Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Suspected adware

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Suspected adware

Unread postby xenton » May 11th, 2015, 4:42 pm

Hi,

I'm getting advertising links on every webpage I visit, in both chrome and IE. These usually take the form of links inserted into the text of the webpage. When I hover the mouse over these I get the text "Click to continue > by provider". Sometimes they will be larger picture based adds that obstruct part of the web page. Sometimes clicking on any part of a webpage will cause another windows to open with an ad. For example, when I clicked on the subject box to enter the subject text of this post it caused an advert to open in another window. I have had what sounded like audio from an advertising video playing, but with no web pages open, so I couldn't stop it.

Thanks for your time.

Here are the logs:

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17728 BrowserJavaVersion: 11.31.2
Run by Mark at 21:26:45 on 2015-05-11
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.44.1033.18.16267.11947 [GMT 1:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Microsoft Security Essentials *Enabled/Updated* {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Spybot - Search and Destroy *Enabled/Outdated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Users\Mark\AppData\Local\888PokerCoach\888PokerCoach_service.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\igfxCUIService.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
C:\Program Files (x86)\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\sysWow64\CtHdaSvc.exe
C:\Program Files\Scarlet Crush Productions\ScpServer\ScpService.exe
C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
E:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Windows\system32\IProsetMonitor.exe
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
C:\Program Files (x86)\Norton Ghost\Agent\VProSvc.exe
E:\Program Files (x86)\PlayMemories Home\PMBDeviceInfoProvider.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Program Files (x86)\IT Viewer\privoxy.exe
E:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
C:\Windows\system32\svchost.exe -k imgsvc
E:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\wbem\wmiprvse.exe
E:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\Windows\system32\taskhost.exe
E:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
C:\Program Files (x86)\Norton Ghost\Shared\Drivers\SymSnapServicex64.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\igfxEM.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
E:\Program Files\ZuneLauncher.exe
C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe
C:\Users\Mark\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Mark\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
E:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Windows\System32\mobsync.exe
C:\Windows\system32\svchost.exe -k WindowsMobile
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\SteelSeries\World of Warcraft Cataclysm MMO Gaming Mouse\WoWMHID2.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\SteelSeries\World of Warcraft Cataclysm MMO Gaming Mouse\WoWMTray2.exe
C:\Program Files (x86)\Creative\Sound Blaster Z-Series\Sound Blaster Z-Series Control Panel\SBZ.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Windows\system32\wbem\unsecapp.exe
E:\Program Files (x86)\PlayMemories Home\PMBVolumeWatcher.exe
C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\SLSTaskbar.exe
C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\SLSTaskbar64.exe
C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe
C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Users\Mark\AppData\Local\888PokerCoach\888PokerCoachLauncher.exe
C:\Users\Mark\AppData\Local\888PokerCoach\888PokerCoach.exe
C:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Users\Mark\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Mark\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Mark\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Mark\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Mark\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Mark\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Mark\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Mark\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wuauclt.exe
C:\Users\Mark\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskhost.exe
C:\Users\Mark\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
mStart Page = hxxp://www.google.com
mSearch Bar = hxxp://www.google.com
mSearch Page = hxxp://www.google.com
uProxyServer = 127.0.0.1:8118
uProxyOverride = local
mWinlogon: Userinit = userinit.exe,
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll
BHO: {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - <orphaned>
BHO: CIESpeechBHO Class: {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: SecureWebBHO Class: {D3C24E2B-C820-4492-9B69-11BF7163F998} -
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll
uRun: [AdobeBridge] <no file>
mRun: [SteelSeries World of Warcraft Cataclysm MMO Gaming Mouse] "C:\Program Files (x86)\SteelSeries\World of Warcraft Cataclysm MMO Gaming Mouse\WoWMHID2.exe"
mRun: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
mRun: [UpdReg] C:\Windows\UpdReg.EXE
mRun: [Sound Blaster Z-Series Control Panel] "C:\Program Files (x86)\Creative\Sound Blaster Z-Series\Sound Blaster Z-Series Control Panel\SBZ.exe" /r
mRun: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
mRun: [SDTray] "E:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
mRun: [Raptr] "C:\Program Files (x86)\Raptr\raptrstub.exe" --startup
mRun: [StartCCC] "C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
mRun: [PMBVolumeWatcher] E:\Program Files (x86)\PlayMemories Home\PMBVolumeWatcher.exe /SysAutoRun
StartupFolder: C:\Users\Mark\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - E:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200
IE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} - hxxp://www.nvidia.com/content/DriverDow ... ab_nvd.cab
DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} - hxxp://ccfiles.creative.com/Web/softwar ... TSUEng.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0017-0000-0025-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/f ... wflash.cab
DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} - hxxp://ccfiles.creative.com/Web/softwar ... PIDPDE.cab
DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://ccfiles.creative.com/Web/softwar ... /CTPID.cab
TCP: NameServer = 194.168.4.100 194.168.8.100
TCP: Interfaces\{E46D526F-1159-4181-AF48-322CCEF51FD4} : DHCPNameServer = 194.168.4.100 194.168.8.100
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
Notify: SDWinLogon - SDWinLogon.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - E:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
x64-mWinlogon: Userinit = C:\Windows\System32\userinit.exe
x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll
x64-BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll
x64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - LocalServer32 - <no file>
x64-Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-Run: [AtherosBtStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
x64-Run: [AthBtTray] "C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
x64-Run: [Zune Launcher] "E:\Program Files\ZuneLauncher.exe"
x64-Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
.
