Hi, I just recently noticed a lot of chrome.exe network activity in my resource monitor and it's bogging down my network. I have many MANY chrome.exe "images" associated with addresses like deploy.static.akamaitechnologies.com and amazonaws.com. Also I will see random activity appear under facebook and linkedin when I am not visiting those sites, as well as other random addresses I don't recognize. and they will even show up in my anti-malware program images (in network activity). I have tried installing firefox and they followed me there too. I have tried running anti-malwarebytes, Zone Alarm Pro, Avast anti virus. I have also tried putting manual exclusions in inbound and outbound ports in windows firewall but that didn't work either. I am at a loss for what to do. Please help...
Here is my DDS.txt (attached is attach.txt):
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.17609 BrowserJavaVersion: 11.71.2
Run by Mike at 13:13:22 on 2016-04-20
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.8094.5776 [GMT -5:00]
.
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ZoneAlarm Pro Firewall *Disabled* {1B8D532F-88B1-B2AD-ED22-AED92687A1D2}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
C:\Windows\System32\svchost.exe -k utcsvc
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Windows\system32\taskeng.exe
C:\Windows\DAODx.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
C:\Users\Mike\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe
c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\sppsvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskmgr.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\perfmon.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxps://www.yahoo.com/?fr=yset_ie_syc_oracle&type=orcl_hpset
mStart Page = about:blank
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_71\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Skype Click to Call for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_71\bin\jp2ssv.dll
uRun: [Octoshape Streaming Services] "C:\Users\Mike\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" -inv:bootrun
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [ZoneAlarm] "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
dRun: [ZoneAlarm Windows 10 Upgrader] "C:\ProgramData\CheckPoint\ZoneAlarm\Data\Updates\unpacked==win10=update_win10.zip\upgrade.exe" /delay
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\STEELS~1.LNK - C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe
uPolicies-Explorer: NoViewOnDrive = dword:0
uPolicies-Explorer: NoDrives = dword:0
uPolicies-Explorer: DisableLocalMachineRun = dword:0
uPolicies-Explorer: DisableLocalMachineRunOnce = dword:0
uPolicies-Explorer: DisableCurrentUserRun = dword:0
uPolicies-Explorer: DisableCurrentUserRunOnce = dword:0
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-Explorer: NoFile = dword:0
uPolicies-Explorer: HideClock = dword:0
uPolicies-Explorer: NoDevMgrUpdate = dword:0
uPolicies-Explorer: NoDFSTab = dword:0
uPolicies-Explorer: NoWindowsUpdate = dword:0
uPolicies-Explorer: NoEncryptOnMove = dword:0
uPolicies-Explorer: NoRunasInstallPrompt = dword:0
uPolicies-Explorer: NoResolveTrack = dword:0
uPolicies-Explorer: NoStartMenuSubFolders = dword:0
uPolicies-System: NoDispAppearancePage = dword:0
uPolicies-System: NoDispSettingsPage = dword:0
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoViewOnDrive = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: DisableLocalMachineRun = dword:0
mPolicies-Explorer: DisableLocalMachineRunOnce = dword:0
mPolicies-Explorer: DisableCurrentUserRun = dword:0
mPolicies-Explorer: DisableCurrentUserRunOnce = dword:0
mPolicies-Explorer: NoDriveTypeAutoRun = dword:0
mPolicies-Explorer: NoFile = dword:0
mPolicies-Explorer: HideClock = dword:0
mPolicies-Explorer: NoDevMgrUpdate = dword:0
mPolicies-Explorer: NoDFSTab = dword:0
mPolicies-Explorer: NoWindowsUpdate = dword:0
mPolicies-Explorer: NoEncryptOnMove = dword:0
mPolicies-Explorer: NoRunasInstallPrompt = dword:0
mPolicies-Explorer: NoResolveTrack = dword:0
mPolicies-Explorer: NoStartMenuSubFolders = dword:0
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: NoDispAppearancePage = dword:0
mPolicies-System: NoDispSettingsPage = dword:0
mPolicies-System: SoftwareSASGeneration = dword:1
mPolicies-Explorer: NoViewOnDrive = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: DisableLocalMachineRun = dword:0
mPolicies-Explorer: DisableLocalMachineRunOnce = dword:0
mPolicies-Explorer: DisableCurrentUserRun = dword:0
mPolicies-Explorer: DisableCurrentUserRunOnce = dword:0
mPolicies-Explorer: NoDriveTypeAutoRun = dword:0
mPolicies-Explorer: NoFile = dword:0
mPolicies-Explorer: HideClock = dword:0
mPolicies-Explorer: NoDevMgrUpdate = dword:0
mPolicies-Explorer: NoDFSTab = dword:0
mPolicies-Explorer: NoWindowsUpdate = dword:0
mPolicies-Explorer: NoEncryptOnMove = dword:0
mPolicies-Explorer: NoRunasInstallPrompt = dword:0
mPolicies-Explorer: NoResolveTrack = dword:0
mPolicies-Explorer: NoStartMenuSubFolders = dword:0
mPolicies-System: NoDispAppearancePage = dword:0
mPolicies-System: NoDispSettingsPage = dword:0
IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
TCP: NameServer = 75.75.76.76 75.75.75.75
TCP: Interfaces\{D092CF56-193B-4BE6-B809-83560844BF47} : DHCPNameServer = 75.75.76.76 75.75.75.75
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.112\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-mStart Page = about:blank
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Skype Click to Call for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
x64-Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\hrr0vgk3.default\
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre1.8.0_71\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre1.8.0_71\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Users\Mike\AppData\Roaming\Mozilla\plugins\npoctoshape.dll
FF - plugin: C:\Users\Mike\AppData\Roaming\raidcall\plugins\nprcplugin.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll
.
