I've been infected!
An annoying ad popup featuring audio and video takes over my Chrome browser by showing a video and/or ad in the center of my browser window up near the booksmark bar. It also features its own ads in the browser side bars. Occasionally it will redirect the url to another site (e.g. Adobe flash update). It results in a periodic complete computer sluggish performance.
I've got ASC Ultimate 7 realtime protection, run superantispyware and spybot to try to keep these buggers away, but clicked on an ad while viewing a streaming TV site -- had to get my TV fix while traveling -- and invited the virus/bot by accident.
Thanks for any help you can give.
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 11.0.9600.16521 BrowserJavaVersion: 10.51.2
Run by Scott at 10:11:35 on 2014-04-11
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.2038.520 [GMT 2:00]
.
AV: Advanced SystemCare Ultimate *Disabled/Updated* {1C304DC4-1D72-5DB9-B33A-43B638ECFD30}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Spybot - Search and Destroy *Enabled/Outdated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
.
============== Running Processes ================
.
C:\windows\system32\wininit.exe
C:\windows\system32\lsm.exe
C:\Program Files\IObit\Advanced SystemCare Ultimate 7\ASCService.exe
C:\Program Files\IObit\Advanced SystemCare Ultimate 7\ascavsvc.exe
C:\Program Files\Realtek\Audio\HDA\RtkAudioService.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe
C:\windows\System32\spoolsv.exe
C:\windows\system32\WLANExt.exe
C:\windows\system32\conhost.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Windows\System32\AsusService.exe
C:\Program Files\Microsoft\BingBar\SeaPort.EXE
C:\windows\system32\BtwRSupportService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\Program Files\Microsoft Office 15\ClientX86\OfficeClickToRun.exe
C:\Program Files\CrashPlan\CrashPlanService.exe
C:\Program Files\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
C:\windows\system32\taskhost.exe
C:\windows\system32\taskeng.exe
C:\windows\Explorer.EXE
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\windows\system32\taskeng.exe
C:\windows\system32\Dwm.exe
C:\Program Files\IObit\Advanced SystemCare Ultimate 7\Monitor.exe
C:\Program Files\Sling Media\SlingAgent\SlingAgentService.exe
C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Windows\System32\igfxpers.exe
C:\windows\system32\igfxsrvc.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Windows\System32\hkcmd.exe
C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files\Google\Drive\googledrivesync.exe
C:\Program Files\IObit\Advanced SystemCare Ultimate 7\ASCTray.exe
C:\Users\Scott\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
C:\Program Files\CrashPlan\CrashPlanTray.exe
C:\Users\Scott\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Users\Scott\AppData\Local\Apps\Evernote\Evernote\EvernoteClipper.exe
C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
C:\Program Files\Google\Drive\googledrivesync.exe
C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\windows\system32\SearchIndexer.exe
C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\vssvc.exe
C:\windows\system32\SearchProtocolHost.exe
C:\windows\system32\SearchFilterHost.exe
C:\windows\system32\conhost.exe
C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\System32\svchost.exe -k HPZ12
C:\windows\System32\svchost.exe -k HPZ12
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\System32\svchost.exe -k secsvcs
C:\windows\system32\svchost.exe -k SDRSVC
C:\windows\System32\svchost.exe -k swprv
.
============== Pseudo HJT Report ===============
.