INFO: x64-HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
x64-DPF: {CAFEEFAC-0017-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;avast! Revert;C:\Windows\System32\drivers\aswRvrt.sys [2013-9-20 65776]
R0 aswVmm;avast! VM Monitor;C:\Windows\System32\drivers\aswVmm.sys [2013-9-20 208416]
R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2014-2-13 20464]
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2014-11-15 274696]
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2013-5-20 56336]
R1 AppleCharger;AppleCharger;C:\Windows\System32\drivers\AppleCharger.sys [2014-2-13 21584]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswsnx.sys [2011-8-9 1039096]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswsp.sys [2011-8-9 423240]
R1 CLBStor;InstantBurn Storage Helper Driver;C:\Windows\System32\drivers\CLBStor.sys [2012-3-18 24560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2011-12-3 270912]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver;C:\Windows\System32\drivers\HWiNFO64A.SYS [2013-10-1 31136]
R1 MpKsl74b9393b;MpKsl74b9393b;C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E8F847B6-5F59-4C2D-8F44-186FD464AF74}\MpKsl74b9393b.sys [2015-5-11 45352]
R1 SMR430;Symantec SMR Utility Service 4.3.0;C:\Windows\System32\drivers\SMR430.SYS [2015-5-11 108216]
R1 UsbCharger;UsbCharger;C:\Windows\System32\drivers\UsbCharger.sys [2014-2-13 21584]
R2 888PokerCoach;888Poker Coach Service;C:\Users\Mark\AppData\Local\888PokerCoach\888PokerCoach_service.exe [2015-3-28 74752]
R2 AdobeUpdateService;AdobeUpdateService;C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [2015-4-20 603312]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2014-11-21 244736]
R2 amdacpksd;ACP Kernel Service Driver;C:\Windows\System32\drivers\amdacpksd.sys [2014-11-21 294600]
R2 amdacpusrsvc;ACP User Service;C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [2014-11-20 116224]
R2 aswHwid;avast! HardwareID;C:\Windows\System32\drivers\aswHwid.sys [2014-5-31 29208]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2011-8-9 79184]
R2 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Bluetooth Suite\AdminService.exe [2011-3-31 75936]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-5-31 50344]
R2 CLBUDF;CyberLink InstantBurn UDF Filesystem;C:\Windows\System32\drivers\CLBUDF.sys [2012-3-18 376304]
R2 cpuz135;cpuz135;C:\Windows\System32\drivers\cpuz135_x64.sys [2011-8-8 21992]
R2 CtHdaSvc;Sound Blaster Audio Service;C:\Windows\SysWOW64\CtHdaSvc.exe [2013-7-3 112640]
R2 Ds3Service;SCP DS3 Service;C:\Program Files\Scarlet Crush Productions\ScpServer\ScpService.exe [2014-4-11 381952]
R2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;E:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [2013-8-31 9216]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service;C:\Windows\System32\igfxCUIService.exe [2014-8-14 324424]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-8-27 747520]
R2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;C:\Windows\System32\IPROSetMonitor.exe [2013-7-8 195336]
R2 iocbios2;iocbios2;C:\Program Files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [2014-6-17 28912]
R2 NIHardwareService;NIHardwareService;C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [2012-9-5 6364024]
R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2014-11-15 124560]
R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;E:\Program Files (x86)\PlayMemories Home\PMBDeviceInfoProvider.exe [2015-4-17 494592]
R2 PrivoxyService;Privoxy (PrivoxyService);C:\Program Files (x86)\IT Viewer\privoxy.exe [2015-5-1 371200]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;E:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2014-4-2 3921880]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;E:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2014-4-2 1042272]
R2 SDWSCService;Spybot-S&D 2 Security Center Service;E:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2014-4-2 171416]
R2 ss_conn_service;SAMSUNG Mobile Connectivity Service;C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [2015-1-6 743688]
R2 TomTomHOMEService;TomTomHOMEService;E:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2014-6-5 93040]
R2 XTU3SERVICE;Intel(R) Extreme Tuning Utility Service;C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe [2014-7-9 18384]
