Hi. I think i downloaded something bad and it keeps trying to install programs on my computer. iv deleted them off my computer in the control panel several times and they just keep coming back again and again. Some of the programs are ytdownloader, Search protect, Coupon version 1.0, Health Alert, PastaLeads, Win PC Optimizer, GSafe, Cinema PlusV04.05, Solid YouTube Downloader and Converter 6.2.0.1, and theres some other ones i cant remember right off hand because i have deleted them and these are the ones that have came back so far. It also Keeps closing my web browser.
Here is everything from the instructions page.
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17239 BrowserJavaVersion: 11.31.2
Run by Logan at 7:09:33 on 2015-05-04
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.8174.5868 [GMT -5:00]
.
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
C:\Windows\system32\taskhost.exe
C:\AMD\amdacpusrsvc.exe
C:\Windows\system32\svchost.exe -k apphost
C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
C:\Users\Logan\AppData\Roaming\0E4B6A40-1430734893-11D4-BCB9-60A44C431969\nsz34F2.tmpfs
C:\Windows\system32\taskeng.exe
C:\Program Files\EslWire\service\WireHelperSvc.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
C:\Users\Logan\AppData\Roaming\0E4B6A40-1430533208-11D4-BCB9-60A44C431969\jnsk9349.tmp
C:\Program Files (x86)\Razer\Core\64bit\rzovlmon.exe
C:\Windows\system32\sppsvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k iissvcs
C:\Users\Logan\AppData\Roaming\0E4B6A40-1430734893-11D4-BCB9-60A44C431969\jnst61A2.tmp
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Program Files (x86)\MagicDisc\MagicDisc.exe
C:\Program Files (x86)\Logitech\G930\G930.exe
C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\taskeng.exe
C:\Windows\system32\wbengine.exe
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\System32\vds.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = Google
mURLSearchHooks: <No Name>: - LocalServer32 - <no file>
mWinlogon: Userinit = userinit.exe,
BHO: AcroIEHlprObj Class: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
BHO: MSS+ Identifier: {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll
BHO: SteadyVideoBHO Class: {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\AMD\SteadyVideo\SteadyVideo.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll
BHO: Skype Click to Call for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll
mRun: [Logitech G930] C:\Program Files (x86)\Logitech\G930\G930.exe
mRun: [Razer Synapse] "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
mRun: [StartCCC] "C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
dRunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
StartupFolder: C:\Users\Logan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip
StartupFolder: C:\Users\Logan\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\MAGICD~1.LNK - C:\Program Files (x86)\MagicDisc\MagicDisc.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\GIGABY~1.LNK - C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: NameServer = 192.168.1.254
TCP: Interfaces\{18AF4B63-1F51-4E6F-AC44-530CFC0800F4} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{48759ACE-BEE2-45E5-943D-873E43AA1C91} : DHCPNameServer = 192.168.1.254
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
SSODL: WebCheck - <orphaned>
x64-BHO: SteadyVideoBHO Class: {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll
x64-BHO: Skype Click to Call for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll
x64-Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R1 RzFilter;RzFilter;C:\Windows\System32\drivers\RzFilter.sys [2014-9-21 74432]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2014-11-20 244736]
