Hello, I'm making sure my PC is clean to rule malware out as the cause of my issue as described in this thread:
http://www.techsupportforum.com/foru...ml#post5794642
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17420
Run by D2 at 11:51:41 on 2014-11-14
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.7870.5903 [GMT 0:00]
.
AV: ThreatTrack Security VIPRE *Enabled/Updated* {FFE93D16-FD09-0282-C7D3-8B1731B6A051}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: ThreatTrack Security VIPRE *Enabled/Updated* {4488DCF2-DB33-0D0C-FD63-B0654A31EAEC}
FW: ThreatTrack Security VIPRE *Enabled* {C7D2BC33-B766-03DA-EC8C-2222CF65E72A}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\igfxCUIService.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe
C:\Windows\system32\Dwm.exe
C:\Program Files (x86)\GFI\LanGuard 11 Agent\lnssatt.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\IProsetMonitor.exe
C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe
C:\Program Files (x86)\VIPRE\SBPIMSvc.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files (x86)\NetMeter.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\igfxEM.exe
C:\Windows\system32\igfxHK.exe
C:\Windows\system32\igfxTray.exe
C:\Program Files (x86)\KeyScrambler\KeyScrambler.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\KeyScrambler\x64\KeyScrambler.exe
C:\Program Files (x86)\VIPRE\SBAMSvc.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\VIPRE\SBAMTray.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Users\D2\Desktop\HWMonitor\HWMonitor_x64.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.bing.com/
uSearch Bar = Preserve
mWinlogon: Userinit = userinit.exe,
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: VIPRE Search Guard Helper: {963C8283-AE7F-4AA6-9B3B-847A8FC62C5E} - C:\Program Files (x86)\VIPRE\VSGN.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Free Download Manager: {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll
TB: VIPRE Search Guard Toolbar: {A924C17A-5E94-4E02-BED5-49720BA6F7FA} - C:\Program Files (x86)\VIPRE\VSGN.dll
TB: VIPRE Search Guard Toolbar: {A924C17A-5E94-4E02-BED5-49720BA6F7FA} - C:\Program Files (x86)\VIPRE\VSGN.dll
uRun: [NetMeter] C:\Program Files (x86)\NetMeter.exe
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
mRun: [KeePass 2 PreLoad] "C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe" --preload
mRun: [KeyScrambler] C:\Program Files (x86)\KeyScrambler\keyscrambler.exe /a
mRun: [SBAMTray] "C:\Program Files (x86)\VIPRE\SBAMTray.exe"
mRun: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
TCP: NameServer = 192.168.1.254
TCP: Interfaces\{37A054FC-A066-4239-823C-A0EA6E52BCA1} : DHCPNameServer = 192.168.1.254
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: vipresg - {47BE2E5B-703B-444F-ABD3-05717D2191C6} - C:\Program Files (x86)\VIPRE\VSGN.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: VIPRE Search Guard Helper: {963C8283-AE7F-4AA6-9B3B-847A8FC62C5E} - C:\Program Files (x86)\VIPRE\x64\VSGNx64.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-TB: VIPRE Search Guard Toolbar: {A924C17A-5E94-4E02-BED5-49720BA6F7FA} - C:\Program Files (x86)\VIPRE\x64\VSGNx64.dll
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
x64-Run: [RtHDVBg_DTS] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /DTSU2P
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: vipresg - {47BE2E5B-703B-444F-ABD3-05717D2191C6} - C:\Program Files (x86)\VIPRE\x64\VSGNx64.dll
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\D2\AppData\Roaming\Mozilla\Firefox\Profiles\kbq7c7g2.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.bing.com/
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Nitro\Reader 3\npdf.dll
FF - plugin: C:\Program Files (x86)\Nitro\Reader 3\npnitroie.dll
FF - plugin: C:\Program Files (x86)\Nitro\Reader 3\npnitromozilla.dll
.
============= SERVICES / DRIVERS ===============
.
R1 sbwfw;sbwfw;C:\Windows\System32\drivers\sbwfw.sys [2014-10-2 345392]
R2 DTSAudioSvc;DTSAudioSvc;C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [2014-11-1 233328]
R2 gfi_lanss11_attservice;GFI LanGuard 11 Attendant Service;C:\Program Files (x86)\GFI\LanGuard 11 Agent\lnssatt.exe [2012-11-23 133496]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2014-11-1 13592]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service;C:\Windows\System32\igfxCUIService.exe [2014-10-1 319376]
R2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;C:\Windows\System32\IPROSetMonitor.exe [2012-7-27 170824]
R2 NitroReaderDriverReadSpool3;NitroPDFReaderDriverCreatorReadSpool3;C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [2013-7-26 230416]
R2 SBAMSvc;VIPRE Internet Security;C:\Program Files (x86)\VIPRE\SBAMSvc.exe [2014-10-2 3962216]
R2 sbapifs;sbapifs;C:\Windows\System32\drivers\sbapifs.sys [2014-10-2 88928]
R2 SBPIMSvc;SB Recovery Service;C:\Program Files (x86)\VIPRE\SBPIMSvc.exe [2014-10-2 177040]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2014-11-1 331264]
R3 KeyScrambler;KeyScrambler;C:\Windows\System32\drivers\keyscrambler.sys [2014-11-1 222200]
R3 sbwtis;sbwtis;C:\Windows\System32\drivers\sbwtis.sys [2014-10-2 95608]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S3 gfiark;gfiark;C:\Windows\System32\drivers\gfiark.sys [2014-11-2 41032]
S3 gfiutil;gfiutil;C:\Windows\System32\drivers\gfiutil.sys [2014-11-2 31264]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-11-12 114688]
S3 sbhips;sbhips;C:\Windows\System32\drivers\sbhips.sys [2014-11-2 63696]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2014-11-1 59392]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2014-11-2 1255736]
.
=============== Created Last 30 ================
.
2014-11-13 22:54:18 29712 ----a-w- C:\Windows\System32\nitrolocalmon2.dll
2014-11-13 22:54:18 17936 ----a-w- C:\Windows\System32\nitrolocalui2.dll
2014-11-13 20:20:33 -------- d-----w- C:\Users\D2\AppData\Roaming\MediaInfo
2014-11-13 20:11:37 -------- d-----w- C:\Program Files\MediaInfo
2014-11-13 00:34:04 -------- d-----w- C:\Program Files (x86)\GRETECH
2014-11-12 22:37:02 683520 ----a-w- C:\Windows\System32\termsrv.dll
2014-11-12 22:37:02 681984 ----a-w- C:\Windows\SysWow64\adtschema.dll
2014-11-12 22:37:02 681984 ----a-w- C:\Windows\System32\adtschema.dll
2014-11-12 22:37:02 155064 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2014-11-12 22:37:01 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2014-11-12 22:37:01 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2014-11-12 22:37:01 146432 ----a-w- C:\Windows\SysWow64\msaudite.dll
2014-11-12 22:37:01 146432 ----a-w- C:\Windows\System32\msaudite.dll
2014-11-12 22:37:01 1460736 ----a-w- C:\Windows\System32\lsasrv.dll
2014-11-11 18:53:36 -------- d-----w- C:\Users\D2\AppData\Roaming\Mipony
2014-11-11 18:53:18 -------- d-----w- C:\Users\D2\AppData\Roaming\Mipony.backupbyMiPonyPortable
2014-11-09 19:27:23 -------- d-----w- C:\Users\D2\AppData\Roaming\Free Download Manager
2014-11-09 19:27:19 -------- d-----w- C:\Program Files (x86)\Free Download Manager
2014-11-09 16:29:08 12872 ----a-w- C:\Windows\System32\bootdelete.exe
2014-11-09 16:25:10 -------- d-----w- C:\ProgramData\HitmanPro
2014-11-09 13:27:50 129752 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-11-09 13:27:43 93400 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2014-11-09 13:27:43 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys
2014-11-09 13:27:43 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys
2014-11-09 13:27:43 -------- d-----w- C:\ProgramData\Malwarebytes
2014-11-09 13:27:43 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-11-09 11:58:58 -------- d-----w- C:\AdwCleaner