uStart Page = about:Tabs
uSearch Bar = Preserve
mStart Page = hxxp://www.google.com
BHO: ExplorerWnd Helper: {10921475-03CE-4E04-90CE-E2E7EF20C814} - c:\program files\iobit\iobit uninstaller\UninstallExplorer32.dll
BHO: Canon Easy-WebPrint EX BHO: {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - c:\program files\canon\easy-webprint ex\ewpexbho.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:\program files\microsoft office 15\root\office15\URLREDIR.DLL
BHO: Advanced SystemCare Browser Protection: {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - c:\program files\iobit\surfing protection\browerprotect\ASCPlugin_Protection.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - c:\program files\canon\easy-webprint ex\ewpexhlp.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -
uRun: [GoogleDriveSync] "c:\program files\google\drive\googledrivesync.exe" /autostart
uRun: [Advanced SystemCare Ultimate] "c:\program files\iobit\advanced systemcare ultimate 7\ASCTray.exe" /Auto
uRun: [SkyDrive] "c:\users\scott\appdata\local\microsoft\skydrive\SkyDrive.exe" /background
uRun: [Spybot-S&D Cleaning] "c:\program files\spybot - search & destroy 2\SDCleaner.exe" /autoclean
mRun: [SynTPEnh] c:\program files\synaptics\syntp\syntpenh.exe
mRun: [SynAsusAcpi] c:\program files\synaptics\syntp\SynAsusAcpi.exe
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe -s
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [IAStorIcon] c:\program files\intel\intel(r) rapid storage technology\iastoricon.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [SDTray] "c:\program files\spybot - search & destroy 2\SDTray.exe"
dRun: [Advanced SystemCare 5] "c:\program files\iobit\advanced systemcare 5\ASCTray.exe" /AutoStart
StartupFolder: c:\users\scott\appdata\roaming\micros~1\windows\startm~1\programs\startup\dropbox.lnk - c:\users\scott\appdata\roaming\dropbox\bin\Dropbox.exe
StartupFolder: c:\users\scott\appdata\roaming\micros~1\windows\startm~1\programs\startup\everno~1.lnk - c:\users\scott\appdata\local\apps\evernote\evernote\EvernoteClipper.exe
StartupFolder: c:\users\scott\appdata\roaming\micros~1\windows\startm~1\programs\startup\sendto~1.lnk - c:\program files\microsoft office 15\root\office15\ONENOTEM.EXE
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\crashp~1.lnk - c:\program files\crashplan\CrashPlanTray.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office 15\root\office15\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office 15\root\office15\ONBttnIELinkedNotes.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0045-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_45-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_45-windows-i586.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{3252E06A-9966-4A87-A4E7-59D1024C84CA} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{3252E06A-9966-4A87-A4E7-59D1024C84CA}\0554D213F474D2C4 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{3252E06A-9966-4A87-A4E7-59D1024C84CA}\0554D223F474D225 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{3252E06A-9966-4A87-A4E7-59D1024C84CA}\24143343 : DHCPNameServer = 192.168.0.1
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - c:\program files\microsoft office 15\root\office15\MSOSB.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Notify: igfxcui - igfxdev.dll
Notify: SDWinLogon - SDWinLogon.dll
SSODL: WebCheck - <orphaned>
SEH: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - c:\program files\superantispyware\SASSEH.DLL
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\33.0.1750.154\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
============= SERVICES / DRIVERS ===============
.
R0 AiDriver;ASUS Charger Driver;c:\windows\system32\drivers\AiDriver.sys [2011-7-20 13224]
R0 SmartDefragDriver;SmartDefragDriver;c:\windows\system32\drivers\SmartDefragDriver.sys [2014-2-1 18624]
R1 AsUpIO;AsUpIO;c:\windows\system32\drivers\AsUpIO.sys [2010-12-9 11832]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2013-10-11 120088]
R2 AdvancedSystemCareService7;Advanced SystemCare Service 7;c:\program files\iobit\advanced systemcare ultimate 7\ASCService.exe [2014-1-2 886592]
R2 ASCAntivirusSrv;AdvancedSystemCareAntivirus;c:\program files\iobit\advanced systemcare ultimate 7\ASCAvSvc.exe [2014-1-2 647488]
R2 AsusService;Asus Launcher Service;c:\windows\system32\AsusService.exe [2010-12-9 219136]
R2 BBUpdate;BBUpdate;c:\program files\microsoft\bingbar\SeaPort.EXE [2011-10-13 249648]
R2 BcmBtRSupport;Bluetooth Driver Management Service;c:\windows\system32\BtwRSupportService.exe [2013-8-9 1678040]
R2 ClickToRunSvc;Microsoft Office ClickToRun Service;c:\program files\microsoft office 15\clientx86\officeclicktorun.exe [2014-3-23 1490104]
R2 CrashPlanService;CrashPlan Backup Service;c:\program files\crashplan\CrashPlanService.exe [2013-4-9 152576]
