Hello,
been a long time since I needed your assistance, but so glad you guys are here to help - you do a great job and it's so appreciated!
My problem is a troublesome pop-up problem you've seen a thousand times before. Using Chrome Browser, Windows 7 machine and whenever i visit a regular website, i get so many popups, mostly advertising computer repair software, or a notice to update flash player and many other small windowed ads - script error notices - click here to leave this page popups, etc. etc. all rendering the browser useless. strangely, i'm not seeing the popups as I write this nor in facebook or gmail. . . Anyway - thanks so much for your time and your help!!!
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.18231 BrowserJavaVersion: 11.31.2
Run by Don at 0:34:10 on 2016-03-25
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.6135.2325 [GMT -4:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {768124D7-F5F7-6D2F-DDC2-94DFA4017C95}
SP: Microsoft Security Essentials *Enabled/Updated* {CDE0C533-D3CD-62A1-E772-AFADDF863628}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Spybot - Search and Destroy *Enabled/Outdated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
C:\Program Files\Microsoft LifeCam\MSCamS64.exe
C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\GWX\GWX.exe
C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe
C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Windows\vVX3000.exe
C:\Program Files\HP\HP Officejet 4630 series\Bin\ScanToPCActivationApp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\HP\HP Officejet 4630 series\Bin\HPNetworkCommunicatorCom.exe
C:\Users\Don\AppData\Roaming\Spotify\SpotifyWebHelper.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Users\Don\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Windows\SysWOW64\Ctxfihlp.exe
C:\Windows\SysWOW64\CTXFISPI.EXE
C:\Program Files\CCleaner\CCleaner64.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Program Files (x86)\Common Files\Steam\SteamService.exe
C:\Windows\system32\SearchIndexer.exe
c:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Nero\Update\NASvc.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\System32\WUDFHost.exe
C:\PROGRA~1\SketchUp\SKETCH~1\SketchUp.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Windows\system32\taskmgr.exe
C:\Users\Don\Downloads\HijackThis.exe
C:\Windows\SysWOW64\NOTEPAD.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uSearch Bar = Preserve
uSearch Page = hxxp://www.google.com
uProxyServer = localhost:21320
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mWinlogon: Userinit = userinit.exe
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll
BHO: Skype Click to Call for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
BHO: Free Download Manager: {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll
uRun: [GoogleChromeAutoLaunch_F7AAF1AF98DA9322EDD7EAFC54A5354D] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
uRun: [HP Officejet 4630 series (NET)] "C:\Program Files\HP\HP Officejet 4630 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN47G390D505Y0:NW" -scfn "HP Officejet 4630 series (NET)" -AutoStart 1
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [Spotify Web Helper] "C:\Users\Don\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
uRun: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
uRun: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
uRun: [SpybotPostWindows10UpgradeReInstall] "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe"
mRun: [LifeCam] "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe"
mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
mRun: [NUSB3MON] "C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
mRun: [CTxfiHlp] CTXFIHLP.EXE
StartupFolder: C:\Users\Don\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Don\AppData\Roaming\Dropbox\bin\Dropbox.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200
IE: Download all with Free Download Manager - C:\Program Files (x86)\Free Download Manager\dlall.htm
IE: Download selected with Free Download Manager - C:\Program Files (x86)\Free Download Manager\dlselected.htm
IE: Download video with Free Download Manager - C:\Program Files (x86)\Free Download Manager\dlfvideo.htm
IE: Download with Free Download Manager - C:\Program Files (x86)\Free Download Manager\dllink.htm
IE: {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} - hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/130321/CTPID.cab
TCP: NameServer = 82.163.143.171 82.163.142.173
TCP: NameServer = 64.233.217.2 64.233.217.3
TCP: Interfaces\{3FBDFE79-548B-41A6-BF6D-22373F0EA2FE} : NameServer = 82.163.143.171 82.163.142.173
TCP: Interfaces\{3FBDFE79-548B-41A6-BF6D-22373F0EA2FE} : DHCPNameServer = 64.233.217.2 64.233.217.3
TCP: Interfaces\{806CCD13-C306-487A-8881-7DF2FBFA4237} : NameServer = 82.163.143.171 82.163.142.173
TCP: Interfaces\{806CCD13-C306-487A-8881-7DF2FBFA4237} : DHCPNameServer = 82.163.143.171
Filter: application/x-microsoft-rpmsg-message - {DFF82902-0B96-3B98-6F62-D655E146A23A} - <orphaned>
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\BelarcAdvisor\System\BAVoilaX.dll
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
Notify: SDWinLogon - SDWinLogon.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.87\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
mASetup: {A6EADE66-0000-0000-484E-7E8A45000000} - "C:\Windows\SysWOW64\Rundll32.exe" "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll",CreateReaderUserSettings
x64-BHO: Skype Click to Call for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Run: [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-Run: [VX3000] C:\Windows\vVX3000.exe
x64-Run: [ShadowPlay] C:\Windows\System32\rundll32.exe C:\Windows\System32\nvspcap64.dll,ShadowPlayOnSystemStart
x64-IE: {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
.