2014-11-09 11:40:21 -------- d-----w- C:\Program Files (x86)\trend micro
2014-11-09 03:41:41 -------- d-----w- C:\Users\D2\AppData\Local\ElevatedDiagnostics
2014-11-09 03:41:40 -------- d-----w- C:\Users\D2\AppData\Local\Diagnostics
2014-11-09 01:54:40 -------- d-----w- C:\Program Files (x86)\VideoLAN
2014-11-09 01:34:18 -------- d-----w- C:\Users\D2\AppData\Roaming\MPC-HC
2014-11-09 01:33:17 -------- d-----w- C:\Program Files (x86)\MPC-HC
2014-11-05 23:02:48 -------- d-----w- C:\Users\D2\AppData\Roaming\Nitro
2014-11-05 23:02:48 -------- d-----w- C:\Users\D2\AppData\Roaming\FileOpen
2014-11-05 23:02:48 -------- d-----w- C:\ProgramData\FileOpen
2014-11-05 23:02:29 -------- d-----w- C:\Program Files\Common Files\Nitro
2014-11-05 23:02:28 -------- d-----w- C:\ProgramData\Nitro
2014-11-05 23:02:28 -------- d-----w- C:\Program Files (x86)\Nitro
2014-11-05 23:02:28 -------- d-----w- C:\Program Files (x86)\Common Files\Nitro
2014-11-05 23:02:04 -------- d-----w- C:\Users\D2\AppData\Roaming\Downloaded Installations
2014-11-04 01:17:57 -------- d-----w- C:\Users\D2\AppData\Roaming\NexusFont
2014-11-03 16:33:12 144 ----a-w- C:\Windows\System32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2014-11-03 16:21:28 451 ----a-w- C:\Windows\System32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2014-11-03 15:14:41 -------- d-sh--w- C:\Users\D2\IntelGraphicsProfiles
2014-11-03 13:55:01 -------- d-----w- C:\Program Files\CCleaner
2014-11-03 12:56:51 -------- d-sh--w- C:\Users\D2\AppData\Local\EmieUserList
2014-11-03 12:56:51 -------- d-sh--w- C:\Users\D2\AppData\Local\EmieSiteList
2014-11-03 12:07:15 -------- d-----w- C:\Program Files (x86)\ReNamer
2014-11-03 11:18:07 -------- d-----w- C:\Program Files (x86)\Microsoft Synchronization Services
2014-11-03 11:18:02 -------- d-----w- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2014-11-03 11:16:51 -------- d-----w- C:\Program Files (x86)\Microsoft Analysis Services
2014-11-03 11:16:47 -------- d-----w- C:\Users\D2\AppData\Local\Microsoft Help
2014-11-03 00:42:59 -------- d-----w- C:\Program Files (x86)\MSXML 4.0
2014-11-02 21:50:17 2777088 ----a-w- C:\Windows\System32\msmpeg2vdec.dll
2014-11-02 21:50:17 2285056 ----a-w- C:\Windows\SysWow64\msmpeg2vdec.dll
2014-11-02 21:22:11 -------- d-----w- C:\Users\D2\AppData\Local\factormystic.net
2014-11-02 20:53:40 -------- d-----w- C:\ProgramData\Free Download Manager
2014-11-02 19:28:15 -------- d-----w- C:\Program Files (x86)\The KMPlayer
2014-11-02 19:12:17 2871808 ----a-w- C:\Windows\explorer.exe
2014-11-02 19:12:17 2616320 ----a-w- C:\Windows\SysWow64\explorer.exe
2014-11-02 19:12:15 465920 ----a-w- C:\Windows\System32\WMPhoto.dll
2014-11-02 19:12:15 417792 ----a-w- C:\Windows\SysWow64\WMPhoto.dll
2014-11-02 19:12:11 2565120 ----a-w- C:\Windows\System32\d3d10warp.dll
2014-11-02 19:12:10 1987584 ----a-w- C:\Windows\SysWow64\d3d10warp.dll
2014-11-02 19:10:52 67072 ----a-w- C:\Windows\splwow64.exe
2014-11-02 19:10:52 559104 ----a-w- C:\Windows\System32\spoolsv.exe
2014-11-02 19:05:49 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll
2014-11-02 19:05:49 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll
2014-11-02 17:46:48 -------- d-----w- C:\Windows\SysWow64\Wat
2014-11-02 17:46:48 -------- d-----w- C:\Windows\System32\Wat
2014-11-02 15:33:58 167424 ----a-w- C:\Program Files\Windows Media Player\wmplayer.exe
2014-11-02 15:33:58 164864 ----a-w- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
2014-11-02 15:33:57 12625920 ----a-w- C:\Windows\System32\wmploc.DLL
2014-11-02 15:33:57 12625408 ----a-w- C:\Windows\SysWow64\wmploc.DLL
2014-11-02 15:27:12 -------- d-----w- C:\Windows\Migration
2014-11-02 15:10:16 9728 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-11-02 14:50:46 2560 ----a-w- C:\Windows\System32\drivers\en-US\wdf01000.sys.mui
2014-11-02 14:42:59 294912 ----a-w- C:\Windows\System32\browserchoice.exe
2014-11-02 14:28:48 87040 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys
2014-11-02 14:28:48 84992 ----a-w- C:\Windows\System32\WUDFSvc.dll
2014-11-02 14:28:48 198656 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys
2014-11-02 14:28:48 194048 ----a-w- C:\Windows\System32\WUDFPlatform.dll
2014-11-02 14:28:47 744448 ----a-w- C:\Windows\System32\WUDFx.dll
2014-11-02 14:28:47 45056 ----a-w- C:\Windows\System32\WUDFCoinstaller.dll
2014-11-02 14:28:47 229888 ----a-w- C:\Windows\System32\WUDFHost.exe
2014-11-02 14:20:06 5120 ----a-w- C:\Windows\SysWow64\wmi.dll
2014-11-02 14:20:06 5120 ----a-w- C:\Windows\System32\wmi.dll
2014-11-02 14:20:06 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys
2014-11-02 14:16:43 -------- d-----w- C:\Windows\System32\MRT
2014-11-02 14:16:20 99480 ----a-w- C:\Windows\SysWow64\infocardapi.dll
2014-11-02 14:16:20 619672 ----a-w- C:\Windows\SysWow64\icardagt.exe
2014-11-02 14:16:20 171160 ----a-w- C:\Windows\System32\infocardapi.dll
2014-11-02 14:16:20 1389208 ----a-w- C:\Windows\System32\icardagt.exe
2014-11-02 14:16:19 8856 ----a-w- C:\Windows\SysWow64\icardres.dll
2014-11-02 14:16:19 8856 ----a-w- C:\Windows\System32\icardres.dll
2014-11-02 14:15:28 35480 ----a-w- C:\Windows\SysWow64\TsWpfWrp.exe
2014-11-02 14:15:28 35480 ----a-w- C:\Windows\System32\TsWpfWrp.exe
2014-11-02 14:08:53 142336 ----a-w- C:\Windows\System32\poqexec.exe
2014-11-02 14:08:53 123904 ----a-w- C:\Windows\SysWow64\poqexec.exe
2014-11-02 13:34:51 1572864 ----a-w- C:\Windows\System32\quartz.dll
2014-11-02 13:29:30 793600 ----a-w- C:\Windows\SysWow64\TSWorkspace.dll
2014-11-02 13:29:30 1031168 ----a-w- C:\Windows\System32\TSWorkspace.dll
2014-11-02 13:24:06 515584 ----a-w- C:\Windows\System32\timedate.cpl
2014-11-02 13:24:06 478720 ----a-w- C:\Windows\SysWow64\timedate.cpl
2014-11-02 13:24:06 2048 ----a-w- C:\Windows\SysWow64\msxml6r.dll
2014-11-02 13:24:06 2048 ----a-w- C:\Windows\System32\msxml6r.dll
2014-11-02 13:24:06 2002432 ----a-w- C:\Windows\System32\msxml6.dll
2014-11-02 13:24:06 1389056 ----a-w- C:\Windows\SysWow64\msxml6.dll
2014-11-02 13:22:41 99840 ----a-w- C:\Windows\System32\drivers\usbccgp.sys
2014-11-02 13:15:04 81920 ----a-w- C:\Windows\SysWow64\davclnt.dll
2014-11-02 13:14:38 245760 ----a-w- C:\Windows\System32\OxpsConverter.exe
2014-11-02 13:13:07 467456 ----a-w- C:\Windows\System32\drivers\srv.sys
2014-11-02 13:13:07 410112 ----a-w- C:\Windows\System32\drivers\srv2.sys
2014-11-02 13:13:07 168448 ----a-w- C:\Windows\System32\drivers\srvnet.sys
2014-11-02 13:13:03 519680 ----a-w- C:\Windows\SysWow64\qdvd.dll
2014-11-02 13:13:03 371712 ----a-w- C:\Windows\System32\qdvd.dll
2014-11-02 13:13:02 985536 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
2014-11-02 13:13:02 265064 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys
2014-11-02 13:13:02 144384 ----a-w- C:\Windows\System32\cdd.dll
2014-11-02 13:13:01 327168 ----a-w- C:\Windows\System32\mswsock.dll
2014-11-02 13:13:01 231424 ----a-w- C:\Windows\SysWow64\mswsock.dll
2014-11-02 13:11:06 878080 ----a-w- C:\Windows\System32\advapi32.dll
2014-11-02 13:11:06 859648 ----a-w- C:\Windows\System32\tdh.dll
2014-11-02 13:11:06 640512 ----a-w- C:\Windows\SysWow64\advapi32.dll
2014-11-02 13:11:06 619520 ----a-w- C:\Windows\SysWow64\tdh.dll
2014-11-02 13:11:06 1732032 ----a-w- C:\Windows\System32\ntdll.dll
2014-11-02 13:11:06 1292192 ----a-w- C:\Windows\SysWow64\ntdll.dll
2014-11-02 13:10:50 75120 ----a-w- C:\Windows\System32\drivers\partmgr.sys
2014-11-02 13:10:15 70144 ----a-w- C:\Windows\System32\appinfo.dll
2014-11-02 13:10:15 504320 ----a-w- C:\Windows\System32\msihnd.dll
2014-11-02 13:10:15 337408 ----a-w- C:\Windows\SysWow64\msihnd.dll
