While trying to use anything on this laptop, I constantly get bombarded with a "bad image error" prompt box. And it always come from this spvcloader32.dll
I ran malware bytes and antivirus. Malwarebytes found a ton of junk that has been removed, but that is what seems to have started the error messages I keep getting. So here's the dds log and the attached files from gmer as well.
DDS (Ver_2012-11-20.01) - NTFS_AMD64 NETWORK
Internet Explorer: 11.0.9600.16518 BrowserJavaVersion: 11.31.2
Run by Owner at 20:27:16 on 2015-02-15
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.1788.110 [GMT -6:00]
.
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: IObit Malware Fighter *Enabled/Updated* {A751AC20-3B48-5237-898A-78C4436BB78D}
.
============== Running Processes ===============
.
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\Explorer.EXE
C:\windows\system32\ctfmon.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\windows\SysWOW64\rundll32.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA
mStart Page = hxxp://securityresponse.symantec.com/avcenter/fix_homepage
uProxyServer = hxxp=127.0.0.1:8555
uProxyOverride = 127.0.0.1;localhost;10.*;192.168.*;127.0.0.1:895;127.0.0.1:896;<local>
uURLSearchHooks: {7e8a1050-cf67-4575-92df-dcc60e7d952d} - <orphaned>
mURLSearchHooks: {7e8a1050-cf67-4575-92df-dcc60e7d952d} - <orphaned>
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: TidyNetwork: {38D31A86-DDBD-3BAD-ED97-2DDBFD79CADE} - C:\Program Files (x86)\TidyNetwork\petn.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Advanced SystemCare Surfing Protection: {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll
TB: <No Name>: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - LocalServer32 - <no file>
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
uRun: [BackgroundContainer] "C:\windows\SysWOW64\Rundll32.exe" "C:\Users\Owner\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun
uRun: [TBHostSupport] "C:\windows\SysWOW64\Rundll32.exe" "C:\Users\Owner\AppData\Local\TBHostSupport\TBHostSupport.dll",DLLRunTBHostSupportPlugin
uRun: [APISupport] "C:\windows\SysWOW64\Rundll32.exe" "C:\Users\Owner\AppData\Local\Conduit\APISupport\APISupport.dll",DLLRunAPISupport
uRun: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
uRun: [Advanced SystemCare 8] "C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe" /Auto
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [IObit Malware Fighter] "C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /autostart
dRunOnce: [SpUninstallDeleteDir] rmdir /s /q "C:\windows\System32\config\systemprofile\AppData\Roaming\SearchProtect"
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_31-windows-i586.cab
DPF: {CAFEEFAC-0018-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_31-windows-i586.cab
TCP: NameServer = 192.168.1.254
TCP: Interfaces\{B6898D09-EAC2-4F64-963D-DEBC024282F5} : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{B6898D09-EAC2-4F64-963D-DEBC024282F5}\46C696E6B6 : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{B6898D09-EAC2-4F64-963D-DEBC024282F5}\C696E6B6379737 : DHCPNameServer = 68.87.72.134 68.87.77.134
TCP: Interfaces\{B6898D09-EAC2-4F64-963D-DEBC024282F5}\F475E45425D20534F5E4564777F627B6 : DHCPNameServer = 192.168.1.1
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: ExplorerWnd Helper: {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll
x64-BHO: TidyNetwork: {38D31A86-DDBD-3BAD-ED97-2DDBFD79CADE} - C:\Program Files (x86)\TidyNetwork\petn64.dll
x64-BHO: sAveitkeep.: {4141A777-F573-36C3-1F81-01DA443BC257} - C:\ProgramData\sAveitkeep\Ks.x64.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - <orphaned>
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [TPwrMain] C:\Program Files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE
x64-Run: [HSON] C:\Program Files (x86)\TOSHIBA\TBS\HSON.exe
x64-Run: [TosSENotify] "C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe"
x64-Run: [TosReelTimeMonitor] C:\Program Files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\68zk8vdm.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3310511&CUI=UN38578539301001126&UM=2&SearchSource=3&q={searchTerms}
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\68zk8vdm.default\extensions\{650598e1-b35a-45d3-b607-896d7acb64c3}\plugins\np-mswmp.dll
FF - plugin: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\68zk8vdm.default\extensions\{7e8a1050-cf67-4575-92df-dcc60e7d952d}\plugins\np-mswmp.dll
FF - plugin: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\68zk8vdm.default\extensions\{c54a4bc4-2966-40ac-9ca4-ad863d6148ee}\plugins\np-mswmp.dll
FF - plugin: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\68zk8vdm.default\extensions\{d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0}\plugins\np-mswmp.dll
.