R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [2014-11-20 344064]
R2 amdacpusrsvc;ACP User Service;C:\AMD\amdacpusrsvc.exe [2013-11-29 94208]
R2 AODDriver4.3;AODDriver4.3;C:\Program Files\AMD\ATI.ACE\Fuel\amd64\aoddriver2.sys [2014-2-11 59616]
R2 c2cautoupdatesvc;Skype Click to Call Updater;C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-7-14 1390176]
R2 c2cpnrsvc;Skype Click to Call PNR Service;C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-7-14 1767520]
R2 detoqoke;Star Key Arrow;C:\Users\Logan\AppData\Roaming\0E4B6A40-1430734893-11D4-BCB9-60A44C431969\nsz34F2.tmpfs [2015-5-4 324608]
R2 EslWireHelper;ESL Wire Helper Service;C:\Program Files\EslWire\service\WireHelperSvc.exe [2015-4-19 663056]
R2 Razer Game Scanner Service;Razer Game Scanner;C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [2015-2-4 187072]
R2 riqeneho;Go To NOT;C:\Users\Logan\AppData\Roaming\0E4B6A40-1430533208-11D4-BCB9-60A44C431969\jnsk9349.tmp [2015-5-1 198656]
R2 RzOvlMon;Razer Overlay Subsystem Emergency Service;C:\Program Files (x86)\Razer\Core\64bit\RzOvlMon.exe [2014-4-18 32960]
R2 rzpmgrk;rzpmgrk;C:\Windows\System32\drivers\rzpmgrk.sys [2015-3-10 37184]
R2 rzpnk;rzpnk;C:\Windows\System32\drivers\rzpnk.sys [2015-3-10 129600]
R2 wyzicyjy;CD Drive Carbon Copy;C:\Users\Logan\AppData\Roaming\0E4B6A40-1430734893-11D4-BCB9-60A44C431969\jnst61A2.tmp [2015-5-4 224768]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2014-6-21 94720]
R3 LADF_BakerCOnly;BakerC Filter Driver;C:\Windows\System32\drivers\ladfBakerCamd64.sys [2011-3-18 410184]
R3 LADF_BakerROnly;BakerR Filter Driver;C:\Windows\System32\drivers\ladfBakerRamd64.sys [2011-3-18 335688]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2013-12-14 676968]
R3 RzDxgk;RzDxgk;C:\Windows\System32\drivers\RzDxgk.sys [2014-9-21 129472]
R3 rzudd;Razer Mouse Driver;C:\Windows\System32\drivers\rzudd.sys [2014-12-30 177832]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2014-9-26 60640]
S2 amdacpksd;ACP Kernel Service Driver;C:\Windows\System32\drivers\amdacpksd.sys [2014-11-20 294600]
S2 BrsHelper;BrsHelper;C:\PROGRA~2\YTDOWN~1\BROWSE~2.EXE --> C:\PROGRA~2\YTDOWN~1\BROWSE~2.EXE [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S3 amdiox64;AMD IO Driver;C:\Windows\System32\drivers\amdiox64.sys [2013-12-14 46136]
S3 asmthub3;ASMedia USB3 Hub Service;C:\Windows\System32\drivers\asmthub3.sys [2012-5-2 134944]
S3 asmtxhci;ASMEDIA XHCI Service;C:\Windows\System32\drivers\asmtxhci.sys [2012-5-2 403232]
S3 EasyAntiCheat;EasyAntiCheat;C:\Windows\System32\EasyAntiCheat.exe --> C:\Windows\System32\EasyAntiCheat.exe [?]
S3 GPCIDrv;GPCIDrv;C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\GPCIDrv64.sys [2010-2-4 14376]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-10-9 111616]
S3 ivusb;Initio Driver for USB Default Controller;C:\Windows\System32\drivers\ivusb.sys [2010-7-29 29720]
S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [2013-9-6 288776]
S3 npggsvc;nProtect GameGuard Service;C:\Windows\System32\GameMon.des -service --> C:\Windows\System32\GameMon.des -service [?]
S3 NTIOLib_1_0_2;NTIOLib_1_0_2;C:\Program Files (x86)\MSI\BIOS Code Unlocked Technology\NTIOLib_X64.sys [2013-12-14 14136]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2014-4-28 20992]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2014-4-30 59392]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2014-7-28 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2014-4-29 1255736]
.
=============== File Associations ===============
.
ShellExec: SC2Editor.exe: open="F:/StarCraft II/Support/SC2Editor.exe" "%1"
ShellExec: SC2Switcher.exe: open="F:/StarCraft II/Support/SC2Switcher.exe" "%1"
.
=============== Created Last 30 ================
.