2014-11-02 13:10:15 1941504 ----a-w- C:\Windows\System32\authui.dll
2014-11-02 13:10:15 1805824 ----a-w- C:\Windows\SysWow64\authui.dll
2014-11-02 13:10:15 112064 ----a-w- C:\Windows\System32\consent.exe
2014-11-02 11:57:03 -------- d-----w- C:\Users\D2\AppData\Local\Apps
2014-11-02 11:18:06 30720 ----a-w- C:\Windows\System32\cryptdlg.dll
2014-11-02 11:18:06 24576 ----a-w- C:\Windows\SysWow64\cryptdlg.dll
2014-11-02 11:17:40 64512 ----a-w- C:\Windows\SysWow64\devobj.dll
2014-11-02 11:17:40 44544 ----a-w- C:\Windows\SysWow64\devrtl.dll
2014-11-02 11:17:40 404480 ----a-w- C:\Windows\System32\umpnpmgr.dll
2014-11-02 11:17:40 252928 ----a-w- C:\Windows\SysWow64\drvinst.exe
2014-11-02 11:17:40 145920 ----a-w- C:\Windows\SysWow64\cfgmgr32.dll
2014-11-02 11:12:50 903168 ----a-w- C:\Windows\SysWow64\certutil.exe
2014-11-02 11:12:50 52224 ----a-w- C:\Windows\System32\certenc.dll
2014-11-02 11:12:50 43008 ----a-w- C:\Windows\SysWow64\certenc.dll
2014-11-02 11:12:50 1192448 ----a-w- C:\Windows\System32\certutil.exe
2014-11-02 11:11:07 202752 ----a-w- C:\Windows\System32\scrrun.dll
2014-11-02 11:11:07 168960 ----a-w- C:\Windows\System32\wscript.exe
2014-11-02 11:11:07 163840 ----a-w- C:\Windows\SysWow64\scrrun.dll
2014-11-02 11:11:07 156160 ----a-w- C:\Windows\System32\cscript.exe
2014-11-02 11:11:07 150016 ----a-w- C:\Windows\System32\wshom.ocx
2014-11-02 11:11:07 141824 ----a-w- C:\Windows\SysWow64\wscript.exe
2014-11-02 11:11:07 126976 ----a-w- C:\Windows\SysWow64\cscript.exe
2014-11-02 11:11:07 121856 ----a-w- C:\Windows\SysWow64\wshom.ocx
2014-11-02 11:11:04 458712 ----a-w- C:\Windows\System32\drivers\cng.sys
2014-11-02 11:08:01 956928 ----a-w- C:\Windows\System32\localspl.dll
2014-11-02 11:07:28 404480 ----a-w- C:\Windows\System32\gdi32.dll
2014-11-02 11:07:28 311808 ----a-w- C:\Windows\SysWow64\gdi32.dll
2014-11-02 11:06:51 90624 ----a-w- C:\Windows\System32\drivers\bowser.sys
2014-11-02 11:06:49 331776 ----a-w- C:\Windows\System32\oleacc.dll
2014-11-02 11:06:49 233472 ----a-w- C:\Windows\SysWow64\oleacc.dll
2014-11-02 11:06:42 723456 ----a-w- C:\Windows\System32\EncDec.dll
2014-11-02 11:06:42 534528 ----a-w- C:\Windows\SysWow64\EncDec.dll
2014-11-02 11:00:21 -------- d-----w- C:\Users\D2\AppData\Roaming\NetMeter
2014-11-02 10:51:24 859648 ----a-w- C:\Windows\System32\IKEEXT.DLL
2014-11-02 10:51:24 830464 ----a-w- C:\Windows\System32\nshwfp.dll
2014-11-02 10:51:24 656896 ----a-w- C:\Windows\SysWow64\nshwfp.dll
2014-11-02 10:51:24 324096 ----a-w- C:\Windows\System32\FWPUCLNT.DLL
2014-11-02 10:51:24 216576 ----a-w- C:\Windows\SysWow64\FWPUCLNT.DLL
2014-11-02 10:51:11 461312 ----a-w- C:\Windows\System32\scavengeui.dll
2014-11-02 10:51:05 664064 ----a-w- C:\Windows\SysWow64\rpcrt4.dll
2014-11-02 10:51:05 1216000 ----a-w- C:\Windows\System32\rpcrt4.dll
2014-11-02 02:25:24 -------- d-----w- C:\Users\D2\AppData\Local\IsolatedStorage
2014-11-02 02:24:47 41032 ----a-w- C:\Windows\System32\drivers\gfiark.sys
2014-11-02 02:24:47 31264 ----a-w- C:\Windows\System32\drivers\gfiutil.sys
2014-11-02 02:16:51 -------- d-----w- C:\Windows\Panther
2014-11-02 02:10:26 -------- d-----w- C:\Users\D2\AppData\Local\Microsoft Games
2014-11-02 01:59:56 63696 ----a-w- C:\Windows\System32\drivers\sbhips.sys
2014-11-02 01:59:56 48016 ----a-w- C:\Windows\System32\sbbd.exe
2014-11-02 01:59:54 -------- d-----w- C:\Windows\SysWow64\System32
2014-11-02 01:59:54 -------- d-----w- C:\ProgramData\VIPRE
2014-11-02 01:59:54 -------- d-----w- C:\ProgramData\GFI
2014-11-02 01:59:54 -------- d-----w- C:\Program Files (x86)\GFI
2014-11-02 01:59:44 -------- d-----w- C:\ProgramData\Downloaded Installations
2014-11-02 01:46:33 -------- d-----w- C:\Program Files (x86)\VIPRE
2014-11-02 01:46:24 -------- d-----w- C:\Users\D2\AppData\Roaming\VIPRE
2014-11-02 01:46:24 -------- d-----w- C:\Users\D2\AppData\Local\VIPRE
2014-11-02 01:24:05 -------- d-----w- C:\Users\D2\AppData\Local\Macromedia
2014-11-02 01:15:19 -------- d-----w- C:\Users\D2\AppData\Local\Adobe
2014-11-01 23:35:51 -------- d-----w- C:\Users\D2\AppData\Local\KeePass
2014-11-01 23:24:46 -------- d-----w- C:\Users\D2\AppData\Local\Mozilla
2014-11-01 23:24:41 -------- d-----w- C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-01 23:02:34 -------- d-----w- C:\Users\D2\AppData\Roaming\Windows Live Writer
2014-11-01 23:02:34 -------- d-----w- C:\Users\D2\AppData\Local\Windows Live Writer
2014-11-01 22:58:34 -------- d-----w- C:\Windows\PCHEALTH
2014-11-01 22:46:59 889416 -c--a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\bea897481cff62504\dotNetFx40_Full_setup.exe
2014-11-01 22:46:38 -------- d-----w- C:\Users\D2\AppData\Local\Windows Live
2014-11-01 22:46:27 -------- d-----w- C:\Program Files (x86)\Common Files\Windows Live
2014-11-01 22:18:19 -------- d-----w- C:\Users\D2\AppData\Roaming\QFX Software
2014-11-01 22:18:19 -------- d-----w- C:\ProgramData\QFX Software
2014-11-01 22:17:19 222200 ----a-w- C:\Windows\System32\drivers\keyscrambler.sys
2014-11-01 22:17:18 -------- d-----w- C:\Program Files (x86)\KeyScrambler
2014-11-01 22:14:04 -------- d-----w- C:\Users\D2\AppData\Roaming\TeraCopy
2014-11-01 22:14:01 -------- d-----w- C:\Program Files\TeraCopy
2014-11-01 21:46:34 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll
2014-11-01 21:46:34 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys
2014-11-01 21:46:34 1031680 ----a-w- C:\Windows\System32\rdpcore.dll
2014-11-01 20:58:23 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2014-11-01 20:58:23 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy
2014-11-01 19:47:45 -------- d-----w- C:\Users\D2\AppData\Roaming\KeePass
2014-11-01 19:39:11 -------- d-----w- C:\Program Files (x86)\KeePass Password Safe 2
2014-11-01 19:39:00 -------- d-----w- C:\Users\D2\AppData\Local\Programs
2014-11-01 19:10:06 275080 ------w- C:\Windows\System32\MpSigStub.exe
2014-11-01 19:10:06 11627712 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{194DE415-C1D5-4953-B252-16B3023E7C31}\mpengine.dll
2014-11-01 18:51:59 -------- d-----w- C:\Program Files (x86)\Common Files\Intel Corporation
2014-11-01 18:50:58 -------- d-----w- C:\Users\D2\AppData\Roaming\Intel Corporation
2014-11-01 18:48:23 568600 ----a-w- C:\Windows\System32\drivers\iaStor.sys
2014-11-01 18:47:09 538496 ----a-r- C:\Windows\System32\PROUnstl.exe
2014-11-01 18:46:36 73032 ----a-w- C:\Windows\System32\e1cmsg.dll
2014-11-01 18:46:36 482128 ----a-w- C:\Windows\System32\drivers\e1c62x64.sys
2014-11-01 18:46:36 36472 ----a-w- C:\Windows\System32\NicCo36.dll
2014-11-01 18:46:35 101224 ----a-w- C:\Windows\System32\NicInstC.dll
2014-11-01 18:46:21 -------- d-sh--w- C:\Windows\Installer
2014-11-01 18:42:00 53248 ----a-r- C:\Windows\SysWow64\CSVer.dll
2014-11-01 18:40:40 -------- d-----w- C:\Intel
2014-11-01 18:39:14 -------- d-----w- C:\Windows\Chipset
2014-11-01 18:39:12 16896 ----a-w- C:\Windows\AsTaskSched.dll
2014-11-01 18:39:10 296320 ----a-w- C:\Windows\System32\drivers\volsnap.sys
2014-11-01 18:29:46 -------- d-----w- C:\Windows\System32\SPReview
2014-11-01 18:26:03 2560 ----a-w- C:\Windows\System32\drivers\en-US\rdpwd.sys.mui
2014-11-01 18:26:00 3072 ----a-w- C:\Windows\System32\drivers\en-US\tsusbflt.sys.mui
2014-11-01 18:25:57 6144 ----a-w- C:\Windows\System32\drivers\en-US\IPMIDrv.sys.mui
2014-11-01 18:25:57 4608 ----a-w- C:\Windows\System32\drivers\en-US\kbdclass.sys.mui
2014-11-01 18:21:55 -------- d-----w- C:\Windows\System32\EventProviders
2014-10-16 02:09:54 3528440 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Csi.dll
2014-10-16 02:07:46 5085936 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Csi.dll
.
