\SetPoint.exe
C:\Windows\system32\GWX\GWX.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Sony\Network Utility\LANUtil.exe
C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
C:\Program Files\Samsung\Kies\Kies.exe
C:\Program Files\WIUSEROMM\Bluetooth Software\BTTray.exe
C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files\Sony\VAIO Power Management\SPMService.exe
C:\Windows\system32\fxssvc.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\sppsvc.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\System32\WUDFHost.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe
C:\Program Files\Alwil Software\Avast5\ng\vbox\AvastVBoxSVC.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\CompatTelRunner.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\CompatTelRunner.exe
C:\Users\USER\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Users\USER\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
C:\Users\USER\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\USER\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\USER\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\USER\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\USER\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\USER\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\USER\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\USER\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\USER\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\TEMP\4B8A179C-1825-4AAF-B02D-05028BAF85DB\dismhost.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\svchost.exe -k UseromLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\svchost.exe -k yksvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k secsvcs
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxps://in.yahoo.com/?fr=yset_ie_syc_oracle&type=orcl_hpset
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre1.8.0_66\bin\ssv.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\alwil software\avast5\aswWebRepIE.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Logitech SetPoint: {AF949550-9094-4807-95EC-D1C317803333} - c:\program files\logitech\setpointp\SetPointSmooth.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre1.8.0_66\bin\jp2ssv.dll
uRun: [NSUFloatingUI] "c:\program files\sony\network utility\LANUtil.exe"
uRun: [Google Update] "c:\users\user\appdata\local\google\update\GoogleUpdate.exe" /c
uRun: [MobileDocuments] c:\program files\common files\apple\internet services\ubd.exe
uRun: [KiesPreload] c:\program files\samsung\kies\Kies.exe /preload
uRun: [KiesAirMessage] c:\program files\samsung\kies\KiesAirMessage.exe -startup
uRun: [] c:\program files\samsung\kies\external\firmwareupdate\KiesPDLR.exe
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [NPSStartup] <no file>
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\blueto~1.lnk - c:\program files\wiuseromm\bluetooth software\BTTray.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:181
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
mPolicies-System: SoftwareSASGeneration = dword:1
IE: &Clean Traces - c:\program files\dap\privacy package\dapcleanerie.htm
IE: &Download with &DAP - c:\program files\dap\dapextie.htm
IE: Download &all with DAP - c:\program files\dap\dapextie2.htm
IE: E&xport to Microsoft Excel - c:\progra~1\micros~1\office12\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - c:\program files\wiuseromm\bluetooth software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\wiuseromm\bluetooth software\btsendto_ie.htm
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\wiuseromm\bluetooth software\btsendto_ie.htm
DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} - hxxp://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1297691464613
TCP: NameServer = 192.168.1.1 192.168.1.1
TCP: Interfaces\{5F6CBA2E-A031-471F-B813-BA59A68063A4} : DHCPNameServer = 10.1.16.1 119.42.152.5
TCP: Interfaces\{EE8526EE-06A8-4CCC-A817-A5A621E2BE71} : DHCPNameServer = 192.168.1.1 192.168.1.1
TCP: Interfaces\{EE8526EE-06A8-4CCC-A817-A5A621E2BE71}\3434 : DHCPNameServer = 202.148.202.3 202.148.202.4
TCP: Interfaces\{EE8526EE-06A8-4CCC-A817-A5A621E2BE71}\350756564637475627 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{EE8526EE-06A8-4CCC-A817-A5A621E2BE71}\6534027416C616879702E4F64756 : DHCPNameServer = 192.168.43.1
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Name-Space Handler: FTP\ZDA - {5BFA1DAF-5EUSER-11D2-959E-00C00C02DA5E} - c:\program files\dap\dapie.dll
Name-Space Handler: HTTP\ZDA - {5BFA1DAF-5EUSER-11D2-959E-00C00C02DA5E} - c:\program files\dap\dapie.dll
Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
Notify: VESWinlogon - VESWinlogon.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\user\appdata\roaming\mozilla\firefox\profiles\fywyjktx.default\
FF - prefs.js: browser.startup.homepage - chrome://speeddial/content/speeddial.xul
FF - plugin: c:\program files\foxit software\foxit reader\plugins\npFoxitReaderPlugin.dll
FF - plugin: c:\program files\google\update\1.3.28.15\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre1.8.0_66\bin\dtplugin\npdeployJava1.dll
FF - plugin: c:\program files\java\jre1.8.0_66\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\5.0.61118.0\npctrlui.dll
FF - plugin: c:\users\user\appdata\local\google\update\1.3.28.15\npGoogleUpdate3.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_2_202_235.dll
FF - plugin: c:\windows\system32\wat\npWatWeb.dll
FF - ExtSQL: 2015-11-24 20:28; sp@avast.com; c:\program files\alwil software\avast5\safeprice\FF
FF - ExtSQL: 2015-11-24 20:49; {F003DA68-8256-4b37-A6C4-350FA04494DF}; c:\program files\logitech\setpointp\LogiSmoothFirefoxExt
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;avast! Revert;c:\windows\system32\drivers\aswRvrt.sys [2015-11-24 49776]
R0 aswVmm;avast! VM Monitor;c:\windows\system32\drivers\aswVmm.sys [2015-11-24 209432]
R0 ngvss;ngvss;c:\windows\system32\drivers\ngvss.sys [2015-11-24 121368]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-5-11 794952]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2010-4-6 435464]
R2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys [2015-11-24 24016]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-4-6 81168]
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys [2015-11-24 117200]
R2 avast! Antivirus;Avast Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2015-11-24 174416]
R2 DiagTrack;Diagnostics Tracking Service;c:\windows\system32\svchost.exe -k utcsvc [2009-7-14 20992]
R2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [2011-4-4 217088]
R2 NSUService;NSUService;c:\program files\sony\network utility\NSUService.exe [2010-4-2 303104]
R2 SSPORT;SSPORT;c:\windows\system32\drivers\SSPORT.SYS [2010-10-17 5120]
R2 TeamViewer7;TeamViewer 7;c:\program files\teamviewer\version7\TeamViewer_Service.exe [2013-3-30 2849120]
R2 VAIO Power Management;VAIO Power Management;c:\program files\sony\vaio power management\SPMService.exe [2010-4-2 415592]
R2 VBoxAswDrv;VBoxAsw Support Driver;c:\program files\alwil software\avast5\ng\vbox\VBoxAswDrv.sys [2015-11-24 252152]
R2 yksvc;Marvell Yukon Service;c:\windows\system32\svchost.exe -k yksvcs [2009-7-14 20992]
R3 AvastVBoxSvc;AvastVBox COM Service;c:\program files\alwil software\avast5\ng\vbox\AvastVBoxSVC.exe [2015-11-24 4390776]
R3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [2011-4-4 36608]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\drivers\NETw5v32.sys [2010-4-2 4231680]
R3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys [2007-8-3 9344]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\drivers\VSTAZL3.SYS [2009-7-14 207360]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\drivers\VSTDPV3.SYS [2009-7-14 980992]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\drivers\VSTCNXT3.SYS [2009-7-14 661504]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2014-12-11 315496]
S3 b57nd60x;Broauserom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\drivers\btwl2cap.sys [2010-4-4 29472]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\drivers\ssudbus.sys [2014-5-1 89856]
S3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\drivers\ewusbdev.sys [2010-10-7 101120]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\ieetwcollector.exe [2015-12-1 102912]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2009-10-6 136704]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [2009-10-6 8320]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\drivers\ssudmdm.sys [2014-5-1 184192]
S3 StorSvc;Storage Service;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 20992]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-2-27 52224]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-4-7 1343400]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\drivers\yk62x86.sys [2009-7-14 311296]
.
=============== Created Last 30 ================
.
2015-12-08 05:36:16 701440 ----a-w- c:\windows\system32\IMJP10K.DLL
2015-12-08 05:36:11 2364416 ----a-w- c:\windows\system32\msi.dll
2015-12-08 05:36:10 337408 ----a-w- c:\windows\system32\msihnd.dll
2015-12-08 05:36:09 73216 ----a-w- c:\windows\system32\msiexec.exe
2015-12-08 05:36:09 25088 ----a-w- c:\windows\system32\msimsg.dll
2015-12-08 05:35:50 163840 ----a-w- c:\windows\system32\scrrun.dll
2015-12-08 05:35:50 141824 ----a-w- c:\windows\system32\wscript.exe
2015-12-08 05:35:50 126976 ----a-w- c:\windows\system32\cscript.exe
2015-12-08 05:35:50 121856 ----a-w- c:\windows\system32\wshom.ocx
2015-12-01 15:17:06 245760 ----a-w- c:\windows\system32\OxpsConverter.exe
2015-12-01 15:12:55 6144 ----a-w- c:\windows\system32\KBDYAK.DLL
2015-12-01 15:12:55 6144 ----a-w- c:\windows\system32\KBDBASH.DLL
2015-12-01 15:12:38 3419136 ----a-w- c:\windows\system32\d2d1.dll
2015-11-29 10:11:18 -------- d-s---w- c:\windows\system32\GWX
2015-11-29 08:31:26 -------- d-----w- c:\windows\system32\MRT
2015-11-29 07:46:56 2285056 ----a-w- c:\windows\system32\msmpeg2vdec.dll
2015-11-29 07:30:51 66560 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2015-11-29 07:30:51 155136 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2015-11-29 07:30:47 73216 ----a-w- c:\windows\system32\WUDFSvc.dll
2015-11-29 07:30:47 613888 ----a-w- c:\windows\system32\WUDFx.dll
2015-11-29 07:30:47 38912 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2015-11-29 07:30:47 196608 ----a-w- c:\windows\system32\WUDFHost.exe
2015-11-29 07:30:47 172032 ----a-w- c:\windows\system32\WUDFPlatform.dll
2015-11-29 07:29:27 99480 ----a-w- c:\windows\system32\infocardapi.dll
2015-11-29 07:29:26 8856 ----a-w- c:\windows\system32\icardres.dll
2015-11-29 07:29:15 619672 ----a-w- c:\windows\system32\icardagt.exe
2015-11-29 07:29:13 35480 ----a-w- c:\windows\system32\TsWpfWrp.exe
2015-11-28 16:29:02 1230848 ----a-w- c:\windows\system32\WindowsCodecs.dll
2015-11-28 16:20:07 909824 ----a-w- c:\windows\system32\FntCache.dll
2015-11-28 16:20:07 1987584 ----a-w- c:\windows\system32\d3d10warp.dll
2015-11-28 16:20:07 1251328 ----a-w- c:\windows\system32\DWrite.dll
2015-11-28 16:14:35 417792 ----a-w- c:\windows\system32\WMPhoto.dll
2015-11-28 15:10:01 62576 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{54249e24-8cbe-4d03-b7e3-ff8bd2fdacdd}\offreg.3684.dll
2015-11-28 14:52:23 -------- d-s---w- c:\windows\system32\CompatTel
2015-11-28 14:52:23 -------- d-----w- c:\windows\system32\appraiser
2015-11-28 14:52:23 -------- d-----w- c:\windows\Migration
2015-11-27 21:50:46 -------- d-----w- C:\3711ea7cbf8e35ed9350bd167ea6daa9
2015-11-27 21:50:26 -------- d-----w- C:\56396b5493af877917d88107a6fbcd
2015-11-27 20:51:59 231424 ----a-w- c:\windows\system32\mswsock.dll
2015-11-27 20:51:31 49152 ----a-w- c:\windows\system32\taskhost.exe
2015-11-27 20:45:51 1505280 ----a-w- c:\windows\system32\d3d11.dll
2015-11-27 20:41:21 103120 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-11-27 19:46:08 76800 ----a-w- c:\windows\system32\wdi.dll
2015-11-27 19:46:08 635904 ----a-w- c:\windows\system32\perftrack.dll
2015-11-27 19:46:08 27136 ----a-w- c:\windows\system32\powertracker.dll
2015-11-27 19:12:44 36864 ----a-w- c:\windows\system32\tsgqec.dll
2015-11-27 19:12:44 3221504 ----a-w- c:\windows\system32\mstscax.dll
2015-11-27 19:12:44 131584 ----a-w- c:\windows\system32\aaclient.dll
2015-11-27 19:12:32 15872 ----a-w- c:\windows\system32\drivers\usb8023.sys
2015-11-27 19:10:47 74752 ----a-w- c:\windows\system32\drivers\tdx.sys
2015-11-27 19:09:21 70656 ----a-w- c:\windows\system32\fontsub.dll
2015-11-27 19:09:21 34304 ----a-w- c:\windows\system32\atmlib.dll
2015-11-27 19:09:21 299520 ----a-w- c:\windows\system32\atmfd.dll
2015-11-27 19:09:21 26624 ----a-w- c:\windows\system32\lpk.dll
2015-11-27 19:09:21 10240 ----a-w- c:\windows\system32\useriman32.dll
2015-11-27 19:09:19 372736 ----a-w- c:\windows\system32\rastls.dll
2015-11-27 19:07:47 499712 ----a-w- c:\windows\system32\iphlpsvc.dll
2015-11-27 19:06:46 1212352 ----a-w- c:\windows\system32\drivers\ntfs.sys
2015-11-27 19:03:39 240576 ----a-w- c:\windows\system32\drivers\netio.sys
2015-11-27 19:03:39 187840 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2015-11-27 19:03:39 1294272 ----a-w- c:\windows\system32\drivers\tcpip.sys
2015-11-27 19:03:35 342016 ----a-w- c:\windows\system32\certcli.dll
2015-11-27 19:03:28 308224 ----a-w- c:\windows\system32\scesrv.dll