2015-05-04 11:16:15 -------- d-----w- C:\ProgramData\c26b4b42000056b9
2015-05-04 11:14:48 -------- d-----w- C:\Program Files (x86)\Winsta
2015-05-04 11:14:47 -------- d-----w- C:\Users\Logan\AppData\Roaming\PDFConvert
2015-05-04 11:14:47 -------- d-----w- C:\Program Files (x86)\Convertor
2015-05-04 10:52:33 -------- d-----w- C:\ProgramData\8120a8d5db28477b8215e16c52d657fb
2015-05-04 10:52:30 -------- d-----w- C:\ProgramData\d1033df487f240778127c98610c04a8c
2015-05-04 10:24:51 -------- d-----w- C:\Users\Logan\AppData\Local\0E4B6A40-1430717090-11D4-BCB9-60A44C431969
2015-05-04 10:21:33 -------- d-----w- C:\Users\Logan\AppData\Roaming\0E4B6A40-1430734893-11D4-BCB9-60A44C431969
2015-05-04 02:48:08 -------- d-----w- C:\ProgramData\d8557c09000012ba
2015-05-04 02:35:38 -------- d-----w- C:\ProgramData\COMODO
2015-05-04 02:35:26 -------- d-----w- C:\Program Files\COMODO
2015-05-04 02:34:11 -------- d-----w- C:\Users\Logan\AppData\Local\IsolatedStorage
2015-05-04 02:21:36 -------- d-----w- C:\ProgramData\340a6c9800001aa5
2015-05-04 02:16:40 -------- d-----w- C:\Users\Logan\AppData\Roaming\0E4B6A40-1430705800-11D4-BCB9-60A44C431969
2015-05-04 02:10:51 -------- d-----w- C:\ProgramData\4e23033f000075f0
2015-05-03 17:55:25 1358 ----a-w- C:\Windows\SysWow64\SetupComponents.exe
2015-05-02 02:40:27 -------- d-----w- C:\Program Files (x86)\predm
2015-05-02 02:35:42 -------- d-----w- C:\Users\Logan\AppData\Local\Installer
2015-05-02 02:35:42 -------- d-----w- C:\Users\Logan\AppData\Local\CrashRpt
2015-05-02 02:28:49 -------- d-----w- C:\Program Files (x86)\Portable WeatherApp
2015-05-02 02:27:43 -------- d-----w- C:\Users\Logan\AppData\Local\B6CE6B97-AE2F-C94F-9BE3-BADA06BADAFA
2015-05-02 02:27:28 -------- d-----w- C:\Users\Logan\AppData\Roaming\0E4B6A40-1430533648-11D4-BCB9-60A44C431969
2015-05-02 02:23:22 -------- d-----w- C:\Users\Logan\AppData\Local\0E4B6A40-1430515402-11D4-BCB9-60A44C431969
2015-05-02 02:22:43 -------- d-----w- C:\Program Files (x86)\PrIicceLess
2015-05-02 02:22:30 -------- d-----w- C:\ProgramData\bkcpedpfihbhmebbcdbldmjdjpkeoibp
2015-05-02 02:21:19 -------- d-----w- C:\ProgramData\3fa9de6a8abf4b0cb7f4dd6861d18166
2015-05-02 02:21:03 -------- d-----w- C:\ProgramData\6b76e2d8894c4c718105cc0b3839ce57
2015-05-02 02:21:01 -------- d-----w- C:\Program Files (x86)\FlashBeat
2015-05-02 02:20:36 -------- d-----w- C:\Program Files (x86)\db089120-dfab-4167-bb6a-9db27dc25796
2015-05-02 02:20:16 -------- d-----w- C:\Users\Logan\AppData\Local\globalUpdate
2015-05-02 02:20:16 -------- d-----w- C:\Program Files (x86)\globalUpdate
2015-05-02 02:20:08 -------- d-----w- C:\Users\Logan\AppData\Roaming\0E4B6A40-1430533208-11D4-BCB9-60A44C431969
2015-05-02 02:19:40 -------- d-----w- C:\Program Files (x86)\ConnectPC
2015-05-02 02:18:48 -------- d-----w- C:\Users\Logan\AppData\Local\SuperDriversUpdater
2015-05-02 02:18:44 -------- d-----w- C:\Program Files (x86)\Super Driver Updater
2015-05-02 02:18:20 -------- d-----w- C:\ProgramData\6515275939571438658
2015-05-02 02:18:19 -------- d-----w- C:\Program Files (x86)\PurriCeeLeess
2015-05-02 02:17:49 -------- d-----w- C:\ProgramData\ocobdgjhelgmhjoalnjbiiodhgiifjda
2015-05-02 02:17:37 -------- d-----w- C:\Program Files (x86)\Priceless
2015-05-02 02:17:35 -------- d-----w- C:\Program Files (x86)\app_setup
2015-05-02 02:17:29 -------- d-----w- C:\Users\Logan\AppData\Local\Geckofx
2015-04-22 21:44:09 -------- d-----w- C:\ArcheAge