============= SERVICES / DRIVERS ===============
.
R0 amd_sata;amd_sata;C:\Windows\System32\drivers\amd_sata.sys [2013-9-14 82560]
R0 amd_xata;amd_xata;C:\Windows\System32\drivers\amd_xata.sys [2013-9-14 42624]
R2 c2cautoupdatesvc;Skype Click to Call Updater;C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2016-1-8 1433216]
R2 c2cpnrsvc;Skype Click to Call PNR Service;C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2016-1-8 1773696]
R2 DiagTrack;Diagnostics Tracking Service;C:\Windows\System32\svchost.exe -k utcsvc [2009-7-13 27136]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2016-4-20 1514464]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2016-4-20 1136608]
R2 NvNetworkService;NVIDIA Network Service;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-2-22 1593632]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2015-6-15 410768]
R2 ZAPrivacyService;ZoneAlarm Privacy Service;C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe [2015-10-19 96272]
R3 asmthub3;ASMedia USB3 Hub Service;C:\Windows\System32\drivers\asmthub3.sys [2012-2-21 130536]
R3 asmtxhci;ASMEDIA XHCI Service;C:\Windows\System32\drivers\asmtxhci.sys [2012-2-21 396776]
R3 hidkmdf;Filter Driver Service for HID-KMDF Interface layer;C:\Windows\System32\drivers\hidkmdf.sys [2016-1-14 25648]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2016-4-20 27008]
R3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\drivers\MBAMSwissArmy.sys [2016-4-20 192216]
R3 MBAMWebAccessControl;MBAMWebAccessControl;C:\Windows\System32\drivers\mwac.sys [2016-4-20 64896]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2013-9-14 726160]
R3 ssdevfactory;SteelSeries Device Factory Service;C:\Windows\System32\drivers\ssdevfactory.sys [2015-9-29 32792]
R3 sshid;SteelSeries HID Service;C:\Windows\System32\drivers\sshid.sys [2016-1-14 51392]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2013-9-14 58536]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-11-5 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2015-11-5 125112]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-7-9 327296]
S3 DFX11_1;DFX Audio Enhancer 11.1;C:\Windows\System32\drivers\dfx11_1x64.sys [2012-12-13 28008]
S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2011-4-12 71168]
S3 DrvAgent64;DrvAgent64;C:\Windows\SysWOW64\drivers\DrvAgent64.SYS [2015-5-27 13824]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-9-16 19456]
S3 RTL8187B;Realtek RTL8187B Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;C:\Windows\System32\drivers\RTL8187B.sys [2010-3-31 450048]
S3 rzdaendpt;Razer DeathAdder end point;C:\Windows\System32\drivers\rzdaendpt.sys [2015-8-13 43720]
S3 rzudd;Razer Mouse Driver;C:\Windows\System32\drivers\rzudd.sys [2015-8-13 201432]
S3 rzvkeyboard;Razer Virtual Keyboard Driver;C:\Windows\System32\drivers\rzvkeyboard.sys [2015-8-13 44232]
S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]
S3 taphss6;Anchorfree HSS VPN Adapter;C:\Windows\System32\drivers\taphss6.sys [2013-6-20 42184]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-9-16 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2013-9-16 30208]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2014-7-28 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-9-16 1255736]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile=C:\Windows\SysWow64\NOTEPAD.EXE %1
FileExt: .ini: inifile=C:\Windows\SysWow64\NOTEPAD.EXE %1
FileExt: .inf: inffile=C:\Windows\SysWow64\NOTEPAD.EXE %1
.
=============== Created Last 30 ================
.