2015-11-27 19:03:19 92160 ----a-w- c:\windows\system32\sechost.dll
2015-11-27 19:03:19 82944 ----a-w- c:\windows\system32\logman.exe
2015-11-27 19:03:19 40448 ----a-w- c:\windows\system32\typeperf.exe
2015-11-27 19:03:19 37888 ----a-w- c:\windows\system32\relog.exe
2015-11-27 19:03:19 364544 ----a-w- c:\windows\system32\tracerpt.exe
2015-11-27 19:03:19 17408 ----a-w- c:\windows\system32\diskperf.exe
2015-11-27 19:03:08 259072 ----a-w- c:\windows\system32\services.exe
2015-11-27 19:03:07 793600 ----a-w- c:\windows\system32\TSWorkspace.dll
2015-11-27 19:02:55 96768 ----a-w- c:\windows\system32\appidpolicyconverter.exe
2015-11-27 19:02:54 50688 ----a-w- c:\windows\system32\appidapi.dll
2015-11-27 19:02:54 28160 ----a-w- c:\windows\system32\appidsvc.dll
2015-11-27 19:02:53 50176 ----a-w- c:\windows\system32\setbcdlocale.dll
2015-11-27 19:02:53 50176 ----a-w- c:\windows\system32\drivers\appid.sys
2015-11-27 19:02:53 16896 ----a-w- c:\windows\system32\appiuserertstorecheck.exe
2015-11-27 19:02:40 509440 ----a-w- c:\windows\system32\qedit.dll
2015-11-27 19:01:55 8991856 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{54249e24-8cbe-4d03-b7e3-ff8bd2fdacdd}\mpengine.dll
2015-11-27 18:57:57 55808 ----a-w- c:\windows\system32\drivers\hiuserlass.sys
2015-11-27 18:57:57 36352 ----a-w- c:\windows\system32\drivers\usbscan.sys
2015-11-27 18:57:57 25728 ----a-w- c:\windows\system32\drivers\hidparse.sys
2015-11-27 18:52:57 844288 ----a-w- c:\windows\system32\drivers\umdf\WpdMtpDr.dll
2015-11-27 18:52:57 2311168 ----a-w- c:\windows\system32\wpdshext.dll
2015-11-27 18:45:41 751104 ----a-w- c:\windows\system32\schedsvc.dll
2015-11-27 18:38:50 28160 ----a-w- c:\windows\system32\drivers\usbser.sys
2015-11-27 18:38:47 730048 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2015-11-27 18:38:46 219072 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2015-11-27 18:38:45 107520 ----a-w- c:\windows\system32\cdd.dll
2015-11-27 18:35:50 62464 ----a-w- c:\windows\system32\aelupsvc.dll
2015-11-27 18:35:50 5120 ----a-w- c:\windows\system32\shimeng.dll
2015-11-27 18:35:50 295936 ----a-w- c:\windows\system32\apphelp.dll
2015-11-27 18:35:50 20992 ----a-w- c:\windows\system32\sdbinst.exe
2015-11-27 18:24:49 492544 ----a-w- c:\windows\system32\win32spl.dll
2015-11-27 18:19:28 1019904 ----a-w- c:\program files\common files\system\ado\msado15.dll
2015-11-27 18:19:27 805376 ----a-w- c:\windows\system32\cdosys.dll
2015-11-27 18:19:27 57344 ----a-w- c:\program files\common files\system\ado\msador15.dll
2015-11-27 18:19:27 372736 ----a-w- c:\program files\common files\system\ado\msadox.dll
2015-11-27 18:19:27 352256 ----a-w- c:\program files\common files\system\ado\msadomd.dll
2015-11-27 18:19:27 212992 ----a-w- c:\program files\common files\system\msauser\msausero.dll
2015-11-27 18:19:27 143360 ----a-w- c:\program files\common files\system\ado\msjro.dll
2015-11-27 18:09:59 46592 ----a-w- c:\windows\system32\TSWbPrxy.exe
2015-11-27 18:09:58 164864 ----a-w- c:\windows\system32\profsvc.dll
2015-11-27 18:09:56 571904 ----a-w- c:\windows\system32\oleaut32.dll
2015-11-27 18:06:14 371920 ----a-w- c:\windows\system32\drivers\cng.sys
2015-11-27 18:06:13 251000 ----a-w- c:\windows\system32\bcryptprimitives.dll
2015-11-27 18:06:01 78336 ----a-w- c:\windows\system32\synceng.dll
2015-11-27 18:04:50 123904 ----a-w- c:\windows\system32\poqexec.exe
2015-11-27 18:04:48 769024 ----a-w- c:\windows\system32\localspl.dll
2015-11-27 18:04:33 304128 ----a-w- c:\windows\system32\winlogon.exe
2015-11-27 18:04:32 184320 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2015-11-27 18:04:32 157696 ----a-w- c:\windows\system32\winsta.dll
2015-11-27 18:04:32 130048 ----a-w- c:\windows\system32\rdpcorekmts.dll
2015-11-27 18:04:32 1051136 ----a-w- c:\windows\system32\mstsc.exe
2015-11-27 18:04:31 31232 ----a-w- c:\windows\system32\drivers\tssecsrv.sys
2015-11-27 18:04:06 47104 ----a-w- c:\windows\system32\appinfo.dll
2015-11-27 18:04:06 1805824 ----a-w- c:\windows\system32\authui.dll
2015-11-27 18:04:06 105408 ----a-w- c:\windows\system32\consent.exe
2015-11-27 18:03:57 44032 ----a-w- c:\windows\system32\dhcpcsvc6.dll
2015-11-27 18:03:57 193536 ----a-w- c:\windows\system32\dhcpcore6.dll
2015-11-27 18:03:33 44032 ----a-w- c:\windows\system32\basesrv.dll
2015-11-27 18:03:14 86016 ----a-w- c:\windows\system32\drivers\usbcir.sys
2015-11-27 18:03:14 146816 ----a-w- c:\windows\system32\drivers\usbvideo.sys
2015-11-27 17:56:41 52224 ----a-w- c:\windows\system32\nlaapi.dll
2015-11-27 17:56:41 242688 ----a-w- c:\windows\system32\nlasvc.dll
2015-11-27 17:56:41 156672 ----a-w- c:\windows\system32\ncsi.dll
2015-11-27 17:48:11 626688 ----a-w- c:\windows\system32\usp10.dll
2015-11-27 17:48:06 9728 ----a-w- c:\windows\system32\Wdfres.dll
2015-11-27 17:48:06 527064 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2015-11-27 17:48:06 47720 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2015-11-27 17:39:36 116224 ----a-w- c:\windows\system32\drivers\mrxdav.sys
2015-11-27 17:39:31 76288 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2015-11-27 17:39:31 43520 ----a-w- c:\windows\system32\drivers\usbehci.sys
2015-11-27 17:39:31 284672 ----a-w- c:\windows\system32\drivers\usbport.sys
2015-11-27 17:39:31 258560 ----a-w- c:\windows\system32\drivers\usbhub.sys
2015-11-27 17:39:30 6016 ----a-w- c:\windows\system32\drivers\usbd.sys
2015-11-27 17:39:24 24064 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2015-11-27 17:39:24 20480 ----a-w- c:\windows\system32\drivers\usbohci.sys
2015-11-27 17:36:17 594944 ----a-w- c:\windows\system32\RMActivate_isv.exe
2015-11-27 17:36:17 572416 ----a-w- c:\windows\system32\RMActivate.exe
2015-11-27 17:36:17 508928 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe
2015-11-27 17:36:16 510976 ----a-w- c:\windows\system32\RMActivate_ssp.exe
2015-11-27 17:36:16 428032 ----a-w- c:\windows\system32\secproc.dll
2015-11-27 17:36:16 423936 ----a-w- c:\windows\system32\secproc_isv.dll
2015-11-27 17:36:15 87040 ----a-w- c:\windows\system32\secproc_ssp_isv.dll
2015-11-27 17:36:15 87040 ----a-w- c:\windows\system32\secproc_ssp.dll
2015-11-27 17:36:15 390144 ----a-w- c:\windows\system32\msdrm.dll
2015-11-27 17:33:50 2048 ----a-w- c:\windows\system32\tzres.dll
2015-11-27 17:33:18 523776 ----a-w- c:\windows\system32\termsrv.dll
2015-11-27 17:31:39 179200 ----a-w- c:\windows\system32\wintrust.dll
2015-11-27 17:31:39 143872 ----a-w- c:\windows\system32\cryptsvc.dll
2015-11-27 17:31:39 1174528 ----a-w- c:\windows\system32\crypt32.dll
2015-11-27 17:31:38 103936 ----a-w- c:\windows\system32\cryptnet.dll
2015-11-27 17:29:32 81408 ----a-w- c:\windows\system32\drivers\drmk.sys
2015-11-27 17:29:32 177152 ----a-w- c:\windows\system32\drivers\portcls.sys
2015-11-25 19:02:11 210432 ----a-w- c:\windows\system32\cewmdm.dll
2015-11-25 18:33:05 530432 ----a-w- c:\windows\system32\comctl32.dll
2015-11-25 17:28:27 381440 ----a-w- c:\windows\system32\wer.dll
2015-11-25 17:24:16 376832 ----a-w- c:\windows\system32\dpnet.dll
2015-11-25 17:24:05 159232 ----a-w- c:\windows\system32\imagehlp.dll
2015-11-25 17:22:29 1620992 ----a-w- c:\windows\system32\WMVDECOD.DLL
2015-11-25 17:09:12 1177088 ----a-w- c:\windows\system32\WsmSvc.dll
2015-11-25 17:09:11 248832 ----a-w- c:\windows\system32\WSManMigrationPlugin.dll
2015-11-25 17:09:11 214016 ----a-w- c:\windows\system32\WsmWmiPl.dll
2015-11-25 17:09:11 198656 ----a-w- c:\windows\system32\WSManHTTPConfig.exe
2015-11-25 17:09:11 145920 ----a-w- c:\windows\system32\WsmAuto.dll
2015-11-24 16:55:14 -------- d-----w- c:\users\user\appdata\local\YSearchUtil
2015-11-24 16:55:13 -------- d-----w- c:\program files\Yahoo!
2015-11-24 16:52:07 -------- d-----w- c:\users\user\.oracle_jre_usage
2015-11-24 16:19:41 -------- d-----w- c:\windows\system32\vbox
2015-11-24 15:38:49 -------- d-----w- c:\programdata\Oracle
2015-11-24 15:38:04 95840 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2015-11-24 15:33:17 2386944 ----a-w- c:\windows\system32\win32k.sys
2015-11-24 15:33:14 680960 ----a-w- c:\program files\windows defender\MpSvc.dll
2015-11-24 15:33:14 392704 ----a-w- c:\program files\windows defender\MpClient.dll
2015-11-24 15:33:14 224768 ----a-w- c:\program files\windows defender\MpCommu.dll
2015-11-24 15:33:11 393728 ----a-w- c:\windows\system32\drivers\bthport.sys
2015-11-24 15:25:20 -------- d-----w- c:\users\user\appdata\local\WindowsUpdate
2015-11-24 15:02:50 -------- d-----w- c:\users\user\appdata\roaming\AVAST Software
2015-11-24 14:58:48 117200 ----a-w- c:\windows\system32\drivers\aswStm.sys
2015-11-24 14:58:46 24016 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2015-11-24 14:58:44 121368 ----a-w- c:\windows\system32\drivers\ngvss.sys
2015-11-24 14:58:07 43112 ----a-w- c:\windows\avastSS.scr
2015-11-24 14:47:58 -------- d-----w- c:\programdata\AVAST Software
2015-11-24 14:46:36 209432 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2015-11-24 14:46:35 49776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2015-11-18 05:19:25 -------- d-----w- c:\program files\iPod
2015-11-18 05:19:23 -------- d-----w- c:\program files\iTunes
2015-11-18 05:17:14 -------- d-----w- c:\program files\Bonjour
.
==================== Find3M ====================
.
2015-11-27 20:48:51 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2015-11-24 14:58:09 81728 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2015-11-24 14:58:09 81168 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2015-11-24 14:58:01 794952 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2015-10-30 22:58:29 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2015-10-30 22:58:18 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2015-10-30 22:47:08 504832 ----a-w- c:\windows\system32\vbscript.dll
2015-10-30 22:46:27 62464 ----a-w- c:\windows\system32\iesetup.dll
2015-10-30 22:45:51 47616 ----a-w- c:\windows\system32\ieetwproxystub.dll
2015-10-30 22:45:42 341504 ----a-w- c:\windows\system32\html.iec
2015-10-30 22:44:57 64000 ----a-w- c:\windows\system32\MshtmlDac.dll
2015-10-30 22:36:30 102912 ----a-w- c:\windows\system32\ieetwcollector.exe
2015-10-30 22:36:25 115712 ----a-w- c:\windows\system32\ieUnatt.exe
2015-10-30 22:36:06 620032 ----a-w- c:\windows\system32\jscript9diag.dll
2015-10-30 22:31:22 667648 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2015-10-30 22:23:51 60416 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2015-10-30 22:16:43 4527616 ----a-w- c:\windows\system32\jscript9.dll
2015-10-30 22:09:23 1155072 ----a-w- c:\windows\system32\mshtmlmedia.dll
2015-10-30 22:09:15 2052608 ----a-w- c:\windows\system32\inetcpl.cpl
2015-10-30 21:51:28 2011136 ----a-w- c:\windows\system32\wininet.dll
2015-10-29 17:49:57 562176 ----a-w- c:\windows\apppatch\AcLayers.dll
2015-10-29 17:49:57 470528 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2015-10-29 17:49:57 2178560 ----a-w- c:\windows\apppatch\AcGenral.dll
2015-10-29 17:49:57 211968 ----a-w- c:\windows\apppatch\AcXtrnal.dll
2015-10-29 17:39:57 2560 ----a-w- c:\windows\apppatch\AcRes.dll
2015-10-20 17:46:02 93696 ----a-w- c:\windows\system32\wudriver.dll
2015-10-20 17:46:02 2955776 ----a-w- c:\windows\system32\wucltux.dll
2015-10-20 17:46:02 174080 ----a-w- c:\windows\system32\wuwebv.dll
2015-10-20 17:45:27 73728 ----a-w- c:\windows\system32\WinSetupUI.dll
2015-10-20 17:45:12 11776 ----a-w- c:\windows\system32\wu.upgrade.ps.dll
2015-10-20 17:45:08 35328 ----a-w- c:\windows\system32\wuapp.exe
2015-10-20 00:52:02 3991488 ----a-w- c:\windows\system32\ntkrnlpa.exe
2015-10-20 00:52:02 3935680 ----a-w- c:\windows\system32\ntoskrnl.exe
2015-10-20 00:52:00 67520 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2015-10-20 00:52:00 138176 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2015-10-20 00:48:47 1308160 ----a-w- c:\windows\system32\ntdll.dll
2015-10-20 00:44:53 22528 ----a-w- c:\windows\system32\lsass.exe
2015-10-20 00:44:35 50176 ----a-w- c:\windows\system32\auditpol.exe
2015-10-20 00:39:32 60416 ----a-w- c:\windows\system32\msobjs.dll
2015-10-20 00:39:11 146432 ----a-w- c:\windows\system32\msaudite.dll
2015-10-20 00:35:03 6656 ----a-w- c:\windows\system32\apisetschema.dll
2015-10-20 00:35:00 686080 ----a-w- c:\windows\system32\adtschema.dll
2015-10-19 23:29:22 225792 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2015-10-19 23:28:57 98304 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2015-10-19 23:28:56 124416 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2015-10-13 16:31:53 338944 ----a-w- c:\windows\system32\drivers\afd.sys
2015-10-13 04:50:31 712640 ----a-w- c:\windows\system32\drivers\ndis.sys
2015-10-01 17:50:43 22528 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\jnwppr.dll
2015-10-01 17:50:43 216064 ----a-w- c:\windows\system32\InkEd.dll
2015-10-01 17:50:43 19968 ----a-w- c:\windows\system32\jnwmon.dll
2015-09-18 17:47:06 23384 ----a-w- c:\windows\system32\CompatTelRunner.exe
2015-09-18 17:44:35 587776 ----a-w- c:\windows\system32\invagent.dll
2015-09-18 17:44:34 615936 ----a-w- c:\windows\system32\generaltel.dll
2015-09-18 17:44:30 423936 ----a-w- c:\windows\system32\devinv.dll
2015-09-18 17:44:27 1120768 ----a-w- c:\windows\system32\appraiser.dll
2015-09-18 17:44:26 62976 ----a-w- c:\windows\system32\acmigration.dll
2015-09-18 17:35:49 999936 ----a-w- c:\windows\system32\aeinv.dll
.
============= FINISH: 17:26:06.34 ===============