R3 AcpiCtlDrv;AcpiCtlDrv;C:\Windows\System32\drivers\AcpiCtlDrv.sys [2012-7-17 25880]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2014-6-21 94720]
R3 BTATH_BUS;Atheros Bluetooth Bus;C:\Windows\System32\drivers\btath_bus.sys [2011-3-31 29344]
R3 busenum;SteelBusSvc;C:\Windows\System32\drivers\SteelBus64.sys [2012-5-23 112128]
R3 cthda;Sound Blaster Audio Driver;C:\Windows\System32\drivers\cthda.sys [2013-7-3 1060632]
R3 cthdb;Sound Blaster Audio Controller Driver;C:\Windows\System32\drivers\cthdb.sys [2013-7-3 34072]
R3 e1dexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver D;C:\Windows\System32\drivers\e1d62x64.sys [2014-2-13 495376]
R3 EuMusDesignVirtualAudioCableWdm;Virtual Audio Cable (WDM);C:\Windows\System32\drivers\vrtaucbl.sys [2013-8-10 98464]
R3 GenericMount;Generic Mount Driver;C:\Windows\System32\drivers\GenericMount.sys [2009-9-21 66608]
R3 GRemoteBus;GRemote virtual joystick Bus Enumerator;C:\Windows\System32\drivers\GRemoteBus64.sys [2009-8-5 27336]
R3 GRemoteJoy;GRemote virtual joystick Device Driver;C:\Windows\System32\drivers\GRemoteJoy64.sys [2009-8-5 46792]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2014-2-14 171480]
R3 ICCWDT;Intel(R) Watchdog Timer Driver (Intel(R) WDT);C:\Windows\System32\drivers\ICCWDT.sys [2013-8-13 27608]
R3 iusb3hub;Intel(R) USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2014-2-13 368112]
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2014-2-13 786416]
R3 ManyCam;ManyCam Virtual Webcam;C:\Windows\System32\drivers\mcvidrv_x64.sys [2012-1-11 34304]
R3 mcaudrv_simple;ManyCam Virtual Microphone;C:\Windows\System32\drivers\mcaudrv_x64.sys [2012-2-22 28160]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2015-1-30 366512]
R3 RDPDISPM;RDPDISPM;C:\Windows\System32\drivers\rdpdispm.sys [2010-8-31 10752]
R3 SAlphamHid;SteelHIDSvc;C:\Windows\System32\drivers\SAlpham64.sys [2012-5-21 34944]
R3 ScpVBus;Scp Virtual Bus Driver;C:\Windows\System32\drivers\ScpVBus.sys [2014-4-11 39168]
R3 SSMO3v2Filter;MMO3v2 Mouse;C:\Windows\System32\drivers\MO3v2Driver.sys [2012-7-20 23040]
R3 SymSnapService;SymSnapService;C:\Program Files (x86)\Norton Ghost\Shared\Drivers\SymSnapServicex64.exe [2009-9-21 2963960]
S2 aswStm;aswStm;C:\Windows\System32\drivers\aswstm.sys [2014-5-31 85328]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-4-12 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-4-11 124088]
S2 Live Malware Protection;Live Malware Protection;C:\Windows\mlwps.exe --> C:\Windows\mlwps.exe [?]
S2 OpenVPNAccessClient;OpenVPN Access Client;C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\core\capiws.exe [2012-10-12 24064]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-2-18 315488]
S2 WinkHandler;WinkHandler;C:\Program Files (x86)\Iminent\WinkHandler.exe --> C:\Program Files (x86)\Iminent\WinkHandler.exe [?]
S3 AppleChargerSrv;AppleChargerSrv;system32\AppleChargerSrv.exe --> system32\AppleChargerSrv.exe [?]
S3 AthBTPort;Atheros Virtual Bluetooth Class;C:\Windows\System32\drivers\btath_flt.sys [2011-3-31 36000]
S3 ATHDFU;Atheros Valkyrie USB BootROM;C:\Windows\System32\drivers\AthDfu.sys [2011-3-31 51872]
S3 BEHRINGER_2902;usb-audio.de driver for BEHRINGER USB AUDIO;C:\Windows\System32\drivers\BUSB2902.sys [2012-6-10 460864]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\Windows\System32\drivers\btath_a2dp.sys [2011-3-31 259232]
S3 btath_avdt;Atheros Bluetooth AVDT Service;C:\Windows\System32\drivers\btath_avdt.sys [2011-3-31 109216]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\Windows\System32\drivers\btath_hcrp.sys [2011-3-31 166048]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\Windows\System32\drivers\btath_lwflt.sys [2011-3-31 59040]
S3 BTATH_RCP;Bluetooth AVRCP Device;C:\Windows\System32\drivers\btath_rcp.sys [2011-3-31 283296]
S3 BtFilter;BtFilter;C:\Windows\System32\drivers\btfilter.sys [2011-3-31 287392]
S3 BtHidBus;BtHidBus;C:\Windows\System32\drivers\BtHidBus.sys [2013-10-8 24032]
S3 BUSB_AUDIO_WDM;BEHRINGER USB WDM AUDIO;C:\Windows\System32\drivers\busbwdm.sys [2012-6-10 49728]
S3 CGVPNCliSrvc;CyberGhost VPN Client;C:\Program Files\CyberGhost VPN\CGVPNCliService.exe [2012-11-19 2438696]
S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2014-2-13 79360]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2014-2-13 79360]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\drivers\ssudbus.sys [2015-1-6 110336]
