My machine has slowed down completely and I am suspecting malware:
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16561 BrowserJavaVersion: 10.65.2
Run by jc at 17:14:21 on 2014-08-01
Microsoft Windows 7 Enterprise 6.1.7601.1.1252.44.1033.18.8073.5164 [GMT 1:00]
.
AV: Symantec Endpoint Protection *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Symantec Endpoint Protection *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Symantec Endpoint Protection *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\IDT\WDM\AESTSr64.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k HsfXAudioService
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\DRIVERS\o2flash.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k regsvc
C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\CCM\CcmExec.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\CCM\RemCtrl\CmRcService.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Microsoft Policy Platform\policyHost.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Windows\CCM\SCNotification.exe
C:\ProgramData\App-V\D24C3BDD-8FAD-44D3-998C-933F8F053682\FA0011EA-B771-4F35-A11C-6070B7AAD884\Root\Office15\lync.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\System32\mobsync.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskmgr.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\ProgramData\App-V\D24C3BDD-8FAD-44D3-998C-933F8F053682\FA0011EA-B771-4F35-A11C-6070B7AAD884\Root\Office15\UcMapi.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\ProgramData\App-V\D24C3BDD-8FAD-44D3-998C-933F8F053682\FA0011EA-B771-4F35-A11C-6070B7AAD884\Root\Office15\OCHelper.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\ProgramData\App-V\D24C3BDD-8FAD-44D3-998C-933F8F053682\FA0011EA-B771-4F35-A11C-6070B7AAD884\Root\Office15\URLREDIR.DLL
BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\ProgramData\App-V\D24C3BDD-8FAD-44D3-998C-933F8F053682\FA0011EA-B771-4F35-A11C-6070B7AAD884\Root\Office15\GROOVEEX.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
EB: Developer Tools: {1A6FE369-F28C-4AD9-A3E6-2BCB50807CF1} - C:\Program Files (x86)\Internet Explorer\iedvtool.dll
mRun: [ccApp] "C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\VPNGUI~1.LNK - C:\Windows\Installer\{467D5E81-8349-4892-9E81-C3674ED8E451}\Icon09DB8A851.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-Explorer: NoDrives = dword:0
uPolicies-Windows\System: ExcludeProfileDirs = downloads;My Documents;Application Data\Microsoft\Office\Live Meeting\Quicksilver;Application Data\Sun;workspace;OutlookPST;AppData\Roaming\Apple Computer\iTunes\iPad Software Updates;AppData\Roaming\Apple Computer\iTunes\iPhone Software Updates;AppData\Roaming\Apple Computer\iTunes\iPod Software Updates
mPolicies-Explorer: NoWelcomeScreen = dword:1
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
mPolicies-Windows\System: UserProfileMinTransferRate = dword:20000
mPolicies-Windows\System: SlowLinkTimeOut = dword:50
mPolicies-Windows\System: SlowLinkUIEnabled = dword:1
mPolicies-Windows\System: AddAdminGroupToRUP = dword:1
IE: E&xport to Microsoft Excel - C:\Users\jc\AppData\Local\Microsoft\AppV\Client\Integration\D24C3BDD-8FAD-44D3-998C-933F8F053682\Root\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\ProgramData\App-V\D24C3BDD-8FAD-44D3-998C-933F8F053682\FA0011EA-B771-4F35-A11C-6070B7AAD884\Root\Office15\ONBttnIE.dll
IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\ProgramData\App-V\D24C3BDD-8FAD-44D3-998C-933F8F053682\FA0011EA-B771-4F35-A11C-6070B7AAD884\Root\Office15\OCHelper.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\ProgramData\App-V\D24C3BDD-8FAD-44D3-998C-933F8F053682\FA0011EA-B771-4F35-A11C-6070B7AAD884\Root\Office15\ONBttnIELinkedNotes.dll
Trusted Zone: cfer.com
Trusted Zone: globalcrossing.com
Trusted Zone: livemeeting.com
Trusted Zone: microsoftonline.com
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/ ... ontrol.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
TCP: NameServer = 172.18.0.77 172.18.0.52
TCP: Interfaces\{1DAC514A-F66C-4DA9-B6AF-0767EE108C6A}\244584572633D283A573D4 : DHCPNameServer = 192.168.1.254 192.168.1.254
TCP: Interfaces\{1DAC514A-F66C-4DA9-B6AF-0767EE108C6A}\D4D47402759464940284F4453505F445 : DHCPNameServer = 208.67.222.220 208.67.222.222
TCP: Interfaces\{87A47B8B-0ED0-4BC7-85F9-832A6D2E83F1} : DHCPNameServer = 172.18.0.77 172.18.0.52
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\ProgramData\App-V\D24C3BDD-8FAD-44D3-998C-933F8F053682\FA0011EA-B771-4F35-A11C-6070B7AAD884\Root\Office15\MSOSB.DLL
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\ProgramData\App-V\D24C3BDD-8FAD-44D3-998C-933F8F053682\FA0011EA-B771-4F35-A11C-6070B7AAD884\Root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll
x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\ProgramData\App-V\D24C3BDD-8FAD-44D3-998C-933F8F053682\FA0011EA-B771-4F35-A11C-6070B7AAD884\Root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL
x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\ProgramData\App-V\D24C3BDD-8FAD-44D3-998C-933F8F053682\FA0011EA-B771-4F35-A11C-6070B7AAD884\Root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\ProgramData\App-V\D24C3BDD-8FAD-44D3-998C-933F8F053682\FA0011EA-B771-4F35-A11C-6070B7AAD884\Root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\ProgramData\App-V\D24C3BDD-8FAD-44D3-998C-933F8F053682\FA0011EA-B771-4F35-A11C-6070B7AAD884\Root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\ProgramData\App-V\D24C3BDD-8FAD-44D3-998C-933F8F053682\FA0011EA-B771-4F35-A11C-6070B7AAD884\Root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
x64-Trusted Zone: cer.com
x64-Trusted Zone: cfer.com
x64-Trusted Zone: globalcrossing.com
x64-Trusted Zone: livemeeting.com
x64-Trusted Zone: microsoftonline.com
x64-Trusted Zone: yps.pqe
x64-Trusted Zone: yps.pqe
x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
x64-DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\jc\AppData\Roaming\Mozilla\Firefox\Profiles\0j5rd2qu.default\
FF - prefs.js: browser.search.selectedEngine - Google Default
FF - prefs.js: browser.startup.homepage - www.google.com
FF - prefs.js: network.proxy.type - 4
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrlui.dll
FF - plugin: C:\ProgramData\App-V\D24C3BDD-8FAD-44D3-998C-933F8F053682\FA0011EA-B771-4F35-A11C-6070B7AAD884\Root\Office15\NPSPWRAP.DLL
FF - plugin: C:\ProgramData\App-V\D24C3BDD-8FAD-44D3-998C-933F8F053682\FA0011EA-B771-4F35-A11C-6070B7AAD884\Root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npMeetingJoinPluginOC.dll
FF - plugin: C:\Users\jc\AppData\Roaming\Mozilla\plugins\npatgpc.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll
.
============= SERVICES / DRIVERS ===============
.