Attached Thumbnails

 

Attached Images

 

Attached Files

attach.txt (8.5 KB)

I made the idiotic decision to download UDpixel using Download.CNET.com, which is apparently notorious for PUPs

I ran MBAM threat scan, which cleaned some stuff
I ran AdwCleaner, which also cleaned some stuff

I re-ran AdwCleaner, which did not find anything
I re-ran MBAM, which did not find anything.

I was wondering if this means I am clean or if I should try something else?

(I've attached the dds logs)

Attached Files

	MBAM log 2.txt (1.0 KB)
	MBAM log 1.txt (2.7 KB)
	AdwCleaner - first clean.txt (1.6 KB)
	AdwCleaner - second scan.txt (753 Bytes)
	dds.txt (33.5 KB)
	attach.txt (20.9 KB)

I finally said goodbye to my Windows XP computer and bought a Windows 10 model, I had it for a week and was loading some of my old programs on it when a pop-up appeared and refused to go away. It had a phone number to call and foolishly I did. Well the party on the other end Shivank Khullar at
1-800-250-6602 at CloudZone came on did an examination of my computer and said I had Rootkits and Koobface on my machine and offered me a deal to clean up my machine for $159.99, a 90 day service. I read about Koobface and used my Norton Security Suite to get rid of it and then applied Malware/Anti malware byte to it. Both programs indicated that my computer is clean. How can I be sure before I go and change all my pass words? Any help would be appreciated.

Its been a long time sine I have had any problems I am super careful but got an email with a link and along with a brainf@rt, I clicked it and as it was launching my browser I closed it. I figured I kept any issues out since it did nto launch my browser. I may have been wrong.

I use panda for virus protection

It wasn't till about a month later I noticed abnormal amount of CPU usage when using chrome and firefox from time to time (seems to have no rhyme or reason based on what I have noticed. When I looked at processes running I spotted crss listed but no CPU usage ascribed to it. It was then I remembered hitting that link

I'm not sure if it is causing a problem, I've right-clicked to delete and got a window box (I saw that means it could be legit).

So I checked back in here...

Tried stopping the process, ran deep Panda Scan what I could, it is still there.

I tried system restore but it failed

I had cleaned up my computer a while back, removed some stupid stuff ( avg removed which does not seem to bother me any more) and it was screaming (for my purposes) but it is old. I back up regularly so it was backed up with the crss on there. (system image as well)

Here ya go:

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17041 BrowserJavaVersion: 10.55.2
Run by James Kirwin at 3:23:20 on 2015-12-11
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.7990.6331 [GMT -5:00]
.
AV: Panda Free Antivirus *Disabled/Updated* {AAF74A68-8713-CDF1-004F-30003398BE9E}
SP: Panda Free Antivirus *Disabled/Updated* {1196AB8C-A129-C27F-3AFF-0B72481FF423}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Panda Firewall *Disabled* {92CCCB4D-CD7C-CCA9-2B10-9935CD4BF9E5}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\vcsFPService.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\svchost.exe -k NetworkService
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\IDT\WDM\AESTSr64.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\SwSetup\HPQWMM\QuickWeb\QW.SYS\config\DVMExportService.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
C:\Program Files\Panda Security URL Filtering\Panda_URL_Filteringb.exe
C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files (x86)\HP\Digital Imaging\Fax\Fax Driver 0.6 Base\hppfaxprintersrv.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\CCleaner\CCleaner64.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreamsDownloader.exe
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
mStart Page = hxxp://www.google.com
uProxyOverride = <-loopback>
uURLSearchHooks: {D8278076-BC68-4484-9233-6E7F1628B56C} - <orphaned>
uURLSearchHooks: {A3BC75A2-1F87-4686-AA43-5347D756017C} - <orphaned>
dURLSearchHooks: {A3BC75A2-1F87-4686-AA43-5347D756017C} - <orphaned>
mWinlogon: Userinit = userinit.exe,
BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Skype Click to Call for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Panda Security Toolbar: {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\pandasecuritytb\pandasecurityDx.dll
BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Panda Security Toolbar: {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\pandasecuritytb\pandasecurityDx.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
uRun: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
uRun: [Google Update] "C:\Users\James Kirwin\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler
uRun: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
uRun: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
mRun: [PSUAMain] "C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe" /LaunchSysTray
mRun: [Panda Security URL Filtering] "C:\Program Files\Panda Security URL Filtering\Panda_URL_Filtering.exe"
dRunOnce: [panda] reg.exe delete "HKCU\Software\AppDataLow\Software\panda" /f
dRunOnce: [panda_XP] reg.exe delete "HKCU\Software\panda" /f
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: MaxGPOScriptWait = dword:600
IE: &ieSpell Options - C:\Program Files (x86)\ieSpell\iespell.dll/SPELLOPTION.HTM
IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Check &Spelling - C:\Program Files (x86)\ieSpell\iespell.dll/SPELLCHECK.HTM
IE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000
IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
IE: Lookup on Merriam Webster - C:\Program Files (x86)\ieSpell\Merriam Webster.HTM
IE: Lookup on Wikipedia - C:\Program Files (x86)\ieSpell\wikipedia.HTM
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105
IE: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files (x86)\ieSpell\iespell.dll/SPELLCHECK.HTM
IE: {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files (x86)\ieSpell\iespell.dll/SPELLOPTION.HTM
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/3.0.1.0/GarminAxControl.CAB
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/sites/production/ieawsdc32.cab
DPF: {0E8D0700-75DF-11D3-8B4A-0008C7450C4A} - hxxp://www.caminova.net/en/downloads/getmodule.aspx?lang=en
DPF: {1851174C-97BD-4217-A0CC-E908F60D5B7A} - hxxps://h50203.www5.hp.com/HPISWeb/Customer/cabs/HPISDataManager.CAB
DPF: {1C11B948-582A-433F-A98D-A8C4D5CC64F2} - hxxp://kitchenplanner.ikea.com/US/Core/Player/2020PlayerAX_Win32.cab
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} - hxxp://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_55-windows-i586.cab
DPF: {8BE5651C-D60B-4B59-B5B2-F0EB93733D17} - hxxps://www36.verizon.com/FiOSVoice/UnProtected/FiosVoiceVMUtil.CAB
DPF: {CAFEEFAC-0017-0000-0055-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_55-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_55-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{50C5D11D-8D32-4AFA-B881-FCCA4F35FD78} : DHCPNameServer = 172.20.10.1
TCP: Interfaces\{AA3A7119-B258-4E6D-90B5-814A458C02AC} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{AA3A7119-B258-4E6D-90B5-814A458C02AC}\14E67656C61672370284F6D65602E4564777F627B6 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{AA3A7119-B258-4E6D-90B5-814A458C02AC}\2656C6B696E6E2432623E2765756374737 : DHCPNameServer = 192.168.169.1
TCP: Interfaces\{AA3A7119-B258-4E6D-90B5-814A458C02AC}\2656C6B696E6E253166323 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{AA3A7119-B258-4E6D-90B5-814A458C02AC}\74F6F676C6560235471627265736B637 : DHCPNameServer = 8.8.8.8 8.8.4.4
TCP: Interfaces\{AA3A7119-B258-4E6D-90B5-814A458C02AC}\84F4D454D263142473 : DHCPNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{AA3A7119-B258-4E6D-90B5-814A458C02AC}\D4168737D21637B602245656274756E64656270266F62702163636563737 : DHCPNameServer = 192.168.2.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
SSODL: WebCheck - <orphaned>
LSA: Notification Packages = Error!
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.80\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
mASetup: {A6EADE66-0000-0000-484E-7E8A45000000} - "C:\Windows\SysWOW64\Rundll32.exe" "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll",CreateReaderUserSettings
x64-mStart Page = hxxp://www.google.com
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: Skype Click to Call for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: Panda Security Toolbar: {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\pandasecuritytb\pandasecurityDx64.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-TB: Panda Security Toolbar: {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\pandasecuritytb\pandasecurityDx64.dll
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [IntelWireless] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray
x64-Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe /hidden
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-Run: [HP LaserJet 200 color MFP M276 Series Fax] C:\Program Files (x86)\HP\Digital Imaging\Fax\Fax Driver 0.6 Base\hppfaxprintersrv.exe "HP LaserJet 200 color MFP M276 Series Fax"
x64-Run: [BrightAdjustTool] C:\Program Files (x86)\Nova Star\NovaLCT-Mars\Bin\BrightAdjustTool\BrightAdjustTool.exe
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\James Kirwin\AppData\Roaming\Mozilla\Firefox\Profiles\bcduuvot.default\
FF - prefs.js: keyword.URL - hxxp://pandasecurity.mystart.com/results.php?pr=vmn&id=pandasecuritytb&v=4_3&idate=2015-06-26&ent=tb____campaignID___&mkt=us&u=AD504C14F4F2BEC820E596558DB172AA&q=
FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\James Kirwin\AppData\Local\Citrix\Plugins\104\npappdetector.dll
FF - plugin: C:\Users\James Kirwin\AppData\Local\Google\Update\1.3.29.1\npGoogleUpdate3.dll
FF - plugin: C:\Users\James Kirwin\AppData\Roaming\Mozilla\Firefox\Profiles\bcduuvot.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}\plugins\npGarmin.dll
FF - plugin: C:\Users\James Kirwin\AppData\Roaming\Mozilla\Firefox\Profiles\bcduuvot.default\extensions\DeviceDetection@logitech.com\plugins\npLogitechDeviceDetection.dll
FF - plugin: C:\Users\James Kirwin\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: C:\Users\James Kirwin\AppData\Roaming\Mozilla\plugins\npo1d.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_235.dll
FF - ExtSQL: !HIDDEN! 2011-02-08 09:46; smartwebprinting@hp.com; C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
.
============= SERVICES / DRIVERS ===============
.
R1 Avgfwfd;AVG network filter service;C:\Windows\System32\drivers\avgfwd6a.sys [2010-7-12 57696]
R1 DVMIO;DeviceVM IO Service;C:\Windows\System32\drivers\dvmio.sys [2009-11-11 20056]
R1 NNSALPC;NNSALPC;C:\Windows\System32\drivers\NNSAlpc.sys [2015-7-9 94456]
R1 NNSHTTP;NNSHTTP;C:\Windows\System32\drivers\NNSHttp.sys [2015-7-9 201976]
R1 NNSHTTPS;NNSHTTPS;C:\Windows\System32\drivers\NNSHttps.sys [2015-7-9 110840]
R1 NNSIDS;NNSIDS;C:\Windows\System32\drivers\NNSIds.sys [2015-7-9 110840]
R1 NNSNAHSL;Network Activity Hook Server LightWeight Filter Driver;C:\Windows\System32\drivers\NNSNAHSL.sys [2015-5-20 57648]
R1 NNSPICC;NNSPICC;C:\Windows\System32\drivers\NNSpicc.sys [2015-7-9 103160]
R1 NNSPIHSW;NNSPIHSW;C:\Windows\System32\drivers\NNSPihsw.sys [2015-8-31 73464]
R1 NNSPOP3;NNSPOP3;C:\Windows\System32\drivers\NNSPop3.sys [2015-7-9 124152]
R1 NNSPROT;NNSPROT;C:\Windows\System32\drivers\NNSProt.sys [2015-7-9 300280]
R1 NNSPRV;NNSPRV;C:\Windows\System32\drivers\NNSPrv.sys [2015-7-9 170232]
R1 NNSSMTP;NNSSMTP;C:\Windows\System32\drivers\NNSSmtp.sys [2015-7-9 113400]
R1 NNSSTRM;NNSSTRM;C:\Windows\System32\drivers\NNSStrm.sys [2015-7-9 257784]
R1 NNSTLSC;NNSTLSC;C:\Windows\System32\drivers\NNStlsc.sys [2015-7-9 106232]
R1 PSINKNC;PSINKNC;C:\Windows\System32\drivers\PSINKNC.sys [2015-7-19 197880]
R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2011-5-10 89600]
R2 Apple Mobile Device Service;Apple Mobile Device Service;C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2015-1-19 77128]
R2 DvmMDES;DeviceVM Meta Data Export Service;C:\SwSetup\HPQWMM\QuickWeb\QW.SYS\config\DVMExportService.exe [2010-6-25 338168]
R2 HP LaserJet Service;HP LaserJet Service;C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [2012-5-2 164864]
R2 HP Wireless Assistant Service;HP Wireless Assistant Service;C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-6-18 103992]
R2 hpsrv;HP Service;C:\Windows\System32\hpservice.exe [2009-7-8 30520]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service;C:\Program Files (x86)\HP\Common\HPSupportSolutionsFrameworkService.exe [2014-4-1 49464]
R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-11-9 26680]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-12-4 13336]
R2 NanoServiceMain;Panda Protection Service;C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [2015-10-18 142072]
R2 panda_url_filtering;panda_url_filtering Service;C:\Program Files\Panda Security URL Filtering\Panda_URL_Filteringb.exe -- --> C:\Program Files\Panda Security URL Filtering\Panda_URL_Filteringb.exe -- [?]
R2 PandaAgent;Panda Devices Agent;C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [2015-10-28 73464]
R2 PSINAflt;PSINAflt;C:\Windows\System32\drivers\PSINAflt.sys [2015-7-19 164088]
R2 PSINFile;PSINFile;C:\Windows\System32\drivers\PSINFile.sys [2015-7-19 121592]
R2 PSINProc;PSINProc;C:\Windows\System32\drivers\PSINProc.sys [2015-7-19 124152]
R2 PSINProt;PSINProt;C:\Windows\System32\drivers\PSINProt.sys [2015-7-19 134392]
R2 PSINReg;PSINReg;C:\Windows\System32\drivers\PSINReg.sys [2015-7-19 107768]
R2 PSUAService;Panda Product Service;C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [2015-10-22 38136]
R2 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-4 2533400]
R2 vcsFPService;Validity VCS Fingerprint Service;C:\Windows\System32\vcsFPService.exe [2010-2-23 2192176]
R3 clwvd;HP Webcam Splitter;C:\Windows\System32\drivers\clwvd.sys [2010-6-25 32880]
R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2010-12-4 56344]
R3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2010-12-4 158976]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2010-12-4 271872]
R3 panda_url_filteringd;panda_url_filteringd driver;C:\Program Files\Panda Security URL Filtering\Panda_URL_Filteringd.sys [2014-3-19 51288]
R3 wdkmd;Intel WiDi KMD;C:\Windows\System32\drivers\WDKMD.sys [2010-4-16 39832]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AmUStor;AM USB Stroage Driver;C:\Windows\System32\drivers\AmUStor.sys [2011-5-10 51712]
S3 btwampfl;Bluetooth AMP USB Filter;C:\Windows\System32\drivers\btwampfl.sys [2010-12-4 342056]
S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2010-12-4 39464]
S3 HP DS Service;HP DS Service;C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe [2011-10-17 13824]
S3 HtcUsbMdmV64;HTC Proprietary USB Driver;C:\Windows\System32\drivers\HtcUsbMdmV64.sys [2011-3-5 121800]
S3 HtcVCom32;HTC Diagnostic Port;C:\Windows\System32\drivers\HtcVComV64.sys [2011-3-5 121800]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-5-11 111616]
S3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\drivers\MBAMSwissArmy.sys [2014-5-14 192216]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2010-3-5 340240]
S3 Netaapl;Apple Mobile Device Ethernet Service;C:\Windows\System32\drivers\netaapl64.sys [2013-7-25 23040]
S3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\System32\drivers\NETw5s64.sys [2010-3-18 7680512]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\System32\drivers\netw5v64.sys [2009-6-10 5434368]
S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440]
S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2010-12-4 349800]
S3 silabenm;Silicon Labs CP210x USB to UART Bridge Serial Port Enumerator Driver;C:\Windows\System32\drivers\silabenm.sys [2015-7-29 27336]
S3 silabser;Silicon Labs CP210x USB to UART Bridge Driver;C:\Windows\System32\drivers\silabser.sys [2015-7-29 70656]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-7-1 59392]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2014-8-15 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-1-26 1255736]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2009-6-10 389120]
S4 AVG Security Toolbar Service;AVG Security Toolbar Service;C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe --> C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe [?]
S4 c2cautoupdatesvc;Skype Click to Call Updater;C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2015-5-1 1394816]
S4 c2cpnrsvc;Skype Click to Call PNR Service;C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2015-5-1 1772672]
S4 File Backup;File Backup Service;C:\Program Files (x86)\Starfield\offSyncService.exe [2011-2-2 1215216]
S4 IntuitUpdateServiceV4;Intuit Update Service v4;C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe [2014-9-18 14624]
.
=============== Created Last 30 ================
.
2015-12-11 01:12:29 75888 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{AEB3F429-5245-49D5-9602-525537328FFF}\offreg.5364.dll
2015-12-08 18:55:53 61712 ----a-w- C:\Windows\System32\drivers\PSKMAD.sys
2015-12-04 12:43:18 75888 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{AEB3F429-5245-49D5-9602-525537328FFF}\offreg.5588.dll
2015-12-02 22:20:56 -------- d-----w- C:\Users\James Kirwin\AppData\Local\Downloaded Installations
2015-12-02 17:49:23 -------- d-----w- C:\Program Files\Panda Security URL Filtering
2015-12-02 17:49:01 -------- d-----w- C:\Program Files (x86)\pandasecuritytb
2015-11-28 18:41:58 75888 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{AEB3F429-5245-49D5-9602-525537328FFF}\offreg.4896.dll
2015-11-28 18:41:02 11138400 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{AEB3F429-5245-49D5-9602-525537328FFF}\mpengine.dll
.
==================== Find3M ====================
.
2015-12-11 01:02:45 796864 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2015-12-11 01:02:45 142528 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2015-12-04 12:11:20 192216 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2015-10-27 14:45:00 76384 ----a-w- C:\Windows\SysWow64\libusb0.dll
2015-10-27 14:45:00 52832 ----a-w- C:\Windows\SysWow64\drivers\libusb0.sys
2015-10-05 14:50:18 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys
2015-10-05 14:50:10 109272 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2015-10-05 14:50:06 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys
.
============= FINISH: 3:23:36.84 ===============

Attached Files

attach.txt (14.2 KB)

This is a Dell laptop running Windows 7 Premium.

The issue is there are lots of tabs opening up to ads, also flash ads appear on pages that block parts of the page (such as 2 ads blocking me from signing in on this website) often with no X to close them. Also the system is slow as (beep). Anything and everything takes forever.

THANKS!!!

The contents of dds.txt:

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.18124
Run by Dell at 10:01:47 on 2015-12-11
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4031.2626 [GMT 11:00]
.
AV: Microsoft Security Essentials *Disabled/Updated* {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
SP: Microsoft Security Essentials *Disabled/Updated* {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\IDT\WDM\AESTSr64.exe
C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\Windows\System32\svchost.exe -k utcsvc
C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe
C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
C:\Program Files\Reimage\Reimage Protector\ReiSystem.exe
C:\Program Files (x86)\Swift Browse\updateSwiftBrowse.exe
C:\Program Files (x86)\Swift Browse\bin\utilSwiftBrowse.exe
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.7.0\ToolbarUpdater.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.7.0\loggingserver.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\TeamViewer\Version6\TeamViewer.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
C:\Windows\system32\GWX\GWX.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE
C:\Program Files (x86)\Swift Browse\bin\SwiftBrowse.PurBrowse64.exe
C:\Program Files (x86)\Swift Browse\bin\SwiftBrowse.BrowserAdapter64.exe
C:\Program Files (x86)\Swift Browse\bin\SwiftBrowse.BrowserAdapter.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files (x86)\Swift Browse\bin\SwiftBrowse.expext.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Users\Dell\AppData\Local\Google\Update\GoogleUpdate.exe
C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Users\Dell\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrlte.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe
C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayAlert.exe
C:\Program Files (x86)\Sensible Vision\Fast Access\Vendor\FastAccessChatAssist.exe
C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\ProgramData\GameXN\GameXNGO.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Verizon\IHA_MessageCenter\bin\VzDetectAgent.exe
C:\Windows\system32\taskhost.exe
C:\Users\Dell\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dell\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dell\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dell\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskeng.exe
C:\Users\Dell\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dell\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.yahoo.com/?fr=hp-ddc-bd&type=pr-bir-s3__alt__ddc_dsssyc_bd_com
uSearch Bar = hxxp://www.google.com/ie
uSearch Page = hxxp://www.google.com
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mWinlogon: Userinit = userinit.exe
BHO: weDownload Manager: {11111111-1111-1111-1111-110311431144} - C:\Program Files (x86)\weDownload Manager\weDownload Manager-bho.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Swift Browse: {808dc83c-d35b-4fba-a5b5-9a52103204df} - C:\Program Files (x86)\Swift Browse\SwiftBrowseBHO.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: AVG SafeGuard toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\18.7.0.147\AVG SafeGuard toolbar_toolbar.dll
BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: SSOIEAddonBHO Class: {DA5BCE70-D057-4D63-943D-5F3927EC59F1} - C:\Program Files (x86)\Sensible Vision\Fast Access\FAIESSO.dll
TB: <No Name>: {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - LocalServer32 - <no file>
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: AVG SafeGuard toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\18.7.0.147\AVG SafeGuard toolbar_toolbar.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
uRun: [Google Update] "C:\Users\Dell\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler
uRun: [GameXN GO] "C:\ProgramData\GameXN\GameXNGO.exe" /startup
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
uRun: [Yahoo! Search] C:\Users\Dell\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrlte.exe
uRun: [Viber] C:\Users\Dell\AppData\Local\Viber\Viber.exe StartMinimized
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [Dell Registration] C:\Program Files (x86)\System Registration\prodreg.exe /boot
mRun: [RoxWatchTray] "c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"
mRun: [Desktop Disc Tool] "c:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"
mRun: [FATrayAlert] C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe
mRun: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe
mRun: [FAStartup] <no file>
mRunOnce: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe
mRunOnce: [DSUpdateLauncher] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe" /NOCONSOLE /D="C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate" /RUNAS "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe"
mRunOnce: [STToasterLauncher] C:\Program Files (x86)\Dell DataSafe Local Backup\toasterLauncher.exe
StartupFolder: C:\Users\Dell\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: NameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{E445F601-2648-4CF5-A8E5-E44BCF57671C} : DHCPNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{E445F601-2648-4CF5-A8E5-E44BCF57671C}\131364850363130373835363 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{E445F601-2648-4CF5-A8E5-E44BCF57671C}\76562716C646 : DHCPNameServer = 192.168.1.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.7.0\ViProtocol.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
Notify: FastAccess - C:\Program Files (x86)\Sensible Vision\Fast Access\FALogNot.dll
SSODL: WebCheck - <orphaned>
LSA: Notification Packages = scecli FAPassSync
x64-BHO: weDownload Manager: {11111111-1111-1111-1111-110311431144} - C:\Program Files (x86)\weDownload Manager\weDownload Manager-bho64.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: SSOIEAddonBHO Class: {DA5BCE70-D057-4D63-943D-5F3927EC59F1} - C:\Program Files (x86)\Sensible Vision\Fast Access\x64\FAIESSO.dll
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [QuickSet] C:\Program Files\Dell\QuickSet\QuickSet.exe
x64-Run: [Broadcom Wireless Manager UI] C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe
x64-Run: [DellStage] "C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\start.umj"
x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
x64-DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: GoToAssist - C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\s6jvvj43.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo! Search
FF - prefs.js: browser.startup.homepage - hxxp://search.yahoo.com/?fr=hp-ddc-bd&type=pr-bfr-s3__alt__ddc_dsssyc_bd_com
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/yhs/search?hspart=ddc&hsimp=yhs-ddc_bd&type=pr-bfr-s3__alt__ddc_dss_bd_com&p=
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Dell\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll
FF - plugin: C:\Users\Dell\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\Users\Dell\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: C:\Users\Dell\AppData\Roaming\Mozilla\plugins\npo1d.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2015-3-4 280376]
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2011-2-22 55856]
R1 {2b4fc5ce-fd26-493c-97d3-e808aab73013}w64;{2b4fc5ce-fd26-493c-97d3-e808aab73013}w64;C:\Windows\System32\drivers\{2b4fc5ce-fd26-493c-97d3-e808aab73013}w64.sys [2014-5-6 61120]
R1 {d3e19bc0-45ce-4126-9b65-b62de4e037e6}w64;{d3e19bc0-45ce-4126-9b65-b62de4e037e6}w64;C:\Windows\System32\drivers\{d3e19bc0-45ce-4126-9b65-b62de4e037e6}w64.sys [2015-4-9 48832]
R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2011-2-22 89600]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2011-2-22 203264]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
R2 DiagTrack;Diagnostics Tracking Service;C:\Windows\System32\svchost.exe -k utcsvc [2009-7-14 27136]
R2 DragonSvc;Dragon Service;C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe [2010-7-23 296808]
R2 FAService;FAService;C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe [2010-11-2 2428552]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-2-22 13336]
R2 IHA_MessageCenter;IHA_MessageCenter;C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe [2012-8-3 363128]
R2 NOBU;Dell DataSafe Online;C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe [2010-8-26 2823000]
R2 ReimageRealTimeProtector;Reimage Real Time Protector;C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [2015-8-19 7743472]
R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2011-2-22 689472]
R2 TeamViewer6;TeamViewer 6;C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-4-26 2280312]
R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\System32\drivers\TurboB.sys [2009-11-3 13784]
R2 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-2-22 2320920]
R2 Update Swift Browse;Update Swift Browse;C:\Program Files (x86)\Swift Browse\updateSwiftBrowse.exe [2013-10-5 660688]
R2 Util Swift Browse;Util Swift Browse;C:\Program Files (x86)\Swift Browse\bin\utilSwiftBrowse.exe [2013-10-21 660688]
R2 vToolbarUpdater18.7.0;vToolbarUpdater18.7.0;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.7.0\ToolbarUpdater.exe [2015-7-16 1842576]
R3 BcmVWL;Broadcom Virtual Wireless;C:\Windows\System32\drivers\bcmvwl64.sys [2011-2-22 20984]
R3 btusbflt;Bluetooth USB Filter;C:\Windows\System32\drivers\btusbflt.sys [2011-2-22 53800]
R3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2011-2-22 35104]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\System32\drivers\CtClsFlt.sys [2011-2-22 172704]
R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2011-2-22 56344]
S2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2010-10-24 124568]
S2 RoxWatch12;Roxio Hard Drive Watcher 12;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-7-9 327296]
S3 FACAP;facap, FastAccess Video Capture;C:\Windows\System32\drivers\facap.sys [2008-9-25 238848]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2015-12-8 114688]
S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2015-4-30 366544]
S3 RoxMediaDB12OEM;RoxMediaDB12OEM;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2011-2-22 250984]
S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-2-22 325152]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-9-18 59392]
S3 TurboBoost;TurboBoost;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2009-11-3 126352]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-4-30 1255736]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2009-6-11 389120]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-23 57184]
.
=============== Created Last 30 ================
.
2015-12-10 22:50:55 75888 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{7AD23F86-D734-485D-B54B-C2C8D6167A0A}\offreg.888.dll
2015-12-10 22:28:11 11138400 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{7AD23F86-D734-485D-B54B-C2C8D6167A0A}\mpengine.dll
2015-12-09 00:20:34 11138400 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2015-12-09 00:06:02 -------- d-----w- C:\Users\Dell\AppData\Roaming\ViberPC
2015-12-09 00:05:30 -------- d-----w- C:\Users\Dell\AppData\Local\Viber
2015-12-09 00:05:15 -------- d-----w- C:\Users\Dell\AppData\Local\Package Cache
2015-12-09 00:02:13 -------- d-----w- C:\Users\Dell\AppData\Local\GWX
2015-12-08 10:05:58 93696 ----a-w- C:\Windows\SysWow64\wudriver.dll
2015-12-08 10:04:58 17408 ----a-w- C:\Windows\System32\wshrm.dll
2015-12-08 10:04:58 14848 ----a-w- C:\Windows\SysWow64\wshrm.dll
2015-12-08 10:04:58 146944 ----a-w- C:\Windows\System32\drivers\rmcast.sys
2015-12-08 10:04:52 616360 ----a-w- C:\Windows\System32\winresume.efi
2015-12-08 10:04:52 147456 ----a-w- C:\Windows\System32\appidpolicyconverter.exe
2015-12-08 10:04:51 692672 ----a-w- C:\Windows\System32\winload.efi
2015-12-08 10:04:47 63488 ----a-w- C:\Windows\System32\setbcdlocale.dll
2015-12-08 10:04:47 59392 ----a-w- C:\Windows\System32\appidapi.dll
2015-12-08 10:04:47 50688 ----a-w- C:\Windows\SysWow64\appidapi.dll
2015-12-08 10:04:47 32768 ----a-w- C:\Windows\System32\appidsvc.dll
2015-12-08 10:04:47 17920 ----a-w- C:\Windows\System32\appidcertstorecheck.exe
2015-12-08 10:04:46 61440 ----a-w- C:\Windows\System32\drivers\appid.sys
2015-12-08 10:02:53 5570496 ----a-w- C:\Windows\System32\ntoskrnl.exe
2015-12-08 10:01:43 497664 ----a-w- C:\Windows\System32\drivers\afd.sys
2015-12-08 09:59:26 1941504 ----a-w- C:\Windows\System32\authui.dll
2015-12-08 09:59:25 70656 ----a-w- C:\Windows\System32\appinfo.dll
2015-12-08 09:59:25 1805824 ----a-w- C:\Windows\SysWow64\authui.dll
2015-12-08 09:59:25 115136 ----a-w- C:\Windows\System32\consent.exe
2015-12-08 09:57:13 950720 ----a-w- C:\Windows\System32\drivers\ndis.sys
2015-12-08 09:56:59 41984 ----a-w- C:\Windows\System32\lpk.dll
2015-12-08 09:56:59 299520 ----a-w- C:\Windows\SysWow64\atmfd.dll
2015-12-08 09:56:58 46080 ----a-w- C:\Windows\System32\atmlib.dll
2015-12-08 09:56:58 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2015-12-08 09:56:58 14336 ----a-w- C:\Windows\System32\dciman32.dll
2015-12-08 09:56:57 70656 ----a-w- C:\Windows\SysWow64\fontsub.dll
2015-12-08 09:56:57 10240 ----a-w- C:\Windows\SysWow64\dciman32.dll
2015-12-08 09:56:57 100864 ----a-w- C:\Windows\System32\fontsub.dll
2015-12-08 09:56:54 25600 ----a-w- C:\Windows\SysWow64\lpk.dll
2015-12-08 09:21:50 1190000 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B272D64E-F190-466D-A684-B2B4DA3C3956}\gapaengine.dll
2015-11-11 05:57:58 646880 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\ACEEXCL.DLL
.
==================== Find3M ====================
.
2015-12-09 03:39:31 301728 ------w- C:\Windows\System32\MpSigStub.exe
2015-11-20 18:54:59 98816 ----a-w- C:\Windows\System32\wudriver.dll
2015-11-20 18:54:59 3170304 ----a-w- C:\Windows\System32\wucltux.dll
2015-11-20 18:54:59 192512 ----a-w- C:\Windows\System32\wuwebv.dll
2015-11-20 18:54:28 91136 ----a-w- C:\Windows\System32\WinSetupUI.dll
2015-11-20 18:54:18 12288 ----a-w- C:\Windows\System32\wu.upgrade.ps.dll
2015-11-20 18:54:15 37888 ----a-w- C:\Windows\System32\wuapp.exe
2015-11-20 18:34:36 174080 ----a-w- C:\Windows\SysWow64\wuwebv.dll
2015-11-20 18:33:56 35328 ----a-w- C:\Windows\SysWow64\wuapp.exe
2015-11-11 18:53:48 1735680 ----a-w- C:\Windows\System32\comsvcs.dll
2015-11-11 18:53:47 525312 ----a-w- C:\Windows\System32\catsrvut.dll
2015-11-11 18:39:34 1242624 ----a-w- C:\Windows\SysWow64\comsvcs.dll
2015-11-11 18:39:33 487936 ----a-w- C:\Windows\SysWow64\catsrvut.dll
2015-11-10 18:55:29 1648128 ----a-w- C:\Windows\System32\DWrite.dll
2015-11-10 18:55:29 1180160 ----a-w- C:\Windows\System32\FntCache.dll
2015-11-10 18:55:26 1008640 ----a-w- C:\Windows\System32\user32.dll
2015-11-10 18:39:18 1251328 ----a-w- C:\Windows\SysWow64\DWrite.dll
2015-11-10 18:37:39 833024 ----a-w- C:\Windows\SysWow64\user32.dll
2015-11-10 17:47:27 3211264 ----a-w- C:\Windows\System32\win32k.sys
2015-11-10 00:24:59 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2015-11-10 00:13:04 496640 ----a-w- C:\Windows\SysWow64\vbscript.dll
2015-11-10 00:13:03 62464 ----a-w- C:\Windows\SysWow64\iesetup.dll
2015-11-10 00:12:29 47616 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2015-11-10 00:12:19 341504 ----a-w- C:\Windows\SysWow64\html.iec
2015-11-10 00:11:38 64000 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
2015-11-10 00:03:01 115712 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2015-11-10 00:02:42 620032 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2015-11-09 23:50:28 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2015-11-09 23:46:18 4514816 ----a-w- C:\Windows\SysWow64\jscript9.dll
2015-11-09 23:36:09 2050560 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2015-11-09 23:35:17 1155072 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2015-11-09 23:17:36 2011136 ----a-w- C:\Windows\SysWow64\wininet.dll
2015-11-08 22:33:00 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2015-11-08 22:32:46 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2015-11-08 22:16:29 66560 ----a-w- C:\Windows\System32\iesetup.dll
2015-11-08 22:15:39 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2015-11-08 22:15:31 417792 ----a-w- C:\Windows\System32\html.iec
2015-11-08 22:15:22 571392 ----a-w- C:\Windows\System32\vbscript.dll
2015-11-08 22:14:50 88064 ----a-w- C:\Windows\System32\MshtmlDac.dll
2015-11-08 22:04:46 5923840 ----a-w- C:\Windows\System32\jscript9.dll
2015-11-08 22:01:25 114688 ----a-w- C:\Windows\System32\ieetwcollector.exe
2015-11-08 22:01:24 144384 ----a-w- C:\Windows\System32\ieUnatt.exe
2015-11-08 22:01:01 814080 ----a-w- C:\Windows\System32\jscript9diag.dll
2015-11-08 21:52:10 968704 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2015-11-08 21:40:10 77824 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2015-11-08 21:14:19 1359360 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2015-11-08 21:13:40 2123264 ----a-w- C:\Windows\System32\inetcpl.cpl
2015-11-08 20:53:08 2487808 ----a-w- C:\Windows\System32\wininet.dll
2015-11-05 19:02:22 2048 ----a-w- C:\Windows\System32\tzres.dll
2015-11-05 19:00:18 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2015-11-03 19:04:51 802304 ----a-w- C:\Windows\System32\usp10.dll
2015-11-03 19:04:37 241664 ----a-w- C:\Windows\System32\els.dll
2015-11-03 18:56:18 627712 ----a-w- C:\Windows\SysWow64\usp10.dll
2015-11-03 18:55:58 179712 ----a-w- C:\Windows\SysWow64\els.dll
2015-10-29 17:50:44 6656 ----a-w- C:\Windows\System32\shimeng.dll
2015-10-29 17:50:30 342016 ----a-w- C:\Windows\System32\apphelp.dll
2015-10-29 17:50:29 72192 ----a-w- C:\Windows\System32\aelupsvc.dll
2015-10-29 17:50:29 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
2015-10-29 17:50:29 309248 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll
2015-10-29 17:50:29 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2015-10-29 17:50:29 103424 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll
2015-10-29 17:50:21 5120 ----a-w- C:\Windows\SysWow64\shimeng.dll
2015-10-29 17:50:14 23552 ----a-w- C:\Windows\System32\sdbinst.exe
2015-10-29 17:49:58 295936 ----a-w- C:\Windows\SysWow64\apphelp.dll
2015-10-29 17:49:57 562176 ----a-w- C:\Windows\apppatch\AcLayers.dll
2015-10-29 17:49:57 470528 ----a-w- C:\Windows\apppatch\AcSpecfc.dll
2015-10-29 17:49:57 2178560 ----a-w- C:\Windows\apppatch\AcGenral.dll
2015-10-29 17:49:57 211968 ----a-w- C:\Windows\apppatch\AcXtrnal.dll
2015-10-29 17:49:35 20992 ----a-w- C:\Windows\SysWow64\sdbinst.exe
2015-10-29 17:39:57 2560 ----a-w- C:\Windows\apppatch\AcRes.dll
2015-10-20 01:12:10 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2015-10-20 01:12:10 154560 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2015-10-20 01:09:05 1730496 ----a-w- C:\Windows\System32\ntdll.dll
2015-10-20 01:06:18 362496 ----a-w- C:\Windows\System32\wow64win.dll
2015-10-20 01:06:18 243712 ----a-w- C:\Windows\System32\wow64.dll
2015-10-20 01:06:18 215040 ----a-w- C:\Windows\System32\winsrv.dll
2015-10-20 01:06:18 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2015-10-20 01:04:53 31232 ----a-w- C:\Windows\System32\lsass.exe
2015-10-20 01:04:40 338432 ----a-w- C:\Windows\System32\conhost.exe
2015-10-20 01:04:35 64000 ----a-w- C:\Windows\System32\auditpol.exe
2015-10-20 01:00:20 60416 ----a-w- C:\Windows\System32\msobjs.dll
2015-10-20 00:59:20 146432 ----a-w- C:\Windows\System32\msaudite.dll
2015-10-20 00:52:02 3991488 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2015-10-20 00:52:02 3935680 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2015-10-20 00:48:46 1311768 ----a-w- C:\Windows\SysWow64\ntdll.dll
2015-10-20 00:44:35 50176 ----a-w- C:\Windows\SysWow64\auditpol.exe
2015-10-20 00:44:19 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2015-10-20 00:44:18 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2015-10-20 00:44:18 665088 ----a-w- C:\Windows\SysWow64\rpcrt4.dll
2015-10-20 00:44:18 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2015-10-20 00:39:32 60416 ----a-w- C:\Windows\SysWow64\msobjs.dll
2015-10-20 00:39:11 146432 ----a-w- C:\Windows\SysWow64\msaudite.dll
2015-10-19 23:41:20 159232 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys
2015-10-19 23:40:43 290816 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys
2015-10-19 23:40:39 129024 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys
2015-10-19 23:29:36 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2015-10-19 23:29:34 2048 ----a-w- C:\Windows\SysWow64\user.exe
2015-10-19 23:27:10 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2015-10-19 23:27:10 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2015-10-19 23:27:10 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
.
============= FINISH: 10:03:07.13 ===============