INFO: x64-HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
x64-Filter: application/x-microsoft-rpmsg-message - {DFF82902-0B96-3B98-6F62-D655E146A23A} - <orphaned>
x64-Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - <orphaned>
x64-Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-SSODL: WebCheck - <orphaned>
Hosts: 127.0.0.1 Spyware Info | Spyware Info
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2015-11-13 289120]
R2 c2cautoupdatesvc;Skype Click to Call Updater;C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2016-1-8 1433216]
R2 c2cpnrsvc;Skype Click to Call PNR Service;C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2016-1-8 1773696]
R2 DiagTrack;Diagnostics Tracking Service;C:\Windows\System32\svchost.exe -k utcsvc [2009-7-13 27136]
R2 GfExperienceService;NVIDIA GeForce Experience Service;C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2014-9-28 1155216]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service;C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [2015-3-28 89840]
R2 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2013-7-18 762192]
R2 NvNetworkService;NVIDIA Network Service;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-9-28 1871504]
R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2015-7-30 5544592]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2014-8-21 1738168]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2014-8-21 2088408]
R2 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2014-8-21 171928]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2015-9-27 409800]
R3 CT20XUT.SYS;CT20XUT.SYS;C:\Windows\System32\drivers\CT20XUT.sys [2014-2-28 232728]
R3 CTEXFIFX.SYS;CTEXFIFX.SYS;C:\Windows\System32\drivers\CTEXFIFX.sys [2014-2-28 1448216]
R3 CTHWIUT.SYS;CTHWIUT.SYS;C:\Windows\System32\drivers\CTHWIUT.sys [2014-2-28 97560]
R3 ha20x22k;Creative 20X2 HAL Driver;C:\Windows\System32\drivers\ha20x22k.sys [2014-2-28 1617176]
R3 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2014-3-11 133816]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2016-1-29 374344]
R3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2010-1-22 77824]
R3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2010-1-22 180224]
R3 NvStreamKms;NvStreamKms;C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-9-28 19600]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2009-9-28 395264]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-11-5 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2015-11-5 125112]
S2 CouponArificService64;CouponArificService64;C:\Program Files (x86)\35556262-902E-49AE-8622-66E14F1F041C\arrmeapsie64.exe [2014-9-29 172544]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-7-9 327296]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2014-8-17 79360]
S3 CT20XUT;CT20XUT;C:\Windows\System32\drivers\CT20XUT.sys [2014-2-28 232728]
S3 CTEXFIFX;CTEXFIFX;C:\Windows\System32\drivers\CTEXFIFX.sys [2014-2-28 1448216]
S3 CTHWIUT;CTHWIUT;C:\Windows\System32\drivers\CTHWIUT.sys [2014-2-28 97560]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\drivers\ssudbus.sys [2014-1-22 108800]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2016-3-9 114688]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\Windows\System32\drivers\nvvad64v.sys [2015-7-30 47976]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2014-8-17 19456]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\drivers\ssudmdm.sys [2014-1-22 206080]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2014-8-17 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2014-8-17 30208]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2014-8-17 1255736]
.
=============== Created Last 30 ================
.
2016-03-25 01:59:03 75888 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{A32DD6E5-3176-4483-A132-FA6E0A884B00}\offreg.952.dll
2016-03-24 14:24:05 5306560 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe
2016-03-23 18:49:06 75888 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{A32DD6E5-3176-4483-A132-FA6E0A884B00}\offreg.936.dll
2016-03-23 15:35:45 1190000 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{144567EC-BE2F-4A4C-A8F4-32EC57699B90}\gapaengine.dll
2016-03-23 15:35:17 11249080 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{A32DD6E5-3176-4483-A132-FA6E0A884B00}\mpengine.dll
2016-03-22 15:35:18 11249080 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2016-03-21 12:49:01 -------- d-----w- C:\ProgramData\f46db541-7a37-0
2016-03-21 12:49:00 -------- d-----w- C:\ProgramData\f46db541-5897-1
2016-03-21 06:49:02 -------- d-----w- C:\ProgramData\f46db541-52b3-0
2016-03-21 06:49:01 -------- d-----w- C:\ProgramData\f46db541-3b21-1
2016-03-21 00:49:03 -------- d-----w- C:\ProgramData\f46db541-5945-0
2016-03-21 00:49:02 -------- d-----w- C:\ProgramData\f46db541-2c31-1
2016-03-20 18:49:07 -------- d-----w- C:\ProgramData\f46db541-4a41-0
2016-03-20 18:49:06 -------- d-----w- C:\ProgramData\f46db541-22f7-1
2016-03-20 01:41:37 -------- d-----w- C:\REX Texture Direct
2016-03-15 01:55:44 -------- d-----w- C:\Program Files\Common Files\AV
2016-03-15 00:49:01 -------- d-----w- C:\ProgramData\f46db541-0b11-0
2016-03-15 00:44:17 -------- d-----w- C:\ProgramData\f46db541-0c01-0
2016-03-15 00:44:15 -------- d-----w- C:\ProgramData\c75ed112
2016-03-15 00:44:10 -------- d-----w- C:\ProgramData\{132aeda2-212c-0}
2016-03-15 00:44:08 -------- d-----w- C:\ProgramData\{02fc2dd9-712c-1}
2016-03-15 00:44:08 -------- d-----w- C:\ProgramData\{02fc2dd9-712c-0}
2016-03-14 02:43:38 -------- d-----w- C:\Users\Don\AppData\Roaming\Orbx systems
2016-03-12 22:09:29 -------- d-----w- C:\Downloads
2016-03-09 14:36:55 994760 ----a-w- C:\Windows\System32\ucrtbase.dll
2016-03-09 14:31:51 696832 ----a-w- C:\Windows\System32\invagent.dll
2016-03-09 14:31:51 689152 ----a-w- C:\Windows\System32\generaltel.dll
2016-03-09 14:31:51 499200 ----a-w- C:\Windows\System32\devinv.dll
2016-03-09 14:31:51 1373184 ----a-w- C:\Windows\System32\appraiser.dll
2016-03-09 14:31:51 1168896 ----a-w- C:\Windows\System32\aeinv.dll
2016-03-09 14:31:50 76800 ----a-w- C:\Windows\System32\acmigration.dll
2016-03-09 14:31:50 38336 ----a-w- C:\Windows\System32\CompatTelRunner.exe
.