S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2011-8-12 71168]
S3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [2013-9-5 166112]
S3 GenericMount Helper Service;GenericMount Helper Service;C:\Program Files (x86)\Norton Ghost\Shared\Drivers\GenericMountHelperx64.exe [2010-2-12 2227216]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2015-4-15 114688]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-8-27 828376]
S3 IvtAudioBusSrv;IvtAudioBusSrv;C:\Windows\System32\drivers\IvtBtBus.sys [2012-12-24 27256]
S3 IvtPanBusSrv;IvtPanBusSrv;C:\Windows\System32\drivers\btnetBus.sys [2012-12-24 31480]
S3 MBfilt;MBfilt;C:\Windows\System32\drivers\MBfilt64.sys [2011-8-8 32344]
S3 NTIOLib_1_0_4;NTIOLib_1_0_4;C:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys [2013-12-16 14136]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2011-2-10 82432]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2011-2-10 181760]
S3 NvStUSB;NVIDIA Stereoscopic 3D USB driver;C:\Windows\System32\drivers\nvstusb.sys [2013-2-21 448288]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-12-27 19456]
S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2013-10-18 849992]
S3 RTL8192cu;Realtek RTL8192CU Wireless LAN 802.11n USB 2.0 Network Adapter;C:\Windows\System32\drivers\RTL8192cu.sys [2010-8-12 748648]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\drivers\ssudmdm.sys [2015-1-6 206080]
S3 Symantec SymSnap VSS Provider;Symantec SymSnap VSS Provider;C:\Windows\System32\dllhost.exe [2009-7-14 9728]
S3 Synth3dVsc;Microsoft Virtual 3D Video Transport Driver;C:\Windows\System32\drivers\Synth3dVsc.sys [2011-8-12 88960]
S3 tapoas;TAP-Win32 Adapter OAS;C:\Windows\System32\drivers\tapoas.sys [2012-7-15 30720]
S3 terminpt;Microsoft Remote Desktop Input Driver;C:\Windows\System32\drivers\terminpt.sys [2013-12-27 29696]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2014-10-10 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2013-12-27 30208]
S3 tsusbhub;Remote Deskotop USB Hub;C:\Windows\System32\drivers\tsusbhub.sys [2011-8-12 117248]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-8-12 1255736]
S3 WinRing0_1_2_0;WinRing0_1_2_0;V:\Program Files (x86)\PlayClaw 5\WinRing0x64.sys [2014-2-7 14544]
S3 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2015-05-11 20:07:43 75888 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E8F847B6-5F59-4C2D-8F44-186FD464AF74}\offreg.dll
2015-05-11 20:07:42 45352 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E8F847B6-5F59-4C2D-8F44-186FD464AF74}\MpKsl74b9393b.sys
2015-05-11 20:04:11 1187344 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{99C4CFF0-EFF9-48FE-96B2-30F0C8FB3C98}\gapaengine.dll
2015-05-11 20:04:08 12032440 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E8F847B6-5F59-4C2D-8F44-186FD464AF74}\mpengine.dll
2015-05-11 20:02:19 -------- d-----w- C:\Program Files (x86)\Microsoft Security Client
2015-05-11 20:02:18 -------- d-----w- C:\Program Files\Microsoft Security Client
2015-05-11 19:50:39 -------- d-----w- C:\NPE
2015-05-11 19:49:28 -------- d-----w- C:\ProgramData\SMR430
2015-05-11 19:30:39 108216 ----a-w- C:\Windows\System32\drivers\SMR430.SYS
2015-05-11 19:30:33 -------- d-----w- C:\Users\Mark\AppData\Local\NPE
2015-05-11 19:30:33 -------- d-----w- C:\ProgramData\Norton
2015-05-11 19:25:57 290304 ----a-w- C:\Windows\SysWow64\subinacl.exe
2015-05-11 19:24:41 -------- d-----w- C:\Program Files\Common Files\Microsoft
2015-05-11 19:24:41 -------- d-----w- C:\Program Files\Adware-Removal-Tool
2015-05-11 19:20:41 -------- d-----w- C:\Users\Mark\AppData\Local\Kesemoholdings_Limited
2015-05-11 19:20:30 -------- d-----w- C:\ProgramData\888PokerCoach
2015-05-11 19:20:11 -------- d-----w- C:\Users\Mark\AppData\Local\888PokerCoach
2015-05-09 15:33:38 12032440 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{6BFFEA1E-E872-4D6B-AB9A-1350224F3740}\mpengine.dll
2015-05-01 16:16:46 -------- d-----w- C:\Program Files (x86)\IT Viewer
2015-04-26 11:59:44 -------- d-----w- C:\Users\Mark\AppData\Roaming\Mp3tag
2015-04-26 11:59:27 -------- d-----w- C:\Program Files (x86)\Mp3tag
2015-04-18 16:56:30 -------- d-----w- C:\Users\Mark\AppData\Roaming\EncryptStick
.
==================== Find3M ====================
.