==================== Find3M ====================
.
2014-11-06 04:04:03 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2014-11-06 04:03:50 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2014-11-06 03:47:03 66560 ----a-w- C:\Windows\System32\iesetup.dll
2014-11-06 03:46:12 580096 ----a-w- C:\Windows\System32\vbscript.dll
2014-11-06 03:46:12 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2014-11-06 03:44:28 88064 ----a-w- C:\Windows\System32\MshtmlDac.dll
2014-11-06 03:30:22 144384 ----a-w- C:\Windows\System32\ieUnatt.exe
2014-11-06 03:30:08 114688 ----a-w- C:\Windows\System32\ieetwcollector.exe
2014-11-06 03:29:18 814080 ----a-w- C:\Windows\System32\jscript9diag.dll
2014-11-06 03:28:20 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-11-06 03:23:57 6040064 ----a-w- C:\Windows\System32\jscript9.dll
2014-11-06 03:20:18 968704 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2014-11-06 03:13:43 501248 ----a-w- C:\Windows\SysWow64\vbscript.dll
2014-11-06 03:13:36 62464 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-11-06 03:12:44 47616 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2014-11-06 03:10:58 64000 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
2014-11-06 03:07:29 77824 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-11-06 02:59:36 115712 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2014-11-06 02:58:38 620032 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2014-11-06 02:42:36 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2014-11-06 02:39:39 1359360 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2014-11-06 02:38:25 2124288 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-11-06 02:21:49 4298240 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-11-06 02:21:25 2051072 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-11-06 02:20:37 1155072 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2014-11-06 02:17:24 2365440 ----a-w- C:\Windows\System32\wininet.dll
2014-11-06 01:52:35 1892864 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-11-02 15:10:16 9728 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-11-01 18:28:43 175616 ----a-w- C:\Windows\System32\msclmd.dll
2014-11-01 18:28:43 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll
2014-10-25 01:57:59 77824 ----a-w- C:\Windows\System32\packager.dll
2014-10-25 01:32:37 67584 ----a-w- C:\Windows\SysWow64\packager.dll
2014-10-18 02:05:23 861696 ----a-w- C:\Windows\System32\oleaut32.dll
2014-10-18 01:33:18 571904 ----a-w- C:\Windows\SysWow64\oleaut32.dll
2014-10-14 02:13:00 3241984 ----a-w- C:\Windows\System32\msi.dll
2014-10-14 01:50:41 2363904 ----a-w- C:\Windows\SysWow64\msi.dll
2014-10-10 00:57:42 3198976 ----a-w- C:\Windows\System32\win32k.sys
2014-10-03 02:12:00 500224 ----a-w- C:\Windows\System32\AUDIOKSE.dll
2014-10-03 02:11:54 284672 ----a-w- C:\Windows\System32\EncDump.dll
2014-10-03 02:11:51 680960 ----a-w- C:\Windows\System32\audiosrv.dll
2014-10-03 02:11:51 440832 ----a-w- C:\Windows\System32\AudioEng.dll
2014-10-03 02:11:51 296448 ----a-w- C:\Windows\System32\AudioSes.dll
2014-10-03 01:44:42 442880 ----a-w- C:\Windows\SysWow64\AUDIOKSE.dll
2014-10-03 01:44:26 374784 ----a-w- C:\Windows\SysWow64\AudioEng.dll
2014-10-03 01:44:26 195584 ----a-w- C:\Windows\SysWow64\AudioSes.dll
2014-10-02 11:21:08 634560 ----a-w- C:\Windows\SysWow64\XceedZip.dll
2014-10-02 11:16:58 95608 ----a-w- C:\Windows\System32\drivers\sbwtis.sys
2014-10-02 11:16:54 345392 ----a-w- C:\Windows\System32\drivers\sbwfw.sys
2014-10-02 11:15:38 88928 ----a-w- C:\Windows\System32\drivers\sbapifs.sys
2014-10-02 11:15:36 48016 ----a-w- C:\Windows\SysWow64\sbbd.exe
2014-10-01 19:53:58 932752 ----a-w- C:\Windows\System32\GfxUIEx.exe
2014-10-01 19:53:58 546704 ----a-w- C:\Windows\System32\DPTopologyApp.exe
2014-10-01 19:53:58 546192 ----a-w- C:\Windows\System32\DPTopologyAppv2_0.exe
2014-10-01 19:53:58 4354448 ----a-w- C:\Windows\System32\Gfxv4_0.exe
2014-10-01 19:53:58 4350864 ----a-w- C:\Windows\System32\Gfxv2_0.exe
2014-10-01 19:53:58 155536 ----a-w- C:\Windows\System32\difx64.exe
2014-10-01 19:53:56 400272 ----a-w- C:\Windows\System32\CustomModeApp.exe
2014-10-01 19:53:56 399760 ----a-w- C:\Windows\System32\CustomModeAppv2_0.exe
2014-09-19 09:42:52 210944 ----a-w- C:\Windows\System32\wdigest.dll
2014-09-19 09:42:51 86528 ----a-w- C:\Windows\System32\TSpkg.dll
2014-09-19 09:42:49 342016 ----a-w- C:\Windows\System32\schannel.dll
2014-09-19 09:42:47 314880 ----a-w- C:\Windows\System32\msv1_0.dll
2014-09-19 09:42:47 309760 ----a-w- C:\Windows\System32\ncrypt.dll
2014-09-19 09:42:44 728064 ----a-w- C:\Windows\System32\kerberos.dll
2014-09-19 09:42:41 22016 ----a-w- C:\Windows\System32\credssp.dll
2014-09-19 09:23:55 172032 ----a-w- C:\Windows\SysWow64\wdigest.dll
2014-09-19 09:23:52 65536 ----a-w- C:\Windows\SysWow64\TSpkg.dll
2014-09-19 09:23:49 248832 ----a-w- C:\Windows\SysWow64\schannel.dll
2014-09-19 09:23:46 221184 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2014-09-19 09:23:45 259584 ----a-w- C:\Windows\SysWow64\msv1_0.dll
2014-09-19 09:23:42 550912 ----a-w- C:\Windows\SysWow64\kerberos.dll
2014-09-19 09:23:36 17408 ----a-w- C:\Windows\SysWow64\credssp.dll
2014-09-09 22:11:04 2048 ----a-w- C:\Windows\System32\tzres.dll
2014-09-09 21:47:10 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2014-09-04 05:23:20 424448 ----a-w- C:\Windows\System32\rastls.dll
2014-09-04 05:04:15 372736 ----a-w- C:\Windows\SysWow64\rastls.dll
2014-08-21 06:43:26 1882624 ----a-w- C:\Windows\System32\msxml3.dll
2014-08-21 06:40:32 2048 ----a-w- C:\Windows\System32\msxml3r.dll
2014-08-21 06:26:21 1237504 ----a-w- C:\Windows\SysWow64\msxml3.dll
2014-08-21 06:23:10 2048 ----a-w- C:\Windows\SysWow64\msxml3r.dll
2011-08-26 15:53:57 293888 ----a-w- C:\Program Files (x86)\NetMeter.exe
2010-10-29 22:57:34 1856512 ----a-w- C:\Program Files (x86)\Default Programs Editor.exe
.