==================== Find3M ====================
.
2016-03-24 14:24:15 797376 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2016-03-24 14:24:15 142528 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2016-02-23 06:24:20 466520 ----a-w- C:\Windows\System32\wrap_oal.dll
2016-02-23 06:24:20 445016 ----a-w- C:\Windows\SysWow64\wrap_oal.dll
2016-02-23 06:24:20 123480 ----a-w- C:\Windows\System32\OpenAL32.dll
2016-02-23 06:24:20 109144 ----a-w- C:\Windows\SysWow64\OpenAL32.dll
2016-02-12 18:52:23 98816 ----a-w- C:\Windows\System32\wudriver.dll
2016-02-12 18:52:23 3169792 ----a-w- C:\Windows\System32\wucltux.dll
2016-02-12 18:52:23 192512 ----a-w- C:\Windows\System32\wuwebv.dll
2016-02-12 18:44:43 91136 ----a-w- C:\Windows\System32\WinSetupUI.dll
2016-02-12 18:39:55 174080 ----a-w- C:\Windows\SysWow64\wuwebv.dll
2016-02-12 18:18:22 37888 ----a-w- C:\Windows\System32\wuapp.exe
2016-02-12 18:18:05 12288 ----a-w- C:\Windows\System32\wu.upgrade.ps.dll
2016-02-12 18:05:17 93696 ----a-w- C:\Windows\SysWow64\wudriver.dll
2016-02-12 18:05:13 35328 ----a-w- C:\Windows\SysWow64\wuapp.exe
2016-02-11 18:56:28 5572032 ----a-w- C:\Windows\System32\ntoskrnl.exe
2016-02-11 18:56:26 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2016-02-11 18:56:26 154560 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2016-02-11 18:52:52 1733592 ----a-w- C:\Windows\System32\ntdll.dll
2016-02-11 18:49:42 362496 ----a-w- C:\Windows\System32\wow64win.dll
2016-02-11 18:49:42 243712 ----a-w- C:\Windows\System32\wow64.dll
2016-02-11 18:49:42 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2016-02-11 18:49:24 215040 ----a-w- C:\Windows\System32\winsrv.dll
2016-02-11 18:49:19 210432 ----a-w- C:\Windows\System32\wdigest.dll
2016-02-11 18:49:08 86528 ----a-w- C:\Windows\System32\TSpkg.dll
2016-02-11 18:49:00 28672 ----a-w- C:\Windows\System32\sspisrv.dll
2016-02-11 18:49:00 135680 ----a-w- C:\Windows\System32\sspicli.dll
2016-02-11 18:48:58 503808 ----a-w- C:\Windows\System32\srcore.dll
2016-02-11 18:48:58 50176 ----a-w- C:\Windows\System32\srclient.dll
2016-02-11 18:48:16 28160 ----a-w- C:\Windows\System32\secur32.dll
2016-02-11 18:48:14 344064 ----a-w- C:\Windows\System32\schannel.dll
2016-02-11 18:48:12 1214464 ----a-w- C:\Windows\System32\rpcrt4.dll
2016-02-11 18:47:33 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2016-02-11 18:45:59 312320 ----a-w- C:\Windows\System32\ncrypt.dll
2016-02-11 18:45:56 315392 ----a-w- C:\Windows\System32\msv1_0.dll
2016-02-11 18:45:51 60416 ----a-w- C:\Windows\System32\msobjs.dll
2016-02-11 18:45:35 146432 ----a-w- C:\Windows\System32\msaudite.dll
2016-02-11 18:44:45 3994560 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2016-02-11 18:44:45 3938240 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2016-02-11 18:44:42 1461248 ----a-w- C:\Windows\System32\lsasrv.dll
2016-02-11 18:44:34 730112 ----a-w- C:\Windows\System32\kerberos.dll
2016-02-11 18:44:34 422400 ----a-w- C:\Windows\System32\KernelBase.dll
2016-02-11 18:42:25 43520 ----a-w- C:\Windows\System32\csrsrv.dll
2016-02-11 18:42:24 43520 ----a-w- C:\Windows\System32\cryptbase.dll
2016-02-11 18:42:24 22016 ----a-w- C:\Windows\System32\credssp.dll
2016-02-11 18:38:24 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2016-02-11 18:38:24 665088 ----a-w- C:\Windows\SysWow64\rpcrt4.dll
2016-02-11 18:38:24 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2016-02-11 18:38:23 275456 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2016-02-11 18:38:07 171520 ----a-w- C:\Windows\SysWow64\wdigest.dll
2016-02-11 18:38:00 65536 ----a-w- C:\Windows\SysWow64\TSpkg.dll
2016-02-11 18:37:53 43008 ----a-w- C:\Windows\SysWow64\srclient.dll