2015-04-19 10:13:48 -------- d-----w- C:\Users\Logan\AppData\Local\ESL Wire Game Client
2015-04-19 10:13:45 -------- d-----w- C:\ProgramData\ESL Wire
2015-04-19 10:13:45 -------- d-----w- C:\Program Files\EslWire
2015-04-04 19:14:25 -------- d-----w- C:\Program Files (x86)\TerraMap
.
==================== Find3M ====================
.
2015-05-04 11:19:39 129752 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2015-04-15 09:39:23 778416 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2015-04-15 09:39:23 142512 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2015-03-14 05:49:32 9728 ----a-w- C:\Windows\SysWow64\RzStats.IPC.dll
2015-02-20 08:40:24 237864 ----a-w- C:\Windows\SysWow64\EasyAntiCheat.exe
2015-02-08 21:40:36 98216 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2015-02-05 09:37:26 347464 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr
2015-02-05 09:37:26 347464 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
2015-02-04 23:24:36 37184 ----a-w- C:\Windows\System32\drivers\rzpmgrk.sys
2015-02-04 20:17:40 129600 ----a-w- C:\Windows\System32\drivers\rzpnk.sys
.
============= FINISH: 7:09:57.41 ===============
Here is everything from the instructions page.
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17239 BrowserJavaVersion: 11.31.2
Run by Logan at 7:09:33 on 2015-05-04
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.8174.5868 [GMT -5:00]
.
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
C:\Windows\system32\taskhost.exe
C:\AMD\amdacpusrsvc.exe
C:\Windows\system32\svchost.exe -k apphost
C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
C:\Users\Logan\AppData\Roaming\0E4B6A40-1430734893-11D4-BCB9-60A44C431969\nsz34F2.tmpfs
C:\Windows\system32\taskeng.exe
C:\Program Files\EslWire\service\WireHelperSvc.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
C:\Users\Logan\AppData\Roaming\0E4B6A40-1430533208-11D4-BCB9-60A44C431969\jnsk9349.tmp
C:\Program Files (x86)\Razer\Core\64bit\rzovlmon.exe
C:\Windows\system32\sppsvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k iissvcs
C:\Users\Logan\AppData\Roaming\0E4B6A40-1430734893-11D4-BCB9-60A44C431969\jnst61A2.tmp
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Program Files (x86)\MagicDisc\MagicDisc.exe
C:\Program Files (x86)\Logitech\G930\G930.exe
C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\taskeng.exe
C:\Windows\system32\wbengine.exe
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\System32\vds.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = Google
mURLSearchHooks: <No Name>: - LocalServer32 - <no file>
mWinlogon: Userinit = userinit.exe,
BHO: AcroIEHlprObj Class: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
BHO: MSS+ Identifier: {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll
BHO: SteadyVideoBHO Class: {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\AMD\SteadyVideo\SteadyVideo.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll
BHO: Skype Click to Call for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll
mRun: [Logitech G930] C:\Program Files (x86)\Logitech\G930\G930.exe
mRun: [Razer Synapse] "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
mRun: [StartCCC] "C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
dRunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
StartupFolder: C:\Users\Logan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip
StartupFolder: C:\Users\Logan\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\MAGICD~1.LNK - C:\Program Files (x86)\MagicDisc\MagicDisc.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\GIGABY~1.LNK - C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: NameServer = 192.168.1.254
TCP: Interfaces\{18AF4B63-1F51-4E6F-AC44-530CFC0800F4} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{48759ACE-BEE2-45E5-943D-873E43AA1C91} : DHCPNameServer = 192.168.1.254
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
SSODL: WebCheck - <orphaned>
x64-BHO: SteadyVideoBHO Class: {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll
x64-BHO: Skype Click to Call for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll
x64-Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R1 RzFilter;RzFilter;C:\Windows\System32\drivers\RzFilter.sys [2014-9-21 74432]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2014-11-20 244736]
R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [2014-11-20 344064]
R2 amdacpusrsvc;ACP User Service;C:\AMD\amdacpusrsvc.exe [2013-11-29 94208]
R2 AODDriver4.3;AODDriver4.3;C:\Program Files\AMD\ATI.ACE\Fuel\amd64\aoddriver2.sys [2014-2-11 59616]
R2 c2cautoupdatesvc;Skype Click to Call Updater;C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-7-14 1390176]
R2 c2cpnrsvc;Skype Click to Call PNR Service;C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-7-14 1767520]
R2 detoqoke;Star Key Arrow;C:\Users\Logan\AppData\Roaming\0E4B6A40-1430734893-11D4-BCB9-60A44C431969\nsz34F2.tmpfs [2015-5-4 324608]
R2 EslWireHelper;ESL Wire Helper Service;C:\Program Files\EslWire\service\WireHelperSvc.exe [2015-4-19 663056]
R2 Razer Game Scanner Service;Razer Game Scanner;C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [2015-2-4 187072]
R2 riqeneho;Go To NOT;C:\Users\Logan\AppData\Roaming\0E4B6A40-1430533208-11D4-BCB9-60A44C431969\jnsk9349.tmp [2015-5-1 198656]
R2 RzOvlMon;Razer Overlay Subsystem Emergency Service;C:\Program Files (x86)\Razer\Core\64bit\RzOvlMon.exe [2014-4-18 32960]
R2 rzpmgrk;rzpmgrk;C:\Windows\System32\drivers\rzpmgrk.sys [2015-3-10 37184]
R2 rzpnk;rzpnk;C:\Windows\System32\drivers\rzpnk.sys [2015-3-10 129600]
R2 wyzicyjy;CD Drive Carbon Copy;C:\Users\Logan\AppData\Roaming\0E4B6A40-1430734893-11D4-BCB9-60A44C431969\jnst61A2.tmp [2015-5-4 224768]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2014-6-21 94720]
R3 LADF_BakerCOnly;BakerC Filter Driver;C:\Windows\System32\drivers\ladfBakerCamd64.sys [2011-3-18 410184]
R3 LADF_BakerROnly;BakerR Filter Driver;C:\Windows\System32\drivers\ladfBakerRamd64.sys [2011-3-18 335688]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2013-12-14 676968]
R3 RzDxgk;RzDxgk;C:\Windows\System32\drivers\RzDxgk.sys [2014-9-21 129472]
R3 rzudd;Razer Mouse Driver;C:\Windows\System32\drivers\rzudd.sys [2014-12-30 177832]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2014-9-26 60640]
S2 amdacpksd;ACP Kernel Service Driver;C:\Windows\System32\drivers\amdacpksd.sys [2014-11-20 294600]
S2 BrsHelper;BrsHelper;C:\PROGRA~2\YTDOWN~1\BROWSE~2.EXE --> C:\PROGRA~2\YTDOWN~1\BROWSE~2.EXE [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S3 amdiox64;AMD IO Driver;C:\Windows\System32\drivers\amdiox64.sys [2013-12-14 46136]
S3 asmthub3;ASMedia USB3 Hub Service;C:\Windows\System32\drivers\asmthub3.sys [2012-5-2 134944]
S3 asmtxhci;ASMEDIA XHCI Service;C:\Windows\System32\drivers\asmtxhci.sys [2012-5-2 403232]
S3 EasyAntiCheat;EasyAntiCheat;C:\Windows\System32\EasyAntiCheat.exe --> C:\Windows\System32\EasyAntiCheat.exe [?]