============= FINISH: 11:51:57.93 ===============
http://www.techsupportforum.com/foru...ml#post5794642
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17420
Run by D2 at 11:51:41 on 2014-11-14
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.7870.5903 [GMT 0:00]
.
AV: ThreatTrack Security VIPRE *Enabled/Updated* {FFE93D16-FD09-0282-C7D3-8B1731B6A051}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: ThreatTrack Security VIPRE *Enabled/Updated* {4488DCF2-DB33-0D0C-FD63-B0654A31EAEC}
FW: ThreatTrack Security VIPRE *Enabled* {C7D2BC33-B766-03DA-EC8C-2222CF65E72A}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\igfxCUIService.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe
C:\Windows\system32\Dwm.exe
C:\Program Files (x86)\GFI\LanGuard 11 Agent\lnssatt.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\IProsetMonitor.exe
C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe
C:\Program Files (x86)\VIPRE\SBPIMSvc.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files (x86)\NetMeter.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\igfxEM.exe
C:\Windows\system32\igfxHK.exe
C:\Windows\system32\igfxTray.exe
C:\Program Files (x86)\KeyScrambler\KeyScrambler.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\KeyScrambler\x64\KeyScrambler.exe
C:\Program Files (x86)\VIPRE\SBAMSvc.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\VIPRE\SBAMTray.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Users\D2\Desktop\HWMonitor\HWMonitor_x64.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.bing.com/
uSearch Bar = Preserve
mWinlogon: Userinit = userinit.exe,
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: VIPRE Search Guard Helper: {963C8283-AE7F-4AA6-9B3B-847A8FC62C5E} - C:\Program Files (x86)\VIPRE\VSGN.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Free Download Manager: {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll
TB: VIPRE Search Guard Toolbar: {A924C17A-5E94-4E02-BED5-49720BA6F7FA} - C:\Program Files (x86)\VIPRE\VSGN.dll
TB: VIPRE Search Guard Toolbar: {A924C17A-5E94-4E02-BED5-49720BA6F7FA} - C:\Program Files (x86)\VIPRE\VSGN.dll
uRun: [NetMeter] C:\Program Files (x86)\NetMeter.exe
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
mRun: [KeePass 2 PreLoad] "C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe" --preload
mRun: [KeyScrambler] C:\Program Files (x86)\KeyScrambler\keyscrambler.exe /a
mRun: [SBAMTray] "C:\Program Files (x86)\VIPRE\SBAMTray.exe"
mRun: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
TCP: NameServer = 192.168.1.254
TCP: Interfaces\{37A054FC-A066-4239-823C-A0EA6E52BCA1} : DHCPNameServer = 192.168.1.254
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: vipresg - {47BE2E5B-703B-444F-ABD3-05717D2191C6} - C:\Program Files (x86)\VIPRE\VSGN.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: VIPRE Search Guard Helper: {963C8283-AE7F-4AA6-9B3B-847A8FC62C5E} - C:\Program Files (x86)\VIPRE\x64\VSGNx64.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-TB: VIPRE Search Guard Toolbar: {A924C17A-5E94-4E02-BED5-49720BA6F7FA} - C:\Program Files (x86)\VIPRE\x64\VSGNx64.dll
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
x64-Run: [RtHDVBg_DTS] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /DTSU2P
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: vipresg - {47BE2E5B-703B-444F-ABD3-05717D2191C6} - C:\Program Files (x86)\VIPRE\x64\VSGNx64.dll
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\D2\AppData\Roaming\Mozilla\Firefox\Profiles\kbq7c7g2.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.bing.com/
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Nitro\Reader 3\npdf.dll
FF - plugin: C:\Program Files (x86)\Nitro\Reader 3\npnitroie.dll
FF - plugin: C:\Program Files (x86)\Nitro\Reader 3\npnitromozilla.dll
.
============= SERVICES / DRIVERS ===============
.
R1 sbwfw;sbwfw;C:\Windows\System32\drivers\sbwfw.sys [2014-10-2 345392]
R2 DTSAudioSvc;DTSAudioSvc;C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [2014-11-1 233328]
R2 gfi_lanss11_attservice;GFI LanGuard 11 Attendant Service;C:\Program Files (x86)\GFI\LanGuard 11 Agent\lnssatt.exe [2012-11-23 133496]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2014-11-1 13592]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service;C:\Windows\System32\igfxCUIService.exe [2014-10-1 319376]
R2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;C:\Windows\System32\IPROSetMonitor.exe [2012-7-27 170824]
R2 NitroReaderDriverReadSpool3;NitroPDFReaderDriverCreatorReadSpool3;C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [2013-7-26 230416]
R2 SBAMSvc;VIPRE Internet Security;C:\Program Files (x86)\VIPRE\SBAMSvc.exe [2014-10-2 3962216]
R2 sbapifs;sbapifs;C:\Windows\System32\drivers\sbapifs.sys [2014-10-2 88928]
R2 SBPIMSvc;SB Recovery Service;C:\Program Files (x86)\VIPRE\SBPIMSvc.exe [2014-10-2 177040]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2014-11-1 331264]
R3 KeyScrambler;KeyScrambler;C:\Windows\System32\drivers\keyscrambler.sys [2014-11-1 222200]
R3 sbwtis;sbwtis;C:\Windows\System32\drivers\sbwtis.sys [2014-10-2 95608]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S3 gfiark;gfiark;C:\Windows\System32\drivers\gfiark.sys [2014-11-2 41032]
S3 gfiutil;gfiutil;C:\Windows\System32\drivers\gfiutil.sys [2014-11-2 31264]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-11-12 114688]
S3 sbhips;sbhips;C:\Windows\System32\drivers\sbhips.sys [2014-11-2 63696]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2014-11-1 59392]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2014-11-2 1255736]
.
=============== Created Last 30 ================
.
2014-11-13 22:54:18 29712 ----a-w- C:\Windows\System32\nitrolocalmon2.dll
2014-11-13 22:54:18 17936 ----a-w- C:\Windows\System32\nitrolocalui2.dll
2014-11-13 20:20:33 -------- d-----w- C:\Users\D2\AppData\Roaming\MediaInfo
2014-11-13 20:11:37 -------- d-----w- C:\Program Files\MediaInfo
2014-11-13 00:34:04 -------- d-----w- C:\Program Files (x86)\GRETECH
2014-11-12 22:37:02 683520 ----a-w- C:\Windows\System32\termsrv.dll
2014-11-12 22:37:02 681984 ----a-w- C:\Windows\SysWow64\adtschema.dll
2014-11-12 22:37:02 681984 ----a-w- C:\Windows\System32\adtschema.dll
2014-11-12 22:37:02 155064 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2014-11-12 22:37:01 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2014-11-12 22:37:01 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2014-11-12 22:37:01 146432 ----a-w- C:\Windows\SysWow64\msaudite.dll
2014-11-12 22:37:01 146432 ----a-w- C:\Windows\System32\msaudite.dll
2014-11-12 22:37:01 1460736 ----a-w- C:\Windows\System32\lsasrv.dll
2014-11-11 18:53:36 -------- d-----w- C:\Users\D2\AppData\Roaming\Mipony
2014-11-11 18:53:18 -------- d-----w- C:\Users\D2\AppData\Roaming\Mipony.backupbyMiPonyPortable
2014-11-09 19:27:23 -------- d-----w- C:\Users\D2\AppData\Roaming\Free Download Manager
2014-11-09 19:27:19 -------- d-----w- C:\Program Files (x86)\Free Download Manager
2014-11-09 16:29:08 12872 ----a-w- C:\Windows\System32\bootdelete.exe
2014-11-09 16:25:10 -------- d-----w- C:\ProgramData\HitmanPro
2014-11-09 13:27:50 129752 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-11-09 13:27:43 93400 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2014-11-09 13:27:43 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys
2014-11-09 13:27:43 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys
2014-11-09 13:27:43 -------- d-----w- C:\ProgramData\Malwarebytes
2014-11-09 13:27:43 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-11-09 11:58:58 -------- d-----w- C:\AdwCleaner