R3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\drivers\L1C62x86.sys [2013-8-22 109256]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\drivers\nusb3hub.sys [2013-8-22 62208]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\drivers\nusb3xhc.sys [2013-8-22 141568]
R3 rtsuvc;Realtek USB2.0 PC Camera;c:\windows\system32\drivers\rtsuvc.sys [2014-2-5 6864600]
S2 280f2936;SW_Sustainer; [x]
S2 BBSvc;Bing Bar Update Service;c:\program files\microsoft\bingbar\BBSvc.EXE [2011-10-21 196176]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]
S3 bcbtums;Bluetooth USB LD Filter;c:\windows\system32\drivers\bcbtums.sys [2013-8-9 174936]
S3 btwampfl;btwampfl;c:\windows\system32\drivers\btwampfl.sys [2013-8-9 144600]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\drivers\btwl2cap.sys [2011-7-20 33320]
S3 libusb0;Jawbone LibUsb-Win32 - Kernel Driver 07/08/2013,1.2.6.1;c:\windows\system32\drivers\libusb0.sys [2013-8-30 42592]
S3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys [2013-11-23 15688]
S3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys [2013-11-23 10320]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2014-2-5 14848]
S3 Ser2plx86;Prolific Serial port WDF driver;c:\windows\system32\drivers\ser2pl.sys [2013-2-22 134144]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2014-2-5 49664]
S3 usbrndis6;USB RNDIS6 Adapter;c:\windows\system32\drivers\usb80236.sys [2013-3-21 15872]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [2008-5-6 11520]
.
=============== Created Last 30 ================
.
2014-04-09 13:30:52 27072 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2014-04-09 13:30:52 234432 ----a-w- c:\windows\system32\drivers\msiscsi.sys
2014-04-09 13:30:52 2048 ----a-w- c:\windows\system32\iologmsg.dll
2014-04-09 13:30:52 149440 ----a-w- c:\windows\system32\drivers\storport.sys
2014-04-09 13:30:49 1212352 ----a-w- c:\windows\system32\drivers\ntfs.sys
2014-04-09 13:30:45 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2014-04-08 06:25:03 7969936 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{2d2f94bf-3ea2-49c8-a0fe-9f28f10ab323}\mpengine.dll
2014-04-02 04:58:53 18968 ----a-w- c:\windows\system32\sdnclean.exe
2014-04-02 04:58:49 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2014-04-02 04:58:36 -------- d-----w- c:\program files\Spybot - Search & Destroy 2
2014-04-02 03:36:39 -------- d-----w- c:\users\scott\appdata\roaming\LavasoftStatistics
2014-04-01 07:50:18 42168 ----a-w- c:\programdata\microsoft\ehome\packages\mceclientux\dsm-2\StartResources.dll
2014-04-01 07:50:13 1236816 ----a-w- c:\programdata\microsoft\ehome\packages\mcespotlight\mcespotlight-2\SpotlightResources.dll
2014-03-27 22:37:46 -------- d-----w- c:\programdata\TerraTec
2014-03-27 22:37:27 1712128 ------r- c:\windows\system32\gdiplus.dll
2014-03-27 22:35:21 -------- d-----w- c:\users\scott\appdata\roaming\TerraTec
2014-03-27 22:26:16 32768 ----a-w- c:\program files\common files\installshield\professional\runtime\Objectps.dll
2014-03-27 22:26:16 266240 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\iscript.dll
2014-03-27 22:26:16 192512 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\iuser.dll
2014-03-27 22:26:13 69715 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\ctor.dll
2014-03-27 22:26:13 5632 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\DotNetInstaller.exe
2014-03-27 22:26:05 729088 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\iKernel.dll
2014-03-27 22:25:54 188548 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\iGdi.dll
2014-03-27 22:25:18 311428 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\setup.dll
2014-03-27 21:44:14 -------- d-----w- c:\program files\TERRATEC
2014-03-25 05:45:13 -------- d-----w- C:\AdwCleaner
2014-03-25 05:43:01 -------- d-----w- c:\programdata\HitmanPro
2014-03-23 06:46:12 -------- d-----w- c:\users\scott\appdata\local\ElevatedDiagnostics
2014-03-21 07:10:13 -------- d-----w- c:\users\scott\appdata\local\BookletCreator.com
2014-03-21 07:07:57 -------- d-----w- c:\programdata\IsolatedStorage
2014-03-21 07:07:38 -------- d-----w- c:\program files\BookletCreator
2014-03-19 18:47:42 -------- d-----w- c:\users\scott\appdata\local\Foxit Reader
2014-03-17 10:56:36 -------- d-----w- c:\programdata\NexTCoup
2014-03-17 10:56:35 -------- d-----w- c:\program files\NexTCoup
2014-03-17 06:38:09 -------- d-----w- c:\program files\EaseUS
2014-03-12 10:32:22 -------- d-----w- c:\programdata\SnowApp
2014-03-12 10:32:15 -------- d-----w- c:\program files\SW_Booster
2014-03-12 10:31:46 -------- d-----w- c:\programdata\safieweb
2014-03-12 10:31:45 -------- d-----w- c:\program files\safieweb
2014-03-12 10:31:38 -------- d-----w- c:\programdata\4181365be25e29e4
2014-03-12 10:31:37 -------- d-----w- c:\users\scott\appdata\local\Comodo
2014-03-12 10:30:26 -------- d-----w- c:\programdata\InstallMate
.