R0 stdcfltn;Disk Class Filter Driver for Accelerometer;C:\Windows\System32\drivers\stdcfltn.sys [2012-7-6 21616]
R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2012-7-6 89600]
R2 AppVClient;Microsoft App-V Client;C:\Program Files\Microsoft Application Virtualization\Client\AppVClient.exe [2013-3-29 685208]
R2 CmRcService;Configuration Manager Remote Control;C:\Windows\CCM\RemCtrl\CmRcService.exe [2013-9-11 577720]
R2 HsfXAudioService;HsfXAudioService;C:\Windows\System32\svchost.exe -k HsfXAudioService [2009-7-14 27136]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-7-30 1809720]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-7-30 860472]
R2 Symantec AntiVirus;Symantec Endpoint Protection;C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe [2011-3-28 1839888]
R3 Acceler;Accelerometer Service;C:\Windows\System32\drivers\Accelern.sys [2012-7-6 27760]
R3 AppvStrm;AppvStrm;C:\Windows\System32\drivers\AppvStrm.sys [2013-3-29 104616]
R3 AppvVemgr;AppvVemgr;C:\Windows\System32\drivers\AppvVemgr.sys [2013-3-29 175256]
R3 AppvVfs;AppvVfs;C:\Windows\System32\drivers\AppvVfs.sys [2013-3-29 141480]
R3 CAXHWAZL;CAXHWAZL;C:\Windows\System32\drivers\CAXHWAZL.sys [2012-7-6 292864]
R3 cvusbdrv;Dell ControlVault;C:\Windows\System32\drivers\cvusbdrv.sys [2012-7-6 38440]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2014-6-10 142128]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2012-7-6 317440]
R3 lpasvc;Microsoft Policy Platform Local Authority;C:\Program Files\Microsoft Policy Platform\policyHost.exe [2012-8-2 50280]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2014-7-30 25816]
R3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\drivers\MBAMSwissArmy.sys [2014-7-30 122584]
R3 MBAMWebAccessControl;MBAMWebAccessControl;C:\Windows\System32\drivers\mwac.sys [2014-7-30 63704]
R3 O2MDFRDR;O2MDFRDR;C:\Windows\System32\drivers\o2mdfw7x64.sys [2012-7-6 72808]
R3 O2SDJRDR;O2SDJRDR;C:\Windows\System32\drivers\o2sdjw7x64.sys [2012-7-6 75240]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 dc21x4vm;dc21x4vm;C:\Windows\System32\drivers\dc21x4vm.sys [2009-6-10 57344]
S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2010-11-21 71168]
S3 lppsvc;Microsoft Policy Platform Processor;C:\Program Files\Microsoft Policy Platform\policyHost.exe [2012-8-2 50280]
S3 netvsc;netvsc;C:\Windows\System32\drivers\netvsc60.sys [2010-11-21 168448]
S3 O2MDRRDR;O2MDRRDR;C:\Windows\System32\drivers\O2MDRw7x64.sys [2012-7-6 74984]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-21 20992]
S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 27136]
S3 Synth3dVsc;Synth3dVsc;C:\Windows\System32\drivers\Synth3dVsc.sys [2010-11-21 88960]
S3 SynthVid;SynthVid;C:\Windows\System32\drivers\VMBusVideoM.sys [2010-11-21 22528]
S3 terminpt;Microsoft Remote Desktop Input Driver;C:\Windows\System32\drivers\terminpt.sys [2010-11-21 34816]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 tsusbhub;tsusbhub;C:\Windows\System32\drivers\tsusbhub.sys [2010-11-21 117248]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-10-3 1255736]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464]
.
=============== File Associations ===============
.
ShellExec: dreamweaver.exe: Open="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS3\dreamweaver.exe", "%1"
.
=============== Created Last 30 ================
.