2014-11-09 11:40:21 -------- d-----w- C:\Program Files (x86)\trend micro
2014-11-09 03:41:41 -------- d-----w- C:\Users\D2\AppData\Local\ElevatedDiagnostics
2014-11-09 03:41:40 -------- d-----w- C:\Users\D2\AppData\Local\Diagnostics
2014-11-09 01:54:40 -------- d-----w- C:\Program Files (x86)\VideoLAN
2014-11-09 01:34:18 -------- d-----w- C:\Users\D2\AppData\Roaming\MPC-HC
2014-11-09 01:33:17 -------- d-----w- C:\Program Files (x86)\MPC-HC
2014-11-05 23:02:48 -------- d-----w- C:\Users\D2\AppData\Roaming\Nitro
2014-11-05 23:02:48 -------- d-----w- C:\Users\D2\AppData\Roaming\FileOpen
2014-11-05 23:02:48 -------- d-----w- C:\ProgramData\FileOpen
2014-11-05 23:02:29 -------- d-----w- C:\Program Files\Common Files\Nitro
2014-11-05 23:02:28 -------- d-----w- C:\ProgramData\Nitro
2014-11-05 23:02:28 -------- d-----w- C:\Program Files (x86)\Nitro
2014-11-05 23:02:28 -------- d-----w- C:\Program Files (x86)\Common Files\Nitro
2014-11-05 23:02:04 -------- d-----w- C:\Users\D2\AppData\Roaming\Downloaded Installations
2014-11-04 01:17:57 -------- d-----w- C:\Users\D2\AppData\Roaming\NexusFont
2014-11-03 16:33:12 144 ----a-w- C:\Windows\System32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2014-11-03 16:21:28 451 ----a-w- C:\Windows\System32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2014-11-03 15:14:41 -------- d-sh--w- C:\Users\D2\IntelGraphicsProfiles
2014-11-03 13:55:01 -------- d-----w- C:\Program Files\CCleaner
2014-11-03 12:56:51 -------- d-sh--w- C:\Users\D2\AppData\Local\EmieUserList
2014-11-03 12:56:51 -------- d-sh--w- C:\Users\D2\AppData\Local\EmieSiteList
2014-11-03 12:07:15 -------- d-----w- C:\Program Files (x86)\ReNamer
2014-11-03 11:18:07 -------- d-----w- C:\Program Files (x86)\Microsoft Synchronization Services
2014-11-03 11:18:02 -------- d-----w- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2014-11-03 11:16:51 -------- d-----w- C:\Program Files (x86)\Microsoft Analysis Services
2014-11-03 11:16:47 -------- d-----w- C:\Users\D2\AppData\Local\Microsoft Help
2014-11-03 00:42:59 -------- d-----w- C:\Program Files (x86)\MSXML 4.0
2014-11-02 21:50:17 2777088 ----a-w- C:\Windows\System32\msmpeg2vdec.dll
2014-11-02 21:50:17 2285056 ----a-w- C:\Windows\SysWow64\msmpeg2vdec.dll
2014-11-02 21:22:11 -------- d-----w- C:\Users\D2\AppData\Local\factormystic.net
2014-11-02 20:53:40 -------- d-----w- C:\ProgramData\Free Download Manager
2014-11-02 19:28:15 -------- d-----w- C:\Program Files (x86)\The KMPlayer
2014-11-02 19:12:17 2871808 ----a-w- C:\Windows\explorer.exe
2014-11-02 19:12:17 2616320 ----a-w- C:\Windows\SysWow64\explorer.exe
2014-11-02 19:12:15 465920 ----a-w- C:\Windows\System32\WMPhoto.dll
2014-11-02 19:12:15 417792 ----a-w- C:\Windows\SysWow64\WMPhoto.dll
2014-11-02 19:12:11 2565120 ----a-w- C:\Windows\System32\d3d10warp.dll
2014-11-02 19:12:10 1987584 ----a-w- C:\Windows\SysWow64\d3d10warp.dll
2014-11-02 19:10:52 67072 ----a-w- C:\Windows\splwow64.exe
2014-11-02 19:10:52 559104 ----a-w- C:\Windows\System32\spoolsv.exe
2014-11-02 19:05:49 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll
2014-11-02 19:05:49 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll
2014-11-02 17:46:48 -------- d-----w- C:\Windows\SysWow64\Wat
2014-11-02 17:46:48 -------- d-----w- C:\Windows\System32\Wat
2014-11-02 15:33:58 167424 ----a-w- C:\Program Files\Windows Media Player\wmplayer.exe
2014-11-02 15:33:58 164864 ----a-w- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
2014-11-02 15:33:57 12625920 ----a-w- C:\Windows\System32\wmploc.DLL
2014-11-02 15:33:57 12625408 ----a-w- C:\Windows\SysWow64\wmploc.DLL
2014-11-02 15:27:12 -------- d-----w- C:\Windows\Migration
2014-11-02 15:10:16 9728 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-11-02 14:50:46 2560 ----a-w- C:\Windows\System32\drivers\en-US\wdf01000.sys.mui
2014-11-02 14:42:59 294912 ----a-w- C:\Windows\System32\browserchoice.exe
2014-11-02 14:28:48 87040 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys
2014-11-02 14:28:48 84992 ----a-w- C:\Windows\System32\WUDFSvc.dll
2014-11-02 14:28:48 198656 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys
2014-11-02 14:28:48 194048 ----a-w- C:\Windows\System32\WUDFPlatform.dll
2014-11-02 14:28:47 744448 ----a-w- C:\Windows\System32\WUDFx.dll
2014-11-02 14:28:47 45056 ----a-w- C:\Windows\System32\WUDFCoinstaller.dll
2014-11-02 14:28:47 229888 ----a-w- C:\Windows\System32\WUDFHost.exe
2014-11-02 14:20:06 5120 ----a-w- C:\Windows\SysWow64\wmi.dll
2014-11-02 14:20:06 5120 ----a-w- C:\Windows\System32\wmi.dll
2014-11-02 14:20:06 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys
2014-11-02 14:16:43 -------- d-----w- C:\Windows\System32\MRT
2014-11-02 14:16:20 99480 ----a-w- C:\Windows\SysWow64\infocardapi.dll
2014-11-02 14:16:20 619672 ----a-w- C:\Windows\SysWow64\icardagt.exe
2014-11-02 14:16:20 171160 ----a-w- C:\Windows\System32\infocardapi.dll
2014-11-02 14:16:20 1389208 ----a-w- C:\Windows\System32\icardagt.exe
2014-11-02 14:16:19 8856 ----a-w- C:\Windows\SysWow64\icardres.dll
2014-11-02 14:16:19 8856 ----a-w- C:\Windows\System32\icardres.dll
2014-11-02 14:15:28 35480 ----a-w- C:\Windows\SysWow64\TsWpfWrp.exe
2014-11-02 14:15:28 35480 ----a-w- C:\Windows\System32\TsWpfWrp.exe
2014-11-02 14:08:53 142336 ----a-w- C:\Windows\System32\poqexec.exe
2014-11-02 14:08:53 123904 ----a-w- C:\Windows\SysWow64\poqexec.exe
2014-11-02 13:34:51 1572864 ----a-w- C:\Windows\System32\quartz.dll
2014-11-02 13:29:30 793600 ----a-w- C:\Windows\SysWow64\TSWorkspace.dll
2014-11-02 13:29:30 1031168 ----a-w- C:\Windows\System32\TSWorkspace.dll
2014-11-02 13:24:06 515584 ----a-w- C:\Windows\System32\timedate.cpl
2014-11-02 13:24:06 478720 ----a-w- C:\Windows\SysWow64\timedate.cpl
2014-11-02 13:24:06 2048 ----a-w- C:\Windows\SysWow64\msxml6r.dll
2014-11-02 13:24:06 2048 ----a-w- C:\Windows\System32\msxml6r.dll
2014-11-02 13:24:06 2002432 ----a-w- C:\Windows\System32\msxml6.dll
2014-11-02 13:24:06 1389056 ----a-w- C:\Windows\SysWow64\msxml6.dll
2014-11-02 13:22:41 99840 ----a-w- C:\Windows\System32\drivers\usbccgp.sys
2014-11-02 13:15:04 81920 ----a-w- C:\Windows\SysWow64\davclnt.dll
2014-11-02 13:14:38 245760 ----a-w- C:\Windows\System32\OxpsConverter.exe
2014-11-02 13:13:07 467456 ----a-w- C:\Windows\System32\drivers\srv.sys
2014-11-02 13:13:07 410112 ----a-w- C:\Windows\System32\drivers\srv2.sys
2014-11-02 13:13:07 168448 ----a-w- C:\Windows\System32\drivers\srvnet.sys
2014-11-02 13:13:03 519680 ----a-w- C:\Windows\SysWow64\qdvd.dll
2014-11-02 13:13:03 371712 ----a-w- C:\Windows\System32\qdvd.dll
2014-11-02 13:13:02 985536 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
2014-11-02 13:13:02 265064 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys
2014-11-02 13:13:02 144384 ----a-w- C:\Windows\System32\cdd.dll
2014-11-02 13:13:01 327168 ----a-w- C:\Windows\System32\mswsock.dll
2014-11-02 13:13:01 231424 ----a-w- C:\Windows\SysWow64\mswsock.dll
2014-11-02 13:11:06 878080 ----a-w- C:\Windows\System32\advapi32.dll
2014-11-02 13:11:06 859648 ----a-w- C:\Windows\System32\tdh.dll
2014-11-02 13:11:06 640512 ----a-w- C:\Windows\SysWow64\advapi32.dll
2014-11-02 13:11:06 619520 ----a-w- C:\Windows\SysWow64\tdh.dll
2014-11-02 13:11:06 1732032 ----a-w- C:\Windows\System32\ntdll.dll
2014-11-02 13:11:06 1292192 ----a-w- C:\Windows\SysWow64\ntdll.dll
2014-11-02 13:10:50 75120 ----a-w- C:\Windows\System32\drivers\partmgr.sys
2014-11-02 13:10:15 70144 ----a-w- C:\Windows\System32\appinfo.dll
2014-11-02 13:10:15 504320 ----a-w- C:\Windows\System32\msihnd.dll
2014-11-02 13:10:15 337408 ----a-w- C:\Windows\SysWow64\msihnd.dll
