PC running Win 7 SP1 64 bit.
Various browser popups and websites failing to load, with the Windows "diagnose connection issues" dialog appearing. After it runs, websites will then load only about half the time. Unfamiliar plugins are also present.
Malwarebytes free found some things and cleaned them, as did free Avast antivirus and free Panda, but these problems persist.
Scan files are attached. Help please!
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17207
Run by Dan at 14:38:44 on 2014-07-25
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.2013.1043 [GMT -5:00]
.
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskeng.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\App Bud\updateAppBud.exe
C:\Program Files (x86)\App Bud\bin\utilAppBud.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\WUDFHost.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\App Bud\bin\AppBud.PurBrowse64.exe
C:\Program Files (x86)\App Bud\bin\AppBud.BrowserAdapter.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://google.com/
mWinlogon: Userinit = userinit.exe,
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: App Bud: {f1de8ec2-8502-46f5-83b6-23784216d364} - C:\Program Files (x86)\App Bud\AppBudBHO.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
uRun: [EPSON Stylus CX7400 Series] C:\Windows\System32\spool\DRIVERS\x64\3\E_IATICDA.EXE /FU "C:\Windows\TEMP\E_S835E.tmp" /EF "HKCU"
mRun: [NWEReboot] <no file>
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{3A8F7863-4BAE-4622-851D-DDF7B9A160C7} : DHCPNameServer = 192.168.0.1
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;avast! Revert;C:\Windows\System32\drivers\aswRvrt.sys [2014-3-14 65776]
R0 aswVmm;avast! VM Monitor;C:\Windows\System32\drivers\aswVmm.sys [2014-3-14 224896]
R1 {fa53d675-4680-455e-ac21-6ef151942a45}Gw64;{fa53d675-4680-455e-ac21-6ef151942a45}Gw64;C:\Windows\System32\drivers\{fa53d675-4680-455e-ac21-6ef151942a45}Gw64.sys [2014-7-25 61008]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2011-9-10 1041168]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswsp.sys [2010-12-6 427360]
R2 aswHwid;avast! HardwareID;C:\Windows\System32\drivers\aswHwid.sys [2014-7-23 29208]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2010-12-6 79184]
R2 aswStm;aswStm;C:\Windows\System32\drivers\aswStm.sys [2014-3-14 92008]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2014-7-23 50344]
R2 Update App Bud;Update App Bud;C:\Program Files (x86)\App Bud\updateAppBud.exe [2014-7-21 321816]
R2 Util App Bud;Util App Bud;C:\Program Files (x86)\App Bud\bin\utilAppBud.exe [2014-7-23 321816]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2009-3-2 187392]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-7-23 111616]
S3 PSKMAD;PSKMAD;C:\Windows\System32\drivers\PSKMAD.sys [2014-7-25 47632]
S3 ssmirrdr;ssmirrdr;C:\Windows\System32\drivers\ssmirrdr.sys [2011-3-15 10112]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-9-18 59392]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-12-6 1255736]
.
=============== Created Last 30 ================
.
2014-07-25 19:19:24 10924376 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{FDF44A0F-52FF-4C7E-A652-5FAABD5AD81C}\mpengine.dll
2014-07-25 19:04:28 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2014-07-25 18:48:14 3928064 ----a-w- C:\Windows\System32\d2d1.dll
2014-07-25 18:48:14 2565120 ----a-w- C:\Windows\System32\d3d10warp.dll
2014-07-25 18:48:14 1987584 ----a-w- C:\Windows\SysWow64\d3d10warp.dll
2014-07-25 18:48:13 3419136 ----a-w- C:\Windows\SysWow64\d2d1.dll
2014-07-25 18:39:56 465920 ----a-w- C:\Windows\System32\WMPhoto.dll
2014-07-25 18:39:56 417792 ----a-w- C:\Windows\SysWow64\WMPhoto.dll
2014-07-25 18:39:54 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll
2014-07-25 18:39:54 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll
2014-07-25 18:34:25 61008 ----a-w- C:\Windows\System32\drivers\{fa53d675-4680-455e-ac21-6ef151942a45}Gw64.sys
2014-07-25 17:39:08 -------- d-----w- C:\Users\Dan\AppData\Roaming\supportdotcom
2014-07-25 17:38:57 -------- d-----w- C:\Program Files (x86)\supportdotcom
2014-07-25 17:38:57 -------- d-----w- C:\Program Files (x86)\Common Files\supportdotcom
2014-07-25 17:15:21 47632 ----a-w- C:\Windows\System32\drivers\PSKMAD.sys
2014-07-25 17:15:16 -------- d-----w- C:\Windows\SysWow64\DASBOOT
2014-07-25 17:15:01 -------- d-----w- C:\Program Files (x86)\Panda Security
2014-07-25 13:53:23 -------- d-----w- C:\Users\Dan\AppData\Local\{89EF5B78-2770-43A0-BEF0-0FAE5A0FFEDA}
2014-07-24 20:29:32 -------- d-----w- C:\Users\Dan\AppData\Local\{3C2281E0-6D02-4507-84E9-88AC40293227}
2014-07-24 20:13:27 -------- d-----w- C:\Users\Dan\AppData\Local\{8D78184A-5D83-4592-9491-0A836EC8C7D3}
2014-07-24 05:13:13 -------- d-----w- C:\Users\Dan\AppData\Local\{7EF13A90-6562-4FAC-98C9-35F0E4315FC3}
2014-07-24 05:04:05 -------- d-----w- C:\Users\Dan\AppData\Local\{8201363F-6F16-475C-A8C3-1B5BEC2424A7}
2014-07-24 04:31:19 -------- d-----w- C:\Users\Dan\AppData\Local\{B1459BFD-5DFA-47CB-8917-8D123C603A5F}
2014-07-24 01:34:25 29208 ----a-w- C:\Windows\System32\drivers\aswHwid.sys
2014-07-24 01:34:08 43152 ----a-w- C:\Windows\avastSS.scr
2014-07-24 01:07:30 -------- d-----w- C:\Program Files\CCleaner
2014-07-24 01:06:06 -------- d-----w- C:\Users\Dan\AppData\Roaming\0T1M1P0A1E1E0M1T1G
2014-07-24 01:05:45 -------- d-----w- C:\Users\Dan\AppData\Roaming\RocketUpdater
2014-07-24 01:05:40 -------- d-----w- C:\Program Files (x86)\App Bud
2014-07-24 00:02:08 122584 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-07-24 00:01:53 91352 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2014-07-24 00:01:53 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys
2014-07-24 00:01:53 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys
2014-07-24 00:01:53 -------- d-----w- C:\ProgramData\Malwarebytes
2014-07-24 00:01:53 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-24 00:01:23 -------- d-----w- C:\Users\Dan\AppData\Local\Programs
2014-07-23 23:55:56 -------- d-sh--w- C:\Users\Dan\AppData\Local\EmieUserList
2014-07-23 23:55:56 -------- d-sh--w- C:\Users\Dan\AppData\Local\EmieSiteList
2014-07-23 23:20:22 167424 ----a-w- C:\Program Files\Windows Media Player\wmplayer.exe
2014-07-23 23:20:22 164864 ----a-w- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
2014-07-23 23:20:21 12625920 ----a-w- C:\Windows\System32\wmploc.DLL
2014-07-23 23:20:20 12625408 ----a-w- C:\Windows\SysWow64\wmploc.DLL
2014-07-23 23:04:37 -------- d-----w- C:\Windows\Migration
2014-07-23 22:45:17 4096 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
2014-07-23 22:14:26 -------- d-----w- C:\Windows\System32\MRT
2014-07-23 21:09:59 801280 ----a-w- C:\Windows\System32\usp10.dll
2014-07-23 21:09:59 626688 ----a-w- C:\Windows\SysWow64\usp10.dll
2014-07-23 21:09:38 224256 ----a-w- C:\Windows\System32\wintrust.dll
2014-07-23 21:09:38 175104 ----a-w- C:\Windows\SysWow64\wintrust.dll
2014-07-23 21:09:14 274880 ----a-w- C:\Windows\System32\drivers\msiscsi.sys
2014-07-23 21:09:13 27584 ----a-w- C:\Windows\System32\drivers\Diskdump.sys
2014-07-23 21:09:13 2048 ----a-w- C:\Windows\SysWow64\iologmsg.dll
2014-07-23 21:09:13 2048 ----a-w- C:\Windows\System32\iologmsg.dll
2014-07-23 21:09:13 190912 ----a-w- C:\Windows\System32\drivers\storport.sys
2014-07-23 21:07:55 70656 ----a-w- C:\Windows\SysWow64\fontsub.dll
2014-07-23 21:06:48 99840 ----a-w- C:\Windows\System32\drivers\usbccgp.sys
2014-07-23 21:05:42 658432 ----a-w- C:\Windows\System32\RMActivate_isv.exe
2014-07-23 21:03:46 983488 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
2014-07-23 21:03:46 751104 ----a-w- C:\Windows\System32\win32spl.dll
2014-07-23 21:03:46 492544 ----a-w- C:\Windows\SysWow64\win32spl.dll
2014-07-23 21:03:46 265064 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys
2014-07-23 21:03:46 144384 ----a-w- C:\Windows\System32\cdd.dll
2014-07-23 21:02:31 633856 ----a-w- C:\Windows\System32\comctl32.dll
2014-07-23 21:02:31 530432 ----a-w- C:\Windows\SysWow64\comctl32.dll
2014-07-23 21:02:29 335360 ----a-w- C:\Windows\System32\msieftp.dll
2014-07-23 21:02:29 301568 ----a-w- C:\Windows\SysWow64\msieftp.dll
2014-07-23 21:00:54 624128 ----a-w- C:\Windows\System32\qedit.dll
2014-07-23 21:00:54 509440 ----a-w- C:\Windows\SysWow64\qedit.dll
2014-07-23 21:00:53 230400 ----a-w- C:\Windows\System32\drivers\portcls.sys
2014-07-23 21:00:53 202752 ----a-w- C:\Windows\System32\scrrun.dll
2014-07-23 21:00:53 168960 ----a-w- C:\Windows\System32\wscript.exe
2014-07-23 21:00:53 163840 ----a-w- C:\Windows\SysWow64\scrrun.dll
2014-07-23 21:00:53 156160 ----a-w- C:\Windows\System32\cscript.exe
2014-07-23 21:00:53 150016 ----a-w- C:\Windows\System32\wshom.ocx
2014-07-23 21:00:53 141824 ----a-w- C:\Windows\SysWow64\wscript.exe
2014-07-23 21:00:53 126976 ----a-w- C:\Windows\SysWow64\cscript.exe
2014-07-23 21:00:53 121856 ----a-w- C:\Windows\SysWow64\wshom.ocx
2014-07-23 21:00:53 116736 ----a-w- C:\Windows\System32\drivers\drmk.sys
2014-07-23 20:53:18 461312 ----a-w- C:\Windows\System32\scavengeui.dll
2014-07-23 20:52:58 859648 ----a-w- C:\Windows\System32\IKEEXT.DLL
2014-07-23 20:52:58 324096 ----a-w- C:\Windows\System32\FWPUCLNT.DLL
2014-07-23 20:52:57 830464 ----a-w- C:\Windows\System32\nshwfp.dll
2014-07-23 20:52:57 656896 ----a-w- C:\Windows\SysWow64\nshwfp.dll
2014-07-23 20:52:57 216576 ----a-w- C:\Windows\SysWow64\FWPUCLNT.DLL
2014-07-23 12:21:22 -------- d-----w- C:\Users\Dan\AppData\Local\{8A676C80-E0D9-42F4-B851-70516956D315}
2014-07-22 15:11:41 -------- d-----w- C:\Users\Dan\AppData\Local\{03219573-41A2-4CD7-BC9B-84A62254CA99}
2014-07-22 02:04:17 -------- d-----w- C:\Users\Dan\AppData\Local\{CF863F4E-BC1A-485A-A577-FE702BEAFABF}
2014-07-21 14:03:38 -------- d-----w- C:\Users\Dan\AppData\Local\{15DAE87A-6C80-4559-8270-C4EA9A35247C}
2014-07-20 03:12:57 -------- d-----w- C:\Users\Dan\AppData\Local\{5876E2F1-5216-4F3C-B979-677EB2748E2B}
2014-07-19 15:12:17 -------- d-----w- C:\Users\Dan\AppData\Local\{A1014805-4248-440B-A287-5BD73B69BCDD}
2014-07-18 18:04:50 -------- d-----w- C:\Users\Dan\AppData\Local\{A088572C-190B-465D-B244-9BE51689E849}
2014-07-18 04:54:34 -------- d-----w- C:\Users\Dan\AppData\Local\{E723C3CC-5B39-42FE-BABF-859E85F91601}
2014-07-18 04:36:36 -------- d-----w- C:\Users\Dan\AppData\Local\{5C46E060-61BF-442C-97E3-483E53566F91}
2014-07-17 13:10:05 -------- d-----w- C:\Users\Dan\AppData\Local\{C93E4774-D09F-4A6F-835A-639128C217ED}
2014-07-17 03:54:56 -------- d-----w- C:\Users\Dan\AppData\Local\{18018FCC-2218-4BE2-9BD6-310EA51384F9}
2014-07-16 15:09:31 -------- d-----w- C:\Users\Dan\AppData\Local\{0E01E120-7585-43A5-A808-BF9258BCED41}
2014-07-15 12:50:38 -------- d-----w- C:\Users\Dan\AppData\Local\{494A0D71-83A0-43D6-BC7E-40FF5204E65F}
2014-07-14 14:17:30 -------- d-----w- C:\Users\Dan\AppData\Local\{7AFD2F35-73A9-4340-8549-3BE8BD6CBD76}
2014-07-11 12:19:17 -------- d-----w- C:\Users\Dan\AppData\Local\{065F0999-7B3C-4B0E-8847-B54022E66598}
2014-07-11 03:17:00 -------- d-----w- C:\Program Files\iPod
2014-07-11 03:16:57 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-07-11 03:16:57 -------- d-----w- C:\Program Files\iTunes
2014-07-11 03:16:57 -------- d-----w- C:\Program Files (x86)\iTunes
2014-07-10 19:18:56 -------- d-----w- C:\Users\Dan\AppData\Local\{CA99B967-6106-4F1C-84A3-E74F571B8C42}
2014-07-10 02:56:12 -------- d-----w- C:\Users\Dan\AppData\Local\{C5BF5CB0-09ED-4FB9-AE94-1FE840489C3B}
2014-07-09 14:03:21 -------- d-----w- C:\Users\Dan\AppData\Local\{DF9712F2-EB2A-4AAF-85A5-A90101267208}
2014-07-08 14:48:12 -------- d-----w- C:\Users\Dan\AppData\Local\{4D0B4177-165F-409B-8EB8-CB6C95BAE68C}
2014-07-07 18:49:40 -------- d-----w- C:\Users\Dan\AppData\Local\{CBE906E9-C535-470D-8C29-EE4422A618EA}