============= SERVICES / DRIVERS ===============
.
R0 tos_sps64;TOSHIBA tos_sps64 Service;C:\windows\System32\drivers\tos_sps64.sys [2009-12-11 482384]
R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;C:\windows\System32\drivers\TVALZFL.sys [2009-6-19 14472]
R3 FwLnk;FwLnk Driver;C:\windows\System32\drivers\FwLnk.sys [2009-12-11 9216]
R3 RTL8167;Realtek 8167 NT Driver;C:\windows\System32\drivers\Rt64win7.sys [2015-2-13 942808]
R3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;C:\windows\System32\drivers\rtl8192se.sys [2015-2-13 1226344]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [2015-1-28 26528]
S2 AdvancedSystemCareService8;Advanced SystemCare Service 8;C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe [2015-1-28 815392]
S2 AMD External Events Utility;AMD External Events Utility;C:\windows\System32\atiesrxx.exe [2009-12-11 203264]
S2 BackupStack;Computer Backup (MyPC Backup);C:\Program Files (x86)\MyPC Backup\BackupStack.exe [2014-2-18 36392]
S2 cfWiMAXService;ConfigFree WiMAX Service;C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2009-8-10 248688]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 ConfigFree Gadget Service;ConfigFree Gadget Service;C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe [2009-7-14 42368]
S2 ConfigFree Service;ConfigFree Service;C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-3-10 46448]
S2 IMFservice;IMF Service;C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2015-2-14 344864]
S2 LiveUpdateSvc;LiveUpdate;C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2015-1-28 2724128]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;C:\Program Files\TOSHIBA\TECO\TecoService.exe [2009-8-11 252272]
S3 CnxtHdmiAudService;Conexant UAA HDMI Function Driver for High Definition Audio Service;C:\windows\System32\drivers\CHDMI64.sys [2015-2-13 722488]
S3 FileMonitor;FileMonitor;C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [2015-2-14 23048]
S3 fssfltr;fssfltr;C:\windows\System32\drivers\fssfltr.sys [2012-6-28 48488]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-3-8 1492840]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\windows\System32\ieetwcollector.exe [2014-3-8 111616]
S3 MBAMSwissArmy;MBAMSwissArmy;C:\windows\System32\drivers\MBAMSwissArmy.sys [2015-1-28 129752]
S3 PGEffect;Pangu effect driver;C:\windows\System32\drivers\PGEffect.sys [2009-12-11 35008]
S3 RegFilter;RegFilter;C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\RegFilter.sys [2015-2-14 34848]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\windows\System32\drivers\RtsUStor.sys [2009-12-11 222208]
S3 taphss6;Anchorfree HSS VPN Adapter;C:\windows\System32\drivers\taphss6.sys [2013-1-10 42184]
S3 TMachInfo;TMachInfo;C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2009-12-11 51512]
S3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2009-8-3 137560]
S3 TPCHSrv;TPCH Service;C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2009-8-4 826224]
S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2011-6-7 59392]
S3 UrlFilter;UrlFilter;C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\UrlFilter.sys [2015-2-14 23016]
S3 USBAAPL64;Apple Mobile USB Driver;C:\windows\System32\drivers\usbaapl64.sys [2009-8-28 49152]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\System32\Wat\WatAdminSvc.exe [2010-3-28 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2015-02-16 01:53:43 -------- d-----w- C:\Users\Owner\AppData\Local\{5031B0FD-D36D-4EBF-BC0F-89332EEBC962}
2015-02-14 20:44:05 -------- d-----w- C:\Users\Owner\AppData\Local\{5D938D3B-6FAF-488E-B9A2-BE286616E498}