2014-11-02 13:10:15 1941504 ----a-w- C:\Windows\System32\authui.dll
2014-11-02 13:10:15 1805824 ----a-w- C:\Windows\SysWow64\authui.dll
2014-11-02 13:10:15 112064 ----a-w- C:\Windows\System32\consent.exe
2014-11-02 11:57:03 -------- d-----w- C:\Users\D2\AppData\Local\Apps
2014-11-02 11:18:06 30720 ----a-w- C:\Windows\System32\cryptdlg.dll
2014-11-02 11:18:06 24576 ----a-w- C:\Windows\SysWow64\cryptdlg.dll
2014-11-02 11:17:40 64512 ----a-w- C:\Windows\SysWow64\devobj.dll
2014-11-02 11:17:40 44544 ----a-w- C:\Windows\SysWow64\devrtl.dll
2014-11-02 11:17:40 404480 ----a-w- C:\Windows\System32\umpnpmgr.dll
2014-11-02 11:17:40 252928 ----a-w- C:\Windows\SysWow64\drvinst.exe
2014-11-02 11:17:40 145920 ----a-w- C:\Windows\SysWow64\cfgmgr32.dll
2014-11-02 11:12:50 903168 ----a-w- C:\Windows\SysWow64\certutil.exe
2014-11-02 11:12:50 52224 ----a-w- C:\Windows\System32\certenc.dll
2014-11-02 11:12:50 43008 ----a-w- C:\Windows\SysWow64\certenc.dll
2014-11-02 11:12:50 1192448 ----a-w- C:\Windows\System32\certutil.exe
2014-11-02 11:11:07 202752 ----a-w- C:\Windows\System32\scrrun.dll
2014-11-02 11:11:07 168960 ----a-w- C:\Windows\System32\wscript.exe
2014-11-02 11:11:07 163840 ----a-w- C:\Windows\SysWow64\scrrun.dll
2014-11-02 11:11:07 156160 ----a-w- C:\Windows\System32\cscript.exe
2014-11-02 11:11:07 150016 ----a-w- C:\Windows\System32\wshom.ocx
2014-11-02 11:11:07 141824 ----a-w- C:\Windows\SysWow64\wscript.exe
2014-11-02 11:11:07 126976 ----a-w- C:\Windows\SysWow64\cscript.exe
2014-11-02 11:11:07 121856 ----a-w- C:\Windows\SysWow64\wshom.ocx
2014-11-02 11:11:04 458712 ----a-w- C:\Windows\System32\drivers\cng.sys
2014-11-02 11:08:01 956928 ----a-w- C:\Windows\System32\localspl.dll
2014-11-02 11:07:28 404480 ----a-w- C:\Windows\System32\gdi32.dll
2014-11-02 11:07:28 311808 ----a-w- C:\Windows\SysWow64\gdi32.dll
2014-11-02 11:06:51 90624 ----a-w- C:\Windows\System32\drivers\bowser.sys
2014-11-02 11:06:49 331776 ----a-w- C:\Windows\System32\oleacc.dll
2014-11-02 11:06:49 233472 ----a-w- C:\Windows\SysWow64\oleacc.dll
2014-11-02 11:06:42 723456 ----a-w- C:\Windows\System32\EncDec.dll
2014-11-02 11:06:42 534528 ----a-w- C:\Windows\SysWow64\EncDec.dll
2014-11-02 11:00:21 -------- d-----w- C:\Users\D2\AppData\Roaming\NetMeter
2014-11-02 10:51:24 859648 ----a-w- C:\Windows\System32\IKEEXT.DLL
2014-11-02 10:51:24 830464 ----a-w- C:\Windows\System32\nshwfp.dll
2014-11-02 10:51:24 656896 ----a-w- C:\Windows\SysWow64\nshwfp.dll
2014-11-02 10:51:24 324096 ----a-w- C:\Windows\System32\FWPUCLNT.DLL
2014-11-02 10:51:24 216576 ----a-w- C:\Windows\SysWow64\FWPUCLNT.DLL
2014-11-02 10:51:11 461312 ----a-w- C:\Windows\System32\scavengeui.dll
2014-11-02 10:51:05 664064 ----a-w- C:\Windows\SysWow64\rpcrt4.dll
2014-11-02 10:51:05 1216000 ----a-w- C:\Windows\System32\rpcrt4.dll
2014-11-02 02:25:24 -------- d-----w- C:\Users\D2\AppData\Local\IsolatedStorage
2014-11-02 02:24:47 41032 ----a-w- C:\Windows\System32\drivers\gfiark.sys
2014-11-02 02:24:47 31264 ----a-w- C:\Windows\System32\drivers\gfiutil.sys
2014-11-02 02:16:51 -------- d-----w- C:\Windows\Panther
2014-11-02 02:10:26 -------- d-----w- C:\Users\D2\AppData\Local\Microsoft Games
2014-11-02 01:59:56 63696 ----a-w- C:\Windows\System32\drivers\sbhips.sys
2014-11-02 01:59:56 48016 ----a-w- C:\Windows\System32\sbbd.exe
2014-11-02 01:59:54 -------- d-----w- C:\Windows\SysWow64\System32
2014-11-02 01:59:54 -------- d-----w- C:\ProgramData\VIPRE
2014-11-02 01:59:54 -------- d-----w- C:\ProgramData\GFI
2014-11-02 01:59:54 -------- d-----w- C:\Program Files (x86)\GFI
2014-11-02 01:59:44 -------- d-----w- C:\ProgramData\Downloaded Installations
2014-11-02 01:46:33 -------- d-----w- C:\Program Files (x86)\VIPRE
2014-11-02 01:46:24 -------- d-----w- C:\Users\D2\AppData\Roaming\VIPRE
2014-11-02 01:46:24 -------- d-----w- C:\Users\D2\AppData\Local\VIPRE
2014-11-02 01:24:05 -------- d-----w- C:\Users\D2\AppData\Local\Macromedia
2014-11-02 01:15:19 -------- d-----w- C:\Users\D2\AppData\Local\Adobe
2014-11-01 23:35:51 -------- d-----w- C:\Users\D2\AppData\Local\KeePass
2014-11-01 23:24:46 -------- d-----w- C:\Users\D2\AppData\Local\Mozilla
2014-11-01 23:24:41 -------- d-----w- C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-01 23:02:34 -------- d-----w- C:\Users\D2\AppData\Roaming\Windows Live Writer
2014-11-01 23:02:34 -------- d-----w- C:\Users\D2\AppData\Local\Windows Live Writer
2014-11-01 22:58:34 -------- d-----w- C:\Windows\PCHEALTH
2014-11-01 22:46:59 889416 -c--a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\bea897481cff62504\dotNetFx40_Full_setup.exe
2014-11-01 22:46:38 -------- d-----w- C:\Users\D2\AppData\Local\Windows Live
2014-11-01 22:46:27 -------- d-----w- C:\Program Files (x86)\Common Files\Windows Live
2014-11-01 22:18:19 -------- d-----w- C:\Users\D2\AppData\Roaming\QFX Software
2014-11-01 22:18:19 -------- d-----w- C:\ProgramData\QFX Software
2014-11-01 22:17:19 222200 ----a-w- C:\Windows\System32\drivers\keyscrambler.sys
2014-11-01 22:17:18 -------- d-----w- C:\Program Files (x86)\KeyScrambler
2014-11-01 22:14:04 -------- d-----w- C:\Users\D2\AppData\Roaming\TeraCopy
2014-11-01 22:14:01 -------- d-----w- C:\Program Files\TeraCopy
2014-11-01 21:46:34 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll
2014-11-01 21:46:34 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys
2014-11-01 21:46:34 1031680 ----a-w- C:\Windows\System32\rdpcore.dll
2014-11-01 20:58:23 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2014-11-01 20:58:23 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy
2014-11-01 19:47:45 -------- d-----w- C:\Users\D2\AppData\Roaming\KeePass
2014-11-01 19:39:11 -------- d-----w- C:\Program Files (x86)\KeePass Password Safe 2
2014-11-01 19:39:00 -------- d-----w- C:\Users\D2\AppData\Local\Programs
2014-11-01 19:10:06 275080 ------w- C:\Windows\System32\MpSigStub.exe
2014-11-01 19:10:06 11627712 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{194DE415-C1D5-4953-B252-16B3023E7C31}\mpengine.dll
2014-11-01 18:51:59 -------- d-----w- C:\Program Files (x86)\Common Files\Intel Corporation
2014-11-01 18:50:58 -------- d-----w- C:\Users\D2\AppData\Roaming\Intel Corporation
2014-11-01 18:48:23 568600 ----a-w- C:\Windows\System32\drivers\iaStor.sys
2014-11-01 18:47:09 538496 ----a-r- C:\Windows\System32\PROUnstl.exe
2014-11-01 18:46:36 73032 ----a-w- C:\Windows\System32\e1cmsg.dll
2014-11-01 18:46:36 482128 ----a-w- C:\Windows\System32\drivers\e1c62x64.sys
2014-11-01 18:46:36 36472 ----a-w- C:\Windows\System32\NicCo36.dll
2014-11-01 18:46:35 101224 ----a-w- C:\Windows\System32\NicInstC.dll
2014-11-01 18:46:21 -------- d-sh--w- C:\Windows\Installer
2014-11-01 18:42:00 53248 ----a-r- C:\Windows\SysWow64\CSVer.dll
2014-11-01 18:40:40 -------- d-----w- C:\Intel
2014-11-01 18:39:14 -------- d-----w- C:\Windows\Chipset
2014-11-01 18:39:12 16896 ----a-w- C:\Windows\AsTaskSched.dll
2014-11-01 18:39:10 296320 ----a-w- C:\Windows\System32\drivers\volsnap.sys
2014-11-01 18:29:46 -------- d-----w- C:\Windows\System32\SPReview
2014-11-01 18:26:03 2560 ----a-w- C:\Windows\System32\drivers\en-US\rdpwd.sys.mui
2014-11-01 18:26:00 3072 ----a-w- C:\Windows\System32\drivers\en-US\tsusbflt.sys.mui
2014-11-01 18:25:57 6144 ----a-w- C:\Windows\System32\drivers\en-US\IPMIDrv.sys.mui
2014-11-01 18:25:57 4608 ----a-w- C:\Windows\System32\drivers\en-US\kbdclass.sys.mui
2014-11-01 18:21:55 -------- d-----w- C:\Windows\System32\EventProviders
2014-10-16 02:09:54 3528440 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Csi.dll
2014-10-16 02:07:46 5085936 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Csi.dll
.