S3 GPCIDrv;GPCIDrv;C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\GPCIDrv64.sys [2010-2-4 14376]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-10-9 111616]
S3 ivusb;Initio Driver for USB Default Controller;C:\Windows\System32\drivers\ivusb.sys [2010-7-29 29720]
S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [2013-9-6 288776]
S3 npggsvc;nProtect GameGuard Service;C:\Windows\System32\GameMon.des -service --> C:\Windows\System32\GameMon.des -service [?]
S3 NTIOLib_1_0_2;NTIOLib_1_0_2;C:\Program Files (x86)\MSI\BIOS Code Unlocked Technology\NTIOLib_X64.sys [2013-12-14 14136]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2014-4-28 20992]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2014-4-30 59392]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2014-7-28 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2014-4-29 1255736]
.
=============== File Associations ===============
.
ShellExec: SC2Editor.exe: open="F:/StarCraft II/Support/SC2Editor.exe" "%1"
ShellExec: SC2Switcher.exe: open="F:/StarCraft II/Support/SC2Switcher.exe" "%1"
.
=============== Created Last 30 ================
.
2015-05-04 11:16:15 -------- d-----w- C:\ProgramData\c26b4b42000056b9
2015-05-04 11:14:48 -------- d-----w- C:\Program Files (x86)\Winsta
2015-05-04 11:14:47 -------- d-----w- C:\Users\Logan\AppData\Roaming\PDFConvert
2015-05-04 11:14:47 -------- d-----w- C:\Program Files (x86)\Convertor
2015-05-04 10:52:33 -------- d-----w- C:\ProgramData\8120a8d5db28477b8215e16c52d657fb
2015-05-04 10:52:30 -------- d-----w- C:\ProgramData\d1033df487f240778127c98610c04a8c
2015-05-04 10:24:51 -------- d-----w- C:\Users\Logan\AppData\Local\0E4B6A40-1430717090-11D4-BCB9-60A44C431969
2015-05-04 10:21:33 -------- d-----w- C:\Users\Logan\AppData\Roaming\0E4B6A40-1430734893-11D4-BCB9-60A44C431969
2015-05-04 02:48:08 -------- d-----w- C:\ProgramData\d8557c09000012ba
2015-05-04 02:35:38 -------- d-----w- C:\ProgramData\COMODO
2015-05-04 02:35:26 -------- d-----w- C:\Program Files\COMODO
2015-05-04 02:34:11 -------- d-----w- C:\Users\Logan\AppData\Local\IsolatedStorage
2015-05-04 02:21:36 -------- d-----w- C:\ProgramData\340a6c9800001aa5
2015-05-04 02:16:40 -------- d-----w- C:\Users\Logan\AppData\Roaming\0E4B6A40-1430705800-11D4-BCB9-60A44C431969
2015-05-04 02:10:51 -------- d-----w- C:\ProgramData\4e23033f000075f0
2015-05-03 17:55:25 1358 ----a-w- C:\Windows\SysWow64\SetupComponents.exe
2015-05-02 02:40:27 -------- d-----w- C:\Program Files (x86)\predm
2015-05-02 02:35:42 -------- d-----w- C:\Users\Logan\AppData\Local\Installer
2015-05-02 02:35:42 -------- d-----w- C:\Users\Logan\AppData\Local\CrashRpt
2015-05-02 02:28:49 -------- d-----w- C:\Program Files (x86)\Portable WeatherApp
2015-05-02 02:27:43 -------- d-----w- C:\Users\Logan\AppData\Local\B6CE6B97-AE2F-C94F-9BE3-BADA06BADAFA