2016-04-20 18:08:43 97551 ----a-w- C:\ProgramData\1461175681.bdinstall.bin
2016-04-20 18:08:01 37823 ----a-w- C:\ProgramData\1461175679.bdinstall.bin
2016-04-20 17:25:26 -------- d-----w- C:\Program Files (x86)\CheckPoint
2016-04-20 17:25:00 -------- d-----w- C:\ProgramData\CheckPoint
2016-04-20 17:14:56 -------- d-----w- C:\Users\Mike\AppData\Local\Macromedia
2016-04-20 07:08:26 229101 ----a-w- C:\ProgramData\1461135813.bdinstall.bin
2016-04-20 07:07:43 261056 ----a-w- C:\Windows\System32\drivers\avchv.sys
2016-04-20 07:00:46 45408 ----a-w- C:\ProgramData\1461135622.bdinstall.bin
2016-04-20 06:45:39 -------- d-----w- C:\Program Files\Common Files\AV
2016-04-20 06:45:39 -------- d-----w- C:\Program Files (x86)\Common Files\AV
2016-04-20 05:29:45 192216 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2016-04-20 05:29:00 64896 ----a-w- C:\Windows\System32\drivers\mwac.sys
2016-04-20 05:29:00 27008 ----a-w- C:\Windows\System32\drivers\mbam.sys
2016-04-20 05:29:00 140672 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2016-04-20 05:28:59 -------- d-----w- C:\ProgramData\Malwarebytes
2016-04-20 05:28:59 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-04-19 15:17:36 11686560 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{51FD56BA-2587-41CD-8D6E-E4E92B55723A}\mpengine.dll
2016-04-12 21:10:59 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2016-04-08 05:45:06 5934784 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe
2016-03-24 08:21:26 462304 ----a-w- C:\Windows\System32\drivers\vsdatant.sys
.
==================== Find3M ====================
.
2016-04-08 05:45:10 797376 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2016-04-08 05:45:10 142528 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2016-04-06 15:18:38 453280 ------w- C:\Windows\System32\MpSigStub.exe
2016-04-04 18:14:06 38120 ----a-w- C:\Windows\System32\CompatTelRunner.exe
2016-04-04 18:02:17 1169408 ----a-w- C:\Windows\System32\aeinv.dll
2016-04-02 13:08:13 1386496 ----a-w- C:\Windows\System32\appraiser.dll
2016-03-29 17:53:59 3216896 ----a-w- C:\Windows\System32\win32k.sys
2016-03-23 14:02:01 215040 ----a-w- C:\Windows\System32\aepic.dll
2016-03-17 23:04:04 706280 ----a-w- C:\Windows\System32\winload.efi
2016-03-17 23:04:04 5551336 ----a-w- C:\Windows\System32\ntoskrnl.exe
2016-03-17 23:04:03 95464 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2016-03-17 23:04:03 154344 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2016-03-17 23:01:15 631176 ----a-w- C:\Windows\System32\winresume.efi
2016-03-17 23:01:02 1732864 ----a-w- C:\Windows\System32\ntdll.dll
2016-03-17 22:58:51 362496 ----a-w- C:\Windows\System32\wow64win.dll
2016-03-17 22:58:51 243712 ----a-w- C:\Windows\System32\wow64.dll
2016-03-17 22:58:51 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2016-03-17 22:58:32 215552 ----a-w- C:\Windows\System32\winsrv.dll
2016-03-17 22:58:26 210432 ----a-w- C:\Windows\System32\wdigest.dll
2016-03-17 22:58:14 86528 ----a-w- C:\Windows\System32\TSpkg.dll
2016-03-17 22:58:05 28672 ----a-w- C:\Windows\System32\sspisrv.dll
2016-03-17 22:58:05 135680 ----a-w- C:\Windows\System32\sspicli.dll
2016-03-17 22:58:04 503808 ----a-w- C:\Windows\System32\srcore.dll
2016-03-17 22:58:04 50176 ----a-w- C:\Windows\System32\srclient.dll
2016-03-17 22:57:31 63488 ----a-w- C:\Windows\System32\setbcdlocale.dll
2016-03-17 22:57:26 28160 ----a-w- C:\Windows\System32\secur32.dll
2016-03-17 22:57:24 344064 ----a-w- C:\Windows\System32\schannel.dll
2016-03-17 22:57:21 190464 ----a-w- C:\Windows\System32\rpchttp.dll
2016-03-17 22:57:21 1212928 ----a-w- C:\Windows\System32\rpcrt4.dll
2016-03-17 22:56:24 2084864 ----a-w- C:\Windows\System32\ole32.dll
2016-03-17 22:56:19 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2016-03-17 22:54:55 312320 ----a-w- C:\Windows\System32\ncrypt.dll
2016-03-17 22:54:51 316416 ----a-w- C:\Windows\System32\msv1_0.dll
2016-03-17 22:54:47 60416 ----a-w- C:\Windows\System32\msobjs.dll
2016-03-17 22:54:27 146432 ----a-w- C:\Windows\System32\msaudite.dll
2016-03-17 22:53:23 1464320 ----a-w- C:\Windows\System32\lsasrv.dll
2016-03-17 22:53:15 731136 ----a-w- C:\Windows\System32\kerberos.dll
2016-03-17 22:53:15 419840 ----a-w- C:\Windows\System32\KernelBase.dll