Attached Files

attach.txt (14.6 KB)

I upgraded from WinXP to Win7 a while ago and my computer was reasonnably fast at the time, even though it's a 7 year-old laptop (Corde2Duo with 4 gigs of RAM).

But in the past weeks/months, it bacame running significantly slower. It takes 20 seconds to open a new tab in google chrome, a large amount of time to open the smallest programs (eg Notepad), video playback lags both in chrome and in VLC player, etc. Even typing this very message in a dialog box shows an unacceptable lag.

I ran Spybot SD which found nothing and MalwareBytes antimalware which found 5 insignificant threats.

Another possible clue is that task manager shows about 30 processes but its state bar at the bottom says 70 processes are running...

I hope someone can help.


Finally, here is the required log + the other one attached :

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17280 BrowserJavaVersion: 11.40.2
Run by Mathieu at 0:05:31 on 2015-12-14
Microsoft Windows*7 Édition Intégrale 6.1.7601.1.1252.1.1036.18.4086.1691 [GMT -5:00]
.
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
C:\Windows\system32\lxdxcoms.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\SysWOW64\PSIService.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\System32\WUDFHost.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\taskhost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
mWinlogon: Userinit = userinit.exe,
BHO: Skype for Business Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Office\Office15\ochelper.dll
BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Adobe Acrobat Create PDF Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
BHO: Skype Click to Call for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Office\Office15\urlredir.dll
BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Office\Office15\grooveex.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll
BHO: Microsoft Web Test Recorder 10.0 Helper: {DDA57003-0068-4ed2-9D32-4D1EC707D94D} - c:\Program Files (x86)\Microsoft Visual Studio 10.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll
BHO: Adobe Acrobat Create PDF from Selection: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
TB: Adobe Acrobat Create PDF Toolbar: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
TB: Adobe Acrobat Create PDF Toolbar: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
EB: Web Test Recorder 10.0: {5802D092-1784-4908-8CDB-99B6842D353D} -
uRun: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
mRun: [Nikon Message Center 2] C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe -s
mRun: [QuickFinder Scheduler] "C:\Program Files (x86)\WordPerfect Office X3\Programs\QFSCHD130.EXE"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe"
mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
dRunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
StartupFolder: C:\Users\Mathieu\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ADOBEG~1.LNK - C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ADOBEG~1.LNK - C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: SoftwareSASGeneration = dword:1
IE: Ajouter la cible du lien à un fichier PDF existant - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Ajouter à un fichier PDF existant - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convertir au format Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Convertir la cible du lien au format Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
IE: E&xporter vers Microsoft Excel - C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
IE: Ouvrir dans WordPerfect - C:\Program Files (x86)\WordPerfect Office X3\Programs\WPLauncher.hta
IE: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Office\Office15\ONBttnIE.dll
IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Office\Office15\ochelper.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
Trusted Zone: dell.com
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{BC88AA10-87BF-4F33-96EC-C66684CEBF1C} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{BC88AA10-87BF-4F33-96EC-C66684CEBF1C}\05F627471696C6D23437373774 : DHCPNameServer = 10.60.96.16 10.60.128.16
TCP: Interfaces\{BC88AA10-87BF-4F33-96EC-C66684CEBF1C}\249626C696F674164796E6561657 : DHCPNameServer = 192.168.128.1 205.151.222.250
TCP: Interfaces\{BC88AA10-87BF-4F33-96EC-C66684CEBF1C}\3536F6275637F57457563747 : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{BC88AA10-87BF-4F33-96EC-C66684CEBF1C}\3656765607D23716E637D26696C6 : DHCPNameServer = 10.3.2.14 10.2.0.17 10.2.0.157 10.2.0.210 10.2.0.211
TCP: Interfaces\{BC88AA10-87BF-4F33-96EC-C66684CEBF1C}\D416279607F63716 : DHCPNameServer = 68.87.76.178 66.240.48.9
TCP: Interfaces\{BC88AA10-87BF-4F33-96EC-C66684CEBF1C}\D4F6361602C4F636160234C69656E64737 : DHCPNameServer = 24.201.245.77 24.200.0.1 24.53.0.2
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Office\Office15\msosb.dll
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.80\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Skype for Business Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\ochelper.dll
x64-BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Skype Click to Call for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\urlredir.dll
x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\office15\grooveex.dll
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\ochelper.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL
x64-Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;avast! Revert;C:\Windows\System32\drivers\aswRvrt.sys [2015-6-27 65224]
R0 aswVmm;avast! VM Monitor;C:\Windows\System32\drivers\aswVmm.sys [2015-6-27 274808]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswsnx.sys [2015-6-27 1059656]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswsp.sys [2015-6-27 449992]
R1 pfmfs_95C;pfmfs_95C;C:\Windows\System32\drivers\pfmfs_95C.sys [2014-5-4 255752]
R2 aswHwid;avast! HardwareID;C:\Windows\System32\drivers\aswHwid.sys [2015-6-27 28656]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2015-6-27 90968]
R2 aswStm;aswStm;C:\Windows\System32\drivers\aswStm.sys [2015-6-27 150160]
R2 avast! Antivirus;Avast Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-7-21 146600]
R2 c2cautoupdatesvc;Skype Click to Call Updater;C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2015-10-12 1433216]
R2 c2cpnrsvc;Skype Click to Call PNR Service;C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2015-10-12 1773696]
R2 ClickToRunSvc;Service Démarrer en clic Microsoft Office;C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe [2014-4-8 2797752]
R2 lxdx_device;lxdx_device;C:\Windows\System32\lxdxcoms.exe -service --> C:\Windows\System32\lxdxcoms.exe -service [?]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2015-12-13 1513784]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-12-13 1135416]
R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2014-4-9 1153368]
R3 appliandMP;appliandMP;C:\Windows\System32\drivers\appliand.sys [2014-6-16 33888]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2015-12-13 25816]
R3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\drivers\MBAMSwissArmy.sys [2015-12-13 192216]
R3 MBAMWebAccessControl;MBAMWebAccessControl;C:\Windows\System32\drivers\mwac.sys [2015-12-13 63704]
R3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]
R3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]
R3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-1-2 315488]
S3 appliand;Applian Network Service;C:\Windows\System32\drivers\appliand.sys [2014-6-16 33888]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-9-15 111616]
S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2014-3-30 178760]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2014-5-22 20992]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2014-5-25 59392]
S3 VSPerfDrv100;Performance Tools Driver 10.0;C:\Program Files (x86)\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\x64\VSPerfDrv100.sys [2011-1-18 68440]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;C:\Program Files\Microsoft SQL Server\100\Shared\sqladhlp.exe [2009-7-22 61976]
S4 RsFx0105;RsFx0105 Driver;C:\Windows\System32\drivers\RsFx0105.sys [2011-9-22 311144]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2014-7-12 441504]
.
=============== Created Last 30 ================
.
2015-12-13 21:38:18 192216 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2015-12-13 21:37:33 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys
2015-12-13 21:37:33 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys
2015-12-13 21:37:33 109272 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2015-12-13 21:37:33 -------- d-----w- C:\ProgramData\Malwarebytes
2015-12-13 21:37:33 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-12-13 21:37:06 -------- d-----w- C:\Users\Mathieu\AppData\Local\Programs
2015-12-13 07:36:44 75888 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E1154486-D10B-47E8-A4E4-E4E75EB61BB3}\offreg.dll
2015-12-03 21:43:47 -------- d-----w- C:\Program Files\Common Files\AV
2015-12-03 21:43:47 -------- d-----w- C:\Program Files (x86)\Common Files\AV
.
==================== Find3M ====================
.
2015-12-14 01:52:46 952 --sha-w- C:\Windows\SysWow64\KGyGaAvL.sys
2015-11-11 21:43:50 1059656 ----a-w- C:\Windows\System32\drivers\aswsnx.sys
.
============= FINISH: 0:06:58,23 ===============

Attached Files

attach.txt (6.9 KB)

Greetings.

For some days, my computer has been working slowly, and my antivirus has been blocking suspicious activity from files that are in system32, such as notepad.exe, dllhost.exe, and some more.

I checked the processes at task manager and I saw that there are multiple instances of some of them, sometimes from processes I didn't start.
So far I've seen:
-cmd.exe
-conhost.exe (up to 7-8 instances)
-csrss.exe
-dllhost.exe
-explorer.exe
-msiexec.exe
-notepad.exe
-taskhost.exe
And maybe some others I can't remember right now. If I stop the processes (like notepad) it randomly starts again after some minutes.

I scanned System32 looking for any infections but my antivirus doesn't find anything. I don't know what should I do.

Hi people,

When I downloaded Firefox it got installed. Somehow a program claiming to be a Windows Installer repair kit appeared on the task bar . I did not download that, but it got installed. But when I try to install a download, I get an error message about cannot access Windows Installer.

Thanks

This popped up earlier today which was a shock as I'm usually very careful with what I download. I resolved them and then did a full scan with AVG, Malwarebytes and Ad-aware and they all came up with nothing. The same two things have just been detected though. The AVG page didn't have any info other than a standard trojan description. Is there any way to find out anything more specific about where these came from? I searched but couldn't find anything. The only thing I've installed recently is a small ligand explorer programme from the protein data bank website.

Thanks.

Attached Thumbnails

 

Hi, thanks in advance for your help.