2015-05-11 19:49:56 65536 ----a-w- C:\Windows\System32\spu_storage.bin
2015-05-11 18:29:19 73728 ----a-w- C:\Windows\SysWow64\tasks.dll
2015-04-15 19:38:11 778416 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2015-04-15 19:38:11 142512 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2015-03-25 03:24:41 98304 ----a-w- C:\Windows\System32\wudriver.dll
2015-03-25 03:24:41 3298816 ----a-w- C:\Windows\System32\wucltux.dll
2015-03-25 03:24:41 191488 ----a-w- C:\Windows\System32\wuwebv.dll
2015-03-25 03:24:08 60416 ----a-w- C:\Windows\System32\WinSetupUI.dll
2015-03-25 03:23:58 12288 ----a-w- C:\Windows\System32\wu.upgrade.ps.dll
2015-03-25 03:23:55 36864 ----a-w- C:\Windows\System32\wuapp.exe
2015-03-25 03:00:57 92672 ----a-w- C:\Windows\SysWow64\wudriver.dll
2015-03-25 03:00:57 173056 ----a-w- C:\Windows\SysWow64\wuwebv.dll
2015-03-25 03:00:15 33792 ----a-w- C:\Windows\SysWow64\wuapp.exe
2015-03-23 03:25:15 726528 ----a-w- C:\Windows\System32\generaltel.dll
2015-03-23 03:25:01 769536 ----a-w- C:\Windows\System32\invagent.dll
2015-03-23 03:24:56 419840 ----a-w- C:\Windows\System32\devinv.dll
2015-03-23 03:24:54 957952 ----a-w- C:\Windows\System32\appraiser.dll
2015-03-23 03:24:53 30720 ----a-w- C:\Windows\System32\acmigration.dll
2015-03-23 03:24:53 227328 ----a-w- C:\Windows\System32\aepdu.dll
2015-03-23 03:24:53 192000 ----a-w- C:\Windows\System32\aepic.dll
2015-03-23 03:17:39 1111552 ----a-w- C:\Windows\System32\aeinv.dll
2015-03-21 16:41:14 239104 ----a-w- C:\Windows\trz1951.tmp
2015-03-21 16:41:06 772946 ----a-w- C:\Users\Mark\AppData\Roaming\trzA2.tmp
2015-03-21 16:41:06 0 ----a-w- C:\Users\Mark\AppData\Roaming\F422.tmp
2015-03-17 05:22:37 5557696 ----a-w- C:\Windows\System32\ntoskrnl.exe
2015-03-17 05:22:35 95672 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2015-03-17 05:22:35 155576 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2015-03-17 05:19:37 1727904 ----a-w- C:\Windows\System32\ntdll.dll
2015-03-17 05:17:00 362496 ----a-w- C:\Windows\System32\wow64win.dll
2015-03-17 05:17:00 243712 ----a-w- C:\Windows\System32\wow64.dll
2015-03-17 05:17:00 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2015-03-17 05:15:55 31232 ----a-w- C:\Windows\System32\lsass.exe
2015-03-17 05:15:44 338432 ----a-w- C:\Windows\System32\conhost.exe
2015-03-17 05:15:40 64000 ----a-w- C:\Windows\System32\auditpol.exe
2015-03-17 05:13:29 60416 ----a-w- C:\Windows\System32\msobjs.dll
2015-03-17 05:13:17 146432 ----a-w- C:\Windows\System32\msaudite.dll
2015-03-17 05:01:09 3976632 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2015-03-17 05:01:09 3920824 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2015-03-17 04:59:26 1309696 ----a-w- C:\Windows\SysWow64\ntdll.dll
2015-03-17 04:57:25 172032 ----a-w- C:\Windows\SysWow64\wdigest.dll
2015-03-17 04:57:21 65536 ----a-w- C:\Windows\SysWow64\TSpkg.dll
2015-03-17 04:57:20 43008 ----a-w- C:\Windows\SysWow64\srclient.dll
2015-03-17 04:57:17 248832 ----a-w- C:\Windows\SysWow64\schannel.dll
2015-03-17 04:57:17 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2015-03-17 04:57:13 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2015-03-17 04:57:12 221184 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2015-03-17 04:57:11 259584 ----a-w- C:\Windows\SysWow64\msv1_0.dll
2015-03-17 04:57:07 550912 ----a-w- C:\Windows\SysWow64\kerberos.dll
2015-03-17 04:56:59 17408 ----a-w- C:\Windows\SysWow64\credssp.dll
2015-03-17 04:56:56 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
2015-03-17 04:56:41 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2015-03-17 04:56:15 50176 ----a-w- C:\Windows\SysWow64\auditpol.exe
2015-03-17 04:56:01 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2015-03-17 04:56:01 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2015-03-17 04:56:00 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2015-03-17 04:53:35 60416 ----a-w- C:\Windows\SysWow64\msobjs.dll
2015-03-17 04:53:13 146432 ----a-w- C:\Windows\SysWow64\msaudite.dll
2015-03-17 03:45:24 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2015-03-17 03:45:23 2048 ----a-w- C:\Windows\SysWow64\user.exe
2015-03-17 03:43:04 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2015-03-17 03:43:04 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2015-03-17 03:43:04 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2015-03-17 03:43:03 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2015-03-13 04:25:14 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2015-03-13 04:25:01 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2015-03-13 04:09:12 66560 ----a-w- C:\Windows\System32\iesetup.dll
2015-03-13 04:08:33 584192 ----a-w- C:\Windows\System32\vbscript.dll
2015-03-13 04:08:27 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2015-03-13 04:08:17 417280 ----a-w- C:\Windows\System32\html.iec