2016-03-17 22:36:28 3998952 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2016-03-17 22:36:28 3943144 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2016-03-17 22:33:29 1314112 ----a-w- C:\Windows\SysWow64\ntdll.dll
2016-03-17 22:31:09 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2016-03-17 22:31:09 666112 ----a-w- C:\Windows\SysWow64\rpcrt4.dll
2016-03-17 22:31:09 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2016-03-17 22:31:09 275456 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2016-03-17 22:30:43 171520 ----a-w- C:\Windows\SysWow64\wdigest.dll
2016-03-17 22:30:35 65536 ----a-w- C:\Windows\SysWow64\TSpkg.dll
2016-03-17 22:30:00 43008 ----a-w- C:\Windows\SysWow64\srclient.dll
2016-03-17 22:29:26 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2016-03-17 22:29:24 251392 ----a-w- C:\Windows\SysWow64\schannel.dll
2016-03-17 22:29:22 141312 ----a-w- C:\Windows\SysWow64\rpchttp.dll
2016-03-17 22:28:21 1414144 ----a-w- C:\Windows\SysWow64\ole32.dll
2016-03-17 22:27:53 223232 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2016-03-17 22:27:50 260608 ----a-w- C:\Windows\SysWow64\msv1_0.dll
2016-03-17 22:27:46 60416 ----a-w- C:\Windows\SysWow64\msobjs.dll
2016-03-17 22:27:31 146432 ----a-w- C:\Windows\SysWow64\msaudite.dll
2016-03-17 22:26:26 553984 ----a-w- C:\Windows\SysWow64\kerberos.dll
2016-03-17 22:25:00 17408 ----a-w- C:\Windows\SysWow64\credssp.dll
2016-03-17 21:53:08 148480 ----a-w- C:\Windows\System32\appidpolicyconverter.exe
2016-03-17 21:52:51 62464 ----a-w- C:\Windows\System32\drivers\appid.sys
2016-03-17 21:52:48 17920 ----a-w- C:\Windows\System32\appidcertstorecheck.exe
2016-03-17 21:51:25 64000 ----a-w- C:\Windows\System32\auditpol.exe
2016-03-17 21:44:54 338432 ----a-w- C:\Windows\System32\conhost.exe
2016-03-17 21:43:20 296960 ----a-w- C:\Windows\System32\rstrui.exe
2016-03-17 21:41:01 50176 ----a-w- C:\Windows\SysWow64\auditpol.exe
2016-03-17 21:38:06 159744 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys
2016-03-17 21:37:14 291328 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys
2016-03-17 21:37:11 129536 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys
2016-03-17 21:35:42 30720 ----a-w- C:\Windows\System32\lsass.exe
2016-03-17 21:35:33 112640 ----a-w- C:\Windows\System32\smss.exe
2016-03-17 21:30:55 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2016-03-17 21:30:53 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2016-03-17 21:30:52 2048 ----a-w- C:\Windows\SysWow64\user.exe
2016-03-17 21:29:13 36352 ----a-w- C:\Windows\SysWow64\cryptbase.dll
2016-03-17 21:29:00 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2016-03-17 21:29:00 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2016-03-17 21:29:00 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2016-03-17 21:29:00 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2016-03-17 18:04:39 698368 ----a-w- C:\Windows\System32\generaltel.dll
2016-03-17 18:04:39 499200 ----a-w- C:\Windows\System32\devinv.dll
2016-03-17 18:04:39 279040 ----a-w- C:\Windows\System32\invagent.dll
2016-03-17 18:04:38 76800 ----a-w- C:\Windows\System32\acmigration.dll
2016-03-16 18:50:06 156672 ----a-w- C:\Windows\System32\mtxoci.dll
2016-03-16 18:28:15 111616 ----a-w- C:\Windows\SysWow64\mtxoci.dll
2016-03-16 18:28:12 176128 ----a-w- C:\Windows\SysWow64\msorcl32.dll
2016-03-16 00:16:10 760320 ----a-w- C:\Windows\System32\samsrv.dll
2016-03-16 00:16:10 106496 ----a-w- C:\Windows\System32\samlib.dll
2016-03-15 23:53:30 60416 ----a-w- C:\Windows\SysWow64\samlib.dll
2016-03-11 18:57:00 2048 ----a-w- C:\Windows\System32\tzres.dll
2016-03-11 18:35:16 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2016-03-06 18:53:26 2048 ----a-w- C:\Windows\System32\msxml3r.dll
2016-03-06 18:53:25 1885696 ----a-w- C:\Windows\System32\msxml3.dll
2016-03-06 18:38:52 2048 ----a-w- C:\Windows\SysWow64\msxml3r.dll
2016-03-06 18:38:52 1240576 ----a-w- C:\Windows\SysWow64\msxml3.dll
2016-02-12 18:52:23 98816 ----a-w- C:\Windows\System32\wudriver.dll
2016-02-12 18:52:23 3169792 ----a-w- C:\Windows\System32\wucltux.dll
2016-02-12 18:52:23 192512 ----a-w- C:\Windows\System32\wuwebv.dll
2016-02-12 18:44:43 91136 ----a-w- C:\Windows\System32\WinSetupUI.dll
2016-02-12 18:39:55 174080 ----a-w- C:\Windows\SysWow64\wuwebv.dll
2016-02-12 18:18:22 37888 ----a-w- C:\Windows\System32\wuapp.exe
.