==================== Find3M ====================
.
2014-04-09 14:05:10 692400 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-04-09 14:05:09 70832 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-03-31 07:35:10 231584 ------w- c:\windows\system32\MpSigStub.exe
2014-03-03 10:18:00 1892056 ----a-w- c:\windows\system32\RTSndMgr.cpl
2014-03-03 10:17:54 2947160 ----a-w- c:\windows\system32\drivers\RTKVHDA.sys
2014-03-03 10:17:47 125144 ----a-w- c:\windows\system32\RtkCoInstII.dll
2014-03-03 10:17:46 2329816 ----a-w- c:\windows\system32\RtkAPO.dll
2014-03-01 04:10:48 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2014-03-01 03:52:43 61952 ----a-w- c:\windows\system32\iesetup.dll
2014-03-01 03:51:53 51200 ----a-w- c:\windows\system32\ieetwproxystub.dll
2014-03-01 03:38:26 112128 ----a-w- c:\windows\system32\ieUnatt.exe
2014-03-01 03:38:23 108032 ----a-w- c:\windows\system32\ieetwcollector.exe
2014-03-01 03:37:35 553472 ----a-w- c:\windows\system32\jscript9diag.dll
2014-03-01 03:31:30 646144 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2014-03-01 03:14:15 4244480 ----a-w- c:\windows\system32\jscript9.dll
2014-03-01 03:00:08 1964032 ----a-w- c:\windows\system32\inetcpl.cpl
2014-03-01 02:32:16 1820160 ----a-w- c:\windows\system32\wininet.dll
2014-02-07 01:07:56 2349056 ----a-w- c:\windows\system32\win32k.sys
2014-02-04 22:00:36 6864600 ----a-w- c:\windows\system32\drivers\rtsuvc.sys
2014-02-04 22:00:36 421592 ----a-w- c:\windows\system32\RtCamX.dll
2014-02-04 22:00:36 1910488 ----a-w- c:\windows\RtCamU.exe
2014-02-04 21:08:06 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2014-02-04 20:51:00 2547928 ----a-w- c:\windows\system32\RtkPgExt.dll
2014-02-04 02:04:22 1230336 ----a-w- c:\windows\system32\WindowsCodecs.dll
2014-02-04 02:04:11 509440 ----a-w- c:\windows\system32\qedit.dll
2014-01-29 02:06:47 381440 ----a-w- c:\windows\system32\wer.dll
2014-01-28 02:07:07 185344 ----a-w- c:\windows\system32\wwansvc.dll
2014-01-26 16:55:40 109856 ----a-w- c:\windows\system32\IObitSmartDefragExtension.dll
2014-01-23 16:40:18 268968 ----a-w- c:\windows\system32\sqlite3.dll
2013-08-26 13:03:14 612864 ----a-w- c:\program files\LPToolbar.dll
2013-08-26 13:03:14 1068544 ----a-w- c:\program files\LPIEHome.ocx
2013-08-26 13:03:13 180736 ----a-w- c:\program files\WinBioStandalone.exe
2013-08-26 13:03:12 6484992 ----a-w- c:\program files\LPPlugin.dll
2013-08-19 09:27:37 11634176 ----a-w- c:\program files\common files\lpuninstall.exe
.