2015-02-14 18:50:22 55808 ----a-w- C:\windows\System32\rrinstaller.exe
2015-02-14 18:50:22 50176 ----a-w- C:\windows\SysWow64\rrinstaller.exe
2015-02-14 18:50:22 24576 ----a-w- C:\windows\System32\mfpmp.exe
2015-02-14 18:50:22 23040 ----a-w- C:\windows\SysWow64\mfpmp.exe
2015-02-14 18:50:22 206848 ----a-w- C:\windows\System32\mfps.dll
2015-02-14 18:50:22 2048 ----a-w- C:\windows\SysWow64\mferror.dll
2015-02-14 18:50:22 2048 ----a-w- C:\windows\System32\mferror.dll
2015-02-14 18:50:22 103424 ----a-w- C:\windows\SysWow64\mfps.dll
2015-02-14 18:50:21 4121600 ----a-w- C:\windows\System32\mf.dll
2015-02-14 18:50:21 3209728 ----a-w- C:\windows\SysWow64\mf.dll
2015-02-14 18:43:10 2777088 ----a-w- C:\windows\System32\msmpeg2vdec.dll
2015-02-14 18:43:09 2285056 ----a-w- C:\windows\SysWow64\msmpeg2vdec.dll
2015-02-14 06:37:30 99480 ----a-w- C:\windows\SysWow64\infocardapi.dll
2015-02-14 06:37:30 619672 ----a-w- C:\windows\SysWow64\icardagt.exe
2015-02-14 06:37:30 171160 ----a-w- C:\windows\System32\infocardapi.dll
2015-02-14 06:37:30 1389208 ----a-w- C:\windows\System32\icardagt.exe
2015-02-14 06:37:29 8856 ----a-w- C:\windows\SysWow64\icardres.dll
2015-02-14 06:37:29 8856 ----a-w- C:\windows\System32\icardres.dll
2015-02-14 06:37:15 35480 ----a-w- C:\windows\SysWow64\TsWpfWrp.exe
2015-02-14 06:37:15 35480 ----a-w- C:\windows\System32\TsWpfWrp.exe
2015-02-14 06:24:34 861696 ----a-w- C:\windows\System32\oleaut32.dll
2015-02-14 06:24:34 571904 ----a-w- C:\windows\SysWow64\oleaut32.dll
2015-02-14 06:23:14 664064 ----a-w- C:\windows\SysWow64\rpcrt4.dll
2015-02-14 06:23:14 1216000 ----a-w- C:\windows\System32\rpcrt4.dll
2015-02-14 06:15:26 98216 ----a-w- C:\windows\SysWow64\WindowsAccessBridge-32.dll
2015-02-14 06:11:10 -------- d-----w- C:\ProgramData\Oracle
2015-02-14 05:39:11 -------- d-----w- C:\Users\Owner\AppData\Local\{127F96F5-0382-4930-AD18-76B91F10F986}
2015-02-14 05:31:56 2620928 ----a-w- C:\windows\System32\wucltux.dll
2015-02-14 05:31:03 97792 ----a-w- C:\windows\System32\wudriver.dll
2015-02-14 05:31:03 92672 ----a-w- C:\windows\SysWow64\wudriver.dll
2015-02-14 05:30:21 36864 ----a-w- C:\windows\System32\wuapp.exe
2015-02-14 05:30:21 33792 ----a-w- C:\windows\SysWow64\wuapp.exe
2015-02-14 05:30:21 198600 ----a-w- C:\windows\System32\wuwebv.dll
2015-02-14 05:30:21 179656 ----a-w- C:\windows\SysWow64\wuwebv.dll
2015-02-14 04:11:42 942808 ----a-w- C:\windows\System32\drivers\Rt64win7.sys
2015-02-14 04:11:42 73800 ----a-w- C:\windows\System32\RtNicProp64.dll
2015-02-14 04:11:15 1226344 ----a-w- C:\windows\System32\drivers\rtl8192se.sys
2015-02-14 04:10:24 -------- d-----w- C:\Program Files\CONEXANT
2015-02-14 04:10:22 722488 ----a-w- C:\windows\System32\drivers\CHDMI64.sys
2015-02-14 04:10:22 438840 ----a-w- C:\windows\System32\UCI64H55.dll
2015-01-29 06:01:34 -------- d-----w- C:\IObit
2015-01-29 04:51:22 -------- d-----w- C:\Users\Owner\AppData\Roaming\ProductData
2015-01-29 04:51:20 26528 ----a-w- C:\windows\SysWow64\drivers\HWiNFO64A.SYS
2015-01-29 04:49:25 -------- d-----w- C:\ProgramData\ProductData
2015-01-29 04:48:48 -------- d-----w- C:\ProgramData\{BAF091CA-86C4-4627-ADA1-897E2621C1B0}
2015-01-29 04:48:37 -------- d-----w- C:\ProgramData\IObit
2015-01-29 04:48:37 -------- d-----w- C:\Program Files (x86)\Common Files\IObit
2015-01-29 04:48:20 -------- d-----w- C:\Program Files (x86)\IObit
2015-01-29 04:48:18 -------- d-----w- C:\Users\Owner\AppData\Roaming\IObit
2015-01-29 04:29:35 -------- d-----w- C:\Program Files (x86)\SaverAdDon
2015-01-29 04:27:45 -------- d-----w- C:\Users\Owner\AppData\Roaming\Roxio Log Files