============= FINISH: 13:15:25.60 ===============
Here is my DDS.txt (attached is attach.txt):
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.17609 BrowserJavaVersion: 11.71.2
Run by Mike at 13:13:22 on 2016-04-20
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.8094.5776 [GMT -5:00]
.
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ZoneAlarm Pro Firewall *Disabled* {1B8D532F-88B1-B2AD-ED22-AED92687A1D2}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
C:\Windows\System32\svchost.exe -k utcsvc
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Windows\system32\taskeng.exe
C:\Windows\DAODx.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
C:\Users\Mike\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe
c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\sppsvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskmgr.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\perfmon.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxps://www.yahoo.com/?fr=yset_ie_syc_oracle&type=orcl_hpset
mStart Page = about:blank
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_71\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Skype Click to Call for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_71\bin\jp2ssv.dll
uRun: [Octoshape Streaming Services] "C:\Users\Mike\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" -inv:bootrun
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [ZoneAlarm] "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
dRun: [ZoneAlarm Windows 10 Upgrader] "C:\ProgramData\CheckPoint\ZoneAlarm\Data\Updates\unpacked==win10=update_win10.zip\upgrade.exe" /delay
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\STEELS~1.LNK - C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe
uPolicies-Explorer: NoViewOnDrive = dword:0
uPolicies-Explorer: NoDrives = dword:0
uPolicies-Explorer: DisableLocalMachineRun = dword:0
uPolicies-Explorer: DisableLocalMachineRunOnce = dword:0
uPolicies-Explorer: DisableCurrentUserRun = dword:0
uPolicies-Explorer: DisableCurrentUserRunOnce = dword:0
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-Explorer: NoFile = dword:0
uPolicies-Explorer: HideClock = dword:0
uPolicies-Explorer: NoDevMgrUpdate = dword:0
uPolicies-Explorer: NoDFSTab = dword:0
uPolicies-Explorer: NoWindowsUpdate = dword:0
uPolicies-Explorer: NoEncryptOnMove = dword:0
uPolicies-Explorer: NoRunasInstallPrompt = dword:0
uPolicies-Explorer: NoResolveTrack = dword:0
uPolicies-Explorer: NoStartMenuSubFolders = dword:0
uPolicies-System: NoDispAppearancePage = dword:0
uPolicies-System: NoDispSettingsPage = dword:0
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoViewOnDrive = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: DisableLocalMachineRun = dword:0
mPolicies-Explorer: DisableLocalMachineRunOnce = dword:0
mPolicies-Explorer: DisableCurrentUserRun = dword:0
mPolicies-Explorer: DisableCurrentUserRunOnce = dword:0
mPolicies-Explorer: NoDriveTypeAutoRun = dword:0
mPolicies-Explorer: NoFile = dword:0
mPolicies-Explorer: HideClock = dword:0
mPolicies-Explorer: NoDevMgrUpdate = dword:0
mPolicies-Explorer: NoDFSTab = dword:0
mPolicies-Explorer: NoWindowsUpdate = dword:0
mPolicies-Explorer: NoEncryptOnMove = dword:0
mPolicies-Explorer: NoRunasInstallPrompt = dword:0
mPolicies-Explorer: NoResolveTrack = dword:0
mPolicies-Explorer: NoStartMenuSubFolders = dword:0
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: NoDispAppearancePage = dword:0
mPolicies-System: NoDispSettingsPage = dword:0
mPolicies-System: SoftwareSASGeneration = dword:1
mPolicies-Explorer: NoViewOnDrive = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: DisableLocalMachineRun = dword:0
mPolicies-Explorer: DisableLocalMachineRunOnce = dword:0
mPolicies-Explorer: DisableCurrentUserRun = dword:0
mPolicies-Explorer: DisableCurrentUserRunOnce = dword:0
mPolicies-Explorer: NoDriveTypeAutoRun = dword:0
mPolicies-Explorer: NoFile = dword:0
mPolicies-Explorer: HideClock = dword:0
mPolicies-Explorer: NoDevMgrUpdate = dword:0
mPolicies-Explorer: NoDFSTab = dword:0
mPolicies-Explorer: NoWindowsUpdate = dword:0
mPolicies-Explorer: NoEncryptOnMove = dword:0
mPolicies-Explorer: NoRunasInstallPrompt = dword:0
mPolicies-Explorer: NoResolveTrack = dword:0
mPolicies-Explorer: NoStartMenuSubFolders = dword:0
mPolicies-System: NoDispAppearancePage = dword:0
mPolicies-System: NoDispSettingsPage = dword:0
IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
TCP: NameServer = 75.75.76.76 75.75.75.75
TCP: Interfaces\{D092CF56-193B-4BE6-B809-83560844BF47} : DHCPNameServer = 75.75.76.76 75.75.75.75
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.112\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-mStart Page = about:blank
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Skype Click to Call for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
x64-Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\hrr0vgk3.default\
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre1.8.0_71\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre1.8.0_71\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Users\Mike\AppData\Roaming\Mozilla\plugins\npoctoshape.dll
FF - plugin: C:\Users\Mike\AppData\Roaming\raidcall\plugins\nprcplugin.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll
.