2014-08-01 15:50:02 20080 ----a-w- C:\Program Files (x86)\Mozilla Firefox\AccessibleMarshal.dll
2014-08-01 15:50:01 75376 ----a-w- C:\Program Files (x86)\Mozilla Firefox\breakpadinjector.dll
2014-08-01 15:50:01 46704 ----a-w- C:\Program Files (x86)\Mozilla Firefox\browser\components\browsercomps.dll
2014-08-01 15:50:01 2106216 ----a-w- C:\Program Files (x86)\Mozilla Firefox\D3DCompiler_43.dll
2014-07-31 14:30:37 -------- d-sh--w- C:\$RECYCLE.BIN
2014-07-31 13:37:26 -------- d-s---w- C:\ComboFix
2014-07-30 14:25:38 122584 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-07-30 14:24:53 91352 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2014-07-30 14:24:53 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys
2014-07-30 14:24:53 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys
2014-07-30 14:24:53 -------- d-----w- C:\ProgramData\Malwarebytes
2014-07-30 14:24:53 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-24 08:33:29 98216 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2014-07-23 13:18:07 588496 ----a-w- C:\ProgramData\Microsoft\ClickToRun\{D24C3BDD-8FAD-44d3-998C-933F8F053682}\Integrator.exe
2014-07-23 13:08:27 98880 ----a-w- C:\ProgramData\Microsoft\AppV\Client\Integration\D24C3BDD-8FAD-44D3-998C-933F8F053682\Root\Office15\TaxonomyControl.dll
2014-07-16 11:01:37 588496 ----a-w- C:\Users\jc\AppData\Roaming\Microsoft\ClickToRun\{D24C3BDD-8FAD-44d3-998C-933F8F053682}\Integrator.exe
2014-07-15 12:59:14 -------- d-----w- C:\ProgramData\App-V
2014-07-14 09:50:59 497152 ----a-w- C:\Windows\System32\drivers\afd.sys
2014-07-14 09:47:39 449024 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\tabskb.dll
2014-07-14 09:47:38 692736 ----a-w- C:\Windows\System32\osk.exe
2014-07-14 09:47:38 646144 ----a-w- C:\Windows\SysWow64\osk.exe
2014-07-14 09:47:38 3157504 ----a-w- C:\Windows\System32\win32k.sys
2014-07-14 09:47:28 624128 ----a-w- C:\Windows\System32\qedit.dll
2014-07-14 09:47:27 509440 ----a-w- C:\Windows\SysWow64\qedit.dll
2014-07-14 09:43:40 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2014-07-14 09:43:40 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2014-07-14 09:43:39 1460736 ----a-w- C:\Windows\System32\lsasrv.dll
2014-07-14 09:01:50 -------- d-----w- C:\Program Files\Microsoft Application Virtualization
2014-07-14 09:01:23 -------- d-----w- C:\ProgramData\Package Cache
2014-07-11 09:34:59 -------- d-----w- C:\ux-framework-new
.
==================== Find3M ====================
.
2014-07-14 11:17:08 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-07-14 11:17:08 699056 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-06-07 02:59:53 2339328 ----a-w- C:\Windows\System32\jscript9.dll
2014-06-07 02:51:22 1494016 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-06-07 02:51:06 1392128 ----a-w- C:\Windows\System32\wininet.dll
2014-06-07 02:45:37 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2014-06-07 02:45:17 599040 ----a-w- C:\Windows\System32\vbscript.dll
2014-06-07 02:40:25 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2014-06-07 02:39:40 12800 ----a-w- C:\Windows\System32\mshta.exe
2014-06-06 23:12:01 1810432 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-06-06 23:03:02 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-06-06 23:02:16 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-06-06 22:57:04 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2014-06-06 22:56:20 421376 ----a-w- C:\Windows\SysWow64\vbscript.dll
2014-06-06 22:52:42 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-06-06 22:51:59 11776 ----a-w- C:\Windows\SysWow64\mshta.exe
2014-05-14 16:21:04 2620928 ----a-w- C:\Windows\System32\wucltux.dll
2014-05-14 16:20:45 97792 ----a-w- C:\Windows\System32\wudriver.dll
2014-05-14 16:17:10 92672 ----a-w- C:\Windows\SysWow64\wudriver.dll
2014-05-14 08:23:04 198600 ----a-w- C:\Windows\System32\wuwebv.dll
2014-05-14 08:23:04 179656 ----a-w- C:\Windows\SysWow64\wuwebv.dll
2014-05-14 08:20:46 36864 ----a-w- C:\Windows\System32\wuapp.exe
2014-05-14 08:17:14 33792 ----a-w- C:\Windows\SysWow64\wuapp.exe
2014-05-08 09:32:02 1112064 ----a-w- C:\Windows\System32\rdpcorets.dll
.
============= FINISH: 17:20:08.79 ===============