2015-01-29 04:26:27 -------- d-----w- C:\Program Files (x86)\realdieaL
2015-01-28 18:23:57 -------- d-----w- C:\Program Files\SaverAdDon
2015-01-28 18:23:51 -------- d-----w- C:\ProgramData\15794066317726514482UL
2015-01-28 18:23:41 -------- d-----w- C:\Program Files\realdieaL
2015-01-28 17:49:15 -------- d-----w- C:\Users\Owner\AppData\Local\{1D994E93-3F2E-4838-96DD-B4F4B386FD7A}
2015-01-28 16:41:14 129752 ----a-w- C:\windows\System32\drivers\MBAMSwissArmy.sys
2015-01-28 16:40:59 93400 ----a-w- C:\windows\System32\drivers\mbamchameleon.sys
2015-01-28 16:40:59 63704 ----a-w- C:\windows\System32\drivers\mwac.sys
2015-01-28 16:40:59 25816 ----a-w- C:\windows\System32\drivers\mbam.sys
2015-01-28 16:40:59 -------- d-----w- C:\ProgramData\Malwarebytes
2015-01-28 16:40:59 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-01-28 16:40:48 -------- d-----w- C:\Users\Owner\AppData\Local\Programs
2015-01-28 16:40:26 -------- d-----w- C:\Program Files\CCleaner
2015-01-28 16:19:36 -------- d-----w- C:\Users\Owner\AppData\Local\{24E8519B-5E53-42DA-9983-1ACDC71C2933}
.
==================== Find3M ====================
.
2015-02-14 04:11:42 107552 ----a-w- C:\windows\System32\RTNUninst64.dll
2014-11-18 20:56:48 1202848 ----a-w- C:\windows\SysWow64\FM20.DLL
.
============= FINISH: 20:30:23.80 ===============
I ran malware bytes and antivirus. Malwarebytes found a ton of junk that has been removed, but that is what seems to have started the error messages I keep getting. So here's the dds log and the attached files from gmer as well.
DDS (Ver_2012-11-20.01) - NTFS_AMD64 NETWORK
Internet Explorer: 11.0.9600.16518 BrowserJavaVersion: 11.31.2
Run by Owner at 20:27:16 on 2015-02-15
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.1788.110 [GMT -6:00]
.
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: IObit Malware Fighter *Enabled/Updated* {A751AC20-3B48-5237-898A-78C4436BB78D}
.
============== Running Processes ===============
.
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\Explorer.EXE
C:\windows\system32\ctfmon.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\windows\SysWOW64\rundll32.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA
mStart Page = hxxp://securityresponse.symantec.com/avcenter/fix_homepage
uProxyServer = hxxp=127.0.0.1:8555
uProxyOverride = 127.0.0.1;localhost;10.*;192.168.*;127.0.0.1:895;127.0.0.1:896;<local>
uURLSearchHooks: {7e8a1050-cf67-4575-92df-dcc60e7d952d} - <orphaned>
mURLSearchHooks: {7e8a1050-cf67-4575-92df-dcc60e7d952d} - <orphaned>
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: TidyNetwork: {38D31A86-DDBD-3BAD-ED97-2DDBFD79CADE} - C:\Program Files (x86)\TidyNetwork\petn.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Advanced SystemCare Surfing Protection: {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll
TB: <No Name>: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - LocalServer32 - <no file>
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
uRun: [BackgroundContainer] "C:\windows\SysWOW64\Rundll32.exe" "C:\Users\Owner\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun
uRun: [TBHostSupport] "C:\windows\SysWOW64\Rundll32.exe" "C:\Users\Owner\AppData\Local\TBHostSupport\TBHostSupport.dll",DLLRunTBHostSupportPlugin
uRun: [APISupport] "C:\windows\SysWOW64\Rundll32.exe" "C:\Users\Owner\AppData\Local\Conduit\APISupport\APISupport.dll",DLLRunAPISupport
uRun: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
uRun: [Advanced SystemCare 8] "C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe" /Auto
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [IObit Malware Fighter] "C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /autostart