============= SERVICES / DRIVERS ===============
.
R0 amd_sata;amd_sata;C:\Windows\System32\drivers\amd_sata.sys [2013-9-14 82560]
R0 amd_xata;amd_xata;C:\Windows\System32\drivers\amd_xata.sys [2013-9-14 42624]
R2 c2cautoupdatesvc;Skype Click to Call Updater;C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2016-1-8 1433216]
R2 c2cpnrsvc;Skype Click to Call PNR Service;C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2016-1-8 1773696]
R2 DiagTrack;Diagnostics Tracking Service;C:\Windows\System32\svchost.exe -k utcsvc [2009-7-13 27136]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2016-4-20 1514464]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2016-4-20 1136608]
R2 NvNetworkService;NVIDIA Network Service;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-2-22 1593632]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2015-6-15 410768]
R2 ZAPrivacyService;ZoneAlarm Privacy Service;C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe [2015-10-19 96272]
R3 asmthub3;ASMedia USB3 Hub Service;C:\Windows\System32\drivers\asmthub3.sys [2012-2-21 130536]
R3 asmtxhci;ASMEDIA XHCI Service;C:\Windows\System32\drivers\asmtxhci.sys [2012-2-21 396776]
R3 hidkmdf;Filter Driver Service for HID-KMDF Interface layer;C:\Windows\System32\drivers\hidkmdf.sys [2016-1-14 25648]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2016-4-20 27008]
R3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\drivers\MBAMSwissArmy.sys [2016-4-20 192216]
R3 MBAMWebAccessControl;MBAMWebAccessControl;C:\Windows\System32\drivers\mwac.sys [2016-4-20 64896]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2013-9-14 726160]
R3 ssdevfactory;SteelSeries Device Factory Service;C:\Windows\System32\drivers\ssdevfactory.sys [2015-9-29 32792]
R3 sshid;SteelSeries HID Service;C:\Windows\System32\drivers\sshid.sys [2016-1-14 51392]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2013-9-14 58536]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-11-5 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2015-11-5 125112]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-7-9 327296]
S3 DFX11_1;DFX Audio Enhancer 11.1;C:\Windows\System32\drivers\dfx11_1x64.sys [2012-12-13 28008]
S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2011-4-12 71168]
S3 DrvAgent64;DrvAgent64;C:\Windows\SysWOW64\drivers\DrvAgent64.SYS [2015-5-27 13824]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-9-16 19456]
S3 RTL8187B;Realtek RTL8187B Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;C:\Windows\System32\drivers\RTL8187B.sys [2010-3-31 450048]
S3 rzdaendpt;Razer DeathAdder end point;C:\Windows\System32\drivers\rzdaendpt.sys [2015-8-13 43720]
S3 rzudd;Razer Mouse Driver;C:\Windows\System32\drivers\rzudd.sys [2015-8-13 201432]
S3 rzvkeyboard;Razer Virtual Keyboard Driver;C:\Windows\System32\drivers\rzvkeyboard.sys [2015-8-13 44232]
S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]
S3 taphss6;Anchorfree HSS VPN Adapter;C:\Windows\System32\drivers\taphss6.sys [2013-6-20 42184]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-9-16 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2013-9-16 30208]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2014-7-28 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-9-16 1255736]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile=C:\Windows\SysWow64\NOTEPAD.EXE %1
FileExt: .ini: inifile=C:\Windows\SysWow64\NOTEPAD.EXE %1
FileExt: .inf: inffile=C:\Windows\SysWow64\NOTEPAD.EXE %1
.
=============== Created Last 30 ================
.