2015-05-02 02:27:28 -------- d-----w- C:\Users\Logan\AppData\Roaming\0E4B6A40-1430533648-11D4-BCB9-60A44C431969
2015-05-02 02:23:22 -------- d-----w- C:\Users\Logan\AppData\Local\0E4B6A40-1430515402-11D4-BCB9-60A44C431969
2015-05-02 02:22:43 -------- d-----w- C:\Program Files (x86)\PrIicceLess
2015-05-02 02:22:30 -------- d-----w- C:\ProgramData\bkcpedpfihbhmebbcdbldmjdjpkeoibp
2015-05-02 02:21:19 -------- d-----w- C:\ProgramData\3fa9de6a8abf4b0cb7f4dd6861d18166
2015-05-02 02:21:03 -------- d-----w- C:\ProgramData\6b76e2d8894c4c718105cc0b3839ce57
2015-05-02 02:21:01 -------- d-----w- C:\Program Files (x86)\FlashBeat
2015-05-02 02:20:36 -------- d-----w- C:\Program Files (x86)\db089120-dfab-4167-bb6a-9db27dc25796
2015-05-02 02:20:16 -------- d-----w- C:\Users\Logan\AppData\Local\globalUpdate
2015-05-02 02:20:16 -------- d-----w- C:\Program Files (x86)\globalUpdate
2015-05-02 02:20:08 -------- d-----w- C:\Users\Logan\AppData\Roaming\0E4B6A40-1430533208-11D4-BCB9-60A44C431969
2015-05-02 02:19:40 -------- d-----w- C:\Program Files (x86)\ConnectPC
2015-05-02 02:18:48 -------- d-----w- C:\Users\Logan\AppData\Local\SuperDriversUpdater
2015-05-02 02:18:44 -------- d-----w- C:\Program Files (x86)\Super Driver Updater
2015-05-02 02:18:20 -------- d-----w- C:\ProgramData\6515275939571438658
2015-05-02 02:18:19 -------- d-----w- C:\Program Files (x86)\PurriCeeLeess
2015-05-02 02:17:49 -------- d-----w- C:\ProgramData\ocobdgjhelgmhjoalnjbiiodhgiifjda
2015-05-02 02:17:37 -------- d-----w- C:\Program Files (x86)\Priceless
2015-05-02 02:17:35 -------- d-----w- C:\Program Files (x86)\app_setup
2015-05-02 02:17:29 -------- d-----w- C:\Users\Logan\AppData\Local\Geckofx
2015-04-22 21:44:09 -------- d-----w- C:\ArcheAge
2015-04-19 10:13:48 -------- d-----w- C:\Users\Logan\AppData\Local\ESL Wire Game Client
2015-04-19 10:13:45 -------- d-----w- C:\ProgramData\ESL Wire
2015-04-19 10:13:45 -------- d-----w- C:\Program Files\EslWire
2015-04-04 19:14:25 -------- d-----w- C:\Program Files (x86)\TerraMap
.
==================== Find3M ====================
.
2015-05-04 11:19:39 129752 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2015-04-15 09:39:23 778416 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2015-04-15 09:39:23 142512 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2015-03-14 05:49:32 9728 ----a-w- C:\Windows\SysWow64\RzStats.IPC.dll
2015-02-20 08:40:24 237864 ----a-w- C:\Windows\SysWow64\EasyAntiCheat.exe
2015-02-08 21:40:36 98216 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2015-02-05 09:37:26 347464 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr
2015-02-05 09:37:26 347464 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
2015-02-04 23:24:36 37184 ----a-w- C:\Windows\System32\drivers\rzpmgrk.sys
2015-02-04 20:17:40 129600 ----a-w- C:\Windows\System32\drivers\rzpnk.sys
.
============= FINISH: 7:09:57.41 ===============