============= FINISH: 10:14:41.55 ===============
An annoying ad popup featuring audio and video takes over my Chrome browser by showing a video and/or ad in the center of my browser window up near the booksmark bar. It also features its own ads in the browser side bars. Occasionally it will redirect the url to another site (e.g. Adobe flash update). It results in a periodic complete computer sluggish performance.
I've got ASC Ultimate 7 realtime protection, run superantispyware and spybot to try to keep these buggers away, but clicked on an ad while viewing a streaming TV site -- had to get my TV fix while traveling -- and invited the virus/bot by accident.
Thanks for any help you can give.
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 11.0.9600.16521 BrowserJavaVersion: 10.51.2
Run by Scott at 10:11:35 on 2014-04-11
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.2038.520 [GMT 2:00]
.
AV: Advanced SystemCare Ultimate *Disabled/Updated* {1C304DC4-1D72-5DB9-B33A-43B638ECFD30}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Spybot - Search and Destroy *Enabled/Outdated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
.
============== Running Processes ================
.
C:\windows\system32\wininit.exe
C:\windows\system32\lsm.exe
C:\Program Files\IObit\Advanced SystemCare Ultimate 7\ASCService.exe
C:\Program Files\IObit\Advanced SystemCare Ultimate 7\ascavsvc.exe
C:\Program Files\Realtek\Audio\HDA\RtkAudioService.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe
C:\windows\System32\spoolsv.exe
C:\windows\system32\WLANExt.exe
C:\windows\system32\conhost.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Windows\System32\AsusService.exe
C:\Program Files\Microsoft\BingBar\SeaPort.EXE
C:\windows\system32\BtwRSupportService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\Program Files\Microsoft Office 15\ClientX86\OfficeClickToRun.exe
C:\Program Files\CrashPlan\CrashPlanService.exe
C:\Program Files\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
C:\windows\system32\taskhost.exe
C:\windows\system32\taskeng.exe
C:\windows\Explorer.EXE
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\windows\system32\taskeng.exe
C:\windows\system32\Dwm.exe
C:\Program Files\IObit\Advanced SystemCare Ultimate 7\Monitor.exe
C:\Program Files\Sling Media\SlingAgent\SlingAgentService.exe
C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Windows\System32\igfxpers.exe
C:\windows\system32\igfxsrvc.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Windows\System32\hkcmd.exe
C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files\Google\Drive\googledrivesync.exe
C:\Program Files\IObit\Advanced SystemCare Ultimate 7\ASCTray.exe
C:\Users\Scott\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
C:\Program Files\CrashPlan\CrashPlanTray.exe
C:\Users\Scott\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Users\Scott\AppData\Local\Apps\Evernote\Evernote\EvernoteClipper.exe
C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
C:\Program Files\Google\Drive\googledrivesync.exe
C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\windows\system32\SearchIndexer.exe
C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\vssvc.exe
C:\windows\system32\SearchProtocolHost.exe
C:\windows\system32\SearchFilterHost.exe
C:\windows\system32\conhost.exe
C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\System32\svchost.exe -k HPZ12
C:\windows\System32\svchost.exe -k HPZ12
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\System32\svchost.exe -k secsvcs
C:\windows\system32\svchost.exe -k SDRSVC
C:\windows\System32\svchost.exe -k swprv
.
============== Pseudo HJT Report ===============
.