2014-07-07 05:29:36 -------- d-----w- C:\Users\Dan\AppData\Local\{1F8DA6A8-71E5-482A-B39E-AC28A74FBED9}
2014-07-06 17:13:28 -------- d-----w- C:\Users\Dan\AppData\Local\{E170693B-5CC2-4407-AA70-50EED239E3DB}
2014-07-05 23:59:44 -------- d-----w- C:\Users\Dan\AppData\Local\{8DC47BAD-3BBF-4108-ABEE-E45BD252B766}
2014-07-05 16:57:09 -------- d-----w- C:\Users\Dan\AppData\Local\{7245DB29-9A2A-4B57-AF9C-14B7BC9EE014}
2014-07-04 17:19:31 -------- d-----w- C:\Users\Dan\AppData\Local\{0F110D60-1797-4B1C-9894-AE02BD614C2C}
2014-07-04 01:55:20 -------- d-----w- C:\Users\Dan\AppData\Local\{B6E1A60C-CC6A-47BE-89BB-8731D3146C07}
2014-07-03 13:08:07 -------- d-----w- C:\Users\Dan\AppData\Local\{E26CACE3-0716-4463-96F0-C4FC1612ECF8}
2014-07-02 21:47:51 -------- d-----w- C:\Users\Dan\AppData\Local\{884ABD85-489E-4C83-91BD-5086A1B3AD9B}
2014-07-01 13:49:29 -------- d-----w- C:\Users\Dan\AppData\Local\{56B9D27B-E312-4106-9504-62AF339806C9}
2014-07-01 01:48:52 -------- d-----w- C:\Users\Dan\AppData\Local\{E84CCDD4-BC48-40CA-B829-CF86985F2762}
2014-06-30 13:35:58 -------- d-----w- C:\Users\Dan\AppData\Local\{8C7DB994-DE69-4B64-8F8D-4CC8356DAF62}
2014-06-29 19:08:48 -------- d-----w- C:\Users\Dan\AppData\Local\{1DA033A9-EAF7-4DD9-9201-D89BE75FA6B1}
2014-06-28 19:42:02 -------- d-----w- C:\Users\Dan\AppData\Local\{CF86A2B5-8B52-4119-BB21-A924D0DAD170}
2014-06-27 13:58:21 -------- d-----w- C:\Users\Dan\AppData\Local\{6239C729-CF58-4663-A6C2-0A804EEC673D}
2014-06-27 01:56:26 -------- d-----w- C:\Users\Dan\AppData\Local\{4F7EEFA1-3153-4BBE-86D5-CBF1C78F4CB9}
2014-06-26 13:41:43 -------- d-----w- C:\Users\Dan\AppData\Local\{E710E86C-69A7-46F3-B85D-26F5D869E39E}
.
==================== Find3M ====================
.
2014-07-24 01:34:12 92008 ----a-w- C:\Windows\System32\drivers\aswStm.sys
2014-07-24 01:34:12 79184 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2014-07-24 01:34:12 65776 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys
2014-07-24 01:34:12 224896 ----a-w- C:\Windows\System32\drivers\aswVmm.sys
2014-07-24 01:34:12 1041168 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2014-07-24 01:34:11 93568 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2014-07-23 22:45:16 9728 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-07-09 10:16:28 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-07-09 10:16:28 699056 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-06-18 02:18:30 692736 ----a-w- C:\Windows\System32\osk.exe
2014-06-18 01:51:32 646144 ----a-w- C:\Windows\SysWow64\osk.exe
2014-06-18 01:10:36 3157504 ----a-w- C:\Windows\System32\win32k.sys
2014-06-05 14:45:15 1460736 ----a-w- C:\Windows\System32\lsasrv.dll
2014-06-05 14:26:58 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2014-06-05 14:25:49 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2014-05-30 08:08:52 210944 ----a-w- C:\Windows\System32\wdigest.dll
2014-05-30 08:08:49 86528 ----a-w- C:\Windows\System32\TSpkg.dll
2014-05-30 08:08:47 340992 ----a-w- C:\Windows\System32\schannel.dll
2014-05-30 08:08:41 314880 ----a-w- C:\Windows\System32\msv1_0.dll
2014-05-30 08:08:41 307200 ----a-w- C:\Windows\System32\ncrypt.dll
2014-05-30 08:08:36 728064 ----a-w- C:\Windows\System32\kerberos.dll
2014-05-30 08:08:31 22016 ----a-w- C:\Windows\System32\credssp.dll
2014-05-30 07:52:51 172032 ----a-w- C:\Windows\SysWow64\wdigest.dll
2014-05-30 07:52:49 65536 ----a-w- C:\Windows\SysWow64\TSpkg.dll
2014-05-30 07:52:45 247808 ----a-w- C:\Windows\SysWow64\schannel.dll
2014-05-30 07:52:41 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2014-05-30 07:52:40 259584 ----a-w- C:\Windows\SysWow64\msv1_0.dll
2014-05-30 07:52:36 550912 ----a-w- C:\Windows\SysWow64\kerberos.dll
2014-05-30 07:52:30 17408 ----a-w- C:\Windows\SysWow64\credssp.dll
2014-05-30 06:45:52 497152 ----a-w- C:\Windows\System32\drivers\afd.sys
.