2016-02-11 18:37:11 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2016-02-11 18:37:09 251392 ----a-w- C:\Windows\SysWow64\schannel.dll
2016-02-11 18:35:14 223232 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2016-02-11 18:35:09 259584 ----a-w- C:\Windows\SysWow64\msv1_0.dll
2016-02-11 18:35:06 60416 ----a-w- C:\Windows\SysWow64\msobjs.dll
2016-02-11 18:34:26 146432 ----a-w- C:\Windows\SysWow64\msaudite.dll
2016-02-11 18:33:30 553472 ----a-w- C:\Windows\SysWow64\kerberos.dll
2016-02-11 18:31:25 17408 ----a-w- C:\Windows\SysWow64\credssp.dll
2016-02-11 17:48:11 64000 ----a-w- C:\Windows\System32\auditpol.exe
2016-02-11 17:43:48 50176 ----a-w- C:\Windows\SysWow64\auditpol.exe
2016-02-11 17:41:42 338432 ----a-w- C:\Windows\System32\conhost.exe
2016-02-11 17:40:09 296960 ----a-w- C:\Windows\System32\rstrui.exe
2016-02-11 17:34:45 159232 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys
2016-02-11 17:34:01 290816 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys
2016-02-11 17:33:54 129024 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys
2016-02-11 17:32:46 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2016-02-11 17:32:46 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2016-02-11 17:32:45 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2016-02-11 17:32:43 2048 ----a-w- C:\Windows\SysWow64\user.exe
2016-02-11 17:32:25 30720 ----a-w- C:\Windows\System32\lsass.exe
2016-02-11 17:32:18 112640 ----a-w- C:\Windows\System32\smss.exe
2016-02-11 17:31:01 36352 ----a-w- C:\Windows\SysWow64\cryptbase.dll
2016-02-11 17:30:47 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2016-02-11 17:30:47 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2016-02-11 17:30:47 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2016-02-11 17:30:47 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2016-02-09 09:57:08 12625920 ----a-w- C:\Windows\System32\wmploc.DLL
2016-02-09 09:56:09 5120 ----a-w- C:\Windows\System32\msdxm.ocx
2016-02-09 09:56:09 5120 ----a-w- C:\Windows\System32\dxmasf.dll
2016-02-09 09:55:34 30720 ----a-w- C:\Windows\System32\seclogon.dll
2016-02-09 09:54:38 9728 ----a-w- C:\Windows\System32\spwmp.dll
2016-02-09 09:51:32 12625408 ----a-w- C:\Windows\SysWow64\wmploc.DLL
2016-02-09 09:13:14 4096 ----a-w- C:\Windows\SysWow64\msdxm.ocx
2016-02-09 09:13:14 4096 ----a-w- C:\Windows\SysWow64\dxmasf.dll
2016-02-09 09:13:10 8192 ----a-w- C:\Windows\SysWow64\spwmp.dll
2016-02-08 20:51:13 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2016-02-08 20:39:06 62464 ----a-w- C:\Windows\SysWow64\iesetup.dll
2016-02-08 20:39:06 496640 ----a-w- C:\Windows\SysWow64\vbscript.dll
2016-02-08 20:38:29 47616 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2016-02-08 20:38:20 341504 ----a-w- C:\Windows\SysWow64\html.iec
2016-02-08 20:37:31 64000 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
2016-02-08 20:28:52 115712 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2016-02-08 20:28:32 620032 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2016-02-08 20:16:21 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2016-02-08 20:10:37 4611072 ----a-w- C:\Windows\SysWow64\jscript9.dll
2016-02-08 20:01:48 2050560 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2016-02-08 20:01:43 1155072 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2016-02-08 19:43:04 2121216 ----a-w- C:\Windows\SysWow64\wininet.dll
.
============= FINISH: 0:34:50.21 ===============
tried for an hour to upload the attach text tile but the popups overwhelmed the manage attachments operation. Can I try to copy it in the message?
this is so weird!! Not to mention maddening!
been a long time since I needed your assistance, but so glad you guys are here to help - you do a great job and it's so appreciated!