uStart Page = about:Tabs
uSearch Bar = Preserve
mStart Page = hxxp://www.google.com
BHO: ExplorerWnd Helper: {10921475-03CE-4E04-90CE-E2E7EF20C814} - c:\program files\iobit\iobit uninstaller\UninstallExplorer32.dll
BHO: Canon Easy-WebPrint EX BHO: {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - c:\program files\canon\easy-webprint ex\ewpexbho.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:\program files\microsoft office 15\root\office15\URLREDIR.DLL
BHO: Advanced SystemCare Browser Protection: {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - c:\program files\iobit\surfing protection\browerprotect\ASCPlugin_Protection.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - c:\program files\canon\easy-webprint ex\ewpexhlp.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -
uRun: [GoogleDriveSync] "c:\program files\google\drive\googledrivesync.exe" /autostart
uRun: [Advanced SystemCare Ultimate] "c:\program files\iobit\advanced systemcare ultimate 7\ASCTray.exe" /Auto
uRun: [SkyDrive] "c:\users\scott\appdata\local\microsoft\skydrive\SkyDrive.exe" /background
uRun: [Spybot-S&D Cleaning] "c:\program files\spybot - search & destroy 2\SDCleaner.exe" /autoclean
mRun: [SynTPEnh] c:\program files\synaptics\syntp\syntpenh.exe
mRun: [SynAsusAcpi] c:\program files\synaptics\syntp\SynAsusAcpi.exe
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe -s
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [IAStorIcon] c:\program files\intel\intel(r) rapid storage technology\iastoricon.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [SDTray] "c:\program files\spybot - search & destroy 2\SDTray.exe"
dRun: [Advanced SystemCare 5] "c:\program files\iobit\advanced systemcare 5\ASCTray.exe" /AutoStart
StartupFolder: c:\users\scott\appdata\roaming\micros~1\windows\startm~1\programs\startup\dropbox.lnk - c:\users\scott\appdata\roaming\dropbox\bin\Dropbox.exe
StartupFolder: c:\users\scott\appdata\roaming\micros~1\windows\startm~1\programs\startup\everno~1.lnk - c:\users\scott\appdata\local\apps\evernote\evernote\EvernoteClipper.exe
StartupFolder: c:\users\scott\appdata\roaming\micros~1\windows\startm~1\programs\startup\sendto~1.lnk - c:\program files\microsoft office 15\root\office15\ONENOTEM.EXE
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\crashp~1.lnk - c:\program files\crashplan\CrashPlanTray.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office 15\root\office15\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office 15\root\office15\ONBttnIELinkedNotes.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0045-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_45-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_45-windows-i586.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{3252E06A-9966-4A87-A4E7-59D1024C84CA} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{3252E06A-9966-4A87-A4E7-59D1024C84CA}\0554D213F474D2C4 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{3252E06A-9966-4A87-A4E7-59D1024C84CA}\0554D223F474D225 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{3252E06A-9966-4A87-A4E7-59D1024C84CA}\24143343 : DHCPNameServer = 192.168.0.1
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - c:\program files\microsoft office 15\root\office15\MSOSB.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Notify: igfxcui - igfxdev.dll
Notify: SDWinLogon - SDWinLogon.dll
SSODL: WebCheck - <orphaned>
SEH: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - c:\program files\superantispyware\SASSEH.DLL
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\33.0.1750.154\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
============= SERVICES / DRIVERS ===============
.
R0 AiDriver;ASUS Charger Driver;c:\windows\system32\drivers\AiDriver.sys [2011-7-20 13224]
R0 SmartDefragDriver;SmartDefragDriver;c:\windows\system32\drivers\SmartDefragDriver.sys [2014-2-1 18624]
R1 AsUpIO;AsUpIO;c:\windows\system32\drivers\AsUpIO.sys [2010-12-9 11832]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2013-10-11 120088]
R2 AdvancedSystemCareService7;Advanced SystemCare Service 7;c:\program files\iobit\advanced systemcare ultimate 7\ASCService.exe [2014-1-2 886592]
R2 ASCAntivirusSrv;AdvancedSystemCareAntivirus;c:\program files\iobit\advanced systemcare ultimate 7\ASCAvSvc.exe [2014-1-2 647488]
R2 AsusService;Asus Launcher Service;c:\windows\system32\AsusService.exe [2010-12-9 219136]
R2 BBUpdate;BBUpdate;c:\program files\microsoft\bingbar\SeaPort.EXE [2011-10-13 249648]
R2 BcmBtRSupport;Bluetooth Driver Management Service;c:\windows\system32\BtwRSupportService.exe [2013-8-9 1678040]
R2 ClickToRunSvc;Microsoft Office ClickToRun Service;c:\program files\microsoft office 15\clientx86\officeclicktorun.exe [2014-3-23 1490104]
R2 CrashPlanService;CrashPlan Backup Service;c:\program files\crashplan\CrashPlanService.exe [2013-4-9 152576]