============= FINISH: 14:40:12.20 ===============
Various browser popups and websites failing to load, with the Windows "diagnose connection issues" dialog appearing. After it runs, websites will then load only about half the time. Unfamiliar plugins are also present.
Malwarebytes free found some things and cleaned them, as did free Avast antivirus and free Panda, but these problems persist.
Scan files are attached. Help please!
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17207
Run by Dan at 14:38:44 on 2014-07-25
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.2013.1043 [GMT -5:00]
.
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskeng.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\App Bud\updateAppBud.exe
C:\Program Files (x86)\App Bud\bin\utilAppBud.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\WUDFHost.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\App Bud\bin\AppBud.PurBrowse64.exe
C:\Program Files (x86)\App Bud\bin\AppBud.BrowserAdapter.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://google.com/
mWinlogon: Userinit = userinit.exe,
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: App Bud: {f1de8ec2-8502-46f5-83b6-23784216d364} - C:\Program Files (x86)\App Bud\AppBudBHO.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
uRun: [EPSON Stylus CX7400 Series] C:\Windows\System32\spool\DRIVERS\x64\3\E_IATICDA.EXE /FU "C:\Windows\TEMP\E_S835E.tmp" /EF "HKCU"
mRun: [NWEReboot] <no file>
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{3A8F7863-4BAE-4622-851D-DDF7B9A160C7} : DHCPNameServer = 192.168.0.1
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;avast! Revert;C:\Windows\System32\drivers\aswRvrt.sys [2014-3-14 65776]
R0 aswVmm;avast! VM Monitor;C:\Windows\System32\drivers\aswVmm.sys [2014-3-14 224896]
R1 {fa53d675-4680-455e-ac21-6ef151942a45}Gw64;{fa53d675-4680-455e-ac21-6ef151942a45}Gw64;C:\Windows\System32\drivers\{fa53d675-4680-455e-ac21-6ef151942a45}Gw64.sys [2014-7-25 61008]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2011-9-10 1041168]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswsp.sys [2010-12-6 427360]
R2 aswHwid;avast! HardwareID;C:\Windows\System32\drivers\aswHwid.sys [2014-7-23 29208]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2010-12-6 79184]
R2 aswStm;aswStm;C:\Windows\System32\drivers\aswStm.sys [2014-3-14 92008]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2014-7-23 50344]
R2 Update App Bud;Update App Bud;C:\Program Files (x86)\App Bud\updateAppBud.exe [2014-7-21 321816]
R2 Util App Bud;Util App Bud;C:\Program Files (x86)\App Bud\bin\utilAppBud.exe [2014-7-23 321816]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2009-3-2 187392]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-7-23 111616]
S3 PSKMAD;PSKMAD;C:\Windows\System32\drivers\PSKMAD.sys [2014-7-25 47632]
S3 ssmirrdr;ssmirrdr;C:\Windows\System32\drivers\ssmirrdr.sys [2011-3-15 10112]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-9-18 59392]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-12-6 1255736]
.
=============== Created Last 30 ================
.
2014-07-25 19:19:24 10924376 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{FDF44A0F-52FF-4C7E-A652-5FAABD5AD81C}\mpengine.dll
2014-07-25 19:04:28 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2014-07-25 18:48:14 3928064 ----a-w- C:\Windows\System32\d2d1.dll
2014-07-25 18:48:14 2565120 ----a-w- C:\Windows\System32\d3d10warp.dll
2014-07-25 18:48:14 1987584 ----a-w- C:\Windows\SysWow64\d3d10warp.dll
2014-07-25 18:48:13 3419136 ----a-w- C:\Windows\SysWow64\d2d1.dll
2014-07-25 18:39:56 465920 ----a-w- C:\Windows\System32\WMPhoto.dll
2014-07-25 18:39:56 417792 ----a-w- C:\Windows\SysWow64\WMPhoto.dll
2014-07-25 18:39:54 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll
2014-07-25 18:39:54 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll
2014-07-25 18:34:25 61008 ----a-w- C:\Windows\System32\drivers\{fa53d675-4680-455e-ac21-6ef151942a45}Gw64.sys
2014-07-25 17:39:08 -------- d-----w- C:\Users\Dan\AppData\Roaming\supportdotcom
2014-07-25 17:38:57 -------- d-----w- C:\Program Files (x86)\supportdotcom
2014-07-25 17:38:57 -------- d-----w- C:\Program Files (x86)\Common Files\supportdotcom
2014-07-25 17:15:21 47632 ----a-w- C:\Windows\System32\drivers\PSKMAD.sys
2014-07-25 17:15:16 -------- d-----w- C:\Windows\SysWow64\DASBOOT
2014-07-25 17:15:01 -------- d-----w- C:\Program Files (x86)\Panda Security
2014-07-25 13:53:23 -------- d-----w- C:\Users\Dan\AppData\Local\{89EF5B78-2770-43A0-BEF0-0FAE5A0FFEDA}
2014-07-24 20:29:32 -------- d-----w- C:\Users\Dan\AppData\Local\{3C2281E0-6D02-4507-84E9-88AC40293227}
2014-07-24 20:13:27 -------- d-----w- C:\Users\Dan\AppData\Local\{8D78184A-5D83-4592-9491-0A836EC8C7D3}
2014-07-24 05:13:13 -------- d-----w- C:\Users\Dan\AppData\Local\{7EF13A90-6562-4FAC-98C9-35F0E4315FC3}
2014-07-24 05:04:05 -------- d-----w- C:\Users\Dan\AppData\Local\{8201363F-6F16-475C-A8C3-1B5BEC2424A7}
2014-07-24 04:31:19 -------- d-----w- C:\Users\Dan\AppData\Local\{B1459BFD-5DFA-47CB-8917-8D123C603A5F}
2014-07-24 01:34:25 29208 ----a-w- C:\Windows\System32\drivers\aswHwid.sys
2014-07-24 01:34:08 43152 ----a-w- C:\Windows\avastSS.scr
2014-07-24 01:07:30 -------- d-----w- C:\Program Files\CCleaner
2014-07-24 01:06:06 -------- d-----w- C:\Users\Dan\AppData\Roaming\0T1M1P0A1E1E0M1T1G
2014-07-24 01:05:45 -------- d-----w- C:\Users\Dan\AppData\Roaming\RocketUpdater
2014-07-24 01:05:40 -------- d-----w- C:\Program Files (x86)\App Bud
2014-07-24 00:02:08 122584 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-07-24 00:01:53 91352 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2014-07-24 00:01:53 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys
2014-07-24 00:01:53 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys
2014-07-24 00:01:53 -------- d-----w- C:\ProgramData\Malwarebytes
2014-07-24 00:01:53 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-24 00:01:23 -------- d-----w- C:\Users\Dan\AppData\Local\Programs
2014-07-23 23:55:56 -------- d-sh--w- C:\Users\Dan\AppData\Local\EmieUserList
2014-07-23 23:55:56 -------- d-sh--w- C:\Users\Dan\AppData\Local\EmieSiteList
2014-07-23 23:20:22 167424 ----a-w- C:\Program Files\Windows Media Player\wmplayer.exe
2014-07-23 23:20:22 164864 ----a-w- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
2014-07-23 23:20:21 12625920 ----a-w- C:\Windows\System32\wmploc.DLL
2014-07-23 23:20:20 12625408 ----a-w- C:\Windows\SysWow64\wmploc.DLL
2014-07-23 23:04:37 -------- d-----w- C:\Windows\Migration
2014-07-23 22:45:17 4096 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
2014-07-23 22:14:26 -------- d-----w- C:\Windows\System32\MRT
2014-07-23 21:09:59 801280 ----a-w- C:\Windows\System32\usp10.dll
2014-07-23 21:09:59 626688 ----a-w- C:\Windows\SysWow64\usp10.dll
2014-07-23 21:09:38 224256 ----a-w- C:\Windows\System32\wintrust.dll
2014-07-23 21:09:38 175104 ----a-w- C:\Windows\SysWow64\wintrust.dll
2014-07-23 21:09:14 274880 ----a-w- C:\Windows\System32\drivers\msiscsi.sys
2014-07-23 21:09:13 27584 ----a-w- C:\Windows\System32\drivers\Diskdump.sys
2014-07-23 21:09:13 2048 ----a-w- C:\Windows\SysWow64\iologmsg.dll
2014-07-23 21:09:13 2048 ----a-w- C:\Windows\System32\iologmsg.dll
2014-07-23 21:09:13 190912 ----a-w- C:\Windows\System32\drivers\storport.sys
2014-07-23 21:07:55 70656 ----a-w- C:\Windows\SysWow64\fontsub.dll
2014-07-23 21:06:48 99840 ----a-w- C:\Windows\System32\drivers\usbccgp.sys
2014-07-23 21:05:42 658432 ----a-w- C:\Windows\System32\RMActivate_isv.exe
2014-07-23 21:03:46 983488 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
2014-07-23 21:03:46 751104 ----a-w- C:\Windows\System32\win32spl.dll
2014-07-23 21:03:46 492544 ----a-w- C:\Windows\SysWow64\win32spl.dll
2014-07-23 21:03:46 265064 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys
2014-07-23 21:03:46 144384 ----a-w- C:\Windows\System32\cdd.dll
2014-07-23 21:02:31 633856 ----a-w- C:\Windows\System32\comctl32.dll
2014-07-23 21:02:31 530432 ----a-w- C:\Windows\SysWow64\comctl32.dll
2014-07-23 21:02:29 335360 ----a-w- C:\Windows\System32\msieftp.dll
2014-07-23 21:02:29 301568 ----a-w- C:\Windows\SysWow64\msieftp.dll
2014-07-23 21:00:54 624128 ----a-w- C:\Windows\System32\qedit.dll
2014-07-23 21:00:54 509440 ----a-w- C:\Windows\SysWow64\qedit.dll
2014-07-23 21:00:53 230400 ----a-w- C:\Windows\System32\drivers\portcls.sys
2014-07-23 21:00:53 202752 ----a-w- C:\Windows\System32\scrrun.dll
2014-07-23 21:00:53 168960 ----a-w- C:\Windows\System32\wscript.exe
2014-07-23 21:00:53 163840 ----a-w- C:\Windows\SysWow64\scrrun.dll
2014-07-23 21:00:53 156160 ----a-w- C:\Windows\System32\cscript.exe
2014-07-23 21:00:53 150016 ----a-w- C:\Windows\System32\wshom.ocx
2014-07-23 21:00:53 141824 ----a-w- C:\Windows\SysWow64\wscript.exe
2014-07-23 21:00:53 126976 ----a-w- C:\Windows\SysWow64\cscript.exe
2014-07-23 21:00:53 121856 ----a-w- C:\Windows\SysWow64\wshom.ocx
2014-07-23 21:00:53 116736 ----a-w- C:\Windows\System32\drivers\drmk.sys
2014-07-23 20:53:18 461312 ----a-w- C:\Windows\System32\scavengeui.dll
2014-07-23 20:52:58 859648 ----a-w- C:\Windows\System32\IKEEXT.DLL
2014-07-23 20:52:58 324096 ----a-w- C:\Windows\System32\FWPUCLNT.DLL
2014-07-23 20:52:57 830464 ----a-w- C:\Windows\System32\nshwfp.dll
2014-07-23 20:52:57 656896 ----a-w- C:\Windows\SysWow64\nshwfp.dll
2014-07-23 20:52:57 216576 ----a-w- C:\Windows\SysWow64\FWPUCLNT.DLL
2014-07-23 12:21:22 -------- d-----w- C:\Users\Dan\AppData\Local\{8A676C80-E0D9-42F4-B851-70516956D315}
2014-07-22 15:11:41 -------- d-----w- C:\Users\Dan\AppData\Local\{03219573-41A2-4CD7-BC9B-84A62254CA99}
2014-07-22 02:04:17 -------- d-----w- C:\Users\Dan\AppData\Local\{CF863F4E-BC1A-485A-A577-FE702BEAFABF}
2014-07-21 14:03:38 -------- d-----w- C:\Users\Dan\AppData\Local\{15DAE87A-6C80-4559-8270-C4EA9A35247C}
2014-07-20 03:12:57 -------- d-----w- C:\Users\Dan\AppData\Local\{5876E2F1-5216-4F3C-B979-677EB2748E2B}
2014-07-19 15:12:17 -------- d-----w- C:\Users\Dan\AppData\Local\{A1014805-4248-440B-A287-5BD73B69BCDD}
2014-07-18 18:04:50 -------- d-----w- C:\Users\Dan\AppData\Local\{A088572C-190B-465D-B244-9BE51689E849}
2014-07-18 04:54:34 -------- d-----w- C:\Users\Dan\AppData\Local\{E723C3CC-5B39-42FE-BABF-859E85F91601}
2014-07-18 04:36:36 -------- d-----w- C:\Users\Dan\AppData\Local\{5C46E060-61BF-442C-97E3-483E53566F91}
2014-07-17 13:10:05 -------- d-----w- C:\Users\Dan\AppData\Local\{C93E4774-D09F-4A6F-835A-639128C217ED}
2014-07-17 03:54:56 -------- d-----w- C:\Users\Dan\AppData\Local\{18018FCC-2218-4BE2-9BD6-310EA51384F9}
2014-07-16 15:09:31 -------- d-----w- C:\Users\Dan\AppData\Local\{0E01E120-7585-43A5-A808-BF9258BCED41}
2014-07-15 12:50:38 -------- d-----w- C:\Users\Dan\AppData\Local\{494A0D71-83A0-43D6-BC7E-40FF5204E65F}
2014-07-14 14:17:30 -------- d-----w- C:\Users\Dan\AppData\Local\{7AFD2F35-73A9-4340-8549-3BE8BD6CBD76}
2014-07-11 12:19:17 -------- d-----w- C:\Users\Dan\AppData\Local\{065F0999-7B3C-4B0E-8847-B54022E66598}
2014-07-11 03:17:00 -------- d-----w- C:\Program Files\iPod
2014-07-11 03:16:57 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-07-11 03:16:57 -------- d-----w- C:\Program Files\iTunes
2014-07-11 03:16:57 -------- d-----w- C:\Program Files (x86)\iTunes
2014-07-10 19:18:56 -------- d-----w- C:\Users\Dan\AppData\Local\{CA99B967-6106-4F1C-84A3-E74F571B8C42}
2014-07-10 02:56:12 -------- d-----w- C:\Users\Dan\AppData\Local\{C5BF5CB0-09ED-4FB9-AE94-1FE840489C3B}
2014-07-09 14:03:21 -------- d-----w- C:\Users\Dan\AppData\Local\{DF9712F2-EB2A-4AAF-85A5-A90101267208}
2014-07-08 14:48:12 -------- d-----w- C:\Users\Dan\AppData\Local\{4D0B4177-165F-409B-8EB8-CB6C95BAE68C}
2014-07-07 18:49:40 -------- d-----w- C:\Users\Dan\AppData\Local\{CBE906E9-C535-470D-8C29-EE4422A618EA}