dRunOnce: [SpUninstallDeleteDir] rmdir /s /q "C:\windows\System32\config\systemprofile\AppData\Roaming\SearchProtect"
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_31-windows-i586.cab
DPF: {CAFEEFAC-0018-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_31-windows-i586.cab
TCP: NameServer = 192.168.1.254
TCP: Interfaces\{B6898D09-EAC2-4F64-963D-DEBC024282F5} : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{B6898D09-EAC2-4F64-963D-DEBC024282F5}\46C696E6B6 : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{B6898D09-EAC2-4F64-963D-DEBC024282F5}\C696E6B6379737 : DHCPNameServer = 68.87.72.134 68.87.77.134
TCP: Interfaces\{B6898D09-EAC2-4F64-963D-DEBC024282F5}\F475E45425D20534F5E4564777F627B6 : DHCPNameServer = 192.168.1.1
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: ExplorerWnd Helper: {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll
x64-BHO: TidyNetwork: {38D31A86-DDBD-3BAD-ED97-2DDBFD79CADE} - C:\Program Files (x86)\TidyNetwork\petn64.dll
x64-BHO: sAveitkeep.: {4141A777-F573-36C3-1F81-01DA443BC257} - C:\ProgramData\sAveitkeep\Ks.x64.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - <orphaned>
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [TPwrMain] C:\Program Files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE
x64-Run: [HSON] C:\Program Files (x86)\TOSHIBA\TBS\HSON.exe
x64-Run: [TosSENotify] "C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe"
x64-Run: [TosReelTimeMonitor] C:\Program Files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\68zk8vdm.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3310511&CUI=UN38578539301001126&UM=2&SearchSource=3&q={searchTerms}
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\68zk8vdm.default\extensions\{650598e1-b35a-45d3-b607-896d7acb64c3}\plugins\np-mswmp.dll
FF - plugin: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\68zk8vdm.default\extensions\{7e8a1050-cf67-4575-92df-dcc60e7d952d}\plugins\np-mswmp.dll
FF - plugin: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\68zk8vdm.default\extensions\{c54a4bc4-2966-40ac-9ca4-ad863d6148ee}\plugins\np-mswmp.dll
FF - plugin: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\68zk8vdm.default\extensions\{d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0}\plugins\np-mswmp.dll
.
============= SERVICES / DRIVERS ===============
.
R0 tos_sps64;TOSHIBA tos_sps64 Service;C:\windows\System32\drivers\tos_sps64.sys [2009-12-11 482384]
R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;C:\windows\System32\drivers\TVALZFL.sys [2009-6-19 14472]
R3 FwLnk;FwLnk Driver;C:\windows\System32\drivers\FwLnk.sys [2009-12-11 9216]
R3 RTL8167;Realtek 8167 NT Driver;C:\windows\System32\drivers\Rt64win7.sys [2015-2-13 942808]
R3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;C:\windows\System32\drivers\rtl8192se.sys [2015-2-13 1226344]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [2015-1-28 26528]
S2 AdvancedSystemCareService8;Advanced SystemCare Service 8;C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe [2015-1-28 815392]
S2 AMD External Events Utility;AMD External Events Utility;C:\windows\System32\atiesrxx.exe [2009-12-11 203264]
S2 BackupStack;Computer Backup (MyPC Backup);C:\Program Files (x86)\MyPC Backup\BackupStack.exe [2014-2-18 36392]
S2 cfWiMAXService;ConfigFree WiMAX Service;C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2009-8-10 248688]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 ConfigFree Gadget Service;ConfigFree Gadget Service;C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe [2009-7-14 42368]