R3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\drivers\L1C62x86.sys [2013-8-22 109256]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\drivers\nusb3hub.sys [2013-8-22 62208]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\drivers\nusb3xhc.sys [2013-8-22 141568]
R3 rtsuvc;Realtek USB2.0 PC Camera;c:\windows\system32\drivers\rtsuvc.sys [2014-2-5 6864600]
S2 280f2936;SW_Sustainer; [x]
S2 BBSvc;Bing Bar Update Service;c:\program files\microsoft\bingbar\BBSvc.EXE [2011-10-21 196176]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]
S3 bcbtums;Bluetooth USB LD Filter;c:\windows\system32\drivers\bcbtums.sys [2013-8-9 174936]
S3 btwampfl;btwampfl;c:\windows\system32\drivers\btwampfl.sys [2013-8-9 144600]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\drivers\btwl2cap.sys [2011-7-20 33320]
S3 libusb0;Jawbone LibUsb-Win32 - Kernel Driver 07/08/2013,1.2.6.1;c:\windows\system32\drivers\libusb0.sys [2013-8-30 42592]
S3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys [2013-11-23 15688]
S3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys [2013-11-23 10320]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2014-2-5 14848]
S3 Ser2plx86;Prolific Serial port WDF driver;c:\windows\system32\drivers\ser2pl.sys [2013-2-22 134144]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2014-2-5 49664]
S3 usbrndis6;USB RNDIS6 Adapter;c:\windows\system32\drivers\usb80236.sys [2013-3-21 15872]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [2008-5-6 11520]
.
=============== Created Last 30 ================
.
2014-04-09 13:30:52 27072 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2014-04-09 13:30:52 234432 ----a-w- c:\windows\system32\drivers\msiscsi.sys
2014-04-09 13:30:52 2048 ----a-w- c:\windows\system32\iologmsg.dll
2014-04-09 13:30:52 149440 ----a-w- c:\windows\system32\drivers\storport.sys
2014-04-09 13:30:49 1212352 ----a-w- c:\windows\system32\drivers\ntfs.sys
2014-04-09 13:30:45 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2014-04-08 06:25:03 7969936 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{2d2f94bf-3ea2-49c8-a0fe-9f28f10ab323}\mpengine.dll
2014-04-02 04:58:53 18968 ----a-w- c:\windows\system32\sdnclean.exe
2014-04-02 04:58:49 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2014-04-02 04:58:36 -------- d-----w- c:\program files\Spybot - Search & Destroy 2
2014-04-02 03:36:39 -------- d-----w- c:\users\scott\appdata\roaming\LavasoftStatistics
2014-04-01 07:50:18 42168 ----a-w- c:\programdata\microsoft\ehome\packages\mceclientux\dsm-2\StartResources.dll
2014-04-01 07:50:13 1236816 ----a-w- c:\programdata\microsoft\ehome\packages\mcespotlight\mcespotlight-2\SpotlightResources.dll
2014-03-27 22:37:46 -------- d-----w- c:\programdata\TerraTec
2014-03-27 22:37:27 1712128 ------r- c:\windows\system32\gdiplus.dll
2014-03-27 22:35:21 -------- d-----w- c:\users\scott\appdata\roaming\TerraTec
2014-03-27 22:26:16 32768 ----a-w- c:\program files\common files\installshield\professional\runtime\Objectps.dll
2014-03-27 22:26:16 266240 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\iscript.dll
2014-03-27 22:26:16 192512 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\iuser.dll
2014-03-27 22:26:13 69715 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\ctor.dll
2014-03-27 22:26:13 5632 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\DotNetInstaller.exe
2014-03-27 22:26:05 729088 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\iKernel.dll
2014-03-27 22:25:54 188548 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\iGdi.dll
2014-03-27 22:25:18 311428 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\setup.dll
2014-03-27 21:44:14 -------- d-----w- c:\program files\TERRATEC
2014-03-25 05:45:13 -------- d-----w- C:\AdwCleaner
2014-03-25 05:43:01 -------- d-----w- c:\programdata\HitmanPro
2014-03-23 06:46:12 -------- d-----w- c:\users\scott\appdata\local\ElevatedDiagnostics
2014-03-21 07:10:13 -------- d-----w- c:\users\scott\appdata\local\BookletCreator.com
2014-03-21 07:07:57 -------- d-----w- c:\programdata\IsolatedStorage
2014-03-21 07:07:38 -------- d-----w- c:\program files\BookletCreator
2014-03-19 18:47:42 -------- d-----w- c:\users\scott\appdata\local\Foxit Reader
2014-03-17 10:56:36 -------- d-----w- c:\programdata\NexTCoup
2014-03-17 10:56:35 -------- d-----w- c:\program files\NexTCoup
2014-03-17 06:38:09 -------- d-----w- c:\program files\EaseUS
2014-03-12 10:32:22 -------- d-----w- c:\programdata\SnowApp
2014-03-12 10:32:15 -------- d-----w- c:\program files\SW_Booster
2014-03-12 10:31:46 -------- d-----w- c:\programdata\safieweb
2014-03-12 10:31:45 -------- d-----w- c:\program files\safieweb
2014-03-12 10:31:38 -------- d-----w- c:\programdata\4181365be25e29e4
2014-03-12 10:31:37 -------- d-----w- c:\users\scott\appdata\local\Comodo
2014-03-12 10:30:26 -------- d-----w- c:\programdata\InstallMate
.
==================== Find3M ====================
.
2014-04-09 14:05:10 692400 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-04-09 14:05:09 70832 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-03-31 07:35:10 231584 ------w- c:\windows\system32\MpSigStub.exe
2014-03-03 10:18:00 1892056 ----a-w- c:\windows\system32\RTSndMgr.cpl
2014-03-03 10:17:54 2947160 ----a-w- c:\windows\system32\drivers\RTKVHDA.sys
2014-03-03 10:17:47 125144 ----a-w- c:\windows\system32\RtkCoInstII.dll
2014-03-03 10:17:46 2329816 ----a-w- c:\windows\system32\RtkAPO.dll
2014-03-01 04:10:48 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2014-03-01 03:52:43 61952 ----a-w- c:\windows\system32\iesetup.dll
2014-03-01 03:51:53 51200 ----a-w- c:\windows\system32\ieetwproxystub.dll
2014-03-01 03:38:26 112128 ----a-w- c:\windows\system32\ieUnatt.exe
2014-03-01 03:38:23 108032 ----a-w- c:\windows\system32\ieetwcollector.exe
2014-03-01 03:37:35 553472 ----a-w- c:\windows\system32\jscript9diag.dll
2014-03-01 03:31:30 646144 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2014-03-01 03:14:15 4244480 ----a-w- c:\windows\system32\jscript9.dll
2014-03-01 03:00:08 1964032 ----a-w- c:\windows\system32\inetcpl.cpl
2014-03-01 02:32:16 1820160 ----a-w- c:\windows\system32\wininet.dll
2014-02-07 01:07:56 2349056 ----a-w- c:\windows\system32\win32k.sys
2014-02-04 22:00:36 6864600 ----a-w- c:\windows\system32\drivers\rtsuvc.sys
2014-02-04 22:00:36 421592 ----a-w- c:\windows\system32\RtCamX.dll
2014-02-04 22:00:36 1910488 ----a-w- c:\windows\RtCamU.exe
2014-02-04 21:08:06 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2014-02-04 20:51:00 2547928 ----a-w- c:\windows\system32\RtkPgExt.dll
2014-02-04 02:04:22 1230336 ----a-w- c:\windows\system32\WindowsCodecs.dll
2014-02-04 02:04:11 509440 ----a-w- c:\windows\system32\qedit.dll
2014-01-29 02:06:47 381440 ----a-w- c:\windows\system32\wer.dll
2014-01-28 02:07:07 185344 ----a-w- c:\windows\system32\wwansvc.dll
2014-01-26 16:55:40 109856 ----a-w- c:\windows\system32\IObitSmartDefragExtension.dll
2014-01-23 16:40:18 268968 ----a-w- c:\windows\system32\sqlite3.dll
2013-08-26 13:03:14 612864 ----a-w- c:\program files\LPToolbar.dll
2013-08-26 13:03:14 1068544 ----a-w- c:\program files\LPIEHome.ocx
2013-08-26 13:03:13 180736 ----a-w- c:\program files\WinBioStandalone.exe
2013-08-26 13:03:12 6484992 ----a-w- c:\program files\LPPlugin.dll
2013-08-19 09:27:37 11634176 ----a-w- c:\program files\common files\lpuninstall.exe
.
============= FINISH: 10:14:41.55 ===============