Several weeks ago, my online accounts were compromised. I believe that my computer is the source of the infection, as it started acting funkily, and only accounts that I had accessed from this machine were compromised. I have already changed all of my account information; now is the first chance I've had to fix this computer.

here is my dds.txt:

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.18015
Run by Larry at 16:58:07 on 2015-12-17
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3561.1328 [GMT -8:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
SP: Microsoft Security Essentials *Enabled/Updated* {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Spybot - Search and Destroy *Enabled/Outdated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Program Files (x86)\winnetmng\WinNetSrv.exe
C:\Program Files (x86)\winnetmng\WinNetSrv_.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\Program Files\Microsoft Security Client\NisSrv.exe
c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Users\Larry\AppData\Local\WinDan\WinDanApp.exe
C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe
C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files (x86)\CyberLink\Shared files\brs.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\AUDIODG.EXE
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\winnetmng\WinNetMng.exe
C:\Program Files (x86)\winnetmng\WinNetMng.exe
C:\Program Files (x86)\winnetmng\WinNetMng.exe
C:\Program Files (x86)\winnetmng\WinNetMng_.exe
C:\Program Files (x86)\winnetmng\WinNetMng_.exe
C:\Program Files (x86)\winnetmng\WinNetMng_.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_19_0_0_185.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_19_0_0_185.exe
C:\Program Files (x86)\winnetmng\WinNetMng.exe
C:\Program Files (x86)\winnetmng\WinNetMng_.exe
C:\Windows\system32\msiexec.exe
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = Google
mStart Page = Google
mWinlogon: Userinit = userinit.exe,
BHO: SteadyVideoBHO Class: {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\AMD\SteadyVideo\SteadyVideo.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
uRun: [Windanexe] C:\Users\Larry\AppData\Local\WinDan\WinDanApp.exe
uRunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_19_0_0_185_Plugin.exe -update plugin
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [HPQuickWebProxy] "C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe"
mRun: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
mRun: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{3CA0ECF1-42B2-488B-92C8-CADFA4CE5315} : DHCPNameServer = 40.20.1.201 40.20.1.202
TCP: Interfaces\{BF610149-2DDF-4EE2-9172-6955CDDA3C1A} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{BF610149-2DDF-4EE2-9172-6955CDDA3C1A}\355636572756 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{BF610149-2DDF-4EE2-9172-6955CDDA3C1A}\45D2D4F62696C65602742387 : DHCPNameServer = 192.168.43.1
TCP: Interfaces\{BF610149-2DDF-4EE2-9172-6955CDDA3C1A}\84F4240223E243 : DHCPNameServer = 192.168.2.1
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
Notify: SDWinLogon - SDWinLogon.dll
SSODL: WebCheck - <orphaned>
mASetup: {F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1} - msiexec /fu {F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1} /qn
x64-mStart Page = Google
x64-BHO: SteadyVideoBHO Class: {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-Run: [SetDefault] C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe
x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
x64-IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
x64-Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll
x64-Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {0CE7EBAF-157D-4111-9146-057CB2A4023E} - msiexec /fu {0CE7EBAF-157D-4111-9146-057CB2A4023E} /qn
Hosts: 0.0.0.1 mssplus.mcafee.com
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Larry\AppData\Roaming\Mozilla\Firefox\Profiles\sxyg9r2e.default\
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll
.
---- FIREFOX POLICIES ----
FF - user.js: extensions.autoDisableScopes - 0
============= SERVICES / DRIVERS ===============
.
R0 amd_sata;amd_sata;C:\Windows\System32\drivers\amd_sata.sys [2011-6-17 79488]
R0 amd_xata;amd_xata;C:\Windows\System32\drivers\amd_xata.sys [2011-6-17 40064]
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2015-3-4 280376]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2011-9-28 204288]
R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-9-28 361984]
R2 DiagTrack;Diagnostics Tracking Service;C:\Windows\System32\svchost.exe -k utcsvc [2009-7-13 27136]
R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2013-11-4 99128]
R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2013-5-13 270624]
R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2012-3-5 35200]
R2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-12-25 2413056]
R2 IntuitUpdateServiceV4;Intuit Update Service v4;C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe [2014-9-18 14624]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2015-9-22 1871160]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-9-22 1133880]
R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2012-3-20 124568]
R3 amdiox64;AMD IO Driver;C:\Windows\System32\drivers\amdiox64.sys [2011-12-25 46136]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2011-3-30 114704]
R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\System32\drivers\clwvd.sys [2010-7-28 31088]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2015-9-22 25816]
R3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\drivers\MBAMSwissArmy.sys [2015-9-22 113880]
R3 MBAMWebAccessControl;MBAMWebAccessControl;C:\Windows\System32\drivers\mwac.sys [2015-9-22 63704]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\System32\drivers\RtsPStor.sys [2011-12-25 338536]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-12-25 425064]
R3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;C:\Windows\System32\drivers\rtl8192ce.sys [2011-12-25 878184]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2011-12-25 53376]
S2 Apple Mobile Device Service;Apple Mobile Device Service;C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2015-1-19 77128]
S2 CLKMSVC10_38F51D56;CyberLink Product - 2012/08/20 11:40:31;C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [2012-2-8 244720]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2015-9-8 114688]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2014-8-15 54784]
.
=============== Created Last 30 ================
.
.
==================== Find3M ====================
.
2015-12-18 00:43:18 113880 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2015-09-21 22:58:38 780488 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2015-09-21 22:58:38 142536 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
.
============= FINISH: 17:00:04.95 ===============

Attached Files

attach.txt (24.5 KB)

Hi there. I'm running Windows 7 on a Samsung laptop. I have AVG Internet Security 2013 which is updated automatically. I don't have access to an install disc or boot CD.
This laptop has been running very slowly for some months and seems to be geting worse. I have carried out some of the actions suggested by your Sticky in the Computer Running Slow section, but not all as I don't understand some of them.

Anything you can do to help much appreciated.
The attche file is attached and here is the dds output:

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.18098
Run by Rob at 16:53:28 on 2015-11-29
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.4010.1856 [GMT 0:00]
.
AV: AVG Internet Security 2013 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: AVG update module *Disabled/Updated* {4D41356F-32AD-7C42-C820-63775EE4F413}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG update module *Disabled/Updated* {F620D48B-1497-73CC-F290-58052563BEAE}
SP: AVG Internet Security 2013 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
FW: AVG update module *Disabled* {757AB44A-78C2-7D1A-E37F-CA42A037B368}
FW: AVG Internet Security 2013 *Enabled* {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}
.
============== Running Processes ===============
.
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\nvvsvc.exe
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\windows\System32\spoolsv.exe
C:\windows\system32\taskhost.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
C:\Program Files (x86)\3 Mobile Broadband\3Connect\BecHelperService.exe
C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\windows\system32\taskeng.exe
C:\windows\system32\svchost.exe -k bthsvcs
C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
C:\windows\System32\svchost.exe -k utcsvc
C:\windows\system32\GWX\GWX.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Elantech\ETDCtrl.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Samsung\Easy Software Manager\SWMAgent.exe
C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
C:\Users\Rob\AppData\Roaming\Spotify\SpotifyWebHelper.exe
C:\Users\Rob\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
C:\Program Files (x86)\KNOWHOW\KNOWHOWAPPCENTRE\bin\serviceManager.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\Common Files\Motive\pcCMService.exe
C:\Program Files\Common Files\Motive\pcCMService.exe
C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe
C:\windows\system32\taskeng.exe
C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe
C:\Program Files (x86)\Samsung\Easy Settings\SmartSetting.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe
C:\Program Files (x86)\Samsung\Easy Settings\EasySpeedUpManager.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
C:\windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
C:\Program Files\Elantech\ETDCtrlHelper.exe
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\windows\system32\igfxext.exe
C:\windows\system32\igfxsrvc.exe
C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
C:\Program Files (x86)\Samsung\Easy Support Center\SSCKbdHk.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\AVG\AVG2013\avgui.exe
C:\Program Files (x86)\AVG\AVG2013\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe
C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
C:\Program Files (x86)\AVG\AVG2013\avgfws.exe
C:\Program Files (x86)\AVG\AVG2013\avgemca.exe
C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
C:\windows\servicing\TrustedInstaller.exe
C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\windows\system32\taskhost.exe
C:\windows\system32\SearchProtocolHost.exe
C:\windows\system32\SearchFilterHost.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.raintoday.co.uk/
uDefault_Page_URL = hxxp://samsung.msn.com
mWinlogon: Userinit = userinit.exe,
BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
uRun: [SRSHDAudioLab] "C:\Program Files\SRS Labs\SRS Audio Essentials\AudioEssentials.exe" auto
uRun: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"
uRun: [Spotify Web Helper] "C:\Users\Rob\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
uRun: [Rainlendar2] C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe
uRun: [AmazonMP3DownloaderHelper] C:\Users\Rob\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
uRun: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
uRun: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
mRun: [KNOWHOW(TM) APP CENTRE] "C:\Program Files (x86)\KNOWHOW\KNOWHOWAPPCENTRE\bin\serviceManager.lnk"
mRun: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
mRun: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
mRun: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
StartupFolder: C:\Users\Rob\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\BIRTHD~1.LNK - C:\Program Files (x86)\Birthday Reminder\bday.exe
StartupFolder: C:\Users\Rob\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
TCP: NameServer = 192.168.1.254
TCP: Interfaces\{30D7C833-E5FA-4C80-A89C-D88799B00E4D} : DHCPNameServer = 10.0.0.1
TCP: Interfaces\{7BD26433-5FE5-4C93-A217-8307E48E672A} : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{7BD26433-5FE5-4C93-A217-8307E48E672A}\244584F6D6563507F647D2053383 : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{7BD26433-5FE5-4C93-A217-8307E48E672A}\84F6C6964616970294E6E60254163747C6569676860275966496 : DHCPNameServer = 10.0.0.1
TCP: Interfaces\{7BD26433-5FE5-4C93-A217-8307E48E672A}\D416272796F64747F57457563747 : DHCPNameServer = 172.16.2.5 8.8.8.8
TCP: Interfaces\{7BD26433-5FE5-4C93-A217-8307E48E672A}\F5642756560235F4550214962707F62747 : DHCPNameServer = 10.32.11.254
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs= C:\windows\SysWOW64\nvinit.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-Run: [IgfxTray] C:\windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\windows\System32\igfxpers.exe
x64-Run: [BTMTrayAgent] rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
x64-Run: [ETDCtrl] C:\Program Files (x86)\Elantech\ETDCtrl.exe
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [Logitech Download Assistant] C:\windows\System32\rundll32.exe C:\windows\System32\LogiLDA.dll,LogiFetch
x64-Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Rob\AppData\Roaming\Mozilla\Firefox\Profiles\cxji3rts.default\
FF - prefs.js: browser.startup.homepage - hxxps://www.google.co.uk/
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Common Files\Motive\npMotive.dll
FF - plugin: C:\Program Files (x86)\Common Files\Motive\npMotiveRequest.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrlui.dll
FF - plugin: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll
FF - plugin: C:\Users\Rob\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll
FF - plugin: C:\Users\Rob\AppData\Roaming\Mozilla\Firefox\Profiles\cxji3rts.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}\plugins\npGarmin.dll
FF - plugin: C:\Users\Rob\AppData\Roaming\Mozilla\plugins\npatgpc.dll
FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHA;AVGIDSHA;C:\windows\System32\drivers\avgidsha.sys [2015-5-21 158160]
R0 Avgloga;AVG Logging Driver;C:\windows\System32\drivers\avgloga.sys [2015-5-21 360400]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\windows\System32\drivers\avgmfx64.sys [2015-7-3 204704]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\windows\System32\drivers\avgrkx64.sys [2013-10-23 45880]
R0 nvpciflt;nvpciflt;C:\windows\System32\drivers\nvpciflt.sys [2011-10-11 25960]
R1 Avgfwfd;AVG network filter service;C:\windows\System32\drivers\avgfwd6a.sys [2011-5-23 73688]
R1 AVGIDSDriver;AVGIDSDriver;C:\windows\System32\drivers\avgidsdrivera.sys [2013-11-25 246072]
R1 Avgldx64;AVG AVI Loader Driver;C:\windows\System32\drivers\avgldx64.sys [2014-11-4 209720]
R1 Avgtdia;AVG TDI Driver;C:\windows\System32\drivers\avgtdia.sys [2015-5-26 249296]
R1 SABI;SAMSUNG Kernel Driver For Windows 7;C:\windows\System32\drivers\SABI.sys [2011-10-11 13824]
R2 AMPPALR3;Intel® Centrino® Bluetooth 3.0 + High Speed Service;C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-4-21 1136640]
R2 Apple Mobile Device Service;Apple Mobile Device Service;C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2015-1-19 77128]
R2 avgfws;AVG Firewall;C:\Program Files (x86)\AVG\AVG2013\avgfws.exe [2015-10-5 1442344]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [2015-10-5 4948456]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [2013-11-20 283136]
R2 BecHelperService;BecHelperService;C:\Program Files (x86)\3 Mobile Broadband\3Connect\BecHelperService.exe [2011-11-30 1740696]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-3-30 923984]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2011-3-30 1001808]
R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service;C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2011-4-21 134928]
R2 DiagTrack;Diagnostics Tracking Service;C:\windows\System32\svchost.exe -k utcsvc [2011-10-11 27648]
R2 pcCMService;pcCMService;C:\Program Files (x86)\Common Files\Motive\pcCMService.exe [2014-1-30 375608]
R2 pcCMService64;pcCMService64;C:\Program Files\Common Files\Motive\pcCMService.exe [2014-1-30 467256]
R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [2012-11-29 38608]
R2 RosettaStoneDaemon;RosettaStoneDaemon;C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe [2011-3-31 1646056]
R2 SGDrv;SGDrv;C:\windows\System32\drivers\SGDrv64.sys [2011-10-11 7680]
R2 TomTomHOMEService;TomTomHOMEService;C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2012-12-5 92632]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-10-11 2656536]
R3 AMPPAL;Intel(R) Centrino(R) Bluetooth 3.0 + High Speed Virtual Adapter;C:\windows\System32\drivers\AmpPal.sys [2011-4-21 294912]
R3 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE [2014-3-11 247968]
R3 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2011-3-30 1321296]
R3 btmaux;Intel Bluetooth Auxiliary Service;C:\windows\System32\drivers\btmaux.sys [2011-3-8 51712]
R3 btmhsf;btmhsf;C:\windows\System32\drivers\btmhsf.sys [2011-3-8 274944]
R3 clwvd;CyberLink WebCam Virtual Driver;C:\windows\System32\drivers\clwvd.sys [2011-8-17 31216]
R3 ETD;ELAN PS/2 Port Input Device;C:\windows\System32\drivers\ETD.sys [2011-10-11 186152]
R3 huawei_enumerator;huawei_enumerator;C:\windows\System32\drivers\ew_jubusenum.sys [2011-11-30 86016]
R3 iBtFltCoex;iBtFltCoex;C:\windows\System32\drivers\iBtFltCoex.sys [2011-3-22 59904]
R3 IntcDAud;Intel(R) Display Audio;C:\windows\System32\drivers\IntcDAud.sys [2011-7-21 317440]
R3 MBAMProtector;MBAMProtector;C:\windows\System32\drivers\mbam.sys [2015-1-17 25816]
R3 RTL8167;Realtek 8167 NT Driver;C:\windows\System32\drivers\Rt64win7.sys [2011-10-11 471144]
S2 BBSvc;BingBar Service;C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.EXE [2014-3-11 193696]
S2 BT Help Wizard;BT Help Wizard;C:\Program Files (x86)\BT Broadband Desktop Help\btbb\MA\8.4.0.53.bt.0.5\ma\bin\MAHostService.exe [2014-1-21 321024]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-4-11 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-4-11 124088]
S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-1-17 1133880]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 AMPPALP;Intel(R) Centrino(R) Bluetooth 3.0 + High Speed Protocol;C:\windows\System32\drivers\AmpPal.sys [2011-4-21 294912]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;C:\windows\System32\drivers\ew_hwusbdev.sys [2011-11-30 117248]
S3 ew_usbenumfilter;huawei_CompositeFilter;C:\windows\System32\drivers\ew_usbenumfilter.sys [2011-11-30 13952]
S3 ewusbmbb;HUAWEI USB-WWAN miniport;C:\windows\System32\drivers\ewusbwwan.sys [2011-11-30 421376]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\windows\System32\ieetwcollector.exe [2015-11-24 114688]
S3 MBAMWebAccessControl;MBAMWebAccessControl;C:\windows\System32\drivers\mwac.sys [2015-1-17 63704]
S3 SRS_AE_Service;SRS Audio Essentials;C:\windows\System32\drivers\SRS_AE_amd64.sys [2011-8-1 513824]
S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 USBAAPL64;Apple Mobile USB Driver;C:\windows\System32\drivers\usbaapl64.sys [2014-8-15 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\System32\Wat\WatAdminSvc.exe [2011-11-29 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2015-11-24 20:58:59 5570496 ----a-w- C:\windows\System32\ntoskrnl.exe
2015-11-24 20:53:56 3168768 ----a-w- C:\windows\System32\wucltux.dll
2015-11-24 20:37:04 497664 ----a-w- C:\windows\System32\drivers\afd.sys
2015-11-24 20:37:04 118272 ----a-w- C:\windows\System32\drivers\tdx.sys
2015-11-24 20:37:01 72192 ----a-w- C:\windows\System32\aelupsvc.dll
2015-11-24 20:37:01 342016 ----a-w- C:\windows\System32\apphelp.dll
2015-11-24 20:37:01 295936 ----a-w- C:\windows\SysWow64\apphelp.dll
2015-11-24 20:37:00 6656 ----a-w- C:\windows\System32\shimeng.dll
2015-11-24 20:37:00 5120 ----a-w- C:\windows\SysWow64\shimeng.dll
2015-11-24 20:37:00 23552 ----a-w- C:\windows\System32\sdbinst.exe
2015-11-24 20:37:00 20992 ----a-w- C:\windows\SysWow64\sdbinst.exe
2015-11-24 20:15:42 3211264 ----a-w- C:\windows\System32\win32k.sys
2015-11-24 20:15:17 950720 ----a-w- C:\windows\System32\drivers\ndis.sys
.
==================== Find3M ====================
.
2015-11-16 09:15:12 780488 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe
2015-11-16 09:15:12 142536 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-10-30 23:40:49 2724864 ----a-w- C:\windows\System32\mshtml.tlb
2015-10-30 23:40:38 4096 ----a-w- C:\windows\System32\ieetwcollectorres.dll
2015-10-30 23:25:55 66560 ----a-w- C:\windows\System32\iesetup.dll
2015-10-30 23:25:15 48640 ----a-w- C:\windows\System32\ieetwproxystub.dll
2015-10-30 23:25:08 417792 ----a-w- C:\windows\System32\html.iec
2015-10-30 23:24:50 585728 ----a-w- C:\windows\System32\vbscript.dll
2015-10-30 23:24:34 88064 ----a-w- C:\windows\System32\MshtmlDac.dll
2015-10-30 23:12:09 144384 ----a-w- C:\windows\System32\ieUnatt.exe
2015-10-30 23:12:09 114688 ----a-w- C:\windows\System32\ieetwcollector.exe
2015-10-30 23:11:58 814080 ----a-w- C:\windows\System32\jscript9diag.dll
2015-10-30 23:11:46 5990912 ----a-w- C:\windows\System32\jscript9.dll
2015-10-30 23:04:48 968704 ----a-w- C:\windows\System32\MsSpellCheckingFacility.exe
2015-10-30 22:58:29 2724864 ----a-w- C:\windows\SysWow64\mshtml.tlb
2015-10-30 22:53:49 77824 ----a-w- C:\windows\System32\JavaScriptCollectionAgent.dll
2015-10-30 22:47:08 504832 ----a-w- C:\windows\SysWow64\vbscript.dll
2015-10-30 22:46:27 62464 ----a-w- C:\windows\SysWow64\iesetup.dll
2015-10-30 22:45:51 47616 ----a-w- C:\windows\SysWow64\ieetwproxystub.dll
2015-10-30 22:45:42 341504 ----a-w- C:\windows\SysWow64\html.iec
2015-10-30 22:44:57 64000 ----a-w- C:\windows\SysWow64\MshtmlDac.dll
2015-10-30 22:36:25 115712 ----a-w- C:\windows\SysWow64\ieUnatt.exe
2015-10-30 22:36:06 620032 ----a-w- C:\windows\SysWow64\jscript9diag.dll
2015-10-30 22:29:57 1359360 ----a-w- C:\windows\System32\mshtmlmedia.dll
2015-10-30 22:29:52 2126336 ----a-w- C:\windows\System32\inetcpl.cpl
2015-10-30 22:23:51 60416 ----a-w- C:\windows\SysWow64\JavaScriptCollectionAgent.dll
2015-10-30 22:17:06 2487808 ----a-w- C:\windows\System32\wininet.dll
2015-10-30 22:16:43 4527616 ----a-w- C:\windows\SysWow64\jscript9.dll
2015-10-30 22:09:23 1155072 ----a-w- C:\windows\SysWow64\mshtmlmedia.dll
2015-10-30 22:09:15 2052608 ----a-w- C:\windows\SysWow64\inetcpl.cpl
2015-10-30 21:51:28 2011136 ----a-w- C:\windows\SysWow64\wininet.dll
2015-10-29 17:50:29 350208 ----a-w- C:\windows\apppatch\AppPatch64\AcLayers.dll
2015-10-29 17:50:29 309248 ----a-w- C:\windows\apppatch\AppPatch64\AcGenral.dll
2015-10-29 17:50:29 135168 ----a-w- C:\windows\apppatch\AppPatch64\AcXtrnal.dll
2015-10-29 17:50:29 103424 ----a-w- C:\windows\apppatch\AppPatch64\acspecfc.dll
2015-10-29 17:49:57 562176 ----a-w- C:\windows\apppatch\AcLayers.dll
2015-10-29 17:49:57 470528 ----a-w- C:\windows\apppatch\AcSpecfc.dll
2015-10-29 17:49:57 2178560 ----a-w- C:\windows\apppatch\AcGenral.dll
2015-10-29 17:49:57 211968 ----a-w- C:\windows\apppatch\AcXtrnal.dll
2015-10-29 17:39:57 2560 ----a-w- C:\windows\apppatch\AcRes.dll
2015-10-20 18:42:14 98816 ----a-w- C:\windows\System32\wudriver.dll
2015-10-20 18:42:14 192512 ----a-w- C:\windows\System32\wuwebv.dll
2015-10-20 18:41:36 91136 ----a-w- C:\windows\System32\WinSetupUI.dll
2015-10-20 18:41:25 12288 ----a-w- C:\windows\System32\wu.upgrade.ps.dll
2015-10-20 18:41:22 37888 ----a-w- C:\windows\System32\wuapp.exe
2015-10-20 17:46:02 93696 ----a-w- C:\windows\SysWow64\wudriver.dll
2015-10-20 17:46:02 174080 ----a-w- C:\windows\SysWow64\wuwebv.dll
2015-10-20 17:45:08 35328 ----a-w- C:\windows\SysWow64\wuapp.exe
2015-10-20 01:12:10 95680 ----a-w- C:\windows\System32\drivers\ksecdd.sys
2015-10-20 01:12:10 154560 ----a-w- C:\windows\System32\drivers\ksecpkg.sys
2015-10-20 01:09:05 1730496 ----a-w- C:\windows\System32\ntdll.dll
2015-10-20 01:06:18 362496 ----a-w- C:\windows\System32\wow64win.dll
2015-10-20 01:06:18 243712 ----a-w- C:\windows\System32\wow64.dll
2015-10-20 01:06:18 215040 ----a-w- C:\windows\System32\winsrv.dll
2015-10-20 01:06:18 13312 ----a-w- C:\windows\System32\wow64cpu.dll
2015-10-20 01:04:53 31232 ----a-w- C:\windows\System32\lsass.exe
2015-10-20 01:04:40 338432 ----a-w- C:\windows\System32\conhost.exe
2015-10-20 01:04:35 64000 ----a-w- C:\windows\System32\auditpol.exe
2015-10-20 01:00:20 60416 ----a-w- C:\windows\System32\msobjs.dll
2015-10-20 00:59:20 146432 ----a-w- C:\windows\System32\msaudite.dll
2015-10-20 00:52:02 3991488 ----a-w- C:\windows\SysWow64\ntkrnlpa.exe
2015-10-20 00:52:02 3935680 ----a-w- C:\windows\SysWow64\ntoskrnl.exe
2015-10-20 00:48:46 1311768 ----a-w- C:\windows\SysWow64\ntdll.dll
2015-10-20 00:44:35 50176 ----a-w- C:\windows\SysWow64\auditpol.exe
2015-10-20 00:44:19 5120 ----a-w- C:\windows\SysWow64\wow32.dll
2015-10-20 00:44:18 96768 ----a-w- C:\windows\SysWow64\sspicli.dll
2015-10-20 00:44:18 665088 ----a-w- C:\windows\SysWow64\rpcrt4.dll
2015-10-20 00:44:18 274944 ----a-w- C:\windows\SysWow64\KernelBase.dll
2015-10-20 00:39:32 60416 ----a-w- C:\windows\SysWow64\msobjs.dll
2015-10-20 00:39:11 146432 ----a-w- C:\windows\SysWow64\msaudite.dll
2015-10-19 23:41:20 159232 ----a-w- C:\windows\System32\drivers\mrxsmb.sys
2015-10-19 23:40:43 290816 ----a-w- C:\windows\System32\drivers\mrxsmb10.sys
2015-10-19 23:40:39 129024 ----a-w- C:\windows\System32\drivers\mrxsmb20.sys
2015-10-19 23:29:36 7680 ----a-w- C:\windows\SysWow64\instnm.exe
2015-10-19 23:29:34 2048 ----a-w- C:\windows\SysWow64\user.exe
2015-10-19 23:27:10 6144 ---ha-w- C:\windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2015-10-19 23:27:10 4608 ---ha-w- C:\windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2015-10-19 23:27:10 3584 ---ha-w- C:\windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2015-10-19 23:27:10 3072 ---ha-w- C:\windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2015-10-13 01:29:08 875720 ----a-w- C:\windows\SysWow64\msvcr120_clr0400.dll
2015-10-13 01:22:02 869568 ----a-w- C:\windows\System32\msvcr120_clr0400.dll
2015-10-01 18:06:49 692672 ----a-w- C:\windows\System32\winload.efi
2015-10-01 18:04:11 616360 ----a-w- C:\windows\System32\winresume.efi
2015-10-01 18:00:59 63488 ----a-w- C:\windows\System32\setbcdlocale.dll
2015-10-01 18:00:51 24576 ----a-w- C:\windows\System32\jnwmon.dll
2015-10-01 18:00:50 275456 ----a-w- C:\windows\System32\InkEd.dll
2015-10-01 18:00:43 59392 ----a-w- C:\windows\System32\appidapi.dll
2015-10-01 18:00:43 32768 ----a-w- C:\windows\System32\appidsvc.dll
2015-10-01 18:00:06 17920 ----a-w- C:\windows\System32\appidcertstorecheck.exe
2015-10-01 18:00:06 147456 ----a-w- C:\windows\System32\appidpolicyconverter.exe
2015-10-01 17:50:43 216064 ----a-w- C:\windows\SysWow64\InkEd.dll
2015-10-01 17:50:35 50688 ----a-w- C:\windows\SysWow64\appidapi.dll
2015-10-01 17:00:54 61440 ----a-w- C:\windows\System32\drivers\appid.sys
2015-09-23 13:15:25 460776 ----a-w- C:\windows\System32\drivers\cng.sys
2015-09-23 13:15:24 299632 ----a-w- C:\windows\System32\bcryptprimitives.dll
2015-09-23 13:09:57 251000 ----a-w- C:\windows\SysWow64\bcryptprimitives.dll
2015-09-18 19:22:39 25432 ----a-w- C:\windows\System32\CompatTelRunner.exe
2015-09-18 19:19:26 700416 ----a-w- C:\windows\System32\invagent.dll
2015-09-18 19:19:23 766464 ----a-w- C:\windows\System32\generaltel.dll
2015-09-18 19:19:20 503808 ----a-w- C:\windows\System32\devinv.dll
.
============= FINISH: 16:55:23.31 ===============

Attached Files

attach.txt (13.2 KB)