My problem is a troublesome pop-up problem you've seen a thousand times before. Using Chrome Browser, Windows 7 machine and whenever i visit a regular website, i get so many popups, mostly advertising computer repair software, or a notice to update flash player and many other small windowed ads - script error notices - click here to leave this page popups, etc. etc. all rendering the browser useless. strangely, i'm not seeing the popups as I write this nor in facebook or gmail. . . Anyway - thanks so much for your time and your help!!!
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.18231 BrowserJavaVersion: 11.31.2
Run by Don at 0:34:10 on 2016-03-25
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.6135.2325 [GMT -4:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {768124D7-F5F7-6D2F-DDC2-94DFA4017C95}
SP: Microsoft Security Essentials *Enabled/Updated* {CDE0C533-D3CD-62A1-E772-AFADDF863628}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Spybot - Search and Destroy *Enabled/Outdated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
C:\Program Files\Microsoft LifeCam\MSCamS64.exe
C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\GWX\GWX.exe
C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe
C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Windows\vVX3000.exe
C:\Program Files\HP\HP Officejet 4630 series\Bin\ScanToPCActivationApp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\HP\HP Officejet 4630 series\Bin\HPNetworkCommunicatorCom.exe
C:\Users\Don\AppData\Roaming\Spotify\SpotifyWebHelper.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Users\Don\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Windows\SysWOW64\Ctxfihlp.exe
C:\Windows\SysWOW64\CTXFISPI.EXE
C:\Program Files\CCleaner\CCleaner64.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Program Files (x86)\Common Files\Steam\SteamService.exe
C:\Windows\system32\SearchIndexer.exe
c:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Nero\Update\NASvc.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\System32\WUDFHost.exe
C:\PROGRA~1\SketchUp\SKETCH~1\SketchUp.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Windows\system32\taskmgr.exe
C:\Users\Don\Downloads\HijackThis.exe
C:\Windows\SysWOW64\NOTEPAD.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uSearch Bar = Preserve
uSearch Page = hxxp://www.google.com
uProxyServer = localhost:21320
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mWinlogon: Userinit = userinit.exe
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll
BHO: Skype Click to Call for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
BHO: Free Download Manager: {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll
uRun: [GoogleChromeAutoLaunch_F7AAF1AF98DA9322EDD7EAFC54A5354D] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
uRun: [HP Officejet 4630 series (NET)] "C:\Program Files\HP\HP Officejet 4630 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN47G390D505Y0:NW" -scfn "HP Officejet 4630 series (NET)" -AutoStart 1
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [Spotify Web Helper] "C:\Users\Don\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
uRun: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
uRun: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
uRun: [SpybotPostWindows10UpgradeReInstall] "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe"
mRun: [LifeCam] "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe"
mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
mRun: [NUSB3MON] "C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
mRun: [CTxfiHlp] CTXFIHLP.EXE
StartupFolder: C:\Users\Don\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Don\AppData\Roaming\Dropbox\bin\Dropbox.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200
IE: Download all with Free Download Manager - C:\Program Files (x86)\Free Download Manager\dlall.htm
IE: Download selected with Free Download Manager - C:\Program Files (x86)\Free Download Manager\dlselected.htm
IE: Download video with Free Download Manager - C:\Program Files (x86)\Free Download Manager\dlfvideo.htm
IE: Download with Free Download Manager - C:\Program Files (x86)\Free Download Manager\dllink.htm
IE: {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} - hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/130321/CTPID.cab
TCP: NameServer = 82.163.143.171 82.163.142.173
TCP: NameServer = 64.233.217.2 64.233.217.3
TCP: Interfaces\{3FBDFE79-548B-41A6-BF6D-22373F0EA2FE} : NameServer = 82.163.143.171 82.163.142.173
TCP: Interfaces\{3FBDFE79-548B-41A6-BF6D-22373F0EA2FE} : DHCPNameServer = 64.233.217.2 64.233.217.3
TCP: Interfaces\{806CCD13-C306-487A-8881-7DF2FBFA4237} : NameServer = 82.163.143.171 82.163.142.173
TCP: Interfaces\{806CCD13-C306-487A-8881-7DF2FBFA4237} : DHCPNameServer = 82.163.143.171
Filter: application/x-microsoft-rpmsg-message - {DFF82902-0B96-3B98-6F62-D655E146A23A} - <orphaned>
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\BelarcAdvisor\System\BAVoilaX.dll
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
Notify: SDWinLogon - SDWinLogon.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.87\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
mASetup: {A6EADE66-0000-0000-484E-7E8A45000000} - "C:\Windows\SysWOW64\Rundll32.exe" "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll",CreateReaderUserSettings
x64-BHO: Skype Click to Call for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Run: [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-Run: [VX3000] C:\Windows\vVX3000.exe
x64-Run: [ShadowPlay] C:\Windows\System32\rundll32.exe C:\Windows\System32\nvspcap64.dll,ShadowPlayOnSystemStart
x64-IE: {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
.