2016-04-20 18:08:43 97551 ----a-w- C:\ProgramData\1461175681.bdinstall.bin
2016-04-20 18:08:01 37823 ----a-w- C:\ProgramData\1461175679.bdinstall.bin
2016-04-20 17:25:26 -------- d-----w- C:\Program Files (x86)\CheckPoint
2016-04-20 17:25:00 -------- d-----w- C:\ProgramData\CheckPoint
2016-04-20 17:14:56 -------- d-----w- C:\Users\Mike\AppData\Local\Macromedia
2016-04-20 07:08:26 229101 ----a-w- C:\ProgramData\1461135813.bdinstall.bin
2016-04-20 07:07:43 261056 ----a-w- C:\Windows\System32\drivers\avchv.sys
2016-04-20 07:00:46 45408 ----a-w- C:\ProgramData\1461135622.bdinstall.bin
2016-04-20 06:45:39 -------- d-----w- C:\Program Files\Common Files\AV
2016-04-20 06:45:39 -------- d-----w- C:\Program Files (x86)\Common Files\AV
2016-04-20 05:29:45 192216 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2016-04-20 05:29:00 64896 ----a-w- C:\Windows\System32\drivers\mwac.sys
2016-04-20 05:29:00 27008 ----a-w- C:\Windows\System32\drivers\mbam.sys
2016-04-20 05:29:00 140672 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2016-04-20 05:28:59 -------- d-----w- C:\ProgramData\Malwarebytes
2016-04-20 05:28:59 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-04-19 15:17:36 11686560 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{51FD56BA-2587-41CD-8D6E-E4E92B55723A}\mpengine.dll
2016-04-12 21:10:59 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2016-04-08 05:45:06 5934784 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe
2016-03-24 08:21:26 462304 ----a-w- C:\Windows\System32\drivers\vsdatant.sys
.
==================== Find3M ====================
.
2016-04-08 05:45:10 797376 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2016-04-08 05:45:10 142528 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2016-04-06 15:18:38 453280 ------w- C:\Windows\System32\MpSigStub.exe
2016-04-04 18:14:06 38120 ----a-w- C:\Windows\System32\CompatTelRunner.exe
2016-04-04 18:02:17 1169408 ----a-w- C:\Windows\System32\aeinv.dll
2016-04-02 13:08:13 1386496 ----a-w- C:\Windows\System32\appraiser.dll
2016-03-29 17:53:59 3216896 ----a-w- C:\Windows\System32\win32k.sys
2016-03-23 14:02:01 215040 ----a-w- C:\Windows\System32\aepic.dll
2016-03-17 23:04:04 706280 ----a-w- C:\Windows\System32\winload.efi
2016-03-17 23:04:04 5551336 ----a-w- C:\Windows\System32\ntoskrnl.exe
2016-03-17 23:04:03 95464 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2016-03-17 23:04:03 154344 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2016-03-17 23:01:15 631176 ----a-w- C:\Windows\System32\winresume.efi
2016-03-17 23:01:02 1732864 ----a-w- C:\Windows\System32\ntdll.dll
2016-03-17 22:58:51 362496 ----a-w- C:\Windows\System32\wow64win.dll
2016-03-17 22:58:51 243712 ----a-w- C:\Windows\System32\wow64.dll
2016-03-17 22:58:51 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2016-03-17 22:58:32 215552 ----a-w- C:\Windows\System32\winsrv.dll
2016-03-17 22:58:26 210432 ----a-w- C:\Windows\System32\wdigest.dll
2016-03-17 22:58:14 86528 ----a-w- C:\Windows\System32\TSpkg.dll
2016-03-17 22:58:05 28672 ----a-w- C:\Windows\System32\sspisrv.dll
2016-03-17 22:58:05 135680 ----a-w- C:\Windows\System32\sspicli.dll
2016-03-17 22:58:04 503808 ----a-w- C:\Windows\System32\srcore.dll
2016-03-17 22:58:04 50176 ----a-w- C:\Windows\System32\srclient.dll
2016-03-17 22:57:31 63488 ----a-w- C:\Windows\System32\setbcdlocale.dll
2016-03-17 22:57:26 28160 ----a-w- C:\Windows\System32\secur32.dll
2016-03-17 22:57:24 344064 ----a-w- C:\Windows\System32\schannel.dll
2016-03-17 22:57:21 190464 ----a-w- C:\Windows\System32\rpchttp.dll
2016-03-17 22:57:21 1212928 ----a-w- C:\Windows\System32\rpcrt4.dll
2016-03-17 22:56:24 2084864 ----a-w- C:\Windows\System32\ole32.dll
2016-03-17 22:56:19 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2016-03-17 22:54:55 312320 ----a-w- C:\Windows\System32\ncrypt.dll
2016-03-17 22:54:51 316416 ----a-w- C:\Windows\System32\msv1_0.dll
2016-03-17 22:54:47 60416 ----a-w- C:\Windows\System32\msobjs.dll
2016-03-17 22:54:27 146432 ----a-w- C:\Windows\System32\msaudite.dll
2016-03-17 22:53:23 1464320 ----a-w- C:\Windows\System32\lsasrv.dll
2016-03-17 22:53:15 731136 ----a-w- C:\Windows\System32\kerberos.dll
2016-03-17 22:53:15 419840 ----a-w- C:\Windows\System32\KernelBase.dll