2014-07-07 05:29:36 -------- d-----w- C:\Users\Dan\AppData\Local\{1F8DA6A8-71E5-482A-B39E-AC28A74FBED9}
2014-07-06 17:13:28 -------- d-----w- C:\Users\Dan\AppData\Local\{E170693B-5CC2-4407-AA70-50EED239E3DB}
2014-07-05 23:59:44 -------- d-----w- C:\Users\Dan\AppData\Local\{8DC47BAD-3BBF-4108-ABEE-E45BD252B766}
2014-07-05 16:57:09 -------- d-----w- C:\Users\Dan\AppData\Local\{7245DB29-9A2A-4B57-AF9C-14B7BC9EE014}
2014-07-04 17:19:31 -------- d-----w- C:\Users\Dan\AppData\Local\{0F110D60-1797-4B1C-9894-AE02BD614C2C}
2014-07-04 01:55:20 -------- d-----w- C:\Users\Dan\AppData\Local\{B6E1A60C-CC6A-47BE-89BB-8731D3146C07}
2014-07-03 13:08:07 -------- d-----w- C:\Users\Dan\AppData\Local\{E26CACE3-0716-4463-96F0-C4FC1612ECF8}
2014-07-02 21:47:51 -------- d-----w- C:\Users\Dan\AppData\Local\{884ABD85-489E-4C83-91BD-5086A1B3AD9B}
2014-07-01 13:49:29 -------- d-----w- C:\Users\Dan\AppData\Local\{56B9D27B-E312-4106-9504-62AF339806C9}
2014-07-01 01:48:52 -------- d-----w- C:\Users\Dan\AppData\Local\{E84CCDD4-BC48-40CA-B829-CF86985F2762}
2014-06-30 13:35:58 -------- d-----w- C:\Users\Dan\AppData\Local\{8C7DB994-DE69-4B64-8F8D-4CC8356DAF62}
2014-06-29 19:08:48 -------- d-----w- C:\Users\Dan\AppData\Local\{1DA033A9-EAF7-4DD9-9201-D89BE75FA6B1}
2014-06-28 19:42:02 -------- d-----w- C:\Users\Dan\AppData\Local\{CF86A2B5-8B52-4119-BB21-A924D0DAD170}
2014-06-27 13:58:21 -------- d-----w- C:\Users\Dan\AppData\Local\{6239C729-CF58-4663-A6C2-0A804EEC673D}
2014-06-27 01:56:26 -------- d-----w- C:\Users\Dan\AppData\Local\{4F7EEFA1-3153-4BBE-86D5-CBF1C78F4CB9}
2014-06-26 13:41:43 -------- d-----w- C:\Users\Dan\AppData\Local\{E710E86C-69A7-46F3-B85D-26F5D869E39E}
.
==================== Find3M ====================
.
2014-07-24 01:34:12 92008 ----a-w- C:\Windows\System32\drivers\aswStm.sys
2014-07-24 01:34:12 79184 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2014-07-24 01:34:12 65776 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys
2014-07-24 01:34:12 224896 ----a-w- C:\Windows\System32\drivers\aswVmm.sys
2014-07-24 01:34:12 1041168 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2014-07-24 01:34:11 93568 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2014-07-23 22:45:16 9728 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-07-09 10:16:28 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-07-09 10:16:28 699056 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-06-18 02:18:30 692736 ----a-w- C:\Windows\System32\osk.exe
2014-06-18 01:51:32 646144 ----a-w- C:\Windows\SysWow64\osk.exe
2014-06-18 01:10:36 3157504 ----a-w- C:\Windows\System32\win32k.sys
2014-06-05 14:45:15 1460736 ----a-w- C:\Windows\System32\lsasrv.dll
2014-06-05 14:26:58 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2014-06-05 14:25:49 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2014-05-30 08:08:52 210944 ----a-w- C:\Windows\System32\wdigest.dll
2014-05-30 08:08:49 86528 ----a-w- C:\Windows\System32\TSpkg.dll
2014-05-30 08:08:47 340992 ----a-w- C:\Windows\System32\schannel.dll
2014-05-30 08:08:41 314880 ----a-w- C:\Windows\System32\msv1_0.dll
2014-05-30 08:08:41 307200 ----a-w- C:\Windows\System32\ncrypt.dll
2014-05-30 08:08:36 728064 ----a-w- C:\Windows\System32\kerberos.dll
2014-05-30 08:08:31 22016 ----a-w- C:\Windows\System32\credssp.dll
2014-05-30 07:52:51 172032 ----a-w- C:\Windows\SysWow64\wdigest.dll
2014-05-30 07:52:49 65536 ----a-w- C:\Windows\SysWow64\TSpkg.dll
2014-05-30 07:52:45 247808 ----a-w- C:\Windows\SysWow64\schannel.dll
2014-05-30 07:52:41 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2014-05-30 07:52:40 259584 ----a-w- C:\Windows\SysWow64\msv1_0.dll
2014-05-30 07:52:36 550912 ----a-w- C:\Windows\SysWow64\kerberos.dll
2014-05-30 07:52:30 17408 ----a-w- C:\Windows\SysWow64\credssp.dll
2014-05-30 06:45:52 497152 ----a-w- C:\Windows\System32\drivers\afd.sys
.
============= FINISH: 14:40:12.20 ===============