==================== Find3M ====================
.
2014-11-06 04:04:03 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2014-11-06 04:03:50 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2014-11-06 03:47:03 66560 ----a-w- C:\Windows\System32\iesetup.dll
2014-11-06 03:46:12 580096 ----a-w- C:\Windows\System32\vbscript.dll
2014-11-06 03:46:12 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2014-11-06 03:44:28 88064 ----a-w- C:\Windows\System32\MshtmlDac.dll
2014-11-06 03:30:22 144384 ----a-w- C:\Windows\System32\ieUnatt.exe
2014-11-06 03:30:08 114688 ----a-w- C:\Windows\System32\ieetwcollector.exe
2014-11-06 03:29:18 814080 ----a-w- C:\Windows\System32\jscript9diag.dll
2014-11-06 03:28:20 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-11-06 03:23:57 6040064 ----a-w- C:\Windows\System32\jscript9.dll
2014-11-06 03:20:18 968704 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2014-11-06 03:13:43 501248 ----a-w- C:\Windows\SysWow64\vbscript.dll
2014-11-06 03:13:36 62464 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-11-06 03:12:44 47616 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2014-11-06 03:10:58 64000 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
2014-11-06 03:07:29 77824 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-11-06 02:59:36 115712 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2014-11-06 02:58:38 620032 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2014-11-06 02:42:36 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2014-11-06 02:39:39 1359360 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2014-11-06 02:38:25 2124288 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-11-06 02:21:49 4298240 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-11-06 02:21:25 2051072 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-11-06 02:20:37 1155072 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2014-11-06 02:17:24 2365440 ----a-w- C:\Windows\System32\wininet.dll
2014-11-06 01:52:35 1892864 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-11-02 15:10:16 9728 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-11-01 18:28:43 175616 ----a-w- C:\Windows\System32\msclmd.dll
2014-11-01 18:28:43 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll
2014-10-25 01:57:59 77824 ----a-w- C:\Windows\System32\packager.dll
2014-10-25 01:32:37 67584 ----a-w- C:\Windows\SysWow64\packager.dll
2014-10-18 02:05:23 861696 ----a-w- C:\Windows\System32\oleaut32.dll
2014-10-18 01:33:18 571904 ----a-w- C:\Windows\SysWow64\oleaut32.dll
2014-10-14 02:13:00 3241984 ----a-w- C:\Windows\System32\msi.dll
2014-10-14 01:50:41 2363904 ----a-w- C:\Windows\SysWow64\msi.dll
2014-10-10 00:57:42 3198976 ----a-w- C:\Windows\System32\win32k.sys
2014-10-03 02:12:00 500224 ----a-w- C:\Windows\System32\AUDIOKSE.dll
2014-10-03 02:11:54 284672 ----a-w- C:\Windows\System32\EncDump.dll
2014-10-03 02:11:51 680960 ----a-w- C:\Windows\System32\audiosrv.dll
2014-10-03 02:11:51 440832 ----a-w- C:\Windows\System32\AudioEng.dll
2014-10-03 02:11:51 296448 ----a-w- C:\Windows\System32\AudioSes.dll
2014-10-03 01:44:42 442880 ----a-w- C:\Windows\SysWow64\AUDIOKSE.dll
2014-10-03 01:44:26 374784 ----a-w- C:\Windows\SysWow64\AudioEng.dll
2014-10-03 01:44:26 195584 ----a-w- C:\Windows\SysWow64\AudioSes.dll
2014-10-02 11:21:08 634560 ----a-w- C:\Windows\SysWow64\XceedZip.dll
2014-10-02 11:16:58 95608 ----a-w- C:\Windows\System32\drivers\sbwtis.sys
2014-10-02 11:16:54 345392 ----a-w- C:\Windows\System32\drivers\sbwfw.sys
2014-10-02 11:15:38 88928 ----a-w- C:\Windows\System32\drivers\sbapifs.sys
2014-10-02 11:15:36 48016 ----a-w- C:\Windows\SysWow64\sbbd.exe
2014-10-01 19:53:58 932752 ----a-w- C:\Windows\System32\GfxUIEx.exe
2014-10-01 19:53:58 546704 ----a-w- C:\Windows\System32\DPTopologyApp.exe
2014-10-01 19:53:58 546192 ----a-w- C:\Windows\System32\DPTopologyAppv2_0.exe
2014-10-01 19:53:58 4354448 ----a-w- C:\Windows\System32\Gfxv4_0.exe
2014-10-01 19:53:58 4350864 ----a-w- C:\Windows\System32\Gfxv2_0.exe
2014-10-01 19:53:58 155536 ----a-w- C:\Windows\System32\difx64.exe
2014-10-01 19:53:56 400272 ----a-w- C:\Windows\System32\CustomModeApp.exe
2014-10-01 19:53:56 399760 ----a-w- C:\Windows\System32\CustomModeAppv2_0.exe
2014-09-19 09:42:52 210944 ----a-w- C:\Windows\System32\wdigest.dll
2014-09-19 09:42:51 86528 ----a-w- C:\Windows\System32\TSpkg.dll
2014-09-19 09:42:49 342016 ----a-w- C:\Windows\System32\schannel.dll
2014-09-19 09:42:47 314880 ----a-w- C:\Windows\System32\msv1_0.dll
2014-09-19 09:42:47 309760 ----a-w- C:\Windows\System32\ncrypt.dll
2014-09-19 09:42:44 728064 ----a-w- C:\Windows\System32\kerberos.dll
2014-09-19 09:42:41 22016 ----a-w- C:\Windows\System32\credssp.dll
2014-09-19 09:23:55 172032 ----a-w- C:\Windows\SysWow64\wdigest.dll
2014-09-19 09:23:52 65536 ----a-w- C:\Windows\SysWow64\TSpkg.dll
2014-09-19 09:23:49 248832 ----a-w- C:\Windows\SysWow64\schannel.dll
2014-09-19 09:23:46 221184 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2014-09-19 09:23:45 259584 ----a-w- C:\Windows\SysWow64\msv1_0.dll
2014-09-19 09:23:42 550912 ----a-w- C:\Windows\SysWow64\kerberos.dll
2014-09-19 09:23:36 17408 ----a-w- C:\Windows\SysWow64\credssp.dll
2014-09-09 22:11:04 2048 ----a-w- C:\Windows\System32\tzres.dll
2014-09-09 21:47:10 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2014-09-04 05:23:20 424448 ----a-w- C:\Windows\System32\rastls.dll
2014-09-04 05:04:15 372736 ----a-w- C:\Windows\SysWow64\rastls.dll
2014-08-21 06:43:26 1882624 ----a-w- C:\Windows\System32\msxml3.dll
2014-08-21 06:40:32 2048 ----a-w- C:\Windows\System32\msxml3r.dll
2014-08-21 06:26:21 1237504 ----a-w- C:\Windows\SysWow64\msxml3.dll
2014-08-21 06:23:10 2048 ----a-w- C:\Windows\SysWow64\msxml3r.dll
2011-08-26 15:53:57 293888 ----a-w- C:\Program Files (x86)\NetMeter.exe
2010-10-29 22:57:34 1856512 ----a-w- C:\Program Files (x86)\Default Programs Editor.exe
.
============= FINISH: 11:51:57.93 ===============