INFO: x64-HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
x64-Filter: application/x-microsoft-rpmsg-message - {DFF82902-0B96-3B98-6F62-D655E146A23A} - <orphaned>
x64-Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - <orphaned>
x64-Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-SSODL: WebCheck - <orphaned>
Hosts: 127.0.0.1 Spyware Info | Spyware Info
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2015-11-13 289120]
R2 c2cautoupdatesvc;Skype Click to Call Updater;C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2016-1-8 1433216]
R2 c2cpnrsvc;Skype Click to Call PNR Service;C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2016-1-8 1773696]
R2 DiagTrack;Diagnostics Tracking Service;C:\Windows\System32\svchost.exe -k utcsvc [2009-7-13 27136]
R2 GfExperienceService;NVIDIA GeForce Experience Service;C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2014-9-28 1155216]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service;C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [2015-3-28 89840]
R2 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2013-7-18 762192]
R2 NvNetworkService;NVIDIA Network Service;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-9-28 1871504]
R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2015-7-30 5544592]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2014-8-21 1738168]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2014-8-21 2088408]
R2 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2014-8-21 171928]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2015-9-27 409800]
R3 CT20XUT.SYS;CT20XUT.SYS;C:\Windows\System32\drivers\CT20XUT.sys [2014-2-28 232728]
R3 CTEXFIFX.SYS;CTEXFIFX.SYS;C:\Windows\System32\drivers\CTEXFIFX.sys [2014-2-28 1448216]
R3 CTHWIUT.SYS;CTHWIUT.SYS;C:\Windows\System32\drivers\CTHWIUT.sys [2014-2-28 97560]
R3 ha20x22k;Creative 20X2 HAL Driver;C:\Windows\System32\drivers\ha20x22k.sys [2014-2-28 1617176]
R3 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2014-3-11 133816]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2016-1-29 374344]
R3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2010-1-22 77824]
R3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2010-1-22 180224]
R3 NvStreamKms;NvStreamKms;C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-9-28 19600]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2009-9-28 395264]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-11-5 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2015-11-5 125112]
S2 CouponArificService64;CouponArificService64;C:\Program Files (x86)\35556262-902E-49AE-8622-66E14F1F041C\arrmeapsie64.exe [2014-9-29 172544]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-7-9 327296]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2014-8-17 79360]
S3 CT20XUT;CT20XUT;C:\Windows\System32\drivers\CT20XUT.sys [2014-2-28 232728]
S3 CTEXFIFX;CTEXFIFX;C:\Windows\System32\drivers\CTEXFIFX.sys [2014-2-28 1448216]
S3 CTHWIUT;CTHWIUT;C:\Windows\System32\drivers\CTHWIUT.sys [2014-2-28 97560]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\drivers\ssudbus.sys [2014-1-22 108800]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2016-3-9 114688]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\Windows\System32\drivers\nvvad64v.sys [2015-7-30 47976]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2014-8-17 19456]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\drivers\ssudmdm.sys [2014-1-22 206080]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2014-8-17 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2014-8-17 30208]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2014-8-17 1255736]
.
=============== Created Last 30 ================
.
2016-03-25 01:59:03 75888 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{A32DD6E5-3176-4483-A132-FA6E0A884B00}\offreg.952.dll
2016-03-24 14:24:05 5306560 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe
2016-03-23 18:49:06 75888 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{A32DD6E5-3176-4483-A132-FA6E0A884B00}\offreg.936.dll
2016-03-23 15:35:45 1190000 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{144567EC-BE2F-4A4C-A8F4-32EC57699B90}\gapaengine.dll
2016-03-23 15:35:17 11249080 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{A32DD6E5-3176-4483-A132-FA6E0A884B00}\mpengine.dll
2016-03-22 15:35:18 11249080 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2016-03-21 12:49:01 -------- d-----w- C:\ProgramData\f46db541-7a37-0
2016-03-21 12:49:00 -------- d-----w- C:\ProgramData\f46db541-5897-1
2016-03-21 06:49:02 -------- d-----w- C:\ProgramData\f46db541-52b3-0
2016-03-21 06:49:01 -------- d-----w- C:\ProgramData\f46db541-3b21-1
2016-03-21 00:49:03 -------- d-----w- C:\ProgramData\f46db541-5945-0
2016-03-21 00:49:02 -------- d-----w- C:\ProgramData\f46db541-2c31-1
2016-03-20 18:49:07 -------- d-----w- C:\ProgramData\f46db541-4a41-0
2016-03-20 18:49:06 -------- d-----w- C:\ProgramData\f46db541-22f7-1
2016-03-20 01:41:37 -------- d-----w- C:\REX Texture Direct
2016-03-15 01:55:44 -------- d-----w- C:\Program Files\Common Files\AV
2016-03-15 00:49:01 -------- d-----w- C:\ProgramData\f46db541-0b11-0
2016-03-15 00:44:17 -------- d-----w- C:\ProgramData\f46db541-0c01-0
2016-03-15 00:44:15 -------- d-----w- C:\ProgramData\c75ed112
2016-03-15 00:44:10 -------- d-----w- C:\ProgramData\{132aeda2-212c-0}
2016-03-15 00:44:08 -------- d-----w- C:\ProgramData\{02fc2dd9-712c-1}
2016-03-15 00:44:08 -------- d-----w- C:\ProgramData\{02fc2dd9-712c-0}
2016-03-14 02:43:38 -------- d-----w- C:\Users\Don\AppData\Roaming\Orbx systems
2016-03-12 22:09:29 -------- d-----w- C:\Downloads
2016-03-09 14:36:55 994760 ----a-w- C:\Windows\System32\ucrtbase.dll
2016-03-09 14:31:51 696832 ----a-w- C:\Windows\System32\invagent.dll
2016-03-09 14:31:51 689152 ----a-w- C:\Windows\System32\generaltel.dll
2016-03-09 14:31:51 499200 ----a-w- C:\Windows\System32\devinv.dll
2016-03-09 14:31:51 1373184 ----a-w- C:\Windows\System32\appraiser.dll
2016-03-09 14:31:51 1168896 ----a-w- C:\Windows\System32\aeinv.dll
2016-03-09 14:31:50 76800 ----a-w- C:\Windows\System32\acmigration.dll
2016-03-09 14:31:50 38336 ----a-w- C:\Windows\System32\CompatTelRunner.exe
.