2016-03-17 22:36:28 3998952 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2016-03-17 22:36:28 3943144 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2016-03-17 22:33:29 1314112 ----a-w- C:\Windows\SysWow64\ntdll.dll
2016-03-17 22:31:09 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2016-03-17 22:31:09 666112 ----a-w- C:\Windows\SysWow64\rpcrt4.dll
2016-03-17 22:31:09 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2016-03-17 22:31:09 275456 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2016-03-17 22:30:43 171520 ----a-w- C:\Windows\SysWow64\wdigest.dll
2016-03-17 22:30:35 65536 ----a-w- C:\Windows\SysWow64\TSpkg.dll
2016-03-17 22:30:00 43008 ----a-w- C:\Windows\SysWow64\srclient.dll
2016-03-17 22:29:26 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2016-03-17 22:29:24 251392 ----a-w- C:\Windows\SysWow64\schannel.dll
2016-03-17 22:29:22 141312 ----a-w- C:\Windows\SysWow64\rpchttp.dll
2016-03-17 22:28:21 1414144 ----a-w- C:\Windows\SysWow64\ole32.dll
2016-03-17 22:27:53 223232 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2016-03-17 22:27:50 260608 ----a-w- C:\Windows\SysWow64\msv1_0.dll
2016-03-17 22:27:46 60416 ----a-w- C:\Windows\SysWow64\msobjs.dll
2016-03-17 22:27:31 146432 ----a-w- C:\Windows\SysWow64\msaudite.dll
2016-03-17 22:26:26 553984 ----a-w- C:\Windows\SysWow64\kerberos.dll
2016-03-17 22:25:00 17408 ----a-w- C:\Windows\SysWow64\credssp.dll
2016-03-17 21:53:08 148480 ----a-w- C:\Windows\System32\appidpolicyconverter.exe
2016-03-17 21:52:51 62464 ----a-w- C:\Windows\System32\drivers\appid.sys
2016-03-17 21:52:48 17920 ----a-w- C:\Windows\System32\appidcertstorecheck.exe
2016-03-17 21:51:25 64000 ----a-w- C:\Windows\System32\auditpol.exe
2016-03-17 21:44:54 338432 ----a-w- C:\Windows\System32\conhost.exe
2016-03-17 21:43:20 296960 ----a-w- C:\Windows\System32\rstrui.exe
2016-03-17 21:41:01 50176 ----a-w- C:\Windows\SysWow64\auditpol.exe
2016-03-17 21:38:06 159744 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys
2016-03-17 21:37:14 291328 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys
2016-03-17 21:37:11 129536 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys
2016-03-17 21:35:42 30720 ----a-w- C:\Windows\System32\lsass.exe
2016-03-17 21:35:33 112640 ----a-w- C:\Windows\System32\smss.exe
2016-03-17 21:30:55 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2016-03-17 21:30:53 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2016-03-17 21:30:52 2048 ----a-w- C:\Windows\SysWow64\user.exe
2016-03-17 21:29:13 36352 ----a-w- C:\Windows\SysWow64\cryptbase.dll
2016-03-17 21:29:00 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2016-03-17 21:29:00 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2016-03-17 21:29:00 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2016-03-17 21:29:00 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2016-03-17 18:04:39 698368 ----a-w- C:\Windows\System32\generaltel.dll
2016-03-17 18:04:39 499200 ----a-w- C:\Windows\System32\devinv.dll
2016-03-17 18:04:39 279040 ----a-w- C:\Windows\System32\invagent.dll
2016-03-17 18:04:38 76800 ----a-w- C:\Windows\System32\acmigration.dll
2016-03-16 18:50:06 156672 ----a-w- C:\Windows\System32\mtxoci.dll
2016-03-16 18:28:15 111616 ----a-w- C:\Windows\SysWow64\mtxoci.dll
2016-03-16 18:28:12 176128 ----a-w- C:\Windows\SysWow64\msorcl32.dll
2016-03-16 00:16:10 760320 ----a-w- C:\Windows\System32\samsrv.dll
2016-03-16 00:16:10 106496 ----a-w- C:\Windows\System32\samlib.dll
2016-03-15 23:53:30 60416 ----a-w- C:\Windows\SysWow64\samlib.dll
2016-03-11 18:57:00 2048 ----a-w- C:\Windows\System32\tzres.dll
2016-03-11 18:35:16 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2016-03-06 18:53:26 2048 ----a-w- C:\Windows\System32\msxml3r.dll
2016-03-06 18:53:25 1885696 ----a-w- C:\Windows\System32\msxml3.dll
2016-03-06 18:38:52 2048 ----a-w- C:\Windows\SysWow64\msxml3r.dll
2016-03-06 18:38:52 1240576 ----a-w- C:\Windows\SysWow64\msxml3.dll
2016-02-12 18:52:23 98816 ----a-w- C:\Windows\System32\wudriver.dll
2016-02-12 18:52:23 3169792 ----a-w- C:\Windows\System32\wucltux.dll
2016-02-12 18:52:23 192512 ----a-w- C:\Windows\System32\wuwebv.dll
2016-02-12 18:44:43 91136 ----a-w- C:\Windows\System32\WinSetupUI.dll
2016-02-12 18:39:55 174080 ----a-w- C:\Windows\SysWow64\wuwebv.dll
2016-02-12 18:18:22 37888 ----a-w- C:\Windows\System32\wuapp.exe
.
============= FINISH: 13:15:25.60 ===============