2015-03-13 04:06:54 88064 ----a-w- C:\Windows\System32\MshtmlDac.dll
2015-03-13 03:54:11 144384 ----a-w- C:\Windows\System32\ieUnatt.exe
2015-03-13 03:54:00 114688 ----a-w- C:\Windows\System32\ieetwcollector.exe
2015-03-13 03:53:22 814080 ----a-w- C:\Windows\System32\jscript9diag.dll
2015-03-13 03:50:45 6025216 ----a-w- C:\Windows\System32\jscript9.dll
2015-03-13 03:44:48 968704 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2015-03-13 03:42:18 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2015-03-13 03:32:48 77824 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2015-03-13 03:28:48 503296 ----a-w- C:\Windows\SysWow64\vbscript.dll
2015-03-13 03:28:37 62464 ----a-w- C:\Windows\SysWow64\iesetup.dll
2015-03-13 03:27:51 47616 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2015-03-13 03:27:35 340992 ----a-w- C:\Windows\SysWow64\html.iec
2015-03-13 03:26:19 64000 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
2015-03-13 03:16:26 115712 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2015-03-13 03:15:40 620032 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2015-03-13 03:05:50 1359360 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2015-03-13 03:05:24 2125824 ----a-w- C:\Windows\System32\inetcpl.cpl
2015-03-13 03:01:16 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2015-03-13 02:49:21 4305408 ----a-w- C:\Windows\SysWow64\jscript9.dll
2015-03-13 02:45:57 2358784 ----a-w- C:\Windows\System32\wininet.dll
2015-03-13 02:43:41 2052608 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2015-03-13 02:42:47 1155072 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2015-03-13 02:20:28 1888256 ----a-w- C:\Windows\SysWow64\wininet.dll
2015-03-10 03:25:10 1882624 ----a-w- C:\Windows\System32\msxml3.dll
2015-03-10 03:21:42 2048 ----a-w- C:\Windows\System32\msxml3r.dll
2015-03-10 03:08:26 1237504 ----a-w- C:\Windows\SysWow64\msxml3.dll
2015-03-10 03:05:39 2048 ----a-w- C:\Windows\SysWow64\msxml3r.dll
2015-03-05 05:12:33 404480 ----a-w- C:\Windows\System32\gdi32.dll
2015-03-05 04:05:06 311808 ----a-w- C:\Windows\SysWow64\gdi32.dll
2015-03-04 04:55:13 367552 ----a-w- C:\Windows\System32\clfs.sys
2015-03-04 04:41:27 79360 ----a-w- C:\Windows\System32\clfsw32.dll
2014-02-13 13:20:06 3057808 --sha-r- C:\Windows\SysWOW64\avcodec-lav-55.dll
2014-02-13 13:20:06 98960 --sha-r- C:\Windows\SysWOW64\avfilter-lav-3.dll
2014-02-13 13:20:06 539280 --sha-r- C:\Windows\SysWOW64\avformat-lav-55.dll
2009-09-27 08:39:26 415744 --sh--w- C:\Windows\SysWOW64\avisynth.dll
2014-02-13 13:20:06 59536 --sha-r- C:\Windows\SysWOW64\avresample-lav-1.dll
2005-07-14 11:31:20 32256 --sh--w- C:\Windows\SysWOW64\AVSredirect.dll
2014-02-13 13:20:06 180368 --sha-r- C:\Windows\SysWOW64\avutil-lav-52.dll
2004-02-22 09:11:08 764416 --sh--w- C:\Windows\SysWOW64\devil.dll
2014-02-13 13:20:06 122512 --sha-r- C:\Windows\SysWOW64\HLaudio.dll
2014-02-13 13:20:06 202384 --sha-r- C:\Windows\SysWOW64\HLsplit.dll
2014-02-13 13:20:06 313520 --sha-r- C:\Windows\SysWOW64\HLvideo.dll
2004-01-24 23:00:00 70656 --sh--w- C:\Windows\SysWOW64\i420vfw.dll
2014-02-13 13:20:06 152720 --sha-r- C:\Windows\SysWOW64\IntelQuickSyncDecoder.dll
2014-02-13 13:20:06 110224 --sha-r- C:\Windows\SysWOW64\libbluray.dll
2011-02-11 09:26:20 112128 --sha-r- C:\Windows\SysWOW64\OptimFROG.dll
2014-02-13 13:20:06 109200 --sha-r- C:\Windows\SysWOW64\swscale-lav-2.dll
2012-10-05 18:54:00 188416 --sha-r- C:\Windows\SysWOW64\winDCE32.dll
2004-01-24 23:00:00 70656 --sh--w- C:\Windows\SysWOW64\yv12vfw.dll
.
============= FINISH: 21:26:56.59 ===============

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Ultimate
Boot Device: \Device\HarddiskVolume4
Install Date: 13/02/2014 05:16:34
System Uptime: 11/05/2015 20:50:20 (1 hours ago)
.
Motherboard: Gigabyte Technology Co., Ltd. | | Z87X-UD4H-CF
Processor: Intel(R) Core(TM) i7-4770K CPU @ 3.50GHz | SOCKET 0 | 3501/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 112 GiB total, 20.297 GiB free.
D: is CDROM ()
E: is FIXED (NTFS) - 912 GiB total, 266.339 GiB free.
F: is Removable
G: is CDROM ()
H: is Removable
I: is Removable
J: is Removable
K: is Removable
V: is FIXED (NTFS) - 699 GiB total, 646.103 GiB free.
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: TAP-Win32 Adapter OAS
Device ID: ROOT\NET\0000
Manufacturer: TAP-Win32 Provider OAS
Name: TAP-Win32 Adapter OAS
PNP Device ID: ROOT\NET\0000
Service: tapoas
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: TAP-Win32 Adapter V9
Device ID: ROOT\NET\0002
Manufacturer: TAP-Win32 Provider V9
Name: TAP-Win32 Adapter V9
PNP Device ID: ROOT\NET\0002
Service: tap0901
.
==== System Restore Points ===================
.
No restore point in system.
.
==== Installed Programs ======================
.