==================== Find3M ====================
.
2016-03-24 14:24:15 797376 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2016-03-24 14:24:15 142528 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2016-02-23 06:24:20 466520 ----a-w- C:\Windows\System32\wrap_oal.dll
2016-02-23 06:24:20 445016 ----a-w- C:\Windows\SysWow64\wrap_oal.dll
2016-02-23 06:24:20 123480 ----a-w- C:\Windows\System32\OpenAL32.dll
2016-02-23 06:24:20 109144 ----a-w- C:\Windows\SysWow64\OpenAL32.dll
2016-02-12 18:52:23 98816 ----a-w- C:\Windows\System32\wudriver.dll
2016-02-12 18:52:23 3169792 ----a-w- C:\Windows\System32\wucltux.dll
2016-02-12 18:52:23 192512 ----a-w- C:\Windows\System32\wuwebv.dll
2016-02-12 18:44:43 91136 ----a-w- C:\Windows\System32\WinSetupUI.dll
2016-02-12 18:39:55 174080 ----a-w- C:\Windows\SysWow64\wuwebv.dll
2016-02-12 18:18:22 37888 ----a-w- C:\Windows\System32\wuapp.exe
2016-02-12 18:18:05 12288 ----a-w- C:\Windows\System32\wu.upgrade.ps.dll
2016-02-12 18:05:17 93696 ----a-w- C:\Windows\SysWow64\wudriver.dll
2016-02-12 18:05:13 35328 ----a-w- C:\Windows\SysWow64\wuapp.exe
2016-02-11 18:56:28 5572032 ----a-w- C:\Windows\System32\ntoskrnl.exe
2016-02-11 18:56:26 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2016-02-11 18:56:26 154560 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2016-02-11 18:52:52 1733592 ----a-w- C:\Windows\System32\ntdll.dll
2016-02-11 18:49:42 362496 ----a-w- C:\Windows\System32\wow64win.dll
2016-02-11 18:49:42 243712 ----a-w- C:\Windows\System32\wow64.dll
2016-02-11 18:49:42 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2016-02-11 18:49:24 215040 ----a-w- C:\Windows\System32\winsrv.dll
2016-02-11 18:49:19 210432 ----a-w- C:\Windows\System32\wdigest.dll
2016-02-11 18:49:08 86528 ----a-w- C:\Windows\System32\TSpkg.dll
2016-02-11 18:49:00 28672 ----a-w- C:\Windows\System32\sspisrv.dll
2016-02-11 18:49:00 135680 ----a-w- C:\Windows\System32\sspicli.dll
2016-02-11 18:48:58 503808 ----a-w- C:\Windows\System32\srcore.dll
2016-02-11 18:48:58 50176 ----a-w- C:\Windows\System32\srclient.dll
2016-02-11 18:48:16 28160 ----a-w- C:\Windows\System32\secur32.dll
2016-02-11 18:48:14 344064 ----a-w- C:\Windows\System32\schannel.dll
2016-02-11 18:48:12 1214464 ----a-w- C:\Windows\System32\rpcrt4.dll
2016-02-11 18:47:33 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2016-02-11 18:45:59 312320 ----a-w- C:\Windows\System32\ncrypt.dll
2016-02-11 18:45:56 315392 ----a-w- C:\Windows\System32\msv1_0.dll
2016-02-11 18:45:51 60416 ----a-w- C:\Windows\System32\msobjs.dll
2016-02-11 18:45:35 146432 ----a-w- C:\Windows\System32\msaudite.dll
2016-02-11 18:44:45 3994560 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2016-02-11 18:44:45 3938240 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2016-02-11 18:44:42 1461248 ----a-w- C:\Windows\System32\lsasrv.dll
2016-02-11 18:44:34 730112 ----a-w- C:\Windows\System32\kerberos.dll
2016-02-11 18:44:34 422400 ----a-w- C:\Windows\System32\KernelBase.dll
2016-02-11 18:42:25 43520 ----a-w- C:\Windows\System32\csrsrv.dll
2016-02-11 18:42:24 43520 ----a-w- C:\Windows\System32\cryptbase.dll
2016-02-11 18:42:24 22016 ----a-w- C:\Windows\System32\credssp.dll
2016-02-11 18:38:24 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2016-02-11 18:38:24 665088 ----a-w- C:\Windows\SysWow64\rpcrt4.dll
2016-02-11 18:38:24 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2016-02-11 18:38:23 275456 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2016-02-11 18:38:07 171520 ----a-w- C:\Windows\SysWow64\wdigest.dll
2016-02-11 18:38:00 65536 ----a-w- C:\Windows\SysWow64\TSpkg.dll
2016-02-11 18:37:53 43008 ----a-w- C:\Windows\SysWow64\srclient.dll