S2 ConfigFree Service;ConfigFree Service;C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-3-10 46448]
S2 IMFservice;IMF Service;C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2015-2-14 344864]
S2 LiveUpdateSvc;LiveUpdate;C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2015-1-28 2724128]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;C:\Program Files\TOSHIBA\TECO\TecoService.exe [2009-8-11 252272]
S3 CnxtHdmiAudService;Conexant UAA HDMI Function Driver for High Definition Audio Service;C:\windows\System32\drivers\CHDMI64.sys [2015-2-13 722488]
S3 FileMonitor;FileMonitor;C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [2015-2-14 23048]
S3 fssfltr;fssfltr;C:\windows\System32\drivers\fssfltr.sys [2012-6-28 48488]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-3-8 1492840]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\windows\System32\ieetwcollector.exe [2014-3-8 111616]
S3 MBAMSwissArmy;MBAMSwissArmy;C:\windows\System32\drivers\MBAMSwissArmy.sys [2015-1-28 129752]
S3 PGEffect;Pangu effect driver;C:\windows\System32\drivers\PGEffect.sys [2009-12-11 35008]
S3 RegFilter;RegFilter;C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\RegFilter.sys [2015-2-14 34848]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\windows\System32\drivers\RtsUStor.sys [2009-12-11 222208]
S3 taphss6;Anchorfree HSS VPN Adapter;C:\windows\System32\drivers\taphss6.sys [2013-1-10 42184]
S3 TMachInfo;TMachInfo;C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2009-12-11 51512]
S3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2009-8-3 137560]
S3 TPCHSrv;TPCH Service;C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2009-8-4 826224]
S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2011-6-7 59392]
S3 UrlFilter;UrlFilter;C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\UrlFilter.sys [2015-2-14 23016]
S3 USBAAPL64;Apple Mobile USB Driver;C:\windows\System32\drivers\usbaapl64.sys [2009-8-28 49152]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\System32\Wat\WatAdminSvc.exe [2010-3-28 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2015-02-16 01:53:43 -------- d-----w- C:\Users\Owner\AppData\Local\{5031B0FD-D36D-4EBF-BC0F-89332EEBC962}
2015-02-14 20:44:05 -------- d-----w- C:\Users\Owner\AppData\Local\{5D938D3B-6FAF-488E-B9A2-BE286616E498}
2015-02-14 18:50:22 55808 ----a-w- C:\windows\System32\rrinstaller.exe
2015-02-14 18:50:22 50176 ----a-w- C:\windows\SysWow64\rrinstaller.exe
2015-02-14 18:50:22 24576 ----a-w- C:\windows\System32\mfpmp.exe
2015-02-14 18:50:22 23040 ----a-w- C:\windows\SysWow64\mfpmp.exe
2015-02-14 18:50:22 206848 ----a-w- C:\windows\System32\mfps.dll
2015-02-14 18:50:22 2048 ----a-w- C:\windows\SysWow64\mferror.dll
2015-02-14 18:50:22 2048 ----a-w- C:\windows\System32\mferror.dll
2015-02-14 18:50:22 103424 ----a-w- C:\windows\SysWow64\mfps.dll
2015-02-14 18:50:21 4121600 ----a-w- C:\windows\System32\mf.dll
2015-02-14 18:50:21 3209728 ----a-w- C:\windows\SysWow64\mf.dll
2015-02-14 18:43:10 2777088 ----a-w- C:\windows\System32\msmpeg2vdec.dll
2015-02-14 18:43:09 2285056 ----a-w- C:\windows\SysWow64\msmpeg2vdec.dll
2015-02-14 06:37:30 99480 ----a-w- C:\windows\SysWow64\infocardapi.dll
2015-02-14 06:37:30 619672 ----a-w- C:\windows\SysWow64\icardagt.exe
2015-02-14 06:37:30 171160 ----a-w- C:\windows\System32\infocardapi.dll
2015-02-14 06:37:30 1389208 ----a-w- C:\windows\System32\icardagt.exe
2015-02-14 06:37:29 8856 ----a-w- C:\windows\SysWow64\icardres.dll
2015-02-14 06:37:29 8856 ----a-w- C:\windows\System32\icardres.dll
2015-02-14 06:37:15 35480 ----a-w- C:\windows\SysWow64\TsWpfWrp.exe