3DMark
3DMark 11
888poker
888PokerCoach
Ableton Live 9 Suite
ACP Application
ACPI Driver Installer
Adobe After Effects CC
Adobe AIR
Adobe Audition CC
Adobe Bridge CC (64 Bit)
Adobe Creative Cloud
Adobe Flash Player 17 ActiveX
Adobe Flash Player 17 NPAPI
Adobe Help Manager
Adobe Illustrator CC
Adobe Illustrator CC 2014
Adobe Media Encoder CC 2014
Adobe Photoshop CC
Adobe Photoshop CC 2014
Adobe Premiere Pro CC
Adobe Premiere Pro CC 2014
Adobe Reader XI (11.0.10)
Adobe Refresh Manager
Adobe Widget Browser
Adobe® Content Viewer
AIDA64 Extreme v4.20
AMD Accelerated Video Transcoding
AMD Catalyst Control Center
AMD Catalyst Install Manager
AMD Drag and Drop Transcoding
AMD Media Foundation Decoders
AMD Wireless Display v3.0
Amiga Forever
Anquet Maps v06
Apollo 37zz
AppInventor Setup
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Arduino
Astroburn Lite
AudioGenie
Auto Shutdown
AutoHotkey 1.1.09.02
avast! Free Antivirus
Avidemux 2.6 (32-bit)
Battlefield 4™
BattlePing
BEHRINGER USB AUDIO DRIVER
BitTorrent
bl
Bluetooth Win7 Suite (64)
Bonjour
Bulk Rename Utility 2.7.1.2
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center Localization All
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
CCleaner
CouchPotato
CPUID CPU-Z 1.68
CPUID HWMonitor 1.18
Curse Client
CyberGhost VPN
CyberLink BD Advisor 2.0
CyberLink Blu-ray Disc Suite
CyberLink InstantBurn
CyberLink Power2Go
CyberLink PowerBackup
D3DX10
DAEMON Tools Lite
Dangerous version 2013.12.20.16427
Dangerous version 2014.05.29.29408
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dolby Digital Live Pack
Driver Sweeper version 3.2.0
DTS Connect Pack
EasyBCD 2.2
Elite Dangerous Launcher version 0.4.2035.0
Epson Print CD
EPSON Printer Software
Eraser 6.0.10.2620
ESN Sonar
Euro Truck Simulator 2
ffdshow [rev 3154] [2009-12-09]
FINAL FANTASY XI
FINAL FANTASY XIV - A Realm Reborn
FINAL FANTASY XIV - A Realm Reborn (Beta Version)
Flixster
foobar2000 v1.2.9
Fraps
Free Webcam Recorder
Futuremark SystemInfo
Garmin Communicator Plugin
Garmin Communicator Plugin x64
Geeks3D FurMark 1.12.0
Google Chrome
Google Update Helper
Google+ Auto Backup
GPSU version 5.12
Graphtec Studio
GRemoteServer Pro(remove only)
Guitar Pro 6
HandBrake 0.9.9.1
Heaven Benchmark version 4.0
Hi-Rez Studios Authenticate and Update Service
Hik_DSFilters 6.0.0.1
HWiNFO64 Version 4.24
iCloud
ImagXpress
Intel Extreme Tuning Utility
Intel(R) Management Engine Components
Intel(R) ME UninstallLegacy
Intel(R) Network Connections 18.5.54.0
Intel(R) Processor Graphics
Intel(R) USB 3.0 eXtensible Host Controller Driver
Intel® Trusted Connect Service Client
Intel® Watchdog Timer Driver (Intel® WDT)
Java 8 Update 31
Java 8 Update 31 (64-bit)
Java Auto Updater
League of Legends
LightScribe System Software
Link Shell Extension
Live Update 5
LiveUpdate 3.2 (Symantec Corporation)
Malwarebytes Anti-Malware version 1.75.0.1300
ManyCam 3.0.62 (remove only)
marvell 91xx driver
Max 6.1.8 (x64)
MergeModule_x64
MergeModule_x86
Mesh Runtime
Microsoft .NET Framework 4.5.2
Microsoft Application Error Reporting
Microsoft Camera Codec Pack
Microsoft IntelliPoint 8.2
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Groove MUI (English) 2010
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office Office 64-bit Components 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook Connector
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared 64-bit MUI (English) 2010
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Word MUI (English) 2010
Microsoft Primary Interoperability Assemblies 2005
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft SQL Server Compact 3.5 SP2 ENU
Microsoft SQL Server Compact 3.5 SP2 x64 ENU
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
Microsoft XNA Framework Redistributable 4.0 Refresh
Microsoft_VC80_ATL_x86
Microsoft_VC80_ATL_x86_x64
Microsoft_VC80_CRT_x86
Microsoft_VC80_CRT_x86_x64
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFC_x86_x64
Microsoft_VC80_MFCLOC_x86
Microsoft_VC80_MFCLOC_x86_x64
Microsoft_VC90_ATL_x86
Microsoft_VC90_ATL_x86_x64
Microsoft_VC90_CRT_x86
Microsoft_VC90_CRT_x86_x64
Microsoft_VC90_MFC_x86
Microsoft_VC90_MFC_x86_x64
Microsoft_VC90_MFCLOC_x86
Microsoft_VC90_MFCLOC_x86_x64
MKVToolNix 6.8.0 (64bit)
Mp3tag v2.69
MSI Afterburner 2.3.1
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Mumble 1.3.0
MusicBrainz Picard
MyFreeCodec
Native Instruments Controller Editor
Native Instruments Guitar Rig 5
Native Instruments Guitar Rig Mobile I/O
Native Instruments Guitar Rig Session I/O