2016-02-11 18:37:11 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2016-02-11 18:37:09 251392 ----a-w- C:\Windows\SysWow64\schannel.dll
2016-02-11 18:35:14 223232 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2016-02-11 18:35:09 259584 ----a-w- C:\Windows\SysWow64\msv1_0.dll
2016-02-11 18:35:06 60416 ----a-w- C:\Windows\SysWow64\msobjs.dll
2016-02-11 18:34:26 146432 ----a-w- C:\Windows\SysWow64\msaudite.dll
2016-02-11 18:33:30 553472 ----a-w- C:\Windows\SysWow64\kerberos.dll
2016-02-11 18:31:25 17408 ----a-w- C:\Windows\SysWow64\credssp.dll
2016-02-11 17:48:11 64000 ----a-w- C:\Windows\System32\auditpol.exe
2016-02-11 17:43:48 50176 ----a-w- C:\Windows\SysWow64\auditpol.exe
2016-02-11 17:41:42 338432 ----a-w- C:\Windows\System32\conhost.exe
2016-02-11 17:40:09 296960 ----a-w- C:\Windows\System32\rstrui.exe
2016-02-11 17:34:45 159232 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys
2016-02-11 17:34:01 290816 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys
2016-02-11 17:33:54 129024 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys
2016-02-11 17:32:46 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2016-02-11 17:32:46 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2016-02-11 17:32:45 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2016-02-11 17:32:43 2048 ----a-w- C:\Windows\SysWow64\user.exe
2016-02-11 17:32:25 30720 ----a-w- C:\Windows\System32\lsass.exe
2016-02-11 17:32:18 112640 ----a-w- C:\Windows\System32\smss.exe
2016-02-11 17:31:01 36352 ----a-w- C:\Windows\SysWow64\cryptbase.dll
2016-02-11 17:30:47 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2016-02-11 17:30:47 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2016-02-11 17:30:47 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2016-02-11 17:30:47 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2016-02-09 09:57:08 12625920 ----a-w- C:\Windows\System32\wmploc.DLL
2016-02-09 09:56:09 5120 ----a-w- C:\Windows\System32\msdxm.ocx
2016-02-09 09:56:09 5120 ----a-w- C:\Windows\System32\dxmasf.dll
2016-02-09 09:55:34 30720 ----a-w- C:\Windows\System32\seclogon.dll
2016-02-09 09:54:38 9728 ----a-w- C:\Windows\System32\spwmp.dll
2016-02-09 09:51:32 12625408 ----a-w- C:\Windows\SysWow64\wmploc.DLL
2016-02-09 09:13:14 4096 ----a-w- C:\Windows\SysWow64\msdxm.ocx
2016-02-09 09:13:14 4096 ----a-w- C:\Windows\SysWow64\dxmasf.dll
2016-02-09 09:13:10 8192 ----a-w- C:\Windows\SysWow64\spwmp.dll
2016-02-08 20:51:13 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2016-02-08 20:39:06 62464 ----a-w- C:\Windows\SysWow64\iesetup.dll
2016-02-08 20:39:06 496640 ----a-w- C:\Windows\SysWow64\vbscript.dll
2016-02-08 20:38:29 47616 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2016-02-08 20:38:20 341504 ----a-w- C:\Windows\SysWow64\html.iec
2016-02-08 20:37:31 64000 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
2016-02-08 20:28:52 115712 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2016-02-08 20:28:32 620032 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2016-02-08 20:16:21 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2016-02-08 20:10:37 4611072 ----a-w- C:\Windows\SysWow64\jscript9.dll
2016-02-08 20:01:48 2050560 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2016-02-08 20:01:43 1155072 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2016-02-08 19:43:04 2121216 ----a-w- C:\Windows\SysWow64\wininet.dll
.
============= FINISH: 0:34:50.21 ===============
tried for an hour to upload the attach text tile but the popups overwhelmed the manage attachments operation. Can I try to copy it in the message?
this is so weird!! Not to mention maddening!