2015-02-14 06:37:15 35480 ----a-w- C:\windows\System32\TsWpfWrp.exe
2015-02-14 06:24:34 861696 ----a-w- C:\windows\System32\oleaut32.dll
2015-02-14 06:24:34 571904 ----a-w- C:\windows\SysWow64\oleaut32.dll
2015-02-14 06:23:14 664064 ----a-w- C:\windows\SysWow64\rpcrt4.dll
2015-02-14 06:23:14 1216000 ----a-w- C:\windows\System32\rpcrt4.dll
2015-02-14 06:15:26 98216 ----a-w- C:\windows\SysWow64\WindowsAccessBridge-32.dll
2015-02-14 06:11:10 -------- d-----w- C:\ProgramData\Oracle
2015-02-14 05:39:11 -------- d-----w- C:\Users\Owner\AppData\Local\{127F96F5-0382-4930-AD18-76B91F10F986}
2015-02-14 05:31:56 2620928 ----a-w- C:\windows\System32\wucltux.dll
2015-02-14 05:31:03 97792 ----a-w- C:\windows\System32\wudriver.dll
2015-02-14 05:31:03 92672 ----a-w- C:\windows\SysWow64\wudriver.dll
2015-02-14 05:30:21 36864 ----a-w- C:\windows\System32\wuapp.exe
2015-02-14 05:30:21 33792 ----a-w- C:\windows\SysWow64\wuapp.exe
2015-02-14 05:30:21 198600 ----a-w- C:\windows\System32\wuwebv.dll
2015-02-14 05:30:21 179656 ----a-w- C:\windows\SysWow64\wuwebv.dll
2015-02-14 04:11:42 942808 ----a-w- C:\windows\System32\drivers\Rt64win7.sys
2015-02-14 04:11:42 73800 ----a-w- C:\windows\System32\RtNicProp64.dll
2015-02-14 04:11:15 1226344 ----a-w- C:\windows\System32\drivers\rtl8192se.sys
2015-02-14 04:10:24 -------- d-----w- C:\Program Files\CONEXANT
2015-02-14 04:10:22 722488 ----a-w- C:\windows\System32\drivers\CHDMI64.sys
2015-02-14 04:10:22 438840 ----a-w- C:\windows\System32\UCI64H55.dll
2015-01-29 06:01:34 -------- d-----w- C:\IObit
2015-01-29 04:51:22 -------- d-----w- C:\Users\Owner\AppData\Roaming\ProductData
2015-01-29 04:51:20 26528 ----a-w- C:\windows\SysWow64\drivers\HWiNFO64A.SYS
2015-01-29 04:49:25 -------- d-----w- C:\ProgramData\ProductData
2015-01-29 04:48:48 -------- d-----w- C:\ProgramData\{BAF091CA-86C4-4627-ADA1-897E2621C1B0}
2015-01-29 04:48:37 -------- d-----w- C:\ProgramData\IObit
2015-01-29 04:48:37 -------- d-----w- C:\Program Files (x86)\Common Files\IObit
2015-01-29 04:48:20 -------- d-----w- C:\Program Files (x86)\IObit
2015-01-29 04:48:18 -------- d-----w- C:\Users\Owner\AppData\Roaming\IObit
2015-01-29 04:29:35 -------- d-----w- C:\Program Files (x86)\SaverAdDon
2015-01-29 04:27:45 -------- d-----w- C:\Users\Owner\AppData\Roaming\Roxio Log Files
2015-01-29 04:26:27 -------- d-----w- C:\Program Files (x86)\realdieaL
2015-01-28 18:23:57 -------- d-----w- C:\Program Files\SaverAdDon
2015-01-28 18:23:51 -------- d-----w- C:\ProgramData\15794066317726514482UL
2015-01-28 18:23:41 -------- d-----w- C:\Program Files\realdieaL
2015-01-28 17:49:15 -------- d-----w- C:\Users\Owner\AppData\Local\{1D994E93-3F2E-4838-96DD-B4F4B386FD7A}
2015-01-28 16:41:14 129752 ----a-w- C:\windows\System32\drivers\MBAMSwissArmy.sys
2015-01-28 16:40:59 93400 ----a-w- C:\windows\System32\drivers\mbamchameleon.sys
2015-01-28 16:40:59 63704 ----a-w- C:\windows\System32\drivers\mwac.sys
2015-01-28 16:40:59 25816 ----a-w- C:\windows\System32\drivers\mbam.sys
2015-01-28 16:40:59 -------- d-----w- C:\ProgramData\Malwarebytes
2015-01-28 16:40:59 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-01-28 16:40:48 -------- d-----w- C:\Users\Owner\AppData\Local\Programs
2015-01-28 16:40:26 -------- d-----w- C:\Program Files\CCleaner
2015-01-28 16:19:36 -------- d-----w- C:\Users\Owner\AppData\Local\{24E8519B-5E53-42DA-9983-1ACDC71C2933}
.
==================== Find3M ====================
.
2015-02-14 04:11:42 107552 ----a-w- C:\windows\System32\RTNUninst64.dll
2014-11-18 20:56:48 1202848 ----a-w- C:\windows\SysWow64\FM20.DLL
.
============= FINISH: 20:30:23.80 ===============