Native Instruments Rig Kontrol 3
Native Instruments Service Center
Nero Toolbar Updater
neroxml
Nexus Mod Manager
NirSoft BlueScreenView
nLite 1.4.9.1
Norton Ghost
Notepad++
NVIDIA Install Application
OCCT 4.4.0
ON_OFF Charge 2 B13.0910.1
Open Broadcaster Software
Origin
Outdoor Map Navigator
Pando Media Booster
partypoker
PDF Settings CC
ph
Picasa 3
PKR
PlayClaw 5
PlayClaw 5 fast codec
PlayMemories Home
PMB_ModeEditor
PMB_ServiceUploader
PoiEdit
PokerStars
PrivateTunnel
PunkBuster Services
QuickGamma 4.0.0.2
QuickTime
Raptr
Realtek Ethernet Controller Driver
Realtek High Definition Audio Driver
Renesas Electronics USB 3.0 Host Controller Driver
SABnzbd 0.7.6
Safari
Samsung Kies3
SAMSUNG USB Driver for Mobile Phones
Sapphire TRIXX
Security Update for Microsoft .NET Framework 4.5.2 (KB3037581)
SimCity 4 Deluxe
Skype™ 7.3
SL-6640-SBK BLACK WIDOW Flightstick
Slopey's ED BPC
Smite
Snap.Do
Software Director
Sound Blaster Z-Series
Sound Blaster Z-Series Extras
Speccy
SpeedFan (remove only)
Spotify
Spybot - Search & Destroy
SSC Service Utility v4.30
Steam
SteelSeries Engine
SUPER © v2014.build.60+Recorder (2014/02/18) version v2014.buil
System Requirements Lab
System Requirements Lab for Intel
TeamSpeak 3 Client
TechPowerUp GPU-Z
The Elder Scrolls Online Beta
THX TruStudio Pro
Tomahawk
TomTom HOME
TomTom HOME Visual Studio Merge Modules
Trapcode Particular 64 bit
TVersity Codec Pack 1.7
TVersity Media Server 1.9.7
UDPixel.exe
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition
USB2.0 UVC Camera
VC_CRT_x64
Virtual Audio Cable 4.13
VLC media player 1.1.11
VoiceAttack
WhoCrashed 4.02
Winamp
Windows 7 USB/DVD Download Tool
Windows Driver Package - SteelSeries (HidUsb) HIDClass (11/19/2010 1.2.4.0)
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Mobile Device Center
Windows Mobile Device Updater Component
WinPcap 4.1.2
WinRAR 4.01 (64-bit)
Wireshark 1.6.1
World of Warcraft
World of Warcraft Beta
World of Warcraft(R): Cataclysm(TM) MMO Gaming Mouse
XBMC
Xfire (remove only)
Xiph.Org Open Codecs 0.85.17777
Zune
Zune Language Pack (CHS)
Zune Language Pack (CHT)
Zune Language Pack (CSY)
Zune Language Pack (DAN)
Zune Language Pack (DEU)
Zune Language Pack (ELL)
Zune Language Pack (ESP)
Zune Language Pack (FIN)
Zune Language Pack (FRA)
Zune Language Pack (HUN)
Zune Language Pack (IND)
Zune Language Pack (ITA)
Zune Language Pack (JPN)
Zune Language Pack (KOR)
Zune Language Pack (MSL)
Zune Language Pack (NLD)
Zune Language Pack (NOR)
Zune Language Pack (PLK)
Zune Language Pack (PTB)
Zune Language Pack (PTG)
Zune Language Pack (RUS)
Zune Language Pack (SVE)
.
==== Event Viewer Messages From Past Week ========
.
11/05/2015 21:26:46, Error: Microsoft-Windows-DNS-Client [1012] - There was an error while attempting to read the local hosts file.
11/05/2015 20:52:47, Error: Service Control Manager [7000] - The Google Update Service (gupdate) service failed to start due to the following error: The system cannot find the file specified.
11/05/2015 20:50:46, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: UimBus Uim_IM
11/05/2015 20:50:45, Error: Service Control Manager [7000] - The WinkHandler service failed to start due to the following error: The system cannot find the file specified.
11/05/2015 20:50:45, Error: Service Control Manager [7000] - The Power Control [2012/03/18 00:53:53] service failed to start due to the following error: The system cannot find the path specified.
11/05/2015 20:50:38, Error: Service Control Manager [7000] - The Live Malware Protection service failed to start due to the following error: The system cannot find the file specified.
11/05/2015 20:49:29, Error: Service Control Manager [7030] - The NPEService service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
10/05/2015 20:45:21, Error: srv [2017] - The server was unable to allocate from the system nonpaged pool because the server reached the configured limit for nonpaged pool allocations.
.
==== End Of File ===========================
xenton
Regular Member
 
Posts: 20
Joined: November 12th, 2013, 5:57 pm
Advertisement
Register to Remove

Re: Suspected adware

Unread postby NonSuch » May 11th, 2015, 7:17 pm

This topic is a duplicate copy of the original and therefore will be closed. The original will be left open.
User avatar
NonSuch
Administrator
Administrator
 
Posts: 28747
Joined: February 23rd, 2005, 7:08 am
Location: California


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 129 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware